The SNMP agent is right now hard coded to listen on all interfaces. This raises issues when you try to keep management traffic separate from user traffic. The snmp.conf file contains the following line:
This makes it impossible to limit interfaces. SNMP usually allows a lot of dangerous stuff and shouldn't be exposed to users. Thus, the only way around this is to disable SNMP completely.
agentAddress udp:161,udp6:161,unix:/var/run/snmpd.sock
This makes it impossible to limit interfaces. SNMP usually allows a lot of dangerous stuff and shouldn't be exposed to users. Thus, the only way around this is to disable SNMP completely.