#467 SNMP integration

open
nobody
None
5
2008-03-03
2008-03-03
Jose Dias
No

Quite simple. Have IPCOP respond to SNMP data requests.

I use TheDude to relate general health of my network, but I have no information from the firewall. Having SNMP installed, officially, would greatly improve the reliability of the overall network.

Discussion

  • Logged In: YES
    user_id=691649
    Originator: NO

    I do not think that opening IPCop to a new protocol (that as every protocol is subject of failure/weakness) could improve the reliability of the overall network.

    It agree it could let you know easier what event happen on the IPCop machine, but the price is to be vulnerable of snmp weakness.

    If one has a solid snmp implementation working on ipcop, we could accept to include that (as usual not enabled by default).

    Just post the code change as a patch against cvs (diff -u) or preferably svn for the new version.

     
  • Olaf Westrik
    Olaf Westrik
    2008-03-03

    Logged In: YES
    user_id=1120714
    Originator: NO

    I've got a lfs/net-snmp somewhere (for 2.0 of course ;-)), did not finish it for lack of time & testing environment. I could commit but needs finalizing by someone and also needs .cgi file for configuration.

    I see no security problem if the (security-)configuration is good and listening to green only.

     
  • Robert Kerr
    Robert Kerr
    2008-03-22

    Logged In: YES
    user_id=317036
    Originator: NO

    I don't like the idea of adding new protocols for the sake of it either, I would imagine that the overall demand for SNMP is pretty small in our target market, it's more an enterprise thing than a SOHO one.

    This is the kinda of thing that an officially supported addon would work well for, but I guess you can maybe argue builtin and turned off by default isn't that different functionally from an addon.