I have further tried to experiment with port numbers, names of communities, etc., but so far I was unable to add properly the private community support.
Is there a way to check whether the private community definition is added properly into the configuration of the agent ? Regards Marek From: Marek Hajduczenia [mailto:[email protected]] Sent: Sunday, 31 March, 2013 10:47 AM To: [email protected] Subject: Creating public / private v2c communities Dear colleagues, Following the online tutorials and the structure of the BaseAgent.java class, I am trying to add read and write community definitions into my project. I am extending the BaseAgent.java class, and I have done the following changes to the following extensions: [1] changes in method protected void addCommunities(SnmpCommunityMIB communityMIB) Variable[] com2sec1 = new Variable[] { new OctetString("public"), new OctetString("cpublic"), // security name getAgent().getContextEngineID(), // local engine ID new OctetString("public"), // default context name new OctetString(), // transport tag new Integer32(StorageType.nonVolatile), // storage type new Integer32(RowStatus.active) // row status }; Variable[] com2sec2 = new Variable[] { new OctetString("private"), new OctetString("cprivate"), // security name getAgent().getContextEngineID(), // local engine ID new OctetString("private"), // default context name new OctetString(), // transport tag new Integer32(StorageType.nonVolatile), // storage type new Integer32(RowStatus.active) // row status }; MOTableRow row2 = communityMIB.getSnmpCommunityEntry().createRow(new OctetString("private").toSubIndex(true), com2sec2); MOTableRow row1 = communityMIB.getSnmpCommunityEntry().createRow(new OctetString("public").toSubIndex(true), com2sec1); communityMIB.getSnmpCommunityEntry().addRow(row2); communityMIB.getSnmpCommunityEntry().addRow(row1); if I understand the code correctly, I am adding here information about two communities, one with the name "public" and another with the name "private" (names will be changed later on, after testing is done). The respectove entries ae added into the communityMIB. [2] changes in the method protected void addViews(VacmMIB vacm) { vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c, new OctetString("cpublic"), new OctetString("v1v2group"), StorageType.nonVolatile); vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c, new OctetString("cprivate"), new OctetString("v1v2group"), StorageType.nonVolatile); vacm.addAccess(new OctetString("v1v2group"), new OctetString("public"), SecurityModel.SECURITY_MODEL_ANY, SecurityLevel.NOAUTH_NOPRIV, MutableVACM.VACM_MATCH_EXACT, new OctetString("fullReadView"), new OctetString("fullWriteView"), new OctetString("fullNotifyView"), StorageType.nonVolatile); vacm.addAccess(new OctetString("v1v2group"), new OctetString("private"), SecurityModel.SECURITY_MODEL_SNMPv2c, SecurityLevel.NOAUTH_NOPRIV, MutableVACM.VACM_MATCH_EXACT, new OctetString("fullReadView"), new OctetString("fullWriteView"), new OctetString("fullNotifyView"), StorageType.nonVolatile); vacm.addViewTreeFamily(new OctetString("fullReadView"), new OID("1.3"), new OctetString(), VacmMIB.vacmViewIncluded, StorageType.nonVolatile); } where I only replicated the entries for public community already in place before for the private community. I did not replicate the vacm.addViewTreeFamily entry though, since I cannot really figure out how it is connected to communities. I would appreciate any pointers to what else needs to be done to make sure that some of the managed objects I am adding in the programe can be actually set? Right now, every time I try to set an object at OID 1.3.6.1.3.22.2.10.1 (defined with MOAccessImpl.ACCESS_READ_WRITE), I get the following debug sequence and the following Euthorization Error. I can clearly see that the "private" community was found correctly in the definitions, and that the requests are created correctly, but for some reason the processing stops and