headers
Sandro Tosi | 19 May 2013 22:25
Picon

Accessing MRTG Trac gets a 403

Hello,
maybe it's a known issue, but accessing MRTG trac i'm getting a 403
error. I was about to fix a couple of my tickets that got spammed
yesterday (so it might be related to it, it's offline for
maintentance?) but i'm not able to.

Regards,
--
Sandro Tosi (aka morph, morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi
Permalink | Reply | 0 comments |
headers
david.neau | 17 May 2013 15:28

plot mrtg In traffic without full green

 
Hello
 
I looking for the way to plot the usual full green in traffic as the out, ie, a simple curve, not fully green.
 
can someone helps me ?
 
thanks
/david
_________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, France Telecom - Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, France Telecom - Orange is not liable for messages that have been modified, changed or falsified. Thank you. 
_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 7 comments |
headers
Joel Roberts | 15 May 2013 23:29
Favicon

FW: MRTG not running by default after reboot

I’ve removed the if statements, have just:

 

0/55/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg.cfg

 

In the file now, and get the following error:

 

Mrtg will most likely not work properly when the environment variable LANG is set to UTF-8. Please run mrtg in an environment where this is not the case. Try the following command to start:

 

env LANG=C /usr/bin/mrtg

 

Which is what I have in the mrtg file?

 

Thank you,

 

Joel

 

From: Simon Westlake [mailto:simon.westlake <at> digitalgunfire.com]
Sent: Wednesday, May 15, 2013 3:04 PM
To: Joel Roberts
Subject: Re: [mrtg] MRTG not running by default after reboot

 

Do the if statements in the cron evaluate to true?

Is there anything in mrtg.log?

 

On Wed, May 15, 2013 at 3:52 PM, Joel Roberts <Joel.Roberts <at> pinkardcc.com> wrote:

Just did a new install of mrtg, been a while since I’d done one so jumped through some hoops to get the index pages just the way I wanted them, but now when rebooting the server (Debian Linux 6), mrtg doesn’t run on its own, I have to execute:

 

env LANG=C /usr/bin/mrtg /etc/mrtg.cfg

 

from the terminal to get it to start graphing again. I checked in /etc/cron.d, the mrtg file is there with the following entry:

 

0-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; then env LANG=C /usr/bin/mrtg /etc/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi

 

The log file listed in the cron job hasn’t been updated in 2 days either, even after manually starting mrtg. Any help in getting it to run automatically would be greatly appreciated.

 

Thanks in advance,

 

Joel

 


_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg



 

--
- Simon Westlake
[ digitalgunfire.com ]
AIM: ShirowDG
ICQ: 2227213
Voice: (414) 810-6392 

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 0 comments |
headers
Joel Roberts | 15 May 2013 22:52
Favicon

MRTG not running by default after reboot

Just did a new install of mrtg, been a while since I’d done one so jumped through some hoops to get the index pages just the way I wanted them, but now when rebooting the server (Debian Linux 6), mrtg doesn’t run on its own, I have to execute:

 

env LANG=C /usr/bin/mrtg /etc/mrtg.cfg

 

from the terminal to get it to start graphing again. I checked in /etc/cron.d, the mrtg file is there with the following entry:

 

0-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg.cfg ]; then env LANG=C /usr/bin/mrtg /etc/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi

 

The log file listed in the cron job hasn’t been updated in 2 days either, even after manually starting mrtg. Any help in getting it to run automatically would be greatly appreciated.

 

Thanks in advance,

 

Joel

 

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 2 comments |
headers
Simon Westlake | 15 May 2013 04:26

Strange MRTG problem

Hello,

It's been a long time since I used MRTG (I've been writing directly to rrds for a long time now) but an old employer of mine asked me to troubleshoot a legacy MRTG setup and I'm having a strange problem with it I cannot decipher.

I am graphing a port in two ways. One is in Cacti, one is with MRTG. Both are using 64bit counters (I have even setup the MRTG configuration to specifically use the HC OIDs rather than assuming they are being queried by specifying :::::2)

In Cacti, I get the correct value (approximately 700-800Mbps per second.) In MRTG, it is never more than 190-200Mbps.

My MRTG configuration looks like this:

WorkDir:/var/www/mrtg
Forks: 30
Refresh: 300
Interval: 5
MaxAge: 999999999999999999999999
SnmpOptions: retries => 1, timeout => 1
LogFormat: rrdtool


Options[DAS-c3229-bandwidth]: growright,bits,nolegend,nobanner,nopercent
Directory[DAS-c3229-bandwidth]: DAS-c3229
Target[DAS-c3229-bandwidth]: 1.3.6.1.2.1.31.1.1.1.10.140&1.3.6.1.2.1.31.1.1.1.6.140:8GF8961u <at> 24.160.238.254:::::2
Extension[DAS-c3229-bandwidth]: php
Suppress[DAS-c3229-bandwidth]: y
Title[DAS-c3229-bandwidth]: Bandwidth Utilization
Maxbytes[DAS-c3229-bandwidth]: 200000000000000000
AbsMax[DAS-c3229-bandwidth]: 200000000000000000

I have tried tweaking a lot of things and I can't seem to figure out what's going on. Any insight would be appreciated as I'm 2+ days into troubleshooting this thing and it's driving me crazy. Thanks!
--
- Simon Westlake

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 7 comments |
headers
Ivan Palacios | 9 May 2013 20:37
Picon
Favicon

Re: Monitoreo SNR

Hello

 

I need to know how to monitor with MRTG SNR

 

Cisco 7246VXR  an arris C3

 

 

Example

 

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 1 comment |
headers
Christian Arnaut | 9 May 2013 20:22
Picon
Favicon

Two devices, one graph?

