stackoom
  简体   繁体   中英

How to change the net-snmp trap sender port in linux?

 原文  2015-07-01 02:31:33       linux/ snmp/ net-snmp

Question

I'm using the net-snmp for gather system information in linux. but I found there is problem.

when I check port usage of Net-SNMP by netstat, I found net-snmp using 3 UDP port.

Here is the result. 

[root@ snmp]# netstat -anp | grep snmp

tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN      6392/snmpd          
udp        0      0 0.0.0.0:49005               0.0.0.0:*                               6392/snmpd          
udp        0      0 0.0.0.0:161                 0.0.0.0:*                               6392/snmpd          
udp        0      0 0.0.0.0:44837               0.0.0.0:*                               6392/snmpd

as you can see, the snmpd using 2 more udp port without 161. also I found why the 2 udp ports are randomly occupied by snmp.

those ports are using for sending snmp trap. when I remove the tran2sink and informsink option, the 2 UDP ports are no more appear.

this is my part of configuration of snmpd.conf 

###########################################################################
# SECTION: Trap Destinations
#
#   Here we define who the agent will send traps to.

# trap2sink: A SNMPv2c trap receiver
#   arguments: host [community] [portnum]

trap2sink  192.168.1.4  

# informsink: A SNMPv2c inform (acknowledged trap) receiver
#   arguments: host [community] [portnum]

informsink  192.168.1.4 NMS_COM 

# trapcommunity: Default trap sink community to use
#   arguments: community-string

trapcommunity  NMS_COM

# authtrapenable: Should we send traps when authentication failures occur
#   arguments: 1 | 2   (1 = yes, 2 = no)

authtrapenable  1

my program have to use 40000~50000 udp port. so I want to use those trap options and change the ports.

how can I fix the ports?

2 answers

solution1
 0  2015-07-09 08:58:12

You can try to set port for the directives as below:
trap2sink 1.1.1.1:port_num eg trap2sink 1.1.1.1:162


I hope I understood your question and this would help.

solution2
 0  2015-07-09 10:35:24

These are SNMP Ephemeral ports. Here is a quote from a Microsoft support page on them:

While SNMP service is running it may be noticed via the netstat Command Line utility that in addition to the well known ports for sending and receiving SNMP traps (161/162) that a random ephemeral port has been created by the service as well.

The random port usage is intended behavior and is opened for the purpose of sending "management" traps

...

This port will remain in the system while the SNMP service is running, but is not actively used unless a management trap is to be sent outbound. Since SNMP does not listen for inbound packets on this random port, this does not present a security vulnerability.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to change the net-snmp default port to one less than 1024 in linux? How to use net-snmp 5.5 with IPv6 on Linux? Python Net-SNMP, Linux: gather usernames by IP SNMP Trap In PHP/Linux How to print an integer and Counter32 value in net-snmp How to see the environment variable set by the net-SNMP library? Create custom OID in net-snmp agent Net-SNMP variables using C++ Net-snmp writing a MIB module Net-SNMP: snmpwalk “timeout: No Response from localhost:1161” using Net-SNMP v5.4.3
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM