Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am currently trying to set up Cacti to monitor my servers, but I am having trouble with my SNMP. I have checked a few things and discovered that the issue is not with Cacti, but with the SNMP connection. I have tried connecting from the server to itself as localhost, and have had no problems. However when I tried to connect to another IP, the connection timed out with no response. I also got a time-out when I tried entering my own IP, and finally when I tried entering 127.0.0.1 I have checked that the server is up and running, and the addresses that I am trying to connect from are in the snmpd.conf file. The command I am using is snmpwalk -v 1 -c public and I am on openSuSE 10.3 Any help that you could offer would be much appreciated. Thank you!
I'm not entirely sure where to find those logs, but as far as the firewall goes, there is an external firewall, but that should not effect this transfer- the computers are on the same network and whatnot and the 127.0.0.1 address shouldn't even be leaving the system. The internal firewall is currently on, but I have tried turning it off, and the problem persists. I have the default port opened up, but that doesn't seem to make a difference.
There's different way to find out like 0) listing contents and scripts of the package snmpd belongs to, 1) (s)locate with a /var/*snmp* regexp, 2) running pgrep -lf snmpd to find if it uses "-l" switch or 3) running lsof on the pid of the running snmpd +D/var. For me snmpd logs to /dev/null by default, meaning output goes to syslog so I would have to restart and force "-l /pathto/logfile" to make it log elsewhere.
Quote:
Originally Posted by Tyler_H72
The internal firewall is currently on, but I have tried turning it off, and the problem persists.
Like you could use tcpdump (or netcat) on the (remote) system to find out if packets reach it, you can use iptables -j LOG rules to log incoming packets. The benefit of using tcpdump or iptables log rules over netcat is they're not invasive: you don't have to stop the daemon to be able to diagnose things. If you can see packets coming in and your firewall rules allow access then you know it's not that.
Quote:
Originally Posted by Tyler_H72
I have the default port opened up, but that doesn't seem to make a difference.
If snmpd is configured and running OK, and if your firewall rules allow access, then if I do 'ldd /path/to/snmpd|grep wrap' I see it's using libwrap, so what do /etc/hosts.{deny,allow} say?
I just started up the snmp server, tried my snmpwalk command, and shut down the server. This is what was added to the log when I did that:
Code:
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
NET-SNMP version 5.4.1
Received TERM or STOP signal... shutting down...
tcpdump shows that there are no packets coming in when I attempt to make a connection. However, I've also been trying localhost, and I may be wrong (it happens a LOT to me) but I was thinking that localhost went through the loopback, and therefore wouldn't even be seen by the firewall.
hosts.allow doesn't have anything listed in it to be allowed (lots there, but it's all comments). hosts.deny has only one entry-http-rman : ALL EXCEPT LOCAL
I also noticed another interesting thing when I used the lsof -p [pid] command- the following two lines are both listed:
Localhost is an interface "just" like any other and can be seen by iptables. Often it's left untouched with a "-A INPUT -i lo -j ACCEPT" line though. But why would you use localhost for testing if you need to make it work on the ethernet device anyway? Since your hosts.allow is empty and there is no deny rule in hosts.deny access is allowed, so that shouldn't be a problem. But the "UDP Tyler:161" line looks odd indeed. Did you start this as root? What's the commandline ('pgrep -lf snmpd')?.
I've been testing it not only on localhost but also on my external IP and 127.0.0.1- just as a way to see what is working and what isn't. Yes I did start it as root, so I'm not sure why it would say Tyler:161. pgrep -lf snmpd returns the following:
Code:
24052 /usr/sbin/snmpd -r -A -LF d /var/log/net-snmpd.log -p /var/run/snmpd.pid
And you are sure the only messages in the log or on screen are those five you posted?
Could you please post your snmpd.conf w/o comment or empty lines?
I made a few changes and got it to accept connections- I did this on Friday, and forgot to document it. So I'm not entirely sure what I did, but I am going to try to figure it out and once I do I will post it here.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.