Greetings, Our trap sink parameters are modified per 2 MIB entries, one for the IP address and one for the port.
We would like to set the trap sink programmatically on powerup and when we receive an snmp request. On powerup and every time we receive a request to change the trap sink IP address or port, we parse the snmpd.conf file to get the username, authentication and privacy protocols and passwords. Our snmpd.conf file looks like this: # setup authorization CreateUser myUserName SHA "myAuthenticationPassword" AES " myPrivacyPassword " rwuser myUserName authPriv # include Agentx setup master agentx authtrapenable 1 And our code to set the trap session on power up, is written in C++ and is as follows: bool TrapSession::createSnmpV3TrapSession() { std::stringstream connectingString; netsnmp_session session, *sesp; memset(&session, 0, sizeof(netsnmp_session)); snmp_sess_init (&session); // Set up defaults session.version = SNMP_VERSION_3; // Peer name std::stringstream connectionString; connectionString << "udp6:[" << ipV6AddressAsString << "]:" << sinkPort; session.peername = strdup(connectionString.str().c_str()); // set the SNMPV3 user name session.securityName = strdup( userName.c_str()); session.securityNameLen = strlen(userName.c_str()); // Security session.securityLevel = SNMP_SEC_LEVEL_AUTHPRIV; session.securityModel = SNMP_SEC_MODEL_USM; // Authentication Protocol session.securityAuthKeyLen = USM_AUTH_KU_LEN; session.securityAuthProto = snmp_duplicate_objid(usmHMACSHA1AuthProtocol, USM_AUTH_PROTO_SHA_LEN); session.securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN; if (generate_Ku(session.securityAuthProto, session.securityAuthProtoLen, (const uint8_t *) authenticationPassword.c_str(), authenticationPassword.length(), session.securityAuthKey, &session.securityAuthKeyLen) != SNMPERR_SUCCESS) { LOG_ERROR("Error generating authentication KU for authentication password: " << authenticationPassword); return false; } // Privacy Protocol session.securityPrivKeyLen = USM_PRIV_KU_LEN; session.securityPrivProto = snmp_duplicate_objid(usmAESPrivProtocol, USM_PRIV_PROTO_AES_LEN); session.securityPrivProtoLen = USM_PRIV_PROTO_AES_LEN; if (generate_Ku(session.securityAuthProto, session.securityAuthProtoLen, (const uint8_t *)privacyPassword.c_str(), privacyPassword.length(), session.securityPrivKey, &session.securityPrivKeyLen) != SNMPERR_SUCCESS) { LOG_ERROR("Error generating privacy KU for privacy password: " << privacyPassword); return false; } // open the session sesp = snmp_open(&session); if (!sesp) { LOG_ERROR("Unable to open a trap session to: " << session.peername << " with user: " << userName); throw std::runtime_error("Unable to open SNMP session!"); return false; } add_trap_session(sesp, SNMP_MSG_TRAP2, FALSE, SNMP_VERSION_3); return true; } However, we are getting this error: [SNMP 3] : snmpd: send_trap: USM unknown security name (no such user exists) What are we doing wrong? If we add this line to the snmpd.conf and not use the above-mentioned code, we have no problem sending traps. trapsess -v 3 -u myUserName -l authPriv -a SHA -A " myAuthenticationPassword " -x AES -X " myPrivacyPassword " udp6:[2001:bb::f8]:162 Thanks, Mostafa
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users