Ad Widget

Collapse

Сломался active check

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Ara67
    Junior Member
    • Jun 2018
    • 8
    #1

    Сломался active check

    Всем здравствуйте!

    Был настроен и работал active check на нескольких машинах.
    Потом не понятно почему на всех машинах перестал.

    В логе агента это выглядит так:

    2184:20180610:113200.626 Starting Zabbix Agent [ARM2]. Zabbix 3.4.6 (revision 76819).
    2184:20180610:113200.626 **** Enabled features ****
    2184:20180610:113200.626 IPv6 support: YES
    2184:20180610:113200.626 TLS support: NO
    2184:20180610:113200.626 **************************
    2184:20180610:113200.626 using configuration file: c:\zabbix\zabbix_agentd.win.conf
    2184:20180610:113200.642 agent #0 started [main process]
    2768:20180610:113200.642 agent #1 started [collector]
    8264:20180610:113200.642 agent #2 started[listener #1]
    6416:20180610:113200.642 agent #3 started[listener #2]
    4892:20180610:113200.642 agent #4 started[listener #3]
    8652:20180610:113200.642 agent #5 started [active checks #1]
    8520:20180613:221352.120 Zabbix Agent stopped. Zabbix 3.4.6 (revision 76819).
    4368:20180613:221521.787 Starting Zabbix Agent [ARM2]. Zabbix 3.4.6 (revision 76819).
    4368:20180613:221521.787 **** Enabled features ****
    4368:20180613:221521.787 IPv6 support: YES
    4368:20180613:221521.787 TLS support: NO
    4368:20180613:221521.787 **************************
    4368:20180613:221521.787 using configuration file: c:\zabbix\zabbix_agentd.win.conf
    4368:20180613:221521.802 agent #0 started [main process]
    4400:20180613:221521.802 agent #2 started[listener #1]
    4404:20180613:221521.802 agent #3 started[listener #2]
    4396:20180613:221521.818 agent #1 started [collector]
    4408:20180613:221521.818 agent #4 started[listener #3]
    4412:20180613:221521.818 agent #5 started [active checks #1]
    4412:20180613:232543.015 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] started to fail (cannot connect to [[ХХХ.ХХХ.ХХХ.ХХХ]:10051]: (null))
    4412:20180613:232643.972 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] is working again
    4412:20180614:140907.989 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] started to fail (cannot connect to [[ХХХ.ХХХ.ХХХ.ХХХ]:10051]: (null))
    4412:20180614:141007.931 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] is working again
    4412:20180614:150808.088 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] started to fail (ZBX_TCP_READ() failed: [0x00002746] Удаленный хост принудительно разорвал существующее подключение.)
    4448:20180619:094802.269 Starting Zabbix Agent [ARM2]. Zabbix 3.4.6 (revision 76819).
    4448:20180619:094802.285 **** Enabled features ****
    4448:20180619:094802.301 IPv6 support: YES
    4448:20180619:094802.316 TLS support: NO
    4448:20180619:094802.332 **************************
    4448:20180619:094802.332 using configuration file: c:\zabbix\zabbix_agentd.win.conf
    4448:20180619:094802.551 agent #0 started [main process]
    4680:20180619:094802.597 agent #2 started[listener #1]
    4676:20180619:094802.613 agent #1 started [collector]
    4684:20180619:094802.613 agent #3 started[listener #2]
    4688:20180619:094802.613 agent #4 started[listener #3]
    4692:20180619:094802.613 agent #5 started [active checks #1]
    4692:20180619:094802.613 active check configuration update from [ХХХ.ХХХ.ХХХ.ХХХ:10051] started to fail (ZBX_TCP_READ() failed: [0x00002746] Удаленный хост принудительно разорвал существующее подключение.)

    В логе сервера:

    18613:20180620:145201.291 failed to accept an incoming connection: from YYY.YYY.YYY.YYY: reading first byte from connection failed: [104] Connection reset by peer

    18613:20180620:145202.667 failed to accept an incoming connection: from ZZZ.ZZZ.ZZZ.ZZZ: reading first byte from connection failed: [104] Connection reset by peer


    Имена хостов в в конфигах не менял, они совпадают с именами в веб-интерфейсе сервера, адреса соответственно тоже.
    Файрволы тоже помоему ни причем, т.к. в логах сервера не было бы видно запросов.

    В чем может быть дело?

