[AGENT++] [PATCH] Fix engine id discovery on the trap listen port
dominik.vogt at external.thalesgroup.com
dominik.vogt at external.thalesgroup.com
Fri Sep 17 10:47:53 CEST 2010
There is a subtle bug in the way snmp++ sends responses to
requests it receives on the trap listen port. Responses are only
sent from that port, if the PDU is of type sNMP_PDU_INFORM,
assuming that this is the only request that will ever come in
through the trap listen port.
However, the notification source may perform an engine id
discovery first (see the first two packets in the attache
wireshark trace). In that case, the response is sent from the
regular snmp port instead of the trap listen port. As a result,
the resonse would we rejected by a firewall, so engine id
discovery does not work and the notification source can never send
a notification.
The attached patch fixes this bug (although you may want to write
the fix in a different way). (snmp++v3.2.25)
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt
-------------- next part --------------
No. Time Source Destination Protocol Info
1 0.000000 127.0.0.1 127.0.0.1 SNMP get-request
Frame 1 (106 bytes on wire, 106 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 46651 (46651), Dst Port: 4711 (4711)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224161
msgMaxSize: 65507
msgFlags: 04
.... .1.. = Reportable: Set
.... ..0. = Encrypted: Not set
.... ...0 = Authenticated: Not set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: <MISSING>
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName:
msgAuthenticationParameters: <MISSING>
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: <MISSING>
contextName: <MISSING>
data: get-request (0)
get-request
request-id: 1976440139
error-status: noError (0)
error-index: 0
variable-bindings: 0 items
No. Time Source Destination Protocol Info
2 0.000096 127.0.0.1 127.0.0.1 SNMP report SNMP-USER-BASED-SM-MIB::usmStatsUnknownEngineIDs.0
Frame 2 (134 bytes on wire, 134 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 54792 (54792), Dst Port: 46651 (46651)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224161
msgMaxSize: 4096
msgFlags: 00
.... .0.. = Reportable: Not set
.... ..0. = Encrypted: Not set
.... ...0 = Authenticated: Not set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName:
msgAuthenticationParameters: <MISSING>
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: <MISSING>
contextName: <MISSING>
data: report (8)
report
request-id: 1976440139
error-status: noError (0)
error-index: 0
variable-bindings: 1 item
SNMP-USER-BASED-SM-MIB::usmStatsUnknownEngineIDs.0 (1.3.6.1.6.3.15.1.1.4.0): 1
Object Name: 1.3.6.1.6.3.15.1.1.4.0 (SNMP-USER-BASED-SM-MIB::usmStatsUnknownEngineIDs.0)
Scalar Instance Index: 0
SNMP-USER-BASED-SM-MIB::usmStatsUnknownEngineIDs: 1
No. Time Source Destination Protocol Info
3 0.000188 127.0.0.1 127.0.0.1 SNMP informRequest SNMPv2-MIB::sysUpTime.0 SNMPv2-MIB::snmpTrapOID.0 SNMPv2-SMI::enterprises.3090.60.13.1.1
Frame 3 (212 bytes on wire, 212 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 46651 (46651), Dst Port: 4711 (4711)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224160
msgMaxSize: 65507
msgFlags: 05
.... .1.. = Reportable: Set
.... ..0. = Encrypted: Not set
.... ...1 = Authenticated: Set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName: notifier
msgAuthenticationParameters: 7D43EC857A68B95D79ECA3D0
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
contextName: <MISSING>
data: informRequest (6)
informRequest
request-id: 1976440138
error-status: noError (0)
error-index: 0
variable-bindings: 3 items
SNMPv2-MIB::sysUpTime.0 (1.3.6.1.2.1.1.3.0): 1234
Object Name: 1.3.6.1.2.1.1.3.0 (SNMPv2-MIB::sysUpTime.0)
Scalar Instance Index: 0
SNMPv2-MIB::sysUpTime: 1234
SNMPv2-MIB::snmpTrapOID.0 (1.3.6.1.6.3.1.1.4.1.0): 1.3.6.1.4.1.3090.60.13.3.6 (SNMPv2-SMI::enterprises.3090.60.13.3.6)
Object Name: 1.3.6.1.6.3.1.1.4.1.0 (SNMPv2-MIB::snmpTrapOID.0)
Scalar Instance Index: 0
SNMPv2-MIB::snmpTrapOID: 1.3.6.1.4.1.3090.60.13.3.6 (SNMPv2-SMI::enterprises.3090.60.13.3.6)
SNMPv2-SMI::enterprises.3090.60.13.1.1 (1.3.6.1.4.1.3090.60.13.1.1): 0
