--- On Fri, 6/26/09, Dave Shield <[email protected]> wrote:
> From: Dave Shield <[email protected]> > Subject: Re: snmptrapd.conf: Error: bad security level (noauthnopriv, > authnopriv, authpriv) > To: "PoWah Wong" <[email protected]> > Cc: "net-snmp-users" <[email protected]> > Received: Friday, June 26, 2009, 4:15 PM > The -d option will display a raw packet dump of the > incoming trap *before* > it is processed. Is this what you are > seeing? Yes. A dump of the incoming trap *before* it is processed. > > > > snmptrapd.conf is as follows: > > createUser admin MD5 12345678 DES 87654321 > > createUser adminwindows MD5 12345678 DES 87654321 > > > > authuser log admin > > logOption s u > > You seem to have dropped the "disableAuthorization yes" > line, > which I suggested a few days ago. That is > definitely worth > keeping for now, until you manage to get traps received > successfully. Then you can start putting back these > security > checks. > But the first thing is to ensure that > traps are being received > by snmptrapd. > > > Alternatively, as Mike suggests, you could add an > "authCommunity" > line in order to accept SNMPv1 or v2c > notifications. You haven't > said what community you used, but that's the name you need > to > provide in this line. > > But I'd recommend that you simplify things as much as > possible > first, and only start putting back the authentication stuff > once the > fundamentals are working. > > Dave > You are right. It is my fault. I put back the "disableAuthorization yes" line. Sending a v2c trap "snmptrap -e 0x0102030405 -v 2c -u admin -c public 172.20.11.72 42 coldStart.0" will see a one- or two-line readable summary of the trap content. Good! Thank you! # snmptrapd -f -C -c /home/powah/snmp/snmptrapd.conf -Lo netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() NET-SNMP version 5.4.1 2009-06-26 22:08:21 pc.mycomp.com [UDP: [172.20.11.230]:32798]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (42) 0:00:00.42 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-MIB::coldStart.0 However, sending a v3 trap "snmptrap -e 0x0102030405 -v 3 -u admin -l auth -a MD5 -A 12345678 172.20.11.72 42 coldStart.0" or "snmptrap -e 0x0102030405 -v 3 -u admin 172.20.11.72 42 coldStart.0" do not see any readable summary of the trap content. /home/powah/snmp/snmptrapd.conf is as follows: createUser admin MD5 12345678 DES 87654321 createUser adminwindows MD5 12345678 DES 87654321 authCommunity log admin authuser log admin disableAuthorization yes logOption s u __________________________________________________________________ Yahoo! Canada Toolbar: Search from anywhere on the web, and bookmark your favourite sites. Download it now http://ca.toolbar.yahoo.com. ------------------------------------------------------------------------------ _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