Have what could be a simple question. When monitoring an SNMP device w/MRTG, is it possible to plot the data from two devices on a single graph?

 

I have two temperature probes. I would like probe #1 (indoor temp) displayed as the I value and probe #2 (outdoor temperature) as the O value.

 

Currently I am monitoring the indoor temp with the noo option enabled.

Target[ncr-temp]: 1.3.6.1.4.1.3854.1.2.2.1.16.1.3.0&1.3.6.1.4.1.3854.1.2.2.1.16.1.8.0:public <at> 10.44.1.60

 

I also have a second temp probe (also noo option) on a different IP address measuring outdoor temperature…

Target[outdoor-temp]: 1.3.6.1.4.1.3854.1.2.2.1.16.1.3.0&1.3.6.1.4.1.3854.1.2.2.1.16.1.8.0:public <at> 10.1.1.60

 

Would love to modify the syntax of the Target line in the cfg file to support polling the I & O values from different devices.

Something like below, but this doesn’t seem to work.

 

1.3.6.1.4.1.3854.1.2.2.1.16.1.3.0:public <at> 10.44.1.60&1.3.6.1.4.1.3854.1.2.2.1.16.1.3.0:public <at> 10.1.1.60

 

 

Thank you, in advance, for any assistance. I have search the forums and found that others have asked the same fundamental, however the links to the solutions are dead links…

 

 

~Christian

 

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 5 comments |
headers
Clinton Strouth | 1 May 2013 15:11

Problem running mrtg-ping-probe

I'm having a problem running mrtg-ping-probe the following is the error I get from my /var/log

2013-04-30 11:42:00 -- Started mrtg with config '/usr/home/cstrouth/public_html/noc/ping/ping.cfg'
2013-04-30 11:42:00 -- ERROR: Line 1 ( Target[68.222.XXX.XXX-ping]: `/usr/bin/mrtg-ping-probe 68.222.XXX.XXX`) in CFG file (/usr/home/cstrouth/public_html/noc/ping/ping.cfg)  does not make sense.

Here is the output of my ping.cfg please not ip addressing has been sanitized.


WorkDir: /usr/home/cstrouth/public_html/noc 
Target[68.222.XXX.XXX-ping]: "/usr/bin/mrtg-ping-probe 68.222.XXX.XXX"
SetEnv[68.222.XXX.XXX-ping]:  MRTG_INT_IP="68.222.XXX.XXX" MRTG_INT_DESCR="ping"
MaxBytes[68.222.XXX.XXX-ping]: 100
Title[68.222.XXX.XXX-ping]: Round Trip For Edge Router
AbsMax[68.222.XXX.XXX-ping]: 200
Options[68.222.XXX.XXX-ping]: gauge, growright
YLegend[68.222.XXX.XXX-ping]: ping time (ms)
ShortLegend[68.222.XXX.XXX-ping]: ms
Legend1[68.222.XXX.XXX-ping]: Maximum Round Trip Time in ms
Legend2[68.222.XXX.XXX-ping]: Minimum Round Trip Time in ms
Legend3[68.222.XXX.XXX-ping]: Maximal 5 Minute Maximum Round Trip Time in ms
Legend4[68.222.XXX.XXX-ping]:  Maximal 5 Minute Minimum Round Trip Time in ms
LegendI[68.222.XXX.XXX-ping]: &nbsp;Max:
LegendO[68.222.XXX.XXX-ping]: &nbsp;Min:


Thank you for your help in advance
_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 1 comment |
headers
Tom Smyth | 25 Apr 2013 12:37
Picon
Favicon

Fwd: Fwd: MRTG& SNMPv3

Hi Daniel,  All
I really appreciate your Help

I carried out your suggestion and used TCP DUMP and Wire Shark

I found the Context engine ID which appears to be 80003a8c04

But there appears a difference between snmpwalk and cfgmaker + SNMPv3,

after the initial discovery,  when cfg maker is run the authoritiveengine boots and authoritiveenginetime appears to be zeroed out (when Cfg maker sends data after the initial response form the router )  (while the correct values are sent by snmp walk )

( I have attached2 screenshots of the wireshark  of the SNMPv3 Conversatons compared with MRTG Cfgmaker and Snmpwalk



I have  run the command below

cfgmaker --enablesnmpv3 --contextengineid=0x80003a8c04 --username=Read_Only_Secure --authpassword=testtest --authprotocol=sha --privpassword=testtest --privprotocol=des --community=Read_Only_Secure --snmp-options=:::::3 Read_Only_Secure <at> 10.17.1.250

and I get this error  from cfgmaker

SNMPWALK Problem for 1.3.6.1.2.1.1 on Read_Only_Secure <at> 10.17.1.250:::::3:v4only: Expected OCTET STRING, but found OBJECT IDENTIFIER at /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 1805
        Net_SNMP_util::snmpwalk_flg('Read_Only_Secure <at> 10.17.1.250:::::3:v4only', undef, 'HASH(0x89d8ca8)', 1.3.6.1.2.1.1) called at /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 766
        Net_SNMP_util::snmpwalk('Read_Only_Secure <at> 10.17.1.250:::::3:v4only', 'HASH(0x89d8ca8)', 1.3.6.1.2.1.1) called at /usr/bin/cfgmaker line 950
        main::DeviceInfo('Read_Only_Secure <at> 10.17.1.250:::::3', 'HASH(0x89d8d08)', 'HASH(0x89d8ca8)') called at /usr/bin/cfgmaker line 137
        main::main() called at /usr/bin/cfgmaker line 155
WARNING: Skipping Read_Only_Secure <at> 10.17.1.250:::::3 as no info could be retrieved


