Re: [squid-users] snmpwalk issue squid 2.5

From: Henrik Nordstrom <henrik_at_henriknordstrom.net>
Date: Tue, 09 Dec 2008 01:47:26 +0100

mån 2008-12-08 klockan 10:34 -0800 skrev Ausmus, Matt:
> First off , I'm posting this question here because it appears the SNMP mailing list is now defunct. If this is the wrong list to post this please let me know and I'll repost it in the correct one.
>
> First I'm running squid with snmp enabled on Centos 4.7. the version of squid is the most recent offered for 4.7: squid-2.5.STABLE14-4.el4. this is my entire snmp configuration (with names and variables changed to protect the innocent ;-))
> acl chapmansnmp snmp_community publ!c
> snmp_port 3401
> snmp_access deny chapmansnmp !chapman1

That's not right. Squid access rules has an implicity inverse of the
last rule, i.e. the above is implicit followed by

    snmp_access allow all

And says allow anyone to query for SNMP, except that only chapman1 is
allowed to use the public snmp community. Any other community is ok for
anyone to use, just not public.

You probably want

   snmp_access allow chapmansnmp chapman1

which gets implicitly followed by

   snmp_access deny all

Regards
Henrik
Received on Tue Dec 09 2008 - 00:47:34 MST

This archive was generated by hypermail 2.2.0 : Wed Dec 10 2008 - 12:00:02 MST