Configuring "targets" not working in 0.5.0.65?


#1

Hello,

I’m trying to implement a NRPE-Proxy setup using nscpclient 0.5.0.65 on WinServer 2012. The goal is, to query hosts behind a firewall like this:

Client |FW | Proxy Target 1.2.3.4 ->FW-> 3.4.5.6 -> 2.3.4.5

The proxy is configured like this:

E:\test\nscp++>nscp settings --list
    /modules.NRPEClient=enabled
    /modules.NRPEServer=enabled
    /modules.WEBSErver=enabled
    /paths.base-path=E:\test\nscp++
    /paths.certificate-path=${shared-path}/security
    /paths.crash-folder=${shared-path}/crash-dumps
    /paths.exe-path=E:\test\nscp++
    /paths.module-path=${shared-path}/modules
    /paths.shared-path=E:\test\nscp++
    /settings/NRPE/client/targets/blurb.host=2.3.4.5
    /settings/NRPE/client/targets/blurb.port=5666
    /settings/NRPE/client/targets/blurb.use ssl=true
    /settings/NRPE/client/targets/default.allowed ciphers=ALL
    /settings/NRPE/client/targets/default.payload length=1024
    /settings/NRPE/client/targets/default.retries=3
    /settings/NRPE/client/targets/default.timeout=30
    /settings/NRPE/client/targets/default.use ssl=true
    /settings/NRPE/client/targets/foo.host=3.4.5.6
    /settings/NRPE/client/targets/foo.port=5666
    /settings/NRPE/client/targets/foo.use ssl=false
    /settings/NRPE/client.channel=NRPE
    /settings/NRPE/server.allow arguments=true
    /settings/NRPE/server.allow nasty characters=false
    /settings/NRPE/server.extended response=true
    /settings/NRPE/server.insecure=true
    /settings/NRPE/server.use ssl=true
    /settings/WEB/server.certificate=${certificate-path}/certificate.pem
    /settings/WEB/server.port=8443s
    /settings/crash.archive=true
    /settings/crash.archive folder=${crash-folder}
    /settings/crash.restart=true
    /settings/crash.restart target=NSCP
    /settings/crash.submit url=https://crash.nsclient.org/post
    /settings/default.allowed hosts=1.2.3.4, 127.0.0.1, ::1
    /settings/default.cache allowed hosts=true
    /settings/default.password=xyz
    /settings/default.timeout=30
    /settings/log.date format=%Y-%m-%d %H:%M:%S
    /settings/log.file name=${exe-path}/nsclient.log
    /settings/log.level=trace

When using E:\test\nscp++>nscp test --debug on the proxy (3.4.5.6) and trying ./nscp nrpe --host=3.4.5.6 --command=check_nrpe --argument="target=blurb" --argument="command=check_cpu" on 1.2.3.4, I get Error: Failed to connect to: :5666 :An established connection was aborted by the software in your host machine and the proxy crashes. When using ./nscp nrpe --host=3.4.5.6 --command=nrpe_query --argument="host=2.3.4.5" --argument="command=check_cpu" --ssl=1 --debug instead, I get the intended result from 2.3.4.5: OK: CPU load is ok.|'total 5m'=1%;80;90 'total 1m'=0%;80;90 'total 5s'=0%;80;90

Am I doing something wrong?

Any help would be appreciated, Gärti