# SNMP Problems ;/

## Pc_AdDiCt_83

I have tried almost everything i have come over on this forum.. been searching the forums for 3 days now.. and googling like crazy....

What i'm trying to do is to get MRTG working...  i got apache2, mysql and php up and running, and as far as i can tell mrtg (though it wount work without snmp)

i followed this guide but it stops already at point 4... tried to complete everything and it just doesn't seem to work at all... i could get ping to work, but not traffic, cpu, mem, swap og hdd space to work (the most important here is traffic  :Wink: )

well anyways. heres the code and error:

```
router etc # cfgmaker \

> --output=/etc/mrtg/traffic.cfg \

> --ifdesc=ip \

> --ifref=descr \

> --global "WorkDir: /var/www/localhost/htdocs/mrtg" \

> --global "Options[_]: bits,growright" \

> public@localhost

--base: Get Device Info on public@localhost:

SNMP Error:

send_query: Operation not permitted

SNMPv1_Session (remote host: "localhost" [127.0.0.1].161)

                  community: "public"

                 request ID: 629866647

                PDU bufsize: 8000 bytes

                    timeout: 2s

                    retries: 5

                    backoff: 1)

 at /usr/bin/../lib/mrtg2/SNMP_util.pm line 627

SNMPWALK Problem for 1.3.6.1.2.1.1 on public@localhost::::::v4only

 at /usr/bin/cfgmaker line 831

WARNING: Skipping public@localhost: as no info could be retrieved

--base: Writing /etc/mrtg/traffic.cfg

```

i really hope someone can help me out here, as im getting more and more confused and frustrated   :Razz: 

EDIT: i forgot to say this, but i tested many cmd's that should test if snmpd is started correctly, (it says that it is) and the ports on the firewall is open to the firewall, lan and i even tried to open them to the net (for testing) but i still get the same error (on allmost all cmd's to snmp)

```
router htdocs # snmpwalk -v 1 -c public localhost | grep ifDescr

snmpwalk: Failure in sendto (Operation not permitted)

```

----------

## Pc_AdDiCt_83

anyone??   :Confused: 

----------

## Pc_AdDiCt_83

is there absolutely noone that can help me? ;/

it's really frustrating that i can't find the solution anywhere...

----------

## Pc_AdDiCt_83

I would still really appriciate some help on this topic.. i have tried everything, even tried installing gentoo on another box. i can get everything else working, but i just can't seem to gen snmp working properly...  thnx in advance   :Confused: 

----------

## Maxim Gusev

Check your firewall rules. I think you packed was filtered.

----------

## Pc_AdDiCt_83

if it was filtered, which ports must be open?   :Confused: 

----------

## Maxim Gusev

 *Pc_AdDiCt_83 wrote:*   

> if it was filtered, which ports must be open?  

 

I think must be 161 (UDP) port for snmpd (to answer) (if snmpd is on a 161 port).

Like that: 

$iptables -A INPUT -p udp -i $if -s $snmp_server -d $ip --dport 161 -j ACCEPT

$iptables -A OUTPUT -p udp -o $if -s $ip --sport 161 -d $snmp_server -j ACCEPT

Where $snmp_server - is a server which collect data

and $ip - is a box with snmpd daemon.

It equal in you case and must be 127.0.0.1

----------

## RedDawn

Why the fuck dont you just disable the firewall and fucking setup the server that way... then setup the firewall again and figure out what port need to be open...

you people complicate you life to fucking much!

----------

## Pc_AdDiCt_83

i tried opening that port in the firewall, also tried to disable the firewall, even rebooted without the firewall starting to make sure it was off...

this is really frustrating, probably a simple problem.

```
router / # snmpwalk -v 1 -c public localhost

snmpwalk: Failure in sendto (Operation not permitted)

```

Thanks to everyone who has replyed, i no longer consider this a high priority, but would like to try any suggestions anyone might have  :Wink: 

again. thanks for your effort  :Smile: 

----------

## rex123

If you're running iptables, turn it off (/etc/init.d/iptables stop) then try again.

The other options are too weird.

eg..

- localhost isn't in your hosts file (in which case try snmpwalk -v 1 -c public 127.0.0.1)

- Your snmp daemon isn't running (try rc-status. Also use ps)

- your community name isn't "public".

But the last 2 options should give different errors.

[This advice is actually the same as RedDawn's]

----------

## Pc_AdDiCt_83

Sorry for my late reply, my school and other things has kept me too much away from my g3nt00 b0x ;/

happy to announce, that is going to change ;p ;p

as i said, i consider this no longer to be a high priority, BUT i would very much like to get it up and running.. as many of you have suggested.. i turned of the firewall (shorewall) and tried snmpwalk, and yes snmpd is running and the community name is public..

the weird thing is... when the firewall is up i get:

```
router root # snmpwalk -v 1 -c public 127.0.0.1

snmpwalk: Failure in sendto (Operation not permitted)

```

when the firewall is down i get:

```
router root # snmpwalk -v 1 -c public 127.0.0.1

Timeout: No Response from 127.0.0.1
```

i really don't see why it shouldn't work ;/ i tried following some guides, and reading many other posts which of have similar problems, but nothing seems to help (as it's a while i tried most of the things, it is nearly impossible to tell you all the things i tried that is not in this thread) 

i will give this thread another go before i format my wind0ze box and try to install on that one.. and btw... i have tried to reinstall gentoo completely on this box to be sure, but no luck... get stuck on the same problem over and over...

and thankyou for ur willingness to help  :Smile: 

----------

## Suicidal

Did you follow the guide exactly? 

First off public is a very bad community name to use. 

If you do eventually use a different community name you should replace public@localhost with $community_name@localhost

Also make sure you can ping localhost

if you cant add localhost to etc/hosts/hosts

ex. 

```
127.0.0.1   localhost   localhost.localdomain pwned pwned.dslextreme.com 
```

also try 

```
# snmpwalk -v 2c -c public 127.0.0.1
```

----------

## Pc_AdDiCt_83

Yes i did.

and i have tried to change to another than public, and i can ping localhost (and from outside the box, and from the internet)

here is the results:

```
router root # ping localhost -c 1

PING router.***censored***.org (127.0.0.1) 56(84) bytes of data.

64 bytes from router.***censored***.org (127.0.0.1): icmp_seq=1 ttl=64 time=0.177 ms

--- router.***censored***.org ping statistics ---

1 packets transmitted, 1 received, 0% packet loss, time 0ms

rtt min/avg/max/mdev = 0.177/0.177/0.177/0.000 ms
```

```
router root # snmpwalk -v 1 -c $temp 127.0.0.1

snmpwalk: Failure in sendto (Operation not permitted)
```

```
router root # snmpwalk -v 2c -c $temp 127.0.0.1

snmpwalk: Failure in sendto (Operation not permitted)
```

i just don't get it ;/

thnx for ur reply though  :Smile: 

----------

## Suicidal

It could be tcpwrappers, I had a similar problem with nessus. 

```
[ebuild   R   ] net-analyzer/net-snmp-5.2  +X +ipv6 +lm_sensors -minimal +perl +ssl +tcpd 0 kB

```

have a look at your /etc/hosts.allow and /etc/hosts.deny 

might want to add 

```
smnpd : 127.0.0.1 
```

to /etc/hosts.allow if you have 

```
all : all in /etc/hosts.deny
```

----------

