Re: snmptrapd: Verify trapversion of incoming traps
Hi Pushpa, As far as I have observed the traps and understood from the tutorials on web, the PDU formats of SNMPv2 and SNMPv3 are same and its just that there is additional authentication for SNMPv3. Therefore you get similar output in cases 2 and 3. Thanks, Dharm On Mon, Dec 29, 2014 at 11:49 AM, Pushpa Thimmaiah < pushpa.thimma...@gmail.com> wrote: > Hi Folks, > > Can anybody tell me how can I check version(snmp2c/3) of received traps by > 'snmptrapd' ? > > Settings: > runnging snmpd, snmptrapd and snmptrap on same system (localhost) > > *CASE 1: SNMPv1* > send snmpv1 trap ---> > > snmptrap -v 1 -c public localhost .1.3.6.1.4.1.8072.2.3.1 localhost 2 0 "" > >.1.3.6.1.4.1.8072.2.1.1 i 123 > > snmpv1 trap received by snmptrapd ---> > > 2014-12-24 11:17:06 localhost [127.0.0.1] (via UDP: > [127.0.0.1]:51079->[127.0.0.1]) TRAP, >SNMP v1, community public > iso.3.6.1.4.1.8072.2.3.1 Link Down Trap (0) Uptime: 1:46:24.34 > iso.3.6.1.4.1.8072.2.1.1 = INTEGER: 123 > > *CASE 2: SNMPv2c* > send snmpv2c trap ---> > > snmptrap -v 2c -c public localhost 69 .1.3.6.1.4.1.8072.2.3.1 > .1.3.6.1.4.1.8072.2.1.1 i 123 > > snmpv2c trap received by snmptrapd ---> > > 2014-12-24 11:28:52 localhost [UDP: [127.0.0.1]:35333->[127.0.0.1]]: > iso.3.6.1.2.1.1.3.0 = Timeticks: (69) 0:00:00.69 iso.3.6.1.6.3.1.1.4.1.0 = > OID: >iso.3.6.1.4.1.8072.2.3.1 iso.3.6.1.4.1.8072.2.1.1 = INTEGER: > 123 <- log A > > *CASE 3: SNMPv3* > send snmpv3 trap ---> > > snmptrap -v 3 -n "" -a SHA -A mypassword -x AES -X mypassword -l authPriv > -u traptest -e >0x80001f880300b0ae00 localhost 69 > .1.3.6.1.4.1.8072.2.3.1 .1.3.6.1.4.1.8072.2.1.1 i 123 > > snmpv3 trap received by snmptrapd ---> > > 2014-12-24 11:10:49 localhost [UDP: [127.0.0.1]:35306->[127.0.0.1]]: > iso.3.6.1.2.1.1.3.0 = Timeticks: (69) 0:00:00.69 iso.3.6.1.6.3.1.1.4.1.0 = > OID: >iso.3.6.1.4.1.8072.2.3.1 iso.3.6.1.4.1.8072.2.1.1 = INTEGER: > 123< log B > > Question: In case 2 and 3 , trap received by snmptrapd (i.e log A and log > B) is same. How to make out trap version of the traps been received by > snmptrapd? > > > > Thank you, > > Pushpa > > > -- > Dive into the World of Parallel Programming! The Go Parallel Website, > sponsored by Intel and developed in partnership with Slashdot Media, is > your > hub for all things parallel software development, from weekly thought > leadership blogs to news, videos, case studies, tutorials and more. Take a > look and join the conversation now. http://goparallel.sourceforge.net > ___ > Net-snmp-users mailing list > Net-snmp-users@lists.sourceforge.net > Please see the following page to unsubscribe or change other options: > https://lists.sourceforge.net/lists/listinfo/net-snmp-users > > -- Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: DTLS not consistent
Hi Wes, The server side logs are as follows: cert:util:config: parsing 10 A7:C7:EB:F8:30:6B:4F:9E:78:28:C4:1E:CF:F1:DC:6B:EA:91:C6:AE --cn cert:find:params: looking for remote_peer(2) in MULTIPLE(0x200), hint 3214037692 cert:find:params: looking for remote_peer(2) in FINGERPRINT(0x2), hint 3214037692 cert:find:params: hint = A7:C7:EB:F8:30:6B:4F:9E:78:28:C4:1E:CF:F1:DC:6B:EA:91:C6:AE cert:find:found: using cert manager_self_1.crt / a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae for remote_peer(2) (uses=remote_peer (2)) cert:find:found: using cert manager_self_1.crt / a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae for remote_peer(2) (uses=remote_peer (2)) cert:map:add: pri 10, fp a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae dtlsudp: netsnmp_dtlsudp_transport(): transports/snmpDTLSUDPDomain.c, 1421: A SNMP version other than 3 was requested with (D)TLS; using 3 anyways tlstcp: listening on tlstcp port 0.0.0.0:10161 cert:find:params: looking for identity(1) in DEFAULT(0x0), hint 0 cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint 165187808 cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint 165187808 cert:find:params: hint = 64:B0:D3:30:3F:8F:F5:96:67:57:7F:5A:71:31:C9:98:6F:D9:14:56 cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) NET-SNMP version 5.7.3.rc3 dtlsudp: received 148 raw bytes on way to dtls dtlsudp: starting a new connection cert:find:params: looking for identity(1) in DEFAULT(0x0), hint 0 cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint 165187808 cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint 165187808 cert:find:params: hint = 64:B0:D3:30:3F:8F:F5:96:67:57:7F:5A:71:31:C9:98:6F:D9:14:56 cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) dtlsudp:cookie: generating cookie... dtlsudp: have 48 bytes to send dtlsudp: received 168 raw bytes on way to dtls dtlsudp:cookie: verify cookie: 1 dtlsudp: have 1375 bytes to send dtlsudp: received 148 raw bytes on way to dtls dtlsudp: starting a new connection cert:find:params: looking for identity(1) in DEFAULT(0x0), hint 0 cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint 165187808 cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint 165187808 cert:find:params: hint = 64:B0:D3:30:3F:8F:F5:96:67:57:7F:5A:71:31:C9:98:6F:D9:14:56 cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) cert:find:found: using cert snmpd_self.crt / 64b0d3303f8ff59667577f5a7131c9986fd91456 for identity(1) (uses=identity+remote_peer (3)) dtlsudp have 48 bytes to send dtlsudp: received 168 raw bytes on way to dtls dtlsudp:cookie: verify cookie: 1 dtlsudp: have 1375 bytes to send dtlsudp: received 1948 raw bytes on way to dtls tls_x509:verify: Cert: /C=US/ST=CA/L=Davis/O=Net-SNMP/OU=Development/CN=self1/emailAddress= ad...@net-snmp.org tls_x5:cookie: generating cookie... dtlsudp:09:verify: fp: a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae cert:find:params: looking for remote_peer(2) in FINGERPRINT(0x2), hint 165219632 cert:find:params: hint = a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae cert:find:found: using cert manager_self_1.crt / a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae for remote_peer(2) (uses=remote_peer (2)) tls_x509:verify: Found locally: /usr/share/manager_self_1.crt tls_x509:verify: verify_callback called with: ok=0 ctx=0xbf9268d8 depth=0 err=18:self signed certificate tls_x509:verify: accepting matching fp of self-signed certificate found in: manager_self_1.crt tls_x509:verify: Cert: /C=US/ST=CA/L=Davis/O=Net-SNMP/OU=Development/CN=self1/emailAddress= ad...@net-snmp.org tls_x509:verify: fp: a7c7ebf8306b4f9e7828c41ecff1dc6bea91c6ae tls_x509:verify: verify_callback called with: ok=1 ctx=0xbf9268d8 depth=0 err=18:self signed certificate tls_x509:verify: returning the passed in value of 1 dtlsudp: have 1498 bytes to send Thanks, Dharm On Tue, Dec 23, 2014 at 12:04 PM, Wes Hardaker < harda...@users.sourceforge.net> wrote: > Dharm S writes: > > > failed rfc5343 contextEngineID probing > > So, judging from the packet information it appears that the snmp library > looks like it gets the dtls connection open (or at least it believes it > is; whether the *other* side agrees is subject to debate still). Then > it's trying to send a contextEngineId probe through which is 69 bytes > long. and it tries that multiple times (and you can see the buffer > filling up because all the packet buffers add up in multiples of > 69). And then it fi
DTLS not consistent
Hi All, I was trying net-snmp with dtls support with snmpd running on one system and manager on another. The USM model worked well. Regarding DTLS i found this strange behaviour of requests being processed only at times. The certificate fingerprints are included in the snmpd.conf as written in the tutorial. My openssl version shows the following: OpenSSL 1.0.0e 6 Sep 2011 built on: Thu Feb 9 00:57:05 UTC 2012 platform: debian-i386 options: bn(64,32) rc4(idx,int) des(ptr,risc1,16,long) blowfish(idx) compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall Is it the problem regarding openssl?? Can you guide me on which parameters to be checked while receiving and sending requests between manager and snmpd? The dtls,cert tokens show successful messages while processing. But when it doesnt process I get the following errors: dtlsudp: have 148 bytes to send dtlsudp: received 48 raw bytes on way to dtls dtlsudp: have 168 bytes to send dtlsudp: Trying to write 69 of buffered data dtlsudp: received 1375 raw bytes on way to dtls tls_x509:verify: Cert: /C=US/ST=CA/L=Davis/O=Net-SNMP/OU=Development/CN=snmpd_self/emailAddress= ad...@net-snmp.org tls_x509:verify: fp: 64b0d3303f8ff59667577f5a7131c9986fd91456 tls_x509:verify: verify_callback called with: ok=1 ctx=0xbfb7b3f8 depth=0 err=0:ok tls_x509:verify: returning the passed in value of 1 dtlsudp: have 1948 bytes to send dtlsudp: Trying to write 69 of buffered data tsm: needed to free transport data dtlsudp: sending 69 bytes dtlsudp: Trying to write 69 of buffered data tsm: needed to free transport data dtlsudp: sending 69 bytes dtlsudp: Trying to write 138 of buffered data tsm: needed to free transport data dtlsudp: sending 69 bytes dtlsudp: Trying to write 207 of buffered data tsm: needed to free transport data dtlsudp: sending 69 bytes dtlsudp: Trying to write 276 of buffered data tsm: needed to free transport data dtlsudp: sending 69 bytes dtlsudp: Trying to write 345 of buffered data failed rfc5343 contextEngineID probing snmpwalk: Timeout (Success) dtlsudp:close: closing dtlsudp transport 0x9167c28 dtlsudp:close: 414 bytes remain in write_cache dtlsudp:close: dumping 414 bytes from write_cache dtlsudp:close: closing SSL socket tlsbase: Freeing TLS Base data for a session Thanks, Dharm -- Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Include only TSM module
Hi All, I tried to include only the tsm security module and disable usm using the token --with-out-security-modules=usm But the make command throws the following error: undefined reference to `usmAESPrivProtocol' Desktop/net-snmp-5.7.3.rc3/snmplib/.libs/libnetsnmp.so: undefined reference to `usmDESPrivProtocol' Desktop/net-snmp-5.7.3.rc3/snmplib/.libs/libnetsnmp.so: undefined reference to `usmHMACMD5AuthProtocol' Desktop/net-snmp-5.7.3.rc3/snmplib/.libs/libnetsnmp.so: undefined reference to `usm_clone_usmStateReference' Desktop/net-snmp-5.7.3.rc3/snmplib/.libs/libnetsnmp.so: undefined reference to `usmHMACSHA1AuthProtocol' I disabled applications since it has snmpusm. But still it shows this error. What all tokens should be used to remove usm and include only tsm module?? Thank You, Dharm -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: SNMPv2 traps
