Ok .. So now I am hitting another wall.
Why when I run the tftp-get script manually ... it wont set the enable
password.
I ran a tcpdump and grep'd out for the IP of the device.
The response I got for the line that is supposed to be setting the
enable password is not what I expected.
11:23:53.656692 IP (tos 0x0, ttl 64, id 17775, offset 0, flags
[none], proto: UDP (17), length: 85)
jffnms.corp.ciphertrust.com.59939 > 192.168.7.254.snmp:
{ SNMPv2c C=dm3r9x6p { SetRequest(40) R=1828994399
E:1991.1.1.2.1.15.0=[|snmp] } }
11:23:53.665685 IP (tos 0x0, ttl 61, id 4394, offset 0, flags
[DF], proto: UDP (17), length: 85) 192.168.7.254.snmp >
jffnms.corp.ciphertrust.com.59939: { SNMPv2c C=dm3r9x6p
{ GetResponse(40) R=1828994399 E:1991.1.1.2.1.15.0=[|snmp] } }
any ideas why the same command in PHP does not return the same as when
run from BASH?
On Wed, 2007-07-25 at 08:15 -0500, Jeffrey Singleton wrote:
> On Tue, 2007-07-24 at 18:49 -0500, Craig Small wrote:
>
>
> Currently you scripts work, or rather the transfer part does, if you
> make your own file? What is the difference between your file and the
> temporary one JFFNMS creates?
>
>
>
> Yep, I ended up using a 3rd party tftpserver that uses a .ini in /etc to
> config.
> Trying to start the tftp server under freebsd using inetd was becoming a
> pain.
> I know the Tftpserver works ... I can manually dump configs all day long into
> the /jffnms/tftpd folder.
>
> The .dat extension is really the only thing...other than that it is just a
> temp file and I force the 777 perms during the process and still nothing.
> For whatever reason ... the file the jffnms creates will not work for the
> Foundry config dumps.
>
> After writing my reply yesterday ... I made a little movement.
> I found that there was an issue with my Foundry to where I actually HAD to
> set the enable passwd for this to work.
> I noticed in my status checks that Integer 22 was sticky ... then I ran the
> manual snmpset commandline with enable password and it worked.
> That is my bad for not comparing configs on my live device vs the one I have
> been using for testing.
>
>
>
> > At this point, I would be willing to pay for someone to just write
> this
> > code for me and be done with it.
> I can help you there, I've written plugins for people before.
>
> I think you have a timing problem. The code does have some funnies in it
> to which may or may not be relevant.
>
>
>
> Craig, you really don't know me, but your last sentence is the story of my
> life ... Timing Problems.
>
> And it sucks, because jffnms' feature for downloading and diff'ing configs is
> exactly the tool I need right now.
> Someone wrote one for Cacti, but setting it up is a bit more complicated
> because it uses perl and php.
> With Jffnms, I already know snmp inside and out ... but php an perl I can
> barely read and have been bugging the crap out of my staff php programmer.
>
> So ... Here is where I am at now.
>
> - For testing purposes I will hard code my enable password in the script
> and see if I can at least get the config to dump into a file.
> - Trying to get the fdry_cc.inc.php script that I have to set the enable
> password from an alternate (encrypted) location so I do not have to hard code
> it.
> - Finally getting a foundry config to dump into a file then into the DB
>
> Here is the complete command line needed to grab the configs from a foundry
> server load balancer...
> snmpset -v2c -c rwcommunity switch-ip .1.3.6.1.4.1.1991.1.1.2.1.15.0 s
> enable-pwd .1.3.6.1.4.1.1991.1.1.2.1.5.0 a tftpserver-ip
> .1.3.6.1.4.1.1991.1.1.2.1.8.0 s subdir/targetfile
> .1.3.6.1.4.1.1991.1.1.2.1.9.0 i 22
>
> If you need me too, I can send you all of the MIBS for the current foundry
> OS, they came in a single file, but I separated them out to their individual
> MIB files.
> I have them in the MIBS folder under /usr/local/share/snmp ... I know jffnms
> reads from that folder because on a Manual Poll w/o port scan on this Foundry,
> I get a few different hits that are definitely not from Foundry but from one
> of the generic snmp MIBs in that folder.
>
>
> Here is the file I am working with now ...
>
> <?
> /* This file is part of JFFNMS
> * Copyright (C) <2002-2005> Javier Szyszlican <[EMAIL PROTECTED]>
> * This program is licensed under the GNU GPL, full terms in the LICENSE file
> */
>
> // FOUNDRY-SN-AGENT-MIB Configuration Downloader Implementation
> // successful (1), processing (18), timeout (6), bad access (11),
> file-not-found (10)
>
> function config_fdry_cc_get ($ip, $rwcommunity, $server, $tmpfname) {
>
> $tmpfname = tempnam("/jffnms/tftpd/", "config");
> $handle = fopen($tmpfname, "w");
>
> if ($ip && $rwcommunity && $server && $tmpfname) {
>
> $result = true; // Foundry does not return a true so I have to
> force true here
>
> if ($result==true) {
>
> snmp_set($ip,$rwcommunity, ".1.3.6.1.4.1.1991.1.1.2.1.5.0",
> "a", "$server");
> snmp_set($ip,$rwcommunity, ".1.3.6.1.4.1.1991.1.1.2.1.8.0",
> "s", "$tmpfname");
> snmp_set($ip,$rwcommunity, ".1.3.6.1.4.1.1991.1.1.2.1.9.0",
> "i", "22");
> snmp_set($ip,$rwcommunity, ".1.3.6.1.4.1.1991.1.1.2.1.15.0",
> "s", "######");
>
> sleep (2);
>
> $result =
> snmp_get($ip,$rwcommunity,".1.3.6.1.4.1.1991.1.1.2.1.9.0");
>
> if ($result==1) fclose($handle);
> return true;
>
> }
> }
> return false;
> }
>
> function config_fdry_cc_wait ($ip, $rwcommunity, $server, $tmpfname) {
>
> $i = 0;
> do {
> $result =
> snmp_get($ip,$rwcommunity,".1.3.6.1.4.1.1991.1.1.2.1.9.0");
> if ($result==1) return true;
> sleep (2);
> }
> while ($result==18 && $i++ < 30);
> return false;
> }
>
> ?>
>
>
>
>
> plain text document attachment (ATT2832409.txt), "ATT2832409.txt"
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
--
Jeffrey Singleton
Network Systems Administrator (Trusted Source)
Secure Computing Corporation
48000 North Point Parkway
Alpharetta, GA 30022
C: +1 770-820-2909
O: +1 678-904-3694
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
jffnms-users mailing list
jffnms-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jffnms-users
