Fix for hrSWRunPerfCPU/Mem
Hi! On Linux, hrSWRunPerfCPU and hrSWRunPerfMem have incorrect values. I have fixed this in a patch that should follow. I will post it on Sourceforge as soon as I am able to validate my account (the confirmation mail seems to have been lost). I would also like to point that the parsing code in swrun_procfs_linux.c is fragile: if the kernel truncates one line (or if the format change), this could cause a segfault because some loops do not check for '\0'. For example: for ( cp = buf; *cp != ':'; cp++ ) ; This will crash if there is no more ':'. The loop could be changed to: for ( cp = buf; *cp && *cp != ':'; cp++ ) ; if (!*cp) { fclose(fp); netsnmp_swrun_entry_free(entry); continue; } Would a simple patch for this be accepted or is the condition too improbable? -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
[PATCH] mibgroup/host: fix hrSWRunPerfCPU and hrSWRunPerfMem
/proc//stat was improperly parsed. When skipping a field, a while loop is used: while ( ' ' != *(cp++)) ; After the execution of the while loop, `*cp` is a non-space character. There is no need to increment `cp` again. Moreover, the loop to skip 11 elements only skipped 10 elements. Same for the loop that needed to skip 9 elements: only 8 elements were skipped. Signed-off-by: Vincent Bernat --- .../host/data_access/swrun_procfs_status.c |9 +++-- 1 files changed, 3 insertions(+), 6 deletions(-) diff --git a/agent/mibgroup/host/data_access/swrun_procfs_status.c b/agent/mibgroup/host/data_access/swrun_procfs_status.c index a9aa2d8..bca98fa 100644 --- a/agent/mibgroup/host/data_access/swrun_procfs_status.c +++ b/agent/mibgroup/host/data_access/swrun_procfs_status.c @@ -183,21 +183,18 @@ netsnmp_arch_swrun_container_load( netsnmp_container *container, u_int flags) default: entry->hrSWRunStatus = HRSWRUNSTATUS_INVALID; break; } -for (i=10; i; i--) { /* Skip STATUS + 10 fields */ +for (i=11; i; i--) { /* Skip STATUS + 10 fields */ while (' ' != *(cp++)) ; -cp++; } entry->hrSWRunPerfCPU = atoi( cp ); /* utime */ -while ( ' ' != *(cp++)) +while ( ' ' != *(cp++)) /* Skip utime */ ; -cp++; /* Skip utime */ entry->hrSWRunPerfCPU += atoi( cp ); /* +stime */ -for (i=8; i; i--) { /* Skip stime + 8 fields */ +for (i=9; i; i--) { /* Skip stime + 8 fields */ while (' ' != *(cp++)) ; -cp++; } entry->hrSWRunPerfMem = atoi( cp ); /* rss */ entry->hrSWRunPerfMem *= (getpagesize()/1024); /* in kB */ -- 1.7.8.3 -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: [PATCH] mibgroup/host: fix hrSWRunPerfCPU and hrSWRunPerfMem
OoO Vers la fin de l'après-midi du jeudi 26 janvier 2012, vers 16:20, Robert Story disait : VB> Signed-off-by: Vincent Bernat > Did this ever make it into the patch tracker? What release/branch is this > patch against? Yes, I have posted it to the patch tracker: https://sourceforge.net/tracker/?func=detail&aid=3479740&group_id=12694&atid=312694 It should be applied on 5.5, 5.6 and 5.7. -- Vincent Bernat ☯ http://vincent.bernat.im Don't over-comment. - The Elements of Programming Style (Kernighan & Plauger) -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: Fix for hrSWRunPerfCPU/Mem
OoO Vers la fin de l'après-midi du jeudi 26 janvier 2012, vers 16:18, Robert Story disait : VB> do not check for '\0'. For example: VB> VB> for ( cp = buf; *cp != ':'; cp++ ) VB> ; VB> VB> This will crash if there is no more ':'. The loop could be changed to: VB> VB> for ( cp = buf; *cp && *cp != ':'; cp++ ) VB> ; VB> if (!*cp) { VB> fclose(fp); VB> netsnmp_swrun_entry_free(entry); VB> continue; VB> } VB> VB> Would a simple patch for this be accepted or is the condition too VB> improbable? > Sure. Better safe than sorry.. Hi! I have added a patch in the patch tracker with my first patch: https://sourceforge.net/tracker/index.php?func=detail&aid=3479740&group_id=12694&atid=312694 -- Vincent Bernat ☯ http://vincent.bernat.im Replace repetitive expressions by calls to a common function. - The Elements of Programming Style (Kernighan & Plauger) -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
snmp_async_send blocks during snmpv3 probe
Hi! I am hit by this annoying bug: https://sourceforge.net/tracker/?func=detail&aid=3446148&group_id=12694&atid=112694 I am trying to fix this. The situation seems quite simple. Here is a pseudo-trace: - snmp_async_send() - snmp_sess_async_send() - _sess_async_send() - snmpv3_engineID_probe() - sptr->probe_engineid() and sptr->post_probe_engineid() Those two callbacks can be: - snmpv3_probe_contextEngineID_rfc5343() - usm_discover_engineid() - usm_create_user_from_session_hook() The last one seems OK. The two first ones call snmp_sess_synch_response(). The problem is that if we want to fix this, we need to change the semantics for the callbacks. Is it OK to change the first callback to an async one? I don't know if the semantics of the second one needs any adaptation. -- Vincent Bernat ☯ http://vincent.bernat.im printk("HPFS: G... Kernel memory corrupted ... going on, but it'll crash very soon :-(\n"); 2.4.3 linux/fs/hpfs/super.c -- Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: snmp_async_send blocks during snmpv3 probe
* * inifinite resend */ if (rp->retries <= sp->retries) { snmp_resend_request(slp, rp, TRUE); break; } } else { if (SNMPV3_IGNORE_UNAUTH_REPORTS) { break; } } /* * Handle engineID discovery. */ if (!sp->securityEngineIDLen && pdu->securityEngineIDLen) { sp->securityEngineID = (u_char *) malloc(pdu->securityEngineIDLen); if (sp->securityEngineID == NULL) { /* * TODO FIX: recover after message callback *? * return -1; */ } memcpy(sp->securityEngineID, pdu->securityEngineID, pdu->securityEngineIDLen); sp->securityEngineIDLen = pdu->securityEngineIDLen; if (!sp->contextEngineIDLen) { sp->contextEngineID = (u_char *) malloc(pdu-> securityEngineIDLen); if (sp->contextEngineID == NULL) { /* * TODO FIX: recover after message callback *? * return -1; */ } memcpy(sp->contextEngineID, pdu->securityEngineID, pdu->securityEngineIDLen); sp->contextEngineIDLen = pdu->securityEngineIDLen; } } } And my last step is where I send the original PDU back: static void probe_engine_step2_cb(evutil_socket_t fd, short what, void *arg) { (void)what; (void)fd; struct magic *magic = arg; struct snmp_session *session = magic->session; /* We don't need magic->next anymore. */ event_free(magic->next); magic->next = NULL; if (session->securityEngineIDLen == 0) goto probe_failed2; /* Create the appropriate user from data from session */ if (create_user_from_session(session) != SNMPERR_SUCCESS) goto probe_failed2; /* We can now send the original PDU */ if (!snmp_async_send(session, magic->pdu, magic->cb, magic->arg)) goto probe_failed2; free(magic); return; probe_failed2: session->flags &= ~SNMP_FLAGS_DONT_PROBE; magic->cb(NETSNMP_CALLBACK_OP_SEND_FAILED, session, 0, magic->pdu, magic->arg); free(magic); } This works fine but to propose a patch for NetSNMP, I have three questions: 1. snmp_open() calling snmpv3_engineID_probe() is a pain. There is no "async" version of this function because I suppose that this function should never block. Could we just remove this path? A user couldtrigger suchapath byunsetting theflag SNMP_FLAGS_DONT_PROBE after initializing the session. 2. How to handle the "send the original PDU as soon as you hit the main loop again" could be done properly with NetSNMP? 3. I am allocating some "magic" structure to keep the original PDU, callback and callback argument. Is there something simpler with NetSNMP? The bug report from Robert Story tells that the bug should be fixed by queueing the original PDU. Maybe there is a simpler way of doing this than what I am currently doing? -- Vincent Bernat ☯ http://vincent.bernat.im /* * Should be panic but... (Why are BSD people panic obsessed ??) */ 2.0.38 /usr/src/linux/net/ipv4/ip_fw.c -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: pass_persist agent doesn't work with snmpwalk (probable noob question)
OoO La nuit ayant déjà recouvert d'encre ce jour du vendredi 16 mars 2012, vers 23:03, Charlie Martin disait : > Okay, so I've implemented a sub-agent using the pass_persist mechanism > in net-SNMP. Testing with snmpget, I can get the values expected. > Testing with snmpgetnext, I get the value of the "next" OID. Here's a > sample, slightly anonymized: > 1004 $ snmpget -On -v 2c -c xxx dev1 1.3.6.1.4.1.59.1.5.3.1.1.1 > .1.3.6.1.4.1.59.1.5.3.1.1.1 = INTEGER: 1 > 1004 $ snmpgetnext -On -v 2c -c xxx dev1 1.3.6.1.4.1.59.1.5.3.1.1.1 > .1.3.6.1.4.1.59.1.5.3.1.1.2 = STRING: "91" > 1005 $ snmpgetnext -On -v 2c -c xxx dev1 1.3.6.1.4.1.59.1.5.3.1.1.2 > .1.3.6.1.4.1.59.1.5.3.1.1.3 = STRING: "42" > As I say, the types and values for those responses appear to be > correct. Now I try an snmpwalk > 1006 $ snmpwalk -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1.2 > .1.3.6.1.4.1.59.1.5.3.1.1.2 = STRING: "91" > Observe that it gets back only one reply, which is unexpected. At least > to me. Use: snmpwalk -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1 -- Vincent Bernat ☯ http://vincent.bernat.im printk("Penguin %d is stuck in the bottle.\n", i); 2.0.38 /usr/src/linux/arch/sparc/kernel/smp.c -- This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: pass_persist agent doesn't work with snmpwalk (probable noob question)
OoO En cette nuit nuageuse du samedi 17 mars 2012, vers 00:02, Charlie Martin disait : >> Use: >> snmpwalk -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1 > 1020 $ snmpwalk -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1 > .1.3.6.1.4.1.59.1.5.3.1.1 = No Such Instance currently exists at this OID > Which actually corresponds to the overall problem I'm trying to figure > out. So, let's say I send > snmpget -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1 You should get "No such instance" > and > snmpgetnext -On -v 2c -c copan psmdev1 1.3.6.1.4.1.59.1.5.3.1.1 You should get 1.3.6.1.4.1.59.1.5.3.1.1.1 = 9 (if I remember correctly) Maybe you don't handle this last bit in your pass_persist script: if the requested OID is less than the first OID you can serve, you must return the first OID you can serve. snmpwalk 1.3.6.1.4.1.59.1.5.3.1.1.2 does agetnext on 1.3.6.1.4.1.59.1.5.3.1.1.2 and get 1.3.6.1.4.1.59.1.5.3.1.1.3 but returns nothing because it is not included in the subtree rooted at 1.3.6.1.4.1.59.1.5.3.1.1.2. -- Vincent Bernat ☯ http://vincent.bernat.im /* Nobody will ever see this message :-) */ panic("Cannot initialize video hardware\n"); 2.0.38 /usr/src/linux/arch/m68k/atari/atafb.c -- This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: pass_persist agent doesn't work with snmpwalk (probable noob question)
Le 19.03.2012 00:12, Charlie Martin a écrit : > Okay, one more case I want to be sure of. Let's assume that > 1.3.6.1.4.1.59.1.5.3.1.1.10 is the numerically (as opposed to > lexicographically) highest OID in the 1.3.6.1.4.1.59.1.5.3.1.1 > subgroup. How should the agent respond to > > $ snmpwalk /*args*/ 1.3.6.1.4.1.59.1.5.3.1.1.10 Just 1.3.6.1.4.1.59.1.5.3.1.1.10 = somevalue (and this is because snmpwalk do a GET request before starting doing GETNEXT requests). > and > > $ snmpgetnext /*args*/ 1.3.6.1.4.1.59.1.5.3.1.1.10 Your script should answer something like 1.3.6.1.4.1.59.1.5.3.1.2.1 if you can handle such an OID. If you have no OID left in the subtree your script can handle, you should return NONE. Net-SNMP will then search for another unit to handle the request. -- This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
netlink
Hi! NetSNMP contains several use of a netlink socket to gather information from the kernel for Linux: agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.c agent/mibgroup/if-mib/data_access/interface_linux.c agent/mibgroup/ip-mib/data_access/arp_netlink.c agent/mibgroup/ip-mib/data_access/defaultrouter_linux.c agent/mibgroup/ip-mib/data_access/ipaddress_linux.c Moreover, dot3stats_linux.c contains functions extract from "libnetlink" (a "library" included with iproute package). I am about to add a third use of netlink (to get linkup/linkdown traps without using DISMAN-EVENT). We should factor this code in some way. How should this be done? Can the code be moved inside snmplib/? -- Program defensively. - The Elements of Programming Style (Kernighan & Plauger) -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: netlink
❦ 2 juillet 2012 09:57 CEST, Bart Van Assche : >> NetSNMP contains several use of a netlink socket to gather information >> from the kernel for Linux: >> agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.c >> agent/mibgroup/if-mib/data_access/interface_linux.c >> agent/mibgroup/ip-mib/data_access/arp_netlink.c >> agent/mibgroup/ip-mib/data_access/defaultrouter_linux.c >> agent/mibgroup/ip-mib/data_access/ipaddress_linux.c >> >> Moreover, dot3stats_linux.c contains functions extract from "libnetlink" >> (a "library" included with iproute package). I am about to add a third >> use of netlink (to get linkup/linkdown traps without using >> DISMAN-EVENT). > > > Are you familiar with libnl (http://www.infradead.org/~tgr/libnl/) ? > libnl is distributed under the LGPL license so it should be safe to use > that library in any project, including the BSD-licensed Net-SNMP > project. Every Linux distribution I'm familiar with includes that > library. Would it be OK to introduce a new dependency in NetSNMP? Should we go for libnl3 (not available everywhere, but current stable version) or for libnl1 (widely available, not maintained anymore but used by many projects)? I can do the conversion of actual modules. -- Use free-form input when possible. - The Elements of Programming Style (Kernighan & Plauger) -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
[PATCH 2/3] if-mib: use Netlink to trigger a refresh of ifTable cache
This allows us to get an instant linkup/linkdown notification. --- .../mibgroup/if-mib/data_access/interface_linux.c | 92 agent/mibgroup/if-mib/ifTable/ifTable_interface.c | 10 +++ agent/mibgroup/if-mib/ifTable/ifTable_interface.h |5 ++ 3 files changed, 107 insertions(+) diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c index d4ac61b..c1ed508 100644 --- a/agent/mibgroup/if-mib/data_access/interface_linux.c +++ b/agent/mibgroup/if-mib/data_access/interface_linux.c @@ -102,6 +102,9 @@ netsnmp_prefix_listen_info list_info; int netsnmp_prefix_listen(void); #endif +#ifdef HAVE_LINUX_RTNETLINK_H +static int netsnmp_iflink_listen(void); +#endif void @@ -141,6 +144,9 @@ netsnmp_arch_interface_init(void) list_info.list_head = &prefix_head_list; netsnmp_prefix_listen(); #endif +#ifdef HAVE_LINUX_RTNETLINK_H +netsnmp_iflink_listen(); +#endif #ifdef HAVE_PCI_LOOKUP_NAME pci_access = pci_alloc(); @@ -1046,6 +1052,92 @@ static int netsnmp_netlink_listen(unsigned subscriptions) return fd; } #endif + +#ifdef HAVE_LINUX_RTNETLINK_H +static void netsnmp_iflink_process(int fd, void *data) +{ +intstatus; +char buf[16384]; +struct nlmsghdr*nlmp; +struct ifinfomsg *ifi; +intlen, req_len, length; + +status = recv(fd, buf, sizeof(buf), 0); +if (status < 0) { +snmp_log(LOG_ERR,"netsnmp_iflink_listen: Receive failed.\n"); +return; +} + +if (status == 0){ +DEBUGMSGTL(("access:interface:iflink", "End of File\n")); +return; +} + +for (nlmp = (struct nlmsghdr *)buf; +status > sizeof(*nlmp); +status -= NLMSG_ALIGN(len), +nlmp = (struct nlmsghdr*)((char*)nlmp + NLMSG_ALIGN(len))) { + len = nlmp->nlmsg_len; +req_len = len - sizeof(*nlmp); + +if (req_len < 0 || len > status) { +snmp_log(LOG_ERR,"netsnmp_iflink_listen: Error in length\n"); +return; +} + +if (!NLMSG_OK(nlmp, status)) { +DEBUGMSGTL(("access:interface:iflink", "NLMSG not OK\n")); +return; +} + +if (nlmp->nlmsg_type == RTM_NEWLINK || + nlmp->nlmsg_type == RTM_DELLINK) { + ifi = NLMSG_DATA(nlmp); +length = nlmp->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi)); + +if (length < 0) { +DEBUGMSGTL(("access:interface:iflink", "wrong nlmsg length %d\n", length)); +return; +} + + /* Just request a refresh! */ + ifTable_cache_reload(); +} +} +} + +static int netsnmp_iflink_listen() +{ +struct { + struct nlmsghdr nlh; + struct rtgenmsg g; +} req; +int status; +int fd = netsnmp_netlink_listen(RTNLGRP_LINK); +if (fd < 0) return -1; + +memset(&req, 0, sizeof(req)); +req.nlh.nlmsg_len = sizeof(req); +req.nlh.nlmsg_type = RTM_GETLINK; +req.nlh.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST; +req.g.rtgen_family = AF_UNSPEC; + +status = send(fd, (void*)&req, sizeof(req), 0); +if (status < 0) { +snmp_log(LOG_ERR,"netsnmp_iflink_listen: send failed\n"); +close(fd); +return -1; +} + +if (register_readfd(fd, netsnmp_iflink_process, NULL) != 0) { +snmp_log(LOG_ERR,"netsnmp_iflink_listen: error registering netlink socket\n"); +close(fd); +return -1; +} +return 0; + +} +#endif #ifdef SUPPORT_PREFIX_FLAGS void netsnmp_prefix_process(int fd, void *data); diff --git a/agent/mibgroup/if-mib/ifTable/ifTable_interface.c b/agent/mibgroup/if-mib/ifTable/ifTable_interface.c index 41d38ee..151a807 100644 --- a/agent/mibgroup/if-mib/ifTable/ifTable_interface.c +++ b/agent/mibgroup/if-mib/ifTable/ifTable_interface.c @@ -1853,6 +1853,16 @@ _mfd_ifTable_irreversible_commit(netsnmp_mib_handler *handler, ***/ static void _container_free(netsnmp_container *container); +void +ifTable_cache_reload() +{ +DEBUGMSGTL(("ifTable:cache_reload", "triggered\n")); +if (NULL != ifTable_if_ctx.cache) { + ifTable_if_ctx.cache->valid = 0; + netsnmp_cache_check_and_reload(ifTable_if_ctx.cache); +} +} + /** * @internal */ diff --git a/agent/mibgroup/if-mib/ifTable/ifTable_interface.h b/agent/mibgroup/if-mib/ifTable/ifTable_interface.h index be2028a..fb0f871 100644 --- a/agent/mibgroup/if-mib/ifTable/ifTable_interface.h +++ b/agent/mibgroup/if-mib/ifTable/ifTable_interface.h @@ -89,6 +89,11 @@ extern "C" { voidif_mib_container_init(void); /* + * Invalidate and reload cache. + */ +voidifTable_cache_reload(void); + +/* */ voidifTable_lastChange_set(u_long uptime); -- 1.7.10.4
[PATCH 3/3] if-mib: don't parse netlink message just to trigger a cache reload
We need to trigger a cache reload in almost all legit cases. Therefore, we can just ignore the content of the netlink message. As long as we have received one, we trigger a cache refresh. --- .../mibgroup/if-mib/data_access/interface_linux.c | 42 ++-- 1 file changed, 3 insertions(+), 39 deletions(-) diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c index c1ed508..ac4e4e3 100644 --- a/agent/mibgroup/if-mib/data_access/interface_linux.c +++ b/agent/mibgroup/if-mib/data_access/interface_linux.c @@ -1058,9 +1058,6 @@ static void netsnmp_iflink_process(int fd, void *data) { intstatus; char buf[16384]; -struct nlmsghdr*nlmp; -struct ifinfomsg *ifi; -intlen, req_len, length; status = recv(fd, buf, sizeof(buf), 0); if (status < 0) { @@ -1068,42 +1065,9 @@ static void netsnmp_iflink_process(int fd, void *data) return; } -if (status == 0){ -DEBUGMSGTL(("access:interface:iflink", "End of File\n")); -return; -} - -for (nlmp = (struct nlmsghdr *)buf; -status > sizeof(*nlmp); -status -= NLMSG_ALIGN(len), -nlmp = (struct nlmsghdr*)((char*)nlmp + NLMSG_ALIGN(len))) { - len = nlmp->nlmsg_len; -req_len = len - sizeof(*nlmp); - -if (req_len < 0 || len > status) { -snmp_log(LOG_ERR,"netsnmp_iflink_listen: Error in length\n"); -return; -} - -if (!NLMSG_OK(nlmp, status)) { -DEBUGMSGTL(("access:interface:iflink", "NLMSG not OK\n")); -return; -} - -if (nlmp->nlmsg_type == RTM_NEWLINK || - nlmp->nlmsg_type == RTM_DELLINK) { - ifi = NLMSG_DATA(nlmp); -length = nlmp->nlmsg_len - NLMSG_LENGTH(sizeof(*ifi)); - -if (length < 0) { -DEBUGMSGTL(("access:interface:iflink", "wrong nlmsg length %d\n", length)); -return; -} - - /* Just request a refresh! */ - ifTable_cache_reload(); -} -} +/* Skip any complex parsing of the message, we don't really + * care. Just request a refresh! */ +ifTable_cache_reload(); } static int netsnmp_iflink_listen() -- 1.7.10.4 -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
use netlink to trigger linkUp/linkDown notifications
Hi! This is a followup to patch #1759178. I am unable to attach a new patch to an existing patch. Therefore, I send a proposition here. https://sourceforge.net/tracker/?func=detail&atid=312694&aid=1759178&group_id=12694# As stated in a comment (by Wes Hardaker): I haven't finished reviewing this yet (but will). I'm sort of thinking that using the monitor line to continue registering things via netlink is a bit odd... It would make more sense to me to handle linkup/down traps directly. The monitor/disman hack was only put in place because there wasn't a better way to receive direct notifications when links happened. If there is, I don't think there is any reason to do disman at all. This is also my opinion. I have started to add the necessary bits into if-mib module to not rely on disman and I have finally discovered this is far easier than I though. In fact, notifications are now directly handled by ifTable_interface.c once the change is detected. The cache is also refreshed every 5 seconds without need to poll the MIB. Therefore, if notifications are enabled, we get linkUp/linkDown notifications without doing anything. However, I still need "instant" notifications. Therefore, I have added the netlink bits in interface_linux.c. The first patch tries to factor a bit what was already existing, but this is still a bit ugly. It is equivalent of rtnl_open_by_proto() we could get from any libnl library [1]. The second patch registers a new Netlink socket which will trigger a refresh. I am unsure if this is the "right" way to do such a thing. I didn't find something appropriate in cache_handler.c and therefore I invalidate the cache manually (->valid = 0) and invoke netsnmp_cache_check_and_reload(). The third patch is a bit audacious: it removes most of the netlink parsing stuff since we, in almost all cases, end up triggering cache update. Therefore, at each Netlink message received, just update the cache. Comments welcome. [1]: Moreover, the code for IPv6 prefix is buggy: in case of a truncated netlink message, we get into an infinite loop because the appropriate variables are only updated at the end of the loop and therefore "continue" skips those updates. I tried to fix this but I don't know how to get anything from this code: ipAddressTable only lists IPv4 addresses on my PC. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
[PATCH 1/3] if-mib: move netlink listening code to a separate function
--- .../mibgroup/if-mib/data_access/interface_linux.c | 55 +++- 1 file changed, 31 insertions(+), 24 deletions(-) diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c index e291b9f..d4ac61b 100644 --- a/agent/mibgroup/if-mib/data_access/interface_linux.c +++ b/agent/mibgroup/if-mib/data_access/interface_linux.c @@ -69,14 +69,12 @@ typedef __u8 u8; /* ditto */ #define SIOCGMIIREG 0x8948 #endif -#ifdef NETSNMP_ENABLE_IPV6 #if defined(HAVE_LINUX_RTNETLINK_H) #include -#ifdef RTMGRP_IPV6_PREFIX +#if defined(NETSNMP_ENABLE_IPV6) && defined(RTMGRP_IPV6_PREFIX) #define SUPPORT_PREFIX_FLAGS 1 -#endif /* RTMGRP_IPV6_PREFIX */ +#endif #endif /* HAVE_LINUX_RTNETLINK_H */ -#endif /* NETSNMP_ENABLE_IPV6 */ unsigned long long netsnmp_linux_interface_get_if_speed(int fd, const char *name, unsigned long long defaultspeed); @@ -1023,42 +1021,51 @@ netsnmp_linux_interface_get_if_speed(int fd, const char *name, } return retspeed; } -#ifdef SUPPORT_PREFIX_FLAGS -void netsnmp_prefix_process(int fd, void *data); -/* Open netlink socket to watch new ipv6 addresses and prefixes. */ -int netsnmp_prefix_listen() +#ifdef HAVE_LINUX_RTNETLINK_H +static int netsnmp_netlink_listen(unsigned subscriptions) { -struct { -struct nlmsghdr n; -struct ifinfomsg r; -char buf[1024]; -} req; - -struct rtattr *rta; -intstatus; struct sockaddr_nl localaddrinfo; -unsigned groups = 0; - int fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE); if (fd < 0) { -snmp_log(LOG_ERR, "netsnmp_prefix_listen: Cannot create socket.\n"); -return -1; + snmp_log(LOG_ERR, "netsnmp_netlink_listen: Cannot create socket.\n"); + return -1; } memset(&localaddrinfo, 0, sizeof(struct sockaddr_nl)); -groups |= RTMGRP_IPV6_IFADDR; -groups |= RTMGRP_IPV6_PREFIX; localaddrinfo.nl_family = AF_NETLINK; -localaddrinfo.nl_groups = groups; +localaddrinfo.nl_groups = subscriptions; if (bind(fd, (struct sockaddr*)&localaddrinfo, sizeof(localaddrinfo)) < 0) { -snmp_log(LOG_ERR,"netsnmp_prefix_listen: Bind failed.\n"); +snmp_log(LOG_ERR,"netsnmp_netlink_listen: Bind failed.\n"); close(fd); return -1; } +return fd; +} +#endif + +#ifdef SUPPORT_PREFIX_FLAGS +void netsnmp_prefix_process(int fd, void *data); + +/* Open netlink socket to watch new ipv6 addresses and prefixes. */ +int netsnmp_prefix_listen() +{ +struct { +struct nlmsghdr n; +struct ifinfomsg r; +char buf[1024]; +} req; + +struct rtattr *rta; +intstatus; + +int fd = netsnmp_netlink_listen(RTMGRP_IPV6_IFADDR | + RTMGRP_IPV6_PREFIX); +if (fd < 0) return -1; + memset(&req, 0, sizeof(req)); req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_ROOT; -- 1.7.10.4 -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Re: IP-MIB: ipSystemStatsTable working but ipIfStatsTable not working
❦ 25 juillet 2012 13:57 CEST, Madhu Sudhana Rao : > I am using net-snmp 5.6.1 version on my Linux system. > > I want to print ipSystemStatsTable & ipIfStatsTable of IP-MIB. I can see > the below line in .h file in agent/mibgroup path > > config_require(ip-mib ip-forward-mib tcp-mib udp-mib) > > > ipSystemStatsTable is working fine and I got output with snmpwalk command > but I am getting "no such object for this OID" for ipIfStatsTable, There is no per-interface statistics for IPv4 in Linux. If you have IPv6 enabled, you should see something. -- Use self-identifying input. Allow defaults. Echo both on output. - The Elements of Programming Style (Kernighan & Plauger) -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
Multicast transports
Hi! NetSNMP does not support multicast addresses. A valid use could be for snmptrapd to listen to a multicast address. I have a patch for this: https://github.com/vincentbernat/net-snmp/compare/feature/snmptrapd-multicast The patch is quite ugly since it modifies snmptrapd while it should modify the transport logic but it is only here for demonstration purpose. The code should be moved in snmpUDPIPv4BaseDomain.c. Would such a feature acceptable for NetSNMP? I have googled a bit and found an answer from Wes saying no: http://www.mail-archive.com/net-snmp-coders@lists.sourceforge.net/msg12485.html Is the answer still actual? -- Make sure input cannot violate the limits of the program. - The Elements of Programming Style (Kernighan & Plauger) -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders