Stop events like Received SNMP packet(s) from UDP: [1.2.3.4]:59675
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Stop events like Received SNMP packet(s) from UDP: [1.2.3.4]:59675
On only 2 rhel boxes I have my /var/log/messages file is full of events similar to this
Received SNMP packet(s) from UDP: [1.2.3.4]:59675
Other than blocking the ip in iptables, what other options do I have to stop these if i can't make 1.2.3.4 stop talking to the servers?
Also, not sure if this matters, but i have webmin installed on these servers, not sure if that uses snmp for anything so just throwing it out there. although webmin is on the other servers that don't have this message constantly too.
The service on my machine getting the errors, or the one referenced by IP in the error? My /etc/snmp/snmpd.conf only has a rocommunity, syslocation, and syscontact in it.
I don't have a rsyslog.conf in /etc.
The one generating the SNMP message should be the one modified for the service generating it.
The advantage is that you get to detect that something is happening from that machine... the disadvantage occurs when the message has no meaning. Since it appears to have no meaning it may be due to a default configuration that just notifies everything.
Yeah, my guess is someone installed something on here, but never configured it so it's just giving me default noise. But I'm still not really sure what I should change based on what's in the one file and not having the other.
Or do you think it's just best to disable SNMP? I don't know if that breaks webmin though.
Maybe that might be the best route, as I know I don't use it for anything specifically. Just wish I knew if webmin needed it for sure or not, as webmin is a huge help to me so i'd hate to break that.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.