Hi Pushpa, Sorry ...Missed your question. agent address is set as follows: agentAddress udp:161 On Thu, Dec 18, 2014 at 12:15 PM, Pushpa Thimmaiah < pushpa.thimma...@gmail.com> wrote: > > Hi Dharm, > > Do you have issue with receiving traps or logging them ? > If issue with logging then > Try 'authCommunity ' to log received traps else snmptrapd > simply drop them. > > Add 'authCommunity log public' in your /etc/snmp/snmptrapd.conf and > restart snmptrapd > snmptrapd -c /etc/snmp/snmptrapd.conf -Lf traps.txt > > If issue with receiving traps then check what is 'agentAddress' directive > been set to? ( snmpd.conf) > Is it set to ' agentAddress udp:127.0.0.1:161' ? > > > Thanks, > Pushpa.T > > On Wed, Dec 17, 2014 at 5:21 PM, Dharm S wrote: > >> Hi All, >> >> I am sending traps from an embedded platform which has the net-snmp agent >> running in it. >> >> I have the following lines in snmpd.conf >> >> rocommunity public 192.168.10.57 >> rocommunity public 192.168.10.53 >> >> trap2sink 192.168.10.53 public >> >> The agent address is 192.168.10.57. I can see the traps being received on >> wireshark. But I am not able to view them on terminal or log in any file >> using >>snmptrapd -f -Lo (or) snmptrapd -f -Lf traps.txt >> >> snmptrapd.conf has only following line >> disableAuthorization yes >> >> I am able to log the traps if the snmp agent runs in localhost (same >> system for snmpd and snmptrapd) . But the traps from remote system are not >> logged. >> >> Kindly help me on this. >> >> >> -- >> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >> with Interactivity, Sharing, Native Excel Exports, App Integration & more >> Get technology previously reserved for billion-dollar corporations, FREE >> >> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >> ___ >> Net-snmp-users mailing list >> Net-snmp-users@lists.sourceforge.net >> Please see the following page to unsubscribe or change other options: >> https://lists.sourceforge.net/lists/listinfo/net-snmp-users >> >> -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: SNMPv2 traps
Thank You Pushpa. I had tried that method. But still I am able to receive traps only if the snmptrapd and snmpd run on the same system. I want to receive traps sent from a remote system. On Thu, Dec 18, 2014 at 12:15 PM, Pushpa Thimmaiah < pushpa.thimma...@gmail.com> wrote: > > Hi Dharm, > > Do you have issue with receiving traps or logging them ? > If issue with logging then > Try 'authCommunity ' to log received traps else snmptrapd > simply drop them. > > Add 'authCommunity log public' in your /etc/snmp/snmptrapd.conf and > restart snmptrapd > snmptrapd -c /etc/snmp/snmptrapd.conf -Lf traps.txt > > If issue with receiving traps then check what is 'agentAddress' directive > been set to? ( snmpd.conf) > Is it set to ' agentAddress udp:127.0.0.1:161' ? > > > Thanks, > Pushpa.T > > On Wed, Dec 17, 2014 at 5:21 PM, Dharm S wrote: > >> Hi All, >> >> I am sending traps from an embedded platform which has the net-snmp agent >> running in it. >> >> I have the following lines in snmpd.conf >> >> rocommunity public 192.168.10.57 >> rocommunity public 192.168.10.53 >> >> trap2sink 192.168.10.53 public >> >> The agent address is 192.168.10.57. I can see the traps being received on >> wireshark. But I am not able to view them on terminal or log in any file >> using >>snmptrapd -f -Lo (or) snmptrapd -f -Lf traps.txt >> >> snmptrapd.conf has only following line >> disableAuthorization yes >> >> I am able to log the traps if the snmp agent runs in localhost (same >> system for snmpd and snmptrapd) . But the traps from remote system are not >> logged. >> >> Kindly help me on this. >> >> >> -- >> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >> with Interactivity, Sharing, Native Excel Exports, App Integration & more >> Get technology previously reserved for billion-dollar corporations, FREE >> >> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >> ___ >> Net-snmp-users mailing list >> Net-snmp-users@lists.sourceforge.net >> Please see the following page to unsubscribe or change other options: >> https://lists.sourceforge.net/lists/listinfo/net-snmp-users >> >> -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
SNMPv2 traps
Hi All, I am sending traps from an embedded platform which has the net-snmp agent running in it. I have the following lines in snmpd.conf rocommunity public 192.168.10.57 rocommunity public 192.168.10.53 trap2sink 192.168.10.53 public The agent address is 192.168.10.57. I can see the traps being received on wireshark. But I am not able to view them on terminal or log in any file using snmptrapd -f -Lo (or) snmptrapd -f -Lf traps.txt snmptrapd.conf has only following line disableAuthorization yes I am able to log the traps if the snmp agent runs in localhost (same system for snmpd and snmptrapd) . But the traps from remote system are not logged. Kindly help me on this. -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help in configuring users in DTLS
Hi Arefin, Thanks for the response. But the issue seems to be something else. I am getting the same error again though i used 600 or 640. On Mon, Nov 10, 2014 at 10:10 PM, M. A. Arefin wrote: > I had a similar problem! Apparently the file permission on the certs was > too open! Reducing the file permission to something like 640 or 600 solve > the problem for me. Pardon me if this is not the case. > > On Mon, Nov 10, 2014 at 1:59 AM, Dharm S wrote: > >> Hi All, >> >> I have generated certificates and used the keys while entering the SNMP >> commands. I ran snmpd after entering the following lines in snmp.conf: >> >> peerCert 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 >> localCert 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 >> >> where peerCert is the fingerprint of snmpd.crt and localCert in >> manager.crt. >> >> And in snmpd.conf, I have: >> >> [snmp] localCert >> 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 >> certSecName 10 >> 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 --cn >> >> The snmpget dtlsudp:localhost:10161 sysContact.0 gives following debug >> messages: >> cert:util:init: init >> cert:index:add: dir /usr/local/etc/snmp/tls/ca-certs at index 0 >> cert:index:add: dir /home/anjali/.snmp/tls/certs at index 4 >> cert:index:add: dir /usr/local/etc/snmp/tls/private at index 2 >> cert:index:add: dir /home/anjali/.snmp/tls/private at index 5 >> cert:index:add: dir /home/anjali/.snmp/tls/ca-certs at