    Версия appliance zabbix 3.4.8

    p/s
    попробовал telnet -ом на 10051 порт подключается (потом подключение сбрасывается)...
    Last edited by Ara67; 20-06-2018, 17:50.
    Tags: None
    • kernbug
      Senior Member
      • Feb 2013
      • 330
      #2
      Originally posted by Ara67
      Всем здравствуйте!

      18613:20180620:145201.291 failed to accept an incoming connection: from YYY.YYY.YYY.YYY: reading first byte from connection failed: [104] Connection reset by peer

      18613:20180620:145202.667 failed to accept an incoming connection: from ZZZ.ZZZ.ZZZ.ZZZ: reading first byte from connection failed: [104] Connection reset by peer


      Имена хостов в в конфигах не менял, они совпадают с именами в веб-интерфейсе сервера, адреса соответственно тоже.
      Файрволы тоже помоему ни причем, т.к. в логах сервера не было бы видно запросов.

      В чем может быть дело?

      Версия appliance zabbix 3.4.8

      p/s
      попробовал telnet -ом на 10051 порт подключается (потом подключение сбрасывается)...
      Здравствуйте,

      Покажите вывод команды iptables -L -x -v -n --line-numbers с сервера Zabbix, в том числе вывод netstat -tulpen.
      Каким образом настроена сеть для виртуальной машины?

        Comment

        • Ara67
          Junior Member
          • Jun 2018
          • 8
          #3
          Originally posted by kernbug

          Здравствуйте,

          Покажите вывод команды iptables -L -x -v -n --line-numbers с сервера Zabbix, в том числе вывод netstat -tulpen.
          Каким образом настроена сеть для виртуальной машины?
          appliance@zabbix:~$ iptables -L -x -v -n --line-numbers
          Chain INPUT (policy ACCEPT 7243 packets, 547732 bytes)
          num pkts bytes target prot opt in out source destination
          1 407254 23572659 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
          2 0 0 ACCEPT udp -- * * 8.8.8.8 0.0.0.0/0 udp spt:53
          3 0 0 ACCEPT udp -- * * 8.8.4.4 0.0.0.0/0 udp spt:53
          4 300229 20760144 ICMP icmp -- * * 0.0.0.0/0 0.0.0.0/0
          5 0 0 NTP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123
          6 8563 640140 SSH tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:20:22
          7 18216 801532 ZBX tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 10050,10051
          8 36314 5821327 WEB tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
          9 0 0 SNMPTRAP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:162
          10 6 312 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
          11 4598990 255593431 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

          Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
          num pkts bytes target prot opt in out source destination

          Chain OUTPUT (policy ACCEPT 6433358 packets, 381902472 bytes)
          num pkts bytes target prot opt in out source destination
          1 710897 48603508 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
          2 84 5640 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 0

          Chain ICMP (1 references)
          num pkts bytes target prot opt in out source destination
          1 261796 18165692 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5

          Chain NTP (1 references)
          num pkts bytes target prot opt in out source destination

          Chain SNMPTRAP (1 references)
          num pkts bytes target prot opt in out source destination

          Chain SQL (0 references)
          num pkts bytes target prot opt in out source destination

          Chain SSH (1 references)
          num pkts bytes target prot opt in out source destination
          1 8563 640140 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

          Chain WEB (1 references)
          num pkts bytes target prot opt in out source destination
          1 36314 5821327 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
          2 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:162

          Chain ZBX (1 references)
          num pkts bytes target prot opt in out source destination
          1 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10050
          2 18216 801532 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10051
          appliance@zabbix:~$


          appliance@zabbix:~$ netstat -tulpen
          Active Internet connections (only servers)
          Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
          tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 14108 866/sshd
          tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 108 14910 952/zabbix_agentd
          tcp 0 0 0.0.0.0:10051 0.0.0.0:* LISTEN 108 98491 18510/zabbix_server
          tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 109 14997 943/mysqld
          tcp6 0 0 :::22 :::* LISTEN 0 14116 866/sshd
          tcp6 0 0 :::10050 :::* LISTEN 108 14911 952/zabbix_agentd
          tcp6 0 0 :::10051 :::* LISTEN 108 98492 18510/zabbix_server
          tcp6 0 0 :::10052 :::* LISTEN 108 15013 911/java
          tcp6 0 0 :::80 :::* LISTEN 0 14958 974/apache2
          udp 0 0 0.0.0.0:162 0.0.0.0:* 0 14992 993/snmptrapd

            Comment

            • kernbug
              Senior Member
              • Feb 2013
              • 330
              #4
              Хорошо, можно еще конфигурацию Zabbix Agent с любой из машин и netstat -na.

                Comment

                • Ara67
                  Junior Member
                  • Jun 2018
                  • 8
                  #5
                  Originally posted by kernbug
                  Хорошо, можно еще конфигурацию Zabbix Agent с любой из машин и netstat -na.

                  # This is a configuration file for Zabbix agent service (Windows)
                  # To get more information about Zabbix, visit http://www.zabbix.com

                  ############ GENERAL PARAMETERS #################

                  ### Option: LogType
                  # Specifies where log messages are written to:
                  # system - Windows event log
                  # file - file specified with LogFile parameter
                  # console - standard output
                  #
                  # Mandatory: no
                  # Default:
                  LogType=file

                  ### Option: LogFile
                  # Log file name for LogType 'file' parameter.
                  #
                  # Mandatory: no
                  # Default:
                  # LogFile=

                  LogFile=c:\zabbix\zabbix_agentd.log

                  ### Option: LogFileSize
                  # Maximum size of log file in MB.
                  # 0 - disable automatic log rotation.
                  #
                  # Mandatory: no
                  # Range: 0-1024
                  # Default:

                  LogFileSize=1

                  ### Option: DebugLevel
                  # Specifies debug level:
                  # 0 - basic information about starting and stopping of Zabbix processes
                  # 1 - critical information
                  # 2 - error information
                  # 3 - warnings
                  # 4 - for debugging (produces lots of information)
                  # 5 - extended debugging (produces even more information)
                  #
                  # Mandatory: no
                  # Range: 0-5
                  # Default:

                  DebugLevel=3

                  ### Option: SourceIP
                  # Source IP address for outgoing connections.
                  #
                  # Mandatory: no
                  # Default:
                  # SourceIP=

                  ### Option: EnableRemoteCommands
                  # Whether remote commands from Zabbix server are allowed.
                  # 0 - not allowed
                  # 1 - allowed
                  #
                  # Mandatory: no
                  # Default:
                  # EnableRemoteCommands=0

                  ### Option: LogRemoteCommands
                  # Enable logging of executed shell commands as warnings.
                  # 0 - disabled
                  # 1 - enabled
                  #
                  # Mandatory: no
                  # Default:
                  # LogRemoteCommands=0

                  ##### Passive checks related

                  ### Option: Server
                  # List of comma delimited IP addresses, optionally in CIDR notation, or hostnames of Zabbix servers.
                  # Incoming connections will be accepted only from the hosts listed here.
                  # If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address.
                  # '0.0.0.0/0' can be used to allow any IPv4 address.
                  # Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.domain
                  #
                  # Mandatory: no
                  # Default:
                  # Server=

                  Server=SSS.SSS.SSS.SSS

                  ### Option: ListenPort
                  # Agent will listen on this port for connections from the server.
                  #
                  # Mandatory: no
                  # Range: 1024-32767
                  # Default:
                  ListenPort=10050

                  ### Option: ListenIP
                  # List of comma delimited IP addresses that the agent should listen on.
                  # First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.
                  #
                  # Mandatory: no
                  # Default:
                  ListenIP=XXX.XXX.XXX.XXX

                  ### Option: StartAgents
                  # Number of pre-forked instances of zabbix_agentd that process passive checks.
                  # If set to 0, disables passive checks and the agent will not listen on any TCP port.
                  #
                  # Mandatory: no
                  # Range: 0-100
                  # Default:
                  StartAgents=3

                  ##### Active checks related

                  ### Option: ServerActive
                  # List of comma delimited IPort (or hostnameort) pairs of Zabbix servers for active checks.
                  # If port is not specified, default port is used.
                  # IPv6 addresses must be enclosed in square brackets if port for that host is specified.
                  # If port is not specified, square brackets for IPv6 addresses are optional.
                  # If this parameter is not specified, active checks are disabled.
                  # Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]
                  #
                  # Mandatory: no
                  # Default:
                  # ServerActive=

                  ServerActive=SSS.SSS.SSS.SSS

                  ### Option: Hostname
                  # Unique, case sensitive hostname.
                  # Required for active checks and must match hostname as configured on the server.
                  # Value is acquired from HostnameItem if undefined.
                  #
                  # Mandatory: no
                  # Default:
                  # Hostname=
                  Hostname=ARM2_

                  ### Option: HostnameItem
                  # Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
                  # Does not support UserParameters or aliases.
                  #
                  # Mandatory: no
                  # Default:
                  #HostnameItem=system.hostname

