[CentOS] lost udp packets

Thu Oct 4 17:17:57 UTC 2012
James Pifer <jep at obrien-pifer.com>

On 10/4/2012 9:40 AM, James Pifer wrote:
> I have a CentOS release 5.8 that has snmp traps being sent to it. I've
> been trying to forward the snmp traps to another system. I've tried
> forwarding with snmpd/snmptrapd, iptables, and some forwarding programs.
> I can see snmp traps getting delivered to the system with tcpdump and
> wireshark, but no matter what app I run, the traps do not appear to be
> reaching the application or port 162. It seems like the packets are
> possibly being dropped right away.
> iptables is wide open:
> # iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> If I run the apps I can see port 162 open and closed depending on what I
> have running, so I'm sure there's not a specific app running already on
> that port.
> Anyone have any ideas on what could be happening to these packets and
> why they might not be reaching port 162 on this host?

Just a follow up. I ran tcpdump for port 162 for a little while and when 
I stopped I see this at the end:

737 packets captured
737 packets received by filter
0 packets dropped by kernel

So I guess the kernel is not dropping them. Still can't explain why 
applications are not picking them up.

Any help is appreciated.