This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 77926 - cannot connect to snmpd (libwrap)
cannot connect to snmpd (libwrap)
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: net-snmp (Show other bugs)
8.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Phil Knirsch
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-11-15 09:27 EST by Jan "Yenya" Kasprzak
Modified: 2015-03-04 20:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-02-05 12:13:37 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan "Yenya" Kasprzak 2002-11-15 09:27:43 EST
Description of Problem:
snmpd does not accept requests with libwrap.

Version-Release number of selected component (if applicable):
net-snmp-5.0.1-6

How Reproducible:
100%

Steps to Reproduce:
1. Put "ALL: 127.0.0.1" to /etc/hosts.allow and "ALL: ALL@ALL" to /etc/hosts.deny
2. Start snmpd with the default config
3. Run snmpwalk -v1 -c public 127.0.0.1 system

Actual Results:
Timeout with "Connection from udp:127.0.0.1:53887 REFUSED" message in
/var/log/messages

Expected Results:
The contents of the system SNMP subtree (at least the system.sysContact.0
and system.sysLocation.0 variables).

Additional Information:
The problem is that the agent/snmp_agent.c:netsnmp_agent_check_packet()
function passes the "udp:127.0.0.1:<sourceport>" string to the TCP wrapper's
host_ctl(3) function instead of the plain "127.0.0.1". When I change
the format string "udp:%s:%d" at line 71 of libsnmp/snmpUDPDomain.c to
plain "%s", I am able to connect to my SNMP agent. It is not, however,
a clean fix, and the similar one should be applied to all
snmplib/snmp*Domain.c files, or the netsnmp_agent_check_packet() routine
should be changed.
Comment 1 Jan "Yenya" Kasprzak 2002-11-18 04:35:16 EST
It appears to be fixed in net-snmp-5.0.6, so I think it you may have
to issue the updated packages for 5.0.6.
Comment 2 Phil Knirsch 2003-02-05 12:13:37 EST
Yep, fixed in latest rawhide builds, just checked.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.