                  ### Option: HostMetadata
                  # Optional parameter that defines host metadata.
                  # Host metadata is used at host auto-registration process.
                  # An agent will issue an error and not start if the value is over limit of 255 characters.
                  # If not defined, value will be acquired from HostMetadataItem.
                  #
                  # Mandatory: no
                  # Range: 0-255 characters
                  # Default:
                  # HostMetadata=

                  ### Option: HostMetadataItem
                  # Optional parameter that defines an item used for getting host metadata.
                  # Host metadata is used at host auto-registration process.
                  # During an auto-registration request an agent will log a warning message if
                  # the value returned by specified item is over limit of 255 characters.
                  # This option is only used when HostMetadata is not defined.
                  #
                  # Mandatory: no
                  # Default:
                  # HostMetadataItem=

                  ### Option: RefreshActiveChecks
                  # How often list of active checks is refreshed, in seconds.
                  #
                  # Mandatory: no
                  # Range: 60-3600
                  # Default:
                  # RefreshActiveChecks=120

                  ### Option: BufferSend
                  # Do not keep data longer than N seconds in buffer.
                  #
                  # Mandatory: no
                  # Range: 1-3600
                  # Default:
                  # BufferSend=5

                  ### Option: BufferSize
                  # Maximum number of values in a memory buffer. The agent will send
                  # all collected data to Zabbix server or Proxy if the buffer is full.
                  #
                  # Mandatory: no
                  # Range: 2-65535
                  # Default:
                  # BufferSize=100

                  ### Option: MaxLinesPerSecond
                  # Maximum number of new lines the agent will send per second to Zabbix Server
                  # or Proxy processing 'log', 'logrt' and 'eventlog' active checks.
                  # The provided value will be overridden by the parameter 'maxlines',
                  # provided in 'log', 'logrt' or 'eventlog' item keys.
                  #
                  # Mandatory: no
                  # Range: 1-1000
                  # Default:
                  # MaxLinesPerSecond=20

                  ############ ADVANCED PARAMETERS #################

                  ### Option: Alias
                  # Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.
                  # Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.
                  # Different Alias keys may reference the same item key.
                  # For example, to retrieve paging file usage in percents from the server:
                  # Alias=pg_usageerf_counter[\Paging File(_Total)\% Usage]
                  # Now shorthand key pg_usage may be used to retrieve data.
                  # Aliases can be used in HostMetadataItem but not in HostnameItem or PerfCounter parameters.
                  #
                  # Mandatory: no
                  # Range:
                  # Default:

                  ### Option: Timeout
                  # Spend no more than Timeout seconds on processing.
                  #
                  # Mandatory: no
                  # Range: 1-30
                  # Default:
                  Timeout=20

                  ### Option: PerfCounter
                  # Syntax: <parameter_name>,"<perf_counter_path>",<period>
                  # Defines new parameter <parameter_name> which is an average value for system performance counter <perf_counter_path> for the specified time period <period> (in seconds).
                  # For example, if you wish to receive average number of processor interrupts per second for last minute, you can define new parameter "interrupts" as following:
                  # PerfCounter = interrupts,"\Processor(0)\Interrupts/sec",60
                  # Please note double quotes around performance counter path.
                  # Samples for calculating average value will be taken every second.
                  # You may run "typeperf -qx" to get list of all performance counters available in Windows.
                  #
                  # Mandatory: no
                  # Range:
                  # Default:

                  ### Option: Include
                  # You may include individual files in the configuration file.
                  #
                  # Mandatory: no
                  # Default:
                  # Include=

                  # Include=c:\zabbix\zabbix_agentd.userparams.conf
                  # Include=c:\zabbix\zabbix_agentd.conf.d\
                  # Include=c:\zabbix\zabbix_agentd.conf.d\*.conf

                  ####### USER-DEFINED MONITORED PARAMETERS #######

                  ### Option: UnsafeUserParameters
                  # Allow all characters to be passed in arguments to user-defined parameters.
                  # The following characters are not allowed:
                  # \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
                  # Additionally, newline characters are not allowed.
                  # 0 - do not allow
                  # 1 - allow
                  #
                  # Mandatory: no
                  # Range: 0-1
                  # Default:
                  # UnsafeUserParameters=0

                  ### Option: UserParameter
                  # User-defined parameter to monitor. There can be several user-defined parameters.
                  # Format: UserParameter=<key>,<shell command>
                  #
                  # Mandatory: no
                  # Default:
                  UserParameter=pingate,c:\zabbix\zp.bat

                  ####### TLS-RELATED PARAMETERS #######

                  ### Option: TLSConnect
                  # How the agent should connect to server or proxy. Used for active checks.
                  # Only one value can be specified:
                  # unencrypted - connect without encryption
                  # psk - connect using TLS and a pre-shared key
                  # cert - connect using TLS and a certificate
                  #
                  # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
                  # Default:
                  # TLSConnect=unencrypted

                  ### Option: TLSAccept
                  # What incoming connections to accept.
                  # Multiple values can be specified, separated by comma:
                  # unencrypted - accept connections without encryption
                  # psk - accept connections secured with TLS and a pre-shared key
                  # cert - accept connections secured with TLS and a certificate
                  #
                  # Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)
                  # Default:
                  # TLSAccept=unencrypted

                  ### Option: TLSCAFile
                  # Full pathname of a file containing the top-level CA(s) certificates for
                  # peer certificate verification.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSCAFile=

                  ### Option: TLSCRLFile
                  # Full pathname of a file containing revoked certificates.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSCRLFile=

                  ### Option: TLSServerCertIssuer
                  # Allowed server certificate issuer.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSServerCertIssuer=

                  ### Option: TLSServerCertSubject
                  # Allowed server certificate subject.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSServerCertSubject=

                  ### Option: TLSCertFile
                  # Full pathname of a file containing the agent certificate or certificate chain.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSCertFile=

                  ### Option: TLSKeyFile
                  # Full pathname of a file containing the agent private key.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSKeyFile=

                  ### Option: TLSPSKIdentity
                  # Unique, case sensitive string used to identify the pre-shared key.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSPSKIdentity=

                  ### Option: TLSPSKFile
                  # Full pathname of a file containing the pre-shared key.
                  #
                  # Mandatory: no
                  # Default:
                  # TLSPSKFile=



                  netstat -na

                  ЂЄвЁў­лҐ Ї®¤Є«о祭Ёп

                  €¬п ‹®Є «м­л© ¤аҐб ‚­Ґи­Ё© ¤аҐб ‘®бв®п­ЁҐ
                  TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:7680 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:17490 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49673 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49678 0.0.0.0:0 LISTENING
                  TCP 0.0.0.0:49809 0.0.0.0:0 LISTENING
                  TCP XXX.XXX.XXX.XXX:139 0.0.0.0:0 LISTENING
                  TCP XXX.XXX.XXX.XXX:5040 0.0.0.0:0 LISTENING
                  TCP XXX.XXX.XXX.XXX:10050 0.0.0.0:0 LISTENING
                  TCP XXX.XXX.XXX.XXX:10050 SSS.SSS.SSS.SSS:54572 TIME_WAIT
                  TCP XXX.XXX.XXX.XXX:10050 SSS.SSS.SSS.SSS:54586 TIME_WAIT
                  TCP XXX.XXX.XXX.XXX:10050 SSS.SSS.SSS.SSS:54596 TIME_WAIT
                  TCP XXX.XXX.XXX.XXX:10050 SSS.SSS.SSS.SSS:54606 TIME_WAIT
                  TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING
                  TCP 127.0.0.1:49849 127.0.0.1:49850 ESTABLISHED
                  TCP 127.0.0.1:49850 127.0.0.1:49849 ESTABLISHED
                  TCP 127.0.0.1:49853 127.0.0.1:49854 ESTABLISHED
                  TCP 127.0.0.1:49854 127.0.0.1:49853 ESTABLISHED
                  TCP 127.0.0.1:49866 127.0.0.1:49867 ESTABLISHED
                  TCP 127.0.0.1:49867 127.0.0.1:49866 ESTABLISHED
                  TCP 127.0.0.1:49874 127.0.0.1:49875 ESTABLISHED
                  TCP 127.0.0.1:49875 127.0.0.1:49874 ESTABLISHED
                  TCP 127.0.0.1:50034 127.0.0.1:50035 ESTABLISHED
                  TCP 127.0.0.1:50035 127.0.0.1:50034 ESTABLISHED
                  TCP 192.168.88.180:139 0.0.0.0:0 LISTENING
                  TCP 192.168.88.180:5040 0.0.0.0:0 LISTENING
                  TCP 192.168.88.180:49983 52.230.7.59:443 ESTABLISHED
                  TCP 192.168.88.180:50484 2.17.213.199:80 ESTABLISHED
                  TCP [::]:135 [::]:0 LISTENING
                  TCP [::]:445 [::]:0 LISTENING
                  TCP [::]:5357 [::]:0 LISTENING
                  TCP [::]:7680 [::]:0 LISTENING
                  TCP [::]:49664 [::]:0 LISTENING
                  TCP [::]:49665 [::]:0 LISTENING
                  TCP [::]:49666 [::]:0 LISTENING
                  TCP [::]:49668 [::]:0 LISTENING
                  TCP [::]:49673 [::]:0 LISTENING
                  TCP [::]:49678 [::]:0 LISTENING
                  TCP [::1]:49797 [::]:0 LISTENING
                  UDP 0.0.0.0:500 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:3702 *:*
                  UDP 0.0.0.0:4500 *:*
                  UDP 0.0.0.0:5050 *:*
                  UDP 0.0.0.0:5353 *:*
                  UDP 0.0.0.0:5355 *:*
                  UDP 0.0.0.0:49667 *:*
                  UDP 0.0.0.0:49669 *:*
                  UDP 0.0.0.0:49673 *:*
                  UDP 0.0.0.0:59866 *:*
                  UDP XXX.XXX.XXX.XXX:137 *:*
                  UDP XXX.XXX.XXX.XXX:138 *:*
                  UDP XXX.XXX.XXX.XXX:1900 *:*
                  UDP XXX.XXX.XXX.XXX:5353 *:*
                  UDP XXX.XXX.XXX.XXX:59863 *:*
                  UDP 127.0.0.1:1900 *:*
                  UDP 127.0.0.1:49675 *:*
                  UDP 127.0.0.1:59865 *:*
                  UDP 192.168.88.180:137 *:*
                  UDP 192.168.88.180:138 *:*
                  UDP 192.168.88.180:1900 *:*
                  UDP 192.168.88.180:5353 *:*
                  UDP 192.168.88.180:59864 *:*
                  UDP [::]:500 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:3702 *:*
                  UDP [::]:4500 *:*
                  UDP [::]:5353 *:*
                  UDP [::]:5355 *:*
                  UDP [::]:49668 *:*
                  UDP [::]:49670 *:*
                  UDP [::]:49674 *:*
                  UDP [::]:59867 *:*
                  UDP [::1]:1900 *:*
                  UDP [::1]:5353 *:*
                  UDP [::1]:59862 *:*
                  UDP [fe80::1537:eb09:36d7:263e%5]:1900 *:*
                  UDP [fe80::1537:eb09:36d7:263e%5]:59861 *:*

