SNMPTRAP multiple port binding

[Andy Ford]

Hi everyone…   I have numerous remote hosts (switches / routers in a private address range) sending traps across a VPN (across the internet) to a firewall that will port forward these to a Solaris box running an snmptrapd. Each remote network will have its own VPN, and traps will be forwarded from port 162 (at the f/w) to port N (on the Solaris box). I therefore require the snmptrapd to bind to numerous ports, which is simple (thanks to the flexibility of net-snmp). I have the statement …               traphandle default /path/to/my/traphandler   … in my /etc/snmp/conf/snmptrapd.conf file   What I am after is snmptrapd passing the port number of the trap currently being processed to the traphandler script. So essentially, the first line from the traphandler output would be ‘port:9999’ (if the f/w forwarded from port 162->9999). The only other way of differentiating between the remote networks (as they may share the same private address range (this is ultimately what I am trying to achieve here!!)) is to fire up more than one snmptrapd process and traphandler.   Just incase that seems like double dutch…   Trap                  f/w port forwarding                      Solaris Box Remote net 1     -> 162:localhost:9991 ->             snmptrapd Remote net 2     -> 162:localhost:9992 ->             snmptrapd Remote net 3     -> 162:localhost:9993 ->             snmptrapd   I’ll start the snmptrapd with … /usr/local/sbin/snmptrapd –c /etc/snmp/conf/snmptrapd.conf udp:9991 udp:9992 udp:9993   Is it possible to achieve with one snmptrapd?   I’ve been looking everywhere for a solution – but to no avail.   Thanks chaps   Andy This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us.