OpenWrt Forum Archive

Topic: Kamikaze - by default snmpd is being blocked

The content of this topic has been archived on 1 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
zhamrock
1 Jul 2008, 17:20

Hi - Just installed snmpd on my newly installed kamikaze so i could monitor my bandwidth through MRTG, i can do snmpwalk fine locally but not from LAN(e.g. my desktop).

>>sniff
iso.3.6.1.2.1.1.1.0 = STRING: "Linux langgam 2.4.34 #3 Sun Sep 30 20:33:21 CEST 2007 mips"

I noticed that port 161 UDP by default is being denied by iptables:

Jul  1 10:13:39 (none) user.warn kernel: input_rule:DROP IN=br-lan OUT= MAC=xxxxxx SRC=192.168.1.9 DST=192.168.1.1 LEN=74 TOS=0x00 PREC=0x00 TTL=128 ID=52605 PROTO=UDP SPT=3645 DPT=161 LEN=54

I added the below to /etc/firewall.user

iptables -A input_rule -p udp --dport 161 -j ACCEPT

but still no luck. sad

Any help would be highly appreciated.

regards'

zham

Post #2
marc_dilasser
20 Aug 2008, 22:12

I have the folowing lines in /etc/firewall.user :

# Allow snmp queries
iptables -t nat -A prerouting_rule -i $WAN -p udp --dport 161 -j ACCEPT
iptables        -A input_rule      -i $WAN -p udp --dport 161 -j ACCEPT

and can do snmpwalk from WAN.

Marc

The discussion might have continued from here.