Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[SOLVED] Tentacle server not accepting external connections
#1
I got it working where local agents can connect, but for some reason it wont accept connections from an external IP.  I have setup the proper rules in my NAT firewall and according to the logs the packets are being let through.

On the pandora server itself I also see the packet go through.

Code:
14:57:58.622445 IP shared2.iceteks.net.57611 > pandora.loc.41121: Flags [S], seq 1796917956, win 5840, options [mss 1460,sackOK,TS val 581390775 ecr 0,nop,wscale 7], length 0

For some reason the daemon itself is blocking it.  Any way around this?  I want to be able to monitor servers that are outside my network.

 Reply
#2
Still having this issue. Is it not possible to monitor remote servers that arn't part of the LAN?
 Reply
#3
(06-24-2012, 10:25 PM)Red Squirrel link Wrote: Still having this issue. Is it not possible to monitor remote servers that arn't part of the LAN?

Thats no sense for me, Tentacle server open a port like another port in the system. Check routing in your system, do a traceroute to that host (client) from the server and see if it's going ok.

Check also the presence of a firewall in your server (iptables -L)

Tentacle server can get connections everywhere, it's a very simple TCP service.
 Reply
#4
Yep I checked all that.  I was able to send a packet and it was received by the server at the tcp layer levle, but for some reason the tentacle server is not responding to it.  Is there a config file somewhere that I need to edit?  It seems like it's making it to layer 7 but then gets blocked by the app.
 Reply
#5
(06-28-2012, 11:53 PM)Red Squirrel link Wrote: Yep I checked all that.  I was able to send a packet and it was received by the server at the tcp layer levle, but for some reason the tentacle server is not responding to it.  Is there a config file somewhere that I need to edit?  It seems like it's making it to layer 7 but then gets blocked by the app.

Yes, not a config file, just the launcher at /etc/init.d/tentacled by default listen in 0.0.0.0 unless you modified it, but I suppose you don't touch the default values, but anyway, take a look.
 Reply
#6
Yeah I tried changing it and still does not work, I put it back to 0.0.0.0.  I made sure the port is correct as well, that has not changed.
 Reply
#7
(06-29-2012, 12:55 AM)Red Squirrel link Wrote: Yeah I tried changing it and still does not work, I put it back to 0.0.0.0.   I made sure the port is correct as well, that has not changed.

More tests and information needed to find the problem:

Do a traceroute from your Agent to your server (traceroute -n xxxxx) and do the same from the server to the agent, put here the resulst. The path should be the same.

In the server (as root)

lsof -i | grep LISTEN

You should get a line like:

tentacle_ 29419 pandora    4u  IPv4 19344279      0t0  TCP *:tentacle (LISTEN)

In the server:

[[email protected] slerena]# telnet localhost 41121
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

Connection closed by foreign host.

Do the same on the agent

Make sure you don't have any filter between. If it's not your server, COULD be an intermediate firewall between the agent and the server.

For more depth tests, you need a tcpdump in both sides to trace the complete TCP sequence and find where it stops.

I hope you can find the solution, my bet is you have something filtering the traffic between or a route problem, tentacle design is very simple, just to avoid (minimize) this kind of problems.


 Reply
#8
Holy crap I figured it out!  I had never thought of checking routing from pandora server to the outside world, the traceroute failed which made me realize the routing was not working. The default gateway was not set properly.  I was unable to figure out the network side of Suse so I ended up doing it manually through a script and forgot to do the default gateway too. 

So it just showed up in the agent list, all is good!  Thanks for the help.
 Reply
#9
Good news ! Wink


 Reply


Users browsing this thread: 1 Guest(s)


(c) 2006-2018 Artica Soluciones Tecnológicas. Contents of this wiki are under Create Common Attribution v3 licence. | pandorafms.com | pandorafms.org

Theme © MyBB Themes