User guide
Configuring source address checking SNMP
1-103
iMG/RG Software Reference Manual (System Configuration)
snmpTargetAddrParams
is a human readable string which must be present but is ignored by the SNMP engine. This field should be set to
a dash (-).
snmpTargetAddrStorageType
is nonVolatile, permanent, or readOnly.
snmpTargetAddrTMask
is a bit field mask for the snmpTargetAddrTAddress and appears in the snmpd.cnf file in the same for-
mat as the snmpTargetAddrTAddress. For example, if snmpTargetAddrTDomain is
‘snmpUDPDomain ‘, a valid mask would be 255.255.255.0:0. This mask is used in conjunction with the
snmpTargetAddrTAddress to determine if an incoming request has arrived from an authorized address.
Note: The value trailing the colon should ALWAYS be zero
The value of snmpTargetAddrTMask identifies which bits of the source address should be compared to the
value of snmpTargetAddrTAddress. A bit value of ‘1’in the mask means that the corresponding bit in the
source address should be compared to the corresponding bit in the value of snmpTargetAddrTAddress. A
bit value of 0 in the mask means that corresponding bit in the source address is a “don’t care” case in the com-
parison.
snmpTargetAddrMMS
is an integer which is the maximum message size (in bytes) that can be transmitted between the local host and
the host with address snmpTargetAddrTAddress without risk of fragmentation. The default value is 2048.
1.6.5.1 Matching exactly one source address
If snmpTargetAddrTMask is 255.255.255.255:0, then all bits have ‘1’ as value
FIGURE 1-20 snmpTargetAddrTMask
This indicates that the source address must exactly match the value of snmpTargetAddrTAddress, or the
incoming SNMP request will be rejected.
1.6.5.2 Matching any source address
If snmpTargetAddrTMask is 0.0.0.0:0, then all bits have ‘0’ as value:
255
byte 1
1 1 1 11 1 1 1 1 1 1 1
255
byte 2
1 1 1 11 1 1 1 1 1 1 1
255
byte 3
1 1 1 11 1 1 1 1 1 1 1
255
byte 4
1 1 1 11 1 1 1 1 1 1 1 1 1 1 1binary
1 1 1 1
decimal
1 1 1 1