[SNMP4J] problem sending V3 Traps/Informs so they can be receivedby snmptrapd
John Marcolla
JMarcolla at netcentricinc.com
Tue May 15 16:09:33 CEST 2012
Is there any information available that I can use to debug this ?
Thanks
John
-----Original Message-----
From: snmp4j-bounces at agentpp.org [mailto:snmp4j-bounces at agentpp.org] On
Behalf Of John Marcolla
Sent: Friday, May 04, 2012 4:40 PM
To: snmp4j at agentpp.org
Cc: John Marcolla
Subject: [SNMP4J] problem sending V3 Traps/Informs so they can be
receivedby snmptrapd
I have been working on an application which requires messages to be sent
to NMS GUIs using SNMP Version 3 TRAP/INFORMs. I have been having
problems getting the application to work the same as the existing
netsnmp command line tools. I have gotten both authenticated and
non-authenticated messaging to work using the command line tools. I am
not able to get either to work using snmp4J API. I am sure there is
additional logic in either the tool or API which makes the results
differ. I would greatly appreciate some expertise to quickly look over
what I have built - sure that the problem is obvious to an expert ! I
have included snippets of both solutions, the resulting exception stack
and dump of vital objects all included below.
Here is an authenticated INFORM/TRAP working example using snmptrap (
to send), and snmptrapd ( to receive ) - INFORM excludes red text; TRAP
includes red text. I believe that the only configuration being used is
in the file I have specified:
snmptrapd -d -Lf /tmp/snmp.out -Os -f -C -c <file name>
where <file name>is :
createUser -e 0x8000000001022434 collector MD5 authpass DES
privpass
authuser log collector
snmptrap -Ci -e 0x8000000001022434 -v 3 -u collector -a MD5 -x DES
-A authpass -X privpass -l authPriv -r 3 -t 2 <ipaddress> 0
1.1.1.44 1.1.1.44.1 s "it works"
Here is the attempt to simulate the above for both TRAP/INFORM using
snmp4J ( Trap requires red text below ):
try
{
TransportMapping transport = new DefaultUdpTransportMapping();
Snmp snmp = new Snmp(transport);
// assumes localEngineID is ok to create; bootCount = 0;
byte[] localEngineID =
((MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3)).crea
teLocalEngineID();
USM usm = new USM(SecurityProtocols.getInstance(),
new OctetString(localEngineID), 0);
SecurityModels.getInstance().addSecurityModel(usm);
snmp.getUSM().addUser ( secOctetString, // "collector"
new UsmUser (secOctetString, //
"collector"
authID, // AuthMD5.ID
authOctetString, //
"authpass"
privID, // PrivDES.ID
privOctetString )); //
"privpass"
this.target = new UserTarget();
this.target.setAddress(udpAddress); //
<ipaddress/162>
this.target.setRetries(this.numRetries); // 2
this.target.setTimeout(this.timeout); // 1000
this.target.setVersion(SnmpConstants.version3);
this.target.setSecurityLevel(securityLevel);
//SecurityLevel.AUTH_PRIV
this.target.setSecurityName(secOctetString); // "collector"
this.snmp.listen();
ScopedPDU pdu = new ScopedPDU();
pdu.setType(PDU.INFORM/TRAP);
pdu.add( new VariableBinding( SnmpConstants.sysUpTime, new
TimeTicks( 0 ) ) );
pdu.add( new VariableBinding( SnmpConstants.snmpTrapOID, new
OctetString (this.mib) ) );
// fill in remainder of the data here
ResponseEvent response = snmp.send(pdu, this.target);
TRAP/INFORM - reply:
org.snmp4j.MessageException: Message processing model 3 returned error:
Encryption error
at
org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:494)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1005)
at org.snmp4j.Snmp.send(Snmp.java:885)
at org.snmp4j.Snmp.send(Snmp.java:878)
at org.snmp4j.Snmp.send(Snmp.java:843)
at EMSAdminSnmp4J.sendMsgToAdmin(EMSAdminSnmp4J.java:285)
at
EMSMessageCollector$EMSMessageSender.run(EMSMessageCollector.java:38)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.jav
a:1110)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
va:603)
at java.lang.Thread.run(Thread.java:636)
Here is the debug information to show above objects:
USM User:
UsmUserEntry[userName=collector,usmUser=UsmUser[secName=collector,authPr
otocol=1.3.6.1.6.3.10.1.1.2,authPassphrase=authpass,privProtocol=1.3.6.1
.6.3.10.1.2.2,privPassphrase=privpass,localizationEngineID=null]]
TARGET:
UserTarget[address=<ipaddress>/162,version=3,timeout=2000,retries=2,secu
rityLevel=3,securityModel=3,securityName=collector,preferredTransports=n
ull,authoritativeEngineID=]
PDU:
INFORM/TRAP[reqestID=0, errorStatus=0, errorIndex=0,
VBS[1.3.6.1.2.1.1.3.0 = 0:00:00.00; 1.3.6.1.6.3.1.1.4.1.0 = 1.1.1.44;
1.1.1.44.1 = JMTest1; 1.1.1.44.2 = will found ; 1.1.1.44.3 = LogWatcher;
1.1.1.44.4 = /home/jmarcolla/test.app.log1; 1.1.1.44.5 = 1336163302;
1.1.1.44.7 = 0; 1.1.1.44.8 = 24; 1.1.1.44.6 = 3]]
I am curious what I need to do to match the results of the command line
snmptrap above. Are there other configs/setting that I am not aware of
which will affect this as well ?
Specifically - why does this not properly encrypt ?
Thanks - looking forward to some expertise on this.
Have a great weekend.
John
_______________________________________________
SNMP4J mailing list
SNMP4J at agentpp.org
http://lists.agentpp.org/mailman/listinfo/snmp4j
More information about the SNMP4J
mailing list