Bug#111263: marked as done (snmpd sends response packets with wrong source ip address)

Wed, 09 Jul 2008 07:41:21 -0700 

Your message dated Wed, 09 Jul 2008 16:37:15 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Fixed
has caused the Debian Bug report #111263,
regarding snmpd sends response packets with wrong source ip address
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
111263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=111263
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message --- 
package: snmpd
version: 4.2.1-6

We have an internal machine behind our firewall, running netsaint.  It is
using snmp to monitor remote machines at our colo.  For some machines, we have
several ip addresses aliased to one physical machine.  Ie:

ifconfig eth0 216.234.231.102 .....
ifconfig eth0:0 216.234.231.10 .....
ifconfig eth0:1 216.234.231.120 .....

.10 is our mail server, .120 is a dns server.  .102 is an unused ip address,
that is only used to connect to the machine.  All defined services use other
addresses.

We have configured netsaint to monitor the service addresses(.10, .120), as
those may be moved to other machines.  However, snmpd sends response pkts back
using the default outgoing address(0.0.0.0, which maps to .102).  This keeps a
2.4 nat firewall from demunging the response pkts.

dns requests(to .120) do not suffer this same problem.

boof:/usr/doc/iptables# cat /proc/net/ip_conntrack |grep 'dport=161 '
udp      17 22 src=192.168.2.3 dst=216.234.231.10 sport=2045 dport=161 
[UNREPLIED] src=216.234.231.10 dst=216.234.231.190 sport=161 dport=2045 use=1
udp      17 22 src=216.234.231.102 dst=216.234.231.190 sport=161 dport=2045 
[UNREPLIED] src=216.234.231.190 dst=216.234.231.102 sport=2045 dport=161 use=1

Take a look at the sport/dport values.  They are the same.  However, the
response pkt is being given the wrong ip.

--- End Message ---
--- Begin Message --- 
version: 5.4.1~dfsg-1

Hi,

this bug should be fixed since 5.4.1~dfsg-1.

Thanks,
Jochen

--- End Message ---

Reply via email to