I run the the exact same command beow  command below


cfgmaker --enablesnmpv3 --contextengineid=0x80003a8c04 --username=Read_Only_Secure --authpassword=testtest --authprotocol=sha --privpassword=testtest --privprotocol=des --community=Read_Only_Secure --snmp-options=:::::3 Read_Only_Secure <at> 10.17.1.250

and I get this  *different* error  from cfgmaker


SNMPWALK Problem for 1.3.6.1.2.1.1 on Read_Only_Secure <at> 10.17.1.250:::::3:v4only: The ASN.1 type 0x84 is unknown at /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 1805
        Net_SNMP_util::snmpwalk_flg('Read_Only_Secure <at> 10.17.1.250:::::3:v4only', undef, 'HASH(0xa422ca8)', 1.3.6.1.2.1.1) called at /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 766
        Net_SNMP_util::snmpwalk('Read_Only_Secure <at> 10.17.1.250:::::3:v4only', 'HASH(0xa422ca8)', 1.3.6.1.2.1.1) called at /usr/bin/cfgmaker line 950
        main::DeviceInfo('Read_Only_Secure <at> 10.17.1.250:::::3', 'HASH(0xa422d08)', 'HASH(0xa422ca8)') called at /usr/bin/cfgmaker line 137
        main::main() called at /usr/bin/cfgmaker line 155
WARNING: Skipping Read_Only_Secure <at> 10.17.1.250:::::3 as no info could be retrieved



Below is the Debug output from our router ... which complains about Time windows and Engine Boots (even though I never configured them

02:18:59 snmp,debug v3 err: 3 unknown engine id
02:18:59 snmp packet from: 10.64.34.77 version: 3
02:18:59 snmp user: Read_Only_Secure
02:18:59 snmp,debug v3 err: 1 not in time window or incorrect engine boots
02:18:59 snmp packet from: 10.64.34.77 version: 3
02:18:59 snmp user: Read_Only_Secure
02:18:59 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
02:19:15 snmp packet from: 10.64.34.77 version: 3
02:19:15 snmp user: 
02:19:15 snmp,debug v3 err: 3 unknown engine id
02:19:15 snmp packet from: 10.64.34.77 version: 3
02:19:15 snmp user: Read_Only_Secure
02:19:15 snmp,debug v3 err: 1 not in time window or incorrect engine boots
02:19:15 snmp packet from: 10.64.34.77 version: 3
02:19:15 snmp user: Read_Only_Secure
02:19:15 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
02:20:11 snmp packet from: 10.64.34.77 version: 3
02:20:11 snmp user: 
02:20:11 snmp,debug v3 err: 3 unknown engine id
02:20:11 snmp packet from: 10.64.34.77 version: 3
02:20:11 snmp user: Read_Only_Secure
02:20:11 snmp,debug v3 err: 1 not in time window or incorrect engine boots
02:20:11 snmp packet from: 10.64.34.77 version: 3
02:20:11 snmp user: Read_Only_Secure
02:20:11 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
02:20:31 snmp packet from: 10.64.34.77 version: 3
02:20:31 snmp user: 
02:20:31 snmp,debug v3 err: 3 unknown engine id
02:20:31 snmp packet from: 10.64.34.77 version: 3
02:20:31 snmp user: Read_Only_Secure
02:20:31 snmp,debug v3 err: 1 not in time window or incorrect engine boots
02:20:31 snmp packet from: 10.64.34.77 version: 3
02:20:31 snmp user: Read_Only_Secure
02:20:31 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0



On Wed, Apr 24, 2013 at 3:22 PM, Daniel McDonald <dan.mcdonald <at> austinenergy.com> wrote:

On 4/23/13 7:47 PM, "Tom Smyth" <tom.smyth <at> wirelessconnect.eu> wrote:

>
> Hi Lads,
>
> I was wondering if someone could help me, I have a query about how to get
> Cfgmaker and MRTG to talk SNMPv3
>
> with Privacy and Authentication enabled, to a Router.
>
> I can snmp walk the router  fine...  I just cant get mrtg + snmpv3 working...
>
> I know it may not be straight forward but Im looking for a fully worked snmp
> example... I am willing to pay someone for this so you can contact me on my
> email regarding this...  or if you dont want to be paid more money I will
> Dontate more money to the project...

I normally sniff an interactive poll to determine the engineid.  The
net-snmp-utils library doesn¹t detect it properly, but snmpwalk does.   You
don't even need correct credentials:

$ tcpdump -vvv -x host somehost &
tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 65535
bytes
$ snmpwalk -v3 -u foofoo -l authpriv -A 12345678 -X 12345678 somehost

