Sreekanth Kamanuru | 4 Jul 05:51 2015
Picon

serve standard mibs also using subagent

Hi,

My purpose is to serve all SNMP mib requests through subagents including standard mibs like IF-MIB, IP-MIB, TCP-MIB etc with agent acting merely as master agent with agentx support and passing on all mib requests to registered subagents.

I tried below configure options and could successfully build too, virtually building only agent & utilities modules.

./configure --disable-mibs --with-out-mib-modules=mibII,ucd_snmp,agent_mibs,disman/event,disman/schedule,host,udp-mib,snmpv3mibs,target,notification,notification-log-mib,snmp-notification-mib

However, when I run IF-MIB mib as subagent code, master gives "duplicate registration" error though agent/mibgroup/if-mib is not part of the build. How to disable master's OID registrations for all standard mibs ?

Net-snmp code version used : 5.7.3

Master is run as :
sudo snmpd -f -Lo  -C --rwcommunity=public --master=agentx

IF-MIB Subagent:
NET-SNMP version 5.7.2 AgentX subagent connected
registering pdu failed: 263!
registering pdu failed: 263!
subagent_ifMIB is up and running.

Error on master:
duplicate registration: MIB modules ifXTable and AgentX subagent 5, session 0x11c9030, subsession 0x11da2d0 (oid .1.3.6.1.2.1.31.1.1).
duplicate registration: MIB modules ifTableLastChanged and AgentX subagent 5, session 0x11c9030, subsession 0x11da2d0 (oid .1.3.6.1.2.1.31.1.5).

Thanks,
Sreek
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
ganeshyellapu | 30 Jun 13:17 2015
Picon

Could not receive traps

Hi,

I am using net-snmp-5.7.2.

My agent is running on windows xp  with ip 201.123.81.75
with snmpd.conf containg the below  information:
 
rocommunity  public    
rwcommunity  private     
 
trapsink  201.123.80.112   public  
trap2sink  201.123.80.112   private


My manager is running on winodws 7 with ip 201.123.80.112
with snmptrapd.conf containing the below  single line:

authCommunity log, exec, net  public

I started the snmptrapd in windows 7  PC as

snmptrapd -Lf  c:\log.txt

Now whenever,  i start and stop the agent in my windows xp pc, i could not receive any trap.

[I was able to receive the coldstart trap when both agent and manager are running in the same pc].

kindly explain about the configuration for this...

Thank you

regards,
Ganesh Y



Every Sheets of paper is made from a tree.. Save trees... Conserve Trees.... Go Green .... Don't print this email or any Files unless you really need to!!!!
Confidentiality Notice
The information contained in this electronic message and any attachments to this
message are intended for the exclusive use of the addressee(s) and may contain
confidential or privileged information. If you are not the intended recipient,
please notify the sender at Bharat Electronics or support <at> bel.co.in
immediately and destroy all copies of this message and any attachments.
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Simon Chamlian | 26 Jun 20:01 2015
Picon

Re: snmpd.conf privProtocol does not work

Thanks Ajit.

After re-compiling
createUser User2   MD5 "HelloWorld" DES "default-00"
rwuser     User2

works fine.

==========================================================

Even though the agent starts without any error, I cannot access agent with MIB browser when using


createUser User3   MD5 "admin-00" AES "default-00"               
rwuser     User3                                                 
                              
OR

createUser User4   MD5 "admin-00" AES "default-00"               
rwuser     User4   priv                


=========================================================



Should I presume I cannot use AES with NET-SNMP version 5.7.1 or it is another compilation flag I need?



Thanks,
S.





On Fri, Jun 26, 2015 at 11:31 AM, Ajit Ambekar <007ajit09 <at> gmail.com> wrote:

While compiling use should enable des encryption.

On Jun 26, 2015 8:34 PM, "Simon Chamlian" <simon.chamlian <at> gmail.com> wrote:

Hi,

With snmpd.conf  creating a userusing authProtocol works fine.
For example:
  createUser User1      MD5 "HelloWorld"
  rwuser     User1      auth

But creating a user with encryption does not work.

I tried:

=========================================================
createUser User2   MD5 "HelloWorld" DES "default-00"
rwuser     User2

it gives me error:  Error: Unknown privacy protocol

=========================================================

createUser User3   MD5 "admin-00" AES "default-00"               
rwuser     User3                                                 
                                                     
No error but cannot access agent with MIB browser                                                  

=========================================================
createUser User4   MD5 "admin-00" AES "default-00"               
rwuser     User4   priv                

No error but cannot access agent with MIB browser 
=========================================================

What am I doing wrong?


