[SNMP4J] SNMP4J V3 Traps with specified Engine ID
Frank Fock
fock at agentpp.com
Wed Jan 7 00:31:26 CET 2015
Hi Imene,
Your understanding of SNMPv3 trap sending is not correct.
SNMPv3 notifications (traps) are sent from a command responder
entity and are therefore authoritative. That means, the sender
(which is the command responder entity) uses its own security
engine ID within the notification PDU.
The receiver (= command generator) then uses the security engine
ID provided in the notification PDU to authentication/decrypt the
notification.
Therefore your setup should work already, except that you have not
set the context name of the ScopedPDU object yet.
Best regards
Frank
> On 06 Jan 2015, at 21:26, Boussour, Imene (6076618) <imene.boussour at bell.ca> wrote:
>
> Hello List,
>
> I am trying to send SNMP V3 Traps to a remote server (using a Trap monitor software on windows) from my Java application, I use SNMP4j stack API.
> My questions is around the engine ID, on the Trap receiver application we need to create an SNMP V3 account with, username, auth protocol... but also a Context Name.
> On the SNMP4j side, there is multiple areas where we can define of set the engineID:
> 1 - USM usm = new USM(SecurityProtocols.getInstance().addDefaultProtocols(), new OctetString(MPv3.createLocalEngineID()), 0);
> 2- snmp.getUSM().addUser(mSecurityName, OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"), new UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol, mPrivPassphrase));
> 3- UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol, mPrivPassphrase), OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"));
> 4- pdu.setContextEngineID(OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"));
>
> For context Name , I only found this:
> pdu.setContextName(new OctetString("contextName"));
>
>
> The SNMP4J createlocalEngineId method creates a random number, Can this work?
> My understanding of SNMP trap V3, is that the Engine ID should match on the sender and receiver. So, when we specify a custom engine ID on SNMP4J, which one should we use?
>
> And here is the Code I am using to send Traps:
>
> // ltargetAddress represents the host and port we plan to communicate with
> // in the format: host/port
> Address ltargetAddress = GenericAddress.parse (mTransportType + ":" + mRemoteAddress + "/" + mRemotePort);
>
> TransportMapping<?> transport;
> if (ltargetAddress instanceof UdpAddress) {
> transport = new DefaultUdpTransportMapping();
> } else {
> transport = new DefaultTcpTransportMapping();
> }
>
> //Create SNMP Session
> Snmp snmp = new Snmp(transport);
>
> USM usm = new USM(SecurityProtocols.getInstance()
> .addDefaultProtocols(), new OctetString(
> MPv3.createLocalEngineID()), 0);
>
> SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES192());
>
> SecurityModels.getInstance().addSecurityModel(usm);
>
> //transport.listen();
>
> //Setting the security protocols
> snmp.getUSM().addUser(
> mSecurityName,
> new UsmUser(mSecurityName, mAuthProtocol,
> mAuthPassphrase, mPrivProtocol,
> mPrivPassphrase));
>
>
> // Create Target
> UserTarget target = new UserTarget();
> target.setAddress(ltargetAddress);
> target.setRetries(1);
> target.setTimeout(11500);
> target.setVersion(SnmpConstants.version3);
> target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
> target.setSecurityName(mSecurityName);
>
> // Create PDU for V3
> ScopedPDU pdu = new ScopedPDU();
> pdu.setType(ScopedPDU.TRAP);
>
> // Adding OIDs
> pdu.add(new VariableBinding(SnmpConstants.sysUpTime,
> new OctetString(new Date().toString())));
>
> pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
> SnmpConstants.linkDown));
>
> pdu.add(new VariableBinding(new OID(mOID), new OctetString(pMessage)));
>
> pdu.add(new VariableBinding(SnmpConstants.snmpTrapAddress,
>
> new IpAddress(mRemoteAddress)));
>
> //Send the PDU
> snmp.listen();
> snmp.send(pdu, target);
> snmp.close();
>
> Thanks,
> Imene
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> https://oosnmp.net/mailman/listinfo/snmp4j
More information about the SNMP4J
mailing list