I updated to CentOS 4.5 yesterday and now I am finding the snmpd daemon is logging reams and reams of these messages:
May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1 May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12
Is there a way to turn off this useless logging? I am getting these every 5 minutes (every time MRTG updates my MailScanner statistics).
So far what I tried was to take off the -a switch when starting snmpd. That didn't help. This snmpd behavior is new from CentOS 4.4.
Paul R. Ganci wrote:
May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1 May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12
Is there a way to turn off this useless logging?
Ok I found the answer to this problem. The /etc/rc.d/init.d/snmpd script contains the following code snippet:
if [ -e /etc/sysconfig/snmpd.options ]; then . /etc/sysconfig/snmpd.options else OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a" fi
Note that the OPTIONS= line indicates that smnpd starts with both -Lsd and -Lf /dev/null. As a result a ps auxww shows:
root 19645 0.0 0.2 12340 4436 ? S 12:05 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a
and apparently the -Lsd overrides the -Lf /dev/null so everything gets logged. If I create a /etc/sysconfig/snmpd.options file containing:
OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a"
then only warnings or worse are logged to /var/log/messages and the useless connection messages get suppressed. The key is to remove the -Lf /dev/null and replace -Lsd with -LS 4 d. The latter switch says to use syslog to log messages from the daemon, but only if the priority is warning or worse. No more unwanted log entries.
Heads up sendmail users.
After running the big pile of upgrades over the weekend I have noted a change in behavior in sendmail. The current running version is sendmail-8.13.1-3.2.el4.
Specifically sendmail started ignoring the relay by IP rules in the access / access.db files.
they were formatted as such (IP addresses changed for privacy)
192.168.0.0/27 RELAY
After a bunch of testing with sendmail -bt I discovered that the behavior had reverted to the old school style of access that does not allow for CIDR notation thus:
192.168.0 RELAY
The purpose of the sendmail patch was to fix a hole where an outside user posing as localhost.localdomain could relay. This is a rule related to access / access.db. I am theorizing that the developers reverted that part of the code back to an older version.
Is anyone else noticing this? I may be way off in my assumtions. However, I'm not a coder and have to work off of trial and error when troubleshooting.
Was the sendmail upgrade part of the 4.5 push?
Regards, James
Hi,
Paul R. Ganci schrieb:
Paul R. Ganci wrote:
May 20 10:40:03 mx01 snmpd[2572]: Connection from - 127.0.0.1 May 20 10:40:03 mx01 snmpd[2572]: transport socket = 12
logged. If I create a /etc/sysconfig/snmpd.options file containing:
OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a"
then only warnings or worse are logged to /var/log/messages and the
Have you filed a bugreport? Btw this is also an issue in the upstream vendor's product.
Rainer
On Sun, 20 May 2007 15:01:25 -0600 Paul wrote: PRG> Note that the OPTIONS= line indicates that smnpd starts with both -Lsd PRG> and -Lf /dev/null. As a result a ps auxww shows: PRG> PRG> root 19645 0.0 0.2 12340 4436 ? S 12:05 0:00 PRG> /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a PRG> PRG> and apparently the -Lsd overrides the -Lf /dev/null so everything gets PRG> logged. If I create a /etc/sysconfig/snmpd.options file containing: PRG> PRG> OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a" PRG> PRG> then only warnings or worse are logged to /var/log/messages and the PRG> useless connection messages get suppressed.
snmpd can have multiple output destinations. The '-Lf /dev/null' was to disable the default log file, because snmpd used to always open it, even if other log types were specified. Newer releases don't open the default log file unless no other logging method is specified, so the '-Lf /dev/null' can (and should) be dropped...
Thanks, it worked just fine.
Paul R. Ganci wrote:
and apparently the -Lsd overrides the -Lf /dev/null so everything gets logged. If I create a /etc/sysconfig/snmpd.options file containing:
OPTIONS="-LS 4 d -p /var/run/snmpd.pid -a"
-
James N. Smith -
Oliver Schulze L. -
Paul R. Ganci -
Rainer Traut -
rs@centos.spam.futz.org