09:13:05.621967 IP (tos 0x0, ttl 64, id 9037, offset 0, flags [none], proto
UDP (17), length 92, bad cksum 0 (->85d0)!)
    10.10.207.244.57070 > elroy-probe.austin-energy.net.snmp: [bad udp cksum
6c33!]  { SNMPv3 { F=r } { USM B=0 T=0 U= } { ScopedPDU E=  C= {
GetRequest(14) R=1116332740  } } }
    0x0000:  4500 005c 234d 0000 4011 0000 0a0a cff4
    0x0010:  0a02 ed73 deee 00a1 0048 d1cd 303e 0201
    0x0020:  0330 1102 0455 d8d3 a002 0300 ffe3 0401
    0x0030:  0402 0103 0410 300e 0400 0201 0002 0100
    0x0040:  0400 0400 0400 3014 0400 0400 a00e 0204
    0x0050:  4289 e2c4 0201 0002 0100 3000
09:13:05.683814 IP (tos 0x0, ttl 247, id 0, offset 0, flags [DF], proto UDP
(17), length 120)
    elroy-probe.austin-energy.net.snmp > 10.10.207.244.57070: [udp sum ok]
{ SNMPv3 { F= } { USM B=7 T=2922798 U= } { ScopedPDU E=  C= { Report(29) R=0
S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=11458 } } }
    0x0000:  4500 0078 0000 4000 f711 b200 0a02 ed73
    0x0010:  0a0a cff4 00a1 deee 0064 10f6 305a 0201
    0x0020:  0330 1102 0455 d8d3 a002 0300 ffe3 0401
    0x0030:  0002 0103 041d 301b 040b 8000 43dd 0300
    0x0040:  1985 e03e ce02 0107 0203 2c99 2e04 0004
    0x0050:  0004 0030 2304 0004 00a8 1d02 0100 0201
    0x0060:  0002 0100 3012 3010 060a 2b06 0106 030f
    0x0070:  0101 0400 4102 2cc2
09:13:05.684078 IP (tos 0x0, ttl 64, id 3357

The engineID is in offset 0x003A and the length is specified in 0x0039.
Wireshark will break that out for you... TCPdump not-so-much...  In this
case:
800043dd03001985e03ece

Now I can add --engineid=800043dd03001985e03ece to cfgmaker and discover it
fine.


>
> I currently have the following packages installed  on a Centos 6.4 i386 box
> mrtg-2.16.2-7.el6.i686
> mrtg-libs-2.16.2-7.el6.i686
>
> net-snmp-utils-5.5-44.el6.i686
> net-snmp-perl-5.5-44.el6.i686
> net-snmp-5.5-44.el6.i686
> net-snmp-libs-5.5-44.el6.i686
> net-snmp-devel-5.5-44.el6.i686
>
> rrdtool-devel-1.3.8-6.el6.i686
> rrdtool-1.3.8-6.el6.i686
> rrdtool-perl-1.3.8-6.el6.i686
>
>
>
> My router SNMP v3 config
> /snmp community
> set [ find default=yes ] addresses=10.0.0.0/8 <http://10.0.0.0/8>
> authentication-password=testtest  authentication-protocol=SHA1
> encryption-password=testtest name=Read_Only security=private
> /snmp
> set contact=support <at> wirelessconnect.eu enabled=yes trap-community=
>     Read_Only trap-target=0.0.0.0 trap-version=3
>
>
> What Im looking for is a working example of
> MRTG Cfgmaker commnand that would successfully connect to a router with the
> configuration above with Auth and Priv enabled for a given context ID ...  on
> SNMPv3
>
> If you have to do something funky with context ID ...? for example
>
>
> I get weird unrecognised ASN.1 errors  from the Cfgmaker script with
> hexidecimal references that change every time I modify the cfgmaker command.
>
> I have tried many things and I just want some one . give me assistance to get
> the Cfgmaker command working...
>
> I can snmp walk the router  fine...  I just cant get mrtg + snmpv3 working...
>
>
> Below ... is some mails with more information
>
> On Mon, Apr 22, 2013 at 7:29 AM, Tom Smyth <tom.smyth <at> wirelessconnect.eu>
> wrote:
>> Hi lads,
>>
>> Does any one have tips here for me I just dont get how to get around the
>> Context ID,
>>
>> I can snmpwalk no problem without the context ID.. (which is not set on the
>> router as it is optional)
>>
>> But everytime I set it on the router and I set it on the command
>>
>> on Mrtg Server I set the following command
>>  cfgmaker --enablesnmpv3 --contextengineid "" --username=Read_Only
>> --authpassword=testtest --authprotocol=sha --privpassword=testtest
>> --privprotocol=des --ifref=ip --community=Read_Only 10.17.1.250:::::3
>>
>>
>> I get this error on the router
>>
>> 07:21:39 snmp,debug v3 err: 3 unknown engine id
>> 07:21:39 snmp packet from: 10.64.34.77 version: 3
>> 07:21:39 snmp user: Read_Only_Secure
>> 07:21:39 snmp,debug v3 err: 1 not in time window or incorrect engine boots
>> 07:21:39 snmp packet from: 10.64.34.77 version: 3
>> 07:21:39 snmp user: Read_Only_Secure
>> 07:21:39 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
>>
>>
>> Any Help or advice would be appreciated
>>
>>
>> On Thu, Jan 24, 2013 at 11:00 PM, Tom Smyth <tom.smyth <at> wirelessconnect.eu>
>> wrote:
>>> Hi lads,
>>>
>>> Does anyone have any tips for running MRTG and SNMPv3  (with Auth and Priv)
>>> SHA & DES
>>>
>>> I have been having issues with Cfgmaker not accepting my command without 
>>> mandatory   Context ID  (even tho context ID is Optional)
>>> I have tried commenting out the Die if Context is not set lines in cfgmaker
>>>
>>> I have been able to SNMP walk with SNmp tools and I have been able to
>>> communicate with routers with Cacti...
>>>
>>> but no matter what I try I cant get MRTG cfgmaker to work....with SNMPv3
>>>
>>>
>>> I have tried with v2.17.4 and with the standard mrtg package on Centos 6.2
>>>
>>>
>>> if anyone can help me with this...
>>>
>>> anything at all ... even a sample manual mrtg.cfg file for snmpv3 would be
>>> cool
>>>
>>> Thanks for your time
>>>
>>>

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg



--
Kindest regards,
Tom Smyth

Mobile: +353 87 6193172
---------------------------------
PLEASE CONSIDER THE ENVIRONMENT BEFORE YOU PRINT THIS E-MAIL
This email contains information which may be confidential or privileged. The information is intended solely for the use of the individual or entity named above.  If you are not the intended recipient, be aware that
any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify me by telephone or by electronic mail immediately. Any opinions expressed are those of the author, not the company's  .This email does not constitute either offer or acceptance of any contractually binding agreement. Such offer or acceptance must be communicated in
writing. You are requested to carry out your own virus check before opening any attachment. Thomas Smyth accepts no liability for any loss or damage which may be caused by malicious software or attachments.



--
Kindest regards,
Tom Smyth

Mobile: +353 87 6193172
---------------------------------
PLEASE CONSIDER THE ENVIRONMENT BEFORE YOU PRINT THIS E-MAIL
This email contains information which may be confidential or privileged. The information is intended solely for the use of the individual or entity named above.  If you are not the intended recipient, be aware that
any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify me by telephone or by electronic mail immediately. Any opinions expressed are those of the author, not the company's  .This email does not constitute either offer or acceptance of any contractually binding agreement. Such offer or acceptance must be communicated in
writing. You are requested to carry out your own virus check before opening any attachment. Thomas Smyth accepts no liability for any loss or damage which may be caused by malicious software or attachments.
Attachment (test1): application/octet-stream, 245 KiB
Attachment (test): application/octet-stream, 2550 bytes
_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 0 comments |
headers
Tomasz Torcz | 13 Apr 2011 08:49
Picon

[PATCH] - document what --fhs means


  Hi,

  Description of --fhs option in man page is quite terse. Following
patch provides more details.

-- 
Tomasz Torcz                Only gods can safely risk perfection,
xmpp: zdzichubg <at> chrome.pl     it's a dangerous thing for a man.  -- Alia

  Description of --fhs option in man page is quite terse. Following
patch provides more details.

---
 src/doc/mrtg.pod |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/src/doc/mrtg.pod b/src/doc/mrtg.pod
index ee55c17..0c12974 100644
--- a/src/doc/mrtg.pod
+++ b/src/doc/mrtg.pod
 <at>  <at>  -169,7 +169,12  <at>  <at>  the config file option, but the switch is required for proper FHS operation
 =item B<--fhs>

 Configure all mrtg paths to conform to the FHS specification;
-http://www.pathname.com/fhs/
+http://www.pathname.com/fhs/; Following default values are assumed:
+
+ confcachefile - /var/cache/mrtg/mrtg.ok
+ pid-file      - /var/run/mrtg.pid
+ lock-file     - /var/cache/mrtg/mrtg.lck
+ log-file      - /var/log/mrtg.log 

 =item B<--check>

--

-- 
1.7.4.2
Permalink | Reply | 0 comments |
headers
Daniel McDonald | 25 Apr 2013 12:55
Favicon

Re: Fwd: MRTG& SNMPv3


On 4/24/13 8:34 PM, "Tom Smyth" <tom.smyth <at> wirelessconnect.eu> wrote:

> Hi Daniel, 
> I really appreciate your Help
> 
> I carried out your suggestion and used TCP DUMP and Wire Shark
> 
> I found the Context engine ID which appears to be 80003a8c04

I think that's the engine ID (authoritative Engine) rather than the context
engine ID.  Contextengineid can only be used with contextname.

So, I think this will work:
 cfgmaker --enablesnmpv3 --engineid=0x80003a8c04
 --username=Read_Only_Secure --authpassword=testtest --authprotocol=sha
 --privpassword=testtest --privprotocol=des
 --snmp-options=:::::3 Read_Only_Secure <at> 10.17.1.250

I normally use hashed passwords.  I believe the snmpkey utility will
generate hashes for you.  Here are salient portions of the perl script I use
to generate my cfgmaker lines.

my $routers = $db->prepare("select host, rstring, dir, iftemplate,
interfaces,
        hosttemplate, ifref, options, iffilter, wstring, engineid,
privproto,
        authproto
        from snmp inner join classes using (classid)
        order by dir, host
        ");
$routers->execute;
while (my $rtr = $routers->fetchrow_hashref) {
        $$rtr{'options'} ||= '::2:1:1';
        my %v3opts;
         if ($$rtr{'options'} =~ /:3$/) {
                 use Net::SNMP::Security::USM 2.0.0;
                         my ($usm, $error) = Net::SNMP::Security::USM->new(
                                 -authoritative => 1, # Undocumented /
unsupported argument
                                 -username      => 'readonly',
                                 -authprotocol  => $$rtr{authproto},
                                 -authpassword  => $$rtr{rstring},
                                 -engineid      => $$rtr{engineid},
                                 -privprotocol  => $$rtr{privproto},
                                 -privpassword  => $$rtr{wstring},
                           );
                 if (!defined($usm)) {
                            exit($error);
                     }
                 $authkey=sprintf("0x%s", unpack('H*', $usm->auth_key));
                 $privkey=sprintf("0x%s", unpack('H*', $usm->priv_key));
                 $v3opts{username}='readonly';
                 $v3opts{authkey}=$authkey;
                 $v3opts{authprotocol}=$$rtr{authproto};
                 $v3opts{privkey}=$privkey;
                 $v3opts{privprotocol}=$$rtr{privproto};

