In this recipe, we'll learn how to make NRPE listen on a specific IP address on a target host. This might be done on hosts with multiple interfaces in order to prevent spurious requests made to the
nrpe daemon from untrusted interfaces, perhaps the public Internet. It could also be appropriate for making the daemon only listen on a trusted VPN interface.
This setup can be particularly useful when the server has an interface into a dedicated management network to which the monitoring server also has access, preventing the
nrpe daemon from responding to requests on other interfaces unnecessarily and thereby closing a possible security hole.
You should have a target host configured for checking in a Nagios Core 4.0 or later monitoring server. The target host should be running the
nrpe daemon and listening on all interfaces (which we'll fix). You can verify that
nrpe is running with
# pgrep nrpe 29964 # ps -e | grep [n]rpe...