Hi. On Tuesday 24 January 2006 19:23, Dave Shield wrote: > On Tue, 2006-01-24 at 06:01 +1000, Nigel Cunningham wrote: > > But I want it to be authorised by the final destination; I just want > > the trapd that's forwarding the trap to do so without requiring the > > authentication details to be configured on it as well. > > Then you probably need to step in at a much earlier stage - before > the SNMP request packet is even parsed. I'm not an SNMPv3 expert, > but I'm not convinced that simply skipping the USM checks is safe > (or will even work). > The authentication of the request is done at a very low level, > and is basically a digital checksum. If this checksum doesn't > match, then the packet is regarded as corrupt, and will be discarded. > It's not simply a case of checking a username and password.
Yeah. I think I mentioned I've been using ddd on the trap daemon. > And if you want the final destination to authenticate the request, > then the trap-forwarder must also forward any engine probe requests > (and return the responses to the original trap generator). The > trap-forwarder needs to act as a switch rather than a router :-) > > SNMPv3 notifications are Not Simple. Yeah. I simplified the usm model a little for our (Cyclades') new OnBoard product, so I have a good idea of Not Simple :>. Looking deeper into the source code only increases the number of capital letters :). > But feel free to have a go. Some people think Suspend2 is complicated. I should point them here :) > Dave Regards, Nigel ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
