independent of the device type you should be always able to:
snmpset <device> snmp.snmpEnableAuthenTraps.0 integer 2
Oliver
| lesdickert AT att DOT net
Sent by: owner-nv-l AT lists.us.ibm DOT com
13.04.2004 22:23
Please respond to nv-l
|
To: nv-l AT lists.us.ibm DOT com
cc:
Subject: Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps
|
Here is what I think you need to do to keep
an AIX server from sending authentication failure
traps:
Look in /etc/snmpd.conf for a line that has:
trap public <your netview server name> 1.2.3 fe
What you are looking for is a 'trap' line that has the
name of your NetView server on it. The last parameter
('fe' in this example) determines what traps snmpd will
send to that server. See below for how to encode/decode
this hex value. You want to set the high order bit of the
low order nibble to '0' (authentication failure traps).
The only values the second hex character can have that would
cause sending authentication failure traps are a, c, and e.
So change this value as follows:
a -> 2
c -> 4
e -> 6
and that should do it. Will need to stop and start the snmpd
daemon, or better still, reboot the sending server.
Here are the gory details from the snmpd.conf file about this
setting.
Les Dickert
Anthem BC/BS
Richmond, VA
############################################################################
# 4. If your site has a management station that listens for traps, fill-in
# the information for the trap destination as follows:
#
# trap <community> <a.b.c.d> <view name> <trap mask>
#
# where <community> is the community name that will be encoded in the
# trap packet and <a.b.c.d> is the hostname or IP address in dotted
# notation of the host where a trap monitor is listening on UDP port 162.
# The <view name> is a unique object identifier in dotted notation. View
# name is not implemented for traps. The snmpd agent only checks
# the view name format and duplication. The trap mask is in hexidecimal
# format. The bits from left to right stand for coldStart trap, warmStart
# trap, linkDown trap, linkUp trap, authenticationFailure trap,
# egpNeighborLoss trap, and enterpriseSpecific trap. The right most bit
# does not have any meaning. The value "1" will enable the corresponding
# trap to be sent. Otherwise, the trap is blocked.
# ex. fe block no traps (1111 1110)
# 7e block coldStart trap (0111 1110)
# be block warmStart trap (1011 1110)
# 3e block coldStart trap and warmStart trap (0011 1110)
#
#################################################################################
----- Message from Michael Webb <mlwebb AT us.ibm DOT com> on Tue, 13 Apr 2004 19:34:49 +0000 -----
To:
| nv-l AT lists.us.ibm DOT com
|
Subject:
| Re: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps |
Someone once told me to do the following:
Change:
trap public 127.0.0.1 1.2.3 fe # loopback
To:
trap public 127.0.0.1 1.2.3 f6 # loopback
Where the fe becomes f6.
Regards,
Michael Webb, IBM Tivoli
Q1CA Distributed NetView / ITSA SVT
Email: mlwebb AT us.ibm DOT com
Ext: (919) 224-1410, T/L: 687-1410
"Christopher J Petrina" <cjp8 AT meadwestvaco DOT com>
One way to do it is to Set the event in the event configuration window to DO NOT LOG or DISPLAY.
-Chris Petrina
|
| "Bursik, Scott {PBSG}" <Scott.Bursik AT pbsg DOT com>
Sent by: owner-nv-l AT lists.us.ibm DOT com
04/13/2004 03:04 PM
Please respond to nv-l
|
To: "'Nv-L (nv-l AT lists.us.ibm DOT com)'" <nv-l AT lists.us.ibm DOT com>
cc:
Subject: [nv-l] snmpd.conf setting to restrict Authentication Failure Traps |
NetView 7.1.3 AIX 4.3.3
How would you configure the AIX snmpagent to NOT send the Authentication
Failure traps? I want the other traps, just not those.
Thank You,
Scott Bursik
________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service._______________________________________________________________
________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service._______________________________________________________________
This electronic message contains information from MeadWestvaco
Corporation or subsidiary companies, which may be confidential,
privileged or otherwise protected from disclosure. The
information is intended to be used solely by the recipient(s)
named. If you are not an intended recipient, be aware that
any review, disclosure, copying, distribution or use of this
transmission or its contents is prohibited. If you have
received this transmission in error, please notify MeadWestvaco
immediately at postmaster AT MeadWestvaco DOT com.
_______________________________________________________________________
STG31732
Description: Binary data
STG37152
Description: Binary data
STG49006
Description: Binary data
STG46220
Description: Binary data
STG24747
Description: Binary data
STG50017
Description: Binary data
|