Permitir regras de iptables para agentes Zabbix

Luiz Thursday, October 22, 2020 0

Como habilitar a porta Zabbix em diferentes firewalls Linux. Por exemplo, nosso servidor Zabbix rodando em IP: 172.22.22.100, precisamos habilitar Zabbix-agent.d porta TCP/10050 nos cliente

iptables -I OUTPUT 1 -p tcp -s 172.22.22.100 --dport 10051 -j ACCEPT

iptables -I INPUT 1 -p tcp -s 172.22.22.100 --dport 10050 -j ACCEPT

AD-HOC com Ansible

$$ ansible -i inventory/hosts nodes -a "iptables -I OUTPUT 1 -p tcp 
-s 172.22.22.100--dport 10051 -j ACCEPT"


$$ ansible -i inventory/hosts nodes -a "iptables -I INPUT 1 -p tcp
 -s 172.22.22.100 --dport 10050 -j ACCEPT"

Teste com NMAP

PORT      STATE SERVICE
10050/tcp open  unknown

RedHat / Centos

Caso esteja com o firewall habilitado

firewall-cmd --new-zone=zabbix --permanent
firewall-cmd --permanent --zone=zabbix --add-source=10.10.0.5/32
firewall-cmd --permanent --zone=zabbix --add-port=10050/tcp
firewall-cmd --reload

No comments

Subscribe to: Post Comments ( Atom )