🔖

箱庭にzabbixを入れてみた(ハマった編)

2024/12/31に公開

MySqLインストール

[root@covb ~]# yum install mysql-community-server
読み込んだプラグイン:fastestmirror
Loading mirror speeds from cached hostfile
 * base: ftp.iij.ad.jp
 ・
 ・
 ・
 上記の処理を行います。よろしいでしょうか? [y/N]y


mysql-community-server-8.0.31-1.el7.x86_64.rpm の公開鍵がインストールされていません


 Failing package is: mysql-community-server-8.0.31-1.el7.x86_64
 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql

[root@covb ~]#

なんじゃコレ?ということで調べてみるとGPGキー(yum使ったりrpm使ったりしたときにパッケージが改竄されているか検証するために使う)が MySqL8.0.28以降で新しくなっている模様
https://dev.mysql.com/doc/mysql-yum-repo-quick-guide/en/

なので、新しいGPGキーを入れる

[root@covb ~]# rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
[root@covb ~]#

もっかいチャレンジ

[root@covb ~]# yum install mysql-community-server
読み込んだプラグイン:fastestmirror
Loading mirror speeds from cached hostfile
 * base: ftp.iij.ad.jp
 ・
 ・
 ・
 
インストール:
  mysql-community-libs.x86_64 0:8.0.31-1.el7              mysql-community-libs-compat.x86_64 0:8.0.31-1.el7
  mysql-community-server.x86_64 0:8.0.31-1.el7

依存性関連をインストールしました:
  mysql-community-client.x86_64 0:8.0.31-1.el7           mysql-community-client-plugins.x86_64 0:8.0.31-1.el7
  mysql-community-common.x86_64 0:8.0.31-1.el7           mysql-community-icu-data-files.x86_64 0:8.0.31-1.el7
  net-tools.x86_64 0:2.0-0.25.20131004git.el7

置換:
  mariadb-libs.x86_64 1:5.5.68-1.el7

完了しました!
[root@covb ~]#

うまくいった

zabbix-serverが起動できない

[root@covb ~]# systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm
Job for zabbix-server.service failed. See "systemctl status zabbix-server.service" and "journalctl -xe" for details.
[root@covb ~]#

なああぁぁんでだようぅということでちょっと調査

[root@covb ~]# systemctl status zabbix-server
● zabbix-server.service - Zabbix Server
   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
   Active: activating (auto-restart) (Result: protocol) since 金 2022-10-21 17:27:54 JST; 532ms ago
  Process: 17908 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)

10月 21 17:27:54 covb systemd[1]: Failed to start Zabbix Server.
10月 21 17:27:54 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 17:27:54 covb systemd[1]: zabbix-server.service failed.
[root@covb ~]#

よくわからんのでログを見る

[root@covb ~]# tail /var/log/zabbix/zabbix_server.log
 17873:20221021:172602.593 VMware monitoring:         YES
 17873:20221021:172602.593 SMTP authentication:       YES
 17873:20221021:172602.593 ODBC:                      YES
 17873:20221021:172602.593 SSH support:               YES
 17873:20221021:172602.593 IPv6 support:              YES
 17873:20221021:172602.593 TLS support:               YES
 17873:20221021:172602.593 ******************************
 17873:20221021:172602.593 using configuration file: /etc/zabbix/zabbix_server.conf
 17873:20221021:172602.594 [Z3001] connection to database 'zabbix' failed: [2059] Authentication plugin 'caching_sha2_password' cannot be loaded: /usr/lib64/mysql/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory
 17873:20221021:172602.594 Cannot connect to the database. Exiting...
[root@covb ~]#

caching_sha2_passwordが無いよって言っている・・・

なにやらMySQL 8.0 から、デフォルトの認証プラグインがcaching_sha2_passwordに変更されたらしい
が、PHPで作られたほとんどのアプリはcaching_sha2_passwordに対応していないそうで、認証プラグクインをmysql_native_passwordに変更する必要があるとのこと

root@covb ~]# systemctl stop zabbix-server
[root@covb ~]#
[root@covb ~]# mysql -u root -p
Enter password:

mysql> ALTER USER zabbix@localhost IDENTIFIED WITH mysql_native_password BY '*****'; #実際はパスフレーズをベタ打ち
Query OK, 0 rows affected (0.02 sec)

mysql> exit
Bye
[root@covb ~]#
[root@covb ~]# systemctl start zabbix-server
[root@covb ~]#

