Re: Dedicated Firewall + snmpd smux 199/tcp
On Sat, Dec 14, 2002 at 02:27:48PM +0100, Matthias Hentges wrote:
> Hello all!
>
> I'm in the process of setting up a dedicated firewall for my home
> network. It only runs four services: smtp, snmp, ssh and fwlogwatch.
>
> I've run into a problem configuring snmpd to only use a fixed local IP.
> >From the man-page it is enough to call snmpd with the following
> parameters:
>
> snmpd -s -l /dev/null -p 161@192.168.5.2
>
> but snmpd still listens on port 199/tcp (smux) on my internet IP.
>
> [portscan from external host]
>
> Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> Interesting ports on x (x.x.x.x):
> (The 3 ports scanned but not shown below are in state: closed)
> Port State Service
> 199/tcp open smux
>
> I have read the man page and did a lenghthy search with google but
> didn't find a solution on how to bind 199/tcp to my local IP.
>
> Please give me a hint or two on how to fix this, or where to look for
> more information.
>
> Ofcourse i have a packetfilter installed but i don't want *any* open
> ports on this firewall.
>
Can't give you a solution, but just say that this is specific to debian
> woody (>=snmpd 4.2.2-1 (see changelog)), it doesn't appear in potato.
It seems it's in the compile option:
--with-mib-modules="host ipfwchains/ipfwchains smux"
I saw nothing in config-file to deactivate it so I suppose we need do
rebuild it without smux
I also saw nothing in the latest manpage for sid package...
--
Easter-eggs Spécialiste GNU/Linux
44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité
Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 41 35 00 76
mailto:elacour@easter-eggs.com - http://www.easter-eggs.com
Reply to: