Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SNMP syntax question
Top Forums UNIX for Advanced & Expert Users SNMP syntax question Post 302544632 by felbvts on Thursday 4th of August 2011 10:42:31 AM
Old 08-04-2011
SNMP syntax question
Hello,

I need to create an snmp.comf file that defines 2 IPs to the same community string.
Do I need to have 2 community strings with the same name and diff't IPs?
Or should I have 1 string and list the IPs? (comma seperated?)

Example:
Code:
rocommunity EC_8000_RO

arguments EC_8000_RO 192.xx.xx.1 10.xx.xx.2

rwcommunity EC_8000_RW 

arguments EC_8000_RW 192.xx.xx.1 10.xx.xx.2

#EC_8000_RO EC_8000_RW 192.xx.xx.1 10.xx.xx.2

Last edited by radoulov; 08-04-2011 at 11:44 AM.. Reason: Code tags.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

awk syntax question

Hi there could someone explain what is happening in the following function/statement for me, im just a little confused code = 'BEGIN{FS=","} { printf ("%-11s,%s%s%s,%07.2f,%14s,%-3s\n",$1,substr($2,9,2),substr($2,6,2),substr($ 2,3,2),$9,$10,$12) } this function is called later in the... (2 Replies)
Discussion started by: hcclnoodles
2 Replies

2. UNIX for Dummies Questions & Answers

snmp question

Anyone know how to retrieve the configuration files from Cisco 2500 routers using snmp? (1 Reply)
Discussion started by: thumper
1 Replies

3. UNIX for Dummies Questions & Answers

Piping syntax question

There are are lots of examples of piping output FROM the 'ls' command TO another command, but how does one pipe output TO the 'ls -l' command? For example, use 'which' to find a file, then use 'ls -l' to view the permissions, groups, etc. in a single step: which <filename> | ls -l returns... (4 Replies)
Discussion started by: johne1
4 Replies

4. Shell Programming and Scripting

awk syntax question

Hi I use awk command to delete the first blanc line of a file: awk '/^$/ && !f{f=1;next}1' infile > outfile can somebody please explain me what the last "1'" in !f{f=1;next}1' stands for... Thansk a lot -A (3 Replies)
Discussion started by: aoussenko
3 Replies

5. IP Networking

Sending data from DELL OMSA SNMP and Custom SNMP MIB to same UDP port 161

Hi , Currently DELL OMSA SNMP sends data through default udp port 161.I want my custom SNMP MIB also to send data in the same udp port 161.Whether its possible.If yes where to configure .I tried starting my custom MIB in udp port 161,but it throws port already in use.Kindly guide. (0 Replies)
Discussion started by: prabakar4all
0 Replies

6. Red Hat

Sending data from DELL OMSA SNMP and Custom SNMP MIB to same UDP port 161

Hi , Currently DELL OMSA SNMP sends data through default udp port 161.I want my custom SNMP MIB also to send data in the same udp port 161.Whether its possible.If yes where to configure .I tried starting my custom MIB in udp port 161,but it throws port already in use.Kindly guide. (1 Reply)
Discussion started by: prabakar4all
1 Replies

7. Shell Programming and Scripting

tar -C syntax question

I am writing a perl script to tar multiple files (in unix) from a given directory to a given output directory. I do NOT want the file path included in the tar, so I've flagged the -C option. Example: tar -cvf tar/1.tar -C htmp/source/ 1-1-1.xml However, I need to do this for a number of target... (3 Replies)
Discussion started by: michanjohns
3 Replies

8. Programming

Perl syntax question

Hallo everybody, I have a following problem - I'm doing a map funciont to fill in a HTML table and I want to use some radiobutton groups. Unfortunatelly, they are grouped by names, so I have to add some "counter" that will divide one row from another, and I'm using CGI.pm for generating the... (3 Replies)
Discussion started by: duskos
3 Replies

