I have OpenWrt 19.07.3 running on a Linksys WRT1900AC. I have just added the Prometheus node exporter packages so that I can start scraping from a Prometheus server running on a raspberry pi.
The node exporter was installed successfully on the router, and it seems to be running fine as I can read the metrics from an ssh session running this command:
However, I cannot reach it from the raspberry pi which is on the same subnet as can be seen from the snippet below. The connection is refused (while ping is ok), so I'm suspecting that I need to open the port 9100 from the firewall traffic page.
pi@raspberrypi:~ $ curl http://10.221.47.1:9100/metrics
curl: (7) Failed to connect to 10.221.47.1 port 9100: Connection refused
pi@raspberrypi:~ $ ping 10.221.47.1
PING 10.221.47.1 (10.221.47.1) 56(84) bytes of data.
64 bytes from 10.221.47.1: icmp_seq=1 ttl=64 time=1.27 ms
I tried adding the following rule and restarting firewall, however I cannot manage.
The default firewall does not block any ports on the LAN.
Use netstat to confirm the server is listening port 9100 on all interfaces not just localhost. Often the default configuration of these sort of programs is to listen only on localhost. It is OK to listen on all IPs instead because the default firewall does block that port on the WAN so no one on the Internet can reach it.
Also for security you can tunnel the localhost port through ssh by adding -L 9100:localhost:9100 when you open the connection with your SSH client machine. Then open the browser on the client machine to localhost:9100 and you will actually access the router 9100.
