gateway control through SNMP


project page


follow download link in the project page


Bernard Bou <>

other language


gwkeeper manages a set of hosts so that their access to outer networks (and the Internet) is restricted.

Operations are carried out through SNMP : a SNMP management console performs remote modifications on the remote target hosts : the management process connects to the SNMP agent on the target remote host and requests operations to be performed on its behalf.

Modifications consist in removing/restoring the default route on the target hosts. When the remote host does not have a default route, it is confined to the LAN and does not have access to the Internet, whatever the protocol, be it http, ftp, mail, chat ...

To restrict access to the proxy (on the LAN), a special entry is introduced in the routing table which makes the proxy inaccessible. If the firewall does not act as a proxy it is advisable to redirect the proxy addres to the firewall.

This requires :

Agent installation:

Control panel/Add-remove software/ Add-remove Windows components/ Analysis and management tools/Details/SNMP

Agent configuration:

The configuration of the agent, once it can be connected to, is performed by gwkeeper (through remote registry access).
See also : Control panel/Administrative tools/Services/SNMP service/Properties/Security
The community parameter acts as a password for the agent:
Minimal required permission must be READWRITE.