Thanks,
S









------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Simon Chamlian | 26 Jun 16:56 2015
Picon

snmpd.conf privProtocol does not work


Hi,

With snmpd.conf  creating a userusing authProtocol works fine.
For example:
  createUser User1      MD5 "HelloWorld"
  rwuser     User1      auth

But creating a user with encryption does not work.

I tried:

=========================================================
createUser User2   MD5 "HelloWorld" DES "default-00"
rwuser     User2

it gives me error:  Error: Unknown privacy protocol

=========================================================

createUser User3   MD5 "admin-00" AES "default-00"               
rwuser     User3                                                 
                                                     
No error but cannot access agent with MIB browser                                                  

=========================================================
createUser User4   MD5 "admin-00" AES "default-00"               
rwuser     User4   priv                

No error but cannot access agent with MIB browser 
=========================================================

What am I doing wrong?


Thanks,
S








------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Christopher Crotty | 25 Jun 16:58 2015

Anyone know of a trap receiver that supports SnmpAdminString with UTF-8 character encoding?

I have tried many receivers (snmptrapd,ManageEngine,iReasoning,Wireshark), and they all display SnmpAdminString types as ascii characters, even though the SNMP-FRAMEWORK mib has a DISPLAY-HINT of “255t” for SnmpAdminString.

 

For example:

Sending the string “IQTV-ö05

The correct UTF-8 bytes are sent over the wire  495154562dc3b63035

 

But each receiver displays this as “IQTV-ö05”

(The bytes 0xc3b6 in UTF-8 represent ‘ö’ but in extended ascii are ‘ö’).

 

 

Thanks for your time:

 

Chris

 

Christopher Crotty

Senior Principal Engineer

IneoQuest Technologies, Inc.

- - - - - - - - - - - - - - - - - - - - - -

Office: 508.618.0305

Mobile: 617.320.3884

Fax: 508.339.4727

- - - - - - - - - - - - - - - - - - - - - -

170 Forbes Blvd,

Mansfield, MA 02048 USA

 

Global Leader in Video Service Assurance

www.ineoquest.com

 



NOTICE: This communication and any attachments may contain confidential and/or privileged information of IneoQuest Technologies, Inc. ("IneoQuest"). This communication is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this communication, you are hereby notified that any dissemination, distribution, copying or other use of this communication or the information it contains is strictly prohibited and may be unlawful. If you have received this communication in error, please notify the sender immediately by reply e-mail and destroy all copies of this communication (including attachments), electronic or otherwise. If you are a party to a written Non-Disclosure Agreement ("NDA") with IneoQuest, you should maintain the contents of this communication (including attachments) in confidence to the full extent specified in the NDA.
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Ulrich Windl | 25 Jun 08:10 2015
Picon

Antw: Q: VACM and USM

Hi!

I can't really answer my own question, but I'm kind of surprised that nobody seems to know the answer:
Using "rwuser" is noc remommended if you also want to use the VACM, but to be able to create users and change
passwords, users need access to parts of the internal user management.

Do you all just use "rwuser", or don't you know you are using "rwuser", or di you use SNMPv1?

Regards,
Ulrich

>>> Ulrich Windl schrieb am 22.06.2015 um 12:33 in Nachricht <5587E495.B26 : 161 :
60728>:
> Hi!
> 
> I have a simple question ;-)
> 
> Which view do users need access to to
> 1) modify theit own passwords
> 2) create new users
> 
> Obviously 1) should not include 2).
> 
> I tried to find an answer, but failed. Using net-snmp 5.4.2.1 ...
> 
> Regards,
> Ulrich
> 
> 

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Fredrik Björk | 24 Jun 20:42 2015
Picon

Ang.: Local snmpwalk fails with Unknown Object Identifier

Hi!

It is sufficient to just copy the file as you dedcribe. Just make sure you have an unbroken chain of references to the root of the MIB tree. If you have a reference in your file to "enterprises" for instance, you should be fine.

You can also put the file in another dir and append that path with -M+/your/dir

/Fredrik

----- Reply message -----
Från: "Oliver Graute" <oliver.graute <at> gmail.com>
Till: <net-snmp-users <at> lists.sourceforge.net>
Rubrik: Local snmpwalk fails with Unknown Object Identifier
Datum: ons, jun 24, 2015 16:13

> The TAINY-MIB is a self created MIB and is stored in /usr/share/snmp/mibs is it sufficant to copy a self-build MIB to the /usr/share/snmp/mibs directory? or do I need a fresh build with ./configure --with-mib-modules=myMIB ? Best regards, Oliver ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ Net-snmp-users mailing list Net-snmp-users <at> lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
Oliver Graute | 23 Jun 15:14 2015
Picon

Local snmpwalk fails with Unknown Object Identifier

Hello,

I observe a strange problem with net-snmp while retrieving a subtree
with snmpwalk:

On the Target Host itself I got a Unknown Object Identifier Error Message..

snmpwalk -v3 -m ALL -M /usr/share/snmp/mibs -n "" -u admin -a SH
A -A "12345678" -x AES -X "12345678" -l authPriv localhost TAINY-MIB::tainyMIBOb
jects
TAINY-MIB::tainyMIBObjects: Unknown Object Identifier
(TAINY-MIB::tainyMIBObjects)

The same command from a Remote Host to the Target is working like expecting:

snmpwalk -v3 -m ALL -M /home/graute/snmp/mibs -n "" -u admin -a SHA -A
"12345678" -x AES -X "12345678" -l authPriv 192.168.1.8:161
TAINY-MIB::tainyMIBObje
cts

snmpwalk -v3 -m ALL -M /home/graute/snmp/mibs -n "" -u admin -a SHA -A
"12345678" -x AES -X "12345678" -l authPriv 192.168.1.8:161
TAINY-MIB::tainyMIBObje
cts
TAINY-MIB::tainyCSQ = INTEGER: 99
TAINY-MIB::tainyLACCID = ""
TAINY-MIB::tainyWirelessWANIP = ""
TAINY-MIB::tainyAccessTechnology = INTEGER: 0
TAINY-MIB::tainyAccessTechnologyString = STRING: "Access Technology Unknown"
TAINY-MIB::tainyWirelessNetWorkConnected = INTEGER: 0
TAINY-MIB::tainyWirelessWANOnline = INTEGER: 0
TAINY-MIB::tainyIMEI = ""
TAINY-MIB::tainyIMSI = ""
TAINY-MIB::tainyICCID = ""
TAINY-MIB::tainyDNS1 = ""
TAINY-MIB::tainyDNS2 = ""
TAINY-MIB::tainyDNS3 = ""

...

Some ideas whats is going wrong here?

The TAINY-MIB is a self created MIB and is stored in  /usr/share/snmp/mibs

/usr/bin/snmpwalk -V
NET-SNMP version: 5.7.3

Best regards,

Oliver

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Jim Long | 23 Jun 07:02 2015

snmpd ignores requests, terminates abruptly

I am migrating a working net-snmpd setup from FreeBSD 8.4 to FreeBSD
9.3.  The net-snmp versions involved are 5.7.1_7 and 5.7.3_7,
respectively.  By "working," I mean that I can successfully snmpwalk
the old snmp server.

On the new server, I have installed net-snmp from ports, and copied
/usr/local/etc/snmp/snmpd.conf from the old system to the new.

On the old system, 10.162.202.121, snmpwalk works when targeting
itself, and I can run it multiple times with no problem:

# time snmpwalk -v1 -c foObAR1 10.162.202.121 | wc -l
    2452

real    0m2.830s
user    0m0.643s
sys     0m0.389s
# time snmpwalk -v1 -c foObAR1 10.162.202.121 | wc -l
    2452

real    0m3.394s
user    0m0.603s
sys     0m0.366s
# time snmpwalk -v1 -c foObAR1 10.162.202.121 | wc -l
    2461

real    0m2.803s
user    0m0.544s
sys     0m0.317s

On the new system, 10.158.10.10, snmpwalk fails, and snmpd terminates
shortly after receiving the UDP packet.

First, I start the snmpd agent manually, then as quickly as possible
(about half a second later), I start the snmpwalk process from a host
on an adjacent IP number.  FWIW, I get the same symptoms if I run snmpwalk
from the same host that is running snmpd.

