ACK vs no ACK
When I run my snmpset command from BASH ... I see a list of ACK
responses in tcpdump, whereas when running the same command using the
php version in jffnms, I do not see those ACK.
Obviously that is the problem ... the question is why?
On Wed, 2007-07-25 at 10:28 -0500, Jeffrey Singleton wrote:
> Ok .. So now I am hitting another wall.
>
> Why when I run the tftp-get script manually ... it wont set the enable
> password.
> I ran a tcpdump and grep'd out for the IP of the device.
>
> The response I got for the line that is supposed to be setting the enable
> password is not what I expected.
>
>
>
> 11:23:53.656692 IP (tos 0x0, ttl 64, id 17775, offset 0, flags [none],
> proto: UDP (17), length: 85) jffnms.corp.ciphertrust.com.59939 >
> 192.168.7.254.snmp: { SNMPv2c C=dm3r9x6p { SetRequest(40) R=1828994399
> E:1991.1.1.2.1.15.0=[|snmp] } }
> 11:23:53.665685 IP (tos 0x0, ttl 61, id 4394, offset 0, flags [DF],
> proto: UDP (17), length: 85) 192.168.7.254.snmp >
> jffnms.corp.ciphertrust.com.59939: { SNMPv2c C=dm3r9x6p { GetResponse(40)
> R=1828994399 E:1991.1.1.2.1.15.0=[|snmp] } }
>
>
>
> any ideas why the same command in PHP does not return the same as when run
> from BASH?
>
> On Wed, 2007-07-25 at 08:15 -0500, Jeffrey Singleton wrote:
>
>
> On Tue, 2007-07-24 at 18:49 -0500, Craig Small wrote:
>
>
> Currently you scripts work, or rather the transfer part does,
> if you
> make your own file? What is the difference between your file
> and the
> temporary one JFFNMS creates?
>
>
>
> Yep, I ended up using a 3rd party tftpserver that uses a .ini in /etc
> to config.
> Trying to start the tftp server under freebsd using inetd was becoming
> a pain.
> I know the Tftpserver works ... I can manually dump configs all day
> long into the /jffnms/tftpd folder.
>
> The .dat extension is really the only thing...other than that it is
> just a temp file and I force the 777 perms during the process and still
> nothing.
> For whatever reason ... the file the jffnms creates will not work for
> the Foundry config dumps.
>
> After writing my reply yesterday ... I made a little movement.
> I found that there was an issue with my Foundry to where I actually HAD
> to set the enable passwd for this to work.
> I noticed in my status checks that Integer 22 was sticky ... then I ran
> the manual snmpset commandline with enable password and it worked.
> That is my bad for not comparing configs on my live device vs the one I
> have been using for testing.
>
>
>
> > At this point, I would be willing to pay for someone to just
> write this
> > code for me and be done with it.
> I can help you there, I've written plugins for people before.
>
> I think you have a timing problem. The code does have some
> funnies in it
> to which may or may not be relevant.
>
>
>
> Craig, you really don't know me, but your last sentence is the story of
> my life ... Timing Problems.
>
> And it sucks, because jffnms' feature for downloading and diff'ing
> configs is exactly the tool I need right now.
> Someone wrote one for Cacti, but setting it up is a bit more
> complicated because it uses perl and php.
> With Jffnms, I already know snmp inside and out ... but php an perl I
> can barely read and have been bugging the crap out of my staff php programmer.
>
> So ... Here is where I am at now.
>
> - For testing purposes I will hard code my enable password in the
> script and see if I can at least get the config to dump into a file.
> - Trying to get the fdry_cc.inc.php script that I have to set the
> enable password from an alternate (encrypted) location so I do not have to
> hard code it.
> - Finally getting a foundry config to dump into a file then into
> the DB
>
> Here is the complete command line needed to grab the configs from a
> foundry server load balancer...
> snmpset -v2c -c rwcommunity switch-ip .1.3.6.1.4.1.1991.1.1.2.1.15.0 s
> enable-pwd .1.3.6.1.4.1.1991.1.1.2.1.5.0 a tftpserver-ip
> .1.3.6.1.4.1.1991.1.1.2.1.8.0 s subdir/targetfile
> .1.3.6.1.4.1.1991.1.1.2.1.9.0 i 22
>
> If you need me too, I can send you all of the MIBS for the current
> foundry OS, they came in a single file, but I separated them out to their
> individual MIB files.
> I have them in the MIBS folder under /usr/local/share/snmp ... I know
> jffnms reads from that folder because on a Manual Poll w/o port scan on this
> Foundry,
> I get a few different hits that are definitely not from Foundry but
> from one of the generic snmp MIBs in that folder.
>
>
> Here is the file I am working with now ...
>
> <?
> /* This file is part of JFFNMS
> * Copyright (C) <2002-2005> Javier Szyszlican <[EMAIL PROTECTED]>
> * This program is licensed under the GNU GPL, full terms in the LICENSE
> file
> */
>
> // FOUNDRY-SN-AGENT-MIB Configuration Downloader Implementation
> // successful (1), processing (18), timeout (6), bad access (11),
> file-not-found (10)
>
> function config_fdry_cc_get ($ip, $rwcommunity, $server, $tmpfname)
> {
>
> $tmpfname = tempnam("/jffnms/tftpd/", "config");
> $handle = fopen($tmpfname, "w");
>
> if ($ip && $rwcommunity && $server && $tmpfname) {
>
> $result = true; // Foundry does not return a true so I have
> to force true here
>
> if ($result==true) {
>
> snmp_set($ip,$rwcommunity,
> ".1.3.6.1.4.1.1991.1.1.2.1.5.0", "a", "$server");
> snmp_set($ip,$rwcommunity,
> ".1.3.6.1.4.1.1991.1.1.2.1.8.0", "s", "$tmpfname");
> snmp_set($ip,$rwcommunity,
> ".1.3.6.1.4.1.1991.1.1.2.1.9.0", "i", "22");
> snmp_set($ip,$rwcommunity,
> ".1.3.6.1.4.1.1991.1.1.2.1.15.0", "s", "######");
>
> sleep (2);
>
> $result =
> snmp_get($ip,$rwcommunity,".1.3.6.1.4.1.1991.1.1.2.1.9.0");
>
> if ($result==1) fclose($handle);
> return true;
>
> }
> }
> return false;
> }
>
> function config_fdry_cc_wait ($ip, $rwcommunity, $server,
> $tmpfname) {
>
> $i = 0;
> do {
> $result =
> snmp_get($ip,$rwcommunity,".1.3.6.1.4.1.1991.1.1.2.1.9.0");
> if ($result==1) return true;
> sleep (2);
> }
> while ($result==18 && $i++ < 30);
> return false;
> }
>
> ?>
>
>
>
> plain text document attachment (ATT2832409.txt), "ATT2832409.txt"
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com
> <http://get.splunk.com/> /
>
>
>
> plain text document attachment (ATT2897252.txt), "ATT2897252.txt"
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
--
Jeffrey Singleton
Network Systems Administrator (Trusted Source)
Secure Computing Corporation
48000 North Point Parkway
Alpharetta, GA 30022
C: +1 770-820-2909
O: +1 678-904-3694
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
jffnms-users mailing list
jffnms-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jffnms-users
