On Thu, Oct 4, 2012 at 12:17 PM, James Pifer jep@obrien-pifer.com wrote:
On 10/4/2012 9:40 AM, James Pifer wrote:
I have a CentOS release 5.8 that has snmp traps being sent to it. I've been trying to forward the snmp traps to another system. I've tried forwarding with snmpd/snmptrapd, iptables, and some forwarding programs. I can see snmp traps getting delivered to the system with tcpdump and wireshark, but no matter what app I run, the traps do not appear to be reaching the application or port 162. It seems like the packets are possibly being dropped right away.
iptables is wide open:
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination
If I run the apps I can see port 162 open and closed depending on what I have running, so I'm sure there's not a specific app running already on that port.
Anyone have any ideas on what could be happening to these packets and why they might not be reaching port 162 on this host?
Just a follow up. I ran tcpdump for port 162 for a little while and when I stopped I see this at the end:
737 packets captured 737 packets received by filter 0 packets dropped by kernel
So I guess the kernel is not dropping them. Still can't explain why applications are not picking them up.
Any help is appreciated.
I'd try strace'ing the app that is supposed to be receiving them to see if the socket opens are working and what happens with a packet arrives on the port.