I made the following change to my copy of mon---I think it does what
is intended, that auth.cf includes a crypted copy of the desired
community string, which is then compared against a copy of the
recieved community string crypted using the same salt.
Maybe now I'll figure out how to generate the actual traps...
Index: mon
===================================================================
RCS file: /space/CVS/packages/mon/source/mon,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -u -r1.2 -r1.3
--- mon 9 Oct 2001 02:01:33 -0000 1.2
+++ mon 25 Oct 2001 17:24:20 -0000 1.3
@@ -3498,7 +3498,7 @@
}
($host, $password) = ($1, $2);
- $AUTHSNMPTRAPS{$host}{$password} = 1;
+ $AUTHSNMPTRAPS{$host} = $password;
} else {
syslog ('err', "unknown section in $CF{AUTHFILE}: $l");
@@ -3669,7 +3669,7 @@
}
if ($AUTHSNMPTRAPS{$fromip} ne
- crypt ($traphash{"community"}, $traphash{"community"})) {
+ crypt ($traphash{"community"}, $AUTHSNMPTRAPS{$fromip})) {
syslog ('err', "unauthorized community from agent: $fromip");
return undef;
}
