On 16.11.2010, at 10:12, Dave Shield wrote:
>
> The pragmatic situation is that both sides of the connection need to
> be using the *same* engineID, but it doesn't really matter what that
> engineID actually is.
> So one common approach is to create user(s) in the snmptrapd.conf
> file with an explicit engineID, and specify the same engineID in the
> "trapsess" directive in the snmpd.conf file. Both sides agree, and
> hence
> they can communicate.
> (snip)
Hi Dave,
today, I found again a problem at trunk version of net-snmp with this
configured engineID.
When I use the exiting v3 user 'unsec' for v3 trap sending, the agent
dumps!
When I use the created v3 'trapuser' with configured engineID, this
engineID is not used?
Can you please help?
Regards,
Claus
snmpd.conf:
createUser -e 0x01020304 trapuser MD5 "--none--" DES "--none--"
rouser trapuser noAuthNoPriv -V iso *
#
createUser unsec MD5 "--none--" DES "--none--"
rwuser unsec noAuthNoPriv -V iso *
#
##FIXME: trapsess -v 3 -e 0x01020304 -u trapuser -l noAuthNoPriv
udp:10.11.12.13:162
snmptrapd.conf:
createUser trapuser MD5 "--none--" DES "--none--"
createUser -e 0x01020304 trapuser MD5 "--none--" DES "--none--"
createUser -e 0x80001f88017f000001 trapuser MD5 "--none--" DES "--
none--"
snmpd:
(gdb) run -f -Le -c ./snmpd.conf -C -Dusm,trap,notif,send
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /Users/clausklein/Workspace/c/net-snmp/agent/.libs/
snmpd -f -Le -c ./snmpd.conf -C -Dusm,trap,notif,send
registered debug token usm, 1
registered debug token trap, 1
registered debug token notif, 1
registered debug token send, 1
notification_log: registering with '(null)' context
trap: freeing trap sessions
trap: freeing trap sessions
trap: freeing trap sessions
trap: freeing trap sessions
Turning on AgentX master support.
usmUser: created a new user trapuser at 01 02 03 04
usmUser: created a new user unsec at 80 00 1F 88 01 C0 A8 01 81
trap: send_trap 0 0 SNMPv2-SMI::enterprises.8072.3.2.255
send_notifications: starting: pdu=0x244310, vars=0x0
send_notifications: sent 0 notifications
send_notifications: starting: pdu=0x2443a0, vars=0x806400
send_notifications: sent 0 notifications
NET-SNMP version 5.6
....
trap: send_trap -1 -1 SNMPv2-SMI::enterprises.8072.3.2.255
send_notifications: starting: pdu=0x244a50, vars=0x0
send_notifications: sent 0 notifications
send_notifications: starting: pdu=0x2449c0, vars=0x807c00
send_notifications: checking filters...
send_notifications: no matching profile
trap: sending trap type=167, version=3
usm: match on user trapuser
usm: no match on engineID ()
usm: USM processing has begun (offset 57)
usm: getting user trapuser
usm: match on user trapuser
usm: no match on engineID ()
usm: match on user trapuser
usm: no match on engineID ()
usm: Failed to find engine data.
<<<<<<<<<<<<<<<<< ?
usm: USM processing completed.
send_notifications: sent 1 notifications
notification_log: logging something
notification_log: adding a row to the variables table
notification_log: adding the nlmLogNotificationID to the table
notification_log: logged notifications 1; max 1000
notification_log: done logging something
Assertion failed: (!uptr->engineIDLen || (uptr->engineIDLen && uptr-
>engineID)), function usm_generate_OID, file snmpv3/usmUser.c, line
108.
Program received signal SIGABRT, Aborted.
0x96f3ce42 in __kill ()
(gdb)
(gdb)
(gdb) print uptr->engineIDLen
No symbol "uptr" in current context.
