箱庭にzabbixを入れてみた(ハマった編)
MySqLインストール
[root@covb ~]# yum install mysql-community-server
読み込んだプラグイン:fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.iij.ad.jp
・
・
・
上記の処理を行います。よろしいでしょうか? [y/N]y
mysql-community-server-8.0.31-1.el7.x86_64.rpm の公開鍵がインストールされていません
Failing package is: mysql-community-server-8.0.31-1.el7.x86_64
GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[root@covb ~]#
なんじゃコレ?ということで調べてみるとGPGキー(yum使ったりrpm使ったりしたときにパッケージが改竄されているか検証するために使う)が MySqL8.0.28以降で新しくなっている模様
なので、新しいGPGキーを入れる
[root@covb ~]# rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
[root@covb ~]#
もっかいチャレンジ
[root@covb ~]# yum install mysql-community-server
読み込んだプラグイン:fastestmirror
Loading mirror speeds from cached hostfile
* base: ftp.iij.ad.jp
・
・
・
インストール:
mysql-community-libs.x86_64 0:8.0.31-1.el7 mysql-community-libs-compat.x86_64 0:8.0.31-1.el7
mysql-community-server.x86_64 0:8.0.31-1.el7
依存性関連をインストールしました:
mysql-community-client.x86_64 0:8.0.31-1.el7 mysql-community-client-plugins.x86_64 0:8.0.31-1.el7
mysql-community-common.x86_64 0:8.0.31-1.el7 mysql-community-icu-data-files.x86_64 0:8.0.31-1.el7
net-tools.x86_64 0:2.0-0.25.20131004git.el7
置換:
mariadb-libs.x86_64 1:5.5.68-1.el7
完了しました!
[root@covb ~]#
うまくいった
zabbix-serverが起動できない
[root@covb ~]# systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm
Job for zabbix-server.service failed. See "systemctl status zabbix-server.service" and "journalctl -xe" for details.
[root@covb ~]#
なああぁぁんでだようぅということでちょっと調査
[root@covb ~]# systemctl status zabbix-server
● zabbix-server.service - Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: activating (auto-restart) (Result: protocol) since 金 2022-10-21 17:27:54 JST; 532ms ago
Process: 17908 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
10月 21 17:27:54 covb systemd[1]: Failed to start Zabbix Server.
10月 21 17:27:54 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 17:27:54 covb systemd[1]: zabbix-server.service failed.
[root@covb ~]#
よくわからんのでログを見る
[root@covb ~]# tail /var/log/zabbix/zabbix_server.log
17873:20221021:172602.593 VMware monitoring: YES
17873:20221021:172602.593 SMTP authentication: YES
17873:20221021:172602.593 ODBC: YES
17873:20221021:172602.593 SSH support: YES
17873:20221021:172602.593 IPv6 support: YES
17873:20221021:172602.593 TLS support: YES
17873:20221021:172602.593 ******************************
17873:20221021:172602.593 using configuration file: /etc/zabbix/zabbix_server.conf
17873:20221021:172602.594 [Z3001] connection to database 'zabbix' failed: [2059] Authentication plugin 'caching_sha2_password' cannot be loaded: /usr/lib64/mysql/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory
17873:20221021:172602.594 Cannot connect to the database. Exiting...