Agent:

# time /usr/local/sbin/snmpd -c /usr/local/etc/snmp/snmpd.conf -Lo -df &
[1] 17067
# NET-SNMP version 5.7.3

Received 41 byte packet from UDP: [10.158.10.9]:33811->[10.158.10.10]:161
0000: 30 27 02 01  00 04 07 73  41 57 6E 33  74 31 A1 19    0'.....foObAR1..
0016: 02 04 60 B5  05 1F 02 01  00 02 01 00  30 0B 30 09    ..`.........0.0.
0032: 06 05 2B 06  01 02 01 05  00                          ..+......

real    0m5.959s
user    0m0.038s
sys     0m0.047s

Notice that snmpd has terminated, and time reports the elapsed run
time.  /usr/local/etc/snmp/snmpd.conf should be a default config
location, but I am specifying it explicitly to be certain.  No
other snmp*.conf files exist on the new server:

# find / -name 'snmp*.conf'
/usr/local/etc/snmp/snmpd.conf
/var/net-snmp/snmpd.conf
#

On the client side, 10.158.10.9:

# time snmpwalk -v1 -c foObAR1 10.158.10.10 | wc -l
Timeout: No Response from 10.158.10.10
       0

real    0m6.086s
user    0m0.043s
sys     0m0.043s

http://www.net-snmp.org/docs/FAQ.html says:

  If the agent displays a dump of the incoming request, but nothing going
  out, then the most likely cause is access control settings.  See the
  relevant entries in the AGENT section for details.  Note that if the agent
  receives an SNMPv1 or SNMPv2c request with a unknown community string,
  then it will not return an error response - the request is simply discarded.

I am ruling out this possibility because on 10.158.10.10, I can grep
/usr/local/etc/snmp/snmpd.conf and obtain a match on the community
string seen in the hex dump of the incoming request:

# grep -w 'foObAR1$' /usr/local/etc/snmp/snmpd.conf
rocommunity  foObAR1
#

The FAQ continues:

  Another possibility is that the request may be rejected by settings in
  /etc/hosts.{allow,deny}.  Again, '-d' will display an incoming packet
  dump but no corresponding outgoing response.  However in this situation,
  the agent should also log a message that the request is being refused.

With the logging set to stdout above, no message is logged about any refused
requests.  However, there is a syslog entry which arises from /etc/hosts.allow:

Jun 22 21:23:56 hostname snmpd: warning: /etc/hosts.allow, line 139: twist_option: dup: Bad file descriptor

The old (8.4) and new (9.3) hosts have identical hosts.allow files:

# md5 /etc/hosts.allow; ssh oldhost md5 /etc/hosts.allow
MD5 (/etc/hosts.allow) = 7cb32c11209ab63aed7ba28024649fc7
MD5 (/etc/hosts.allow) = 7cb32c11209ab63aed7ba28024649fc7
# 

The old server also logs hosts.allow twist warnings, but they don't
prevent snmpd from responding successfully to the snmpwalk request.

Jun 22 20:37:02 oldhost snmpd: error: /etc/hosts.allow, line 139: twist option in resident process

Still, I would gladly receive guidance on how to get rid of this warning 
message, just on general principles.

But what I'm really stumped by is what I'm missing that is
preventing the new snmpd host from responding to snmpwalk requests.

Here is my snmpd.conf:

# grep '^[^#]' /usr/local/etc/snmp/snmpd.conf
syslocation  "Somewhere, Earth"
syscontact  help <at> example.com
rocommunity  foObAR1
rwcommunity  foObAR2
load  8 7 6
#

All suggestions are welcome, as are specific requests for additional
information related to this problem.

Thank you!

Jim

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Quanah Gibson-Mount | 22 Jun 23:15 2015

Broken downloads, and moving off of sourceforge?

The tarball for net-snmp-5.7.2.1.tar.gz is corrupted on Sourceforge.  I've 
tried downloading it via multiple mirrors.  Additionally, given SF's recent 
trojan attempts on projects, has the Net-SNMP project looked at moving to a 
more reliable method of distribution?  I can't tell if the tarball 
corruption is due to SF trying to insert crap into the download.  It'd be 
great to see the project use some other method of distribution.  The 
alternative methods listed on the download page also do not work (SF FTP 
site times out, ftp.freesnmp.com prompts for a username/password).

Thanks,
Quanah

--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Ulrich Windl | 22 Jun 12:38 2015
Picon

Q: usmUser

Hi!

I noticed when creating a user using "createUser" in snmpd.conf, the newly created user has "" at the end of
the usmUser line, while exising users have (or get) NULL at the end of the line.
I found no manual page doumenting the meaning of each field.

Is there a doument explaining usmUser, ifXTable, and setserialno?

(net-snmp 5.4.2.1)

Regards,
Ulrich

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users <at> lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users


Gmane