Hi guys,
this is my first time using zabbix.
I have installed zabbix server on linux.
The work station with zabbix server is hidden by a firewall with iptables.
This is my setup
Internet -> Firewall -> LAN ( zabbix server )
The firewall has two network interfaces:
- eth0 192.168.1.2 ( connected to the internet )
- eth1 192.168.0.1 ( connected to the LAN )
Zabbix server has ip 192.168.0.80
On the firewall I have configured iptables like this ( forwarding is enabled ):
Now, in the Zabbix Server ( 192.168.0.80 ) i run the command to monitor calls on port 10051:
I installed a zabbix agent on the server with ip 161.97.136.20.
If I try to execute the command
i expect to see something from the tcpdump, but I don't see anything.
If instead I execute the same command from another server inside the LAN (example with IP 192.168.0.2), I see that tcpdump capture traffic.
So, it looks like the issue is with the firewall's iptables commands.
I hope I have been clear.
Can you help me?
this is my first time using zabbix.
I have installed zabbix server on linux.
The work station with zabbix server is hidden by a firewall with iptables.
This is my setup
Internet -> Firewall -> LAN ( zabbix server )
The firewall has two network interfaces:
- eth0 192.168.1.2 ( connected to the internet )
- eth1 192.168.0.1 ( connected to the LAN )
Zabbix server has ip 192.168.0.80
On the firewall I have configured iptables like this ( forwarding is enabled ):
Code:
# Default policy to drop all incoming packets. iptables -P INPUT DROP iptables -P FORWARD DROP # Accept incoming packets from localhost and the LAN interface. iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth1 -j ACCEPT # Accept incoming packets from the WAN if the router initiated the connection. iptables -A INPUT -i eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # Forward LAN packets to the WAN. iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT # Forward WAN packets to the LAN if the LAN initiated the connection. iptables -A FORWARD -i eth0 -o eth1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT # Zabbix iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 10050 -j DNAT --to-destination 192.168.0.80 iptables -A FORWARD -s 161.97.136.20/32 -p tcp -d 192.168.0.80 --dport 10050 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 10051 -j DNAT --to-destination 192.168.0.80 iptables -A FORWARD -s 161.97.136.20/32 -p tcp -d 192.168.0.80 --dport 10051 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Code:
sudo tcpdump -i any port 10051
If I try to execute the command
Code:
zabbix_sender -z <hostname server> -s "<source>" -p 10051 -vv -k <key> -o <value>
If instead I execute the same command from another server inside the LAN (example with IP 192.168.0.2), I see that tcpdump capture traffic.
So, it looks like the issue is with the firewall's iptables commands.
I hope I have been clear.
Can you help me?