|
Re: [nv-l] snmp trap
2002-04-04 11:27:59
"D'Apice, Dominic" <D.D'Apice AT SAQ.qc DOT ca> writes:
> Hello, aix4.3.3, NV7.1
>
> I just add some new snmp trap for firewall checkpoint.
> the output is a scripts with the 6 specific trap (coldstart,warmstart...).
> but when i receive firewall snmp trap i have this king of trap
>
> Can someone tell me what this snmptrap mean ? it is one of the regular
> specific trap "0" like "coldstart" ? or is a other one...???
This is an enterprise-specific trap. I don't know who vendor 2620 is,
but it looks like you could benefit from having additional traps
defined. From the vabind data it appears to be telling you that a
netbios packet hit the firewall. Why the firewall is telling you
about it is what you need to find out. Without knowing the vendor and
model of firewall, I doubt anyone will be able to tell of hand.
> Thu Apr 04 10:20:58 2002 sxpcmc0001.saq. ? Enterprise specific trap (0) from
> ENTERPRISES: args(1):
> [1] private.enterprises.2620.1.1.11.0 (OctetString): 4Apr2002 10:20:47
> drop SAQ1_EXT >eth-s1p1c0 snmptrap proto udp src MERLOT_COURRIER_INT dst
> 172.20.29.60 service netbios-ns s_port netbios-ns len 78 rule 18 xlatesrc
> MERLOT_COURRIER_INT xlatedst 172.20.29.60 xlatesport netbios-ns xlatedport
> netbios-ns
> community:public enterprise:1.3.6.1.4.1.2620.1.1
> AgentAddr:sxpcmc0001.saq.qc.ca generic-trap:6 time:0
>
> SPECIFIC : 0 (hex: 0)
> GENERIC : 6
> CATEGORY : Status Events
> ENTERPRISE : ENTERPRISES 1.3.6.1.4.1.2620.1.1
> SOURCE : Source not known (?)
> HOSTNAME : sxpcmc0001.saq.qc.ca
> SEVERITY : Indeterminate
> LOGGEDTIME : 04/04/02 10:20:58
--
Todd H.
http://www.toddh.net/
|
|
|
