Name

nnmtrapd.conf — Filter file to block traps based on IP address or OID

SYNOPSIS

nnmtrapd.conf

DESCRIPTION

nnmtrapd.conf file can be used to configure filters to block traps based on both IP address and trap OID.

The filters are entered one per line. Each filter consists of an IP address, range or wildcard folowed by one or more comma separated list of trap OIDs or range of trap OIDs or wildcards.

The format of the filter is:

<IP Address, OID[,OID]*>

IP Address could be a single IP Address or a pattern in prefix/prefix-length notation or range-wildcard notation. The special notation of "*" indicates all addresses. You may not combine the prefix/prefix-length notation with the range-wildcard notation in the same address. Host name cannot be specified instead of an address. Every filter entry should have a unique address (single, wild card or range). Examples of addresses in prefix/prefix-length notation are: 

10.2.112.0/20
1080:0:a00::/44

The same addresses in range-wildcard notations are: 

10.2.112-127.*
1080:0:a00-a0f:*:*:*:*:*

The trap OID can also be specified as a range or as wildcard. However, you may only use either a range or a wildcard in one OID. Only the last sub OID of an OID can be specified as a wildcard or range. The special notation ".*" indicates all OIDs. Some examples are: 

.1.3.6.1.4.1.11.2.17.1.0.58915834-58915868
.1.3.6.1.4.1.11.*

For generic traps like link up, you can append the enterprise OID of the vendor to the trap OID for blocking a specific vendor. Conversely, to block a generic trap from all vendors you need to append a wildcard to the trap OID.

Blocking all traps from all address is not allowed. So the following entry is ignored: 

<*, .*>

To apply filter changes to the running configuration, use the following command: 

nnmtrapconfig.ovpl -readFilter

EXAMPLES

The following example blocks all generic traps from all subnets in the range 10.2.120 to 10.2.127: 

<10.2.120.0/21, .1.3.6.1.6.3.1.1.5.*>

The following example blocks link up traps from all devices in the 10.6.112/21 subnet whose enterprise OID is .1.3.6.1.4.1.11.2.3.7.11.17: 

<10.6.112.0/21, .1.3.6.1.6.3.1.1.5.4.1.3.6.1.4.1.11.2.3.7.11.17>

The following example blocks link up traps from all devices in the 10.6.112/21 subnet. 

<10.6.112.0/21, .1.3.6.1.6.3.1.1.5.4.*>

The following example blocks all traps under the OID .1.3.6.1.4.1.11.2.17 and the authentication failure trap from a single IPv6 address. 

<1080::8:800:200c:417a, .1.3.6.1.4.1.11.2.17.*, .1.3.6.1.6.3.1.1.5.5.*>

AUTHOR

nnmtrapd.conf was developed by Hewlett Packard Enterprise.

FILES

$NnmDataDir/shared/nnm/conf/nnmtrapd.conf

SEE ALSO

nnmtrapconfig.ovpl(1M).

Return to Reference Pages Index