Archive

Archive for November, 2008

snmp学习笔记之三--开发netsnmp Agent

November 27th, 2008 No comments

1.mib 库文件 BVCOM-SYSTEMUPTIME-MIB.txt:

BVCOM-SYSTEMUPTIME-MIB DEFINITIONS ::= BEGIN

IMPORTS
    TimeTicks   FROM SNMPv2-SMI
    enterprises      FROM SNMPv2-SMI
    OBJECT-TYPE, Integer32, MODULE-IDENTITY      FROM SNMPv2-SMI;

bvcom    OBJECT IDENTIFIER ::= { enterprises 26814 }

ipq6800    OBJECT IDENTIFIER ::= { bvcom 6800 }

bvcomAgentModules   OBJECT IDENTIFIER ::= { ipq6800 1 }

bvcomAgentModuleObject OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
    "This is an object that simply supports a writable integer
     when compiled into the agent.  See
     http://www.net-snmp.org/tutorial-5/toolkit/XXX for further
     implementation details."
    DEFVAL { 1 }
    ::= { bvcomAgentModules 1 }

bvcomAgentSubagentObject OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
    "This is an object that simply supports a writable integer
     when attached to the agent.  The object should be accessible
     when the agentx subagent containing this object is attached.
     See http://www.net-snmp.org/tutorial-5/toolkit/XXX for
     further implementation details."
    DEFVAL { 2 }
    ::= { bvcomAgentModules 2 }

bvcomAgentPluginObject OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
    "This is an object that simply supports a writable integer
     when attached to the agent.  This object should be accessible
     when the dynamic plugin has been loaded into the agent.  See
     http://www.net-snmp.org/tutorial-5/toolkit/XXX for further
     implementation details."
    DEFVAL { 3 }
    ::= { bvcomAgentModules 3 }

END
PS: 如果找不到mib库可以在/etc/profile文件中增加SNMPCONFPATH环境变量


export SNMPCONFPATH=/usr/local/share/snmp/


export MIBS=ALL

2.复制mib库文件到/usr/local/share/snmp/mibs/:

sudo cp BVCOM-SYSTEMUPTIME-MIB.txt /usr/local/share/snmp/mibs/

3.加载mib库:

cat /usr/local/share/snmp/snmp.conf
mibs +BVCOM-SYSTEMUPTIME-MIB

4.检查mib是否正常加载:

border@debian:/work/border/snmp/example-demon$ snmptranslate -IR -Tp bvcom
+--bvcom(26814)
   |
   +--ipq6800(6800)
      |
      +--bvcomAgentModules(1)
         |
         +-- -RW- Integer32 bvcomAgentModuleObject(1)
         +-- -RW- Integer32 bvcomAgentSubagentObject(2)
         +-- -RW- Integer32 bvcomAgentPluginObject(3)

5.查看mib2c支持的模板:

border@debian:/work/border/snmp/example-demon$ ls /usr/local/share/snmp/
mib2c.access_functions.conf    mib2c.create-dataset.conf  mib2c.scalar.conf
mib2c.array-user.conf          mib2c-data                 mib2c.table_data.conf
mib2c.check_values.conf        mib2c.genhtml.conf         mibs
mib2c.check_values_local.conf  mib2c.int_watch.conf       snmp.conf
mib2c.column_defines.conf      mib2c.iterate_access.conf  snmp.conf~
mib2c.column_enums.conf        mib2c.iterate.conf         snmpconf-data
mib2c.column_storage.conf      mib2c.mfd.conf             snmpd.conf
mib2c.conf                     mib2c.notify.conf          snmp_perl.pl
mib2c.container.conf           mib2c.old-api.conf         snmp_perl_trapd.pl

6.通过模板生成.c 和 .h 文件:

border@debian:/work/border/snmp/example-demon$ mib2c -c mib2c.int_watch.conf bvcomAgentModules
writing to -
*** Warning: only generating code for nodes of MIB type INTEGER
writing to bvcomAgentModules.h
writing to bvcomAgentModules.c
running indent on bvcomAgentModules.c
running indent on bvcomAgentModules.h

7.通过 snmp_agent_api 编写守护程序 example-demon.c:

#include <net-snmp/net-snmp-config.h>
#include <net-snmp/net-snmp-includes.h>
#include <net-snmp/agent/net-snmp-agent-includes.h>
#include <signal.h>
#include "bvcomAgentModules.h"

static int keep_running;

