- (README, config.h.in, configure, configure.in, snmpd.c): Patch from
Arthur Hyun:
- tcpwrappers support.
git-svn-id: file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@1293 06827809-a52a-0410-b366-d66718629ded
diff --git a/agent/snmpd.c b/agent/snmpd.c
index 806b9ec..62659d6 100644
--- a/agent/snmpd.c
+++ b/agent/snmpd.c
@@ -108,6 +108,12 @@
#include "mibgroup/struct.h"
#include "mibgroup/util_funcs.h"
+#include <syslog.h>
+#include <tcpd.h>
+
+int allow_severity = LOG_INFO;
+int deny_severity = LOG_WARNING;
+
extern int errno;
extern char *version_descr;
extern oid version_id[];
@@ -687,6 +693,7 @@
dup(1);
close(0);
}
+ openlog("snmpd", LOG_CONS, LOG_AUTH|LOG_INFO);
setvbuf (stdout, NULL, _IOLBF, BUFSIZ);
printf ("%s UCD-SNMP version %s\n", sprintf_stamp (NULL), VersionInfo);
if (!dont_fork && fork() != 0) /* detach from shell */
@@ -902,6 +909,21 @@
&fromlength);
if (length == -1)
perror("recvfrom");
+
+ {
+ char *addr_string = inet_ntoa(from.sin_addr);
+
+ if(!addr_string) {
+ addr_string = STRING_UNKNOWN;
+ }
+ if(hosts_ctl("snmpd", addr_string, addr_string, STRING_UNKNOWN)) {
+ syslog(allow_severity, "Connection from %s", addr_string);
+ } else {
+ syslog(deny_severity, "Connection from %s refused", addr_string);
+ return(0);
+ }
+ }
+
#ifdef USING_SNMP_MODULE
snmp_inpkts++;
#endif