が、なんかまだエラーを吐いてる・・・

[root@covb ~]# systemctl status zabbix-server.service
● zabbix-server.service - Zabbix Server
   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
   Active: activating (auto-restart) (Result: exit-code) since 金 2022-10-21 18:31:17 JST; 4s ago
  Process: 21860 ExecStop=/bin/kill -SIGTERM $MAINPID (code=exited, status=1/FAILURE)
  Process: 21814 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
 Main PID: 21816 (code=exited, status=0/SUCCESS)

10月 21 18:31:17 covb kill[21860]: -l, --list [=<signal>] list signal names, or convert one to a name
10月 21 18:31:17 covb kill[21860]: -L, --table            list signal names and numbers
10月 21 18:31:17 covb kill[21860]: -h, --help     display this help and exit
10月 21 18:31:17 covb kill[21860]: -V, --version  output version information and exit
10月 21 18:31:17 covb kill[21860]: For more details see kill(1).
10月 21 18:31:17 covb systemd[1]: zabbix-server.service: control process exited, code=exited status=1
10月 21 18:31:17 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 18:31:17 covb systemd[1]: zabbix-server.service failed.
[root@covb ~]#

ログに聞いてみる

[root@covb ~]# tail /var/log/zabbix/zabbix_server.log
 22045:20221021:183158.471 server #33 started [trapper #3]
 22047:20221021:183158.473 server #35 started [trapper #5]
 22026:20221021:183158.475 server #14 started [timer #1]
 22022:20221021:183158.475 server #10 started [lld manager #1]
 22022:20221021:183158.475 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.
 22012:20221021:183158.476 One child process died (PID:22022,exitcode/signal:1). Exiting ...
zabbix_server [22012]: Error waiting for process with PID 22022: [10] No child processes
 22012:20221021:183158.484 syncing trend data...
 22012:20221021:183158.484 syncing trend data done
 22012:20221021:183158.484 Zabbix Server stopped. Zabbix 5.0.28 (revision b2b8e2ce82d).
[root@covb ~]#

cannot start LLD manager serviceらしい
いろいろ調べてみるとどうもタイムゾーンの設定で余計なセミコロンが入っているのが原因らしい記事を発見

vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf

; php_value[date.timezone] = Asia/Tokyo #コイツの ; を削除

もっかいチャレンジ

[root@covb ~]# systemctl restart zabbix-server

まだあかん

[root@covb ~]# systemctl status zabbix-server zabbix-agent httpd rh-php72-php-fpm
● zabbix-server.service - Zabbix Server
   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
   Active: activating (auto-restart) (Result: exit-code) since 金 2022-10-21 18:36:47 JST; 7s ago
  Process: 23485 ExecStop=/bin/kill -SIGTERM $MAINPID (code=exited, status=1/FAILURE)
  Process: 23414 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
 Main PID: 23420 (code=exited, status=0/SUCCESS)

10月 21 18:36:47 covb systemd[1]: zabbix-server.service: control process exited, code=exited status=1
10月 21 18:36:47 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 18:36:47 covb systemd[1]: zabbix-server.service failed.

