Posted: Mon Jun 14, 2010 16:35 Post subject: Cron for changing snmp listening port
Hey all, I've been doing a lot of research through the dd-wrt Wiki and through net-snmp to figure out a method of changing the listening port for snmpd on my WRT-320n.
Now the reason I require this is due to AT&T monitoring their own t1's which blocks the port 161, basically shutting down cacti for that ip.
I have changed the firewall settings to the new port and I added the agentaddress udp:(portnumber) to the /var/snmp/snmpd.conf file using vi editor while ssh'd in the router.. but everytime the router reboots (every night) its erases that setting.
Does anyone know what a command might be to write agentaddress udp:(portnumber) in the text file as a cron on boot?
(sorry if this is the wrong section for this post, figured considering it was on a 320n, it was viable)
Joined: 24 Feb 2009 Posts: 2026 Location: Sol System > Earth > USA > Arkansas
Posted: Mon Jun 14, 2010 16:46 Post subject:
If it is an "iptables" command, then you can place those 'rules' in the firewall script under the "Administration" tab, "Commands" sub-tab. If it just something you want to run *just* once, then put it under the startup script in the same location. _________________ E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]
Try Dropbox for syncing files - get 2.5gb online for free by signing up.
Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
Posted: Mon Jun 14, 2010 17:34 Post subject: Reply
It wouldn't be part of the iptables, that is already taken care of using the --dport command. Its more of just having a way to REWRITE the "agentaddress udp:port" inside the snmpd.conf file everytime the router reboots
Joined: 24 Feb 2009 Posts: 2026 Location: Sol System > Earth > USA > Arkansas
Posted: Mon Jun 14, 2010 20:56 Post subject:
Then that should be something you can put in the 'startup' script to have it run every time the router boots. _________________ E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]
Try Dropbox for syncing files - get 2.5gb online for free by signing up.
Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
It will be a lot easier if you do just redirect the external port in iptables instead of editing the snmpd.conf file. If you edit the conf file then you'd have to write a script to erase the previous port and replace it with yours, and then restart snmpd, and still have an iptables command to open the port. If you just use iptables then all you need is something like this in your firewall script.
LANIP=`nvram get lan_ipaddr`
iptables -I INPUT -d $LANIP -p udp --dport 161 -j ACCEPT
iptables -t nat -I PREROUTING -d `nvram get wan_ipaddr` -p udp --dport [external port] -j DNAT --to $LANIP:161 _________________ Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Joined: 24 Feb 2009 Posts: 2026 Location: Sol System > Earth > USA > Arkansas
Posted: Tue Jun 15, 2010 0:15 Post subject:
It would seem that phuzi0n has come up with an even more elegant solution to the problem. Keep up the great work. _________________ E3000 22200M KongVPN K26
WRT600n v1.1 refirb mega 18767 BS K24 NEWD2 [not used]
WRT54G v2 16214 BS K24 [access point]
Try Dropbox for syncing files - get 2.5gb online for free by signing up.
Read! Peacock thread
*PLEASE* upgrade PAST v24SP1 or no support.
