Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
SNMPd not Listening on some interfaces? (SOLVED)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
carpenike
Tux's lil' helper
Tux's lil' helper


Joined: 10 Feb 2005
Posts: 127

PostPosted: Sun Aug 27, 2006 5:27 pm    Post subject: SNMPd not Listening on some interfaces? (SOLVED) Reply with quote

Hello,

I currently have a router with 3 interfaces on it (br0 (containing eth0 and eth1), eth2, and eth3).

I have snmpd running, but I can only access it via eth2, my local lan.

Code:
homerouter ~ # emerge -pv net-snmp

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R   ] net-analyzer/net-snmp-5.2.1.2-r1  USE="perl ssl tcpd -X -doc -elf -ipv6 -lm_sensors -minimal -rpm -smux" 0 kB

Total size of downloads: 0 kB


I have shorewall running and have configured open access to my fw from my local lan.

Code:
homerouter ~ # emerge -pv shorewall

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R   ] net-firewall/shorewall-3.0.8  USE="-doc" 0 kB

Total size of downloads: 0 kB


The ultimate goal is to enable SNMP to a DMZ client sitting off of my bridge group... taking one step at a time.

However, whenever I try to send snmp requests to the bridge group I get timeouts.

When I do a

Code:
homerouter ~ # tcpdump -evi br0 dst port 161
tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 68 bytes
13:23:31.204340 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:32.211234 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:33.221097 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:34.230959 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:35.240828 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }
13:23:36.250701 00:14:85:0a:2b:a1 (oui Unknown) > 00:30:b8:c8:56:01 (oui Unknown), ethertype IPv4 (0x0800), length 85: (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 71) mtairy-motorola1-68-71-249-2.chvlva.adelphia.net.32771 > mtairy-motorola1-68-71-244-122.chvlva.adelphia.net.snmp:  { SNMPv1 { GetNextRequest(28) R=1716207745 [|snmp] } }



I see the packets entering my br0, and a quick check to my shorewall logs:

Code:
homerouter ~ # tail -f /var/log/ulogd.syslogemu
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00  SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1030 LEN=369
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00  SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1031 LEN=369
Aug 27 13:15:19 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00  SRC=57.61.61.63 DST=68.71.249.2 LEN=389 TOS=00 PREC=0x00 TTL=56 ID=0 DF PROTO=UDP SPT=13364 DPT=1032 LEN=369
Aug 27 13:19:29 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00  SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11036 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:33 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00  SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11248 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:38 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00  SRC=193.217.213.167 DST=68.71.244.122 LEN=48 TOS=00 PREC=0x00 TTL=105 ID=11666 DF PROTO=TCP SPT=1475 DPT=55980 SEQ=1327618767 ACK=0 WINDOW=16384 SYN URGP=0
Aug 27 13:19:59 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00  SRC=24.73.115.40 DST=68.71.244.122 LEN=1058 TOS=00 PREC=0x00 TTL=114 ID=21024 PROTO=UDP SPT=10327 DPT=1026 LEN=1038
Aug 27 13:19:59 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00  SRC=24.210.255.104 DST=68.71.249.2 LEN=1058 TOS=00 PREC=0x00 TTL=114 ID=22275 PROTO=UDP SPT=9333 DPT=1026 LEN=1038
Aug 27 13:22:08 homerouter Shorewall:net2all:DROP: IN=br0 OUT= MAC=00:10:4b:2b:72:d4:00:30:b8:c8:56:01:08:00  SRC=24.124.176.75 DST=68.71.244.122 LEN=642 TOS=00 PREC=0x00 TTL=114 ID=12875 PROTO=UDP SPT=5911 DPT=1026 LEN=622
Aug 27 13:22:09 homerouter Shorewall:net2all:DROP: IN=br0 OUT=br0 MAC=00:14:85:0a:2b:a1:00:30:b8:c8:56:01:08:00  SRC=24.169.212.164 DST=68.71.249.2 LEN=642 TOS=00 PREC=0x00 TTL=114 ID=14404 PROTO=UDP SPT=4747 DPT=1026 LEN=622


Would seem to make me believe that the firewall isn't actually blocking the port...

My guess is that snmp isn't actually responding to requests on the br0 interface...

Code:
homerouter ~ # netstat -pau
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 *:2048                  *:*                                 6000/dnsmasq
udp        0      0 *:snmp                  *:*                                 11131/snmpd
udp        0      0 *:domain                *:*                                 6000/dnsmasq
udp        0      0 *:bootps                *:*                                 6000/dnsmasq
udp        0      0 *:bootpc                *:*                                 4030/dhcpcd
udp        0      0 mtairy-motorola1-68:ntp *:*                                 8526/ntpd
udp        0      0 localhost:ntp           *:*                                 8526/ntpd
udp        0      0 192.168.254.1:ntp       *:*                                 8526/ntpd
udp        0      0 192.168.250.1:ntp       *:*                                 8526/ntpd
udp        0      0 *:ntp                   *:*                                 8526/ntpd


Any help would be most appreciated, I've been playing with this the last 24 hours or so (With more or less no sleep. :))


Last edited by carpenike on Sun Aug 27, 2006 7:52 pm; edited 1 time in total
Back to top
View user's profile Send private message
carpenike
Tux's lil' helper
Tux's lil' helper


Joined: 10 Feb 2005
Posts: 127

PostPosted: Sun Aug 27, 2006 7:51 pm    Post subject: Reply with quote

Heh...

Fixed...

It appears that my DMZ server was jumping up to my upstream router and then back down to my local router...

Added this route to my /etc/conf.d/net on the DMZ server

-net 68.71.0.0/16 dev eth0

This gave me a syntax error... spent awhile figuring that out and realized I didn't have iproute2 installed.. Installed that and all works well.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum