You can subscribe to this list here.
2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(14) |
Nov
(315) |
Dec
(298) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2001 |
Jan
(254) |
Feb
(467) |
Mar
(430) |
Apr
(345) |
May
(406) |
Jun
(336) |
Jul
(313) |
Aug
(265) |
Sep
(433) |
Oct
(462) |
Nov
(387) |
Dec
(232) |
2002 |
Jan
(352) |
Feb
(556) |
Mar
(463) |
Apr
(500) |
May
(557) |
Jun
(337) |
Jul
(317) |
Aug
(279) |
Sep
(273) |
Oct
(354) |
Nov
(267) |
Dec
(347) |
2003 |
Jan
(351) |
Feb
(445) |
Mar
(520) |
Apr
(665) |
May
(499) |
Jun
(393) |
Jul
(304) |
Aug
(425) |
Sep
(262) |
Oct
(329) |
Nov
(220) |
Dec
(174) |
2004 |
Jan
(365) |
Feb
(479) |
Mar
(515) |
Apr
(522) |
May
(214) |
Jun
(471) |
Jul
(292) |
Aug
(341) |
Sep
(243) |
Oct
(446) |
Nov
(294) |
Dec
(147) |
2005 |
Jan
(171) |
Feb
(209) |
Mar
(218) |
Apr
(321) |
May
(233) |
Jun
(534) |
Jul
(268) |
Aug
(345) |
Sep
(498) |
Oct
(557) |
Nov
(459) |
Dec
(238) |
2006 |
Jan
(288) |
Feb
(180) |
Mar
(151) |
Apr
(113) |
May
(164) |
Jun
(277) |
Jul
(160) |
Aug
(383) |
Sep
(221) |
Oct
(404) |
Nov
(358) |
Dec
(163) |
2007 |
Jan
(293) |
Feb
(175) |
Mar
(202) |
Apr
(155) |
May
(427) |
Jun
(484) |
Jul
(414) |
Aug
(125) |
Sep
(131) |
Oct
(160) |
Nov
(79) |
Dec
(70) |
2008 |
Jan
(133) |
Feb
(115) |
Mar
(158) |
Apr
(194) |
May
(197) |
Jun
(230) |
Jul
(146) |
Aug
(68) |
Sep
(93) |
Oct
(53) |
Nov
(95) |
Dec
(69) |
2009 |
Jan
(81) |
Feb
(162) |
Mar
(215) |
Apr
(216) |
May
(78) |
Jun
(131) |
Jul
(61) |
Aug
(176) |
Sep
(127) |
Oct
(28) |
Nov
(83) |
Dec
(94) |
2010 |
Jan
(100) |
Feb
(187) |
Mar
(320) |
Apr
(161) |
May
(194) |
Jun
(142) |
Jul
(129) |
Aug
(139) |
Sep
(239) |
Oct
(202) |
Nov
(139) |
Dec
(196) |
2011 |
Jan
(195) |
Feb
(191) |
Mar
(201) |
Apr
(127) |
May
(84) |
Jun
(126) |
Jul
(101) |
Aug
(237) |
Sep
(123) |
Oct
(104) |
Nov
(197) |
Dec
(114) |
2012 |
Jan
(65) |
Feb
(85) |
Mar
(129) |
Apr
(84) |
May
(94) |
Jun
(83) |
Jul
(89) |
Aug
(85) |
Sep
(89) |
Oct
(73) |
Nov
(34) |
Dec
(38) |
2013 |
Jan
(89) |
Feb
(30) |
Mar
(25) |
Apr
(18) |
May
(20) |
Jun
(45) |
Jul
(74) |
Aug
(37) |
Sep
(72) |
Oct
(30) |
Nov
(67) |
Dec
(24) |
2014 |
Jan
(23) |
Feb
(16) |
Mar
(40) |
Apr
(37) |
May
(12) |
Jun
(18) |
Jul
(30) |
Aug
(26) |
Sep
(24) |
Oct
(32) |
Nov
(15) |
Dec
(33) |
2015 |
Jan
(15) |
Feb
(45) |
Mar
(21) |
Apr
(24) |
May
(22) |
Jun
(7) |
Jul
(57) |
Aug
(17) |
Sep
(16) |
Oct
(3) |
Nov
(8) |
Dec
(13) |
2016 |
Jan
(7) |
Feb
(14) |
Mar
(40) |
Apr
(8) |
May
(10) |
Jun
(6) |
Jul
(8) |
Aug
(10) |
Sep
(19) |
Oct
(20) |
Nov
(45) |
Dec
(10) |
2017 |
Jan
(10) |
Feb
(12) |
Mar
(3) |
Apr
(17) |
May
(41) |
Jun
(21) |
Jul
(13) |
Aug
(13) |
Sep
(7) |
Oct
(23) |
Nov
(10) |
Dec
(23) |
2018 |
Jan
(45) |
Feb
(3) |
Mar
(57) |
Apr
(107) |
May
(173) |
Jun
(47) |
Jul
(28) |
Aug
(26) |
Sep
(38) |
Oct
(56) |
Nov
(22) |
Dec
(11) |
2019 |
Jan
(37) |
Feb
(8) |
Mar
(7) |
Apr
(29) |
May
(32) |
Jun
(5) |
Jul
(21) |
Aug
(31) |
Sep
(38) |
Oct
(8) |
Nov
(13) |
Dec
(10) |
2020 |
Jan
(9) |
Feb
(33) |
Mar
(14) |
Apr
(4) |
May
(16) |
Jun
(11) |
Jul
(14) |
Aug
(50) |
Sep
(24) |
Oct
(3) |
Nov
(14) |
Dec
(13) |
2021 |
Jan
(18) |
Feb
(15) |
Mar
(12) |
Apr
(9) |
May
(9) |
Jun
(8) |
Jul
(6) |
Aug
(7) |
Sep
(26) |
Oct
(17) |
Nov
(6) |
Dec
(2) |
2022 |
Jan
(3) |
Feb
(11) |
Mar
(7) |
Apr
(15) |
May
(5) |
Jun
(4) |
Jul
(29) |
Aug
(6) |
Sep
(7) |
Oct
|
Nov
(4) |
Dec
(1) |
2023 |
Jan
|
Feb
|
Mar
|
Apr
(10) |
May
(3) |
Jun
(5) |
Jul
(3) |
Aug
(10) |
Sep
(10) |
Oct
(7) |
Nov
(2) |
Dec
(4) |
2024 |
Jan
(22) |
Feb
(5) |
Mar
(11) |
Apr
(20) |
May
(16) |
Jun
(9) |
Jul
(14) |
Aug
(5) |
Sep
(5) |
Oct
|
Nov
|
Dec
|
From: Pushpa T. <pus...@gm...> - 2024-04-26 07:24:17
|