9. UNIX for Dummies Questions & Answers

Need to transfer all kernel logs (var/log/messages) to the snmp listener as snmp trap

i am working with embedded system -Dell DCS management sub system. my question is as below: currently we are using linux kernel 2.6.30 build and we have a kernel logs stored to the /var/log/messages path. now we have to transfer all this logs to the specified SNMP target as a part of SNMP... (4 Replies)
Discussion started by: vipul_prajapati
4 Replies

10. Shell Programming and Scripting

Question regarding quotation syntax

Hey guys, my first post on UNIX Forums(much overdue IMO)! I've got this bit of code that doesn't seem to be working correctly for an Android app I'm working on: "screen -S gmod1 -p 0 -X stuff " & "" & command.text & "`echo -ne '\015'`""" Basically it types command.text(variable determined... (4 Replies)
Discussion started by: stingwraith
4 Replies

LEARN ABOUT DEBIAN

labrea.conf

LABREA.CONF(5)							File Formats Manual						    LABREA.CONF(5)

NAME

       labrea.conf - labrea(1) configuration file

SYNOPSIS

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] EXC

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] HAR

       nnn.nnn.nnn.nnn[/nn] IPI

       nnnnn [- nnnnn] POR

       nnnnn [- nnnnn] PMN

DESCRIPTION

   Generalities
       labrea.conf is the configuration file for the labrea(1) program.

       Each line consists of a selector field, followed by an action verb.

       Whitespace is suppressed. Blank lines are ignored, as are lines beginning with "#".

   Selectors
       IPs can be specified as either a single address (e.g. "192.168.0.4") or as a range of addresses (e.g. "192.168.0.1 - 192.168.0.50").

       Ports can be specified as either a single port (e.g. 12345) or as a range of ports (e.g. 1-65535).

   IP Capturing
       When labrea sees an ARP request for an unused IP, it does the following:

       On an IP by IP basis, store a time and an originating IP address:

       1.     For an incoming ARP request, check the current time:

	      a.     If  currently stored time is 0 or the arp comes from a different address than the one stored, then store the current time and
		     the requesting IP and return.

	      b.     If the stored time is less than "-r" seconds ago, ignore it and return.

	      c.     If currently stored time is more than a minute ago, store 0, return. (Max timeout)

	      d.     Otherwise, grab the IP.

       2.     See an ARP reply, set stored time to 0.

       When an ARP request for a particular IP goes unanswered for longer than its "rate" setting (default: 3 seconds), labrea crafts an ARP reply
       that  routes  all  traffic  destined for the IP to a "bogus" MAC address.  labrea listens for TCP/IP traffic routed to that MAC address and
       then responds to any SYN packet (ie incoming connection) with a SYN/ACK packet.

   Explanation of terms
       Excluded IPs: Are those IPs that labrea should never capture. Note that automatic mechanisms are also used to prevent capturing IPs with an
       active machine on it. See labrea(1) for more details.

       Hard captured IPs: The -h --hard-capture option instructs labrea that once it captures an IP address, then it needn't wait for a "-r" time-
       out the next time around.  These IPs are said to be "hard" captured.

       Hard excluded IPS: These are IPs that should never be "hard" captured. In other words, each time there is an ARP request for this IP,  then
       labrea will always wait for the timeout -r secs before responding.

       Tarpitting:  On a captured IP, labrea responds to an incoming SYN connection attempt with a SYN/ACK. This causes the remote machine's stack
       to initiate the Tcp connection and then waste time fruitlessly trying to continue the conversation.

       Persist state capture: labrea can permanently capture connect attempts by closing the TCP window to force  the  connection  into  "persist"
       state. In this state, the connection never times out, and labrea hangs on to the incoming connection until it is closed from the other end.

       To accomplish this, short packets are sent every so often to say "keep waiting, my Tcp window is still closed". So a maximum b/w control is
       implemented to limit the total b/w consumption. (see the -p --max-rate startup option)

       Auto hard capturing: This is a startup option that says that unless an IP is excluded or hard-excluded, then mark it  as  being	hard  cap-
       tured. This is normally a risky thing to do and should be used with caution.

