Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 77926

Summary: cannot connect to snmpd (libwrap)
Product: [Retired] Red Hat Linux Reporter: Jan "Yenya" Kasprzak <kas>
Component: net-snmpAssignee: Phil Knirsch <pknirsch>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-02-05 17:13:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan "Yenya" Kasprzak 2002-11-15 14:27:43 UTC
Description of Problem:
snmpd does not accept requests with libwrap.

Version-Release number of selected component (if applicable):
net-snmp-5.0.1-6

How Reproducible:
100%

Steps to Reproduce:
1. Put "ALL: 127.0.0.1" to /etc/hosts.allow and "ALL: ALL@ALL" to /etc/hosts.deny
2. Start snmpd with the default config
3. Run snmpwalk -v1 -c public 127.0.0.1 system

Actual Results:
Timeout with "Connection from udp:127.0.0.1:53887 REFUSED" message in
/var/log/messages

Expected Results:
The contents of the system SNMP subtree (at least the system.sysContact.0
and system.sysLocation.0 variables).

Additional Information:
The problem is that the agent/snmp_agent.c:netsnmp_agent_check_packet()
function passes the "udp:127.0.0.1:<sourceport>" string to the TCP wrapper's
host_ctl(3) function instead of the plain "127.0.0.1". When I change
the format string "udp:%s:%d" at line 71 of libsnmp/snmpUDPDomain.c to
plain "%s", I am able to connect to my SNMP agent. It is not, however,
a clean fix, and the similar one should be applied to all
snmplib/snmp*Domain.c files, or the netsnmp_agent_check_packet() routine
should be changed.

Comment 1 Jan "Yenya" Kasprzak 2002-11-18 09:35:16 UTC
It appears to be fixed in net-snmp-5.0.6, so I think it you may have
to issue the updated packages for 5.0.6.

Comment 2 Phil Knirsch 2003-02-05 17:13:37 UTC
Yep, fixed in latest rawhide builds, just checked.

Read ya, Phil