[Nagiosplug-help] Using check_http plugin behind the firewall

Martinus Nel martinus.nel at scarceskills.com
Wed Sep 15 07:22:11 CEST 2004


Risto,

I have the following in my checkcommands.cfg:

# 'check_http_ssl' command definition
define command{
         command_name    check_http_ssl
         command_line    $USER1$/check_http -H $HOSTADDRESS$ -p $ARG1$ -S
         }

and in services.cfg:

...
check_command check_http_ssl!443
...

It works for me.


Risto Vaarandi wrote:
> Rahul Misra wrote:
> 
>>
>> Risto, you might wanna try the -S option with check_http and see if it 
>> meets
>> your requirements. The SSL is brought into the picture when you use it.
> 
> 
> On the second commandline I have used the --ssl option (see below) which 
> is a synonym for -S, yet it didn't work. Is it really not possible to 
> handle the problem with some clever options of check_http? It is quite 
> common for the monitoring server to be located behind a firewall/proxy, 
> and the https-webservers you wish to monitor in the public Internet.
> br,
> risto
> 
>>
>> Regards
>> Rahul
>>
>>
>>
>>
>> -----Original Message-----
>> From: Risto Vaarandi [mailto:risto.vaarandi at eyp.ee] Sent: Tuesday, 
>> September 14, 2004 7:20 PM
>> To: nagiosplug-help at lists.sourceforge.net
>> Subject: [Nagiosplug-help] Using check_http plugin behind the firewall
>>
>> hi all,
>>
>> I would like to use the check_http plugin for monitoring some external 
>> web
>> servers. While the plugin works fine for conventional http-servers, e.g.,
>>
>> -sh-2.05b$ /usr/lib/nagios/plugins/check_http -H firewall -p 8080 -u
>> http://www.hansa.ee HTTP OK HTTP/1.0 200 OK - 66 bytes in 0.046 seconds
>> |time=46009us;;;0 size=66B;;;0
>>
>> I can't connect to https-servers:
>>
>> -sh-2.05b$ /usr/lib/nagios/plugins/check_http -H firewall -p 8080 -u
>> https://www.hansa.ee HTTP WARNING: HTTP/1.0 400 Bad Request
>>
>> -sh-2.05b$ /usr/lib/nagios/plugins/check_http -H firewall -p 8080 
>> --ssl -u
>> https://www.hansa.ee
>> ERROR: Cannot retrieve server certificate.
>>
>> Does the check_http plugin have any commandline options for solving this
>> problem? (The plugin should first create a tcp socket to the 8080 port of
>> the firewall, then use the CONNECT method for connecting to target web
>> server, and finally switch to SSL protocol.)
>>
>> br,
>> risto
>>
>>
>> -------------------------------------------------------
>> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 
>> Project
>> Admins to receive an Apple iPod Mini FREE for your judgement on who ports
>> your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 
>> 13. Go here: http://sf.net/ppc_contest.php
>> _______________________________________________
>> Nagiosplug-help mailing list
>> Nagiosplug-help at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagiosplug-help
>> ::: Please include plugins version (-v) and OS when reporting any 
>> issue. ::: Messages without supporting info will risk being sent to 
>> /dev/null
>>
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
> Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
> Camcorder. More prizes in the weekly Lunch Hour Challenge.
> Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
> _______________________________________________
> Nagiosplug-help mailing list
> Nagiosplug-help at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagiosplug-help
> ::: Please include plugins version (-v) and OS when reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null
> 

-- 
Martinus Nel
System Administrator
Scarce Skills Ltd.
http://www.scarceskills.com
Tel: +44 (0) 1633 225461

---------------------------------------------------------------------------
DISCLAIMER
This e-mail message and any attachments are confidential and may also be a
privileged communication. It is intended solely for the person(s) to whom it
is addressed. If you are not the intended addressee of the message you must
take no action based on it. Please reply to this message to let us know you
received it in error and also delete the message from your system.
Internet e-mails are not necessarily secure and you should be mindful of
this when e-mailing us.

The contents of an attachment to this e-mail may contain software viruses
which could damage your own computer system. Whilst we have taken every
reasonable precaution to minimise this risk, we cannot accept liability for
any damage which you sustain as a result of software viruses. You should
carry out your own virus checks before opening the attachment.
---------------------------------------------------------------------------





More information about the Help mailing list