[SNMP4J] problem sending V3 Traps/Informs so they can be receivedby snmptrapd

John Marcolla JMarcolla at netcentricinc.com
Tue May 15 16:09:33 CEST 2012 

Is there any information available that I can use to debug this ?
Thanks
John

-----Original Message-----
From: snmp4j-bounces at agentpp.org [mailto:snmp4j-bounces at agentpp.org] On
Behalf Of John Marcolla
Sent: Friday, May 04, 2012 4:40 PM
To: snmp4j at agentpp.org
Cc: John Marcolla
Subject: [SNMP4J] problem sending V3 Traps/Informs so they can be
receivedby snmptrapd

I have been working on an application which requires messages to be sent
to NMS GUIs using SNMP Version 3 TRAP/INFORMs.  I have been having
problems getting the application to work the same as the existing
netsnmp command line tools.  I have gotten both authenticated and
non-authenticated messaging to work using the command line tools.  I am
not able to get either to work using snmp4J API.  I am sure there is
additional logic in either the tool or API which makes the results
differ.  I would greatly appreciate some expertise to quickly look over
what I have built - sure that the problem is obvious to an expert !  I
have included snippets of both solutions, the resulting exception stack
and dump of vital objects all included below.

 

Here is an authenticated  INFORM/TRAP working example using snmptrap (
to send), and snmptrapd ( to receive ) - INFORM excludes red text; TRAP
includes red text.  I believe that the only configuration being used is
in the file I have specified:

 

snmptrapd -d -Lf /tmp/snmp.out -Os -f -C -c <file name>

 

   where <file name>is :

      createUser -e 0x8000000001022434 collector MD5 authpass DES
privpass

      authuser log collector

 

snmptrap  -Ci -e 0x8000000001022434  -v 3  -u collector  -a MD5  -x DES
-A authpass  -X privpass  -l authPriv  -r 3  -t 2  <ipaddress>  0
1.1.1.44  1.1.1.44.1  s  "it works"

 

 

Here is the attempt to simulate the above for both TRAP/INFORM using
snmp4J ( Trap requires red text below ):

 

try

      {

       TransportMapping transport = new DefaultUdpTransportMapping();

       Snmp snmp = new Snmp(transport);

 

        // assumes localEngineID is ok to create; bootCount = 0;

        byte[] localEngineID =

 
((MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3)).crea
teLocalEngineID();

        USM usm = new USM(SecurityProtocols.getInstance(),

                          new OctetString(localEngineID), 0);

        SecurityModels.getInstance().addSecurityModel(usm);

 

        snmp.getUSM().addUser ( secOctetString,   // "collector"

                               new UsmUser (secOctetString,   //
"collector"

                                            authID, // AuthMD5.ID

                                            authOctetString, //
"authpass"

                                            privID, //  PrivDES.ID

                                            privOctetString )); //
"privpass"

 

        this.target = new UserTarget();

        this.target.setAddress(udpAddress);              //
<ipaddress/162>

        this.target.setRetries(this.numRetries);       // 2

        this.target.setTimeout(this.timeout);           // 1000

        this.target.setVersion(SnmpConstants.version3);

        this.target.setSecurityLevel(securityLevel);
//SecurityLevel.AUTH_PRIV

        this.target.setSecurityName(secOctetString);   // "collector"

 

        this.snmp.listen();

 

        ScopedPDU pdu = new ScopedPDU();

        

        pdu.setType(PDU.INFORM/TRAP);

        pdu.add( new VariableBinding( SnmpConstants.sysUpTime, new
TimeTicks( 0 ) ) );

        pdu.add( new VariableBinding( SnmpConstants.snmpTrapOID, new
OctetString (this.mib) ) );

 

       // fill in remainder of the data here

 

        ResponseEvent response = snmp.send(pdu, this.target);

 

TRAP/INFORM - reply:  

org.snmp4j.MessageException: Message processing model 3 returned error:
Encryption error

        at
org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:494)

        at org.snmp4j.Snmp.sendMessage(Snmp.java:1005)

        at org.snmp4j.Snmp.send(Snmp.java:885)

        at org.snmp4j.Snmp.send(Snmp.java:878)

        at org.snmp4j.Snmp.send(Snmp.java:843)

        at EMSAdminSnmp4J.sendMsgToAdmin(EMSAdminSnmp4J.java:285)

        at
EMSMessageCollector$EMSMessageSender.run(EMSMessageCollector.java:38)

        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.jav
a:1110)

        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.ja
va:603)

        at java.lang.Thread.run(Thread.java:636)

 

Here is the debug information to show above objects: 

 

USM User:
UsmUserEntry[userName=collector,usmUser=UsmUser[secName=collector,authPr
otocol=1.3.6.1.6.3.10.1.1.2,authPassphrase=authpass,privProtocol=1.3.6.1
.6.3.10.1.2.2,privPassphrase=privpass,localizationEngineID=null]]

 

TARGET: 

UserTarget[address=<ipaddress>/162,version=3,timeout=2000,retries=2,secu
rityLevel=3,securityModel=3,securityName=collector,preferredTransports=n
ull,authoritativeEngineID=]

 

PDU:

INFORM/TRAP[reqestID=0, errorStatus=0, errorIndex=0,
VBS[1.3.6.1.2.1.1.3.0 = 0:00:00.00; 1.3.6.1.6.3.1.1.4.1.0 = 1.1.1.44;
1.1.1.44.1 = JMTest1; 1.1.1.44.2 = will found ; 1.1.1.44.3 = LogWatcher;
1.1.1.44.4 = /home/jmarcolla/test.app.log1; 1.1.1.44.5 = 1336163302;
1.1.1.44.7 = 0; 1.1.1.44.8 = 24; 1.1.1.44.6 = 3]]

 

I am curious what I need to do to match the results of the command line
snmptrap above.  Are there other configs/setting that I am not aware of
which will affect this as well ?

Specifically - why does this not properly encrypt ?

 

Thanks - looking forward to some expertise on this.

Have a great weekend.

John

 

 

_______________________________________________
SNMP4J mailing list
SNMP4J at agentpp.org
http://lists.agentpp.org/mailman/listinfo/snmp4j

More information about the SNMP4J mailing list