[root@covb ~]#
caching_sha2_passwordが無いよって言っている・・・
なにやらMySQL 8.0 から、デフォルトの認証プラグインがcaching_sha2_passwordに変更されたらしい
が、PHPで作られたほとんどのアプリはcaching_sha2_passwordに対応していないそうで、認証プラグクインをmysql_native_passwordに変更する必要があるとのこと
root@covb ~]# systemctl stop zabbix-server
[root@covb ~]#
[root@covb ~]# mysql -u root -p
Enter password:
mysql> ALTER USER zabbix@localhost IDENTIFIED WITH mysql_native_password BY '*****'; #実際はパスフレーズをベタ打ち
Query OK, 0 rows affected (0.02 sec)
mysql> exit
Bye
[root@covb ~]#
[root@covb ~]# systemctl start zabbix-server
[root@covb ~]#
が、なんかまだエラーを吐いてる・・・
[root@covb ~]# systemctl status zabbix-server.service
● zabbix-server.service - Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: activating (auto-restart) (Result: exit-code) since 金 2022-10-21 18:31:17 JST; 4s ago
Process: 21860 ExecStop=/bin/kill -SIGTERM $MAINPID (code=exited, status=1/FAILURE)
Process: 21814 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 21816 (code=exited, status=0/SUCCESS)
10月 21 18:31:17 covb kill[21860]: -l, --list [=<signal>] list signal names, or convert one to a name
10月 21 18:31:17 covb kill[21860]: -L, --table list signal names and numbers
10月 21 18:31:17 covb kill[21860]: -h, --help display this help and exit
10月 21 18:31:17 covb kill[21860]: -V, --version output version information and exit
10月 21 18:31:17 covb kill[21860]: For more details see kill(1).
10月 21 18:31:17 covb systemd[1]: zabbix-server.service: control process exited, code=exited status=1
10月 21 18:31:17 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 18:31:17 covb systemd[1]: zabbix-server.service failed.
[root@covb ~]#
ログに聞いてみる
[root@covb ~]# tail /var/log/zabbix/zabbix_server.log
22045:20221021:183158.471 server #33 started [trapper #3]
22047:20221021:183158.473 server #35 started [trapper #5]
22026:20221021:183158.475 server #14 started [timer #1]
22022:20221021:183158.475 server #10 started [lld manager #1]
22022:20221021:183158.475 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.
22012:20221021:183158.476 One child process died (PID:22022,exitcode/signal:1). Exiting ...
zabbix_server [22012]: Error waiting for process with PID 22022: [10] No child processes
22012:20221021:183158.484 syncing trend data...
22012:20221021:183158.484 syncing trend data done
22012:20221021:183158.484 Zabbix Server stopped. Zabbix 5.0.28 (revision b2b8e2ce82d).
[root@covb ~]#
cannot start LLD manager serviceらしい
いろいろ調べてみるとどうもタイムゾーンの設定で余計なセミコロンが入っているのが原因らしい記事を発見
vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf
; php_value[date.timezone] = Asia/Tokyo #コイツの ; を削除
もっかいチャレンジ
[root@covb ~]# systemctl restart zabbix-server
まだあかん
[root@covb ~]# systemctl status zabbix-server zabbix-agent httpd rh-php72-php-fpm
● zabbix-server.service - Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: activating (auto-restart) (Result: exit-code) since 金 2022-10-21 18:36:47 JST; 7s ago
Process: 23485 ExecStop=/bin/kill -SIGTERM $MAINPID (code=exited, status=1/FAILURE)
Process: 23414 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 23420 (code=exited, status=0/SUCCESS)
10月 21 18:36:47 covb systemd[1]: zabbix-server.service: control process exited, code=exited status=1
10月 21 18:36:47 covb systemd[1]: Unit zabbix-server.service entered failed state.
10月 21 18:36:47 covb systemd[1]: zabbix-server.service failed.