が、なんかログの出方が変わった
↓の繰り返し・・・

 23205:20221021:183606.336 ****** Enabled features ******
 23205:20221021:183606.336 SNMP monitoring:           YES
 23205:20221021:183606.336 IPMI monitoring:           YES
 23205:20221021:183606.336 Web monitoring:            YES
 23205:20221021:183606.336 VMware monitoring:         YES
 23205:20221021:183606.336 SMTP authentication:       YES
 23205:20221021:183606.336 ODBC:                      YES
 23205:20221021:183606.336 SSH support:               YES
 23205:20221021:183606.336 IPv6 support:              YES
 23205:20221021:183606.336 TLS support:               YES
 23205:20221021:183606.336 ******************************
 23205:20221021:183606.336 using configuration file: /etc/zabbix/zabbix_server.conf
 23205:20221021:183606.340 current database version (mandatory/optional): 05000000/05000007
 23205:20221021:183606.340 required mandatory version: 05000000
 23205:20221021:183606.351 server #0 started [main process]
 23206:20221021:183606.351 server #1 started [configuration syncer #1]
 23234:20221021:183606.460 server #29 started [poller #5]
 23236:20221021:183606.463 server #31 started [trapper #1]
 23242:20221021:183606.465 server #37 started [alert syncer #1]
 23239:20221021:183606.465 server #34 started [trapper #4]
 23218:20221021:183606.467 server #13 started [housekeeper #1]
 23220:20221021:183606.467 server #15 started [http poller #1]
 23221:20221021:183606.467 server #16 started [discoverer #1]
 23223:20221021:183606.470 server #18 started [history syncer #2]
 23226:20221021:183606.470 server #21 started [escalator #1]
 23229:20221021:183606.472 server #24 started [task manager #1]
 23230:20221021:183606.472 server #25 started [poller #1]
 23238:20221021:183606.474 server #33 started [trapper #3]
 23240:20221021:183606.476 server #35 started [trapper #5]
 23219:20221021:183606.479 server #14 started [timer #1]
 23215:20221021:183606.479 server #10 started [lld manager #1]
 23215:20221021:183606.479 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.
 23205:20221021:183606.480 One child process died (PID:23215,exitcode/signal:1). Exiting ...
zabbix_server [23205]: Error waiting for process with PID 23215: [10] No child processes
 23205:20221021:183606.487 syncing trend data...
 23205:20221021:183606.487 syncing trend data done
 23205:20221021:183606.487 Zabbix Server stopped. Zabbix 5.0.28 (revision b2b8e2ce82d).
 23252:20221021:183616.585 Starting Zabbix Server. Zabbix 5.0.28 (revision b2b8e2ce82d).

やっぱなんかコイツでコケている模様

 23215:20221021:183606.479 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.

なんだコイツ・・・と思ってもうちょい調べてみるとなにやらこんな記事が

https://www.zabbix.com/forum/zabbix-troubleshooting-and-problems/420600-cannot-bind-socket-address-already-in-use

で、どうやらSELinuxのポリシーが邪魔をしている模様
んで、↓の情報に辿り着いたので早速実行

https://jandra.wordpress.com/2019/10/30/zabbix-4-4-centos-8-installation-issues/

[root@covb ~]# grep AVC /var/log/audit/audit.log* | audit2allow -M systemd-allow; semodule -i systemd-allow.pp
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i systemd-allow.pp

