Setting the listening address for NRPE
In this recipe, we'll learn how to make NRPE listen on a specific IP address on a target host. This might be done on hosts with multiple interfaces in order to prevent spurious requests made to the nrpe daemon from untrusted interfaces, perhaps the public Internet. It could also be appropriate for making the daemon only listen on a trusted VPN interface.
This setup can be particularly useful when the server has an interface into a dedicated management network to which the monitoring server also has access, preventing the nrpe daemon from responding to requests on other interfaces unnecessarily and thereby closing a possible security hole.
Getting ready
You should have a target host configured for checking in a Nagios Core 4.0 or later monitoring server. The target host should be running the nrpe daemon and listening on all interfaces (which we'll fix). You can verify that nrpe is running with pgrep(1) or ps(1):
# pgrep nrpe 29964 # ps -e | grep [n]rpe...
