5
« on: April 20, 2018, 10:04:10 am »
Hi all
I'm using the current Nedi 1.6.100p4, which I've installed two days ago.
This all worked fine and after some time I even discovered why the discovery took hours instead of minutes (ssh access wasn't allowed).
What disturbs me though, if I run a ./nedi.pl -p -v, I can see that nedi sends my snmp v2 strings to devices that aren't in the filter list that I've configured. Don't have any snmpv3 ones. Not sure if it also does the same with my ssh credentials.
Is this by (undocumented) design or a bug?
My netfilter:
# Only discover devices where ip address matches this regular expression.
# This way NeDi will not send any login credentials to rogue/evil devices.
;netfilter ^192\.168\.0|^172\.16
netfilter ^192\.168\.0|^192\.168\.62
# To avoid networks
;netfilter ^(?!192.168.1).*$
netfilter .
And I see in the debug that it tries to connect to 10.10.2.50 (for example), which it shouldn't based on the netfilter.
-
pato