Loading...

XML

Word

Printable

Type: Problem report
Resolution: Fixed
Priority: Major
Fix Version/s: 4.0.7rc1, 4.2.1rc1, 4.4.0alpha1, 4.4 (plan)
Affects Version/s: 4.0.6, 4.2.0, 4.4.0alpha1, 4.4 (plan)
Component/s: Agent (G), Proxy (P), Server (S)
Labels:
None
Environment:
Ubuntu 16.04.6 LTS

Sprint:
Sprint 51 (Apr 2019)
Story Points:
1

Steps to reproduce:

# cat /etc/zabbix/zabbix_agentd.conf
PidFile=/var/run/zabbix/zabbix_agentd.pid
LogFile=/var/log/zabbix/zabbix_agentd.log
Server=localhost

Result:
Any external host can query Agent:

user@any-other-host:~# zabbix_get -s _agent_ip_ -p 10050 -k "agent.ping"
1

Expected:
Agent config has localhost in Server line, it should not allow queries from any external host:

user@any-other-host:~# zabbix_get -s _agent_ip_ -p 10050 -k "agent.ping"
zabbix_get [14433]: Get value error: connection closed during read
zabbix_get [14433]: Check access restrictions in Zabbix agent configuration

Agent Environment:

Log:
  1005:20190406:000153.503 Starting Zabbix Agent [vm-agent]. Zabbix 4.2.0 (revision 91746).
  1005:20190406:000153.503 **** Enabled features ****
  1005:20190406:000153.503 IPv6 support:          YES
  1005:20190406:000153.503 TLS support:           YES
  1005:20190406:000153.503 **************************
  1005:20190406:000153.503 using configuration file: /etc/zabbix/zabbix_agentd.conf
  1005:20190406:000153.505 agent #0 started [main process]
  1017:20190406:000153.505 agent #1 started [collector]
  1020:20190406:000153.507 agent #3 started [listener #2]
  1018:20190406:000153.508 agent #2 started [listener #1]
  1021:20190406:000153.511 agent #4 started [listener #3]

# getent ahosts localhost
::1             STREAM localhost
::1             DGRAM  
::1             RAW    
127.0.0.1       STREAM
127.0.0.1       DGRAM  
127.0.0.1       RAW   

# grep -i 'hosts' /etc/nsswitch.conf
hosts:          files dns

# cat /etc/resolv.conf
nameserver 8.8.8.8

# ss -ltupn | grep -i zabbix
tcp    LISTEN     0      128       *:10050                 *:*                   users:(("zabbix_agentd",pid=1021,fd=5),("zabbix_agentd",pid=1020,fd=5),("zabbix_agentd",pid=1018,fd=5),("zabbix_agentd",pid=1017,fd=5),("zabbix_agentd",pid=1005,fd=5))
tcp    LISTEN     0      128      :::10050                :::*                   users:(("zabbix_agentd",pid=1021,fd=6),("zabbix_agentd",pid=1020,fd=6),("zabbix_agentd",pid=1018,fd=6),("zabbix_agentd",pid=1017,fd=6),("zabbix_agentd",pid=1005,fd=6))

# ps auxww | grep -i zabbix
zabbix    1005  0.0  0.1 104940  3460 ?        S    00:01   0:00 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf
zabbix    1017  0.0  0.1 104940  2904 ?        S    00:01   0:00 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
zabbix    1018  0.0  0.2 104940  4740 ?        S    00:01   0:00 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
zabbix    1020  0.0  0.2 104940  4740 ?        S    00:01   0:00 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
zabbix    1021  0.0  0.2 104940  4740 ?        S    00:01   0:00 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]

caused by

ZBX-10820 Potential loss of data when server/proxy processes zabbix_sender data

Closed

ZBX-15399 „::/0“ in allowed hosts for Zabbix Trapper Items doesn't allow IPv4 anymore

Closed

mentioned in: Page Loading...

Assignee:: Andris Mednis

Reporter:: Ivan Vanyushkin

Team:: Team A

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2019 Apr 06 00:16

Updated:: 2024 Apr 10 16:56

Resolved:: 2019 Apr 15 23:12

Details

Description

Attachments

Issue Links

Activity

People

Dates