SUMMARY: SNMP community string starting w/special a prob on Sol 8 ?

From: Bartram, Chris (Contractor) <Chris.Bartram_at_usmint.treas.gov>
Date: Wed Apr 06 2005 - 14:58:46 EDT
I only got one response, from Eric Lewandowski (thanks!), who confirms that
he tried a similar setup at a previous site and found the sun-shipped SNMP
software unable to cope with any special characters at the start of the
community strings. 

He suggested switching to net-snmp, which would be nice if mgmt wasn't
afraid of public domain software on production systems... 

 -Chris Bartram


Bartram, Chris (Contractor) <> wrote:
> Our standard community strings start with a special character. It's
> been ok so far on every other platform we've used... But on Sol 8 (on
> an e15k domain fwiw) trying to enter the read/write-trap-community
> string in snmpdx.acl generates
> 
> Mar 29 13:31:56 solaris /usr/lib/snmp/snmpdx: [ID 702911 daemon.error]
> syntax error in  at line 20: the token < is not valid
> Mar 29 15:15:10 solaris /usr/lib/snmp/snmpdx: [ID 702911 daemon.error]
> syntax error in  at line 20: the token $ is not valid
> 
> (for variations of the string starting with a "<" and a "$"
> respectively.) 
> 
> I determined the "in  at line 20" is referring to the snmpdx.acl
> file's line 
> 20. Trying to 'quote' or "quote" the strings yielded:
> 
> Mar 29 15:16:33 solaris /usr/lib/snmp/snmpdx: [ID 702911
> daemon.error] syntax error at line 20: "
> Mar 29 14:30:56 solaris /usr/lib/snmp/snmpdx: [ID 702911
> daemon.error] syntax error in  at line 20: the token ' is not valid
> 
> Don't seem to get complaints about the snmpd.conf file, though maybe
> it's not getting that far...
> 
> relevant portions of the snmpdx.acl are:
> 
> acl = {
>         {
>                 communities = %string1, %string2    <--- this is
> "line 20" in the snmpdx.acl file
>                 access = read-write
>                 managers = *
>         }
> }
> 
> communities = {
> %string1                read-only
> %string2                read-write
> }
> 
> trap-community = %string1
> 
> trap-recipients =
> {
> host1,host2
> }
> 
> Is is a bug? or is there a secret-handshake escape character I can
> use to get it to accept a string starting with a special character?
> (I tried "\" as a prefix as well.. no joy)
> 
> And don't get me started on the idjit that picked those strings in
> the first place! ;-)
> 
> TIA - will summarize,
>  -Chris Bartram
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Wed Apr 6 14:59:35 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:45 EST