[SNMP4J] TCP Socket in SYN_RECV when sending V3 traps
Frank Fock
fock at agentpp.com
Tue Jun 20 19:05:55 CEST 2017
Hi Neeraj,
As I wrote before, you first have to understand the engine ID concept.
Otherwise, you will not get it running (unless by accident).
For INFORM you have to specify the engine ID of the NET-SNMP target engine as authoritative engine ID.
You first have to discover it or let SNMP4J discover it.
Best regards,
Frank
> On 19. Jun 2017, at 04:37, Neeraj Vaidya <neeraj.vaidya at yahoo.co.in> wrote:
>
> Thanks Frank. So how do I get the authoritativeEngineId at runtime ?
>
> The remote snmptrap collector has provided me with a user id of myuser and engine id of 0102030405. This is via an email correspondence which I had with the administrators of the remote system.
>
> When I use the SnmpRequest tool bundled as part of snmp4j, which engineId parameters do I need to set when sending an INFORM ?
> -l , -e , -E ?
>
> I tried setting just the -e flag with 0102030405 on the command line of this tool and still at the receiving end i.e. in the logs of the net-snmp trap collector I see a message of "no match on engineID (80 00 88 .....)"
> Basically, the snmptrapd collector is not using 0102030405 for USM engine ID matching purposes.
>
> If I were to send just a coldStart trap with the SnmpRequest tool bundled in snmp4j distribution, what command line do I need to use ?
> My engine ID which I can successfully specify as the authoritativeEngineId via -e flag is 0102030405, when using the snmptrap utility.
> I was of the opinion that the same -e flag can be used in SnmpRequest utility as well.
>
> Regards,
> Neeraj
>
> --------------------------------------------
> On Mon, 19/6/17, Frank Fock <fock at agentpp.com> wrote:
>
> Subject: Re: [SNMP4J] TCP Socket in SYN_RECV when sending V3 traps
> To: "Neeraj Vaidya" <neeraj.vaidya at yahoo.co.in>
> Cc: snmp4j at agentpp.org
> Date: Monday, 19 June, 2017, 8:31 AM
>
> Hi Neeraj,
>
> Please make sure, that you have understand the
> engine ID and context
> engine ID terms and
> usages.
> It seems that you mix up things.
> Your example below cannot work for
> INFORM
> PDUs, because
> you need to specify the
> authoritative engine ID as context engine ID
> then. This is the
> INFORM
> *receivers* engine ID.
> Instead, you use the
> senders engine ID. The receiver should drop/ignore
> such an INFORM message with
> unknownPduHandles counter increased.
>
> Best regards,
> Frank
>
> Am
> 16.06.2017 um 22:41 schrieb Neeraj Vaidya:
>> Hi Frank,
>> Coming back
> to this conversation as I have been away from this task due
> to other project commitments.
>> In the
> example below, I have also noticed that if I change the PDU
> type to INFORM, the receiving snmptrap collector (which is
> net-snmp snmptrapd) fails to match the engine id. It picks
> up something totally different from what I am setting
> below.
>> Is there some other place where
> I need to set the engineId ?
>>
>> Regards,
>> Neeraj
>>
>> Sent from my
> iPhone
>>
>> On 24 May
> 2017, at 16:44, Frank Fock <fock at agentpp.com>
> wrote:
>>
>>>>
> ------------------------------------------------ Code Start
> ------------------------------------------------
>>>>
>>>>
> Address address =
> GenericAddress.parse("tcp:rhelhost1/1163");
>>>>
>>>>
> try {
>>>>
> TransportMapping transportMapping = new
> DefaultTcpTransportMapping();
>>>>
> transportMapping.listen();
>>>>
>>>> Snmp snmp = new
> Snmp(transportMapping);
>>>>
>>>> USM usm = new
> USM(SecurityProtocols.getInstance(),
>>>>
> new
> OctetString(MPv3.createLocalEngineID()), 0);
>>>>
>>>>
> SecurityModels.getInstance().addSecurityModel(usm);
>>>>
>>>>
> //snmp.listen(); ----> Do I need to use this
> invocation ??
>>>>
>>>> byte[] b = (new
> BigInteger("0102030405",16)).toByteArray();
>>>>
>>>>
> snmp.getUSM().addUser(new
> OctetString("snmp4j"),
>>>> new
> UsmUser(new OctetString("snmp4j"), AuthMD5.ID, new
> OctetString("snmp4j"), PrivDES.ID, new
> OctetString("snmp4j")));
>>>>
>>>> UserTarget
> target = new UserTarget();
>>>>
>
>>>>
> target.setAddress(address);
>>>>
> target.setRetries(1);
>>>>
> target.setTimeout(5000);
>>>>
> target.setVersion(SnmpConstants.version3);
>>>>
> target.setSecurityLevel(SecurityLevel.AUTH_NOPRIV);
>>>>
> target.setSecurityName(new
> OctetString("snmp4j"));
>>>>
>>>> // create the
> PDU
>>>> ScopedPDU
> pdu = new ScopedPDU();
>>>>
> long sysUpTime =
> Instant.now().getEpochSecond();
>>>> //pdu.add(new
> VariableBinding(SnmpConstants.sysUpTime),new OctetString(new
> Date().toString()));
>>>>
> pdu.setType(ScopedPDU.TRAP);
>>>> pdu.add(new
> VariableBinding(SnmpConstants.sysUpTime, new
> TimeTicks(sysUpTime)));
>>>>
> pdu.add(new
> VariableBinding(SnmpConstants.snmpTrapOID,
> SnmpConstants.linkUp));
>>>>
> pdu.setContextEngineID(new
> OctetString().fromByteArray(b));
>>>>
> snmp.setLocalEngine(b, 0, 0);
>>>>
> // send the PDU
>>>>
>>>> ResponseEvent
> response = null;
>>>>
>>>> response =
> snmp.send(pdu, target);
>>>>
>>>>
> Thread.sleep(10); // This Sleep somehow allows the entire
> TCP 3-way handshake to occur without terminating the
> program
>>>>
>>>> snmp.close();
>>>>
>>>>
> } catch (IOException e) {
>>>>
> e.printStackTrace();
>>>>
> } catch (InterruptedException e) {
>>>>
> e.printStackTrace();
>>>>
> }
>>>>
> ------------------------------------------------ Code End
> -----------------------------------------------
>
> --
> ---
> AGENT++
> Maximilian-Kolbe-Str.
> 10
> 73257 Koengen, Germany
> https://agentpp.com
> Phone: +49 7024 8688230
> Fax:
> +49 7024 8688231
>
>
More information about the SNMP4J
mailing list