index 3 >> cert:index:add: dir /usr/local/etc/snmp/tls/certs at index 1 >> cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/ca-certs >> cert:index:lookup: /usr/local/etc/snmp/tls/ca-certs (0) >> /var/net-snmp/cert_indexes/0 >> cert:index:parse: The index for /usr/local/etc/snmp/tls/ca-certs looks >> good >> cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/certs >> cert:index:lookup: /usr/local/etc/snmp/tls/certs (1) >> /var/net-snmp/cert_indexes/1 >> cert:index:parse: The index for /usr/local/etc/snmp/tls/certs looks good >> cert:index:parse: added 2 certs from index >> cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/private >> cert:index:lookup: /usr/local/etc/snmp/tls/private (2) >> /var/net-snmp/cert_indexes/2 >> cert:index:parse: The index for /usr/local/etc/snmp/tls/private looks good >> cert:key:struct:new: new key 0x0x9f81438 for manager.key >> cert:key:struct:new: new key 0x0x9f81388 for snmpd.key >> cert:index:parse: added 2 certs from index >> cert:index:dir: Scanning directory /home/anjali/.snmp/tls/ca-certs >> cert:index:lookup: /home/anjali/.snmp/tls/ca-certs (3) >> /var/net-snmp/cert_indexes/3 >> cert:index:parse: The index for /home/anjali/.snmp/tls/ca-certs looks good >> cert:index:dir: Scanning directory /home/anjali/.snmp/tls/certs >> cert:index:lookup: /home/anjali/.snmp/tls/certs (4) >> /var/net-snmp/cert_indexes/4 >> cert:index:parse: The index for /home/anjali/.snmp/tls/certs looks good >> cert:index:dir: Scanning directory /home/anjali/.snmp/tls/private >> cert:index:lookup: /home/anjali/.snmp/tls/private (5) >> /var/net-snmp/cert_indexes/5 >> cert:index:parse: The index for /home/anjali/.snmp/tls/private looks good >> cert:partner: manager.crt match found! >> cert:partner: snmpd.crt match found! >> cert:key:read: Checking file snmpd.key >> cert:key:read: Checking file manager.key >> cert:dump: Certificates - >> cert:dump: cert snmpd.crt in /usr/local/etc/snmp/tls/certs >> cert:dump:type 1 flags 0x3 (identity+remote_peer) >> cert:dump: cert manager.crt in /usr/local/etc/snmp/tls/certs >> cert:dump:type 1 flags 0x3 (identity+remote_peer) >> cert:dump: key manager.key in /usr/local/etc/snmp/tls/private >> cert:dump:type 4 flags 0x1 (identity) >> cert:dump: key snmpd.key in /usr/local/etc/snmp/tls/private >> cert:dump:type 4 flags 0x1 (identity) >> cert:dump: End -- >> cert:find:params: looking for identity(1) in DEFAULT(0x0), hint 0 >> cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint >> 167466280 >> cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint >> 167466280 >> cert:find:params: hint = >> 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 >> cert:find:found: using cert manager.crt / >> 8954990382e414a949d54638c05fb5b2b82771c6 for identity(1) >> (uses=identity+remote_peer (3)) >> cert:find:found: using cert manager.crt / >> 895499038
Help in configuring users in DTLS
Hi All, I have generated certificates and used the keys while entering the SNMP commands. I ran snmpd after entering the following lines in snmp.conf: peerCert 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 localCert 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 where peerCert is the fingerprint of snmpd.crt and localCert in manager.crt. And in snmpd.conf, I have: [snmp] localCert 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 certSecName 10 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 --cn The snmpget dtlsudp:localhost:10161 sysContact.0 gives following debug messages: cert:util:init: init cert:index:add: dir /usr/local/etc/snmp/tls/ca-certs at index 0 cert:index:add: dir /home/anjali/.snmp/tls/certs at index 4 cert:index:add: dir /usr/local/etc/snmp/tls/private at index 2 cert:index:add: dir /home/anjali/.snmp/tls/private at index 5 cert:index:add: dir /home/anjali/.snmp/tls/ca-certs at index 3 cert:index:add: dir /usr/local/etc/snmp/tls/certs at index 1 cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/ca-certs cert:index:lookup: /usr/local/etc/snmp/tls/ca-certs (0) /var/net-snmp/cert_indexes/0 cert:index:parse: The index for /usr/local/etc/snmp/tls/ca-certs looks good cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/certs cert:index:lookup: /usr/local/etc/snmp/tls/certs (1) /var/net-snmp/cert_indexes/1 cert:index:parse: The index for /usr/local/etc/snmp/tls/certs looks good cert:index:parse: added 2 certs from index cert:index:dir: Scanning directory /usr/local/etc/snmp/tls/private cert:index:lookup: /usr/local/etc/snmp/tls/private (2) /var/net-snmp/cert_indexes/2 cert:index:parse: The index for /usr/local/etc/snmp/tls/private looks good cert:key:struct:new: new key 0x0x9f81438 for manager.key cert:key:struct:new: new key 0x0x9f81388 for snmpd.key cert:index:parse: added 2 certs from index cert:index:dir: Scanning directory /home/anjali/.snmp/tls/ca-certs cert:index:lookup: /home/anjali/.snmp/tls/ca-certs (3) /var/net-snmp/cert_indexes/3 cert:index:parse: The index for /home/anjali/.snmp/tls/ca-certs looks good cert:index:dir: Scanning directory /home/anjali/.snmp/tls/certs cert:index:lookup: /home/anjali/.snmp/tls/certs (4) /var/net-snmp/cert_indexes/4 cert:index:parse: The index for /home/anjali/.snmp/tls/certs looks good cert:index:dir: Scanning directory /home/anjali/.snmp/tls/private cert:index:lookup: /home/anjali/.snmp/tls/private (5) /var/net-snmp/cert_indexes/5 cert:index:parse: The index for /home/anjali/.snmp/tls/private looks good cert:partner: manager.crt match found! cert:partner: snmpd.crt match found! cert:key:read: Checking file snmpd.key cert:key:read: Checking file manager.key cert:dump: Certificates - cert:dump: cert snmpd.crt in /usr/local/etc/snmp/tls/certs cert:dump:type 