Hi Magnus Fromreide, Thanks for clarifying. Thanks, Pushpa.T On Thu, Apr 25, 2024 at 10:17 AM Magnus Fromreide <ma...@ly...> wrote: > On Tue, Apr 23, 2024 at 09:51:08AM +0530, Pushpa Thimmaiah wrote: > > Hi All, > > > > Could you please let me know length of snmpEngineID. Is it 12 octets or > 32 > > octets. > > > > In RFC 3411 (https://www.ietf.org/rfc/rfc3411.txt) , > > mib object 'snmpEngineID' says 12 octets in description and 32 octet in > > You have to read the whole text. > > An snmpEngineID has a syntax of OCTET STRING (SIZE(5..32)) > > If the first bit of the snmpEngineID is 0 and it is 12 octets long then it > might have been generated using the algorithm described in bullet 2 which > is > copied from rfc1910. > > If the first bit is 1 then it is generated in accordance with one of the > methods in bullet 3 (or RFC5343) but it is important to notice that bullets > 1-3 are just an recommended algorithm, not a mandatory one so you should > treat snmpEngineID a a variable length string and not attempt to parse it. > > /MF > |
From: Magnus F. <ma...@ly...> - 2024-04-25 05:04:21
|
On Tue, Apr 23, 2024 at 09:51:08AM +0530, Pushpa Thimmaiah wrote: > Hi All, > > Could you please let me know length of snmpEngineID. Is it 12 octets or 32 > octets. > > In RFC 3411 (https://www.ietf.org/rfc/rfc3411.txt) , > mib object 'snmpEngineID' says 12 octets in description and 32 octet in You have to read the whole text. An snmpEngineID has a syntax of OCTET STRING (SIZE(5..32)) If the first bit of the snmpEngineID is 0 and it is 12 octets long then it might have been generated using the algorithm described in bullet 2 which is copied from rfc1910. If the first bit is 1 then it is generated in accordance with one of the methods in bullet 3 (or RFC5343) but it is important to notice that bullets 1-3 are just an recommended algorithm, not a mandatory one so you should treat snmpEngineID a a variable length string and not attempt to parse it. /MF |
From: Pushpa T. <pus...@gm...> - 2024-04-23 04:17:58
|
Hi All, Could you please let me know length of snmpEngineID. Is it 12 octets or 32 octets. In RFC 3411 (https://www.ietf.org/rfc/rfc3411.txt) , mib object 'snmpEngineID' says 12 octets in description and 32 octet in the range . Kindly guide. Pushpa.T |
From: Pramav S <pr...@ou...> - 2024-04-17 10:25:24
|
Issue: Trap not being sent from Application. Context: Currently, I am porting application from CentOS 7 to Oracle Linux. In CentOS7, Libraries from 5.7.3 was used by the Application. All things works OK. SNMP GET/SET and Traps send from Application was OK. With Oracle Linux - Libraries from 5.8-28 is used by the ported Application. No specific Application code changed for this version. But SNMP GET/SET is OK. But Trap send from Application is not OK. Not packet is seen going out. send_v2trap() call isn't happening? I have the following in the snmpd.conf with Trap target information. `snmpNotifyTable "allTraps" "allTraps" 1 3 1` snmpNotifyTable "allTraps" "allTraps" 1 3 1 targetAddr "test" .1.3.6.1.6.1.1 0x0a6400a000a2 0 0 "allTraps" snmpV2c 3 1 What could I be missing? Thanks, Prabhu |
From: Mark J. <ma...@fr...> - 2024-04-13 14:45:01
|
On Fri, Apr 12, 2024 at 03:51:51PM -0700, Bart Van Assche wrote: > On 4/12/24 7:29 AM, Mark Johnston wrote: > > Do you mean that on FreeBSD we should always perform an unprivileged > > kvm_openfile() call, no matter whether --without-kmem-usage is > > specified? > > Yes, that's what I'm proposing. If someone disagrees, please share your > opinion now. I can't see any reason not to go ahead with that, for what it's worth. I'm confident that none of the existing code in net-snmp needs /dev/kmem access on FreeBSD, and it shouldn't be required by new code. |
From: Bart V. A. <bva...@ac...> - 2024-04-12 22:52:04
|
On 4/12/24 7:29 AM, Mark Johnston wrote: > Do you mean that on FreeBSD we should always perform an unprivileged > kvm_openfile() call, no matter whether --without-kmem-usage is > specified? Yes, that's what I'm proposing. If someone disagrees, please share your opinion now. Thanks, Bart. |
From: Alex K. <krj...@ma...> - 2024-04-12 16:49:45
|