Object Name: 1.3.6.1.4.1.3090.60.13.1.1 (SNMPv2-SMI::enterprises.3090.60.13.1.1)
Value (Integer32): 0
No. Time Source Destination Protocol Info
4 0.000240 127.0.0.1 127.0.0.1 SNMP report SNMP-USER-BASED-SM-MIB::usmStatsNotInTimeWindows.0
Frame 4 (167 bytes on wire, 167 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 4711 (4711), Dst Port: 46651 (46651)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224160
msgMaxSize: 4096
msgFlags: 01
.... .0.. = Reportable: Not set
.... ..0. = Encrypted: Not set
.... ...1 = Authenticated: Set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
msgAuthoritativeEngineBoots: 476
msgAuthoritativeEngineTime: 17
msgUserName: notifier
msgAuthenticationParameters: F098ED5CE42CAB05262147E6
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
contextName: <MISSING>
data: report (8)
report
request-id: 1976440138
error-status: noError (0)
error-index: 0
variable-bindings: 1 item
SNMP-USER-BASED-SM-MIB::usmStatsNotInTimeWindows.0 (1.3.6.1.6.3.15.1.1.2.0): 1
Object Name: 1.3.6.1.6.3.15.1.1.2.0 (SNMP-USER-BASED-SM-MIB::usmStatsNotInTimeWindows.0)
Scalar Instance Index: 0
SNMP-USER-BASED-SM-MIB::usmStatsNotInTimeWindows: 1
No. Time Source Destination Protocol Info
5 0.000288 127.0.0.1 127.0.0.1 SNMP informRequest SNMPv2-MIB::sysUpTime.0 SNMPv2-MIB::snmpTrapOID.0 SNMPv2-SMI::enterprises.3090.60.13.1.1
Frame 5 (213 bytes on wire, 213 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 46651 (46651), Dst Port: 4711 (4711)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224162
msgMaxSize: 65507
msgFlags: 05
.... .1.. = Reportable: Set
.... ..0. = Encrypted: Not set
.... ...1 = Authenticated: Set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
msgAuthoritativeEngineBoots: 476
msgAuthoritativeEngineTime: 17
msgUserName: notifier
msgAuthenticationParameters: 3928470234C3E0DFACB65EBC
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
contextName: <MISSING>
data: informRequest (6)
informRequest
request-id: 1976440138
error-status: noError (0)
error-index: 0
variable-bindings: 3 items
SNMPv2-MIB::sysUpTime.0 (1.3.6.1.2.1.1.3.0): 1234
Object Name: 1.3.6.1.2.1.1.3.0 (SNMPv2-MIB::sysUpTime.0)
Scalar Instance Index: 0
SNMPv2-MIB::sysUpTime: 1234
SNMPv2-MIB::snmpTrapOID.0 (1.3.6.1.6.3.1.1.4.1.0): 1.3.6.1.4.1.3090.60.13.3.6 (SNMPv2-SMI::enterprises.3090.60.13.3.6)
Object Name: 1.3.6.1.6.3.1.1.4.1.0 (SNMPv2-MIB::snmpTrapOID.0)
Scalar Instance Index: 0
SNMPv2-MIB::snmpTrapOID: 1.3.6.1.4.1.3090.60.13.3.6 (SNMPv2-SMI::enterprises.3090.60.13.3.6)
SNMPv2-SMI::enterprises.3090.60.13.1.1 (1.3.6.1.4.1.3090.60.13.1.1): 0
Object Name: 1.3.6.1.4.1.3090.60.13.1.1 (SNMPv2-SMI::enterprises.3090.60.13.1.1)
Value (Integer32): 0
No. Time Source Destination Protocol Info
6 0.000460 127.0.0.1 127.0.0.1 SNMP get-response SNMPv2-SMI::enterprises.3090.60.13.1.1
Frame 6 (189 bytes on wire, 189 bytes captured)
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol, Src: 127.0.0.1 (127.0.0.1), Dst: 127.0.0.1 (127.0.0.1)
User Datagram Protocol, Src Port: 4711 (4711), Dst Port: 46651 (46651)
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 159224162
msgMaxSize: 4096
msgFlags: 01
.... .0.. = Reportable: Not set
.... ..0. = Encrypted: Not set
.... ...1 = Authenticated: Set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
msgAuthoritativeEngineBoots: 476
msgAuthoritativeEngineTime: 17
msgUserName: notifier
msgAuthenticationParameters: 95F47BEFBBEE2A70E5306368
msgPrivacyParameters: <MISSING>
msgData: plaintext (0)
plaintext
contextEngineID: 800013700573747A3132125F
1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
Engine Enterprise ID: AGENT++ (4976)
Engine ID Format: Octets, administratively assigned (5)
Engine ID Data: 73747A3132125F
contextName: <MISSING>
data: get-response (2)
get-response
request-id: 1976440138
error-status: noError (0)
error-index: 0
variable-bindings: 1 item
SNMPv2-SMI::enterprises.3090.60.13.1.1 (1.3.6.1.4.1.3090.60.13.1.1): 546869732069732074686520726573706F6E73652E
Object Name: 1.3.6.1.4.1.3090.60.13.1.1 (SNMPv2-SMI::enterprises.3090.60.13.1.1)
Value (OctetString): 546869732069732074686520726573706F6E73652E
-------------- next part --------------
More information about the AGENTPP
mailing list