tcpdump can tell you if the trap traffic is reaching the network interface of your server:
# tcpdump -i any 'port 162'
But tcpdump only tells you if the traffic reaches the interface, not if it can reach an application listening on that port. libpcap works at a level above the host firewall, for instance, so it can be misleading.
If traps are being directed to the correct port on the OpenNMS system, then running
nc -ulv 162 on your OpenNMS system should show traffic arriving to udp 162, similar to:
Ncat: Version 7.70 ( https://nmap.org/ncat ) Ncat: Listening on 0.0.0.0:162 Ncat: Connection from 192.168.1.219. ����ۙR���(0& +C0�ۙR����Oc�0�?0er0�d ++�50 +�5null0 +�5null0, +�52021-11-10T08:17:01.153-06:000 +�5null09 +�5*uei.opennms.org/syslogd/mail/Informational0 ^C
You can verify this with a test trap from another system.
If no traffic is visible, then it may be that your host’s firewall is misconfigured or some other environmental factor, which you would need to investigate.
If the trap traffic is visible listening with nc, then verify OpenNMS is configured to listen on the expected port:
# grep snmp-trap-port /opt/opennms/etc/trapd-configuration.xml <trapd-configuration xmlns="http://xmlns.opennms.org/xsd/config/trapd" snmp-trap-address="*" snmp-trap-port="162"
And is bound to the correct port:
# netstat -anup | grep 162 udp 0 0 0.0.0.0:162 0.0.0.0:* 292561/java
And can receive traps locally on the OpenNMS system itself:
snmptrap -v2c -c public 127.0.0.1:162 42 coldStart.0
You can fix me, I’m a wiki post.