# Want to allow SNMP in FreeBSD Server



## mahip_nix (May 29, 2012)

Hi *f*riends,

I need your help to allow the SNMP port (udp/161) *o*n my freeBSD FreeBSD server "7.3-RELEASE-p1". I have my monitoring system and *I* am monitoring my linux servers through the SNMP protocol. *I* installed SNMP *o*n my FreeBSD server but am not able to get details using the snmpwalk command from my monitoring system. *I* think my "OpenBSD Packet Filter" firewall is blocking SNMP trafic from outside the server. *P*lease help me to allow SNMP trafic from outside network or spec*i*fic IP address.

Thanks in advance,
Mahip_nix


----------



## SirDice (May 29, 2012)

Show us your current rules.


----------



## mahip_nix (May 29, 2012)

Hi SirDice,

Thanks for you prompt respon*s*e. P*l*ease find the current rules below in the /etc/pf.conf file.


```
table <nnn-white> persist file "/var/db/whitelist.txt"

scrub in all

no rdr inet proto tcp from { <spamd-white>, <nnn-white> } to any port smtp
rdr inet proto tcp from !127.0.0.1 to any port smtp -> 127.0.0.1 port spamd


pass in proto udp from any to any port = 161 keep state
pass out proto udp from any to any port = 161 keep state

block webdeal host
block in proto tcp from X.X.X.X to any port smtp
```

Thanks,
Mahip_nix


----------



## SirDice (May 29, 2012)

Traffic isn't blocked and should be allowed by your rules.

Are you getting time-outs with snmpwalk(1)? It's probably the wrong community string you're using. Also make sure snmpd is actually running.


----------



## mahip_nix (May 29, 2012)

Hi SirDice,

*I* checked the snmpd.conf file and it has community "public". *B*elow is the command which *I* used to get detail through SNMP.

[cmd=]snmpwalk -v1 -cpublic 88.87.56.226[/cmd]

I am getting the below error message.


```
Timeout: No Response from X.X.X.X
```

Do you have any clue how can *I* resolve this.


----------



## SirDice (May 29, 2012)

Is snmpd starting properly?


----------



## mahip_nix (May 29, 2012)

Hi SirDice,

Yes SNMPD is working on the server, check below screenshot for your reference.


```
# /usr/local/etc/rc.d/snmpd status
snmpd is running as pid 25869.
```


```
dns3# sockstat -4 -l |grep snmp
root     snmpd      25869 8  udp4   *:161                 *:*
root     snmpd      25869 9  tcp4   *:199                 *:*
```


----------



## SirDice (May 29, 2012)

Access it from the same host, does that work?


----------



## mahip_nix (May 29, 2012)

Hi SirDice,

*I*t is not working on the same host either.


```
snmpwalk -v1 -cpublic localhost
Timeout: No Response from localhost
```


----------



## mix_room (May 29, 2012)

It looks as though you are only passing UDP and not TCP. Perhaps this is the problem. Perhaps the redirection statement is also wrecking havoc.

Does SNMP work if you disable the firewall?


----------



## mahip_nix (May 29, 2012)

Hi, 

No, SNMP does not work if *I* disable the firewall.

Thanks,


----------

