FYI, this seems to work. [LCD needs to be updated to reflect the new engine ID].
free_enginetime_on_shutdown() <-- added to remove old engine ID from LCD list engineID_conf() init_snmpv3_post_config() <-- added to add new engine ID to LCD list clear_user_list() vacm_destroyAllAccessEntries() vacm_destroyAllViewEntries() vacm_destroyAllGroupEntries() usm_add_user() vacm_createGroupEntry() vacm_createAccessEntry() vacm_createViewEntry() > -----Original Message----- > From: Lewis Adam-VNQM87 > Sent: Wednesday, June 29, 2011 7:57 PM > To: [email protected] > Subject: RE: dynamically changing the SnmpEngineID > > Okay, I've coded what I hoped would work and it doesn't. When I change > the engine ID (without rebooting), the SNMP requests fail with "Unknown > engine ID" > > Roughly speaking, once I have changed the engine ID, I am doing the > following: > > engineID_conf() > clear_user_list() > vacm_destroyAllAccessEntries() > vacm_destroyAllViewEntries() > vacm_destroyAllGroupEntries() > usm_add_user() > vacm_createGroupEntry() > vacm_createAccessEntry() > vacm_createViewEntry() > > is there anything else I need to consider? Sessions? Other engine ID > dependant structures that need to be destroyed and recreated? > > Adam. > > > -----Original Message----- > > From: Wes Hardaker [mailto:[email protected]] > > Sent: Monday, June 27, 2011 6:26 PM > > To: Lewis Adam-VNQM87 > > Cc: [email protected] > > Subject: Re: dynamically changing the SnmpEngineID > > > > >>>>> On Mon, 27 Jun 2011 15:49:01 +0100, "Lewis Adam-VNQM87" > > <[email protected]> said: > > > > LA> I think our main concern was the possibility of memory leaks. > Being > > an > > LA> embedded product, it's not simply a case of killing the process > and > > LA> restarting it so while we want to offer the flexibility of > updating > > LA> ip-based, mac-based, and text-string based SnmpEngineIDs, we also > > want > > LA> the unit not to be rebooted unless absolutely necessary. If I > > understand > > LA> it correctly, we should be able to destroy all the vacm and usm > > entries > > LA> and reload them with default users. Hopefully the pain of re- > > entering > > LA> user information will discourage people from changing the > > SnmpEngineID > > LA> on a regular basis. > > > > Definitely, discouragement of changing it is tactic one :-) > > -- > > Wes Hardaker > > Please mail all replies to [email protected] ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
