snmp exec script being rejected
We have a couple old 9.3.1 LTMs which we are trying to get a window to upgrade, but in the mean time, I need to be able to monitor the current SSL connections remotely via SNMP. There is no OID for that stat in 9.3.1, so I wrote a simple script and am trying get it to execute via the "exec PROC script args" option in snmpd.conf. I've done this before with other Linux systems, without much trouble, but for some reason on these F5s, I keep getting an error in the log file like the following, every time I try to query OID .1.3.6.1.4.1.2021.8.1.101.1
Jan 8 09:57:15 MyBigIP01 SubDomain: REJECTING w access to /config/net-snmp/.snmp-exec-cache (snmpd(26258) profile /usr/sbin/snmpd active /usr/sbin/snmpd)
My line in /config/snmp/snmpd.conf looks like the following
exec CURRSSL /usr/bash /config/snmp/report-cur-ssl.sh
I've set full -rwxrwxrwx access to script file (I'll back it off once I get this to work, assuming that doesn't break it). When I query OID 1.3.6.1.4.1.2021.8, I get a return like the following:
Z:\>snmpwalk -v1 -On -c public 10.1.1.12 1.3.6.1.4.1.2021.8
.1.3.6.1.4.1.2021.8.1.1.1 = INTEGER: 1
.1.3.6.1.4.1.2021.8.1.2.1 = STRING: CURRSSL
.1.3.6.1.4.1.2021.8.1.3.1 = STRING: /usr/bash /config/snmp/report-cur-ssl.sh
.1.3.6.1.4.1.2021.8.1.100.1 = INTEGER: 0
.1.3.6.1.4.1.2021.8.1.101.1 = STRING:
.1.3.6.1.4.1.2021.8.1.102.1 = INTEGER: noError(0)
.1.3.6.1.4.1.2021.8.1.103.1 = STRING:
The zero exit code (OID .1.3.6.1.4.1.2021.8.1.100.1) isn't believable, because I added a line to my script to echo my output to local file, and, I don't get a file, and the log and query return is the same.
Can anyone offer any suggestions on something to look at regarding the "REJECTING" message I see in the log above.