1 flags 0x3 (identity+remote_peer) cert:dump: cert manager.crt in /usr/local/etc/snmp/tls/certs cert:dump:type 1 flags 0x3 (identity+remote_peer) cert:dump: key manager.key in /usr/local/etc/snmp/tls/private cert:dump:type 4 flags 0x1 (identity) cert:dump: key snmpd.key in /usr/local/etc/snmp/tls/private cert:dump:type 4 flags 0x1 (identity) cert:dump: End -- cert:find:params: looking for identity(1) in DEFAULT(0x0), hint 0 cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint 167466280 cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint 167466280 cert:find:params: hint = 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 cert:find:found: using cert manager.crt / 8954990382e414a949d54638c05fb5b2b82771c6 for identity(1) (uses=identity+remote_peer (3)) cert:find:found: using cert manager.crt / 8954990382e414a949d54638c05fb5b2b82771c6 for identity(1) (uses=identity+remote_peer (3)) cert:find:params: looking for remote_peer(2) in DEFAULT(0x0), hint 0 cert:find:params: looking for remote_peer(2) in MULTIPLE(0x200), hint 167493864 cert:find:params: looking for remote_peer(2) in FINGERPRINT(0x2), hint 167493864 cert:find:params: hint = 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 cert:find:found: using cert snmpd.crt / 0938b08c9843a0190ce7d3a89d2d0576b8c1afa0 for remote_peer(2) (uses=identity+remote_peer (3)) cert:find:found: using cert snmpd.crt / 0938b08c9843a0190ce7d3a89d2d0576b8c1afa0 for remote_peer(2) (uses=identity+remote_peer (3)) cert:trust_ca: checking roots for 0x9f80f08 cert:trust: putting trusted cert 0x9f81f70 = 0938b08c9843a0190ce7d3a89d2d0576b8c1afa0 in certstore 0x9fd36d0 cert:find:params: looking for remote_peer(2) in FINGERPRINT(0x2), hint 167598104 cert:find:params: hint = 8954990382e414a949d54638c05fb5b2b82771c6 cert:find:found: using cert manager.crt / 8954990382e414a949d54638c05fb5b2b82771c6 for remote_peer(2) (uses=identity+remote_peer (3)) cert:find:params: looking for remote_peer(2) in DEFAULT(0x0), hint 0 cert:find:params: looking for remote_peer(2) in MULTIPLE(0x
SNMP using TLS
Hi All, I am using net-snmp 5.7.3.pre5 I have the following certificates generated: net-snmp-cert showcerts --fingerprint --subject/usr/local/etc/snmp/tls: certs/manager.crt: subject= /C=US/ST=CA/L=Davis/O=Net-SNMP/OU=Development/CN=final/emailAddress= ad...@net-snmp.org SHA1 Fingerprint=89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 certs/snmpd.crt: subject= /C=US/ST=CA/L=Davis/O=Net-SNMP/OU=Development/CN= final.example.com/emailAddress=ad...@net-snmp.org SHA1 Fingerprint=09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 In snmp.conf, I have added the following for default configuration: defVersion 3 defSecurityModel tsm defCommunity public defsecurityname "final" defsecuritylevel authPriv localCert 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 peerCert 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 In snmpd.conf I have added, rwuser -s tsm "final" [snmp] localCert 09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 certSecName 10 89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 --cn When i try the following command by giving the keys in command line, I am able to get the output. snmpget -T our_identity=89:54:99:03:82:E4:14:A9:49:D5:46:38:C0:5F:B5:B2:B8:27:71:C6 -T their_identity=09:38:B0:8C:98:43:A0:19:0C:E7:D3:A8:9D:2D:05:76:B8:C1:AF:A0 dtlsudp:localhost:10161 sipCommonCfgServiceStartTime.1 whereas, when i run the following, it is not able to retrieve the certificate values properly: snmpwalk dtlsudp:localhost:10161 sipCommonMIB tsm: needed to free transport data tsm: needed to free transport data tsm: needed to free transport data tsm: needed to free transport data tsm: needed to free transport data failed rfc5343 contextEngineID probing snmpwalk: Timeout (Success) I have tried many variations and even went through the mailing lists. But I am not able to understand the reason behind the error or to solve it. Is there anything wrong in the configuration? I have followed the tutorial of dtls and also replaced the defX509ClientPub and defX509ServerPub tokens since they are deprecated. -- ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Error parsing PDU
Hi All, I have worked on SNMPv3 in my desktop system in Ubuntu 11.10. I tried to run net-snmp in my laptop. I had installed net-snmp 5.7.3 package and included the snmp.conf, snmpd.conf and snmptrapd.conf files in /usr/local/share/snmp folder When i run the snmpwalk command it throws the following error Timeout : Error parsing PDU It is not able to give the details to the manager. What are the possibilities for this error? Is there anything that i must re-run rather than copying from my desktop system. -- ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: oids not displayed as strings when send in traps
Thank You Bill. I am sorry that I had mentioned ServiceTime instead of StatusCodeIns. I included the string length and its working fine now. On Thu, Oct 2, 2014 at 6:29 PM, Bill Fenner wrote: > On Wed, Oct 1, 2014 at 8:04 AM, Dharm S wrote: > >> Hi All, >> >> I have the following in one of the notification template. >> >> const oid sipCommonCfgServiceStartTime_oid[] = { >> 1,3,6,1,2,1,149,1,1,1,1,3, /* insert index here */ }; >> >> It has 3 index values : two integers and one string. >> > > This is strange, since the sipCommonCfgServiceStartTime in the MIB has one > index value, just the applIndex. > > >> How am I supposed to include the string value? >> >> i tried using row->indexes->index_oid instead of the below oid. >> >> But when received at trap, it replaces string by ascii values (ACK) as >> follows >> SIP-COMMON-MIB::sipCommonStatusCodeIns.1.65.67.75.0.183 >> > > sipCommonStatusCodeIns is a different OID than you supplied above. Its > INDEXes are applIndex, > sipCommonStatusCodeMethod, sipCommonStatusCodeValue. That's > INTEGER, SipTCMethodName (OCTET STRING), and Unsiged32. > > According to http://tools.ietf.org/html/rfc2578#section-7.7 part (3), you > have to prepend the length of the string - so the interpretation of the OID > that you provided is that there's a 65-byte string, but there are not 65 > bytes left in the OID so the parser just punts on trying to represent it as > a string. The proper encoding of that string in that OID is > > SIP-COMMON-MIB::sipCommonStatusCodeIns.1.3.65.67.75.183 > > and if you check with the command-line tool, that does translate: > > % snmptranslate SIP-COMMON-MIB::sipCommonStatusCodeIns.1.3.65.67.75.183 > SIP-COMMON-MIB::sipCommonStatusCodeIns.1."ACK".183 > > Bill > > > >> >> >> -- >> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer >> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports >> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper >> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer >> >> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk >> ___ >> Net-snmp-users mailing list >> Net-snmp-users@lists.sourceforge.net >> Please see the following page to unsubscribe or change other options: >> https://lists.sourceforge.net/lists/listinfo/net-snmp-users >> >> > -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
oids not displayed as strings when send in traps
Hi All, I have the following in one of the notification template. const oid sipCommonCfgServiceStartTime_oid[] = { 1,3,6,1,2,1,149,1,1,1,1,3, /* insert index here */ }; It has 3 index values : two integers and one string. How am I supposed to include the string value? i tried using row->indexes->index_oid instead of the below oid. But when received at trap, it replaces string by ascii values (ACK) as follows SIP-COMMON-MIB::sipCommonStatusCodeIns.1.65.67.75.0.183 -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
NOT ABLE TO EXTRACT ROW->INDEXES
Hi All, I have created mib module using mib2c.create-dataset.conf. I have entered rows into the table using row = netsnmp_create_table_data_row( ); I try to extract the indexes at another location by parsing each row in a for loop for(row=table_set_myTable->table->first_row;row;row=row->next) I had added indexes while creating rows using netsnmp_table_row_add_index() function. But in the for loop when i check row->indexes, it creates segmentation fault indicating it to hold NULL value instead of any of the indexes. if(table_set_myTable->table->first_row->indexes == NULL) flag =1; which gave 1 as value confirming this. What must have gone wrong? Is the extracting method wrong or adding index?? -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
NOT ABLE TO EXTRACT ROW->INDEXES
Hi All, I have created mib module using mib2c.create-dataset.conf. I have entered rows into the table using row = netsnmp_create_table_data_row(); -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
ASN.1 Represention error
I am not able to send snmp traps due to the following error. What change am i suppposed to do? snmpd: send_trap: Error building ASN.1 representation (build uint size 0: s/b 4) snmp_build: unknown failure I have included the MIB files in /usr/local/share/snmp/mibs and in .snmp/mibs folders. But still i dont think it is reading the MIB files. I have gone through FAQs and other similar errors but nothing seems to resolve the issue. I compiled the MIB module by ./configure --with-mib-modules="sipCommonMIB" and the .c and .h files were put in agent/mibgroup/ folder. What could have gone wrong regarding ASN.1 representation? -- Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
ASN.1 Representation error
Hi All, I have compiled a mib module which works well as subagent but when i send traps, I get the following as output without proper translation of OIDs 2014-09-21 23:56:17 localhost [UDP: [127.0.0.1]:40300->[127.0.0.1]:162]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (10079) 0:01:40.79 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::mib-2.149.0.4 SNMPv2-SMI::mib-2.149.1.9.6.0 = Gauge32: 0SNMPv2-SMI::mib-2.149.1.9.5.0 = Gauge32: 0SNMPv2-SMI::mib-2.149.1.1.1.1.3.1 = Timeticks: (0) 0:00:00.00 What should i do inorder to change the numerical oids to textual ones when received by traps?? -- Slashdot TV. Video for Nerds. Stuff that Matters. http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
NOT LINKING OTHER FILES
Hi All, I have generated mfd files for ETHTOOL-MIB following the example of http://vincent.bernat.im/en/blog/2012-extending-netsnmp.html. I did the changes on my files as he had done. And used the following command for compiling subagent net-snmp-config --compile-subagent mysub ethtoolStatTable.c I got the following error : generating the temporary code file: netsnmptmp.3771.c void init_ethtoolStatTable(void); checking for init_ethtoolStatTable in ethtoolStatTable.c init_ethtoolStatTable(void) DEBUGMSGTL(("verbose:ethtoolStatTable:init_ethtoolStatTable","called\n")); } /* init_ethtoolStatTable */ checking for shutdown_ethtoolStatTable in ethtoolStatTable.c shutdown_ethtoolStatTable(void) running: gcc -fno-strict-aliasing -g -O2 -Ulinux -Dlinux=linux -D_REENTRANT -D_GNU_SOURCE -fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/local/lib/perl5/5.18.2/x86_64-linux-thread-multi/CORE -I. -I/usr/local/include -o mysub netsnmptmp.3771.c ethtoolStatTable.c -L/usr/local/ssl/lib -L/usr/local/lib -lnetsnmpmibs -lnetsnmpagent -lnetsnmp -lnetsnmpmibs -ldl -lnetsnmpagent -Wl,-E -Wl,-rpath,/usr/local/lib/perl5/5.18.2/x86_64-linux-thread-multi/CORE -lnetsnmp /tmp/ccNfcjfS.o: In function `shutdown_table_ethtoolStatTable': /home/dell/ethtoolStatTable/ethtoolStatTable.c:114: undefined reference to `_ethtoolStatTable_shutdown_interface' /tmp/ccNfcjfS.o: In function `initialize_table_ethtoolStatTable': /home/dell/ethtoolStatTable/ethtoolStatTable.c:102: undefined reference to `_ethtoolStatTable_initialize_interface' /tmp/ccNfcjfS.o: In function `shutdown_table_ethtoolStatTable': /home/dell/ethtoolStatTable/ethtoolStatTable.c:114: undefined reference to `_ethtoolStatTable_shutdown_interface' collect2: error: ld returned 1 exit status removing the temporary code file: netsnmptmp.3771.c I believe it has to do with ethtoolStatTable.h config commands /* * Note: this file originally auto-generated by mib2c using * version : 14170 $ of $ * * $Id:$ */ #ifndef ETHTOOLSTATTABLE_H #define ETHTOOLSTATTABLE_H #ifdef __cplusplus extern "C" { #endif /** @addtogroup misc misc: Miscellaneous routines * * @{ */ #include /* other required module components */ /* *INDENT-OFF* */ config_add_mib(ETHTOOL-MIB) config_require(ETHTOOL-MIB/ethtoolStatTable/ethtoolStatTable_interface) config_require(ETHTOOL-MIB/ethtoolStatTable/ethtoolStatTable_data_access) config_require(ETHTOOL-MIB/ethtoolStatTable/ethtoolStatTable_data_get) config_require(ETHTOOL-MIB/ethtoolStatTable/ethtoolStatTable_data_set) /* *INDENT-ON* */ /* OID and column number definitions for ethtoolStatTable */ #include "ethtoolStatTable_oids.h" /* enum definions */ #include "ethtoolStatTable_enums.h" /* * * function declarations */ void init_ethtoolStatTable(void); void shutdown_ethtoolStatTable(void); /* * * Table declarations */ /** ** *** *** Table ethtoolStatTable *** ** **/ /* * ETHTOOL-MIB::ethtoolStatTable is subid 1 of ethtool. * Its status is Current. * OID: .1.3.6.1.4.1.39178.100.1.1, length: 10 */ /* * * When you register your mib, you get to provide a generic * pointer that will be passed back to you for most of the * functions calls. * * TODO:100:r: Review all context structures */ /* * TODO:101:o: |-> Review ethtoolStatTable registration context. */ typedef netsnmp_data_list ethtoolStatTable_registration; /**/ /* * TODO:110:r: |-> Review ethtoolStatTable data context structure. * This structure is used to represent the data for ethtoolStatTable. */ /* * This structure contains storage for all the columns defined in the * ethtoolStatTable. */ typedef struct ethtoolStatTable_data_s { /* * ethtoolStat(2)/COUNTER64/ASN_COUNTER64/U64(U64)//l/A/w/e/r/d/h */ U64 ethtoolStat; } ethtoolStatTable_data; /* * TODO:120:r: |-> Review ethtoolStatTable mib index. * This structure is used to represent the index for ethtoolStatTable. */ typedef struct ethtoolStatTable_mib_index_s { /* * ifIndex(1)/InterfaceIndex/ASN_INTEGER/long(long)//l/A/w/e/R/d/H */ long ifIndex; /* * ethtoolStatName(1)/ShortDisplayString/ASN_OCTET_STR/char(char)//L/a/w/e/R/d/H */ char ethtoolStatName[100]; size_t ethtoolStatName_len; } ethtoolStatTable_mib_index; /* * TODO:121:r: | |-> Review ethtoolStatTable max index
Not getting response from localhost
Hi All, I am using the following snmpd.conf. ### # # EXAMPLE.conf: # An example configuration file for configuring the Net-SNMP agent ('snmpd') # See the 'snmpd.conf(5)' man page for details # # Some entries are deliberately commented out, and will need to be explicitly activated # ### # # AGENT BEHAVIOUR # # Listen for connections from the local system only #agentAddress udp:127.0.0.1:161 # Listen for connections on all interfaces (both IPv4 *and* IPv6) agentAddress udp:161 ### # # SNMPv3 AUTHENTICATION # # Note that these particular settings don't actually belong here. # They should be copied to the file /var/net-snmp/snmpd.conf # and the passwords changed, before being uncommented in that file *only*. # Then restart the agent # createUser authOnlyUser MD5 "remember to change this password" # createUser authPrivUser SHA "remember to change this one too" DES # createUser internalUser MD5 "this is only ever used internally, but still change the password" # If you also change the usernames (which might be sensible), # then remember to update the other occurances in this example config file to match. ### # # ACCESS CONTROL # # system + hrSystem groups only #view systemonly included .1.3.6.1.2.1.1 #view systemonly included .1.3.6.1.2.1.25.1 # Full access from the local host rocommunity public localhost # Default access to basic system info #rocommunity public default-V systemonly # Full access from an example network # Adjust this network address to match your local # settings, change the community string, # and check the 'agentAddress' setting above # Full read-only access for SNMPv3 rouser authOnlyUser # Full write access for encrypted requests # Remember to activate the 'createUser' lines above #rwuser authPrivUser priv # It's no longer typically necessary to use the full 'com2sec/group/access' configuration # r[ou]user and r[ow]community, together with suitable views, should cover most requirements ### # # SYSTEM INFORMATION # # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details sysLocationSitting on the Dock of the Bay sysContact Me # Application + End-to-End layers sysServices72 # # Process Monitoring # # At least one 'mountd' process proc mountd # No more than 4 'ntalkd' processes - 0 is OK proc ntalkd4 # At least one 'sendmail' process, but no more than 10 proc sendmail 10 1 # Walk the UCD-SNMP-MIB::prTable to see the resulting output # Note that this table will be empty if there are no "proc" entries in the snmpd.conf file # # Disk Monitoring # # 10MBs required on root disk, 5% free on /var, 