RETSIGTYPE
stop_server(int a) {
    keep_running = 0;
}

int
main (int argc, char **argv) {

    int agentx_subagent=0; /* change this if you want to be a SNMP master agent */
    int background = 0; /* change this if you want to run in the background */
    int syslog = 0; /* change this if you want to use syslog */

    /* print log errors to syslog or stderr */

    if (syslog)
        snmp_enable_calllog();
    else
        snmp_enable_stderrlog();

    /* we're an agentx subagent? */
    if (agentx_subagent) {
        /* make us a agentx client. */
        netsnmp_ds_set_boolean(NETSNMP_DS_APPLICATION_ID, NETSNMP_DS_AGENT_ROLE, 1);
    }

    /* run in background, if requested */
    if (background && netsnmp_daemonize(1, !syslog))
        exit(1);

    /* Initialize tcpip, if necessary */
    SOCK_STARTUP;

    /* Initialize the agent library */
    init_agent("example-demon"); // 配置文件名

    /* Initialize our mib code here */
    printf("Before init bvcomAgentModules \n");

    init_bvcomAgentModules(); // 加载节点信息

    printf("End init bvcomAgentModules \n");

    /* initialize vacm/usm access control  */
    if (!agentx_subagent) {
        void  init_vacm_vars();
        void  init_usmUser();
    }

    /* Example-demon will be used to read example-demon.conf files. */
    init_snmp("example-demon");

    /* If we're going to be a snmp master agent, initial the ports */
    if (!agentx_subagent)
        init_master_agent();  /* open the port to listen on (defaults to udp:161) */

    printf("---------------------\n");
    /* In case we recevie a request to stop (kill -TERM or kill -INT) */
    keep_running = 1;
    signal(SIGTERM, stop_server);

    signal(SIGINT, stop_server);

    snmp_log(LOG_INFO,"example-demon is up and running.\n");

    /* your main loop here... */
    while(keep_running) {
        /* if you use select(), see snmp_select_info() in snmp_api(3) */
        /*     --- OR ---  */
        agent_check_and_process(1); /* 0 == don't block */

    }

    /* at shutdown time */
    snmp_shutdown("example-demon");
    SOCK_CLEANUP;
    return 0;
}

8.Makefile:

CC=gcc

OBJS2=example-demon.o bvcomAgentModules.o
TARGETS=example-demon

CFLAGS=-I. `net-snmp-config --cflags`
BUILDLIBS=`net-snmp-config --libs`
BUILDAGENTLIBS=`net-snmp-config --agent-libs`

# shared library flags (assumes gcc)
DLFLAGS=-fPIC -shared

all: $(TARGETS)

example-demon: $(OBJS2)
    $(CC) -o example-demon $(OBJS2)  $(BUILDAGENTLIBS)

clean:
    rm $(OBJS2) $(OBJS2) $(TARGETS)

9.example-demon.conf:

###############################################################################
# Access Control
###############################################################################

#       sec.name  source          community
com2sec local     localhost       public
com2sec mynetwork 192.168.0.0/24      public

####
# Second, map the security names into group names:

#                 sec.model  sec.name
group MyRWGroup    v1         local
group MyRWGroup    v2c        local
group MyRWGroup    usm        local
group MyROGroup v1         mynetwork
group MyROGroup v2c        mynetwork
group MyROGroup usm        mynetwork

####
# Third, create a view for us to let the groups have rights to:

#           incl/excl subtree                          mask
view all    included  .1                               80

####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:

#              context sec.model sec.level match  read   write  notif
access MyROGroup ""      any       noauth    exact  all    none   none
access MyRWGroup ""      any       noauth    exact  all    all    none

agentaddress 161

10.运行example-demon 时要用超级管理员运行,不然会出错:

sudo ./example-demon

a.没有用超级管理员时,报的错误:

border@debian:/work/border/snmp/example-demon$ ./example-demon
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load()
Before init bvcomAgentModules
End init bvcomAgentModules
Error opening specified endpoint "161"
---------------------
example-demon is up and running.
read_config_store open failure on /var/net-snmp/example-demon.conf
read_config_store open failure on /var/net-snmp/example-demon.conf
read_config_store open failure on /var/net-snmp/example-demon.conf

b.如果 报Error opening specified endpoint “”错,说明example-demon.conf配置文件没有agentaddress 161

