1

I find myself vexed this afternoon, I have recently taken on some RHEL5 servers on board and have found something rather peculiar, most likely I am missing something glaringly obvious so please let me know what is going on here.

I place this in /etc/snmp/snmpd.conf and restart snmpd

rocommunity somefictionalname xxx.xxx.xxx.xxx

Now on all my CentOS 5 servers this works just fine, see the following tcp dump of a working transaction:

14:51:54.108322 IP client.39690 > server.snmp:  GetNextRequest(25)  
14:51:54.108836 IP server.snmp > client.39690:  GetResponse(120)  system.sysDescr.0=[|snmp]
14:51:54.109211 IP client.39690 > server.snmp:  GetNextRequest(28)  system.sysDescr.0
14:51:54.109516 IP server.snmp > client.39690:  GetResponse(38)  system.sysObjectID.0=E:8072.3.2.10
14:51:54.109762 IP client.39690 > server.snmp:  GetNextRequest(28)  system.sysObjectID.0

Now the from the RHEL5 box using the same configuration line.

14:55:37.015363 IP client.34551 > server.snmp:  GetNextRequest(25)  
14:55:38.016614 IP client.34551 > server.snmp:  GetNextRequest(25)  
14:55:39.016851 IP client.34551 > server.snmp:  GetNextRequest(25)  
14:55:40.018476 IP client.34551 > server.snmp:  GetNextRequest(25)  
14:55:41.019392 IP client.34551 > server.snmp:  GetNextRequest(25)  
14:55:42.019544 IP client.34551 > server.snmp:  GetNextRequest(25)

On the RHEL5 box I see the following in /var/log/messages

snmpd[pid]: Connection from UDP: [client]:34551 REFUSED

But I am at a loss at to why ... I'll keep looking into this but please feel free to point me in the right direction.

Cheers

Oneiroi

Oneiroi
  • 2,063
  • 1
  • 15
  • 28

1 Answers1

3

I have solved this issue, and for reference if anyone else is facing this problem it's to do with the /etc/hosts.allow file.

Add this line

snmpd: xxx.xxx.xxx.xxx

Where xxx.xxx.xxx.xxx is the ip address of the client querying the snmpd service.

Oneiroi
  • 2,063
  • 1
  • 15
  • 28