[SNMP4J] Security Issue? - Some clients work, some don't
. .
nfn_nln at hotmail.com
Mon Aug 22 03:36:36 CEST 2005
***Setup: I setup an SNMP Agent and populated it with 2 OIDs
***Problem:
Using one program to query the OIDs results in the correct value returned.
OID: 1.3.6.1.4.1.318.1.1.1.2.2.1 type: snmp.SNMPInteger value: 100
The other program throws an exception here:
// check error status; if retrieval problem, throw
SNMPGetException
if (receivedPDU.getErrorStatus() != 0)
throw new SNMPGetException("OID " + itemID + " not
available for retrieval", receivedPDU.getErrorIndex(),
receivedPDU.getErrorStatus());
Exception in thread "main" snmp.SNMPGetException: OID
1.3.6.1.4.1.318.1.1.1.2.2.1 not available for retrieval
at
snmp.SNMPv1CommunicationInterface.getMIBEntry(SNMPv1CommunicationInterface.java:291)
***snmp4j Agent Logs:
<Response to program that works>
228627 [Thread-1] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping -
Received message from /10.0.1.207/36222 with length 45:
30:2b:02:01:00:04:06:70:75:62:6c:69:63:a0:1e:02:01:01:02:01:00:02:01:00:30:13:30:11:06:0d:2b:06:01:04:01:82:3e:01:01:01:02:02:01:05:00
228628 [Thread-1] DEBUG org.snmp4j.Snmp - Fire process PDU event:
CommandResponderEvent[transportMapping=org.snmp4j.transport.DefaultUdpTransportMapping at 16c163fpeerAddress=10.0.1.207/36222,
processed=false, pdu=[GET[reqestID=1, timestamp=0:00:00.00, enterprise=,
genericTrap=0, specificTrap=0, VBS[1.3.6.1.4.1.318.1.1.1.2.2.1 = Null]]],
securityName=[B at 16f144c, securityModel=1, securityLevel=1]
228629 [Thread-1] DEBUG org.snmp4j.agent.mo.snmp.VacmMIB - Matching view
found for group name 'v1v2group' is 'fullReadView'
228629 [Thread-1] DEBUG org.snmp4j.agent.DefaultMOServer - Scanning managed
object: 1.3.6.1.4.1.318.1.1.1.2.2.1-1.3.6.1.4.1.318.1.1.1.2.2.1 for
org.snmp4j.agent.CommandProcessor$VACMQuery[viewName=fullReadView]=1.3.6.1.4.1.318.1.1.1.2.2.1<=
x <=1.3.6.1.4.1.318.1.1.1.2.2.1
228630 [Thread-1] DEBUG org.snmp4j.agent.mo.snmp.VacmMIB - Access allowed
for view 'fullReadView' by subtree 1.3 for OID 1.3.6.1.4.1.318.1.1.1.2.2.1
228636 [Thread-1] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping -
Sending message to 10.0.1.207/36222 with length 46:
30:2c:02:01:00:04:06:70:75:62:6c:69:63:a2:1f:02:01:01:02:01:00:02:01:00:30:14:30:12:06:0d:2b:06:01:04:01:82:3e:01:01:01:02:02:01:02:01:64
</Response to program that works>
<Response to program that fails>
219808 [Thread-1] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping -
Received message from /10.0.1.207/36222 with length 46:
30:2c:02:01:00:04:07:70:72:69:76:61:74:65:a0:1e:02:01:01:02:01:00:02:01:00:30:13:30:11:06:0d:2b:06:01:04:01:82:3e:01:01:01:02:02:01:05:00
219810 [Thread-1] DEBUG org.snmp4j.Snmp - Fire process PDU event:
CommandResponderEvent[transportMapping=org.snmp4j.transport.DefaultUdpTransportMapping at 16c163fpeerAddress=10.0.1.207/36222,
processed=false, pdu=[GET[reqestID=1, timestamp=0:00:00.00, enterprise=,
genericTrap=0, specificTrap=0, VBS[1.3.6.1.4.1.318.1.1.1.2.2.1 = Null]]],
securityName=[B at 1e232b5, securityModel=1, securityLevel=1]
219816 [Thread-1] DEBUG org.snmp4j.transport.DefaultUdpTransportMapping -
Sending message to 10.0.1.207/36222 with length 46:
30:2c:02:01:00:04:07:70:72:69:76:61:74:65:a2:1e:02:01:01:02:01:10:02:01:00:30:13:30:11:06:0d:2b:06:01:04:01:82:3e:01:01:01:02:02:01:05:00
</Response to program that fails>
*** Both programs are querying the same OID, why does one pass and one fail?
Is there something wrong here?:
protected void addViews(VacmMIB vacm) {
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv1,
new OctetString("public"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c,
new OctetString("public"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v1v2group"), new OctetString(),
SecurityModel.SECURITY_MODEL_ANY,
SecurityLevel.NOAUTH_NOPRIV, VacmMIB.vacmExactMatch,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullReadView"), new OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullWriteView"), new OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullNotifyView"), new OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
}
More information about the SNMP4J
mailing list