Search squid archive

RE: snmpwalk issue squid 2.5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Whoops!  Meant for my response to go to the message board for anyone else having this issue.  Henrik, your idea worked perfectly.  I thing I found was if I used multiple variables (chapman1 chapman2 chapman3 where each variable is an acl representing a subnet), I couldn't combine them on 1 line.

"Snmp_access allow chapmansnmp chapman1 chapman2 chapman3" would not work.  I had to give each variable a separate line:
"snmp-access allow chapmansnmp chapman1"
"snmp-access allow chapmansnmp chapman2"
"snmp-access allow chapmansnmp chapman3"

And then it worked like a charm.  Thanks!
____________________________
Matt Ausmus
Network Administrator
Chapman University
635 West Palm Street
Orange, CA  92868
(714)628-2738
mausmus@xxxxxxxxxxx 
 
“You can lead a horse to water, but if you can get him to float on his back, you’ve got something.”
-HARTLEY’S FIRST LAW

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] 
Sent: Monday, December 08, 2008 4:47 PM
To: Ausmus, Matt
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  snmpwalk issue squid 2.5

mån 2008-12-08 klockan 10:34 -0800 skrev Ausmus, Matt:
> First off , I'm posting this question here because it appears the SNMP mailing list is now defunct.  If this is the wrong list to post this please let me know and I'll repost it in the correct one.
> 
> First I'm running squid with snmp enabled on Centos 4.7.  the version of squid is the most recent offered for 4.7:  squid-2.5.STABLE14-4.el4.  this is my entire snmp configuration (with names and variables changed to protect the innocent ;-))
>        acl chapmansnmp snmp_community publ!c
>        snmp_port 3401
>        snmp_access deny chapmansnmp  !chapman1


That's not right. Squid access rules has an implicity inverse of the
last rule, i.e. the above is implicit followed by

    snmp_access allow all

And says allow anyone to query for SNMP, except that only chapman1 is
allowed to use the public snmp community. Any other community is ok for
anyone to use, just not public.

You probably want

   snmp_access allow chapmansnmp chapman1

which gets implicitly followed by

   snmp_access deny all

Regards
Henrik




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux