Thanks Dave - that would make our configuration much easier. I had only tested the "rocommunity" with a community string, didn't realize that you could add a source [hey, Wendy, read all of the doc next time! ;-) ]
I've changed the IP table in my MIB since I sent it to the list, based on the feedback about IP and MIB-II information (thanks again for that!) - we're now returning some physical information (including MAC address, only for a consistent way to identify the NIC), along with our definition of 'operational status' and 'link status'. I've removed all of the IP address information. ~ Wendy Hope your chamber music "marathon" went well! -----Original Message----- From: Dave Shield [mailto:[EMAIL PROTECTED] Sent: Monday, January 21, 2008 6:53 AM To: McGowen, Wendy Cc: [email protected] Subject: Re: General security usage question > it would be much easier to set up the configuration mechanism for this: > rocommunity <community string to be entered by user> > than for the more robust (and secure) "community name mapped to security > name mapped to group name mapped to view mapped to access rights" > method. But that's exactly what "rocommunity" does. It's just that all the processing is handled under the hood - you don't see the details unless you actually look at the VACM tables. So what you really need to support are the two formats: rocommunity <string> and rocommunity <string> <source> That would give you the two styles of access control that you've mentioned, without having to worry about the complexity of the full com2sec/group/view/access mechanism. Dave PS: No - I haven't forgotten about the MIB review I promised. It's just been a busy couple of weeks! ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
