On Wed, 27 Apr 2022 at 12:30, Paban Agarwalla <pabanagarwa...@gmail.com> wrote:
> Would you please share some examples of context? > > snmpd.examples has some good, well, examples but a way of using contexts for overlapping OIDs is below. This is for two agents using the proxy method as its easier to see the results. This is a pretty wide access control so you would want to tighten it up in prod. The mapping is, no matter the OID: 127.0.0.1(public1) proxy to 127.0.0.11(public11) 127.0.0.1(public2) proxy to 127.0.0.12(public12) com2sec -Cn ctx1 sec1 default public1 com2sec -Cn ctx2 sec1 default public2 proxy -Cn ctx1 -v 1 -c public11 127.0.0.11 .1.3 proxy -Cn ctx2 -v 1 -c public12 127.0.0.12 .1.3 group proxygrp v1 sec1 view all included .1 access proxygrp ctx1 any noauth exact all none none access proxygrp ctx2 any noauth exact all none none Cut down wireshark output: $ sudo tshark -i lo -f 'src 127.0.0.1 and udp port 161' -Osnmp -l 2>/dev/null | egrep '(Internet Protocol|Simple|community:|Object Name:|^$)' Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Simple Network Management Protocol *community: public1* Object Name: 1.3.6.1.4.1.42 (iso.3.6.1.4.1.42) Internet Protocol Version 4, Src: 127.0.0.1, *Dst: 127.0.0.11* Simple Network Management Protocol *community: public11* Object Name: 1.3.6.1.4.1.42 (iso.3.6.1.4.1.42) and the second one: Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Simple Network Management Protocol *community: public2* Object Name: 1.3.6.1.4.1.42 (iso.3.6.1.4.1.42) Internet Protocol Version 4, Src: 127.0.0.1, *Dst: 127.0.0.12* Simple Network Management Protocol * community: public12* Object Name: 1.3.6.1.4.1.42 (iso.3.6.1.4.1.42) Same OID, different communities map internally to different contexts and therefore to different remote proxy hosts. - Craig
_______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders