[Xymon] UDP open ports monitoring
Jeremy Laidman
jlaidman at rebel-it.com.au
Mon Mar 17 04:33:02 CET 2014
On 17 March 2014 13:25, Mark Felder <feld at feld.me> wrote:
> The real question is *how* ? How exactly do you check remotely if a UDP
> port is open? There is no state; there is no 3-way handshake. You will have
> to write code that speaks the protocol of the UDP service you're monitoring
> to prove it's there and listening/functioning.
I think the OP is using the term "open" to mean "listening" (state=LISTEN).
If you click on the word "port" on any page that lists hosts, it shows the
column info, which in this case is something like "...shows the status of
select tcp ports and connections that are expected to exist on the
system." So the original purpose was to detect TCP port states, and it
seems that this is not too difficult because the TCP output from netstat is
fairly consistent across different Unices. But non-TCP ports seem to vary
a lot more between Unices. It would have been opening a can of worms to
attempt to include all the different UDP formats, not to mention other
types of sockets, so only TCP was included. But I see no reason to include
UDP sockets in the same port page as you have done, if the netstat output
shows the same format as for TCP sockets.
This is a neat trick. On some of my servers where the number of half-open
and half-closed sockets is interesting to me, I get Xymon to watch those
states using the "TRACK" keyword, and I end up with alerts and graphs for
all the different states. It only works for TCP sockets of course, but I
think I could extend it to track established UDP sockets also. FreeBSD
netstat output never seems to show a state, even for established
connections, but I can match established connections (excluding listening
connections) with "REMOTE=*.*".
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20140317/84dfd0fd/attachment.html>
More information about the Xymon
mailing list