(gdb) where
#0 0x96f3ce42 in __kill ()
#1 0x96f3ce34 in kill$UNIX2003 ()
#2 0x96faf23a in raise ()
#3 0x96fbb679 in abort ()
#4 0x96fb03db in __assert_rtn ()
#5 0x000ef86b in usm_generate_OID (prefix=0xbfffe904, prefixLen=12,
uptr=0x244dc0, length=0xbfffe87c) at snmpv3/usmUser.c:108
#6 0x000eff08 in var_usmUser (vp=0xbfffe8f8, name=0xbfffeb04,
length=0xbfffef04, exact=0, var_len=0xbfffef08,
write_method=0xbfffef0c) at snmpv3/usmUser.c:378
#7 0x000995c8 in netsnmp_old_api_helper (handler=0x0,
reginfo=0x2169d0, reqinfo=0x244db0, requests=0x2443a0) at helpers/
old_api.c:318
#8 0x0006c8c4 in netsnmp_call_next_handler (current=0x216cf0,
reginfo=0x2169d0, reqinfo=0x244db0, requests=0x2443a0) at
agent_handler.c:522
#9 0x0009481c in netsnmp_bulk_to_next_helper (handler=0x216cf0,
reginfo=0x2169d0, reqinfo=0x244db0, requests=0x2443a0) at helpers/
bulk_to_next.c:110
#10 0x0006c38a in netsnmp_call_handlers (reginfo=0x2169d0,
reqinfo=0x244db0, requests=0x2443a0) at agent_handler.c:522
#11 0x00079374 in handle_var_requests (asp=0x244db0) at snmp_agent.c:
2632
#12 0x000798f0 in handle_getnext_loop (asp=0x2447e0) at snmp_agent.c:
3072
#13 0x0007b18b in netsnmp_handle_request (asp=0x2447e0, status=0) at
snmp_agent.c:3224
#14 0x0007b699 in handle_snmp_packet (op=1, session=0x244210,
reqid=1669689940, pdu=0x244440, magic=0x0) at snmp_agent.c:1952
#15 0x0014b7f2 in _sess_process_packet (sessp=0x23fa50, sp=0x244210,
isp=0x2365d0, transport=0x243df0, opaque=0x241b10, olength=36,
packetptr=0x20000 "0+\002\001\001\004\005svfua?\037\002\004c?rT
\002\001", length=45) at snmp_api.c:5681
#16 0x0014c65d in _sess_read (sessp=0x23fa50, fdset=0xbffff52c) at
snmp_api.c:6121
#17 0x0014d0b4 in snmp_sess_read2 (sessp=0x23fa50, fdset=0x0) at
snmp_api.c:6153
#18 0x0014d17c in snmp_read2 (fdset=0xbffff52c) at snmp_api.c:5744
#19 0x00004297 in main (argc=7, argv=0xbffff79c) at snmpd.c:1277
(gdb) up 5
#5 0x000ef86b in usm_generate_OID (prefix=0xbfffe904, prefixLen=12,
uptr=0x244dc0, length=0xbfffe87c) at snmpv3/usmUser.c:108
108 assert(!uptr->engineIDLen || (uptr->engineIDLen && uptr-
>engineID));
(gdb) print uptr->engineIDLen
$1 = 9
(gdb) print uptr->engineID
$2 = (u_char *) 0x0
(gdb)
snmptrapd:
notification_log: logged notifications 0; max 1000
dumph_recv: SNMP Version
dumpx_recv: 02 01 03
dumpv_recv: Integer: 3 (0x03)
dumph_recv: SNMPv3 Message
dumph_recv: SNMP Version Number
dumpx_recv: 02 01 03
dumpv_recv: Integer: 3 (0x03)
dumph_recv: msgGlobalData
dumph_recv: msgID
dumpx_recv: 02 04 32 78 17 43
dumpv_recv: Integer: 846731075 (0x32781743)
dumph_recv: msgMaxSize
dumpx_recv: 02 03 00 FF E3
dumpv_recv: Integer: 65507 (0xFFE3)
dumph_recv: msgFlags
dumpx_recv: 04 01 00
dumpv_recv: String: .
dumph_recv: msgSecurityModel
dumpx_recv: 02 01 03
dumpv_recv: Integer: 3 (0x03)
dumph_recv: SM msgSecurityParameters
usm: USM processing begun...
