Re: Enterprise subtree problem...
... If I can see the subtree using snmptranslate, but not snmpwalk, ... As I understand it, snmptranslate processes the MIB files on your local system but snmpwalk talks to the remote agent. You can have MIB files for all sorts of MIBs that aren't implemented in the agent. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Does disman require IPv6?
I'm trying to add DISMAN MIB support to an existing configuration, cross-compiling Net-SNMP v5.2.2 from Intel Linux to ARM Linux. I configure like this: export CROSS_COMPILE=arm-linux ac_cv_CAN_USE_SYSCTL=no \ export CFLAG=-I/opt/denx/arm/usr/include/linux ./configure --prefix=/usr \ --target=arm-linux \ --host=arm-linux \ --build=i386-pc-linux \ --with-openssl=/usr/local/ssl/bin \ --with-endianness=little \ --with-cc=arm-linux-gcc \ --with-ar=arm-linux-ar \ --with-install-prefix=/IPm \ --with-cflags=-O2 \ --enable-applications \ --disable-scripts \ --disable-debugging \ --without-kmem-usage \ --disable-mib-loading \ --with-out-mib-modules=examples/ucdDemoPublic \ --with-mib-modules=disman \ --disable-ipv6 \ --with-sys-location=Set location of switch \ --with-sys-contact=Set name (and e-mail) of contact for switch \ --with-logfile=/var/log/snmpd.log \ --with-default-snmp-version=3 \ --with-persistent-directory=/var/net-snmp \ --with-persistent-mask=007 and the build complains that pingCtlTable.h can't find in6.h and ipv6.h to include. But I've disabled IPv6. Does disman require ipv6? If so, it'd be nice if configure told me that. Or is pingCtrTable.h not sufficiently parameterized with #ifdef stuff to disable ipv6 when ipv6 isn't to be used? I'll take a crack at fixing this but I'm not sure what direction to go in. Chris P.S. I'm also curious about this section in pingCtlTable.h: /* #include linux/in6.h */ /* #include linux/ipv6.h */ #include in6.h #include ipv6.h which looks a little weird and inconsistent. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Does disman require IPv6?
On 05/04/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Does disman require ipv6? No. Thanks. Or is pingCtrTable.h not sufficiently parameterized with #ifdef stuff to disable ipv6 when ipv6 isn't to be used? The DisMan code in general is relatively immature in the 5.2.x line, and I wouldn't recommend relying too heavily on it. Things have improved significantly in the 5.3.x and 5.4 releases. The RemoteOps implementations in particular (ping et al) are even less reliable, and have been removed from the disman build altogether in 5.3.x and above. (I'm a little surprised to realise that they're still included in the current 5.2.x disman.h, but it's probably too late to change that). It does not surprise me in the slightest that you're having problems with these particular modules. I'd suggest you delete from disman.h, and rebuild. Delete *what* from disman.h? Isn't the monitor directive part of disman? That's what I really want. If I don't have to include disman to get it, what configure directive do I need to get monitor? - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Does disman require IPv6?
On 05/04/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: ... Isn't the monitor directive part of disman? It's part of the DisMan Event MIB, yes. But that's only one of a collection of MIBs produced by the DisMan working group. That's what I really want. Then all you need is disman/event-mib. Configure with that, and don't worry about using the higher-level disman grouping module. Bingo! Thanks. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Monitoring disk usage
On 23/03/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I can't get these traps to fire. Then again, when I try to walk dskTable, I get a failiure response so maybe that MIB isn't in my agent. But I tried with memTotalFree and nothing happens. /usr/share/snmpd/snmpd.conf contains: agentSecName internal rouser internal monitor -r 30 memTotalFree 2500 Silly question, but do you have a createUser internal ... anywhere? Uhm, no. That was a flaw in that particular experiment. I create new users so infrequently that I kind of thought the rouser internal line did that here. Try running the agent using the debug flag -Ddisman What output do you see? I've found that disman is not built into my agent and that when I try to build it in, I get lots of compiler errors (apparently due to missing includes in my cross-build tool chain). I'm still battling with it. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Monitoring disk usage
On 22/03/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The other possibility would be to set up a monitor entry on dskUsed. Slightly forced, but a delta monitor compared against 0 might fo the trick. That sounds great but I admit the snmpd.conf man page isn't sufficiently clear to me for me to do that. Got any examples? Untested but: monitor -D dskUsed 0 ... I can't get these traps to fire. Then again, when I try to walk dskTable, I get a failiure response so maybe that MIB isn't in my agent. But I tried with memTotalFree and nothing happens. /usr/share/snmpd/snmpd.conf contains: agentSecName internal rouser internal monitor -r 30 memTotalFree 2500 and when I look at the system I see: ~ # grep -i memfree /proc/meminfo MemFree: 1848 kB and when I try to get memTotalFree with snmpwalk, I get meaningful values. But never a trap. How can I diagnose the problem? I looked at versionConfigureOptions and there doesn't seem to be anything there that disables these traps (or dskTable, for that matter). I've tried running snmpd -f but it doesn't complain about any unknown options or anything. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Monitoring disk usage
I've seen and experimented with the disk directive in snmpd.conf but it's not quite doing what I need and I'm hoping someone can suggest a way to use it or another method to accomplish what I need. I have several programs which log to /var/log. Generally, there are links there that point to /dev/null so I can enable logging by removing the link and restarting the program. But if I ship a system without the links or add a new log source and don't create the link or something, I could end up with an ever-growing log file. What I'd like to do is be able to remotely determine if any file in /var/log is growing. I suppose I could have a startup script which figured out the current usage on /, subtracted from 100, and put that in as a percentage in snmpd.conf but that's kind of indirect and awkward. Is there a better way? Chris - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Monitoring disk usage
... The other possibility would be to set up a monitor entry on dskUsed. Slightly forced, but a delta monitor compared against 0 might fo the trick. That sounds great but I admit the snmpd.conf man page isn't sufficientlyclear to me for me to do that. Got any examples? http://www.net-snmp.org/docs/man/snmpd.examples.html may do the trick... - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Monitoring disk usage
On 22/03/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The other possibility would be to set up a monitor entry on dskUsed. Slightly forced, but a delta monitor compared against 0 might fo the trick. That sounds great but I admit the snmpd.conf man page isn't sufficiently clear to me for me to do that. Got any examples? Untested but: monitor -D dskUsed 0 (which would trigger on *any* increase in these files), ... I've got: monitor -u private -r 10 -D Log growth dskUsed 0 which it seems to me should use private's privileges (private is a rw user) to monitor disk usage every 10 seconds and send the default trap when it changes at all. I get link up/down traps at the expected address but nothing about disk usage. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
MIBs for IEEE compliance?
I'm reviewing the PICS for 802.1Q-2005 and trying to relate it to SNMP MIB entries. Section A.14 is all about management. Some of the items are fairly clear to me; for MGT-3, I can see that the sysDescr seems to satisfy the requirement. But some are quite unclear; does any standard MIB support Discover Bridge as described in 802.1Q-2005, Section 12.4.1.1? Is there any resource which relates PICS items and MIB entries? - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
unknown value
In various MIBs I see unknown sometimes as the lowest value and sometimes as the highest. ipv6IfNetToMediaState OBJECT-TYPE SYNTAX INTEGER { reachable(1), -- confirmed reachability ... unknown(6)-- state can not be determined -- for some reason. } and dot1dStpProtocolSpecification OBJECT-TYPE SYNTAX INTEGER { unknown(1), decLb100(2), ieee8021d(3) } Is it just random or is one an old convention and one new? Which is preferred for new MBIs? It seems to me that 0 (or the lowest value) is better because we might lack the foresight to realize that more values will be needed later and if we use the highest, current value, we run the risk of having unknown in the middle of the list. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Can I get snmptranslate to tell me where it's finding MIBs?
When I run snmptranslate, it finds things that aren't in /usr/share/snmp/mibs/*.txt. Where else is it looking? Can I get it to tell me its search path? - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Identifier scoping in MIBs
OK, I'm a little slow today. Sorry for harrassing the list. What is the scope of identifers in MIBs. If I do: pppTable OBJECT-TYPE SYNTAX SEQUENCE OF PppEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION A list of interface entries. ::= { myTables 1 } pppEntry OBJECT-TYPE SYNTAX PppEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION An entry containing management information applicable to a particular interface. INDEX { ifIndex } ::= { pppTable 1 } PppEntry ::= SEQUENCE { ifIndex InterfaceIndex } Why does http://www.ibr.cs.tu-bs.de/bin/smitools.cgi complain: mibs/SOMEMIB.txt:243: [5] {identifier-external-redefined} warning: redefinition of identifier `IF-MIB::ifIndex' /usr/local/share/mibs/ietf/IF-MIB:185: [6] {previous-definition} info: previous definition of `ifIndex' I don't want to redefine the IF-MIB ifEntry, I want my own. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Renaming a MIB entity
I was a little short sighted in creating a MIB a year or so ago. I have an entity with too-restictive a name. I'd like to revise the MIB so that with the new one in place users can use symbolic names to get the entity with a more meaninful name. Basically, I've got a branch in my MIB tree something like foo9portBar when it should really just be fooBar. Is there a way to put an alias or something in my MIB so with the new MIB in place, a user will get the same result from: snmptranslate -I b foo9portBar and snmptranslate -I b fooBar ? Chris Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Fwd: Re: One table, two agents?
I don't believe I got any feedback on this. (Maybe I deleted it in an overzealous SPAM purge.) I'd really appreciate some input on this. The best I've come up with is to take the ifTable structure and graft it onto my enterprise MIB but that seems kludgey. ---BeginMessage--- Can I have two subagents each responsible for a diferent range of recordin a table? ... Well, I've half answered my own question. Section 4.1 of RFC 2741 (AgentX) says: An entity acting in a subagent role performs the following functions: ... - Registers MIB regions with the master agent. and I'm tantalized by 4.2 which says This section discusses several typical usage scenarios. ... 2) Subagents implement rows in a simple table. A simple table is one in which row creation is not specified, and for which the MIB does not define an object that counts entries in the table. Examples of simple tables are rdbmsDbTable, udpTable, and hrSWRunTable. But then I'm disheartened by 5) Subagents implement rows in tables whose MIB also defines an object that counts entries in the table, for example the MIB-2 ifTable (due to ifNumber). The subagent that implements such a counter object (like ifNumber) must go beyond AgentX to correctly implement it. This is an implementation issue (and most new MIB designs no longer include such objects). Because, of course, the table I need to split between subagents is ifTable! I want to write a PPP sub-agent which supplements the system's idea of ifNumber with however many PPP interfaces are configured and active. I'd be very grateful for brainstorming on techniques to go beyond AgentX to accomplish that. I have as a strict requirement that I assume an existing agent or subagent that implements ifTable and that I can't change that existing code. How can I install a PPP subagent that coerces the master agent to summing multiple ifNumbers or something and taking rows from multiple subagents? (I don't mind at all if the master agent has to be Net-SNMP's snmpd; Net-SNMP on Linux is the only target I absolutely have to support.) TIA. Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users ---End Message---
Re: One table, two agents?
Can I have two subagents each responsible for a diferent range of recordin a table? ... Well, I've half answered my own question. Section 4.1 of RFC 2741 (AgentX) says: An entity acting in a subagent role performs the following functions: ... - Registers MIB regions with the master agent. and I'm tantalized by 4.2 which says This section discusses several typical usage scenarios. ... 2) Subagents implement rows in a simple table. A simple table is one in which row creation is not specified, and for which the MIB does not define an object that counts entries in the table. Examples of simple tables are rdbmsDbTable, udpTable, and hrSWRunTable. But then I'm disheartened by 5) Subagents implement rows in tables whose MIB also defines an object that counts entries in the table, for example the MIB-2 ifTable (due to ifNumber). The subagent that implements such a counter object (like ifNumber) must go beyond AgentX to correctly implement it. This is an implementation issue (and most new MIB designs no longer include such objects). Because, of course, the table I need to split between subagents is ifTable! I want to write a PPP sub-agent which supplements the system's idea of ifNumber with however many PPP interfaces are configured and active. I'd be very grateful for brainstorming on techniques to go beyond AgentX to accomplish that. I have as a strict requirement that I assume an existing agent or subagent that implements ifTable and that I can't change that existing code. How can I install a PPP subagent that coerces the master agent to summing multiple ifNumbers or something and taking rows from multiple subagents? (I don't mind at all if the master agent has to be Net-SNMP's snmpd; Net-SNMP on Linux is the only target I absolutely have to support.) TIA. Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: One table, two agents?
... This section discusses several typical usage scenarios. ... 2) Subagents implement rows in a simple table. A simple table is one in which row creation is not specified, and for which the MIB does not define an object that counts entries in the table. Examples of simple tables are rdbmsDbTable, udpTable, and hrSWRunTable. But then I'm disheartened by 5) Subagents implement rows in tables whose MIB also defines an object that counts entries in the table, for example the MIB-2 ifTable (due to ifNumber). The subagent that implements such a counter object (like ifNumber) must go beyond AgentX to correctly implement it. This is an implementation issue (and most new MIB designs no longer include such objects). Because, of course, the table I need to split between subagents is ifTable! ... Moving on, I want to implement ifAddrTable in my PPP subagent. It should supplement the ifAddrTable rows that (I believe) come out of the master agent (snmpd). There is nothing like ifNumber in this table but though I build a subagent that registers to handle ifTable, I get only the rows handled by the master. How do I get my subagent to be able to add to snmpd's ifAddrTable? Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
MIBs for RS232 and PPP
In case someone else cares, I'm in the process of implementing MIBs for RS232-like devices (RFC 1317) and PPP (several RFCs, not sure which I'll get to). I'm targeting Linux and New-SNMP and hope to release the implementation as an open source AgentX subagent. I've had some interest from the pppd project in rolling this subagent in with their distribution. Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
One table, two agents?
Can I have two subagents each responsible for a diferent range of record in a table? RFC 1471 says that the RS232 interface underlying a PPP link should have an entry in ifTable but I've got an existing subagent that deals with my real network interfaces and I'd rather not clutter it with PPP code. What I really want to do is write a subagent that deals with all PPP-related data. So I'd want my existing subagent to continue to be responseible for RFC1213-MIB::ifIndex.1 = INTEGER: 1 ... RFC1213-MIB::ifIndex.9 = INTEGER: 9 RFC1213-MIB::ifIndex.16 = INTEGER: 16 RFC1213-MIB::ifDescr.1 = STRING: Port 1 ... RFC1213-MIB::ifDescr.9 = STRING: Port 9 RFC1213-MIB::ifDescr.16 = STRING: Management port RFC1213-MIB::ifType.1 = INTEGER: ethernet-csmacd(6) ... RFC1213-MIB::ifType.9 = INTEGER: ethernet-csmacd(6) but have my PPP subagent responible for something like: RFC1213-MIB::ifIndex.100 = INTEGER: 100 RFC1213-MIB::ifDescr.100 = STRING: ppp0 RFC1213-MIB::ifType.100 = INTEGER: ppp(23) RFC1213-MIB::ifSpecific.101 = something that refers to 101 below RFC1213-MIB::ifIndex.101 = INTEGER: 101 RFC1213-MIB::ifDescr.101 = STRING: ttyS01 RFC1213-MIB::ifType.101 = INTEGER: other(1) Can I do that? Can I make multiple subagents responsible for different ranges of the same table? Where do I adjust that? TIA. Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Which MIBs for PPP?
RFC 1473 is pretty clear on its applicability: This document specifies the following group: The PPP IP Group The PPP IP Group contains configuration, status, and control variables that apply to the operation of IP over PPP. Implementation of this group is mandatory for all implementations of PPP that support IP over PPP. But (earlier) it also says: The PPP MIB is organized into several MIB Groups, including, but not limited to, the following groups: o The PPP Link Group o The PPP LQR Group o The PPP LQR Extensions Group o The PPP IP Group o The PPP Bridge Group o The PPP Security Group Without clear references to where those groups come from. Since PPP-IP-NCP-MIB imports ppp from PPP-LCP-MIB, I guess I need to at least look at RFC1471. I'm not so sure of the others. I also found RFC 1317 which shows PPP in a protocol stack with RS-232 says: The RS-232-like Hardware Device MIB is mandatory for all systems that have such a hardware port supporting services managed through some other MIB, for example, the Character MIB or PPP MIB. But the objects defined in 1317 are numerous, don't seem particularly useful to me, and at least some of them will be difficult to implement. So, mandatory or not, what MIBs are commonly implemented on systems supporting PPP? Chris --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
MIB warnings I don't understand
I'm trying to add to an existing, private MIB and I'm having no end of trouble. I was previously pointed to the MIB lint sort of tool at http://www.ibr.cs.tu-bs.de/bin/smitools.cgi and it's very nice. I cleaned up quite a few little things that have been in my MIB for some time. However, I'm left with two things I don't understand. First, smitools.cgi says: mibs/MY-MIB.txt:171: [5] {identifier-external-redifined} warning: redefinition of identifier `IF-MIB::ifIndex' /usr/local/share/mibs/ietf/IF-MIB:185: [6] {previous-definition} info: previous definition of `ifIndex' Where I've got: ifIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION ::= { portTestEntry 1 } I don't understand MIB scoping but I'd have expected I was creating this object in *my* MIB, not as a global Why the conflict? Second, smitool.cgi complains: mibs/MY-MIB.txt:82: [4] {group-membership} warning: node `p1status' must be contained in at least one conformance group mibs/MY-MIB.txt:94: [4] {group-membership} warning: node `p2status' must be contained in at least one conformance group (and 8 other objects, too). Confirmance group? What's that? Chris --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: What's Too Long mean? - resolved
My client appears to have been built with bad headers. I maintain two builds: one for a big-endian system, one for a little-endian system and somehow something didn't get completely updated when I switched. I did a thorough cleaning this morning, rebuild for the problem platform and it works now. Thanks for the direction on adding debug tokens. I've filed it for future reference. Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: What's Too Long mean?
On Mon, 2006-01-30 at 16:32 -0500, [EMAIL PROTECTED] wrote: I have an application based on Net-SNMP v5.2 which I build for PPC and Arm. On PPC it works fine. On Arm [it] gives GetSysValues: Too Long in the log. Can someone help me understand what that's about? ... Try running with '-Dsess_async_send,usm to pin down exactly what is throwing this particular error. That produces no output. Strangely, I can get the desired values with snmpwalk from another system, it's the function which does on-node access for the UI that fails. That uses a different community but why that should lead to Too long is a mystery. (The community strings are the same length.) shrug I'll look into the source more, see where that maximum message size is set and used. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: What's Too Long mean?
On Tue, 2006-01-31 at 08:25 -0500, [EMAIL PROTECTED] wrote: But I ran _snmpd_ with -Dsess_async_send and I think this is reported by the client. Did you mean to run the client with -D? It could be either. It might be the agent receiving the request, but being unable to return a response. Or the client may be unable to send the request in the first place. Running the agent with '-d' would indicate whether it's receiving the request or not. Apparently not, no output. (Particularly if you send a single 'snmpget' or 'snmpgetnext' request, rather than the repeated requests of 'snmpwalk') I don't think my client is smart enough to pass command-line options to SNMP library initialization. If your client doesn't handle the standard command-line options, then try adding: debug_register_tokens(sess_async_send); to the code. I'll do that. Thanks. I wonder if these some endian issue with the max. messsage size? PPC and Arm have different endianness. But surely I wouldn't be the first to find this. And that doesn't explain that it works off-node but not on. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: What's Too Long mean?
On Tue, 2006-01-31 at 08:07 -0500, [EMAIL PROTECTED] wrote: Strangely, I can get the desired values with snmpwalk from another system, it's the function which does on-node access for the UI that fails. That uses a different community but why that should lead to Too long is a mystery. (The community strings are the same length.) Ah - this is using one of the community-based versions, then? That would tend to rule out the USM-related sources of this message. The only other place I could see where this error is set was checking against the two msgMaxSize limits (in _sess_async_send) But running the agent with -Dsess_async_send should have reported this. But I ran _snmpd_ with -Dsess_async_send and I think this is reported by the client. Did you mean to run the client with -D? I don't think my client is smart enough to pass command-line options to SNMP library initialization. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
What's Too Long mean?
I have an application based on Net-SNMP v5.2 which I build for PPC and Arm. On PPC it works fine. On Arm, status = snmp_synch_response(ss, pdu, response); ... if (status == STAT_SUCCESS) snmp_log(LOG_ERR, Error in packet. Reason: %s\n, snmp_errstring(response-errstat)); else snmp_sess_perror(GetSysValues, ss); gives GetSysValues: Too Long in the log. Can someone help me understand what that's about? Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
How to perform long-running task in subagent
I seem to recall seeing something like this on the list before but I had trouble picking keywords to search the archive and the hits I did find, didn't answer my question. I want to use SNMP to trigger a long-running process, mostly during testing, not in production. For example, I want to set a bit in a testing MIB that'll cause my device to exercise the on-board LEDs. I need to turn the LEDs on and off in relatively long-duration patterns to that a tester can observe them. This can take 30-60 seconds. I've got it prototyped but when I use snmpset to set the bit, it reports a timeout because the subagent takes so long. Is there a common idiom for doing something that takes a long time in an agent? Do I need a separate thread for those actions and have the agent just set a bit the thread can see? Is there a a better way? Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
What am I going wrong with mib2c?
I know I've done this before with success -- on this MIB -- but today after adding another column to a table in my private MIB, mib2c refuses to see my table. [root] # head `which mib2c` #!/usr/bin/perl #!/usr/bin/perl # # $Id: mib2c,v 5.57 2004/09/10 12:30:15 dts12 Exp $ # [root] # mib2c SNMPv2-SMI::enterprises.20540.2.1..1 writing to - mib2c has multiple configuration files depending on the type of code you need to write. You must pick one depending on your need. You requested mib2c to be run on the following part of the MIB tree: OID:et9ms numeric translation:.1.3.6.1.4.1.20540.2.1 number of scalars within: 3 number of tables within: 0 number of notifications within: 0 But there's a table in that MIB! I've looked and looked at my addition to the MIB and can't see any syntacic problem with it. Is there a MIB syntax verifier I can't find? Can snmptranslate be tricked into doing it? Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Ownership of agent persistent stores
In http://sourceforge.net/mailarchive/message.php?msg_id=9547341 I asked how to set ownership of persistent files. I must have gotten an answer (or figured it out) because my v5.1.1-based system has been working for ages. But I'm trying to move to v5.2.2 now and I'm seeing the same problem. The e-mail archives shows now answers to my question. Help. On a related matter, wouldn't it be nice if PERSISTENT_MASK could be set with a configure option like --with-persistent-directory? Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Ownership of agent persistent stores
In http://sourceforge.net/mailarchive/message.php?msg_id=9547341 I askedhow to set ownership of persistent files. I must have gotten an answer (or figured it out) because my v5.1.1-based system has been working forages. But I'm trying to move to v5.2.2 now and I'm seeing the same problem. The e-mail archives shows now answers to my question. Help. On a related matter, wouldn't it be nice if PERSISTENT_MASK could be set with a configure option like --with-persistent-directory? I also found http://sourceforge.net/mailarchive/message.php?msg_id=9550619 which describes a patch I'd made to read_config.c in v5.1.1. I'd like to avoid the patch in v5.2.2 if I can but with v5.2.2 modifified with PERSISTENT_MASK 007, I still get the file owned by root/root, not by root/agentgroup (where 'agentgroup' is found in /usr/share/snmp/snmpd.conf). --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
No traps in v5.2.2.rc6?
This is a preliminary report -- I'm still trying to prove I'm not doing something wrong -- but I can't get any traps out of v5.2.2 rc6. I've rebuilt my whole system against v5.5.2 headers and libraries and my configuration definitely calls for authorization traps and my subagent sends link up/down traps but there's nothing going out. Is anyone else having problems with traps in v5.2.2? Chris --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Re-reading a persistent store
On Wed, 2005-11-09 at 14:11 -0500, [EMAIL PROTECTED] wrote: I found code in the agent to re-read configuration when a SIGHUP is received but changing my-subagent.conf and issuing SIGHUP to snmpd didn't reread the persistent store. That should have triggered the main snmpd agent to re-read its configuration (including the persistent storage). But the main agent and the subagent are two completely independent processes. Reconfiguring one won't have any effect on the other. Yeah, I know that they're two different processes but I thought that the agent and subagent communicated more. I thought -- and perhaps I haven't looked at this closely enough -- that on shutdown the agent tells the subagent to save its persistent values. Based on that perhaps weak assumption, I thought it would also tell it to reread config. Do I need to send SIGHUP to my sub-agent? You certainly need to tell your sub-agent to re-read its configuration. Without seeing the exact code, I wouldn't like to say whether SIGHUP would do the trick, but it's worth a try. Well, I was asking if the subagent code set up a signal handler for SIGHUP. I guess I see now that that's unlikely. Suck it and see. Huh? --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Re-reading a persistent store
On Thu, 2005-11-10 at 07:37 -0500, [EMAIL PROTECTED] wrote: I thought . that on shutdown the agent tells the subagent to save its persistent values. Hmmm... that's an idea, I suppose. In general, the administration side of the AgentX protocol is very much driven by the subagent - the master agent just listens for incoming registrations. But the master agent *does* explicitly close any AgentX connections when it shuts down. I suppose that could potentially trigger saving the configuration. I think it does. It's been a while since I worked on that code but I don't think _I'm_ doing anything to trigger that save. Maybe I am... ... Well, I was asking if the subagent code set up a signal handler for SIGHUP. I guess I see now that that's unlikely. Not necessarily. If you're using the main Net-SNMP agent in a subagent role, then that will inherit the same behaviour as the master agent, so *would* include the usual SIGHUP handling. I haven't looked at the stripped-down subagent framework, to see whether that does or not. But it wouldn't be too difficult to add if necessary. And if the subagent is mostly code you've written yourself, then it'd depend on whether you coded SIGHUP handling or not :-) :-) Yes, my subagent is mostly my code, a 3-thread program with the subagent in one thread. Suck it and see. Huh? Sorry - must be a British expression. ... I guessed that might be the case from your .uk address. --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re-reading a persistent store
I'm using v5.1.1 (soon to upgrade to v5.2.2) and I have a sub-agent which stores data in a persisent store (/var/net-snmp/my-subagent.conf). In my subagent, I have: // // Handle persistent storage of per-port link up/down trap enable // The read callback for (port = 1; port numports; ++port) { char token[128]; sprintf(token, %s_%d, TRAP_CONFIG_TOKEN, port); register_config_handler(NULL, token, parseTrapEnable, NULL, NULL); } // The store callback snmp_register_callback(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_STORE_DATA, storeTrapEnable, 0); On startup the values get read from the persistent store and on shutdown the store is rewritten. However, I want to be able to change the file while snmpd (and the sub-agent) are running and have the values re-read. I found code in the agent to re-read configuration when a SIGHUP is received but changing my-subagent.conf and issuing SIGHUP to snmpd didn't reread the persistent store. Am I missing something? Is there another callback I need to register for reconfig? Do I need to send SIGHUP to my sub-agent? --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Can't disable authentication traps
I'm using v5.1.1 and I find that I can't disable generation of authentication traps. I've used snmpget to verify that the setting is disabled and I've looked at the persistent store in snmpd.conf and verified that pauthenabled is 2 (disabled). Looking for authentication as a keyword for any bug or patch on SourceForge found no hits at all and the closest e-mail I found in the archives was http://sourceforge.net/mailarchive/message.php?msg_id=8682029 but the thread seems to stop after 3 message with no resolution. (Can I just say I hate the archives of this list? If there's a way to sort by date or to thread messages, I can't find it. sigh) Is it possible to turn off authentication failures in Net-SNMP v5.1.1? If not, was this fixed in later version? Thanks in advance... Chris --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Tracing SNMPD activity
I imagine I'm being stupid this morning but I can't figure this out. I appreciate any pointers. I'm using Net-SNMP v5.1.1 and I have an SNMP subagent that's crapping out with a segfault but I can't narrow down what object it's handling when it dies. I do an snmpwalk and the output ends with: Q-BRIDGE-MIB::dot1qTpFdbStatus.0.'...Â..'.14 = INTEGER: mgmt(5) Q-BRIDGE-MIB::dot1qTpFdbStatus.0.'...Â..'.15 = INTEGER: mgmt(5) Error in packet. Reason: (genError) A general failure occured Failed object: Q-BRIDGE-MIB::dot1qTpFdbStatus.0.'...Â..'.15 Q-BRIDGE-MIB::dot1qTpFdbStatus.0.'...Â..'.15 is the last TpFdbStatus I expect (the preceeding list of TpFdbPort ends at 15) so I _think_ my subagent is being asked for the next item in the MIB, whatever that might be. Ethereal shows a GET_NEXT packet with the dot1qTpFdbStatus OID above. On an older system that works, the next object retrieved is IF-MIB::ifName.1 but when I instrument my get_ifName function, it appears it never gets called. Looking at http://www.net-snmp.org/docs/man/snmpd.html, it seemed that the -d option would help me. But when I do: /usr/sbin/snmpd -I -interface -I -icmp -f -d (I always do -I -interface -I -icmp), I see only: create_trap_session() with version 1 add_trap_session() creating version 1 trap and no Dump (in hexadecimal) the sent and received SNMP packets. What am I doing wrong? Alternatively, is there a Net-SNMP tool that will tell me what the next OID after Q-BRIDGE-MIB::dot1qTpFdbStatus.0.'...Â..'.15 is? Thanks. Chris --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Debugging illegal instruction in v5.1.1 when sending traps
As suggested here recently, I got my application in a debugger and recreated the problem. I'm running gdbserver on PPC (the target host) with Insight on x86 Linux (the development environment). When the problem occurs, the Source Window of Insight says, Select a function name to disassemble the status line says, Program stopped at 0x1007e668, the function list (I think) is empty, and the Stack window has one line: ??. If I continue, the illegal instuction signal is processed and the program terminates. I'm guessing that the stack got corrupt and I've branched off into the weeds somewhere. But I've got no stack to pop, how do I get back to where it went wrong? The line before where I think it goes bad is hit often enough that I can't really set a breakpoint there 'cuz I don't know which trip there will fail. Chris --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Threading and Net-SNMP
I'm still having trouble finding my illegal instruction error and I've gotten to thinking about threads. I have a multi-threaded program that sends traps from one thread and acts as a sub-agent in another thread. Traps are asychronous and don't require any kind of session or state so this is all safe, right? Chris --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Illegal instruction when sending traps in v5.1.1
On Fri, 05 Aug 2005 10:33:17 -0400 [EMAIL PROTECTED] wrote: CRC template_v2pdu-command = sink-pdutype; CRC send_trap_to_sess(sink-sesp, template_v2pdu); CRC CRC the last executable line in that (sending with template_v2pdu) CRC is where my program crashes. can you get this to happen in a debugger? A stack trace would be helpful. Have you stepped into send_trap_to_sess() to see what's happening there? I'm going to try that tomorrow but it's cross-platform remote debugging of an embedded system. --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Illegal instruction when sending traps in v5.1.1
I wrote a few weeks ago about a problem I was having in send_v2trap(). I've narrowed it down but while I continue to research, I'd appreciate any feedback or insight members of this list have. In agent_trap.c, toward the end of netsnmp_send_traps(), I find: /* * Now loop through the list of trap sinks * and call the trap callback routines, * providing an appropriately formatted PDU in each case */ for (sink = sinks; sink; sink = sink-next) { if (sink-version == SNMP_VERSION_1) { send_trap_to_sess(sink-sesp, template_v1pdu); } else { template_v2pdu-command = sink-pdutype; send_trap_to_sess(sink-sesp, template_v2pdu); } } the last executable line in that (sending with template_v2pdu) is where my program crashes. I've already peppered this routine with: printf(%s:%d\n, __FILE__, __LINE__); to find this out. If I change that to printf(%s:%d, sink-version:%d\n, __FILE__, __LINE__, sink-version); between the for and the if, the value printed is 193. If sink-version is tested against SNMP_VERSION_1 (defined as 0 in include/net-snmp/library/snmp.h), I'd expect other legal values to be SNMP_VERSION_2c and SNMP_VERSION_3 (from the same include file). But 193 isn't listed at all, even as an illegal or unused value. Am I right about where this comes from, what expected values are? Granted that there's some problem elsewhere that puts this 193 where it oughtn't to be, might this bit of code be safer as: for (sink = sinks; sink; sink = sink-next) { switch (sink-version) { case SNMP_VERSION_1: send_trap_to_sess(sink-sesp, template_v1pdu); break; case SNMP_VERSION_2c: template_v2pdu-command = sink-pdutype; send_trap_to_sess(sink-sesp, template_v2pdu); break; default: // Log unexpected value } } Thanks for any feedback. Chris --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Illegal instruction when sending traps in v5.1.1
printf(%s:%d, sink-version:%d\n, __FILE__, __LINE__, sink-version); between the for and the if, the value printed is 193. OK. So I see that 193 is AGENTX_VERSON_BASE | 0x1. I guess that's valid. I'll dig deeper. --- SF.Net email is Sponsored by the Better Software Conference EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile Plan-Driven Development * Managing Projects Teams * Testing QA Security * Process Improvement Measurement * http://www.sqe.com/bsce5sf ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
IP address in com2sec directive?
