[AGENT++] [PATCH] Fix engine id discovery on the trap listen port
Frank Fock
fock at agentpp.com
Fri Sep 17 20:32:51 CEST 2010
Hi Dominik,
The SNMP standard does not enforce, that a response
is sent from the same port the request has been sent to.
In fact many SNMP implementations send responses
from another ports. Thus, firewall rules should only
filter by the destination port.
The engine ID discovery for a INFORM request, must
use an INFORM PDU. Using a GET PDU is a bad idea,
because that PDU can be filtered because a matching
PDU handler cannot be found.
We will have a look into the patch. May be we can
improve the current behavior of SNMP++.
Thanks anyway for the patch and the report.
Best regards,
Frank
On 17.09.2010 10:47, dominik.vogt at external.thalesgroup.com wrote:
> There is a subtle bug in the way snmp++ sends responses to
> requests it receives on the trap listen port. Responses are only
> sent from that port, if the PDU is of type sNMP_PDU_INFORM,
> assuming that this is the only request that will ever come in
> through the trap listen port.
>
> However, the notification source may perform an engine id
> discovery first (see the first two packets in the attache
> wireshark trace). In that case, the response is sent from the
> regular snmp port instead of the trap listen port. As a result,
> the resonse would we rejected by a firewall, so engine id
> discovery does not work and the notification source can never send
> a notification.
>
> The attached patch fixes this bug (although you may want to write
> the fix in a different way). (snmp++v3.2.25)
>
> Ciao
>
> Dominik ^_^ ^_^
>
>
>
>
> _______________________________________________
> AGENTPP mailing list
> AGENTPP at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/agentpp
--
AGENT++
http://www.agentpp.com
http://www.snmp4j.com
http://www.mibexplorer.com
http://www.mibdesigner.com
More information about the AGENTPP
mailing list