Dave Shield wrote:
On Sat, 2005-08-20 at 21:00 -0700, David T. Perkins wrote:
When I send a v1 or v2c trap, I get the packet dump
and a decode. But when I send a v3/USM trap I get
just a packet dump.
It looks as if this is probably due to the handling of
engineIDs. I found that sending a v3/USM trap was
discarded (as you describe) but a v3/USM inform request
was processed successfully.
[...]
I'm wondering whether we need to support a "wildcard"
engineID mechanism. Something like
createUser -e * user ....
which would match the specified username with *any* engineID.
I don't think we should do this, because it doesn't seem to match the
intention of the RFCs. Wes (I think) has written up an excellent summary
here:
http://www.net-snmp.org/tutorial/tutorial-5/commands/snmptrap-v3.html
also, how can I tell
if the pass phrase matches for authNoPriv or authPriv?
Well, if the pass phrase doesn't match, then the incoming
PDU will be discarded. So if the notification gets as
far as the trap handler, then you know that the pass
phrase must have matched.
"-Dusm" will add more verbosity about why SNMPv3 messages are dropped or
accepted.
Does this solve your problems, David? (As always, your suggestions would
be highly appreciated.)
+Thomas
--
Thomas Anders (thomas.anders at blue-cable.de)
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
