[SNMP4J] SET access to created managed objects
Frank Fock
fock at agentpp.com
Tue Apr 2 21:50:01 CEST 2013
Hi Marek,
You have to setup the VACM properly in order to allow access
to the OID/subtree you are requesting. The default VACM configuration
does not include the "experimental" sub-tree IMHO.
The log output gives you more detailed hints.
Best regards,
Frank
Am 02.04.2013 11:13, schrieb Marek Hajduczenia:
> Dear colleagues,
>
>
>
> I create a very simple scalar in my agent:
>
>
>
> OID oidTest = new OID("1.3.6.1.3.22.1.5.0");
>
> MOScalar sysScalarTest = new MOScalar(oidTest,
> MOAccessImpl.ACCESS_READ_WRITE, new Integer32(15));
>
> server.registerManagedObject(sysScalarTest);
>
>
>
> and then would like to change its value remotely using the MIB browser. What
> I get back on the debug in Eclipse is the "Error 'Authorization error'
> generated at: 1.3.6.1.3.22.1.5.0 = 123" preceded by debug information about
> the message exchange and status exchange between agent and MIB browser.
> Everything seems fine, i.e., "private" community is found, request with the
> private scope was created and proper object was found. However, when time to
> change came around, no change was done.
>
>
>
> ===========================================================
>
>
>
> 20353 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.transport.DefaultUdpTransportMapping - Received message from
> localhost/127.0.0.1/56019 with length 45:
> 30:2b:02:01:01:04:07:70:72:69:76:61:74:65:a3:1d:02:04:5a:ad:24:55:02:01:00:0
> 2:01:00:30:0f:30:0d:06:08:2b:06:01:03:16:01:05:00:02:01:7b
>
> 20354 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG org.snmp4j.Snmp -
> Fire process PDU event: CommandResponderEvent[securityModel=2,
> securityLevel=1, maxSizeResponsePDU=65535, pduHandle=PduHandle[1521296469],
> stateReference=StateReference[msgID=0,pduHandle=PduHandle[1521296469],securi
> tyEngineID=null,securityModel=null,securityName=private,securityLevel=1,cont
> extEngineID=null,contextName=null,retryMsgIDs=null],
> pdu=SET[requestID=1521296469, errorStatus=Success(0), errorIndex=0,
> VBS[1.3.6.1.3.22.1.5.0 = 123]], messageProcessingModel=1,
> securityName=private, processed=false, peerAddress=127.0.0.1/56019,
> transportMapping=org.snmp4j.transport.DefaultUdpTransportMapping at 36c8e545,
> tmStateReference=null]
>
> 20354 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Looking up coexistence info for
> 'private'
>
> 20355 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Found coexistence info for
> 'private'=CoexistenceInfo[securityName=cprivate,contextEngineID=80:00:13:70:
> 01:c0:a8:01:04,contextName=private,transportTag=]
>
> 20356 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.agent.mo.snmp.SnmpCommunityMIB - Address 127.0.0.1/56019 passes
> filter, because source address filtering is disabled
>
> 20356 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.agent.request.SnmpRequest - Created subrequest 0 with scope
> org.snmp4j.agent.DefaultMOContextScope[context=private,lowerBound=1.3.6.1.3.
> 22.1.5.0,lowerIncluded=true,upperBound=1.3.6.1.3.22.1.5.0,upperIncluded=true
> ] from 1.3.6.1.3.22.1.5.0 = 123
>
> 20356 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.agent.request.SnmpRequest - SnmpSubRequests initialized:
> [org.snmp4j.agent.request.SnmpRequest$SnmpSubRequest[scope=org.snmp4j.agent.
> DefaultMOContextScope[context=private,lowerBound=1.3.6.1.3.22.1.5.0,lowerInc
> luded=true,upperBound=1.3.6.1.3.22.1.5.0,upperIncluded=true],vb=1.3.6.1.3.22
> .1.5.0 =
> 123,status=org.snmp4j.agent.request.RequestStatus at 6ceac619,query=null,index=
> 0,targetMO=null]]
>
> 20358 [DefaultUDPTransportMapping_127.0.0.1/2001] DEBUG
> org.snmp4j.transport.DefaultUdpTransportMapping - Sending message to
> 127.0.0.1/56019 with length 45:
> 30:2b:02:01:01:04:07:70:72:69:76:61:74:65:a2:1d:02:04:5a:ad:24:55:02:01:10:0
> 2:01:01:30:0f:30:0d:06:08:2b:06:01:03:16:01:05:00:02:01:7b
>
> java.lang.Exception: Error 'Authorization error' generated at:
> 1.3.6.1.3.22.1.5.0 = 123
>
> at
> org.snmp4j.agent.request.SnmpRequest$SnmpSubRequest.requestStatusChanged(Snm
> pRequest.java:617)
>
> at
> org.snmp4j.agent.request.RequestStatus.fireRequestStatusChanged(RequestStatu
> s.java:89)
>
> at
> org.snmp4j.agent.request.RequestStatus.setErrorStatus(RequestStatus.java:52)
>
> at
> org.snmp4j.agent.CommandProcessor.setAuthorizationError(CommandProcessor.jav
> a:499)
>
> at
> org.snmp4j.agent.CommandProcessor.processRequest(CommandProcessor.java:378)
>
> at
> org.snmp4j.agent.CommandProcessor.dispatchCommand(CommandProcessor.java:339)
>
> at
> org.snmp4j.agent.CommandProcessor$Command.run(CommandProcessor.java:559)
>
> at
> org.snmp4j.agent.CommandProcessor.processPdu(CommandProcessor.java:162)
>
> at
> org.snmp4j.MessageDispatcherImpl.fireProcessPdu(MessageDispatcherImpl.java:6
> 64)
>
> at
> org.snmp4j.MessageDispatcherImpl.dispatchMessage(MessageDispatcherImpl.java:
> 297)
>
> at
> org.snmp4j.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:3
> 68)
>
> at
> org.snmp4j.MessageDispatcherImpl.processMessage(MessageDispatcherImpl.java:3
> 28)
>
> at
> org.snmp4j.transport.AbstractTransportMapping.fireProcessMessage(AbstractTra
> nsportMapping.java:76)
>
> at
> org.snmp4j.transport.DefaultUdpTransportMapping$ListenThread.run(DefaultUdpT
> ransportMapping.java:378)
>
> at java.lang.Thread.run(Unknown Source)
>
>
>
> ===========================================================
>
>
>
> Definition of the "public" and "private" communities are as follows:
>
>
>
> protected void addCommunities(SnmpCommunityMIB communityMIB)
>
>
> {
>
> Variable[] com2sec1 = new Variable[]
>
> {
>
> new OctetString("public"),
>
> new OctetString("cpublic"),
> // security name
>
>
> getAgent().getContextEngineID(), // local engine ID
>
> new OctetString("public"),
> // default context name
>
> new OctetString(), //
> transport tag
>
> new
> Integer32(StorageType.nonVolatile), // storage type
>
> new
> Integer32(RowStatus.active) // row status
>
> };
>
>
>
> Variable[] com2sec2 = new Variable[]
>
> {
>
> new OctetString("private"),
>
> new OctetString("cprivate"),
> // security name
>
>
> getAgent().getContextEngineID(), // local engine ID
>
> new OctetString("private"),
> // default context name
>
> new OctetString(), //
> transport tag
>
> new
> Integer32(StorageType.nonVolatile), // storage type
>
> new
> Integer32(RowStatus.active) // row status
>
> };
>
>
>
> MOTableRow row2 =
> communityMIB.getSnmpCommunityEntry().createRow(new
> OctetString("private").toSubIndex(true), com2sec2);
>
> MOTableRow row1 =
> communityMIB.getSnmpCommunityEntry().createRow(new
> OctetString("public").toSubIndex(true), com2sec1);
>
>
> communityMIB.getSnmpCommunityEntry().addRow(row2);
>
>
> communityMIB.getSnmpCommunityEntry().addRow(row1);
>
>
>
> }
>
>
>
> and
>
>
>
> /**
>
> * Adds initial VACM configuration.
>
> */
>
> @Override
>
> protected void addViews(VacmMIB vacm)
>
> {
>
>
> vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c, new
> OctetString("cpublic"), new OctetString("v1v2group"),
> StorageType.nonVolatile);
>
>
> vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c, new
> OctetString("cprivate"), new OctetString("v1v2group"),
> StorageType.nonVolatile);
>
>
>
> vacm.addAccess(new OctetString("v1v2group"),
> new OctetString("public"), SecurityModel.SECURITY_MODEL_ANY,
> SecurityLevel.NOAUTH_NOPRIV, MutableVACM.VACM_MATCH_EXACT, new
> OctetString("fullReadView"), new OctetString("fullWriteView"), new
> OctetString("fullNotifyView"), StorageType.nonVolatile);
>
> vacm.addAccess(new OctetString("v1v2group"),
> new OctetString("private"), SecurityModel.SECURITY_MODEL_SNMPv2c,
> SecurityLevel.NOAUTH_NOPRIV, MutableVACM.VACM_MATCH_EXACT, new
> OctetString("fullReadView"), new OctetString("fullWriteView"), new
> OctetString("fullNotifyView"), StorageType.nonVolatile);
>
>
>
> // vacm.addViewTreeFamily(new
> OctetString("fullReadView"), new OID("1.3"), new OctetString(),
> VacmMIB.vacmViewIncluded, StorageType.nonVolatile);
>
> vacm.addViewTreeFamily(new
> OctetString("fullWriteView"), new OID("1.3.6.1.3.22.2.10"), new
> OctetString(), VacmMIB.vacmViewIncluded, StorageType.nonVolatile);
>
> }
>
>
>
> I think all the areas where changes were needed, were added. The only
> suspicion that I have is that the default context for all newly created
> objects may be set to "public" rather than "private" and I have no clue
> right now where to change it and how to do it.
>
>
>
> Any suggestions / hints?
>
>
>
> Thank you in advance
>
>
>
> Marek
>
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/snmp4j
--
---
AGENT++
Maximilian-Kolbe-Str. 10
73257 Koengen, Germany
https://agentpp.com
Phone: +49 7024 8688230
Fax: +49 7024 8688231
More information about the SNMP4J
mailing list