PDA

View Full Version : server parameter in agentd.conf

lAni
03-01-2005, 21:38
Hi,

I run my ZABBIX server on a host that has no fixed IP. It changes at least every 24h. There is no way for me to determine a range or set of IPs that would be usefull for this parameter because i never get the same IP twice!

What is the workaround for this? And please dont tell me to crontab a config-reset and -reload.
I'm thinking (dreaming?!) of a disable-this-feature-at-your-own-riks-button :D for those who understand to deal with ipfilter...

Btw.: You did a great job with this tool! Must've been (still be) a lot of work... don't you consider "taking some more men into the boat"? ;)

regards

Phil
Alexei
03-01-2005, 22:06
Here is patch from Fabien Postif. I haven't checked it carefully yet, so use it at your own risk :rolleyes: Also, be aware that name resolution may add quite significant overhead depending on your network and DNS configuration.

File security.c:

int check_security(int sockfd, char *ip_list, int allow_if_empty)
{
char *sname;
struct sockaddr_in name;
int i;
char *s;

char tmp[MAX_STRING_LEN];

zabbix_log( LOG_LEVEL_DEBUG, "In check_security()");

if( (1 == allow_if_empty) && (strlen(ip_list)==0) )
{
return SUCCEED;
}

i=sizeof(name);

/* if(getpeername(sockfd, (struct sockaddr *)&name, (size_t *)&i) == 0)*/
if(getpeername(sockfd, (struct sockaddr *)&name, (socklen_t *)&i) == 0)
{
i=sizeof(struct sockaddr_in);

sname=inet_ntoa(name.sin_addr);

zabbix_log( LOG_LEVEL_DEBUG, "Connection from [%s]. Allowed servers [%s] ",sname, ip_list);
strscpy(tmp,ip_list);
s=(char *)strtok(tmp,",");
while(s!=NULL)
{
if(strcmp(sname, s)==0)
{
return SUCCEED;
}
else {
struct sockaddr_in addr_machine;
struct hostent *machine;
char *ip_machine;
machine = gethostbyname(s);
memcpy(&addr_machine.sin_addr,machine->h_addr,machine->h_length);
ip_machine=inet_ntoa(addr_machine.sin_addr);
zabbix_log( LOG_LEVEL_DEBUG, "Resolve de [%s] : [%s][%s]",ip_machine,sname,machine->h_name);
if(strcmp(ip_machine,sname)== 0)
{
return SUCCEED;
}
}

s=(char *)strtok(NULL,",");
}
}
else
{
zabbix_log( LOG_LEVEL_WARNING, "Error getpeername [%s]",strerror(errno));
zabbix_log( LOG_LEVEL_WARNING, "Connection rejected");
return FAIL;
}
zabbix_log( LOG_LEVEL_WARNING, "Connection from [%s] rejected. Allowed server is [%s] ",sname, ip_list);
return FAIL;
}

The patch will probably be integrated into ZABBIX v1.1 codebase. Do not hesitate to chase me if I miss it.
lAni
04-01-2005, 17:36
OK my coding skills are absolute low! This is what I get from the compiler (tried it on two diff. Systems: SuSE 9.0 and Debian 3.0)

../../include/security.c: In function `check_security':
../../include/security.c:75: warning: implicit declaration of function `gethostbyname'
../../include/security.c:75: warning: assignment makes pointer from integer without a cast
../../include/security.c:76: dereferencing pointer to incomplete type
../../include/security.c:76: dereferencing pointer to incomplete type
../../include/security.c:78: dereferencing pointer to incomplete type
make[1]: *** [all] Error 1

these are my lines:

#70 else
#71 {
#72 struct sockaddr_in addr_machine;
#73 struct hostent *machine;
#74 char *ip_machine;
#75 machine=gethostbyname(s);
#76 memcpy(&addr_machine.sin_addr,machine->h_addr,machine->h_length);
#77 ip_machine=inet_ntoa(addr_machine.sin_addr);
#78 zabbix_log( LOG_LEVEL_DEBUG, "Resolving of [%s] : [%s][%s]",ip_machine,sname,machine->h_name);
#79 if(strcmp(ip_machine,sname)== 0)
#80 {
#81 return SUCCEED;
#82 }
#83 }

I googled for the return value of "gethostbyname" (struct hostent) and everything looks OK so far. Right?

Also s=(char *)strtok(tmp,","); looks OK to be feeded into "gethostbyname", doesn't it? The compiler would report a diffrent message in case of such an error I guess!

So where is the bug?
Why does it want to cast? The variable 'machine' and the return-value of 'gethostbyname' are of the same 'struct' aren't they?
What does "...makes pointer from integer..." mean?

*-----------------*snip
ok forget it, i told ya that i am a noob and thats the proof... but i can learn.
there is no gethostbyname function at all(yet). what file do i have to include?
*-----------------*snap

PS: <netdb.h> OK it works nicely now. FIXED.

Cheers & thnx for the code. Don't forget to integrate it into 1.1, I don't want to to this again ;)

PPS: if someone is interested I can post or email the "final" code, just ask.