         }
        my  <at> line;
        $$rtr{'rstring'} =~ s/'/\\'/g;
        $$rtr{'options'} .= '';
        push  <at> line, "/usr/bin/cfgmaker";
        push  <at> line, "--if-template=$$rtr{'iftemplate'}"
                if ($$rtr{'interfaces'} eq 'interfaces')
                        and ($$rtr{'iftemplate'} =~ /\w+/);
        push  <at> line, "--ifref=$$rtr{'ifref'}"
                if defined($$rtr{'ifref'});
        push  <at> line, '--'.$$rtr{'interfaces'}
                if defined($$rtr{'interfaces'});
        push  <at> line, "--host-template=$$rtr{'hosttemplate'}"
                if defined($$rtr{'hosttemplate'});
        my $subdir = join("/",$$rtr{'dir'},"HOSTNAME");
        push  <at> line, "--subdir=$subdir";
         if ($$rtr{'options'} =~ /:3$/) {
                 push  <at> line, "--username='readonly'";
                 push  <at> line, "--authkey='$authkey'";
                 push  <at> line, "--authproto=$$rtr{'authproto'}";
                 push  <at> line, "--privkey='$privkey'";
                 push  <at> line, "--privproto=$$rtr{'privproto'}";
         }
        push  <at> line, $$rtr{'iffilter'}
                if defined($$rtr{'iffilter'});
        push  <at> line, '--output='.$cfg;
        if ($$rtr{'options'} =~ /:3$/) {
                push  <at> line, "'readonly' <at> ".$$rtr{'host'}.$$rtr{'options'};
        } else {
                push  <at> line,
"'".$$rtr{'rstring'}."'".' <at> '.$$rtr{'host'}.$$rtr{'options'};
        }
        next unless (($shorthost =~ /$criteria/) or ($$rtr{host} eq
$criteria)) ;
        print GENERATE join(" ", <at> line)."\n";

> 
> But there appears a difference between snmpwalk and cfgmaker + SNMPv3,
> 
> after the initial discovery the authoritiveengine boots and
> authoritiveenginetime appears to be zeroed out when cfg maker is run (while
> the correct values are sent by snmp walk )
> 
> ( I have attached packet captures below ( test1 is the packet capture with
> snmpwalk) test is the packet capture with cfgmaker
> 
> 
> I have? run the command below
> 
> cfgmaker --enablesnmpv3 --contextengineid=0x80003a8c04
> --username=Read_Only_Secure --authpassword=testtest --authprotocol=sha
> --privpassword=testtest --privprotocol=des --community=Read_Only_Secure
> --snmp-options=:::::3 Read_Only_Secure <at> 10.17.1.250
> 
> and I get this error? from cfgmaker
> 
> SNMPWALK Problem for 1.3.6.1.2.1.1 on
> Read_Only_Secure <at> 10.17.1.250:::::3:v4only: Expected OCTET STRING, but found
> OBJECT IDENTIFIER at /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 1805
> ??????? 
> Net_SNMP_util::snmpwalk_flg('Read_Only_Secure <at> 10.17.1.250:::::3:v4only',
> undef, 'HASH(0x89d8ca8)', 1.3.6.1.2.1.1) called at
> /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 766
> ??????? Net_SNMP_util::snmpwalk('Read_Only_Secure <at> 10.17.1.250:::::3:v4only',
> 'HASH(0x89d8ca8)', 1.3.6.1.2.1.1) called at /usr/bin/cfgmaker line 950
> ??????? main::DeviceInfo('Read_Only_Secure <at> 10.17.1.250:::::3',
> 'HASH(0x89d8d08)', 'HASH(0x89d8ca8)') called at /usr/bin/cfgmaker line 137
> ??????? main::main() called at /usr/bin/cfgmaker line 155
> WARNING: Skipping Read_Only_Secure <at> 10.17.1.250:::::3 as no info could be
> retrieved
> 
> 
> I run the the exact same command beow? command below
> 
> 
> cfgmaker --enablesnmpv3 --contextengineid=0x80003a8c04
> --username=Read_Only_Secure --authpassword=testtest --authprotocol=sha
> --privpassword=testtest --privprotocol=des --community=Read_Only_Secure
> --snmp-options=:::::3 Read_Only_Secure <at> 10.17.1.250
> 
> and I get this? *different* error? from cfgmaker
> 
> 
> SNMPWALK Problem for 1.3.6.1.2.1.1 on
> Read_Only_Secure <at> 10.17.1.250:::::3:v4only: The ASN.1 type 0x84 is unknown at
> /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 1805
> ??????? 
> Net_SNMP_util::snmpwalk_flg('Read_Only_Secure <at> 10.17.1.250:::::3:v4only',
> undef, 'HASH(0xa422ca8)', 1.3.6.1.2.1.1) called at
> /usr/bin/../lib/mrtg2/Net_SNMP_util.pm line 766
> ??????? Net_SNMP_util::snmpwalk('Read_Only_Secure <at> 10.17.1.250:::::3:v4only',
> 'HASH(0xa422ca8)', 1.3.6.1.2.1.1) called at /usr/bin/cfgmaker line 950
> ??????? main::DeviceInfo('Read_Only_Secure <at> 10.17.1.250:::::3',
> 'HASH(0xa422d08)', 'HASH(0xa422ca8)') called at /usr/bin/cfgmaker line 137
> ??????? main::main() called at /usr/bin/cfgmaker line 155
> WARNING: Skipping Read_Only_Secure <at> 10.17.1.250:::::3 as no info could be
> retrieved
> 
> 
> 
> Below is the Debug output from our router ... which complains about Time
> windows and Engine Boots (even though I never configured them
> 
> 02:18:59 snmp,debug v3 err: 3 unknown engine id
> 02:18:59 snmp packet from: 10.64.34.77 version: 3
> 02:18:59 snmp user: Read_Only_Secure
> 02:18:59 snmp,debug v3 err: 1 not in time window or incorrect engine boots
> 02:18:59 snmp packet from: 10.64.34.77 version: 3
> 02:18:59 snmp user: Read_Only_Secure
> 02:18:59 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
> 02:19:15 snmp packet from: 10.64.34.77 version: 3
> 02:19:15 snmp user:?
> 02:19:15 snmp,debug v3 err: 3 unknown engine id
> 02:19:15 snmp packet from: 10.64.34.77 version: 3
> 02:19:15 snmp user: Read_Only_Secure
> 02:19:15 snmp,debug v3 err: 1 not in time window or incorrect engine boots
> 02:19:15 snmp packet from: 10.64.34.77 version: 3
> 02:19:15 snmp user: Read_Only_Secure
> 02:19:15 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
> 02:20:11 snmp packet from: 10.64.34.77 version: 3
> 02:20:11 snmp user:?
> 02:20:11 snmp,debug v3 err: 3 unknown engine id
> 02:20:11 snmp packet from: 10.64.34.77 version: 3
> 02:20:11 snmp user: Read_Only_Secure
> 02:20:11 snmp,debug v3 err: 1 not in time window or incorrect engine boots
> 02:20:11 snmp packet from: 10.64.34.77 version: 3
> 02:20:11 snmp user: Read_Only_Secure
> 02:20:11 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
> 02:20:31 snmp packet from: 10.64.34.77 version: 3
> 02:20:31 snmp user:?
> 02:20:31 snmp,debug v3 err: 3 unknown engine id
> 02:20:31 snmp packet from: 10.64.34.77 version: 3
> 02:20:31 snmp user: Read_Only_Secure
> 02:20:31 snmp,debug v3 err: 1 not in time window or incorrect engine boots
> 02:20:31 snmp packet from: 10.64.34.77 version: 3
> 02:20:31 snmp user: Read_Only_Secure
> 02:20:31 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
> 
> 
> 
> On Wed, Apr 24, 2013 at 3:22 PM, Daniel McDonald
> <dan.mcdonald <at> austinenergy.com> wrote:
>> 
>> On 4/23/13 7:47 PM, "Tom Smyth" <tom.smyth <at> wirelessconnect.eu> wrote:
>> 
>>> 
>>> Hi Lads,
>>> 
>>> I was wondering if someone could help me, I have a query about how to get
>>> Cfgmaker and MRTG to talk SNMPv3
>>> 
>>> with Privacy and Authentication enabled, to a Router.
>>> 
>>> I can snmp walk the router? fine...? I just cant get mrtg + snmpv3
>>> working...
>>> 
>>> I know it may not be straight forward but Im looking for a fully worked snmp
>>> example... I am willing to pay someone for this so you can contact me on my
>>> email regarding this...? or if you dont want to be paid more money I will
>>> Dontate more money to the project...
>> 
>> I normally sniff an interactive poll to determine the engineid. ?The
>> net-snmp-utils library doesn¹t detect it properly, but snmpwalk does. ? You
>> don't even need correct credentials:
>> 
>> $ tcpdump -vvv -x host somehost &
>> tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 65535
>> bytes
>> $ snmpwalk -v3 -u foofoo -l authpriv -A 12345678 -X 12345678 somehost
>> 
>> 09:13:05.621967 IP (tos 0x0, ttl 64, id 9037, offset 0, flags [none], proto
>> UDP (17), length 92, bad cksum 0 (->85d0)!)
>> ? ? 10.10.207.244.57070 > elroy-probe.austin-energy.net.snmp: [bad udp cksum
>> 6c33!] ?{ SNMPv3 { F=r } { USM B=0 T=0 U= } { ScopedPDU E= ?C= {
>> GetRequest(14) R=1116332740 ?} } }
>> ? ? 0x0000: ?4500 005c 234d 0000 4011 0000 0a0a cff4
>> ? ? 0x0010: ?0a02 ed73 deee 00a1 0048 d1cd 303e 0201
>> ? ? 0x0020: ?0330 1102 0455 d8d3 a002 0300 ffe3 0401
>> ? ? 0x0030: ?0402 0103 0410 300e 0400 0201 0002 0100
>> ? ? 0x0040: ?0400 0400 0400 3014 0400 0400 a00e 0204
>> ? ? 0x0050: ?4289 e2c4 0201 0002 0100 3000
>> 09:13:05.683814 IP (tos 0x0, ttl 247, id 0, offset 0, flags [DF], proto UDP
>> (17), length 120)
>> ? ? elroy-probe.austin-energy.net.snmp > 10.10.207.244.57070: [udp sum ok]
>> { SNMPv3 { F= } { USM B=7 T=2922798 U= } { ScopedPDU E= ?C= { Report(29) R=0
>> S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=11458 } } }
>> ? ? 0x0000: ?4500 0078 0000 4000 f711 b200 0a02 ed73
>> ? ? 0x0010: ?0a0a cff4 00a1 deee 0064 10f6 305a 0201
>> ? ? 0x0020: ?0330 1102 0455 d8d3 a002 0300 ffe3 0401
>> ? ? 0x0030: ?0002 0103 041d 301b 040b 8000 43dd 0300
>> ? ? 0x0040: ?1985 e03e ce02 0107 0203 2c99 2e04 0004
>> ? ? 0x0050: ?0004 0030 2304 0004 00a8 1d02 0100 0201
>> ? ? 0x0060: ?0002 0100 3012 3010 060a 2b06 0106 030f
>> ? ? 0x0070: ?0101 0400 4102 2cc2
>> 09:13:05.684078 IP (tos 0x0, ttl 64, id 3357
>> 
>> The engineID is in offset 0x003A and the length is specified in 0x0039.
>> Wireshark will break that out for you... TCPdump not-so-much... ?In this
>> case:
>> 800043dd03001985e03ece
>> 
>> Now I can add --engineid=800043dd03001985e03ece to cfgmaker and discover it
>> fine.
>> 
>> 
>>> 
>>> I currently have the following packages installed? on a Centos 6.4 i386 box
>>> mrtg-2.16.2-7.el6.i686
>>> mrtg-libs-2.16.2-7.el6.i686
>>> 
>>> net-snmp-utils-5.5-44.el6.i686
>>> net-snmp-perl-5.5-44.el6.i686
>>> net-snmp-5.5-44.el6.i686
>>> net-snmp-libs-5.5-44.el6.i686
>>> net-snmp-devel-5.5-44.el6.i686
>>> 
>>> rrdtool-devel-1.3.8-6.el6.i686
>>> rrdtool-1.3.8-6.el6.i686
>>> rrdtool-perl-1.3.8-6.el6.i686
>>> 
>>> 
>>> 
>>> My router SNMP v3 config
>>> /snmp community
>>> set [ find default=yes ] addresses=10.0.0.0/8 <http://10.0.0.0/8>
>>> <http://10.0.0.0/8>
>>> authentication-password=testtest? authentication-protocol=SHA1
>>> encryption-password=testtest name=Read_Only security=private
>>> /snmp
>>> set contact=support <at> wirelessconnect.eu enabled=yes trap-community=
>>> ??? Read_Only trap-target=0.0.0.0 trap-version=3
>>> 
>>> 
>>> What Im looking for is a working example of
>>> MRTG Cfgmaker commnand that would successfully connect to a router with the
>>> configuration above with Auth and Priv enabled for a given context ID ...?
>>> on
>>> SNMPv3
>>> 
>>> If you have to do something funky with context ID ...? for example
>>> 
>>> 
>>> I get weird unrecognised ASN.1 errors? from the Cfgmaker script with
>>> hexidecimal references that change every time I modify the cfgmaker command.
>>> 
>>> I have tried many things and I just want some one . give me assistance to
>>> get
>>> the Cfgmaker command working...
>>> 
>>> I can snmp walk the router? fine...? I just cant get mrtg + snmpv3
>>> working...
>>> 
>>> 
>>> Below ... is some mails with more information
>>> 
>>> On Mon, Apr 22, 2013 at 7:29 AM, Tom Smyth <tom.smyth <at> wirelessconnect.eu>
>>> wrote:
>>>> Hi lads,
>>>> 
>>>> Does any one have tips here for me I just dont get how to get around the
>>>> Context ID,
>>>> 
>>>> I can snmpwalk no problem without the context ID.. (which is not set on the
>>>> router as it is optional)
>>>> 
>>>> But everytime I set it on the router and I set it on the command
>>>> 
>>>> on Mrtg Server I set the following command
>>>> ?cfgmaker --enablesnmpv3 --contextengineid "" --username=Read_Only
>>>> --authpassword=testtest --authprotocol=sha --privpassword=testtest
>>>> --privprotocol=des --ifref=ip --community=Read_Only 10.17.1.250:::::3
>>>> 
>>>> 
>>>> I get this error on the router
>>>> 
>>>> 07:21:39 snmp,debug v3 err: 3 unknown engine id
>>>> 07:21:39 snmp packet from: 10.64.34.77 version: 3
>>>> 07:21:39 snmp user: Read_Only_Secure
>>>> 07:21:39 snmp,debug v3 err: 1 not in time window or incorrect engine boots
>>>> 07:21:39 snmp packet from: 10.64.34.77 version: 3
>>>> 07:21:39 snmp user: Read_Only_Secure
>>>> 07:21:39 snmp,debug getnextgetbulk .1.3.6.1.2.1.1 reps:c nonreps:0
>>>> 
>>>> 
>>>> Any Help or advice would be appreciated
>>>> 
>>>> 
>>>> On Thu, Jan 24, 2013 at 11:00 PM, Tom Smyth <tom.smyth <at> wirelessconnect.eu>
>>>> wrote:
>>>>> Hi lads,
>>>>> 
>>>>> Does anyone have any tips for running MRTG and SNMPv3? (with Auth and
>>>>> Priv)
>>>>> SHA & DES
>>>>> 
>>>>> I have been having issues with Cfgmaker not accepting my command without?
>>>>> mandatory ? Context ID? (even tho context ID is Optional)
>>>>> I have tried commenting out the Die if Context is not set lines in
>>>>> cfgmaker
>>>>> 
>>>>> I have been able to SNMP walk with SNmp tools and I have been able to
>>>>> communicate with routers with Cacti...
>>>>> 
>>>>> but no matter what I try I cant get MRTG cfgmaker to work....with SNMPv3
>>>>> 
>>>>> 
>>>>> I have tried with v2.17.4 and with the standard mrtg package on Centos 6.2
>>>>> 
>>>>> 
>>>>> if anyone can help me with this...
>>>>> 
>>>>> anything at all ... even a sample manual mrtg.cfg file for snmpv3 would be
>>>>> cool
>>>>> 
>>>>> Thanks for your time
>>>>> 
>>>>> 
>> 
>> _______________________________________________
>> mrtg mailing list
>> mrtg <at> lists.oetiker.ch
>> https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
> 
> 

_______________________________________________
mrtg mailing list
mrtg <at> lists.oetiker.ch
https://lists.oetiker.ch/cgi-bin/listinfo/mrtg
Permalink | Reply | 0 comments |

Gmane