[ previous ] [ next ] [ threads ]
 
 From:  Patrick <patrick at rave dot co dot za>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Restricting SNMP
 Date:  Sat, 11 Sep 2004 19:33:55 +0200 
> > Are you sure its not TCP ? Those were TCP ports i checked for earlier i belive
> > anyway... have you tried allow rule then a seperate deny rule ? TCP/UDP ?
> > 
> 
> TCP scan:
> 
> su-2.05b# nmap -sS -p 161-162 192.168.1.1
> 
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-09-10 18:09 EDT
> Interesting ports on 192.168.1.1:
> PORT    STATE  SERVICE
> 161/tcp closed snmp
> 162/tcp closed snmptrap
> 
> 
> UDP scan:
> 
> su-2.05b# nmap -sU -p 161-162 192.168.1.1
> 
> Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2004-09-10 18:08 EDT
> Interesting ports on 192.168.1.1:
> PORT    STATE         SERVICE
> 161/udp open|filtered snmp
> 162/udp closed        snmptrap
> 
> 
> Scans from my monitoring host are identical to another host on my LAN,
> and only the monitoring host should be allowed by the rule I put in. 
> I haven't spent much time looking at it, but will later.

Oooooops .... my gold fish memory must be catching up with me :o) 

If you dont get anywhere just give a copy of the related rules from 
http(s)://<ip>/status.php - It might help us work out where you're getting
stuck 

P