11.拷贝配置文件到 ~/.snmp/目录下:

cp example-demon.conf /home/border/.snmp/

12.sudo ./example-demon:

border@debian:~$ snmpwalk -v1 -c public localhost bvcom
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003
End of MIB

验证:

border@debian:~$ snmpget -v1 -c public localhost bvcomAgentModuleObject.0
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001

border@debian:~$ snmpgetnext -v1 -c public localhost bvcomAgentModuleObject.0
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002

13.支持snmpv3 在配置文件中增加:

rwuser border
rwuser border1
createUser border MD5 "bvcombjbj" DES
createUser border1 SHA "bvcombjbj" AES
(最后一行也可以这样写:createUser border1 SHA "bvcombjbj" AES128)

通过如下命令验证:

a.验证MD5:

snmpwalk -v3 -l authPriv -u border -A bvcombjbj -X bvcombjbj localhost bvcom
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003

b.验证SHA:

snmpwalk -v3 -l authPriv -u border1 -a SHA -x AES -A bvcombjbj -X bvcombjbj localhost bvcom
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002
BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003

如果你采用的是AES128,就需要把-x AES改为-x AES128:

snmpwalk -v3 -l authPriv -u border1 -a SHA -x AES128 -A bvcombjbj -X bvcombjbj localhost bvcom
参考:
  1. 用NET-SNMP软件包开发简单客户端代理 http://b0rder.com/wiki/NetSnmp/NetSnmpSimpleAgentMib
  2. snmpd.examples 配置信息相关 http://www.net-snmp.org/docs/man/snmpd.examples.html
  3. snmp_agent_api http://www.net-snmp.org/docs/man/snmp_agent_api.html
  4. Tutorial http://www.nwsmith.net/HintsTips/net-snmp-tutorial.htm
  5. http://www.net-snmp.org/wiki/index.php/TUT:SNMPv3_Options

–EOF–

Categories: Tech.Notes Tags: , , ,

在ARM上移植openssl

November 21st, 2008 No comments

移植过程如下:

wget http://www.openssl.org/source/openssl-0.9.8h.tar.gz
tar zxvf openssl-0.9.8h.tar.gz
cd openssl-0.9.8h/
./Configure --prefix=/opt/rootfs/arm/openssl/ os/compiler:arm-linux-gcc

修改Makefile:
把: AR=ar $(ARFLAGS) r 改为:
AR=arm-linux-ar $(ARFLAGS) r

make
make install
border@ubuntu:/opt/rootfs/arm/openssl/bin$ file openssl
openssl: ELF 32-bit LSB executable, ARM, version 1 (SYSV), for GNU/Linux 2.4.17, dynamically linked (uses shared libs), not stripped

-Bian Jiang

参考:
  1. http://newinfo.sysu.edu.cn/Snowwaft/?p=70

– EOF –

Categories: Embedded Tags: , ,

snmp学习笔记之二trap——分析notification.c文件

November 19th, 2008 No comments

需要文件:

NET-SNMP-EXAMPLES-MIB.txt
notification.c

这两个文件都在net-snmp源码包里,我的版本是5.4.1

NET-SNMP-EXAMPLES-MIB.txt net-snmp-5.4.1.2/mibs目录下
notification.c net-snmp-5.4.1.2/agent/mibgroup/examples目录下

  1. 安装notification:

    ./configure --with-mib-modules="examples/notification"
make
sudo make install

  2. 配置snmp.conf文件,在文件中增加NET-SNMP-EXAMPLES-MIB mib库

    sudo vim /usr/local/share/snmp/snmp.conf

    在文件中增加: mibs +NET-SNMP-EXAMPLES-MIB

  3. 验证netSnmpExampleNotifications mib库是否正常加载:

    snmptranslate -IR -Tp netSnmpExampleNotifications
+--netSnmpExampleNotifications(3)
   |
   +--netSnmpExampleNotificationPrefix(0)
   |  |
   |  +--netSnmpExampleHeartbeatNotification(1)
   |
   +-- ---N String    netSnmpExampleNotification(1)
   |        Textual Convention: SnmpAdminString
   |        Size: 0..255
   |
   +--netSnmpExampleNotificationObjects(2)
      |
      +-- ---N Integer32 netSnmpExampleHeartbeatRate(1)
      +-- ---N String    netSnmpExampleHeartbeatName(2)
               Textual Convention: SnmpAdminString
               Size: 0..255

