trapFilter.conf — Filter file to block traps based on IP address or OID
Use the trapFilter.conf file to
configure filters to block traps based on both IP address and trap
OID. This is similar to using the nnmtrapd.conf
file, except that traps blocked by the trapFilter.conf
file do not get stored in the trap binary store, nor are they used to analyze trap rates.
Trap rates are not affected by incoming traps blocked by the trapFilter.conf.
file. NNMi does not store incoming traps blocked by the trapFilter.conf file.
Enter the filters one filter per line. Each filter consists of an IP address, range, or wildcard followed by one or more comma separated trap OIDs, range of trap OIDs, or wildcards.
The format of the filter is as follows:
<IP Address, OID[,OID]*>
IP Address could be a single IP Address or a pattern in
prefix/prefix-length notation or range-wildcard notation. The special
notation of "*" indicates
all addresses. Do not combine the prefix/prefix-length notation
with the range-wildcard notation in the same address. Do not specify the
hostname instead of an address. Every filter entry should
have a unique address (single, wildcard, or range). Examples of
addresses in prefix/prefix-length notation are as follows:
10.2.112.0/20 1080:0:a00::/44
The same addresses in range-wildcard notations are:
10.2.112-127.* 1080:0:a00-a0f:*:*:*:*:*
Specify the trap OID as a range or as wildcard. Only use a range or a wildcard in one OID.
Only specify the last sub OID of an OID as a wildcard or range. The
special notation ".*"
indicates all OIDs. Some examples are as follows:
.1.3.6.1.4.1.11.2.17.1.0.58915834-58915868 .1.3.6.1.4.1.11.*
For generic traps like linkUp, you can append the enterprise OID of
the vendor to the trap OID for blocking a specific vendor. Conversely,
to block a generic trap from all vendors you need to append a wildcard
to the trap OID.
Blocking all traps from all addresses is not allowed. So the following entry is ignored:
<*, .*>
To apply filter changes to the running configuration, use the following command:
nnmtrapconfig.ovpl -readFilter
The following example blocks all generic traps from all subnets in the range 10.2.120 to 10.2.127:
<10.2.120.0/21, .1.3.6.1.6.3.1.1.5.*>
The following example blocks link up traps from all devices in the 10.6.112/21 subnet whose enterprise OID is .1.3.6.1.4.1.11.2.3.7.11.17:
<10.6.112.0/21, .1.3.6.1.6.3.1.1.5.4.1.3.6.1.4.1.11.2.3.7.11.17>
The following example blocks link up traps from all devices in the 10.6.112/21 subnet.
<10.6.112.0/21, .1.3.6.1.6.3.1.1.5.4.*>
The following example blocks all traps under the OID .1.3.6.1.4.1.11.2.17 and the authentication failure trap from a single IPv6 address.
<1080::8:800:200c:417a, .1.3.6.1.4.1.11.2.17.*, .1.3.6.1.6.3.1.1.5.5.*>