IPtables and SNMP
 

I cant get SNMP traffic to flow through my firewall

I have eth0 and eth1, I did a tcpdump and can see udp 161 (snmp) go through eth0 to eth1 but then doesnt come back:

12:54:46.463028 IP 10.152.100.50.12066 > 10.200.100.129.snmp: GetRequest(25) system.sysDescr.0
12:54:46.613720 IP 10.152.100.50.12066 > 10.200.100.130.snmp: GetRequest(25) system.sysDescr.0

10.152.100.50 is a computer on the eth0 side of the network and Im trying to get snmp details from a pc (10.200.100.130).

Here are my iptables

ipt -A FORWARD -p icmp -j ACCEPT
ipt -A INPUT -i eth0 -p icmp -j ACCEPT
ipt -A INPUT -i lo -j ACCEPT
ipt -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
ipt -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
ipt -A FORWARD -p udp --dport 53 --sport 1024:65535 -j ACCEPT
ipt -A INPUT -p udp -m udp --dport 161:162 -j ACCEPT
ipt -A FORWARD -i $DHCPIF -p udp --dport 123 -j ACCEPT #Allows NTP
ipt -A INPUT -m state --state NEW,INVALID -j DROP
ipt -A FORWARD -i $DHCPIF -j DROP

Everything else works, NTP, DHCP, PING REQUEST ETC ETC

BUT SNMP doesnt go all the way back from the PC with the snmp agent installed.

Well is the SNMP client actually working? SNMP v1 / v2c do not respond if your community strings are correct etc...

What is community string?

When i turn off the firewall I get full snmp traffic flowing through. The firewall allows traffic to filter through eth0 and to eth1, i can see it in tcpdump. But the traffic does not flow back out through eth1, eth0 and then to the management server.