  4. 配置snmptrapd.conf

    建立/usr/share/snmp/snmptrapd.conf(我的机器上是这个,不同机器不同,可能有的放在/etc/snmp,/usr/local/share/snmp/下,视不同情况慢慢实验),加入以下一行:

    authcommunity execute,log,net public

设置所有用户的访问权限:可执行,记录,传递,

如果相对接受到的信息处理可以增加:

traphandle .1.3.6.1.4.1.2021.251.2  page_me down
# 默认处理函数
traphandle default                  log_it
  1. agent自动产生trap

配置agent的snmpd.conf,加入以下几行:(参考:
http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17 ):

# From: http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17
# send v1 traps
trapsink   127.0.0.1:162
# also send v2 traps
trap2sink  127.0.0.1:162
informsink 127.0.0.1:162

  1. 启动snmptrapd

    sudo snmptrapd –d –f –Lo

  2. 启动snmpd

    sudo snmpd -f -L

snmpd 会每隔30秒给snmptrapd发送一个信息。收到的信息如下:

Received 64 bytes from UDP: [127.0.0.1]:56929
0000: 30 3E 02 01  00 04 06 70  75 62 6C 69  63 A4 31 06    0>.....public.1.
0016: 09 2B 06 01  04 01 BF 08  02 03 40 04  AC 10 81 01    .+........@.....
0032: 02 01 06 02  01 01 43 03  03 CC BC 30  13 30 11 06    ......C....0.0..
0048: 0C 2B 06 01  04 01 BF 08  02 03 02 01  00 02 01 1E    .+..............

2008-11-11 15:43:11 172.16.129.1(via UDP: [127.0.0.1]:56929) TRAP, SNMP v1, community public
        NET-SNMP-EXAMPLES-MIB::netSnmpExampleNotifications Enterprise Specific Trap
        (NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification) Uptime: 0:41:30.20
        NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatRate.0 = INTEGER: 30

  1. notification.c 源码如下:

    /** @example notification.c
 *  This example shows how to send a notification from inside the
 *  agent.  In this case we do something really boring to decide
 *  whether to send a notification or not: we simply sleep for 30
 *  seconds and send it, then we sleep for 30 more and send it again.
 *  We do this through the snmp_alarm mechanisms (which are safe to
 *  use within the agent.  Don't use the system alarm() call, it won't
 *  work properly).  Normally, you would probably want to do something
 *  to test whether or not to send an alarm, based on the type of mib
 *  module you were creating.
 *
 *  When this module is compiled into the agent (run configure with
 *  --with-mib-modules="examples/notification") then it should send
 *  out traps, which when received by the snmptrapd demon will look
 *  roughly like:
 *
 *   可以通过 --with-mib-modules="examples/notification" 把这个模块
 * 编译到agent模块中,snmptrapd可以接收到他发送的traps, 接收到的信息
 * 如下:
 *
 *  2002-05-08 08:57:05 localhost.localdomain [udp:127.0.0.1:32865]:
 *      sysUpTimeInstance = Timeticks: (3803) 0:00:38.03 \
 *      snmpTrapOID.0 = OID: netSnmpExampleNotification
 *
 */

/*
 * start be including the appropriate header files
 */
#include <net-snmp/net-snmp-config.h>
#include <net-snmp/net-snmp-includes.h>
#include <net-snmp/agent/net-snmp-agent-includes.h>

/*
 * contains prototypes
 */
#include "notification.h"

/*
 * our initialization routine 初始化
 * (to get called, the function name must match init_FILENAME()
 * 函数的名字必须是 init_FILENAME() 这种格式
 */
void
init_notification(void)
{
    DEBUGMSGTL(("example_notification",
                "initializing (setting callback alarm)\n"));
    snmp_alarm_register(30,     /* seconds, 秒 */
                        SA_REPEAT,      /* repeat (every 30 seconds). 每隔30秒发送一个trap*/
                        send_example_notification,      /* our callback 我们的回调函数 */
                        NULL    /* no callback data needed */
        );
}

