Menu
▾
▴
[Netdisco] discover_only and discover_no options
|
From: Martin K. <ko...@fu...> - 2010-07-22 09:02:00
|
Hi everyone, I wonder how discover_only and discover_no options really work. With these options configured like this: #discover_no = discover_only = 10.239.0.0/16 I can still see traffic to other network(s) than the one specified in discover_only. Captured with tshark it is as follows: > 0.000000 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1.001438 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 2.005407 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 3.009412 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 4.013409 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 5.017396 10.238.250.84 -> 10.230.143.238 SNMP get-request 1.3.6.1.2.1.1.7.0 > 101.505854 10.238.250.84 -> 10.230.142.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 102.509404 10.238.250.84 -> 10.230.142.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > ... > 1501.155385 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1502.157920 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1503.165434 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1504.169908 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1505.173926 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 > 1506.177437 10.238.250.84 -> 10.230.172.234 SNMP get-request 1.3.6.1.2.1.1.7.0 Have I missed something or is this behavior correct? Is there a way to prevent any Netdisco communication to certain networks other than using e.g. IPtables? Thank you for any help, Martin |