[root@covb ~]#

んで、zabbix-server をもっかい実行

[root@covb ~]# systemctl stop zabbix-server.service

[root@covb ~]# systemctl restart zabbix-server.service

おお、出来た

[root@covb ~]# systemctl status zabbix-server.service
● zabbix-server.service - Zabbix Server
   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
   Active: active (running) since 金 2022-10-21 18:55:32 JST; 11s ago
  Process: 28420 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
 Main PID: 28422 (zabbix_server)
   CGroup: /system.slice/zabbix-server.service
           tq28422 /usr/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
           tq28423 /usr/sbin/zabbix_server: configuration syncer [synced configuration in 0.052164 sec, idle 60 sec]
           tq28424 /usr/sbin/zabbix_server: alert manager #1 [sent 0, failed 0 alerts, idle 5.004484 sec during 5.004533 sec]
           tq28425 /usr/sbin/zabbix_server: alerter #1 started
           tq28426 /usr/sbin/zabbix_server: alerter #2 started
           tq28427 /usr/sbin/zabbix_server: alerter #3 started
           tq28428 /usr/sbin/zabbix_server: preprocessing manager #1 [queued 0, processed 8 values, idle 5.001622 sec during 5.001791 sec]
           tq28429 /usr/sbin/zabbix_server: preprocessing worker #1 started
           tq28430 /usr/sbin/zabbix_server: preprocessing worker #2 started
           tq28431 /usr/sbin/zabbix_server: preprocessing worker #3 started
           tq28432 /usr/sbin/zabbix_server: lld manager #1 [processed 0 LLD rules, idle 5.003455sec during 5.003531 sec]
           tq28433 /usr/sbin/zabbix_server: lld worker #1 started
           tq28434 /usr/sbin/zabbix_server: lld worker #2 started
           tq28435 /usr/sbin/zabbix_server: housekeeper [startup idle for 30 minutes]
           tq28436 /usr/sbin/zabbix_server: timer #1 [updated 0 hosts, suppressed 0 events in 0.002252 sec, idle 27 sec]
           tq28437 /usr/sbin/zabbix_server: http poller #1 [got 0 values in 0.000558 sec, idle 5 sec]
           tq28438 /usr/sbin/zabbix_server: discoverer #1 [processed 0 rules in 0.001560 sec, idle 60 sec]
           tq28439 /usr/sbin/zabbix_server: history syncer #1 [processed 0 values, 0 triggers in 0.000013 sec, idle 1 sec]
           tq28440 /usr/sbin/zabbix_server: history syncer #2 [processed 0 values, 0 triggers in 0.000005 sec, idle 1 sec]
           tq28441 /usr/sbin/zabbix_server: history syncer #3 [processed 0 values, 0 triggers in 0.000013 sec, idle 1 sec]
           tq28442 /usr/sbin/zabbix_server: history syncer #4 [processed 0 values, 0 triggers in 0.000005 sec, idle 1 sec]
           tq28443 /usr/sbin/zabbix_server: escalator #1 [processed 0 escalations in 0.000906 sec, idle 3 sec]
           tq28444 /usr/sbin/zabbix_server: proxy poller #1 [exchanged data with 0 proxies in 0.000008 sec, idle 5 sec]
           tq28445 /usr/sbin/zabbix_server: self-monitoring [processed data in 0.000023 sec, idle 1 sec]
           tq28446 /usr/sbin/zabbix_server: task manager [processed 0 task(s) in 0.000313 sec, idle 5 sec]
           tq28447 /usr/sbin/zabbix_server: poller #1 [got 0 values in 0.000009 sec, idle 2 sec]
           tq28448 /usr/sbin/zabbix_server: poller #2 [got 0 values in 0.000011 sec, idle 2 sec]
           tq28449 /usr/sbin/zabbix_server: poller #3 [got 0 values in 0.000014 sec, idle 2 sec]
           tq28450 /usr/sbin/zabbix_server: poller #4 [got 1 values in 0.000041 sec, idle 2 sec]
           tq28451 /usr/sbin/zabbix_server: poller #5 [got 0 values in 0.000031 sec, idle 2 sec]
           tq28452 /usr/sbin/zabbix_server: unreachable poller #1 [got 0 values in 0.000021 sec, idle 5 sec]
           tq28453 /usr/sbin/zabbix_server: trapper #1 [processed data in 0.000000 sec, waiting for connection]
           tq28454 /usr/sbin/zabbix_server: trapper #2 [processed data in 0.000000 sec, waiting for connection]
           tq28455 /usr/sbin/zabbix_server: trapper #3 [processed data in 0.000000 sec, waiting for connection]
           tq28456 /usr/sbin/zabbix_server: trapper #4 [processed data in 0.000000 sec, waiting for connection]
           tq28457 /usr/sbin/zabbix_server: trapper #5 [processed data in 0.000000 sec, waiting for connection]
           tq28458 /usr/sbin/zabbix_server: icmp pinger #1 [got 0 values in 0.000020 sec, idle 5 sec]
           mq28459 /usr/sbin/zabbix_server: alert syncer [queued 0 alerts(s), flushed 0 result(s) in 0.000470 sec, idle 1 sec]

