Ad Widget

**Paul_11** · 04-12-2023, 15:39

Hi!
I think script is fine.

But I can't understand this problem:

Cannot bind for clientaddr: Address already in use
couldn't open udp:162 -- errno 98 ("Address already in use")

[root@monitor]# sudo snmptrapd -f -Lo -c /etc/snmp/snmptrapd.conf
Cannot bind for clientaddr: Address already in use
couldn't open udp:162 -- errno 98 ("Address already in use")

[root@monitor]# cat /etc/services|grep 162
snmptrap 162/tcp # SNMPTRAP
snmptrap 162/udp snmp-trap # Traps for SNMP

[root@monitor]# sudo netstat -lnp| grep 162
udp 0 0 0.0.0.0:162 0.0.0.0:* 1036785/snmptrapd

[root@monitor]# ps -ef | grep snmptrapd
root 1036785 1 0 15:59 ? 00:00:00 /usr/sbin/snmptrapd -Lsd -f
root 1037076 72730 0 16:00 pts/0 00:00:00 grep --color=auto snmptrapd

As I can see only snmptrapd uses port 162 and I can't find out another application using this port.
How can I resolve this issue?

**ISiroshtan** · 04-12-2023, 15:50

If snmptrapd already running when you execute

Code:

sudo snmptrapd -f -Lo -c /etc/snmp/snmptrapd.conf

means you try to invoke another instance of it, which can not use the same port that already running instance is using. Hence you get an error. Stop running instance then invoke your command from shell.

Could you show /etc/snmp/snmptrapd.conf content and the tcp dump of the trap that is not processed to log?

**Paul_11** · 04-12-2023, 17:13

Ok, but how can I stop instance correctly?
If I use kill command I've got the same error:

[root@monitor]# systemctl restart zabbix-server.service
[root@monitor]# systemctl restart snmptrapd.service
[root@monitor]# ps -ef | grep snmptrapd
root 1054128 1 0 17:21 ? 00:00:00 /usr/sbin/snmptrapd -Lsd -f
root 1054145 72730 0 17:21 pts/0 00:00:00 grep --color=auto snmptrapd
[root@monitor]# kill 1054128
[root@monitor]# sudo snmptrapd -f -Lo -c /etc/snmp/snmptrapd.conf
Cannot bind for clientaddr: Address already in use
couldn't open udp:162 -- errno 98 ("Address already in use")
[root@monitor]#

Attached Files

snmptrap.zip (1.1 KB, 3 views)

**ISiroshtan** · 04-12-2023, 17:25

I don't see any obvious issue with config file and trap from dump. If you say your locally sent trap did get logged, this one should too.

You can just stop snmptrapd as

systemctl stop snmptrapd

then verify that port is no longer listened by anything

sudo netstat -lnp| grep 162

Then you can try to execute your command to get log in console about traps

**Paul_11** · 04-12-2023, 18:02

Unfortunately the same error:

[root@monitor]# systemctl stop snmptrapd
[root@monitor]# sudo netstat -lnp| grep 162
[root@monitor]# sudo snmptrapd -f -Lo -c /etc/snmp/snmptrapd.conf
Cannot bind for clientaddr: Address already in use
couldn't open udp:162 -- errno 98 ("Address already in use")
[root@monitor]#

Now trap from cli also don't work (no file is created with test trap)

**Paul_11** · 05-12-2023, 10:17

In my last post - I used bad trap format from cli.
Now I can see that trap from cli works fine.
How can I debug (maybe enable some logs/debugs) to check traps from network interface?

**cyber** · 05-12-2023, 11:04

SO, traps arrive as they are visible in tcpdump, but they only reach traplog if it is sent from localhost?

Have you checked selinux errors? Do you have somekind of local firewall enabled?

Ad Widget

Zabbix traps via bash script don't work

Zabbix traps via bash script don't work

Comment

Comment

Comment

Comment

Comment

Comment

Comment