Need Help Configuring BBWin on DMZ
list Wiskbroom
Hello;
I am trying to get BBWin installed on a box within a DMZ, my intention is to set this up so that the server pulls the data from the client.
My BBWin.cfg has this:
<setting name="bbdisplay" value="127.0.0.1:1984" />
<!-- <setting name="bbdisplay" value="yoursecondbbdisplay:port" />-->
<!-- BB Pager Part -->
<setting name="usepager" value="false" />
<setting name="bbpager" value="127.0.0.1" />
<setting name="pagerlevels" value="red yellow" /> --
I've tried various settings to the above, none allow me to telnet to localhost onto port 1984. There is no firewall, yet, preventing me from doing so. The windows agent has been started.
Somewhat related, although not yet at this step, are my servers settings, please see below.
My bb-hosts file will contain:
192.168.1.10 my-hostname # nconn hobbitfetch pulldata
The host is not-pingable, but I do allow outbound port 1984 to it.
The only other changes I am adding are to hobbitlaunch.cfg on my server:
[hobbitfetch]
# DISABLED <-- Comment it
ENVFILE /hobbit/server/etc/hobbitserver.cfg
CMD $BBHOME/bin/hobbitfetch --server=172.10.1.10 --no-daemon
--pidfile=$BBSERVERLOGS/hobbitfetch.pid <-- replace the IP by your Hobbit server one LOGFILE $BBSERVERLOGS/hobbitfetch.log
FYI: My Xymon servers IP is 172.10.1.10
Thank you,
.vadim
list Iain M Conochie
▸
user-ddebaeecde97@xymon.invalid wrote:
Hello; I am trying to get BBWin installed on a box within a DMZ, my intention is to set this up so that the server pulls the data from the client.
BBwin is a client, not a server so you are probably on a loser here....
▸
My BBWin.cfg has this:
<setting name="bbdisplay" value="127.0.0.1:1984" />
<!-- <setting name="bbdisplay" value="yoursecondbbdisplay:port" />-->
<!-- BB Pager Part -->
<setting name="usepager" value="false" />
<setting name="bbpager" value="127.0.0.1" />
<setting name="pagerlevels" value="red yellow" /> --
I've tried various settings to the above, none allow me to telnet to localhost onto port 1984. There is no firewall, yet, preventing me from doing so. The windows agent has been started.
Yes. The client does not listen on port 1984. That is the server I think you need to look at the proxy system here Cheers Iain
▸
Somewhat related, although not yet at this step, are my servers settings, please see below.
My bb-hosts file will contain:
192.168.1.10 my-hostname # nconn hobbitfetch pulldata
The host is not-pingable, but I do allow outbound port 1984 to it.
The only other changes I am adding are to hobbitlaunch.cfg on my server:
[hobbitfetch]
# DISABLED <-- Comment it
ENVFILE /hobbit/server/etc/hobbitserver.cfg
CMD $BBHOME/bin/hobbitfetch --server=172.10.1.10 --no-daemon
--pidfile=$BBSERVERLOGS/hobbitfetch.pid <-- replace the IP by your Hobbit server one LOGFILE $BBSERVERLOGS/hobbitfetch.log
FYI: My Xymon servers IP is 172.10.1.10
Thank you,
.vadim
list Wiskbroom
▸
iain at shihad wrote:
Hello; I am trying to get BBWin installed on a box within a DMZ, my intention is to set this up so that the server pulls the data from the client.BBwin is a client, not a server so you are probably on a loser here....
Based on your response, so is the "client" that is compiled, but "it" can be setup in this manner, although I've never done so, yet...
My BBWin.cfg has this:
▸
I've tried various settings to the above, none allow me to telnet to localhost onto port 1984. There is no firewall, yet, preventing me from doing so. The windows agent has been started.Yes. The client does not listen on port 1984. That is the server
I recall seeing this described in a thread sometime ago, but for *nix clients, are you saying that it will just not work at all on a windows client? What about using the BB windows agent?
I think you need to look at the proxy system here
Can you please describe what in the proxy I should be looking at/for? Many thanks, .vadim
list Iain M Conochie
▸
BBwin is a client, not a server so you are probably on a loser here....Based on your response, so is the "client" that is compiled, but "it" can be setup in this manner, although I've never done so, yet...
Well - you did not compile the BBWin client did you/ You need the hobbit / xymon server package and a linux / unix server. If you wanna test this I guess you could setup a VM on your windows machine
▸
My BBWin.cfg has this:I've tried various settings to the above, none allow me to telnet to localhost onto port 1984. There is no firewall, yet, preventing me from doing so. The windows agent has been started.Yes. The client does not listen on port 1984. That is the serverI recall seeing this described in a thread sometime ago, but for *nix clients, are you saying that it will just not work at all on a windows client? What about using the BB windows agent?
Again - BB windows agent is a client and not a server AFAIU you are trying to setup a system whereby you have a DMZ, and clients within the DMZ can send their status to a server on the DMZ which then forwards onto the main server OR you want a server within the DMZ to be able to pull the data from your clients and send them to the server. Is this correct? Which are you trying to achieve?
▸
I think you need to look at the proxy system hereCan you please describe what in the proxy I should be looking at/for?
First things first :) Iain
Many thanks, .vadim
list Wiskbroom
▸
From: iain To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] Need Help Configuring BBWin on DMZBBwin is a client, not a server so you are probably on a loser here....Based on your response, so is the "client" that is compiled, but "it" can be setup in this manner, although I've never done so, yet...Well - you did not compile the BBWin client did you/
No, I did not, I merely downloaded the msi.
▸
You need the hobbit / xymon server package and a linux / unix server. If you wanna test this I guess you could setup a VM on your windows machine
I recall seeing this described in a thread sometime ago, but for *nix clients, are you saying that it will just not work at all on a windows client? What about using the BB windows agent?Again - BB windows agent is a client and not a server
Yes, no kidding, but I am not trying to make it one neither...
▸
AFAIU you are trying to setup a system whereby you have a DMZ, and clients within the DMZ can send their status to a server on the DMZ which then forwards onto the main server OR you want a server within the DMZ to be able to pull the data from your clients and send them to the server. Is this correct? Which are you trying to achieve?
My windows machine exists on a DMZ which has no access to my xymon server. My xymon server however has access to the DMZ located windows client. I wish to have the windows DMZ client collect its own data and hold it for the Xymon server, which in turn will get it with a datafetch. My restrictions are based on rules from our security team and are not negotiable. I do not wish to create a VM running the Xymon server, although doing that will require the bb-proxy, which I assume is what you were referring to as proxy?
▸
I think you need to look at the proxy system hereCan you please describe what in the proxy I should be looking at/for?First things first :) Iain
Thanks, .vadim
list Iain M Conochie
▸
<snip>
My windows machine exists on a DMZ which has no access to my xymon server. My xymon server however has access to the DMZ located windows client. I wish to have the windows DMZ client collect its own data and hold it for the Xymon server, which in turn will get it with a datafetch. My restrictions are based on rules from our security team and are not negotiable. I do not wish to create a VM running the Xymon server, although doing that will require the bb-proxy, which I assume is what you were referring to as proxy?
You can disregard what I was saying about the proxy system as this is used for multiple clients to send data to which the forwards this onto the main hobbit server. I did not know if you meant a single client or multiple but now I see you mean a single client OK. So this windows client is the only client you wish to collect data from? In that case the hobbitfetch command uses msgcache to queue the messages. In this case I do not know if the BBWin client will support this functionality http://www.hswn.dk/hobbiton/2008/04/msg00079.html This is for the BBWin 0.11 client. So with standard tools you will probably not be able to do what you want. As for the VM yes the proxy I was refering to was bb-proxy. It is somewhat convuluted, and I am not sure if this would actually work but: WinServer ----> HobbitProxy VM / msgcache <-------- Real hobbit server. Does anyone know if you can use a combination of msgcache and hobbitproxy? Cheers Iain
▸
I think you need to look at the proxy system hereCan you please describe what in the proxy I should be looking at/for?First things first :) IainThanks, .vadim
list Padraig Lennon
Another approach to this is to install a cygwin ssh server on the windows host and configure it to use a reverse ssh tunnel. This is the approach we use at our company and works quite well http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://en.wikibooks.org/wiki/System_Monitoring_with_Xymon/Other_Docs/HOW TO#Monitor_Hobbit_clients_in_a_DMZ_using_reverse_SSH_tunnels regards Padraig Lennon Senior Systems Integration Engineer Pioneer Investments Management Ltd 5th Floor |Georges Quay Plaza | Georges Quay | Dublin 2 | Rep. of Ireland Tel. +353 (0)1 480.2081 user-7738cfcc6ae0@xymon.invalid | www.pioneerinvestments.com Please consider the environment before printing this e-mail
▸
-----Original Message-----
From: Iain M Conochie [mailto:user-c784e16a5170@xymon.invalid] Sent: 06 February 2010 13:06
To: user-ae9b8668bcde@xymon.invalid
Subject: Re: [hobbit] Need Help Configuring BBWin on DMZ
<snip>My windows machine exists on a DMZ which has no access to my xymon server. My xymon server however has access to the DMZ located windows client. I wish to have the windows DMZ client collect its own data and hold it for the Xymon server, which in turn will get it with a datafetch. My restrictions are based on rules from our security team and are not negotiable. I do not wish to create a VM running the Xymon server, although doing that will require the bb-proxy, which I assume is what you were referring to as proxy?
You can disregard what I was saying about the proxy system as this is used for multiple clients to send data to which the forwards this onto the main hobbit server. I did not know if you meant a single client or multiple but now I see you mean a single client OK. So this windows client is the only client you wish to collect data from? In that case the hobbitfetch command uses msgcache to queue the messages. In this case I do not know if the BBWin client will support this functionality http://www.hswn.dk/hobbiton/2008/04/msg00079.html This is for the BBWin 0.11 client. So with standard tools you will probably not be able to do what you want. As for the VM yes the proxy I was refering to was bb-proxy. It is somewhat convuluted, and I am not sure if this would actually work but: WinServer ----> HobbitProxy VM / msgcache <-------- Real hobbit server. Does anyone know if you can use a combination of msgcache and hobbitproxy? Cheers Iain
I think you need to look at the proxy system hereCan you please describe what in the proxy I should be looking at/for?First things first :) IainThanks, .vadim
-------------- next part -------------- "The information in this e-mail and in any attachments is confidential and intended solely for the attention and use of the named addressee(s). This information may be subject to legal, professional or other privilege and further distribution of it is strictly prohibited without our authority. If you are not the intended recipient, you are not authorised to and must not disclose, copy, distribute, or retain this message or any part of it, and should notify us immediately. This footnote also confirms that this email has been automatically scanned for the presence of computer viruses, profanities and certain file types." Pioneer Investment Management Limited. 1 George’s Quay Plaza, George’s Quay, Dublin 2, Ireland. Registered in Ireland no. 287793.