On Jul 20, 2009, at 8:18 AM, Terry wrote: > On Fri, Jul 17, 2009 at 1:10 PM, Terry<td3...@gmail.com> wrote: >> Hello, >> >> I am seeing these rules on our firewall and don't understand them. >> >> Jul 17 13:00:20 10.98.1.1 %ASA-6-106015: Deny TCP (no connection) >> from >> 10.51.1.20/5666 to 10.98.1.120/56716 flags RST on interface VLAN51 >> >> The nagios server is able to hit the agent on 5666 just fine but why >> would the agent try to connect back to the nagios server on a high >> port? >> >> Thanks! >> > > Any ideas on this?
The high port side is surely the port used by the outbound NSCA connection to receive data during the conversation. Your firewall believes that outbound connection is terminated but the central host is still trying to close or reset the connection. While I'm certainly no TCP expert, the RST itself might be normal for Linux and HP clients (at least according to Wikipedia - http://en.wikipedia.org/wiki/Transmission_Control_Protocol - Connection Termination). I doubt it's NSCA itself and more likely to be your OS, but again, I'm no expert here and just edu-guessing... -- Marc ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
