On Wed, 4 Jul 2018 18:07:51 +0530 Thommandra wrote: TG> > For snmpd, you can configure VACM views in snmpd.conf to TG> > exclude certain OIDS. It's not very intuitive, but should be TG> > possible. TG> TG> Can we remove the OIDs at compile time (using configure option) TG> like we do for modules? Changing VACM views is tedious and has TG> to be configures for all communities/users etc. TG> And if the list of OIDs is huge, it is not feasible.
Configure can exclude entire MIBs, but not individual OIDs. You can modify the code, but make sure you deal with get and get-next properly. TG> Actually I understand that. I went further and enabled debug on TG> snmpgetnext to find that the failure is due to the error during TG> snmp_parse() And it is because the getnext PDU contains an TG> IP_ADDR as a value (vrrpOperMasterIpAddr OID) TG> TG> On debugging further, I found that the below change in 5.7.3 is TG> actually causing the issue TG> TG> net-snmp-5.7.3/snmplib/snmp_api.c TG> TG> 4594 case ASN_IPADDRESS: TG> 4595 if (vp->val_len != 4) TG> 4596 return -1; TG> 4597 /* fallthrough */ TG> 4598 case ASN_OCTET_STR: TG> 4599 case ASN_OPAQUE: TG> 4600 case ASN_NSAP: TG> TG> We fail if ASN_IPADDRRESS len is not 4. Earlier in 5.7.2, we TG> did not have this check. ASN_IPADDRESS is specified as a 4 octet field, so anything else is wrong. TG> And looking at the history, it seems like you have TG> modified/added those lines. May I know if this is a bug? TG> BTW, removing that val_len check from snmp_api.c makes the TG> snmpwalk work smooth. TG> TG> Please note that our implementation of VRRP-MIB was done using TG> mib2c utility. And so vrrpOperMasterIpAddr is implemented as TG> u_long in the code. The size of the data field shouldn't matter. Try stepping through the mib2c generated code that creates the varbind and see where the value in the varbind gets a bad value. Robert ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
