On 03/04/07, Wes Hardaker wrote:
> >>>>> "DS" == Dave Shield writes:

>
> DS> I'm pretty sure that the vacmNotifyView is not actually consulted
> DS> when generating notifications.
>
> Ugh. We need to add that.


OK - I've added that to the project tracker.

We'll need to tread carefully, though. There will be
hundreds of existing installations that are working quite
happily, and we'll need to ensure that a default config
continues to send traps.
(I realise that such an approach is an anathema to security
experts, but said security experts don't typically maintain the
users list! ;-) )



> (it was the following grep that led me to believe it might be without
> checking further...)
>
> snmpNotifyTable.c: struct vacm_viewEntry *vp, *head;


if ( get_FilterProfileName(...) == NULL )
return OK

> snmpNotifyTable.c: head = snmpNotifyFilterTable_vacm_view_subtree(profileNam e);


But this is purely concerned with the snmpNotifyFilterTable, which is
normally empty
(and works on a per-destination basis). So traps are typically let
through (see above).
Pablo was asking about the core nofiifyViewName, which kicks in
much earlier,
and acts globally.


Dave

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders