[SNMP4J] About VACM views
pradip de
pradip.de at gmail.com
Mon Sep 21 20:50:37 CEST 2009
Hi Frank,
thanks for your response. I probably was missing something. So, the strings
in question are names of specific views which I believe correspond to the
root of a specific subtree of the MIB tree. So, I cant understand why
changing it from one view name to another is making it not go out of the
wire. I see that the name "restrictedNotifyView" correspond to the OID
1.3.6.1.4. But when I try to send a trap packet (with OID something like
1.3.6.1.4.1.33936.1.1.1.1.2.1.1) out for SNMPv3 it does not go out but it
does when I change the views for the "v3restricted" access name to all
full..Views. I am pasting the addViews() method for your convenience. I
would really appreciate if you can show me where I am going wrong with the
Agent code.
protected void addViews(VacmMIB vacm) {
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv1,
//new OctetString("public"),
//new OctetString("v1v2group"),
new OctetString(agentConfig.getSecName()),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c,
//new OctetString("public"),
new OctetString(agentConfig.getSecName()),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_USM,
//new OctetString("SHADES"),
new OctetString(agentConfig.getSecName()),
new OctetString("v3group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_USM,
//new OctetString("SHA"),
new OctetString(agentConfig.getSecName()),
new OctetString("v3restricted"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v1v2group"), new OctetString(),
SecurityModel.SECURITY_MODEL_ANY,
SecurityLevel.NOAUTH_NOPRIV, VacmMIB.vacmExactMatch,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v3group"), new OctetString(),
SecurityModel.SECURITY_MODEL_USM,
SecurityLevel.AUTH_PRIV, VacmMIB.vacmExactMatch,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v3restricted"), new OctetString(),
SecurityModel.SECURITY_MODEL_USM,
SecurityLevel.AUTH_NOPRIV, VacmMIB.vacmExactMatch,
new OctetString("restrictedReadView"),
new OctetString("restrictedWriteView"),
new OctetString("restrictedNotifyView"),
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullReadView"), new
OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullWriteView"), new
OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullNotifyView"), new
OID("1.3"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("restrictedReadView"),
new OID("1.3.6.1.4"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("restrictedWriteView"),
new OID("1.3.6.1.4.1"),
new OctetString(),
VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("restrictedNotifyView"),
new OID("1.3.6.1.4"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("testReadView"),
new OID("1.3.6.1.2"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("testReadView"),
new OID("1.3.6.1.2.1.1"),
new OctetString(), VacmMIB.vacmViewExcluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("testWriteView"),
new OID("1.3.6.1.2.1"),
new OctetString(),
VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("testNotifyView"),
new OID("1.3.6.1.2"),
new OctetString(), VacmMIB.vacmViewIncluded,
StorageType.nonVolatile);
}
thanks,
Pradip
On Sat, Sep 19, 2009 at 4:32 PM, Frank Fock <fock at agentpp.com> wrote:
> Hi Pradip,
>
> It might be that I do not fully understand your question,
> but anyway I try to respond it:
> The String "restrictedView" does not have any meaning
> other than a reference to the view with the same name.
> Check the configuration of that view and you will know
> why the response matches or does not match the view.
>
> Best regards,
> Frank
>
> pradip de wrote:
>
>> Hi,
>> In my Agent adaptation of TestAgen, when I use SnmpV3, I only see the
>> packet
>> sent out on the wire if I give fullViews in vacm.addAccess. Is that how it
>> should be? Then, what does restrictedView mean? I would appreciate if
>> someone clarifies this doubt of mine.
>>
>> vacm.addAccess(new OctetString("v3restricted"), new OctetString(),
>> SecurityModel.SECURITY_MODEL_USM,
>> SecurityLevel.AUTH_NOPRIV, VacmMIB.vacmExactMatch,
>> new OctetString("fullReadView"),
>> new OctetString("fullWriteView"),
>> new OctetString("fullNotifyView"),
>>
>> Thanks,
>> Pradip
>> _______________________________________________
>> SNMP4J mailing list
>> SNMP4J at agentpp.org
>> http://lists.agentpp.org/mailman/listinfo/snmp4j
>>
>
> --
> AGENT++
> http://www.agentpp.com
> http://www.snmp4j.com
> http://www.mibexplorer.com
> http://www.mibdesigner.com
>
>
More information about the SNMP4J
mailing list