>I don't think that this is the problem - I've had a quick look at the 5.6.x >code >that displays the source/destination addresses, and this appears to be >hardcoded to be "remote -> local" (i.e. the correct order for dumping >*received* traffic, but the wrong order for sending). > >The thing that springs out in your dump is the port number being used. > >The 5.4.x version is fine: >> Sending 110 bytes to UDP: [0.0.0.0]->[172.22.227.66]:162 > >but the 5.6.x version is using the 'query' port of 161 >> Sending 111 bytes to UDP: [172.22.227.66]:161->[0.0.0.0]:0 > >It's possibly worth specifying the port explicitly (i.e. $trap_dest:162) >[Though that doesn't explain why this should be necessary] > > >Give that a go, and let us know if it makes a difference > >Dave
Adding :162 to the $trap_dest variable (traptarget:162) did result in correct behavior. I've not found anything in any of the config files that would indicate an over-ride. The source in the 5.6.1.rc2 /include directory does have: ./net-snmp/library/snmp.h:#define SNMP_TRAP_PORT 162 /* standard UDP port for SNMP Though I don't see where in snmptrap code that gets used in either version Very odd! Thanks for your help - if there's someplace else to look to try to understand why adding the :162 is necessary, please let me know. Al T. Rowe Price (including T. Rowe Price Group, Inc. and its affiliates) and its associates do not provide legal or tax advice. Any tax-related discussion contained in this e-mail, including any attachments, is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding any tax penalties or (ii) promoting, marketing, or recommending to any other party any transaction or matter addressed herein. Please consult your independent legal counsel and/or professional tax advisor regarding any legal or tax issues raised in this e-mail. The contents of this e-mail and any attachments are intended solely for the use of the named addressee(s) and may contain confidential and/or privileged information. Any unauthorized use, copying, disclosure, or distribution of the contents of this e-mail is strictly prohibited by the sender and may be unlawful. If you are not the intended recipient, please notify the sender immediately and delete this e-mail. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