が、なんかログの出方が変わった
↓の繰り返し・・・
23205:20221021:183606.336 ****** Enabled features ******
23205:20221021:183606.336 SNMP monitoring: YES
23205:20221021:183606.336 IPMI monitoring: YES
23205:20221021:183606.336 Web monitoring: YES
23205:20221021:183606.336 VMware monitoring: YES
23205:20221021:183606.336 SMTP authentication: YES
23205:20221021:183606.336 ODBC: YES
23205:20221021:183606.336 SSH support: YES
23205:20221021:183606.336 IPv6 support: YES
23205:20221021:183606.336 TLS support: YES
23205:20221021:183606.336 ******************************
23205:20221021:183606.336 using configuration file: /etc/zabbix/zabbix_server.conf
23205:20221021:183606.340 current database version (mandatory/optional): 05000000/05000007
23205:20221021:183606.340 required mandatory version: 05000000
23205:20221021:183606.351 server #0 started [main process]
23206:20221021:183606.351 server #1 started [configuration syncer #1]
23234:20221021:183606.460 server #29 started [poller #5]
23236:20221021:183606.463 server #31 started [trapper #1]
23242:20221021:183606.465 server #37 started [alert syncer #1]
23239:20221021:183606.465 server #34 started [trapper #4]
23218:20221021:183606.467 server #13 started [housekeeper #1]
23220:20221021:183606.467 server #15 started [http poller #1]
23221:20221021:183606.467 server #16 started [discoverer #1]
23223:20221021:183606.470 server #18 started [history syncer #2]
23226:20221021:183606.470 server #21 started [escalator #1]
23229:20221021:183606.472 server #24 started [task manager #1]
23230:20221021:183606.472 server #25 started [poller #1]
23238:20221021:183606.474 server #33 started [trapper #3]
23240:20221021:183606.476 server #35 started [trapper #5]
23219:20221021:183606.479 server #14 started [timer #1]
23215:20221021:183606.479 server #10 started [lld manager #1]
23215:20221021:183606.479 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.
23205:20221021:183606.480 One child process died (PID:23215,exitcode/signal:1). Exiting ...
zabbix_server [23205]: Error waiting for process with PID 23215: [10] No child processes
23205:20221021:183606.487 syncing trend data...
23205:20221021:183606.487 syncing trend data done
23205:20221021:183606.487 Zabbix Server stopped. Zabbix 5.0.28 (revision b2b8e2ce82d).
23252:20221021:183616.585 Starting Zabbix Server. Zabbix 5.0.28 (revision b2b8e2ce82d).
やっぱなんかコイツでコケている模様
23215:20221021:183606.479 cannot start LLD manager service: Cannot bind socket to "/var/run/zabbix/zabbix_server_lld.sock": [13] Permission denied.
なんだコイツ・・・と思ってもうちょい調べてみるとなにやらこんな記事が
で、どうやらSELinuxのポリシーが邪魔をしている模様
んで、↓の情報に辿り着いたので早速実行
[root@covb ~]# grep AVC /var/log/audit/audit.log* | audit2allow -M systemd-allow; semodule -i systemd-allow.pp
******************** IMPORTANT ***********************
To make this policy package active, execute:
semodule -i systemd-allow.pp
[root@covb ~]#
んで、zabbix-server をもっかい実行
[root@covb ~]# systemctl stop zabbix-server.service
[root@covb ~]# systemctl restart zabbix-server.service
おお、出来た
[root@covb ~]# systemctl status zabbix-server.service
● zabbix-server.service - Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: active (running) since 金 2022-10-21 18:55:32 JST; 11s ago
Process: 28420 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 28422 (zabbix_server)
CGroup: /system.slice/zabbix-server.service
tq28422 /usr/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
tq28423 /usr/sbin/zabbix_server: configuration syncer [synced configuration in 0.052164 sec, idle 60 sec]