I have a configuration tool which uses SNMP locally to talk to the agent and retrieve and set some data. I've recently run into a problem where mis-configured networking prevented host resolution (`ping localhost` hung). I'd like to convert my utility to connect to 127.0.0.1 (which will always be localhost, at least on my system) so name resolutino is needed and I wonder if I can also put that in snmpd.conf in the SOURCE field of a com2sec directive. The description of com2sec documentation on snmpd.conf.5 isn't clear (to me) and searching the list archives for localhost or localhost com2sec found no relevant hits. I'd guess I can at least put 127.0.0.1/32 but would 127.0.0.1 work? Chris --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Illegal instruction in send_v2trap(), any thoughts?
I realize this is a long shot, that I'm behind revisions, and all that but have a little pity on me, please, I'm working with an old embedded system. Recently, I've seen a problem in send_v2trap() that's fairly easy to reproduce (though with a sequence that's very specific to my system and I don't know that I can generalize it; I'll work on that). I'm using Net-SNMP 5.1.1, cross-compiled from Intel to PPC Linux and calling send_v2trap() results in an Illegal Instruction error. The code looks like: oid objid_snmptrap[] = { 1, 3, 6, 1, 6, 3, 1, 1, 4, 1, 0 }; size_t objid_snmptrap_len = OID_LENGTH(objid_snmptrap); // 0 overwritten below with 3 (down) or 4 (up) oid notification_oid[] = {1, 3, 6, 1, 6, 3, 1, 1, 5, 0 }; size_t notification_oid_len = OID_LENGTH(notification_oid); oid ifindex_oid[] = { 1, 3, 6, 1, 2, 1, 2, 2, 1, 1 }; size_t ifindex_oidlen = OID_LENGTH(ifindex_oid); netsnmp_variable_list *notification_vars = NULL; static int port; if (port-MAC_Operational) notification_oid[notification_oid_len-1] = 4; // Up else notification_oid[notification_oid_len-1] = 3; // Down /* * add in the trap definition object */ snmp_varlist_add_variable(notification_vars, objid_snmptrap, objid_snmptrap_len, ASN_OBJECT_ID, (u_char*)notification_oid, notification_oid_len * sizeof(oid)); /* and the interface number */ port = port-portId; snmp_varlist_add_variable(notification_vars, ifindex_oid, ifindex_oidlen, ASN_INTEGER, (u_char*)port, sizeof(port)); /* * send the trap out. This will send it to all registered * receivers (see the SETTING UP TRAP AND/OR INFORM * DESTINATIONS section of the snmpd.conf manual page. */ send_v2trap(notification_vars); I've peppered this with printf(%s:%d\n, __FILE__, __LINE__) and I get to the line before send_v2trap() but never the line after. I'll dig into the code, put in more debugging, etc. but any Net-SNMP-unique insight would be appreciated. Thanks. Chris --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Passing extra data to table handlers
I used mib2c to create a subagent which handles dot1dBridge MIB entries. Specifically, I am now working on dot1dTpFdbTable. My main program knows about something that the get_dot1dTpFdb*() routines need to know to get data. I could make it a global, but that's so grody. ;-) I started down the path of adding a void* (or some more type-specific pointer argument) to init_dot1dBridgeT() and passing it down to initialize_table_dot1dTpFdbTable() but then I hit a dead end. Or is the myvoid field on netsnmp_iterator_info intended for that? --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Slightly OT: Can I _set_ interface speed via a standard MIB?
On Tue, 07 Jun 2005 11:17:08 -0400 [EMAIL PROTECTED] wrote: CRC I see RFC1213-MIB::ifSpeed is read-only. Is there a MIB entry CRC that will allow me to force a specific speed for an interface? No, but some OS support configuring it in snmpd.conf (see interface directivein man page). Thanks but I need to do this dynamically for testing (and I want to make sure end users never see these entries with snmpwalk or whatever). Here's an idea: - I add speed setting entries to my enterprise MIB - I set up security so that those entries are excluded from all views - On my test machine, I add a view or remove the restriction so I can see those entries Does that sound good? Any better ideas? Chris --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61 plasma display: http://www.necitguy.com/?r=20 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Slightly OT: Can I _set_ interface speed via a standard MIB?
I see RFC1213-MIB::ifSpeed is read-only. Is there a MIB entry that will allow me to force a specific speed for an interface? --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61 plasma display: http://www.necitguy.com/?r=20 ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
What's dot1qForwardAllTable for?
I've read RFC 2674 and Q-BRIDGE-MIB, I've taken a look at section 12 of IEEE 802.1Q and I still don't get what dot1qForwardAllTable is for. I look at the description of dot1qForwardAllPorts and I see: The complete set of ports in this VLAN to which all multicast group-addressed frames are to be forwarded. This includes ports for which this need has been determined dynamically by GMRP, or configured statically by management. And I'm not sure I understand what they mean by all. If IGMP or GVRP is being used, isn't it true that (generally) _no_ ports will receive _all_ multicasts? That is, that each multicast GDA will be filtered to only go to certain ports. Is dot1qForwardAllPorts the intersection of all the filters? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Q-BRIDGE-MIB::dot1qTpFdbTable entry format
I think I've seen a discussion of this sort of thing before -- I may even have been in it -- but I can't remember the solution. I'm using Net-SNMP 5.1.1 and I've used mib2c to generate a template for the 802.1Q MIB. I've filled in a lot of the table but I'm getting back unreadable entry OIDs: ]$ snmpwalk -v 2c -c public ipm dot1qTpFdbTable Q-BRIDGE-MIB::dot1qTpFdbPort.0.'.. .( '.26 = INTEGER: 16 Q-BRIDGE-MIB::dot1qTpFdbPort.0.'.. .c¬'.24 = INTEGER: 16 Why isn't the middle of that OID readable? Actually, my 802.1D table has the same problem: snmpwalk -v 2c -c public ipm dot1dTpFdbTable BRIDGE-MIB::dot1dTpFdbAddress.'. .( .' = Hex-STRING: 00 A0 1D 28 A0 1A BRIDGE-MIB::dot1dTpFdbAddress.'. .c¬.' = Hex-STRING: 00 A0 1D 63 AC 18 TIA. Chris --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Table iterators and mydata
On Fri, 08 Apr 2005 16:09:00 -0400 [EMAIL PROTECTED] wrote: ... CRC I take it from the my in mydata that Net-SNMP doesn't dereference it CRC and try to access fields on a netsnmp_iterator_info structure CRC but I'm not CRC 100% sure. Is it true that Net-SNMP won't dereferenced mydata? CRC Can I do something like: CRC CRCmydata = (netsnmp_iterator_info*)-1; CRC CRC to pass data to my get_next_data() function? No, C doesn't work that way. Values assigned to a parameter in a function don't change the original value outside the function. That's why the two contextvariables are pointers to pointers.. Duh! Of course. I rushed through my posting Friday (and I've been writing too much Tcl lately). mydata is supposed to be the data associated with the index you set in get_first or get_next. The agent will remember the mydata pointer for the index is selects for each varbind in a request. Hmmm. I'm not understanding the intent. Why isn't it just a void** or something so I can put whatever I want there. Can you point me at a little example of it's proper use? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Table iterators and mydata
I've looked at mib2c generated code and in table_iterator.h and don't feel I have a clear idea of this yet. mib2c created functions like: netsnmp_variable_list * ifTable_get_first_data_point(void **my_loop_context, void **my_data_context, netsnmp_variable_list * put_index_data, netsnmp_iterator_info *mydata) I take it from the my in mydata that Net-SNMP doesn't dereference it and try to access fields on a netsnmp_iterator_info structure but I'm not 100% sure. Can I do something like: mydata = (netsnmp_iterator_info*)-1; to pass data to my get_next_data() function? Chris --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Formatting of TpFdbTable entries
I'm sure this has worked for me before and I don't know what may have changed to cause this problem. Today when I try to walk the TpFdbTable (.1.3.6.1.2.1.17.4.3), I get gibberish: $ snmpwalk -v 2c -c public 10.93.0.15 .1.3.6.1.2.1.17.4.3 | more BRIDGE-MIB::dot1dTpFdbAddress.'..' = STRING: ÿÿ BRIDGE-MIB::dot1dTpFdbPort.'..' = INTEGER: 8 BRIDGE-MIB::dot1dTpFdbStatus.'..' = INTEGER: learned(3) This seems to me to be a presentation issue (in snmpwalk) not an agent issue (in my sub-agent code) but my NetSNMP installation hasn't changed. Any insight appreciated... --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Non-standard interfaces in ifTable
... As far as future compatibility goes, getting the kernel to recognize your interfaces is the best option. If that's not possible, then you'll have to maintain proprietary patches against net-snmp. Robert, I know you're the expert here but I've got non-standard Interfaces working without patching code. I disabled interfaces in the agent (-I -interfaces) and then have a sub-agent which implements interfaces (I ran mib2c on the interfaces MIB and filled in the code). I'd _love_ to be able to have both and another active thread on this list (Managing multiple instances of a MIB) suggests I can. But you can, at least, implement interfaces without patching anything. Or maybe I misunderstand the OP's intent. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Timeout with local connection to snmpd
On Mon, 14 Feb 2005 14:58:24 -0500 [EMAIL PROTECTED] wrote: CRC session.peername = localhost; CRC session.retries = 3; CRC session.version = SNMP_VERSION_2c; CRC session.community = private; CRC session.community_len = strlen(session.community); CRC CRC ss = snmp_open(session); CRC CRC I don't see private in those packets. Should I? Yes. CRC Any idea why this doesn't work? Nope. What does the session structure look like after you call snmp_open? My code says: session.peername = localhost; session.retries = 1; session.version = SNMP_VERSION_2c; session.community = config; session.community_len = strlen(session.community); /* establish the session */ ss = snmp_open(session); snmp_log(LOG_INFO, peername:%s\n, session.peername); snmp_log(LOG_INFO, community:%s\n, session.community); and the log output is: peername:localhost community:(null) What the heck is _that_ about? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Timeout with local connection to snmpd
On Tue, 15 Feb 2005 08:33:40 -0500 [EMAIL PROTECTED] wrote: CRC session.peername = localhost; CRC session.community = config; CRC session.community_len = strlen(session.community); CRC CRC /* establish the session */ CRC ss = snmp_open(session); CRC CRC snmp_log(LOG_INFO, peername:%s\n, session.peername); CRC snmp_log(LOG_INFO, community:%s\n, session.community); CRC CRC and the log output is: CRC CRCpeername:localhost CRCcommunity:(null) CRC CRC What the heck is _that_ about? Excellent question. Yeah, I'm full of 'em. ;-) I don't see anything in the code that would clear the memory in the input session. Is ss NULL? If not, what does it contain for community? I'll look. Whenever something really weird like this happens, my first thought is 'mismatched libraries.' Yeah, we've had that discussion before. I was pretty careful to scrub by development and test systems for 5.1 libraries before I did this. I did `make -n` and looked at all the directories listed for -L options. I've done ldconfig. Check that ls /usr/lib/*snmp* /usr/local/lib/*snmp* doesn't return multiple versions of the libraries. Nothing in /usr/local/lib, all 5.2.1 in /usr/lib. I'd also recommend building a static version (configure --disable-shared --enable-static) for easierdebugging, and stepping into snmp_open and following it down the stack, watching to see where the community gets cleared. OK. I'll try that now. Thanks. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Non-standard interfaces in ifTable
On Tue, 15 Feb 2005 07:47:23 -0500 [EMAIL PROTECTED] wrote: CRC ... CRC As far as future compatibility goes, getting the kernel to CRC recognize your interfaces is the best option. If that's not possible,CRC then you'll have to maintain proprietary patches against net-snmp. CRC CRC Robert, I know you're the expert here but I've got non- standard Interfaces CRC working without patching code. I disabled interfaces in the agent (-I CRC -interfaces) and then have a sub-agent which implements interfaces Well, I consider removing some code (-I -interfaces) and adding other code (subagent) a form of patching. i.e. it isn't going to work out of the box. I guess we have a problem of definition then. I'm not patching unless I have to keep track of my changes and update distributed source with `patch`. (And my -I is done at runtime, not build time). CRC I'd _love_ to be CRC able to have both and another active thread on this list (ManagingCRC multiple instances of a MIB) suggests I can. Summarizing from my FAQ here: http://www.freesnmp.com/net-snmp/faqs/#multidev You can have both by using contexts, but: ... Having said that, there is another way to have both, but it does have some risks. See my next response to Jeff in this same thread. OK. Thanks. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Timeout with local connection to snmpd
... Is ss NULL? If not, what does it contain for community? ... OK. I've built with static libraries and my code now looks like: session.peername = localhost; session.retries = 1; session.version = SNMP_VERSION_2c; session.community = config; session.community_len = strlen(session.community); /* establish the session */ ss = snmp_open(session); snmp_log(LOG_INFO, session.peername:%s\n, session.peername); snmp_log(LOG_INFO, session.community:%s\n, session.community); if ( ! ss) { snmp_perror(ack); snmp_log(LOG_ERR, Could not establish session with SNMP daemon.\n); return NULL; } snmp_log(LOG_INFO, ss:%p\n, ss); snmp_log(LOG_INFO, ss-peername:%s\n, ss-peername); snmp_log(LOG_INFO, ss-community:%s\n, ss-community); and my log says: session.peername:localhost session.community:(null) ss:0x101689e0 ss-peername:localhost ss-community:(null) I can't really step into the code because the target environment is an embedded system where I don't have good debugging support. I can pepper snmp_open() with fprintf()s. :-/ But you say that you don't see anything there that would trash the community... --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Timeout with local connection to snmpd
I'm trying to validate that SourceForge bug 1016849 is no longer a problem -- I seem to be the only person who's seen it -- in v5.2 and I'm running into _other_ problems. I DLd and built and installed 5.2.1. I can snmpget remotely but my application which does local access to snmpd times out. I added: netsnmp_ds_set_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_DUMP_PACKET, 1); and the dump looks like: Sending 93 bytes to UDP: [127.0.0.1]:161 : 30 5B 02 01 01 04 00 A0 54 02 04 24 FE 8E F8 020[..T..$ 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. repeated 3x, then the timeout. I'm trying to do v2c access with private as a community string (which works remotely). session.peername = localhost; session.retries = 3; session.version = SNMP_VERSION_2c; session.community = private; session.community_len = strlen(session.community); ss = snmp_open(session); I don't see private in those packets. Should I? Any idea why this doesn't work? --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Non-standard interfaces in ifTable
I have an embedded Linux system with some interfaces that are not standard, i.e. the default ifTable implementation isn't getting part or all of the information. From looking at the code, it appears that I willneed to directly modify the source that comes with net-snmp. ... You can tell the agent to not handle individual MIBs. I think it's something like -I -interfaces then you can have a sub-agent register to handle the interfaces MIB. I'm not sure what you'd do if you want the standard interfaces and your own. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: RE: Non-standard interfaces in ifTable
I have an embedded Linux system with some interfaces that are not standard, i.e. the default ifTable implementation isn't getting part or all of the information. From looking at the code, it appears that I willneed to directly modify the source that comes with net-snmp. ... You can tell the agent to not handle individual MIBs. I think it's something like -I -interfaces then you can have a sub-agent register to handle the interfaces MIB. I'm not sure what you'd do if you want the standard interfaces and your own. This is basically the approach I was thinking. Disable the automatic build of the IF-MIB, ... Sorry I wasn't clear. -I -interfaces is a _runtime_ switch. Start a standard snmpd up with it and it _won't_ serve out the interfaces MIB. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click ___ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: New front end for the Net-SNMP website.
... Getting the correct balance between completeness and compactness is a Non Trivial Problem. But is it NP-Complete? ;-) --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: RE: New front end for the Net-SNMP website.
Quite nice overall but several nits, if I may. Curiously, all in: Net-SNMP is available for many Unix and Unix like operating systems and also for Windows. I've often been corrected that as a TM of Bell Labs (or whoever), UNIX is all capitals. (I've generally said Unix to mean UNIX and work-alike operating systems.) As an adjective, Unix-like should be hyphenated. It bugs me that Microsoft has coopted so many nouns for their own use. While I don't think Windows is unclear, Microsoft Windows would be more precise and less painful. ;-) Chris --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Is there a MIB value for geographic location?