error is thrown out. 27709 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping - Received message from localhost/127.0.0.1/60096 with length 45: 30:2b:02:01:01:04:07:70:72:69:76:61:74:65:a3:1d:02:04:51:b3:d9:86:02:01:00:0 2:01:00:30:0f:30:0d:06:08:2b:06:01:03:16:02:0a:01:02:01:01 27709 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.Snmp - Fire process PDU event: CommandResponderEvent[securityModel=2, securityLevel=1, maxSizeResponsePDU=65535, pduHandle=PduHandle[1370741126], stateReference=StateReference[msgID=0,pduHandle=PduHandle[1370741126],securi tyEngineID=null,securityModel=null,securityName=private,securityLevel=1,cont extEngineID=null,contextName=null,retryMsgIDs=null], pdu=SET[requestID=1370741126, errorStatus=Success(0), errorIndex=0, VBS[1.3.6.1.3.22.2.10.1 = 1]], messageProcessingModel=1, securityName=private, processed=false, peerAddress=127.0.0.1/60096, transportMapping=org.snmp4j.transport.DefaultUdpTransportMapping@b50daf, tmStateReference=null] 27710 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Looking up coexistence info for 'private' 27710 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Found coexistence info for 'private'=CoexistenceInfo[securityName=cprivate,contextEngineID=80:00:13:70: 01:c0:a8:01:04,contextName=private,transportTag=] 27710 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Address 127.0.0.1/60096 passes filter, because source address filtering is disabled 27710 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.agent.request.SnmpRequest - Created subrequest 0 with scope org.snmp4j.agent.DefaultMOContextScope[context=private,lowerBound=1.3.6.1.3. 22.2.10.1,lowerIncluded=true,upperBound=1.3.6.1.3.22.2.10.1,upperIncluded=tr ue] from 1.3.6.1.3.22.2.10.1 = 1 27710 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.agent.request.SnmpRequest - SnmpSubRequests initialized: [org.snmp4j.agent.request.SnmpRequest$SnmpSubRequest[scope=org.snmp4j.agent. DefaultMOContextScope[context=private,lowerBound=1.3.6.1.3.22.2.10.1,lowerIn cluded=true,upperBound=1.3.6.1.3.22.2.10.1,upperIncluded=true],vb=1.3.6.1.3. 22.2.10.1 = 1,status=org.snmp4j.agent.request.RequestStatus@1e820764,query=null,index=0, targetMO=null]] 27715 [DefaultUDPTransportMapping_127.0.0.1/2002] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping - Sending message to 127.0.0.1/60096 with length 45: 30:2b:02:01:01:04:07:70:72:69:76:61:74:65:a2:1d:02:04:51:b3:d9:86:02:01:10:0 2:01:01:30:0f:30:0d:06:08:2b:06:01:03:16:02:0a:01:02:01:01 java.lang.Exception: Error 'Authorization error' generated at: 1.3.6.1.3.22.2.10.1 = 1 at org.snmp4j.agent.request.SnmpRequest$SnmpSubRequest.requestStatusChanged(Snm pRequest.java:617) at org.snmp4j.agent.request.RequestStatus.fireRequestStatusChanged(RequestStatu s.java:89) at org.snmp4j.agent.request.RequestStatus.setErrorStatus(RequestStatus.java:52) at org.snmp4j.agent.CommandProcessor.setAuthorizationError(CommandProcessor.jav a:499) at org.snmp4j.agent.CommandProcessor.processRequest(CommandProcessor.java:378) at org.snmp4j.agent.CommandProcessor.dispatchCommand(CommandProcessor.java:339) at org.snmp4j.agent.CommandProcessor$Command.run(CommandProcessor.java:559) at org.snmp4j.agent.CommandProcessor.processPdu(CommandProcessor.java:162) at org.snmp4j.MessageDispatcherImpl.fireProcessPdu(MessageDispatcherImpl.java:6 64) at org.snmp4j.MessageDispatcherImpl.dispatchMessage(MessageDispatcherImpl.java: 297) at org.snmp4j.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:3 68) at org.snmp4j.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:3 28) at org.snmp4j.transport.AbstractTransportMapping.fireProcessMessage(AbstractTra nsportMapping.java:76) at org.snmp4j.transport.DefaultUdpTransportMapping$ListenThread.run(DefaultUdpT ransportMapping.java:378) at java.lang.Thread.run(Unknown Source) Thank you in advance Marek _______________________________________________ SNMP4J mailing list [email protected] http://lists.agentpp.org/mailman/listinfo/snmp4j
