com.googlecode.jsendnsca.core.NagiosException: Can't read initialisation vector

[Christian]

Hello.

I'm trying to use jsendnsca to send nsca messages to a nagios
server.

I already succeeded in sending it, but something was changed in the
nagios server side and I start receiving this exception message:

"com.googlecode.jsendnsca.core.NagiosException: Can't read
initialisation vector"

I do not have a clue about what to look for in the process of
correcting it.

Is it possible to explain what conditions would possible cause an
exception like this ?

I thank you in advance for any help.

Christian.

[Raj Patel]

Hi Christian,

The issue is as follows:

When you connect to NSCA daemon, which is used by Nagios to accept passive checks, it sends a initialisation vector. If the API doesn't receive this, it raises a NagiosException as it needs this in order to send the check.

To test this, you can telnet to your NSCA host (e.g. 192.168.2.1) as follows

telnet 192.168.2.1 5667

If you see some binary data served up as follows

rpatel@vm94:~> telnet localhost 5667
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
9?#?????B?
          R?)?w?i,!u??4=BX?D?T??Q ?\".UL????H?V?0?(??G??ۿ???KJ]?D?(W???;??????'m??I??G{?}^?]?}??Gk????|??I??W

Then the API can send the passive check. If you dont see the data, then restart NSCA and try again as this usually fixes the issue.

Ive seen this often in my live production environment and a restart normally solves it

Regards

Raj

2009/3/13 Christian <chri...@gmail.com>

--
Raj Patel
Mobile: 07957 446908
Home: 0208 371 1958

[Christian]

Hi Raj,

Thank you for your response.

I did the telnet as you suggested and I received the binary data but
when using the java program I am still receiving the same exception...

I did restarted NSCA anyway but the problem still persists.

Thank you again !

Christian.

On 13 mar, 19:43, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Hi Christian,
>
> The issue is as follows:
>
> When you connect to NSCA daemon, which is used by Nagios to accept passive
> checks, it sends a initialisation vector. If the API doesn't receive this,
> it raises a NagiosException as it needs this in order to send the check.
>
> To test this, you can telnet to your NSCA host (e.g. 192.168.2.1) as follows
>
> telnet 192.168.2.1 5667
>
> If you see some binary data served up as follows
>
> rpatel@vm94:~> telnet localhost 5667
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> 9?#?????B?
>           R?)?w?i,!u??4=BX?D?T??Q
> ?\".UL????H?V?0?(??G??ۿ???KJ]?D?(W???;??????'m??I??G{?}^?]?}??Gk????|??I??W
>
> Then the API can send the passive check. If you dont see the data, then
> restart NSCA and try again as this usually fixes the issue.
>
> Ive seen this often in my live production environment and a restart normally
> solves it
>
> Regards
>
> Raj
>

> 2009/3/13 Christian <chris....@gmail.com>

[Raj Patel]

Very strange,

The NagiosException is only designed to be raised in this circumstance as can be seen in the code snippet below

private byte[] readInitializationVector(DataInputStream inputStream) throws NagiosException, SocketTimeoutException {
        final byte[] initVector = new byte[INITIALISATION_VECTOR_SIZE];
        try {
            inputStream.readFully(initVector, 0, INITIALISATION_VECTOR_SIZE);
            return initVector;
        } catch (SocketTimeoutException ste) {
            throw ste;
        } catch (Exception e) {
            throw new NagiosException("Can't read initialisation vector", e);
        }
    }

In your application, can you see whats being reported in the exception e highlighted above. It should yield a stack trace such as below

com.googlecode.jsendnsca.core.NagiosException: Can't read initialisation vector

    at com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector(NagiosPassiveCheckSender.java:132)
    at com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.send(NagiosPassiveCheckSender.java:85)
    at ......
Caused by: java.io.EOFException
    at java.io.DataInputStream.readFully(DataInputStream.java:178)
    at com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector(NagiosPassiveCheckSender.java:127)
    ... 26 more

With the root cause being EOFException indicating there was not 128 bytes of data available to fully read the init vector (the binary data served on connection by NSCA)

One thing to check is what encryption mode you have set up on NSCA. The JSend NSCA api only works with no encryption or 'XOR encryption'

If the root cause exception is not the EOFException above, can you let me know as I may not be fully handling all cases.

Regards

Raj

2009/3/16 Christian <chri...@gmail.com>

[Christian]

Hello,

Sorry, I should have presented the stack trace before. :)

here it is:

SEVERE: Can't read initialisation vector

com.googlecode.jsendnsca.core.NagiosException: Can't read
initialisation vector
at
com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector
(NagiosPassiveCheckSender.java:132)
at com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.send
(NagiosPassiveCheckSender.java:85)

at com.sicpa.tt009.mibmonitor.model.MIBMonitor$1.run(MIBMonitor.java:
76)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.io.EOFException
at java.io.DataInputStream.readFully(DataInputStream.java:180)
at
com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector
(NagiosPassiveCheckSender.java:127)
... 3 more

I did try with option = 0 (no encryption) and with option = 1 (XOR
encryption) but the results are the same...

Thanks !

Christian.

On 16 mar, 13:08, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Very strange,
>
> The NagiosException is only designed to be raised in this circumstance as
> can be seen in the code snippet below
>
> private byte[] readInitializationVector(DataInputStream inputStream) throws
> NagiosException, SocketTimeoutException {
>         final byte[] initVector = new byte[INITIALISATION_VECTOR_SIZE];
>         try {
>             inputStream.readFully(initVector, 0,
> INITIALISATION_VECTOR_SIZE);
>             return initVector;
>         } catch (SocketTimeoutException ste) {
>             throw ste;

>         } catch (*Exception e*) {
>             throw new NagiosException("Can't read initialisation vector", *e
> *);

>         }
>     }
>
> In your application, can you see whats being reported in the exception e
> highlighted above. It should yield a stack trace such as below
>
> com.googlecode.jsendnsca.core.NagiosException: Can't read initialisation
> vector
>     at
> com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector(NagiosPassiveCheckSender.java:132)
>     at
> com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.send(NagiosPassiveCheckSender.java:85)
>     at ......

> *Caused by: java.io.EOFException*

>     at java.io.DataInputStream.readFully(DataInputStream.java:178)
>     at
> com.googlecode.jsendnsca.core.NagiosPassiveCheckSender.readInitializationVector(NagiosPassiveCheckSender.java:127)
>     ... 26 more
>
> With the root cause being EOFException indicating there was not 128 bytes of
> data available to fully read the init vector (the binary data served on
> connection by NSCA)
>
> One thing to check is what encryption mode you have set up on NSCA. The
> JSend NSCA api only works with no encryption or 'XOR encryption'
>
> If the root cause exception is not the EOFException above, can you let me
> know as I may not be fully handling all cases.
>
> Regards
>
> Raj
>

> 2009/3/16 Christian <chris....@gmail.com>

[Raj Patel]

Hi

Looks like you are getting an EOFException so suggests to me that on connection the initialisation vector is not being sent

Which version of NSCA are you using. You can check this as follows

rpatel@vm94:~> /usr/local/nagios/bin/nsca --help

NSCA - Nagios Service Check Acceptor
Copyright (c) 2000-2007 Ethan Galstad (www.nagios.org)
Version: 2.7.2

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Christian]

Hi,

This is the response from the command /usr/local/nagios/bin/nsca --
help

NSCA - Nagios Service Check Acceptor
Copyright (c) 2000-2007 Ethan Galstad (www.nagios.org)
Version: 2.7.2

Last Modified: 07-03-2007
License: GPL v2
Encryption Routines: NOT AVAILABLE
TCP Wrappers Available

Usage: /usr/local/nagios/bin/nsca -c <config_file> [mode]

Options:
<config_file> = Name of config file to use
[mode] = Determines how NSCA should run. Valid modes:
--inetd = Run as a service under inetd or xinetd
--daemon = Run as a standalone multi-process daemon
--single = Run as a standalone single-process daemon (default)

Notes:
This program is designed to accept passive check results from
remote hosts that use the send_nsca utility. Can run as a service
under inetd or xinetd (read the docs for info on this), or as a
standalone daemon.

Thanks.

Christian.

On 17 mar, 08:40, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Hi
>

> Looks like you are getting an EOFException so suggests to me that on
> connection the initialisation vector is not being sent
>
> Which version of NSCA are you using. You can check this as follows
>
> rpatel@vm94:~> /usr/local/nagios/bin/nsca --help
>
> NSCA - Nagios Service Check Acceptor
> Copyright (c) 2000-2007 Ethan Galstad (www.nagios.org)
> Version: 2.7.2
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

[Raj Patel]

OK, just wanted to confirm this wasn't a version thing I overlooked

Can you confirm what encryption mode (X below) you have configured in /usr/local/nagios/etc/nsca.cfg

Should be a line starting with decryption_method=X

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Christian]

I did try both 0 and 1 (noencryption and XOR encription).

In this very moment I am using decryption_method=1 in the cfg file
and "nagset.setEncryptionMethod(NagiosSettings.XOR_ENCRYPTION);" in my
program.

Thanks.

Christian.

On 17 mar, 08:57, Raj Patel <rajneeshpa...@gmail.com> wrote:
> OK, just wanted to confirm this wasn't a version thing I overlooked
>
> Can you confirm what encryption mode (X below) you have configured in
> /usr/local/nagios/etc/nsca.cfg
>
> Should be a line starting with decryption_method=X
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

[Raj Patel]

Now im lost for ideas,

Only thing I can think of is to try and reinstall NSCA . Everything which you have confirmed for me suggests the setup is correct.

Have you got another NSCA instance you can test against is the only other thing I can suggest

Sorry I cant be much more help at the moment.

2009/3/17 Christian <chri...@gmail.com>

[Christian]

Hi Raj,

One interesting thing is that I was able to send nsca messages,
using jsendnsca, to this Nagios server before... then the admin did
restarted the server after changing some settings in a service
definition on Nagios... after this I begin receiving this exception.

I already rebooted that server and restarted the NSCA service many
times but the problem persisted.

Yes, I do have another machine with NSCA and I am receiving the same
message from it too... :(

I will continue to test and will keep you informed of any progress.

Thanks !

Christian.

On 17 mar, 09:33, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Now im lost for ideas,
>
> Only thing I can think of is to try and reinstall NSCA . Everything which
> you have confirmed for me suggests the setup is correct.
>
> Have you got another NSCA instance you can test against is the only other
> thing I can suggest
>
> Sorry I cant be much more help at the moment.
>

> 2009/3/17 Christian <chris....@gmail.com>

[Christian]

Raj,

Many times the problems accessing services in a Linux server has to
do with permissions...

Is it possible that some resource needed by jsendnsca has the wrong
permissions and may be blocked ?

Thanks.

Christian.

On 17 mar, 09:33, Raj Patel <rajneeshpa...@gmail.com> wrote:

> Now im lost for ideas,
>
> Only thing I can think of is to try and reinstall NSCA . Everything which
> you have confirmed for me suggests the setup is correct.
>
> Have you got another NSCA instance you can test against is the only other
> thing I can suggest
>
> Sorry I cant be much more help at the moment.
>

> 2009/3/17 Christian <chris....@gmail.com>

[Raj Patel]

Hi

Often this is the case when accessing files and the like.

However, since this is TCP/IP, as long as there is no firewall causing issues, all should be ok
if you can telnet to NSCA on 5667.

Are you able to run your program on the same host as where NSCA is running?
If so, do you see the same issue?

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Christian]

I just tried to run my program in the same host where NSCA is
running... the result is the same...

Thanks.

Christian.

P.S. I will do another test, isolating just a small part of my
program and will post to you.

On 17 mar, 14:00, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Hi
>

> Often this is the case when accessing files and the like.
>
> However, since this is TCP/IP, as long as there is no firewall causing
> issues, all should be ok
> if you can telnet to NSCA on 5667.
>
> Are you able to run your program on the same host as where NSCA is running?
> If so, do you see the same issue?
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Christian]

Raj,

This is a small program I did write and run just a minute ago and
presented the same exception...

Can you see anything wrong on it ? My last hope is that the problem
is inside my code...

===================================================================
import com.googlecode.jsendnsca.core.MessagePayload;
import com.googlecode.jsendnsca.core.NagiosPassiveCheckSender;
import com.googlecode.jsendnsca.core.NagiosSettings;

public class TestNSCA
{
public static void main(String[] args)
{
try
{
NagiosSettings nagset = new NagiosSettings();
nagset.setPort(5667);
nagset.setNagiosHost("10.25.9.112");
nagset.setConnectTimeout(5000);
nagset.setTimeout(3000);
nagset.setEncryptionMethod(NagiosSettings.XOR_ENCRYPTION);
nagset.setPassword("xyz");

NagiosPassiveCheckSender sender = new NagiosPassiveCheckSender
(nagset);
MessagePayload mp = new MessagePayload();

mp.setHostname("DMSDEV");
mp.setServiceName("TESTE");
mp.setMessage("TESTING NSCA...");
mp.setLevel(0);
sender.send(mp);
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
================================================================

Thanks !

Christian.

On 17 mar, 14:00, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Hi
>

> Often this is the case when accessing files and the like.
>
> However, since this is TCP/IP, as long as there is no firewall causing
> issues, all should be ok
> if you can telnet to NSCA on 5667.
>
> Are you able to run your program on the same host as where NSCA is running?
> If so, do you see the same issue?
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Raj Patel]

Just tried that code myself and works. Only thing unusual is you have set the connect timeout greater than the response timeout as usually you want the connect timeout to be quite small, say 5 secs and the response around 15 secs.

From where you run this code, can you send me the output of running the below from the command line

telnet 10.25.9.112 5667

Also, can you set the connection timeout to something like 10000 and and response timeout to 30000 to see if that makes a difference (although if it works with these sorts of timeouts, suggests a very slow network)

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Christian]

Hi Raj

This is the output from the telnet:

=========================================================

Trying 10.25.9.112...
Connected to 10.25.9.112.

Escape character is '^]'.

Rg1ëμ­Ù{߬¾½ßX¡dQ/ü89þ²e¾4zK~Æí+

* È
aÏ«Å Ûe½+owê«dY¹ã ¦¦²:¯{DJï×kË<ÞÛFð¶gñÄVË:?rIæ$Ǧê·}UºÞa$Q

=========================================================

The result with the timeouts you suggested is the same...

Thanks !

Christian.

On 17 mar, 16:29, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Just tried that code myself and works. Only thing unusual is you have set
> the connect timeout greater than the response timeout as usually you want
> the connect timeout to be quite small, say 5 secs and the response around 15
> secs.
>
> From where you run this code, can you send me the output of running the
> below from the command line
>
> telnet 10.25.9.112 5667
>
> Also, can you set the connection timeout to something like 10000 and and
> response timeout to 30000 to see if that makes a difference (although if it
> works with these sorts of timeouts, suggests a very slow network)
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Christian]

Hi Raj,

Just to add more information.

I did run that small program I sent to you in the same server where
NSCA is running... this time it worked ! The Nagios web interface
even shows the message I set in jsendnsca... but if I run the program
(the same jar) in a remote computer I still receive that exception.

Thanks !

Christian.

On 17 mar, 16:29, Raj Patel <rajneeshpa...@gmail.com> wrote:

> Just tried that code myself and works. Only thing unusual is you have set
> the connect timeout greater than the response timeout as usually you want
> the connect timeout to be quite small, say 5 secs and the response around 15
> secs.
>
> From where you run this code, can you send me the output of running the
> below from the command line
>
> telnet 10.25.9.112 5667
>
> Also, can you set the connection timeout to something like 10000 and and
> response timeout to 30000 to see if that makes a difference (although if it
> works with these sorts of timeouts, suggests a very slow network)
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Raj Patel]

Hi Christian,

Seems like some sort of network issue. I'm wondering if a network element such as a firewall or content switch could be interfering with the network connection between your code when running remotely and the NSCA daemon

Can you confirm if this is the case? Also, have you got any other servers on the same VLAN or network as the NSCA daemon where you could try your small test program.

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Raj Patel]

One more thing

Not sure how feasible this would be for you but could you run send_nsca (the client program supplied with NSCA) from your remote computer and see if that works.

Regards

Raj

2009/3/17 Raj Patel <rajnee...@gmail.com>

[Christian]

Hi Raj,

Just to add more information about the problem... I did run that
small program in the same server where NSCA is running, as root, and
it worked !

I still suspect that something related to permissions is the cause
of the exception.

Thanks !

Christian.

P.S. This is the second time I write this email... the first one just
vanished !

On 17 mar, 16:29, Raj Patel <rajneeshpa...@gmail.com> wrote:

> Just tried that code myself and works. Only thing unusual is you have set
> the connect timeout greater than the response timeout as usually you want
> the connect timeout to be quite small, say 5 secs and the response around 15
> secs.
>
> From where you run this code, can you send me the output of running the
> below from the command line
>
> telnet 10.25.9.112 5667
>
> Also, can you set the connection timeout to something like 10000 and and
> response timeout to 30000 to see if that makes a difference (although if it
> works with these sorts of timeouts, suggests a very slow network)
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Raj Patel]

Hi Christian

Could well be based on your findings. Unfortunately, not much of an expert when it comes to linux permissions but got some gurus at work I can check to see if this could be the cause.

If I find out anything of use, will let you know. Meanwhile good luck and hope you get to the bottom of it

Regards

Raj

2009/3/17 Christian <chri...@gmail.com>

[Christian]

Hello Raj,

Sorry for the big delay in reporting the results of my tests...

The problem was in the server's firewall... I was being blocked, so
the response from the NSCA server was not being received. Once the
permissions were granted everything worked 100%.

I want to thank you for your kind support.

Regards.

Christian.

On 18 mar, 04:28, Raj Patel <rajneeshpa...@gmail.com> wrote:
> Hi Christian
>
> Could well be based on your findings. Unfortunately, not much of an expert
> when it comes to linux permissions but got some gurus at work I can check to
> see if this could be the cause.
>
> If I find out anything of use, will let you know. Meanwhile good luck and
> hope you get to the bottom of it
>
> Regards
>
> Raj
>

> 2009/3/17 Christian <chris....@gmail.com>

> ...
>
> mais »

[Raj Patel]

Hi Christian

Thanks for getting back with your findings and glad its resolved now

Regards

Raj

2009/4/16 Christian <chri...@gmail.com>

[Bruce Ricard]

How is it possible that he had a firewall issue with java, but was able to get the vector with telnet?

I am having the same issue...

[Raj Patel]

Agree it sounds strange as would have thought it tcp/ip packets presents itself to firewall as the same, irrespective of whether from Java or telnet

--
You received this message because you are subscribed to the Google Groups "jsend-nsca" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jsend-nsca+...@googlegroups.com.
To post to this group, send email to jsend...@googlegroups.com.
Visit this group at http://groups.google.com/group/jsend-nsca.
For more options, visit https://groups.google.com/d/optout.