dumph_recv: msgAuthoritativeEngineID
dumpx_recv: 04 00
dumpv_recv: String:
dumph_recv: msgAuthoritativeEngineBoots
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
dumph_recv: msgAuthoritativeEngineTime
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
dumph_recv: msgUserName
dumpx_recv: 04 08 74 72 61 70 75 73 65 72
dumpv_recv: String: trapuser
dumph_recv: msgAuthenticationParameters
dumpx_recv: 04 00
dumpv_recv: String:
dumph_recv: msgPrivacyParameters
dumpx_recv: 04 00
dumpv_recv: String:
usm: match on user trapuser
usm: no match on engineID ()
usm: match on user trapuser
usm: no match on engineID ()
usm: match on user trapuser
usm: no match on engineID ()
usm: Unknown User(trapuser)
dumph_recv: ScopedPDU
dumph_recv: contextEngineID
dumpx_recv: 04 00
dumpv_recv: String:
dumph_recv: contextName
dumpx_recv: 04 00
dumpv_recv: String:
dumph_recv: TRAP2
dumpv_recv: Command TRAP2
dumph_recv: request_id
dumpx_recv: 02 04 75 35 D3 CD
dumpv_recv: Integer: 1966461901 (0x7535D3CD)
dumph_recv: error status
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
dumph_recv: error index
dumpx_recv: 02 01 00
dumpv_recv: Integer: 0 (0x00)
dumph_recv: VarBindList
dumph_recv: VarBind
dumph_recv: Name
dumpx_recv: 06 08 2B 06 01 02 01 01 03 00
dumpv_recv: ObjID: SNMPv2-MIB::sysUpTime.0
dumph_recv: Value
dumpx_recv: 43 02 22 0E
dumpv_recv: UInteger: 8718 (0x220E)
dumph_recv: VarBind
dumph_recv: Name
dumpx_recv: 06 0A 2B 06 01 06 03 01 01 04 01 00
dumpv_recv: ObjID: SNMPv2-MIB::snmpTrapOID.0
dumph_recv: Value
dumpx_recv: 06 03 2A 03 04
dumpv_recv: ObjID: iso.2.3.4
notification_log: logged notifications 0; max 1000
notification_log: logged notifications 0; max 1000
############################################################################
I configured the trap target with this script:
claus-kleins-macbook-pro:rlAxrScripts clausklein$ ./
snmp_axr_my_notify.sh
++ echo 127.0.0.1
++ awk -F . ' {printf "%02x%02x%02x%02x%04x\n", $1, $2, $3, $4, 162 }'
+ UDPDomain=7f00000100a2
+ snmpget -v 2c -c svfua 127.0.0.1 sysName.0
SNMPv2-MIB::sysName.0 = STRING: claus-kleins-macbook-pro.local
+ snmpget -m '' -v 2c -c svfua 127.0.0.1 'SNMP-NOTIFICATION-
MIB::snmpNotifyRowStatus.'\''127.0.0.1'\'''
+ egrep 'No Such Instance'
SNMP-NOTIFICATION-MIB::snmpNotifyRowStatus.'127.0.0.1' = No Such
Instance currently exists at this OID
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-NOTIFICATION-
MIB::snmpNotifyRowStatus.'\''127.0.0.1'\''' i createAndWait
SNMP-NOTIFICATION-MIB::snmpNotifyRowStatus.'127.0.0.1' = INTEGER:
createAndWait(5)
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-NOTIFICATION-
MIB::snmpNotifyTag.'\''127.0.0.1'\''' = 127.0.0.1 'SNMP-NOTIFICATION-
MIB::snmpNotifyType.'\''127.0.0.1'\''' = trap
SNMP-NOTIFICATION-MIB::snmpNotifyTag.'127.0.0.1' = STRING: 127.0.0.1
SNMP-NOTIFICATION-MIB::snmpNotifyType.'127.0.0.1' = INTEGER: trap(1)
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-NOTIFICATION-
MIB::snmpNotifyRowStatus.'\''127.0.0.1'\''' = active
SNMP-NOTIFICATION-MIB::snmpNotifyRowStatus.'127.0.0.1' = INTEGER:
active(1)
+ egrep 'No Such Instance'
+ snmpget -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetAddrRowStatus.'\''127.0.0.1'\'''
SNMP-TARGET-MIB::snmpTargetAddrRowStatus.'127.0.0.1' = No Such
Instance currently exists at this OID
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetAddrRowStatus.'\''127.0.0.1'\''' = createAndWait
SNMP-TARGET-MIB::snmpTargetAddrRowStatus.'127.0.0.1' = INTEGER:
createAndWait(5)
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetAddrTDomain.'\''127.0.0.1'\''' = SNMPv2-
SMI::snmpDomains.1 'SNMP-TARGET-
MIB::snmpTargetAddrTAddress.'\''127.0.0.1'\''' x 7f00000100a2 'SNMP-
TARGET-MIB::snmpTargetAddrTagList.'\''127.0.0.1'\''' = 127.0.0.1 'SNMP-
TARGET-MIB::snmpTargetAddrParams.'\''127.0.0.1'\''' = 127.0.0.1
SNMP-TARGET-MIB::snmpTargetAddrTDomain.'127.0.0.1' = OID: SNMPv2-
SMI::snmpDomains.1
SNMP-TARGET-MIB::snmpTargetAddrTAddress.'127.0.0.1' = Hex-STRING: 7F
00 00 01 00 A2
SNMP-TARGET-MIB::snmpTargetAddrTagList.'127.0.0.1' = STRING: 127.0.0.1
SNMP-TARGET-MIB::snmpTargetAddrParams.'127.0.0.1' = STRING: 127.0.0.1
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetAddrRowStatus.'\''127.0.0.1'\''' = active
SNMP-TARGET-MIB::snmpTargetAddrRowStatus.'127.0.0.1' = INTEGER:
active(1)
+ snmpget -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetParamsRowStatus.'\''127.0.0.1'\'''
+ egrep 'No Such Instance'
SNMP-TARGET-MIB::snmpTargetParamsRowStatus.'127.0.0.1' = No Such
Instance currently exists at this OID
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetParamsRowStatus.'\''127.0.0.1'\''' i createAndWait
SNMP-TARGET-MIB::snmpTargetParamsRowStatus.'127.0.0.1' = INTEGER:
createAndWait(5)
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetParamsMPModel.'\''127.0.0.1'\''' = 3 'SNMP-TARGET-
MIB::snmpTargetParamsSecurityModel.'\''127.0.0.1'\''' = 3 'SNMP-TARGET-
MIB::snmpTargetParamsSecurityName.'\''127.0.0.1'\''' = trapuser 'SNMP-
TARGET-MIB::snmpTargetParamsSecurityLevel.'\''127.0.0.1'\''' =
noAuthNoPriv
SNMP-TARGET-MIB::snmpTargetParamsMPModel.'127.0.0.1' = INTEGER: 3
SNMP-TARGET-MIB::snmpTargetParamsSecurityModel.'127.0.0.1' = INTEGER: 3
SNMP-TARGET-MIB::snmpTargetParamsSecurityName.'127.0.0.1' = STRING:
trapuser
SNMP-TARGET-MIB::snmpTargetParamsSecurityLevel.'127.0.0.1' = INTEGER:
noAuthNoPriv(1)
+ snmpset -m '' -v 2c -c svfua 127.0.0.1 'SNMP-TARGET-
MIB::snmpTargetParamsRowStatus.'\''127.0.0.1'\''' = active
SNMP-TARGET-MIB::snmpTargetParamsRowStatus.'127.0.0.1' = INTEGER:
active(1)
+ snmptable -m '' -Cbi -Cw 120 -v 2c -c svfua 127.0.0.1 SNMP-
NOTIFICATION-MIB::snmpNotifyTable
SNMP table: SNMP-NOTIFICATION-MIB::snmpNotifyTable
index Tag Type StorageType RowStatus
'127.0.0.1' 127.0.0.1 trap nonVolatile active
+ snmptable -m '' -Cbi -Cw 120 -v 2c -c svfua 127.0.0.1 SNMP-TARGET-
MIB::snmpTargetAddrTable
SNMP table: SNMP-TARGET-MIB::snmpTargetAddrTable
index TDomain TAddress Timeout
RetryCount TagList Params StorageType RowStatus
'127.0.0.1' SNMPv2-SMI::snmpDomains.1 "7F 00 00 01 00 A2 "
1500 3 127.0.0.1 127.0.0.1 nonVolatile active
+ snmptable -m '' -Cbi -Cw 120 -v 2c -c svfua 127.0.0.1 SNMP-TARGET-
MIB::snmpTargetParamsTable
SNMP table: SNMP-TARGET-MIB::snmpTargetParamsTable
index MPModel SecurityModel SecurityName SecurityLevel
StorageType RowStatus
'127.0.0.1' 3 3 trapuser noAuthNoPriv
nonVolatile active
+ snmptable -m '' -Cbi -Cw 120 -v 2c -c svfua 127.0.0.1 SNMP-USER-
BASED-SM-MIB::usmUserTable
SNMP table: SNMP-USER-BASED-SM-MIB::usmUserTable
index SecurityName
CloneFrom AuthProtocol AuthKeyChange
"...."."trapuser" trapuser SNMPv2-SMI::zeroDotZero SNMP-USER-
BASED-SM-MIB::usmHMACMD5AuthProtocol ""
".....??.."."unsec" unsec SNMPv2-SMI::zeroDotZero SNMP-USER-
BASED-SM-MIB::usmHMACMD5AuthProtocol ""
SNMP table SNMP-USER-BASED-SM-MIB::usmUserTable, part 2
index OwnAuthKeyChange
PrivProtocol PrivKeyChange OwnPrivKeyChange Public
"...."."trapuser" "" SNMP-USER-BASED-SM-
MIB::usmDESPrivProtocol "" "" ""
".....??.."."unsec" "" SNMP-USER-BASED-SM-
MIB::usmDESPrivProtocol "" "" ""
SNMP table SNMP-USER-BASED-SM-MIB::usmUserTable, part 3
index StorageType Status
"...."."trapuser" nonVolatile active
".....??.."."unsec" nonVolatile active
+ snmpget -m '' -v 2c -c svfua 127.0.0.1 SNMP-FRAMEWORK-
MIB::snmpEngineID.0
SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 01 C0 A8
01 81
------------------------------------------------------------------------------
Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
http://p.sf.net/sfu/intelisp-dev2dev
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
