SNMP query - operation not permitted
- by jperovic
I am working on API that reads a lot of data via SNMP (routes, interfaces, QoS policies, etc...). Lately, I have experienced a random error stating:
Operation not permitted
Now, I use SNMP4J as core library and cannot really pinpoint the source of error. Some Stackoverflow questions have suggested OS being unable to open sufficient number of file handles but increasing that parameter did not help much.
The strange thing is that error occurs only when iptables is up and running.
Could it be that firewall is blocking some traffic? I have tried writing JUnit test that mimicked application's logic but no errors were fired...
Any help would be appreciated! Thanks!
IPTABLES
*nat
:PREROUTING ACCEPT [2:96]
:POSTROUTING ACCEPT [68:4218]
:OUTPUT ACCEPT [68:4218]
# route redirect za SNMP Trap i syslog
-A PREROUTING -i eth0 -p udp -m udp --dport 514 -j REDIRECT --to-ports 33514
-A PREROUTING -i eth0 -p udp -m udp --dport 162 -j REDIRECT --to-ports 33162
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
.....
# SNMP
-A INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
# SNMP trap
-A INPUT -p udp -m state --state NEW -m udp --dport 162 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 33162 -j ACCEPT
.....
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