10月 21 18:55:32 covb systemd[1]: Starting Zabbix Server...
10月 21 18:55:32 covb systemd[1]: Started Zabbix Server.
[root@covb ~]#

zabbix web画面が表示されない

httpdも動いてるしzabbix-serverも元気いっぱい
でもブラウザからアクセスすると全然ダメ・・・

[root@covb ban]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since 日 2022-10-23 15:28:21 JST; 10min ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 2960 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 27128 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
 Main PID: 2964 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service

[root@covb ban]# systemctl status zabbix-server
● zabbix-server.service - Zabbix Server
   Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
   Active: active (running) since 金 2022-10-21 19:07:52 JST; 1 day 20h ago
  Process: 1386 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
 Main PID: 1398 (zabbix_server)
   CGroup: /system.slice/zabbix-server.service
           tq1398 /usr/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf

一応、zabbix-agentもrh-php72-php-fpmも生きてること確認

[root@covb ban]# systemctl status zabbix-agent rh-php72-php-fpm
● zabbix-agent.service - Zabbix Agent
   Loaded: loaded (/usr/lib/systemd/system/zabbix-agent.service; disabled; vendor preset: disabled)
   Active: active (running) since 金 2022-10-21 19:07:52 JST; 1 day 20h ago
  Process: 1387 ExecStart=/usr/sbin/zabbix_agentd -c $CONFFILE (code=exited, status=0/SUCCESS)
 Main PID: 1391 (zabbix_agentd)
   CGroup: /system.slice/zabbix-agent.service
           tq1391 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
           tq1392 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
           tq1393 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
           tq1394 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
           tq1395 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
           mq1396 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]

10月 21 19:07:52 covb systemd[1]: Starting Zabbix Agent...
10月 21 19:07:52 covb systemd[1]: Started Zabbix Agent.

● rh-php72-php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/rh-php72-php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since 金 2022-10-21 19:07:53 JST; 1 day 20h ago
 Main PID: 1389 (php-fpm)
   Status: "Processes active: 0, idle: 10, Requests: 0, slow: 0, Traffic: 0req/sec"
   CGroup: /system.slice/rh-php72-php-fpm.service
           tq1389 php-fpm: master process (/etc/opt/rh/rh-php72/php-fpm.conf)
           tq1403 php-fpm: pool www
           tq1404 php-fpm: pool www
           tq1405 php-fpm: pool www
           tq1406 php-fpm: pool www
           tq1407 php-fpm: pool www
           tq1408 php-fpm: pool zabbix
           tq1409 php-fpm: pool zabbix
           tq1410 php-fpm: pool zabbix
           tq1411 php-fpm: pool zabbix
           mq1412 php-fpm: pool zabbix

10月 21 19:07:52 covb systemd[1]: Starting The PHP FastCGI Process Manager...
10月 21 19:07:53 covb systemd[1]: Started The PHP FastCGI Process Manager.
[root@covb ban]#

curlでgetしてもちゃんと帰ってくる

[root@covb ban]# curl http://localhost
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html><head>
・
・
・
  </div>
</body></html>
[root@covb ban]#

でもwebアクセスするとこんな感じ

きっとfirewallあたりだろうとなんだかんだとアクセス出来ない時の基本に立ち戻り調査

まぁいるよね

[root@covb ban]# systemctl status
・
・
・
firewalld.service
 mq667 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

ここまでfirewalldの設定まったくいじってないけど今ってどんな状況?って見てみる
「あ、、、(察し」

[root@covb ban]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp0s3 enp0s8
  sources:
  services: dhcpv6-client ssh
  ports:
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

[root@covb ban]#

あ、、、(察し

[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client ssh
[root@covb ban]#

てなわけで(恒久的に有効にするので --permanent 指定して reload する)

[root@covb ban]# firewall-cmd  --add-service=http --zone=public --permanent
success
[root@covb ban]#

[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client ssh
[root@covb ban]#