tq28424 /usr/sbin/zabbix_server: alert manager #1 [sent 0, failed 0 alerts, idle 5.004484 sec during 5.004533 sec]
tq28425 /usr/sbin/zabbix_server: alerter #1 started
tq28426 /usr/sbin/zabbix_server: alerter #2 started
tq28427 /usr/sbin/zabbix_server: alerter #3 started
tq28428 /usr/sbin/zabbix_server: preprocessing manager #1 [queued 0, processed 8 values, idle 5.001622 sec during 5.001791 sec]
tq28429 /usr/sbin/zabbix_server: preprocessing worker #1 started
tq28430 /usr/sbin/zabbix_server: preprocessing worker #2 started
tq28431 /usr/sbin/zabbix_server: preprocessing worker #3 started
tq28432 /usr/sbin/zabbix_server: lld manager #1 [processed 0 LLD rules, idle 5.003455sec during 5.003531 sec]
tq28433 /usr/sbin/zabbix_server: lld worker #1 started
tq28434 /usr/sbin/zabbix_server: lld worker #2 started
tq28435 /usr/sbin/zabbix_server: housekeeper [startup idle for 30 minutes]
tq28436 /usr/sbin/zabbix_server: timer #1 [updated 0 hosts, suppressed 0 events in 0.002252 sec, idle 27 sec]
tq28437 /usr/sbin/zabbix_server: http poller #1 [got 0 values in 0.000558 sec, idle 5 sec]
tq28438 /usr/sbin/zabbix_server: discoverer #1 [processed 0 rules in 0.001560 sec, idle 60 sec]
tq28439 /usr/sbin/zabbix_server: history syncer #1 [processed 0 values, 0 triggers in 0.000013 sec, idle 1 sec]
tq28440 /usr/sbin/zabbix_server: history syncer #2 [processed 0 values, 0 triggers in 0.000005 sec, idle 1 sec]
tq28441 /usr/sbin/zabbix_server: history syncer #3 [processed 0 values, 0 triggers in 0.000013 sec, idle 1 sec]
tq28442 /usr/sbin/zabbix_server: history syncer #4 [processed 0 values, 0 triggers in 0.000005 sec, idle 1 sec]
tq28443 /usr/sbin/zabbix_server: escalator #1 [processed 0 escalations in 0.000906 sec, idle 3 sec]
tq28444 /usr/sbin/zabbix_server: proxy poller #1 [exchanged data with 0 proxies in 0.000008 sec, idle 5 sec]
tq28445 /usr/sbin/zabbix_server: self-monitoring [processed data in 0.000023 sec, idle 1 sec]
tq28446 /usr/sbin/zabbix_server: task manager [processed 0 task(s) in 0.000313 sec, idle 5 sec]
tq28447 /usr/sbin/zabbix_server: poller #1 [got 0 values in 0.000009 sec, idle 2 sec]
tq28448 /usr/sbin/zabbix_server: poller #2 [got 0 values in 0.000011 sec, idle 2 sec]
tq28449 /usr/sbin/zabbix_server: poller #3 [got 0 values in 0.000014 sec, idle 2 sec]
tq28450 /usr/sbin/zabbix_server: poller #4 [got 1 values in 0.000041 sec, idle 2 sec]
tq28451 /usr/sbin/zabbix_server: poller #5 [got 0 values in 0.000031 sec, idle 2 sec]
tq28452 /usr/sbin/zabbix_server: unreachable poller #1 [got 0 values in 0.000021 sec, idle 5 sec]
tq28453 /usr/sbin/zabbix_server: trapper #1 [processed data in 0.000000 sec, waiting for connection]
tq28454 /usr/sbin/zabbix_server: trapper #2 [processed data in 0.000000 sec, waiting for connection]
tq28455 /usr/sbin/zabbix_server: trapper #3 [processed data in 0.000000 sec, waiting for connection]
tq28456 /usr/sbin/zabbix_server: trapper #4 [processed data in 0.000000 sec, waiting for connection]
tq28457 /usr/sbin/zabbix_server: trapper #5 [processed data in 0.000000 sec, waiting for connection]
tq28458 /usr/sbin/zabbix_server: icmp pinger #1 [got 0 values in 0.000020 sec, idle 5 sec]
mq28459 /usr/sbin/zabbix_server: alert syncer [queued 0 alerts(s), flushed 0 result(s) in 0.000470 sec, idle 1 sec]
10月 21 18:55:32 covb systemd[1]: Starting Zabbix Server...
10月 21 18:55:32 covb systemd[1]: Started Zabbix Server.
[root@covb ~]#
zabbix web画面が表示されない
httpdも動いてるしzabbix-serverも元気いっぱい
でもブラウザからアクセスすると全然ダメ・・・
[root@covb ban]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since 日 2022-10-23 15:28:21 JST; 10min ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 2960 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Process: 27128 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
Main PID: 2964 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
[root@covb ban]# systemctl status zabbix-server
● zabbix-server.service - Zabbix Server
Loaded: loaded (/usr/lib/systemd/system/zabbix-server.service; disabled; vendor preset: disabled)
Active: active (running) since 金 2022-10-21 19:07:52 JST; 1 day 20h ago
Process: 1386 ExecStart=/usr/sbin/zabbix_server -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 1398 (zabbix_server)
CGroup: /system.slice/zabbix-server.service
tq1398 /usr/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
一応、zabbix-agentもrh-php72-php-fpmも生きてること確認
[root@covb ban]# systemctl status zabbix-agent rh-php72-php-fpm
● zabbix-agent.service - Zabbix Agent
Loaded: loaded (/usr/lib/systemd/system/zabbix-agent.service; disabled; vendor preset: disabled)
Active: active (running) since 金 2022-10-21 19:07:52 JST; 1 day 20h ago
Process: 1387 ExecStart=/usr/sbin/zabbix_agentd -c $CONFFILE (code=exited, status=0/SUCCESS)
Main PID: 1391 (zabbix_agentd)
CGroup: /system.slice/zabbix-agent.service
tq1391 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
tq1392 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
tq1393 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
tq1394 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
tq1395 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
mq1396 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
10月 21 19:07:52 covb systemd[1]: Starting Zabbix Agent...
10月 21 19:07:52 covb systemd[1]: Started Zabbix Agent.
● rh-php72-php-fpm.service - The PHP FastCGI Process Manager
Loaded: loaded (/usr/lib/systemd/system/rh-php72-php-fpm.service; disabled; vendor preset: disabled)
Active: active (running) since 金 2022-10-21 19:07:53 JST; 1 day 20h ago
Main PID: 1389 (php-fpm)
Status: "Processes active: 0, idle: 10, Requests: 0, slow: 0, Traffic: 0req/sec"
CGroup: /system.slice/rh-php72-php-fpm.service
tq1389 php-fpm: master process (/etc/opt/rh/rh-php72/php-fpm.conf)
tq1403 php-fpm: pool www
tq1404 php-fpm: pool www
tq1405 php-fpm: pool www
tq1406 php-fpm: pool www
tq1407 php-fpm: pool www
tq1408 php-fpm: pool zabbix
tq1409 php-fpm: pool zabbix
tq1410 php-fpm: pool zabbix
tq1411 php-fpm: pool zabbix
mq1412 php-fpm: pool zabbix
10月 21 19:07:52 covb systemd[1]: Starting The PHP FastCGI Process Manager...
10月 21 19:07:53 covb systemd[1]: Started The PHP FastCGI Process Manager.
[root@covb ban]#
curlでgetしてもちゃんと帰ってくる
[root@covb ban]# curl http://localhost
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html><head>
・
・
・
</div>
</body></html>
[root@covb ban]#
でもwebアクセスするとこんな感じ
きっとfirewallあたりだろうとなんだかんだとアクセス出来ない時の基本に立ち戻り調査
まぁいるよね
[root@covb ban]# systemctl status
・
・
・
firewalld.service
mq667 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
ここまでfirewalldの設定まったくいじってないけど今ってどんな状況?って見てみる
「あ、、、(察し」
[root@covb ban]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@covb ban]#
あ、、、(察し
[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client ssh
[root@covb ban]#
てなわけで(恒久的に有効にするので --permanent 指定して reload する)
[root@covb ban]# firewall-cmd --add-service=http --zone=public --permanent
success
[root@covb ban]#
[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client ssh
[root@covb ban]#
[root@covb ban]# firewall-cmd --reload
success
[root@covb ban]#
[root@covb ban]# firewall-cmd --list-services --zone=public
dhcpv6-client http ssh
[root@covb ban]#
↑をやってもまだwebアクセスできない・・・
google先生に相談してみたところ、zabbix-agentのポート開放が必要だった
[root@covb ban]# firewall-cmd --add-port=10050/tcp --permanent
success
[root@covb ban]#
[root@covb ban]# firewall-cmd --add-port=10051/tcp --permanent
success
[root@covb ban]#
[root@covb ban]# firewall-cmd --reload
success
[root@covb ban]#
出来た
zabbixに初回ログインできない
インストール後に admin/zabbix でAdninistrator権限でログインしようとしたら↓ではじかれる
特にMysQLでzabbixユーザーのパスワードを変えた記憶が無いんだが、初期化してみる
[root@covb ban]# mysql -u root -p
Enter password:
mysql>
mysql> use zabbix;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update zabbix.users set passwd=md5('zabbix') where alias='Admin';
Query OK, 1 row affected (0.01 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> quit;
Bye
[root@covb ban]#
Centosでsnmptrapを受信してくれない
firewall--cmdで161/udp穴あけしてるし、vsrx1側でも trap sent successfully
てなるのに全然受信してくれない
[root@covb ~]# firewall-cmd --permanent --zone=public --add-service=snmp
success
[root@covb ~]#
[root@covb ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: dhcpv6-client http ssh
ports: 10050/tcp 10051/tcp 161/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@covb ~]#
ban@vsrx1> request snmp spoof-trap jnxFruFailed
Spoof-trap request result: trap sent successfully
ban@vsrx1>
google先生に聞いてみるとfirewallではデフォルトでsnmpがないらしい
なのでfirewallにsnmpを追加してみる
[root@covb ~]# vim /etc/firewalld/services/snmp.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>SNMP</short>
<description>SNMP protocol</description>
<port protocol="udp" port="161"/>
</service>
[root@covb ~]# firewall-cmd --reload
success
[root@covb ~]#
[root@covb ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: dhcpv6-client http snmp ssh
ports: 10050/tcp 10051/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@covb ~]#
vsrx1からもっかいsnmptrapを実行
ban@vsrx1> request snmp spoof-trap jnxFruFailed
Spoof-trap request result: trap sent successfully
ban@vsrx1>
/var/log/messagesに飛び込んできてくれない・・・
そもそもなんか設定が間違ってるかなということでtcpdumpでチェック
[root@covb ~]# tcpdump -i enp0s3 src host 10.0.2.110 and dst port snmptrap
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on enp0s3, link-type EN10MB (Ethernet), capture size 262144 bytes
15:59:56.033841 IP 10.0.2.110.60834 > covb.snmptrap: C="snmp-trap" V2Trap(394) system.sysUpTime.0=279340 S:1.1.4.1.0=E:2636.4.1.9 E:2636.3.1.15.1.1.1073741824.1073741823.1073741823.1073741823=1073741824 E:2636.3.1.15.1.2.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.3.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.4.1073741824.1073741823.1073741823.1073741823=1073741823 E:2636.3.1.15.1.5.1073741824.1073741823.1073741823.1073741823="abcdefghijklmnopqrst" E:2636.3.1.15.1.6.1073741824.1073741823.1073741823.1073741823=18 E:2636.3.1.15.1.7.1073741824.1073741823.1073741823.1073741823=1073741823 S:1.1.4.3.0=E:2636.1.1.1.2.96
^C
1 packet captured
7 packets received by filter
0 packets dropped by kernel
[root@covb ~]#
snmptrap自体は届いてはいる模様
またgoogle先生にご意見を伺ったところ snmptrapd.conf も編集する必要があるらしい
と、いうことで↓を追記
[root@covb ~]# vim /etc/snmp/snmptrapd.conf
authCommunity log,execute,net banSnmp
まだダメ・・・
その後、生活環境が激変(転職しました)して時間がなくあまり手をつけられず2年が経っている・・・そろそろやらねば・・・
Discussion