... There is the sysLocation value, which is easily accessible in the snmpd.conffile, but I guess that normally this is not used for a latitude and longitude. Are there any difficulties in using it this way? All the examples talk about this as a geographic location, but then give examples using it as a postaladdress. ... We use sysLocation for things like, Wiring closet 3, rack 2. I imagine that if for your deployment you set a convention of putting a latitude and longitude in sysLocation, you'll be fine. (Of course, someone else may chime in and say that there is a better place for that.) --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Linking to static Net-SNMP libraries
I'm trying to confirm that a problem I'm having with 5.2rc1 is in my use of dynamic libraries leading to some conflict but when I try to link against static libraries, I get an error. I've modified the Makefile link line for my client to: $(CC) $(CFLAGS) -o $(PROGNAME) $(OBJS) \ -static -lnetsnmp -dynamic -ldl -lcrypto -lm But I get: ld: cannot find -lcrypto collect2: ld returned 1 exit status I know I'm a little dim this week but shouldn't surrounding -lnetsnmp by -static and -dynmaic leave everything else unchanged? TIA --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Linking to static Net-SNMP libraries
Are you attempting to build this on Linux? Actually, I'm cross-building on i386 Linux for PPC Linux. If so you need to have a completeinstallation. Not partial when installing on linux. You will get missing libraries if you only partially installing and yeslcrypto is one of those missing libs. I also hit this problem. I'm pretty sure I have a complete installation. Would that requirement change between a static and dynamic build. Oh, yeah, I guess it would. If the static libraries aren't available locally then it won't build at all but if the dynamic libraries aren't avaiable locally, it would fail at run time, not build time. Still, I _thought_ was making only net-snmp static. Hmm --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: snmp_open() problem in 5.2.rc1
This smells of library conflicts to me. Make sure you don't have a mix of snmp libraries installed in /usr/lib/*snmp* and/or /usr/local/lib/*snmp*. Also, try building with static libraries (configure --enable-static --disable-shared). That's a good clue. Thanks. I'm out of the office Friday. Probably won't be able to try this until Monday. Okay, but we'll remember that when it's time for promotions Well, since my _promotion_ is on the line, I dragged myself into the office today. ;-) I removed all traces of *snmp* from /usr/lib, rebuilt and reinstalled my client and found the same results. I pass a valid session-community into snmp_open() and it's null at the first executable line of snmp_open(). Any other ideas? --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
snmp_open() problem in 5.2.rc1
I'm trying to figure out why I have a null community in my agent when using 5.2.rc1 but the same code works OK with 5.1.1. I've got: struct snmp_session session; init_snmp(snmpapp); snmp_sess_init( session ); session.peername = localhost; session.retries = 1; session.version = SNMP_VERSION_2c; session.community = config; session.community_len = strlen(session.community); snmp_log(LOG_INFO, session.community:%s, community_len:%d\n, session.community, session.community_len); ss = snmp_open(session); snmp_log(LOG_INFO, ss-community:%s, community_len:%d\n, ss-community, ss-community_len); which shows session.community to be config and ss-community to be null. I edited snmp_open() to start: struct session_list *slp; snmp_log(LOG_INFO, %d:session-community=%s\n, __LINE__, session-community); and find that session-community is NULL *on* *entry* to snmp_open(). Then I noticed that I'm passing snmp_open() a struct snmp_session* but it's defined as: netsnmp_session * snmp_open(netsnmp_session *session) { Which leaves me wondering if snmp_session and netsnmp_session used to be compatible and aren't any more. Any other explanation that the community pointer on the structure gets trashed by invoking snmp_open()? Chris --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
... More particularly, the dump begins: 30 5B // request sequence 02 01 01// version = SNMPv2c 04 00 // community = A0 54 // GET PDU etc So the request is being sent with an empty community string (hence it's not suprising that the agent is discarding it). That tends to point the finger at the client again - in particular the 'snmp_open' call. What does the 'ss' structure look like? My code looks like this: snmp_sess_init( session ); /* set up defaults */ snmp_log(LOG_INFO, snmp_sess_init() complete\n); session.peername = localhost; session.retries = 1; session.version = SNMP_VERSION_2c; session.community = config; session.community_len = strlen(session.community); snmp_log(LOG_INFO, session.community:%s, community_len:%d\n, session.community, session.community_len); /* establish the session */ ss = snmp_open(session); snmp_log(LOG_INFO, ss-community:%s, community_len:%d\n, ss-community, ss-community_len); and the resulting log is: init_snmp() complete snmp_sess_init() complete session.community:config, community_len:6 snmp_open() complete ss-community:(null), community_len:1 connected Sending 93 bytes to UDP: [127.0.0.1]:161 : 30 5B 02 01 01 04 00 A0 54 02 04 70 59 6C 67 020[..T..pYlg. 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. So, snmp_open() appears to not be copying the community string. How come? I'll look into it a bit shortly. --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
... So, snmp_open() appears to not be copying the community string. How come? I'll look into it a bit shortly. I think I found the problem. Around line 998 of snmplib/snmp_api.c, there is a recent addition of: #if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C) which DeMorgan tells us is really: #if defined(DISABLE_SNMPV1) defined(DISABLE_SNMPV2C) and if I read the code around it properly, this says that community strings will *only* be copied if *neither* SNMPv1 or SNMPv2c was compiled into the agent. Not what was intended, I imagine. --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
I think I found the problem. Around line 998 of snmplib/snmp_api.c, there is a recent addition of: #if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C) which DeMorgan tells us is really: #if defined(DISABLE_SNMPV1) defined(DISABLE_SNMPV2C) Err no. Surely DeMorgan equates this to #if !(defined(DISABLE_SNMPV1) defined(DISABLE_SNMPV2C)) i.e. the exact opposite. Yes, you're right. SIGH It's been one of those days. I knew I shouldn't try to program with my brains scrambled. :-/ and if I read the code around it properly, this says that community strings will *only* be copied if *neither* SNMPv1 or SNMPv2c was compiled into the agent. Not what was intended, I imagine. I *think* (and there are a few too many negations for comfort!) That's for sure! At least I have some excuse for my poor DeMorganizing. ;-) that this is saying that this block should only be omitted if *both* SNMPv1 and SNMPv2c have been removed from the library. Which sounds right. Yes, I agree. But there's an easy way to tell - comment out this particular test, and recompile. Does that fix the problem? I modified the test to match my poor Boolean transformation. Obviously, that wasn't right. I'll try now to just remove it. --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588alloc_id=12065op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
I can use snmpget on another system to read, for example, system.sysDescr.0 but on-node, when I try to use the config community to get values, snmp_get() times out. What if you try with snmpget on that same node (not from a remote system)?If you run essentially the same command locally: snmpget -v 2c -c config localhost sysDescr.0 does it work or not? The local system is an embedded system with few resources. I haven't installed the tools (e.g., snmpget). I may be able to set up to do that with some n/w storage. I'll try... --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
... you should be able to see if a packet goes out, if the agent receives it, if the agent sends a response and if the app receives it. Thanks. My client logs: Sending 93 bytes to UDP: [127.0.0.1]:161 : 30 5B 02 01 01 04 00 A0 54 02 04 77 0B 12 D2 020[..T..w 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. Resending 93 bytes to UDP: [127.0.0.1]:161 : 30 5B 02 01 01 04 00 A0 54 02 04 77 0B 12 D2 020[..T..w 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. GetSysValues: Timeout and the agent logs: Turning on AgentX master support. NET-SNMP version 5.2.rc1 Received 93 bytes from UDP: [127.0.0.1]:49154 : 30 5B 02 01 01 04 00 A0 54 02 04 77 0B 12 D2 020[..T..w 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. Received SNMP packet(s) from UDP: [127.0.0.1]:49154 GET message -- SNMPv2-MIB::sysDescr.0 -- SNMPv2-MIB::sysContact.0 -- SNMPv2-MIB::sysName.0 -- SNMPv2-MIB::sysLocation.0 -- SNMPv2-MIB::sysUpTime.0 Received 93 bytes from UDP: [127.0.0.1]:49154 : 30 5B 02 01 01 04 00 A0 54 02 04 77 0B 12 D2 020[..T..w 0016: 01 00 02 01 00 30 46 30 0C 06 08 2B 06 01 02 01.0F0...+ 0032: 01 01 00 05 00 30 0C 06 08 2B 06 01 02 01 01 04.0...+.. 0048: 00 05 00 30 0C 06 08 2B 06 01 02 01 01 05 00 05...0...+ 0064: 00 30 0C 06 08 2B 06 01 02 01 01 06 00 05 00 30.0...+.0 0080: 0C 06 08 2B 06 01 02 01 01 03 00 05 00 ...+. Received SNMP packet(s) from UDP: [127.0.0.1]:49154 GET message -- SNMPv2-MIB::sysDescr.0 -- SNMPv2-MIB::sysContact.0 -- SNMPv2-MIB::sysName.0 -- SNMPv2-MIB::sysLocation.0 -- SNMPv2-MIB::sysUpTime.0 It seems that the communication is one-way; the agent doesn't say anything about sending a packet back to the client. --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Possible problem with authorization in 5.2.rc1
Well, I've come full circle. I think I've confirmed that I have an authorization problem. - snmpget on the local host times out just as my client application does - When the client times out, there's a note in the log that it tried (and failed, but that's another issue) to send an authorization failure trap. So, what's the problem? Did the format or expected content of com2sec, etc. change between 5.1.1 and 5.2.rc1? I've got the configuration shown below. The public community works on- and off-node, config doesn't work at all. This configuration works with 5.1.1, fails with 5.2.rc2 com2sec config localhost config group config v2c config view config included .1 access config any noauth exact config config config com2sec public default public view public included .1 group public_v2 v1 public group public_v2 v2c public access public_v2 any noauth exact public none none group public_v3 usm public access public_v3 any auth exact public none none --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Possible problem with authorization in 5.2.rc1
I'm trying to see if Bug 1016849 (https://sourceforge.net/tracker/?func=detailatid=112694aid=1016849group_id=12694) is still in 5.2. I've installed 45.2.rc1 and I'm having unrelated problems which are preventing me from validating the bug. My /usr/share/snmp/snmpd.conf (which works with 5.1.1) includes: com2sec config localhost config group config v2c config view config included .1 access config any noauth exact config config config com2sec public default public view public included .1 group public_v2 v1 public group public_v2 v2c public access public_v2 any noauth exact public none none group public_v3 usm public access public_v3 any auth exact public none none com2sec private default private view private included .1 group private_v2 v1 private group private_v2 v2c private access private_v2 any noauth exact private private private group private_v3 usm private access private_v3 any auth exact private private private and /var/net-snmp/snmpd.conf (also unchanged) has usmUser directives that make that work. I can use snmpget on another system to read, for example, system.sysDescr.0 but on-node, when I try to use the config community to get values, snmp_get() times out. My code -- unchange from when it worked with 5.1.1 -- includes: init_snmp(snmpapp); snmp_sess_init( session ); session.peername = localhost; session.retries = 1; session.version = SNMP_VERSION_2c; session.community = config; session.community_len = strlen(session.community); ss = snmp_open(session); if ( ! ss) { snmp_perror(ack); snmp_log(LOG_ERR, Could not establish session with SNMP daemon.\n); return NULL; } return ss; and does not log a failure. Are there issues with authentication in 5.2.rc1 that someone else has discovered? Did something in the snmp_sess_init() or snmp_open() change? --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: extending the agent
