Dave,
After I added a view to exclude snmpCommunitTable, read-only community
"public" cannot populate any object even sysUpTime.
Here is the snmpd.conf access control lines:
com2sec SecNameAllRO default public
group GroupAllRO v2c SecNameAllRO
view ViewRO excluded .1.3.6.1.6.3.18.1.1
access GroupAllRO "" any noauth exact ViewRO none none
Did I miss anything for ViewRO? I wonder do I need to include .1 and
then exclude .1.3.6.1.6.3.18.1.1? What the mask value should be for
ViewRO?
Thanks
Emi
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Dave Shield
Sent: Friday, April 18, 2008 4:56 PM
To: Emi Yanagi
Cc: [email protected]
Subject: Re: SNMP-COMMUNITY-MIB security question
On 18/04/2008, Emi Yanagi <[EMAIL PROTECTED]> wrote:
> What data structure(s) or field(s) I should look into?
> Or are you talking about snmpd.conf configuration?
Yes - I'm talking about the snmpd.conf access control settings.
Define a view that excludes the snmpCommunityTable.
Then configure "public" to have access to this view.
See snmpd.conf(5) or the relevant FAQ entry for details
about how to configure access control.
Alternatively, use an agent that doesn't implement this table.
Like (for example), the standard Net-SNMP agent :-)
Dave
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
