help with iptables and letting snmp packets through (3rd request)
Chris W. Parker
cparker at swatgear.com
Thu Apr 1 21:02:51 UTC 2004
hi.
ok.. i think i may be getting a bit annoying... but at this point i
don't care because i don't know where else to turn. <sob!>
anyways.. my problem is that snmp packets are being refused by iptables
*even though* i've created three rules to allow that traffic through.
the rules i'm using are the following:
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 161 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 161 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 162 -j ACCEPT
even with these rules in place snmp traffic still does not make it
through (and thus cacti does not graph anything). the only way i can get
cacti to graph any from a remote server (local server works fine) is to
completely turn off iptables with 'service iptables stop' or to comment
the following line:
-A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT
that is obviously the catch-all for UDP. however, am i *not* correctly
making a reservation for UDP 161, and 162 in the first three iptables
lines i pasted above? where am i going wrong?
thanks a bunch! you're the best!!
chris.
More information about the redhat-list
mailing list