[root@covb ban]# firewall-cmd --reload
success
[root@covb ban]#

[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client http ssh
[root@covb ban]#

↑をやってもまだwebアクセスできない・・・
google先生に相談してみたところ、zabbix-agentのポート開放が必要だった

[root@covb ban]# firewall-cmd --add-port=10050/tcp --permanent
success
[root@covb ban]# 

[root@covb ban]# firewall-cmd --add-port=10051/tcp --permanent
success
[root@covb ban]#

[root@covb ban]# firewall-cmd --reload
success
[root@covb ban]#

出来た

zabbixに初回ログインできない

インストール後に admin/zabbix でAdninistrator権限でログインしようとしたら↓ではじかれる

特にMysQLでzabbixユーザーのパスワードを変えた記憶が無いんだが、初期化してみる

[root@covb ban]# mysql -u root -p
Enter password:
mysql>

mysql> use zabbix;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed

mysql> update zabbix.users set passwd=md5('zabbix') where alias='Admin';
Query OK, 1 row affected (0.01 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> quit;
Bye
[root@covb ban]#

Centosでsnmptrapを受信してくれない

firewall--cmdで161/udp穴あけしてるし、vsrx1側でも trap sent successfully てなるのに全然受信してくれない

[root@covb ~]# firewall-cmd --permanent --zone=public --add-service=snmp
success
[root@covb ~]#
[root@covb ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp0s3 enp0s8
  sources:
  services: dhcpv6-client http ssh
  ports: 10050/tcp 10051/tcp 161/udp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

[root@covb ~]#
ban@vsrx1> request snmp spoof-trap jnxFruFailed
Spoof-trap request result: trap sent successfully

ban@vsrx1>

google先生に聞いてみるとfirewallではデフォルトでsnmpがないらしい
なのでfirewallにsnmpを追加してみる

[root@covb ~]# vim /etc/firewalld/services/snmp.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
<short>SNMP</short>
<description>SNMP protocol</description>
<port protocol="udp" port="161"/>
</service>
[root@covb ~]# firewall-cmd --reload
success
[root@covb ~]#
[root@covb ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp0s3 enp0s8
  sources:
  services: dhcpv6-client http snmp ssh
  ports: 10050/tcp 10051/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

[root@covb ~]#

vsrx1からもっかいsnmptrapを実行

ban@vsrx1> request snmp spoof-trap jnxFruFailed
Spoof-trap request result: trap sent successfully

ban@vsrx1>

/var/log/messagesに飛び込んできてくれない・・・

そもそもなんか設定が間違ってるかなということでtcpdumpでチェック

[root@covb ~]# tcpdump -i enp0s3 src host 10.0.2.110 and dst port snmptrap
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s3, link-type EN10MB (Ethernet), capture size 262144 bytes
15:59:56.033841 IP 10.0.2.110.60834 > covb.snmptrap:  C="snmp-trap" V2Trap(394)  system.sysUpTime.0=279340 S:1.1.4.1.0=E:2636.4.1.9 E:2636.3.1.15.1.1.1073741824.1073741823.1073741823.1073741823=1073741824 E:2636.3.1.15.1.2.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.3.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.4.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.5.1073741824.1073741823.1073741823.1073741823="abcdefghijklmnopqrst" E:2636.3.1.15.1.6.1073741824.1073741823.1073741823.1073741823=18 E:2636.3.1.15.1.7.1073741824.1073741823.1073741823.1073741823=1073741823 S:1.1.4.3.0=E:2636.1.1.1.2.96
^C
1 packet captured
7 packets received by filter
0 packets dropped by kernel
[root@covb ~]#

snmptrap自体は届いてはいる模様

またgoogle先生にご意見を伺ったところ snmptrapd.conf も編集する必要があるらしい
と、いうことで↓を追記

[root@covb ~]# vim /etc/snmp/snmptrapd.conf

authCommunity   log,execute,net banSnmp

まだダメ・・・

その後、生活環境が激変(転職しました)して時間がなくあまり手をつけられず2年が経っている・・・そろそろやらねば・・・

Discussion