carpenike Tux's lil' helper

Joined: 10 Feb 2005 Posts: 127
|
Posted: Sun Aug 27, 2006 5:27 pm Post subject: SNMPd not Listening on some interfaces? (SOLVED) |
|
|
Hello,
I currently have a router with 3 interfaces on it (br0 (containing eth0 and eth1), eth2, and eth3).
I have snmpd running, but I can only access it via eth2, my local lan.
Code: | homerouter ~ # emerge -pv net-snmp
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] net-analyzer/net-snmp-5.2.1.2-r1 USE="perl ssl tcpd -X -doc -elf -ipv6 -lm_sensors -minimal -rpm -smux" 0 kB
Total size of downloads: 0 kB
|
I have shorewall running and have configured open access to my fw from my local lan.
Code: | homerouter ~ # emerge -pv shorewall
These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] net-firewall/shorewall-3.0.8 USE="-doc" 0 kB
Total size of downloads: 0 kB |
The ultimate goal is to enable SNMP to a DMZ client sitting off of my bridge group... taking one step at a time.
However, whenever I try to send snmp requests to the bridge group I get timeouts.
When I do a
Code: | homerouter ~ # tcpdump -evi br0 dst port 161
tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 68 bytes
13:23:31.204340 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:32.211234 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:33.221097 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:34.230959 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:35.240828 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:36.250701 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp: { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } } |
I see the packets entering my br0, and a quick check to my shorewall logs:
Code: | homerouter ~ # tail -f /var/log/ulogd.syslogemu
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00 SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1030 LEN=369
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00 SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1031 LEN=369
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00 SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1032 LEN=369
Aug 27 13:19:29 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00 SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11036 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:33 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00 SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11248 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:38 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00 SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11666 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:59 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00 SRC=24.73.115.40 DST=68.71.244.122 LEN=1058 TOS=00 PREC=0x00 TTL=114 ID=21024 PROTO=UDP SPT=10327 DPT=1026 LEN=1038
Aug 27 13:19:59 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00 SRC=24.210.255.104 DST=68.71.249.2 LEN=1058 TOS=00 PREC=0x00 TTL=114 ID=22275 PROTO=UDP SPT=9333 DPT=1026 LEN=1038
Aug 27 13:22:08 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00 SRC=24.124.176.75 DST=68.71.244.122 LEN=642 TOS=00 PREC=0x00 TTL=114 ID=12875 PROTO=UDP SPT=5911 DPT=1026 LEN=622
Aug 27 13:22:09 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00 SRC=24.169.212.164 DST=68.71.249.2 LEN=642 TOS=00 PREC=0x00 TTL=114 ID=14404 PROTO=UDP SPT=4747 DPT=1026 LEN=622 |
Would seem to make me believe that the firewall isn't actually blocking the port...
My guess is that snmp isn't actually responding to requests on the br0 interface...
Code: | homerouter ~ # netstat -pau
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:2048 *:* 6000/dnsmasq
udp 0 0 *:snmp *:* 11131/snmpd
udp 0 0 *:domain *:* 6000/dnsmasq
udp 0 0 *:bootps *:* 6000/dnsmasq
udp 0 0 *:bootpc *:* 4030/dhcpcd
udp 0 0 mtairy-motorola1-68:ntp *:* 8526/ntpd
udp 0 0 localhost:ntp *:* 8526/ntpd
udp 0 0 192.168.254.1:ntp *:* 8526/ntpd
udp 0 0 192.168.250.1:ntp *:* 8526/ntpd
udp 0 0 *:ntp *:* 8526/ntpd |
Any help would be most appreciated, I've been playing with this the last 24 hours or so (With more or less no sleep. )
Last edited by carpenike on Sun Aug 27, 2006 7:52 pm; edited 1 time in total |
|