Re: Dedicated Firewall + snmpd smux 199/tcp
On Sat, Dec 14, 2002 at 02:27:48PM +0100, Matthias Hentges wrote:
> Hello all!
> I'm in the process of setting up a dedicated firewall for my home
> network. It only runs four services: smtp, snmp, ssh and fwlogwatch.
> I've run into a problem configuring snmpd to only use a fixed local IP.
> >From the man-page it is enough to call snmpd with the following
> snmpd -s -l /dev/null -p email@example.com
> but snmpd still listens on port 199/tcp (smux) on my internet IP.
> [portscan from external host]
> Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> Interesting ports on x (x.x.x.x):
> (The 3 ports scanned but not shown below are in state: closed)
> Port State Service
> 199/tcp open smux
> I have read the man page and did a lenghthy search with google but
> didn't find a solution on how to bind 199/tcp to my local IP.
> Please give me a hint or two on how to fix this, or where to look for
> more information.
> Ofcourse i have a packetfilter installed but i don't want *any* open
> ports on this firewall.
Can't give you a solution, but just say that this is specific to debian
> woody (>=snmpd 4.2.2-1 (see changelog)), it doesn't appear in potato.
It seems it's in the compile option:
--with-mib-modules="host ipfwchains/ipfwchains smux"
I saw nothing in config-file to deactivate it so I suppose we need do
rebuild it without smux
I also saw nothing in the latest manpage for sid package...
Easter-eggs Spécialiste GNU/Linux
44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité
Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 41 35 00 76
mailto:firstname.lastname@example.org - http://www.easter-eggs.com