10% free on all other disks disk / 1 disk /var 5% includeAllDisks 10% # Walk the UCD-SNMP-MIB::dskTable to see the resulting output # Note that this table will be empty if there are no "disk" entries in the snmpd.conf file # # System Load # # Unacceptable 1-, 5-, and 15-minute load averages load 12 10 5 # Walk the UCD-SNMP-MIB::laTable to see the resulting output # Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file ### # # ACTIVE MONITORING # # send SNMPv1 traps trapsink localhost public # send SNMPv2c traps #trap2sinklocalhost public # send SNMPv2c INFORMs #informsink localhost public # Note that you typically only want *one* of these three lines # Uncommenting two (or all three) will result in multiple copies of each notification. # # Event MIB - automatically generate alerts # # Remember to activate the 'createUser' lines above iquery
No response from localhost
Hi All, I am using the following snmpd.conf. ### # # EXAMPLE.conf: # An example configuration file for configuring the Net-SNMP agent ('snmpd') # See the 'snmpd.conf(5)' man page for details # # Some entries are deliberately commented out, and will need to be explicitly activated # ### # # AGENT BEHAVIOUR # # Listen for connections from the local system only #agentAddress udp:127.0.0.1:161 # Listen for connections on all interfaces (both IPv4 *and* IPv6) agentAddress udp:161 ### # # SNMPv3 AUTHENTICATION # # Note that these particular settings don't actually belong here. # They should be copied to the file /var/net-snmp/snmpd.conf # and the passwords changed, before being uncommented in that file *only*. # Then restart the agent # createUser authOnlyUser MD5 "remember to change this password" # createUser authPrivUser SHA "remember to change this one too" DES # createUser internalUser MD5 "this is only ever used internally, but still change the password" # If you also change the usernames (which might be sensible), # then remember to update the other occurances in this example config file to match. ### # # ACCESS CONTROL # # system + hrSystem groups only #view systemonly included .1.3.6.1.2.1.1 #view systemonly included .1.3.6.1.2.1.25.1 # Full access from the local host rocommunity public localhost # Default access to basic system info #rocommunity public default-V systemonly # Full access from an example network # Adjust this network address to match your local # settings, change the community string, # and check the 'agentAddress' setting above # Full read-only access for SNMPv3 rouser authOnlyUser # Full write access for encrypted requests # Remember to activate the 'createUser' lines above #rwuser authPrivUser priv # It's no longer typically necessary to use the full 'com2sec/group/access' configuration # r[ou]user and r[ow]community, together with suitable views, should cover most requirements ### # # SYSTEM INFORMATION # # Note that setting these values here, results in the corresponding MIB objects being 'read-only' # See snmpd.conf(5) for more details sysLocationSitting on the Dock of the Bay sysContact Me # Application + End-to-End layers sysServices72 # # Process Monitoring # # At least one 'mountd' process proc mountd # No more than 4 'ntalkd' processes - 0 is OK proc ntalkd4 # At least one 'sendmail' process, but no more than 10 proc sendmail 10 1 # Walk the UCD-SNMP-MIB::prTable to see the resulting output # Note that this table will be empty if there are no "proc" entries in the snmpd.conf file # # Disk Monitoring # # 10MBs required on root disk, 5% free on /var, 10% free on all other disks disk / 1 disk /var 5% includeAllDisks 10% # Walk the UCD-SNMP-MIB::dskTable to see the resulting output # Note that this table will be empty if there are no "disk" entries in the snmpd.conf file # # System Load # # Unacceptable 1-, 5-, and 15-minute load averages load 12 10 5 # Walk the UCD-SNMP-MIB::laTable to see the resulting output # Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file ### # # ACTIVE MONITORING # # send SNMPv1 traps trapsink localhost public # send SNMPv2c traps #trap2sinklocalhost public # send SNMPv2c INFORMs #informsink localhost public # Note that you typically only want *one* of these three lines # Uncommenting two (or all three) will result in multiple copies of each notification. # # Event MIB - automatically generate alerts # # Remember to activate the 'createUser' lines above iquery
not able to link libssl library
I am using Ubuntu 14.04 (64-bit). I have worked on net-snmp in ubuntu 11.10 (32-bit) . But in this I am facing the following error when i compile tsm module. checking for EVP_md5 in -lcrypto... no checking for DTLSv1_method in -lssl... no configure: error: The DTLS based transports require the libssl library from OpenSSL to be available and support DTLS I have openssl-1.0.1f package installed. But not able to understand why its not able to link it. Any solutions? -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
NET-SNMP make error
I am using Ubuntu 14.04 (64-bit) . I have downloaded net-snmp-5.7.3.pre5 and did the configure. The make is giving the following error. /usr/bin/ld: /usr/local/lib/perl5/5.18.2/x86_64-linux/CORE/libperl.a(op.o): relocation R_X86_64_32S against `PL_sv_yes' can not be used when making a shared object; recompile with -fPIC /usr/local/lib/perl5/5.18.2/x86_64-linux/CORE/libperl.a: error adding symbols: Bad value collect2: error: ld returned 1 exit status make[1]: *** [libnetsnmpagent.la] Error 1 make[1]: Leaving directory `/home/dell/Desktop/net-snmp-5.7.3.pre5/agent' make: *** [subdirs] Error 1 Is there errors related to perl version or is it something else? -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users