... apparently you have to modify some of the code. Doesn't the mib2c generates it all? mib2c really can't know where your data is coming from (or going to, for a set request). What it generates is a skeleton you can hang your own code on. It really is 90% of the work. There are some places that say: snmp_set_var_typed_value(requests-requestvb, ASN_OCTET_STR, (u_char *) /* XXX: a pointer to the scalar's data */, /* XXX: the length of the data in bytes */); where I suppose you have to fill in the XXX. What do you have to do in order to complete this? It depends on your application. You might have to get a value from come global and return it, you might have to look something up, query a database, make a system call. ... Can mib2c generate the full code? one you don't have to modify? No, that's really not possible. Lastly, I would like to know if for snmpv3, the snmp message travels encripted? If you use authentication, the user's password is encrypted. If you also use privacy, the PDU is encrypted. How do you set up an enviroment to work with snmpv3? For MD5 authentication, you don't really need to do anything beyond building the agent. For SHA authentication and for privacy (which only uses DES), you have to build the agent with OpenSSL support. I'm pretty sure you _don't_ have to have a full-blown SSL installation with keys, etc.; Net-SNMP only uses some of the algorithms from OpenSSL. When using snmpv3 you execute the commands with -v 3 and the message comes back encripted? I'm not sure what you're asking. Yes, both directions of v3 communication are encrypted (if you use authentication and privacy). Chris --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help, please. Can't get privacy to work
... How can I prove that snmpd has SSL build in? U... a) Try snmpget UCD-SNMP-MIB::versionConfigureOptions.0 That won't say explicitly, but will indicate how the suite was configured (which may indicate if it either turned on or turned off use of OpenSSL). I get: UCD-SNMP-MIB::versionConfigureOptions.0 = STRING: '--prefix=/usr' '--target=powerpc-linux' '--host=powerpc-linux' '--build=i386-pc-linux' '--with-endianness=big' '--with-cc=powerpc-linux-gcc' '--with-ar=powerpc-linux-ar' '--with-install-prefix=/IPm' '--with-cflags=-O2' '--disable-applications' '--disable-scripts' '--with-sys-location=Set location of switch' '--with-sys-contact=Set name (and e-mail) of contact for switch' '--with-logfile=/var/log/snmpd.log' '--with-default-snmp-version=3' '--with-persistent-directory=/var/net-snmp' 'build_alias=i386-pc-linux' 'host_alias=powerpc-linux' 'target_alias=powerpc-linux' Which _doesn't_ include ssl explicityly but does include SNMPv3 (--with-default-snmp-version=3). It seems that the configure script should either include SSL or complain if v3 is enabled and SSL isn't included. b) ldd snmpd That will show you which libraries are being linked to - any mention of 'libcrypto' or something similar would tend to indicate that it should support encrption Alas, ldd isn't available on my target and ldd on the system where I cross-build doesn't seem to recognize the foreign binary as a program: $ ldd snmpd not a dynamic executable $ file snmpd snmpd: ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1, dynamically linked (uses shared libs), stripped c) nm snmpd | grep -i encrypt $ nm snmpd nm: snmpd: no symbols ... d) strings snmpd| grep -i encrypt strings libnetsnmp.a | grep -i encrypt That seems telling: $ strings libnetsnmp.so.5.1.1 | grep -i encrypt sc_encrypt USM encryption error Encryption support not enabled. sc_encrypt Encrypt function not defined. Encryption successful. couldn't malloc %d bytes for encrypted PDU encrypted sPDU Failed while parsing encrypted sPDU. If either of these include the message Encryption support not enabled (or similar) then you're out of luck. (or at least would need to reconfigure/recompile) OK. I'll rebuild and see what I see. Though in fact, the remote agent should probably be logging this anyway. Yeah, that would be helpful. It might also be worth running the remote agent with '-Dscapi' and seeing what the debug output says. If rebuilding doesn't work... A few things for you to try, anyway. Thanks. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help, please. Can't get privacy to work
My agent was missing ssl. After much pain rebuilding, all it well. Thanks. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help, please. Can't get privacy to work
I'm trying to get v3 security to work. I can use -l authNopriv but -l authpriv gives decryption error. I don't understand that. Cryptography isn't my strong suit; I'm using a network sniffer to look at packets ... Ethereal reports that the reply to my encrypted PDU requesting sysLocation is a value of 3 for SNMP-USER-BASED-SM-MIB::usmStatsDecryptionErrors.0. Each additional attempt to use privacy results in that value being incremented. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help, please. Can't get privacy to work
I'm trying to get v3 security to work. I can use -l authNopriv but -l authpriv gives decryption error. I don't understand that. Cryptography isn't my strong suit; I'm using a network sniffer to look at packets ... Ethereal reports that the reply to my encrypted PDU requesting sysLocation is a value of 3 for SNMP-USER-BASED-SM-MIB::usmStatsDecryptionErrors.0. Each additional attempt to use privacy results in that value being incremented. I've now found that I can use SNMPv3 authpriv to access my local host which is running the same version (5.1.1) of net-snmp and has identical usr/vacm configuration. So, I infer that something about snmpd on my target isn't handling DES decryption. However, there's nothing in snmpd.log on the target. I know I read somewhere -- and can't find now -- that I have to have build snmpd with SSL to get encryption. How can I prove that snmpd has SSL build in? --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: How can I get createUser to be processed?
(Ooops. The first time I replied only to Thomas.) [EMAIL PROTECTED] wrote: The man page for snmpd.conf says: ... This directive should be placed into the /var/net- snmp/snmpd.conf file instead of the other normal locations. The reason is that the information is read from the file and then the line is removed (eliminating the storage of the master password for that user) and replaced with the key that is derived from it. ... But the only time I see /var/net-snmp/snmpd.conf being rewritten is if I kill the agent and start it again. Yes, that's current behaviour. The persistent file is only saved on shutdown.However, I'd tend to agree that it'd be useful to be able to force the *running* agent to save this file. Currently not implemented, though, AFAICS. When you say only _saved_ on shutdown, are you saying that if I write a createUser directive to /var/net-snmp/snmpd.c and hit the re-read config bit that the user will be created but the usmUser won't be written until the next shutdown? That's not what I'm seeing. The new user doesn't seem to be active until I restart. If re-writing the persistent file is deemed useful, I might do it and send a patch. Can anyone say how likely that patch would be to be accepted? Chris --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Permissions on /var/net-snmp/snmpd.conf
I have an administrative user, admin, who uses a configuration utility to manipulate parts of the system setup, including snmp users. To do this, I've set /var/net-snmp/snmpd.conf to look like: # ls -ld /var/net-snmp/ drwxrwxr-x2 root admin 0 Jan 1 02:14 /var/net-snmp/ # ls -l /var/net-snmp/snmpd.conf -rw-rw1 adminadmin 381 Jan 1 02:14 /var/net-snmp/snmpd.conf But everytime I restart the agent, this file gets rewritten to be: # ls -l /var/net-snmp/snmpd.conf -rw---1 root root 381 Jan 1 And then the administrative user can't access the file any longer. I found PERSISTENT_MASK but don't see any way to affect the _ownership_ of the recreated persistent file. Am I missing something? If not, I'm considering modifying whatever function rewrites the file to preserve ownership and mode. Is there a good alternative? A reason I shouldnt' do this? If it's a good idea, what function am I looking for? I'll keep looking but what a tangle web is net-snmp. ;-) Chris --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Am I confused or is read_config_read_octet_string broken?
On Wed, 15 Sep 2004 13:09:54 -0400 [EMAIL PROTECTED] wrote: CRC I'm trying to use read_config_read_octet_string() (in 5.1.1) and I'm not CRC getting the results I expect. ghost voiceUse the source, Luke.../ghost voice Yeah, I'm trying (that's where I found the snippet I posted). But it's not exactly a small, clear code base. ... No, the function is inconsistent in its use of the len parameter. In the case of a non-hex string and a user provided buffer, it passes len to a functionthat expects it to be a buffer size.Thus, adding one line before the read will fix your problem: len = sizeof(value); Thanks. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: How can I get createUser to be processed?
... I was unclear. Here's what I'm doing: - writing a createUser directive to /var/net-snmp/snmpd.conf - Poking the reconfig bit in the agent's MIB ... Here's the rub. I wan't actually poking the reconfig bit as I thought I was. That works now. Never mind. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Order of usmUser lines in /var/net-snmp/snmpd.conf
If I put multiple createUser lines in /var/net-snmp/snmpd.conf and restart the agent, can I expect or rely upon the resulting usmUser lines being in the same order? I'd like to be able to delete or modify one of several users but the usmUser lines are encrypted so I can't see which one corresponds to which of my original createUser lines. If I could count on them being in the same order, I'd be fine. Chris --- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Order of usmUser lines in /var/net-snmp/snmpd.conf
Thomas Anders wrote: No need to rely on the order. The usmUser lines aren't really encrypted, they just contain localized keys and some of the data (like the user name) in hex. The (notoriously undocumented) format actually is: usmUser userStatus userStorageType engineID name secName cloneFrom authProtocol authKey privProtocol privKey userPublicString It's very easy to find the entry you're looking for once you know this format. Hope this helps, Some but... In all my experimenting, the name and secName fields seem to be the same. Is that right? What would make them different? What's the userPublicString? --- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Am I confused or is read_config_read_octet_string broken?
I'm trying to use read_config_read_octet_string() (in 5.1.1) and I'm not getting the results I expect. It is written to allocate space for the return value if needed: /* * malloc data space if needed (+1 for good measure) */ if (*str == NULL) { if ((cptr = (u_char *) malloc(*len + 1)) == NULL) { return NULL; } *str = cptr; } else { cptr = *str; } and if I do: ... char* pt; size_t len; char* value; ... value = NULL; read_config_read_octet_string(pt, (u_char**)value, len); I get a value parsed out of the string pointed to by pt. But, if I do: ... char* pt; size_t len; char value[32]; ... read_config_read_octet_string(pt, (u_char**)value, len); len has the same value but only one character is copied into value. Am I missing something obvious and stupid? Chris --- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
How can I get createUser to be processed?
