Hi, I am seeing some interesting behavior while using an authcommunity directive in my snmpd.conf file. It appears that com2sec6 is getting called even when I specify an ipv4 address as the SOURCE on the authcommunity line. This means that I get the following error printed to the log file:
Turning on AgentX master support. /etc/snmp/snmpd.conf: line 3: Error: Address family for hostname not supported net-snmp: 1 error(s) in config file(s) After browsing the source code in agent/mibgroup/mibII/vacm_conf.c it appears that vacm_parse_authcommunity() calls vacm_create_simple() and specifies VACM_CREATE_SIMPLE_COM as the parsetype. Since parsetype is VACM_CREATE_SIMPLE_COM it means that vacm_gen_com2sec will get called for both "com2sec" and "com2sec6" cases. I think this is what is causing the error, but am not 100% sure. Is there a bug here? In order to provide a simple re-creator I have boiled my snmpd.conf file down to 3 lines: # cat /etc/snmp/snmpd.conf master agentx view fullview included .1 authcommunity read snmppublic 10.240.6.171 -V fullview I start the daemon in debug mode using: # /usr/sbin/snmpd udp:161 udp6:161 -D -Lf /var/log/snmp.log A snippet from the debug output is below: read_config: Found a parser. Calling it: authcommunity / read snmppublic 10.240.6.171 -V fullview trace: vacm_parse_authtokens(): mibgroup/mibII/vacm_conf.c, 321: vacm_parse_authtokens: parsing read .. result = 0x1 trace: vacm_gen_com2sec(): mibgroup/mibII/vacm_conf.c, 729: com2sec: passing: com2sec comm1 10.240.6.171 'snmppublic' trace: netsnmp_udp_parse_security(): snmpUDPDomain.c, 1123: netsnmp_udp_parse_security: <"snmppublic", 0xab06f00a/0xffffffff> => "comm1" trace: vacm_gen_com2sec(): mibgroup/mibII/vacm_conf.c, 742: com2sec: passing: group grpcomm1 v1 comm1 trace: vacm_gen_com2sec(): mibgroup/mibII/vacm_conf.c, 750: com2sec: passing: group grpcomm1 v2c comm1 trace: vacm_create_simple(): mibgroup/mibII/vacm_conf.c, 960: authcommunity: passing: com2secunix comm1 10.240.6.171 'snmppublic' trace: netsnmp_unix_parse_security(): snmpUnixDomain.c, 684: netsnmp_unix_parse_security: <"snmppublic"> => "comm1" trace: vacm_gen_com2sec(): mibgroup/mibII/vacm_conf.c, 729: com2sec6: passing: com2sec6 comm1 10.240.6.171 'snmppublic' /etc/snmp/snmpd.conf: line 3: Error: Address family for hostname not supported trace: vacm_gen_com2sec(): mibgroup/mibII/vacm_conf.c, 742: com2sec6: passing: group grpcomm1 v1 comm1 Note: I am using an older version of Net-SNMP(5.5) provided in RHEL but I have browsed the most recent (http://sourceforge.net/p/net-snmp/code/ci/master/tree/agent/mibgroup/mibII/vacm_conf.c) changes and believe the code still behaves the same. Thanks for any insight you can provide, Dusty ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