   Normal virtual machine behaviour
       Default port behaviour: Incoming connections on any port will be subject to tarpitting / persist capturing.

       Since  all connections are inbound, there should be no incoming SYN/ACKs. Labrea will respond RST to an incoming SYN/ACK unless the startup
       option -a --no-resp-synack disables this behaviour.

       Excluded ports: Ports that are specifically excluded will not be tarpitted or persist captured.

       Incoming connection attempts on an excluded port will receive a RST.

   Virtual machine behaviour when firewalling:
       Active ports: When firewalling (i.e.  -f --no-resp-excluded-ports) is active, then by default only the most widely used ports are active at
       startup.

       Incoming connections on these active ports will be tarpitted and/or persist captured as usual.

       Excluded  ports:  When  firewalling  is	active,  incoming  connections	on excluded ports will not receive a response. The packets will be
       dropped.

       Among other things, this means that nmap scans take much more time to complete.

       Other ports: Ports that are neither active nor excluded are passively monitored for incoming SYN activity. At startup, they  behave  as	an
       excluded port (i.e. packets are dropped).

       However, if there is enough activity on a given port, it will dynamically become active. The threshold is more than 6 SYNs for a given port
       in an hour. However every 15 minutes, the port's SYN count is reduced by 1 to eliminate noise.

       If the SYN count for a port finally reaches 255, then the port is considered permanently active.

USAGE

       This section describes the configuration statements and their usage:

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] EXC
	      Never capture the specified IP addresses. This applies to local IP addresses (i.e. on the local capture netblock) only.

       nnn.nnn.nnn.nnn [- nnn.nnn.nnn.nnn] HAR
	      WHen "hard capturing" is in effect ("-h"), then never hard capture the specified IP addresses. (i.e. Always wait for the ARP timeout
	      before responding.) Applies to local IP addresses only.

       nnn.nnn.nnn.nnn[/nn] IPI
	      Ignore  any packets with source IP address in the specified netblock. labrea will not tarpit or persist capture connections from the
	      specified IP addresses.

	      Note that this statement can apply to any IP address.

	      Note also that the netblock is specified in CIDR notation (ie nnn.nnn.nnn.nnn/nn) and not as a range of IP addresses.

       nnnnn [- nnnnn] POR
	      These ports are excluded. labrea will not tarpit / persist capture incoming connections on these	ports.	A  RST	will  be  returned
	      unless firewalling is active. In that case, the incoming packet will be dropped.

       nnnnn [- nnnnn] PMN
	      At  startup,  mark the indicated ports as being active. Incoming connections to these ports are subject to tarpitting / persist cap-
	      turing.

	      This configuration statement is useful only when firewalling is active. The port becomes immediately active, instead of waiting  for
	      enough SYNs to bump the port's SYN count above the activity threshold.

EXAMPLES

       Suppose that the capture subnet is 192.168.10.0/24.

       Exclude 192.168.10.5 through .7 from being captured:

	      192.168.10.5 - 192.168.10.7 EXC

       "Hard exclude" 192.168.10.100:

	      192.168.10.100 HAR

       Do not attempt to tarpit / persist capture packets from the class C subnet 10.2.3.x:

	      10.2.3.0/24 IPI

       Put in some comments:

	      #
	      #    This is a comment
	      #

       Do not tarpit / persist capture on ports 21-25:

	      21-25 POR

       When firewalling, make port 12345 active at startup:

	      12345 PMN

FILES

       /usr/local/etc/labrea.conf
	      Default configuration file on unix systems

       (current directory) LaBrea.cfg
	      Default configuration file on Windows systems

SEE ALSO

       labrea(1)

AUTHOR

       Tom Liston <tliston@hackbusters.net> Bugs: lorgor@users.sourceforge.net or http://labrea.sourceforge.net

																    LABREA.CONF(5)
All times are GMT -4. The time now is 08:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy