fix: same ports for ipv4, ipv6 traps

charts/splunk-connect-for-snmp/templates/traps/service.yaml

@@ -26,21 +26,12 @@ spec:
   {{- end }}
   ports:
     - port: {{ .Values.traps.service.port }}
-      {{- if and .Values.traps.service.nodePort (eq .Values.traps.service.type "NodePort")}}
+      {{- if and .Values.traps.service.nodePort (eq .Values.traps.service.type "NodePort") }}
       nodePort: {{ .Values.traps.service.nodePort | default 30000 }}
       {{- end }}
       targetPort: 2162
       protocol: UDP
       name: snmp-udp
-    {{- if has "IPv6" .Values.traps.ipFamilies}}
-    - port: {{ .Values.traps.service.ipv6Port | default 2163}}
-      {{- if and .Values.traps.service.nodePort (eq .Values.traps.service.type "NodePort")}}
-      nodePort: {{ .Values.traps.service.ipv6NodePort | default 30003 }}
-      {{- end }}
-      targetPort: 2163
-      protocol: UDP
-      name: snmp-udp6
-    {{- end }}
   selector:
     {{- include "splunk-connect-for-snmp.traps.selectorLabels" . | nindent 4 }}
 {{- end -}}

charts/splunk-connect-for-snmp/values.schema.json

@@ -728,12 +728,6 @@
             },
             "nodePort": {
               "type": "integer"
-            },
-            "ipv6Port": {
-              "type": "integer"
-            },
-            "ipv6NodePort": {
-              "type": "integer"
             }
           }
         },

charts/splunk-connect-for-snmp/values.yaml

@@ -429,11 +429,9 @@ traps:
     # on a multi-node it's better to set this as NodePort and configure traps.service.nodePort
     type: LoadBalancer
     port: 162
-   # ipv6Port: 2163
 
     # nodePort will be set only when type of service is a NodePort
     #nodePort: 30000
-    #ipv6NodePort: 30003
 
   #loadBalancerIP must be set to the IP address in the metallb pool.
   #It is required when service type is set to LoadBalancer.

docker_compose/.env

@@ -89,7 +89,6 @@ CHAIN_OF_TASKS_EXPIRY_TIME=500
 # Traps configuration
 SNMP_V3_SECURITY_ENGINE_ID=80003a8c04
 TRAPS_PORT=162
-IPv6_TRAPS_PORT=2163
 TRAP_LOG_LEVEL=INFO
 
 # Scheduler configuration

docker_compose/docker-compose.yaml

@@ -148,10 +148,6 @@ services:
       protocol: udp
       published: ${TRAPS_PORT}
       target: 2162
-    - mode: host
-      protocol: udp
-      published: ${IPv6_TRAPS_PORT}
-      target: 2163
     volumes:
     - ${TRAPS_CONFIG_FILE_ABSOLUTE_PATH}:/app/config/config.yaml:ro
     - traps-pysnmp-cache-volume:/.pysnmp/:rw

docs/dockercompose/10-enable-ipv6.md

@@ -12,7 +12,4 @@ To enable IPv6 for SC4SNMP, set `IPv6_ENABLED` variable to `true` in `.env` file
 The default subnet used for SC4SNMP network in docker is `fd02::/64`, this configuration can be changed in `.env` file under `Network configuration` section.
 In case of configuring more than one IPv4 and IPv6 subnet in IPAM, `networks` section of `docker-compose.yaml` should be edited.
 
-Default trap port for notifications for IPv6 is `2163`. You can change it to any other port if needed with `IPv6_TRAPS_PORT` parameter in `.env` file.
-The IPv6 port and IPv4 port cannot be the same.
-
 For more information about IPv6 networking in docker, you can check the [official Docker documentation](https://docs.docker.com/engine/daemon/ipv6/).

docs/dockercompose/6-env-file-configuration.md

@@ -125,8 +125,6 @@ Inside the directory with the docker compose files, there is a `.env`. Variables
 |------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| 
 | `SNMP_V3_SECURITY_ENGINE_ID` | SNMPv3 TRAPs require the configuration SNMP Engine ID of the TRAP sending application for the USM users table of the TRAP receiving application for each USM user, for example: SNMP_V3_SECURITY_ENGINE_ID=80003a8c04,aab123456 |
 | `TRAPS_PORT`                 | External port exposed for traps server                                                                                                                                                                                          |
-| `IPv6_TRAPS_PORT`                             | External port exposed for traps server for IPv6                                                                                                                                                                                 |
-
 ## Scheduler
 
 | Variable              | Description                                                                                       |

docs/microk8s/configuration/values-params-description.md

@@ -166,11 +166,9 @@ Detailed documentation about configuring traps can be found in [Traps](trap-conf
 | `service.usemetallb`                            | Enables using metallb                                                                                                           | `true`           |
 | `service.metallbsharingkey`                     | Sets metallb.universe.tf/allow-shared-ip annotation in trap service                                                             | `splunk-connect` |
 | `service.type`                                  | [Kubernetes documentation](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types)  | `LoadBalancer`   |
-| `service.port`                                  | Port of the service to use for IPv4                                                                                             | `162`            |
+| `service.port`                                  | Port of the service to use for IPv4 and IPv6                                                                                    | `162`            |
 | `service.nodePort`                              | Port when the `service.type` is `nodePort`                                                                                      | `30000`          |
 | `service.externalTrafficPolicy`                 | Controls how Kubernetes routes traffic                                                                                          | `Local`          |
-| `service.ipv6Port`                              | Port of the service to use for IPv6                                                                                             | `162`            |
-| `service.ipv6NodePort`                          | Port when the `service.type` is `nodePort` and IPv6 is enabled                                                                  | `2163`           |
 | `loadBalancerIP`                                | Sets loadBalancer IP address in the metallb pool                                                                                | ``               |
 | `ipFamilyPolicy`                                | Specifies if the service is dual stack or single stack                                                                          | `SingleStack`    |
 | `ipFamilies`                                    | Defines the address families used for chosen `ipFamilyPolicy`                                                                   | `IPv4`           |

docs/microk8s/enable-ipv6.md

@@ -63,5 +63,3 @@ traps:
   ipFamilyPolicy: RequireDualStack
   ipFamilies: ["IPv4", "IPv6"]
 ```
-Default trap port for notifications for IPv6 is `2163`. You can change it to any other port if needed with `traps.service.ipv6Port` parameter.
-The IPv6 port and IPv4 port cannot be the same. 

integration_tests/.env

@@ -82,7 +82,6 @@ CHAIN_OF_TASKS_EXPIRY_TIME=500
 # Traps configuration
 SNMP_V3_SECURITY_ENGINE_ID=80003a8c04
 TRAPS_PORT=162
-IPv6_TRAPS_PORT=2163
 TRAP_LOG_LEVEL=INFO
 
 # Scheduler configuration

splunk_connect_for_snmp/snmp/auth.py

@@ -36,7 +36,7 @@
 from splunk_connect_for_snmp.snmp.exceptions import SnmpActionError
 
 UDP_CONNECTION_TIMEOUT = int(os.getenv("UDP_CONNECTION_TIMEOUT", 1))
-IPv6_ENABLED = human_bool(os.getenv("IPv6_ENABLED", False))
+IPv6_ENABLED = human_bool(os.getenv("IPv6_ENABLED", "false").lower())
 
 
 def get_secret_value(

splunk_connect_for_snmp/snmp/tasks.py

@@ -51,6 +51,7 @@
 RESOLVE_TRAP_ADDRESS = os.getenv("RESOLVE_TRAP_ADDRESS", "false")
 MAX_DNS_CACHE_SIZE_TRAPS = int(os.getenv("MAX_DNS_CACHE_SIZE_TRAPS", "100"))
 TTL_DNS_CACHE_TRAPS = int(os.getenv("TTL_DNS_CACHE_TRAPS", "1800"))
+IPv6_ENABLED = human_bool(os.getenv("IPv6_ENABLED", "false").lower())
 
 
 @shared_task(
@@ -152,6 +153,11 @@ def trap(self, work):
     remaining_oids = []
     remotemibs = set()
     metrics = {}
+
+    # IPv4 addresses from IPv6 socket have added ::ffff: prefix, which is removed
+    if IPv6_ENABLED and "." in work["host"]:
+        work["host"] = work["host"].split(":")[-1]
+
     for w in work["data"]:
 
         if OID_VALIDATOR.match(w[1]):

splunk_connect_for_snmp/traps.py

@@ -174,18 +174,19 @@ def main():
         cbCtx=observer_context,
     )
 
-    # UDP over IPv4, first listening interface/port
-    config.addTransport(
-        snmp_engine,
-        udp.domainName,
-        udp.UdpTransport().openServerMode(("0.0.0.0", 2162)),
-    )
-
+    # UDP socket over IPv6 listens also for IPv4
     if IPv6_ENABLED:
         config.addTransport(
             snmp_engine,
             udp6.domainName,
-            udp6.Udp6Transport().openServerMode(("::", 2163)),
+            udp6.Udp6Transport().openServerMode(("::", 2162)),
+        )
+    else:
+        # UDP over IPv4, first listening interface/port
+        config.addTransport(
+            snmp_engine,
+            udp.domainName,
+            udp.UdpTransport().openServerMode(("0.0.0.0", 2162)),
         )
 
     with open(CONFIG_PATH, encoding="utf-8") as file: