On 28 July 2010 14:37, Roberto Greiner <[email protected]> wrote:
> You are right. I´ve tried it the original box (with version 5.4.1), and
> it accepted the token, but it did not achieve the desired effect. With
> that token in snmpd.conf, no connection is being logged, valid or not.
Remember that TCP wrappers are only concerned with whether a
connection is allowed to a given port. It works at the transport
layer, not anything higher.
If the TCP wrappers control file (typically /etc/hosts.allow) is
configured to block particular hosts, then this *would* be logged.
[See netsnmp_agent_check_packet() in agent/snmp_agent.c]
> I was looking for something that would log only invalid
> connections (invalid community, unauthorized IP, etc). Any ideas?
That's working at a higher level in the protocol stack - TCP wrappers
won't help you here.
Try
authtrapenable 1
That should generate notifications (to your specified trap sinks)
when an unauthorised request is received from a (TCP-wrapper
acceptable) source.
Anything else, you're probably going to have to hack the code.
Dave
------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Net-snmp-users mailing list
[email protected]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