/** here we send a SNMP v2 trap (which can be sent through snmpv3 and
 *  snmpv1 as well) and send it out.
 *
 *     The various "send_trap()" calls allow you to specify traps in different
 *  formats.  And the various "trapsink" directives allow you to specify
 *  destinations to receive different formats.
 *  But *all* traps are sent to *all* destinations, regardless of how they
 *  were specified.
 *
 *
 *  I.e. it's
 * @verbatim
 *                                           ___  trapsink
 *                                          /
 *      send_easy_trap \___  [  Trap      ] ____  trap2sink
 *                      ___  [ Generator  ]
 *      send_v2trap    /     [            ] ----- informsink
 *                                          \____
 *                                                trapsess
 *
 *  *Not*
 *       send_easy_trap  ------------------->  trapsink
 *       send_v2trap     ------------------->  trap2sink
 *       ????            ------------------->  informsink
 *       ????            ------------------->  trapsess
 * @endverbatim
 */
void
send_example_notification(unsigned int clientreg, void *clientarg)
{
    /*
     * define the OID for the notification we're going to send
     * NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification
     */
    oid             notification_oid[] =
        { 1, 3, 6, 1, 4, 1, 8072, 2, 3, 0, 1 };
    size_t          notification_oid_len = OID_LENGTH(notification_oid);
    static u_long count = 0;

    /*
     * In the notification, we have to assign our notification OID to
     * the snmpTrapOID.0 object. Here is it's definition.
     */
    oid             objid_snmptrap[] = { 1, 3, 6, 1, 6, 3, 1, 1, 4, 1, 0 };
    size_t          objid_snmptrap_len = OID_LENGTH(objid_snmptrap);

    /*
     * define the OIDs for the varbinds we're going to include
     *  with the notification -
     * NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatRate  and
     * NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatName
     */
    oid      hbeat_rate_oid[]   = { 1, 3, 6, 1, 4, 1, 8072, 2, 3, 2, 1, 0 };
    size_t   hbeat_rate_oid_len = OID_LENGTH(hbeat_rate_oid);
    oid      hbeat_name_oid[]   = { 1, 3, 6, 1, 4, 1, 8072, 2, 3, 2, 2, 0 };
    size_t   hbeat_name_oid_len = OID_LENGTH(hbeat_name_oid);

    /*
     * here is where we store the variables to be sent in the trap
     */
    netsnmp_variable_list *notification_vars = NULL;
    const char *heartbeat_name = "A girl named Maria";
    #ifdef  RANDOM_HEARTBEAT
    int  heartbeat_rate = rand() % 60;
    #else
    int  heartbeat_rate = 30;
    #endif

    DEBUGMSGTL(("example_notification", "defining the trap\n"));

    /*
     * add in the trap definition object
     */
    snmp_varlist_add_variable(&notification_vars,
                              /*
                               * the snmpTrapOID.0 variable
                               */
                              objid_snmptrap, objid_snmptrap_len,
                              /*
                               * value type is an OID
                               */
                              ASN_OBJECT_ID,
                              /*
                               * value contents is our notification OID
                               */
                              (u_char *) notification_oid,
                              /*
                               * size in bytes = oid length * sizeof(oid)
                               */
                              notification_oid_len * sizeof(oid));

    /*
     * add in the additional objects defined as part of the trap
     */

    snmp_varlist_add_variable(&notification_vars,
                               hbeat_rate_oid, hbeat_rate_oid_len,
                               ASN_INTEGER,
                              (u_char *)&heartbeat_rate,
                                  sizeof(heartbeat_rate));

    /*
     * if we want to insert additional objects, we do it here
     */
    if (heartbeat_rate < 30 ) {
        snmp_varlist_add_variable(&notification_vars,
                               hbeat_name_oid, hbeat_name_oid_len,
                               ASN_OCTET_STR,
                               heartbeat_name, strlen(heartbeat_name));
    }

    /*
     * send the trap out.  This will send it to all registered
     * receivers (see the "SETTING UP TRAP AND/OR INFORM DESTINATIONS"
     * section of the snmpd.conf manual page.
     */
    ++count;
    DEBUGMSGTL(("example_notification", "sending trap %ld\n",count));
    send_v2trap(notification_vars); // 发送snmpv2的trap

    /*
     * free the created notification variable list
     */
    DEBUGMSGTL(("example_notification", "cleaning up\n"));
    snmp_free_varbind(notification_vars);
}
参考:
  1. How can I get the agent to generate a trap http://www.net-snmp.org/wiki/index.php/FAQ:Coding_15
  2. http://www.net-snmp.org/docs/mibs/NET-SNMP-EXAMPLES-MIB.txt
  3. http://www.net-snmp.org/dev/agent/notification_8c-example.html
  4. http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17

–EOF–

Categories: Tech.Notes Tags: , , ,

cross compile net-snmp for mips

November 17th, 2008 1 comment

I’m trying to cross-compile NetSNMP 5.4.2 for running on an embedded system (mips).

由于我使用的CPU是little endian 交叉编译工具是 mipsel-linux

但是如果你用的是Big endian,交叉编译用具就可能是 mips-linux

如果你是ARM平台的话,相应的改为 arm-linux

  1. 设置环境变量:

    TOOLCHAIN=mipsel-linux-
CC=${TOOLCHAIN}gcc
CPP=${TOOLCHAIN}cpp
AR=${TOOLCHAIN}ar
STRIP=${TOOLCHAIN}strip
RANLIB=${TOOLCHAIN}ranlib
LD=${TOOLCHAIN}ld

  2. 编译安装:

    ../net-snmp-5.4.2.1/configure --build=i686-linux --host=mipsel-linux --target=mipsel-linux \
--with-transports="UDP"  --prefix=/opt/rootfs/snmp --with-endianness=little \
--with-persistent-directory=/var/net-snmp/ --with-default-snmp-version="2" \
--enable-mini-agent --without-kmem-usage --disable-debugging --disable-embedded-perl \
--without-perl-modules

make
make install
    1. 如果你采用的是 Big endian, –with-endianness=little 应该改为 –with-endianness=big
    1. 如果不想对openssl 的支持,用 –without-openssl

  1. 测试:

    border@ubuntu:/opt/rootfs/snmp/sbin$ pwd
/opt/rootfs/snmp/sbin
border@ubuntu:/opt/rootfs/snmp/sbin$ file snmpd
snmpd: ELF 32-bit LSB executable, MIPS, version 1 (SYSV), dynamically linked (uses shared libs), not stripped
border@ubuntu:/opt/rootfs/snmp/sbin$ file snmptrapd
snmptrapd: ELF 32-bit LSB executable, MIPS, version 1 (SYSV), dynamically linked (uses shared libs), not stripped
参考:
  1. http://fixunix.com/snmp/175765-multiple-warning-cross-compiling-net-snmp-mips-linux.html

–Bian Jiang

–EOF–

Categories: Embedded Tags: , ,

snmp学习笔记之一——配置使用trap

November 16th, 2008 No comments

本文主要参考: snmp学习笔记——配置使用trap(一) http//blog.chinaunix.net/u1/43391/showart_355332.html

一,trap的用途

TRAP是提供从代理进程到管理站的异步报告机制。

为了使管理站能够及时而又有效地对被管理设备进行监控,同时又不过分增加网络的通信负载,必须使用陷入(TRAP)制导的轮讯过程。代理进程负责在必要时 向管理站报告异常事件,得到异常事件的报告后,管理站可以查询有关的代理,以便得到更具体的信息,对事件的原因做进一步的分析

二,trap的工作流程

1,agent端:

A, 编写mib文件,确定好trap名称等信息。

B, 命令方式:发送各种trap命令(manager地址后面一定要加端口号162),在manager端看反应结果,在agent端无反应

以下都未实现

C, 自动触发:配置snmpd.conf设置触发trap,系统发生某类错误时会自动触发相应类型的trap,发送给manager

D, 程序方式:一部份trap需要写c语言程序,用相应的api(send_easy_trap 或 send_v2trap)发送

2,manager端:

A, 配置snmptrapd.conf文件,设置访问权限

B, 将mib导入到mibs文件夹中

C, 用perl等脚本语言编写处理trap的程序

D, 配置snmptrapd.conf文件,添加traphandler项,将不同的trap对应到不同的处理程序上

三,trap的环境配置

1, manager端

建立/usr/share/snmp/snmptrapd.conf(我的机器上是这个,不同机器不同,可能有的放在/etc/snmp,/usr/local/share/snmp/下,视不同情况慢慢实验)

加入以下一行:

authcommunity execute,log,net public

设置所有用户的访问权限:可执行,记录,传递

四,命令方式的过程

1,处理系统默认的trap

添加以下几行到snmptrapd.conf中:

traphandle .1.3.6.1.6.3.1.5.1       page_me up

traphandle .1.3.6.1.4.1.2021.251.1  page_me up

traphandle .1.3.6.1.4.1.2021.251.2  page_me down

traphandle default                  log_it

用sudo snmptrapd -d -f -Lo启动snmptrapd

PS: 如果snmptrapd启动不起来是因为在安装net-snmp的时候有些模块没有安装上,
可以通过:

./configure --with-mib-modules="examples/notification"
make
sudo make install

来进行安装trap相关的模块。

然后在agent端输入:

snmptrap -v 2c -c public 127.0.0.1:162 "" UCD-SNMP-MIB::ucdStart

Manager端反应:

NET-SNMP version 5.4.1.2

Received 73 bytes from UDP: [127.0.0.1]:41244
0000: 30 47 02 01  01 04 06 70  75 62 6C 69  63 A7 3A 02    0G.....public.:.
0016: 04 42 8A 48  EC 02 01 00  02 01 00 30  2C 30 10 06    .B.H.......0,0..
0032: 08 2B 06 01  02 01 01 03  00 43 04 00  88 86 97 30    .+.......C.....0
0048: 18 06 0A 2B  06 01 06 03  01 01 04 01  00 06 0A 2B    ...+...........+
0064: 06 01 04 01  8F 65 81 7B  01                          .....e.{.

2008-11-11 10:16:12 localhost [UDP: [127.0.0.1]:41244]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (8947351) 1 day, 0:51:13.51
SNMPv2-MIB::snmpTrapOID.0 = OID: UCD-SNMP-MIB::ucdStart
sh: page_me: command not found

说明收到trap ucdstart并且调用对应的脚本程序,这里由于系统没有page_me这个命令,所以返回命令找不到.

2, 处理自定义trap(参考 http://www.net-snmp.org/wiki/index.php/TUT:snmptrap

编写两个mib文件,包括snmp1和snmp2两种trap

Snmp1的mib:TRAP-TEST-MIB.txt:

TRAP-TEST-MIB DEFINITIONS ::= BEGIN

       IMPORTS ucdExperimental FROM UCD-SNMP-MIB;

 demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 }

 demo-trap TRAP-TYPE

       STATUS current

       ENTERPRISE demotraps

       VARIABLES { sysLocation }

       DESCRIPTION "This is just a demo"

       ::= 17

 END

Snmp2的mib:NOTIFICATION-TEST-MIB.txt:

NOTIFICATION-TEST-MIB DEFINITIONS ::= BEGIN

       IMPORTS ucdavis FROM UCD-SNMP-MIB;

 demonotifs OBJECT IDENTIFIER ::= { ucdavis 991 }

 demo-notif NOTIFICATION-TYPE

         STATUS current

         OBJECTS { sysLocation }

         DESCRIPTION "Just a test notification"

         ::= { demonotifs 17 }

 END

然后放入到mibs文件夹中

在manager端敲入命令:

snmptrap -v 2c -c public 127.0.0.1:162 "" NOTIFICATION-TEST-MIB::demo-notif SNMPv2-MIB::sysLocation.0 s "just here"

agent端输出:

Received 96 bytes from UDP: [127.0.0.1]:44858
0000: 30 5E 02 01  01 04 06 70  75 62 6C 69  63 A7 51 02    0^.....public.Q.
0016: 04 7D BA 0E  AA 02 01 00  02 01 00 30  43 30 10 06    .}.........0C0..
0032: 08 2B 06 01  02 01 01 03  00 43 04 00  89 19 29 30    .+.......C....)0
0048: 18 06 0A 2B  06 01 06 03  01 01 04 01  00 06 0A 2B    ...+...........+
0064: 06 01 04 01  8F 65 87 5F  11 30 15 06  08 2B 06 01    .....e._.0...+..
0080: 02 01 01 06  00 04 09 6A  75 73 74 20  68 65 72 65    .......just here

2008-11-11 10:22:27 localhost [UDP: [127.0.0.1]:44858]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (8984873) 1 day, 0:57:28.73
SNMPv2-MIB::snmpTrapOID.0 = OID: NOTIFICATION-TEST-MIB::demo-notif       SNMPv2-MIB::sysLocation.0 = STRING: just here
sh: log_it: command not found

其中just here就是我们想要的结果.

