Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Selecting source port with snmpget and set

1 view
Skip to first unread message

Alan Leigh

unread,
Oct 7, 2004, 6:55:24 PM10/7/04
to
Hi all,

Hoping someone can help me out and this hasn't been covered before -
I've had a pretty good search of the lists etc.

I am using the net snmp library in my code to enable some get/set type
calls. The problem is I am hoping to be able to set up a firewall
between the computer the code will be running on and an SNMP device. I
therefore would like to be able to open just one port. The problem is
that it seems the library chooses an arbitrary source port on the local
computer (I can specify the remote port, or leave it as default of 162
no worries). Is there an easy way to select the source port from which
the UDP GET / SET message originates?

I am thinking at the moment I will try and get the socket back from the
netsnmp_session that is returned, and attempt to bind the socket to a
port. Is this on the right track? Or have I missed the point? Any tips
would be greatly appreciated.

Cheers,
Al

-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Net-snmp-users mailing list
Net-snm...@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Dave Shield

unread,
Oct 8, 2004, 5:06:59 AM10/8/04
to
> I am hoping to be able to set up a firewall
> between the computer the code will be running on and an SNMP device. I
> therefore would like to be able to open just one port. The problem is
> that it seems the library chooses an arbitrary source port on the local
> computer

Yes - that's fairly standard for most network services.
The port at one end of the connection will be fixed,
the other will be semi-random.
Any sensible firewall configuration should be able to
deal with this - allowing through traffic *to* that particular
port but not worrying about the source port.

If there's only one management system that needs to use SNMP,
then you could set up a rule

allow netman-host:* <-> agent:161


> (I can specify the remote port, or leave it as default of 162
> no worries).

If you're talking about GET/SET requests, then you should be using
port 161. Port 162 is used for SNMP traps, not GET/SET requests.

Dave

Alan Leigh

unread,
Oct 8, 2004, 5:22:13 PM10/8/04
to
Hey Dave,

Thanks for getting back to me. I figured it out not long before getting this message. Basically, I init-ed a session with net-snmp, then using the netsnmp_session thing that returned, I was able to burrow down to the socket that it used. I then just bind that to the port I wanted, and then went on and called the sync_response method etc. It seems to be working a treat - I can pick any local port and just do a bind() to that with the socket net-snmp gives (well sort of, it took me a while how to figure out how to get it). You are right about 161 :) My misake.

Anyway,
thanks all,

Cheers,
Al

0 new messages