HI,
Point one below is a bad thing to do, even though it seems pragmatic. The "source system" may not have an IPv4 address. It is WRONG to assume it does. It is wrong to lead writers of trap reveivers down the road of believing this.
On Tue, 25 Jan 2005, Andrew Hood wrote:
At present forwarded traps appear to come from the forwarder rather than the original source.
For v1 traps, should it copy the trap source address to the agent address if the agent address is zero?
For v2 (and I suppose v3) traps, should it add a varbind for SNMP-COMMUNITY-MIB::snmpTrapAddress with the trap source address if they do not already have that varbind?
In your world you might be right.
In my pragmatic world where:
1) I know that anything that causes a trap to be issued has an IP address and sends the trap itself, and
2) the security group *requires* me to proxy all SNMP traffic through firewalls,
if I use snmptrapd as a forwarder I lose the source address. That is unacceptable.
I'll have to fall back to a program I wrote several years ago, and insist that all trap sources send SNMPv1 packets.
Or "butcher" snmptrapd to suit my needs.
--
There's no point in being grown up if you can't be childish sometimes.
-- Dr. Who
------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