3, 自己编写处理trap脚本

建立root/bin/traps文件,输入以下内容:

#!/bin/sh
read host
read ip
vars=
while read oid val
do
    if [ "$vars" = "" ]
    then
        vars="$oid = $val"
    else
        vars="$vars, $oid = $val"
    fi
done
echo trap: $1 $host $ip $vars

在manager的snmptrapd.conf加入以下几行:

traphandle SNMPv2-MIB::coldStart     /root/bin/traps cold

traphandle SNMPv2-MIB::warmStart    /root/bin/traps  warm

traphandle IF-MIB::linkDown          /root/bin/traps down

traphandle IF-MIB::linkUp            /root/bin/traps up

traphandle SNMPv2-MIB::authenticationFailure  /root/bin/traps auth

# this one is deprecated

traphandle .1.3.6.1.6.3.1.1.5.6 /root/bin/traps egp-neighbor-loss

重启snmptrapd:snmptrapd –d –f –Lo

在agent端输入命令:

snmptrap -v 1 -c public 127.0.0.1:162 TRAP-TEST-MIB::demotraps 127.0.0.1 2 0 ""  IF-MIB::ifIndex i 1

manager端的反应:

NET-SNMP version 5.4.1.2

Received 63 bytes from UDP: [127.0.0.1]:44203
0000: 30 3D 02 01  00 04 06 70  75 62 6C 69  63 A4 30 06    0=.....public.0.
0016: 0A 2B 06 01  04 01 8F 65  0D 87 5E 40  04 7F 00 00    .+.....e..^@....
0032: 01 02 01 02  02 01 00 43  04 00 8A 4F  90 30 10 30    .......C...O.0.0
0048: 0E 06 09 2B  06 01 02 01  02 02 01 01  02 01 01       ...+...........

2008-11-11 10:35:42 localhost [127.0.0.1] (via UDP: [127.0.0.1]:44203) TRAP, SNMP v1, community public
        TRAP-TEST-MIB::demotraps Link Down Trap (0) Uptime: 1 day, 1:10:43.36
        IF-MIB::ifIndex = INTEGER: 1
sh: /root/bin/traps: 权限不够

如果出现”sh: /root/bin/traps: 权限不够”, 是因为刚刚创建的/root/bin/traps没有执行的权限,通过 sudo chmod 755 /root/bin/traps 修改权限。

正常的结果为:

Received 63 bytes from UDP: [127.0.0.1]:44769
0000: 30 3D 02 01  00 04 06 70  75 62 6C 69  63 A4 30 06    0=.....public.0.
0016: 0A 2B 06 01  04 01 8F 65  0D 87 5E 40  04 7F 00 00    .+.....e..^@....
0032: 01 02 01 02  02 01 00 43  04 00 8A A0  B9 30 10 30    .......C.....0.0
0048: 0E 06 09 2B  06 01 02 01  02 02 01 01  02 01 01       ...+...........

2008-11-11 10:39:10 localhost [127.0.0.1] (via UDP: [127.0.0.1]:44769) TRAP, SNMP v1, community public
        TRAP-TEST-MIB::demotraps Link Down Trap (0) Uptime: 1 day, 1:14:11.13
        IF-MIB::ifIndex = INTEGER: 1
trap: down localhost UDP: [127.0.0.1]:44769 DISMAN-EVENT-MIB::sysUpTimeInstance = 1:1:14:11.13,
SNMPv2-MIB::snmpTrapOID.0 = IF-MIB::linkDown, IF-MIB::ifIndex = 1, SNMP-COMMUNITY-MIB::snmpTrapAddress.0 = 127.0.0.1,
SNMP-COMMUNITY-MIB::snmpTrapCommunity.0 = "public", SNMPv2-MIB::snmpTrapEnterprise.0 = TRAP-TEST-MIB::demotraps

4, 让agent自动产生trap

配置agent的snmpd.conf,加入以下几行:(参考:
http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17):

# From: http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17
# send v1 traps
trapsink   127.0.0.1:162
# also send v2 traps
trap2sink  127.0.0.1:162
informsink 127.0.0.1:162

五,下一步

仔细研究snmpd.conf和snmptrapd.conf,调试出系统自动触发trap

学习mib结构,搞清楚如何写自定义trap的mib

搞清楚例子的意思

研究一下在程序中发送trap的c语言api

参考:

  1. http://blog.chinaunix.net/u1/43391/showart_355332.html
  2. http://www.net-snmp.org/dev/agent/notification_8c-example.html
  3. http://www.net-snmp.org/wiki/index.php/TUT:snmptrap#Agent_Traps
  4. Where are these traps sent to http://www.net-snmp.org/wiki/index.php/FAQ:Agent_17
  5. http://net-snmp.sourceforge.net/docs/man/snmp_trap_api.html

–EOF–

Categories: Tech.Notes Tags: , , ,