Good day!
Is it possible to install SNMP to allow for monitoring of the router on the Voxel firmware? The firmware is perfect for me, and very stable. The only thing missing is the ability to monitor it via SNMP.
Thanks!
Good day!
Is it possible to install SNMP to allow for monitoring of the router on the Voxel firmware? The firmware is perfect for me, and very stable. The only thing missing is the ability to monitor it via SNMP.
Thanks!
Hi,
There are SNMP daemon and tools in Entware:
https://www.voxel-firmware.com/Downloads/Voxel/html/entware.html
e.g.
NOTE: I did not try it.
Voxel.
Hi Voxel. Thanks for the information. I was able to get SNMP up and running and ran a test internally and that seems to work perfectly, however I'm not able to get anything on my LAN side of my router from being able to hit it. Is there some commands I need to run or a setting inside of Entware that needs to be set up to allow udp/161 to talk to the LAN side of the R7800? I was poking around and trying a few things without success.
Thanks for your time!
Monteroman
I am not a specialist in SNMP, sorry. I've passed your question to Entware team. So please wait a bit.
Voxel.
Well, I've got a tip from zyxmon to use mini_snmpd
It should work according to manual http://www.net-snmp.org/
No negative feedback on mini_snmpd.
Voxel.
I'll give it a shot and report back. Thanks for the advice Voxel!
Voxel, I managed to get the mini-snmpd up and running and configured. Once again, if I do an snmpwalk from within the R7800, it works fine and displays everything, but if i try to do it from a host on my LAN side, it won't respond.
I looked at iptables and I see these entries:
Chain loc2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere state NEW tcp flags:!FIN,SYN,RST,PSH,ACK,URG/SYN
DROP udp -- anywhere anywhere state NEW multiport dports snmp,snmp-trap
ACCEPT all -- anywhere anywhere
I'm not really up on iptables, but in my limited knowledge, this tells me that it's blocking all SNMP traffic from the LAN side to the router.
Any thoughts?
Additionally, I can confirm that it is listening on UDP/161:
root@R7800:/tmp/mnt/sda2/entware/etc/init.d$ netstat -lnu |grep 161
udp 0 0 0.0.0.0:161 0.0.0.0:*
It just seems like the firewall isn't allowing UDP/161 through to the LAN side.
Well, I cannot say concretely... Seems you are right. Maybe NG firewall somehow blocks 161. IMO you should try to play with your own iptables settings to open 161. See in my README re: how to use you own iptables rules (your own script (5. Open your own firewall ports.)
NG firewall is enclosed part of NG. It is distributed in binary form with GPL sources.
Voxel.
Voxel, you pointed me in the right direction. With the help of your README doc (and I looked originally and must have missed it the 1st time I glanced through it) with setting the custom /etc/netwall.conf with a setting of ACCEPT loc fw udp 161 and then a reboot and I was good. I can now monitor the R7800. THANK YOU!!!
You are welcome. Most important that you did it yourself Experience....
Voxel.