The man page for snmpd.conf says: ... This directive should be placed into the /var/net- snmp/snmpd.conf file instead of the other normal locations. The reason is that the information is read from the file and then the line is removed (eliminating the storage of the master password for that user) and replaced with the key that is derived from it. ... But the only time I see /var/net-snmp/snmpd.conf being rewritten is if I kill the agent and start it again. Poking UCD-SNMP-MIB::versionUpdateConfig.0 (.1.3.6.1.4.1.2021.100.11.0) doesn't seem to do it. Is that a bug or my misunderstanding and bad expectations? Chris --- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Complex views in VACM
How can I -- or, for that matter, can I -- create complex views of the MIB. For example, I'd like three users: public (read-only), private (read/write to most of the MIB), admin (read/write anything). How do I say, public can see everything except the VACM tables and the snmpd reset bit and private can set everything except the VACM tables and the snmpd reset bit? Chris --- This SF.Net email is sponsored by: thawte's Crypto Challenge Vl Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam Camcorder. More prizes in the weekly Lunch Hour Challenge. Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: SNMPv3 and encryption
... I'd suggest you downgrade this to be auth rather than priv, make sure the passwords are consistent, and concentrate on getting SNMPv3 authentication working first. *Then* try adding privacy as well. Thanks. I've got auth working and imagine priv isn't far behind. I spoke too soon. In /var/net-snmp/snmpd.conf, I've tried: createUser admin MD5 adminpwd DES adminpwd and createUser admin MD5 adminpwd DES and in /usr/share/snmp/snmpd.conf, I've got: accessadminanyauth exact all allall accessadminanypriv exact all allall Which I _think_ gives admin the same access whether using privacy or not. I've tried this with and without the auth line. After rebooting the system where the agent runs and seeing createUser turned into usmUser, I see: $ snmpwalk -v 3 -n -u admin -a MD5 -A adminpwd -x DES -X adminpwd -l authPriv theserver system snmpwalk: Decryption error Is this snmpwalk saying it couldn't decrpyt what came back from the agent? How do I fix it? --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: SNMPv3 and encryption
I put the following in /var/net-snmp/snmpd.conf: createUser admin MD5 admin DES [but] When I try: snmpwalk -v 3 -n -u admin -a MD5 -A adminpwd -x DES -X adminpwd -l authPriv theserver system I get: snmpwalk: Decryption error Either adminpwd should be admin in the command, or (the second) admin should be adminpwd in the createUser line. Yes, of course. Thank you. I actually had it consistent on my system but copied the wrong lines in to my mail. ... I'd suggest you downgrade this to be auth rather than priv, make sure the passwords are consistent, and concentrate on getting SNMPv3 authentication working first. *Then* try adding privacy as well. Thanks. I've got auth working and imagine priv isn't far behind. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: SNMPv3 and encryption
- Original Message - From: Dave Shield [EMAIL PROTECTED] Date: Friday, September 10, 2004 9:28 am Subject: Re: SNMPv3 and encryption ... After rebooting the system where the agent runs and seeing createUser turned into usmUser, I see: $ snmpwalk -v 3 . -l authPriv theserver system snmpwalk: Decryption error Try running the agent using something like snmpd -f -Le -d and give a *single* (encrypted) snmpgetnext command. Something like snmpget -r 0 -t 600 -v 3 -l authPriv theserver system You ought to see four packets at the agent - two request/response pairs.(The first to detect the engineID/bootInfo, and the second for the request itself) What do you actually see? That's what I see (attached). Any error messages at the agent end? Nope. snmpd.log Description: Binary data
SNMPv3 and encryption
I'm trying to get my head around SNMPv3, specifically the security aspects. I've read the FAQ and skimmed the RFCs but I need a little more orientation, if someone could oblige. The/a big differenece between v2c and v3 is that v2c uses a community string, passed in the clear whereas v3 uses a user and password passed on an encrypted channel. Is that right? I believe I know that v3 uses SSL for its encryption. And I think I know that if I use the net-snmp API or command-line tools on a client to contact net-snmp agent on a remote host, that all the encryption is handled for me under the covers. What I don't understand -- if that's all true -- is where the keys come from for establishing the connection. Do I have to generate keys? Do the agent and the API have keys that they know and use to trust each other? If there's a FAQ or tutorial on this, I'd be happy for the pointer but I haven't found anything that says, If you want to use v3, you have to generate keys and install them like this TIA. Chris --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Default community configuration
Looking at snmpd.conf.5, I find: The default configuration of the agent, as shipped, is functionally equivalent to the following entries: com2sec publicdefault public group publicv1 public group publicv2c public group publicusm public view all included .1 accesspublic any noauthexact all But what about private, the default r/w community? --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Secure access to agent
I want to limit access to the net-snmp agent (snmpd) to only secure (encrypted) channels. In the simplest case, I can include rouser and rwuser in snmpd.conf and omit rocommunity and rwcommunity. Is that right? If i want to get a little more sophisitcated, I can omit v1 and v2c from my group table like: # sec.model sec.name # group MyRWGroup v1 local # group MyRWGroup v2clocal group MyRWGroup usmlocal # group MyROGroup v1 mynetwork # group MyROGroup v2cmynetwork group MyROGroup usmmynetwork Is that right? What if I want a local user/community to use within a configuration utility but never want remote, unencrypted access. I'd include the MyRWGroup/v2c line above, right? Finally, am I correct that in v5.1.x, there's no way to compile v1 or v2c out of the agent? The best I can do is not configure insecure access? TIA. Chris --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047alloc_id=10808op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Saving persistent values *now*
(I've read this 3 times but I guess it's been a long day 'cuz it doesn't make sense to me.) Ok what I do is keep a local copy Local to what function? Where? of the set request data in an array. This could easily be a linked list of objects. When a set request is made I check a COMMIT flags in my MIB to see if that is set. If it is set when the commit function gets called (following the set action) I then pack the contents of the row into a message. This message is then parsed and columns extractedand pushed into a linked list/ vector. The store function is called and writes the linked list into persistence. By doing this updates to persistence are passed to the user and not when the agent is killed. Make sence? It sounds like you're talking about adding a row to a table. I'm updating, not adding, and I'm doing one value on each of several rows. But however it's done, my question is how do I force persistent values to be stored when set? Can I safely and reasonably call the callback I registered to save on shutdown? Since I don't use any of the values it gets passed, can I call mySaveFunc(0, 0, NULL, NULL); ? Chris --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047alloc_id=10808op=click ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Help, please. Is there something wrong with this code?
You need to pass a pointer to the actual (binary) value - not a printable version of it. snmp_add_var(pdu, auth_OID, auth_OID_len, 'i', value); Thanks but: x.c:1022: warning: passing arg 5 of `snmp_add_var' from incompatible pointer type OK - so cast it to the expected type: snmp_add_var(pdu, auth_OID, auth_OID_len, 'i', (u_char *)value); value is char value[20] so it already _was_ a pointer. Yes - but a pointer to the wrong value. snmp_add_var is expecting a pointer to the *binary* value, not to a printable representation of it. For example, if value has the value 255, then snmp_add_var would expect a single byte containing 0xff, not three bytes containing the ascii characters '2', '5', '5'. (Well, actually it'd expect the 4-octet value 0x00ff, but you get the idea). The Net-SNMP suite invariably handles MIB value parameters as u_char*, but this doesn't mean a printable string. It's best thought of as a generic pointer - i.e. similar to void* OK? Well, no. I really appreciate your quick feedback and explanation but now I'm worse off than I was. Before, my set routine got called n times for port 1, now it doesn't get called at all! Now I've got: int SetTrapsEnabled(int links[]) { struct snmp_pdu *pdu; struct snmp_pdu *response; size_t port; int status; int retval; pdu = snmp_pdu_create(SNMP_MSG_SET); for (port = 0; port NUM_IF; ++port) { link_OID[link_OID_len-1] = port+1; snmp_add_var(pdu, link_OID, link_OID_len, 'i', (u_char*)(links[port])); } status = snmp_synch_response(ss, pdu, response); ... And nothing happens! --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Help, please. Is there something wrong with this code?
I'm trying to manipulate ifLinkUpDownTrapEnable values. I used mib2c to create a ifXTable module and I can get and set values with snmpget and snmpset just fine. Now I'm trying to write a utility routine to update all the values with one call. I've got something like: // IF-MIB::ifLinkUpDownTrapEnable (.1.3.6.1.2.1.31.1.1.1.14). // 0 replaced by port number below. static oid link_OID[] = { SNMP_OID_MIB2, 31, 1, 1, 1, 14, 0 }; static size_t link_OID_len = OID_LENGTH(link_OID); int SXSNMPSetTrapsEnabled(int auth, int links[]) { struct snmp_pdu *pdu; struct snmp_pdu *response; size_t port; char value[20]; int status; int retval; /* * Create the PDU for the data for our request. */ pdu = snmp_pdu_create(SNMP_MSG_SET); sprintf(value, %d, auth); snmp_add_var(pdu, auth_OID, auth_OID_len, 'i', value); for (port = 0; port NUM_IF; ++port) { link_OID[link_OID_len-1] = port+1; sprintf(value, %d, links[port]); snmp_add_var(pdu, link_OID, link_OID_len, 'i', value); } /* * Send the Request out. */ status = snmp_synch_response(ss, pdu, response); if (status == STAT_SUCCESS) { retval = SXSNMP_SUCCESS; } else { snmp_log(LOG_ERR, Unable to set trap enable values\n); retval = SXSNMP_FAILURE; } if (response) snmp_free_pdu(response); return retval; } and I've added tracing to my set_ifLinkUpDownTrapEnable function. When I use snmpset to set individual objects, I get things like: set_ifLinkUpDownTrapEnable: port 8, value 1 set_ifLinkUpDownTrapEnable: port 1, value 1 set_ifLinkUpDownTrapEnable: port 3, value 1 but when I call the function above, the value column is correct but the port is 1 for all the invocations. I drilled down through snmp_add_var() and it copies the OID so I don't see a problem with using the same OID variable over and over, changing just the last element. And I've printed out the OID in the loop that calls snmp_add_var() and I get the correct values there. Any pointers or insights appreciated. Thanks! --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
What is bandwidth?
RFC 2233 says ifHighSpeed is: An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. ... Which suggests to me that a 10Mbps half-duplex port has ifHighSpeed = 10 and a 10Mbps full-duplex port (which has twice the _bandwidth_) has ifHighSpeed = 20. I can't find anything that clarifies this. Can any one on this list offer opinions or authoritative refereneces? TIA. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Re: Enabling authentication traps
... $ snmpget -v 2c -c public mynode SNMPv2- MIB::snmpEnableAuthenTraps.0 RFC1213- MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2) $ snmpset -v 2c -c public mynode SNMPv2- MIB::snmpEnableAuthenTraps.0 i 1 Error in packet. Reason: notWritable (that object does not support modification) The two most likely causes are either access control, or a (read-only) config setting. You say that you don't have an authentrapenable in your config files, so that would tend to point the finger at access control. public isn't normally configured as a writeable community. What access control setting do you have? Can you use public to write to other MIB objects? Tactfully put. I'm an idiot! No, I can't set things with public. Thanks for loaning my your eyes. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Persistent values in/from a table
I've found read_config.c and read the comments there about callbacks and read_config_store() and I've looked at how the net-snmp distribution deals with snmpEnableAuthenTraps but I'm having trouble applying those concepts to my problem. I'm implementing ifXTable and want to make the per-port setting IF-MIB::ifLinkUpDownTrapEnable persistent. I'd appreciate some pointers on what to put into my mib2c generated access routines to accomplish this. Thanks. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Enabling link up/down traps
I'm missing something. I look at IF-MIB.txt and I see ifLinkUpDownTrapEnable but I've used mib2c to build code to handle interfaces and there's no ifLinkUpDownTrapEnable objects in that code. I see that the enable object is on an ifXEntry in the ifXTable but how do I get to that? I just want users to be able to turn link up/down traps on and off. TIA. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Net-snmp-users mailing list [EMAIL PROTECTED] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users