                    Comment

                    • kernbug
                      Senior Member
                      • Feb 2013
                      • 330
                      #6
                      Сколько интерфейсов на сервере, где установлен агент? Есть подозрение, что агент устанавливает соединение с сервером с одного адреса, а отвечать пытается с другого. Попробуйте задать # SourceIP= для агента.
                      Last edited by kernbug; 21-06-2018, 14:05.

                        Comment

                        • Ara67
                          Junior Member
                          • Jun 2018
                          • 8
                          #7
                          Originally posted by kernbug
                          Сколько интерфейсов на сервере, где установлен агент? Есть подозрение, что агент устанавливает соединение с сервером с одного адреса, а отвечать пытается с другого. Попробуйте задать # SourceIP= для агента.
                          в /etc/network/interfaces один интерфейс,
                          на клиенте еще есть wifi, пробовал его отключить и перезапустить агента, получается то же самое
                          попробовал задать на агенте SourceIP - не помогло
                          пассивные проверки проходят на ура...

                            Comment

                            • kernbug
                              Senior Member
                              • Feb 2013
                              • 330
                              #8
                              Originally posted by Ara67

                              в /etc/network/interfaces один интерфейс,
                              на клиенте еще есть wifi, пробовал его отключить и перезапустить агента, получается то же самое
                              попробовал задать на агенте SourceIP - не помогло
                              пассивные проверки проходят на ура...
                              tcpdump на сервере что показывает для 10051 порта в момент появления ошибки в логах сервера?

                                Comment

                                • Ara67
                                  Junior Member
                                  • Jun 2018
                                  • 8
                                  #9
                                  Originally posted by kernbug

                                  tcpdump на сервере что показывает для 10051 порта в момент появления ошибки в логах сервера?
                                  Прилетал пакет с Flags [R.] вместо данных, которые отправлял агент...
                                  Какой-то фильтр все-таки отрабатывал, эту тему не я там админю, потом поправили после пятого письма...
                                  В общем разобрались, спасибо за помощь!

                                    Comment

                                    Previous template Next
                                    Working...