[ LUGOS ] snmp oddities
Stojan Rancic
stojan na bofh.cx
Sre Jan 17 09:26:46 CET 2001
Hojla
Ena zadeva me muci: na strezniku imam cmu-snmpd daemon.. zadeva lepo
dela, snmp pobira statistike iz njega,... Skratka, zadeva ima
nastavljen svoj access list takole :
-------------
com2sec local localhost community
com2sec mynetwork x.x.x.x. community
group MyRWGroup v1 local
group MyROGroup v1 mynetwork
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
-------------
.. kjer je x.x.x.x masina, ki ima dovoljen dostop.
Naknadno sem nastavil tole :
/sbin/ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT udp ------ x.x.x.x moja.kista.nekje any -> snmp
REJECT udp ----l- anywhere moja.kista.nekje any -> snmp
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
No, kaj me muci.. v loge dobivam redno tole :
Jan 17 08:29:06 kista ucd-snmp[17949]: Connection from y.y.y.y
Kjer je y.y.y.y ena ISP-jeva masina
tcpdump je pokazal tole :
08:29:06.255195 y.y.y.y.2093 > 255.255.255.255.snmp: GetNextRequest(11)[|snmp]
Skratka.. ce dam na primer snmpwalk iz ene random masine na mojo
masino, se to lepo rejecta z ipchains, logira v syslog and all:
Jan 17 09:17:58 kista kernel: Packet log: input REJECT eth0 PROTO=17 z.z.z.z:2894 x.x.x.x:161 L=74 S=0x00 I=61111 F=0x0000 T=60 (#2)
Jan 17 09:17:59 kista kernel: Packet log: input REJECT eth0 PROTO=17 z.z.z.z:2894 x.x.x.x:161 L=74 S=0x00 I=61112 F=0x0000 T=60 (#2)
Vprasanje torej : zakaj mi noce blokirat requestov iz ISP-jeve masine ? Kako te broadcast
zadeve blokirat ?
GreetZ, Stojan
---------------
Dawn: The time when men of reason go to bed.
Dodatne informacije o seznamu Starilist