Setting allowed client hosts for NRPE
In this recipe, we'll learn how to configure the nrpe daemon to answer requests from a particular IP address, typically the designated Nagios Core server or servers monitoring your network. This means that nrpe will not run plugins or return results for any check_nrpe request made from IP addresses not in this list.
This is an elementary security step in running an NRPE server, as, if your target host has interfaces or routes into untrusted networks, there is a risk of attackers making spurious requests for information about the system, clogging up your disk with logs from excessive check requests, or even possibly exploiting the nrpe daemon or the Nagios Plugins. This should be done in concert with a hardware or software firewall and security policy.
Getting ready
You should have a target host configured for checking in a Nagios Core 4.0 or later monitoring server. The target host should be running the nrpe daemon. You can verify that nrpe is running with...