Hello! In our project we use net-snmp 5.7.3 and we are going to migrate to 5.9.4. And the main issue for our project during migration as I could see is that previously we used authProtocol MD5 for authentication of SNMP users. And the support of MD5 authProtocol was removed from 5.9.4. So please could advice me if there is a way that we can change automatically authProtocol for the SNMP users after upgrade of snmp (I mean on the side of net-snmp) or it can be done only manually with for example «snmpusm» utils? Regards, Alexei |
From: Mark J. <ma...@fr...> - 2024-04-12 14:29:55
|
On Fri, Apr 12, 2024 at 07:13:41AM -0700, Bart Van Assche wrote: > On 4/12/24 06:44, Mark Johnston wrote: > > I would like to introduce the patch below, which gets compiled when > > --without-kmem-usage is specified. In this case, snmpd will still use > > libkvm, but won't open /dev/(k)mem. In my testing so far, this works > > perfectly. Does anyone have any thoughts on this patch/approach? Would > > the net-snmp project be willing to accept the patch? Thank you in > > advance for any feedback or guidance. > > What privileges are required to call kvm_open() on FreeBSD? Are > the same privileges required as for opening /dev/kmem or not? The only privileges required are those needed to open the file. So, kvm_openfiles(NULL, NULL, NULL, O_RDONLY, err) requires root privileges, because it tries to open /dev/mem. If I change the second parameter to "/dev/null", then any user can call it successfully, and most of the kvm_* functions will still work as expected. > If not, > has it been considered to make init_kmem() call kvm_open() on FreeBSD > independent of whether or not --without-kmem-usage has been specified? Assuming I don't misunderstand, that's effectively what my patch does - it just does so in a separate implementation of init_kmem(). Do you mean that on FreeBSD we should always perform an unprivileged kvm_openfile() call, no matter whether --without-kmem-usage is specified? |
From: Bart V. A. <bva...@ac...> - 2024-04-12 14:13:57
|
On 4/12/24 06:44, Mark Johnston wrote: > I would like to introduce the patch below, which gets compiled when > --without-kmem-usage is specified. In this case, snmpd will still use > libkvm, but won't open /dev/(k)mem. In my testing so far, this works > perfectly. Does anyone have any thoughts on this patch/approach? Would > the net-snmp project be willing to accept the patch? Thank you in > advance for any feedback or guidance. What privileges are required to call kvm_open() on FreeBSD? Are the same privileges required as for opening /dev/kmem or not? If not, has it been considered to make init_kmem() call kvm_open() on FreeBSD independent of whether or not --without-kmem-usage has been specified? Thanks, Bart. |
From: Mark J. <ma...@fr...> - 2024-04-12 13:44:42
|
I'm quite new to net-snmp, so apologies in advance if this is the wrong place to discuss patches. Currently, when one runs snmpd on FreeBSD, it keeps /dev/mem and /dev/kmem open. This is a result of using kvm_openfiles() to get a kvm descriptor, which is used to implement various MIBs (via kvm_getprocs(), kvm_getswapinfo(), etc.). However, the libkvm interfaces used by net-snmp don't actually require /dev/mem or /dev/kmem - they are all implemented using sysctls. I would like to have snmpd not hold /dev/(k)mem open. I can of course compile using --without-kmem-usage, but that disables the use of libkvm, so all of that code (used to implement the hostres MIB, for instance) would need to be rewritten. However, it turns out that one can ask kvm_openfiles() to not open /dev/mem and /dev/kmem, by passing "/dev/null" as the path. In fact, snmpd already contains code to do this, but it's only done in a fallback path in init_kmem(). I would like to introduce the patch below, which gets compiled when --without-kmem-usage is specified. In this case, snmpd will still use libkvm, but won't open /dev/(k)mem. In my testing so far, this works perfectly. Does anyone have any thoughts on this patch/approach? Would the net-snmp project be willing to accept the patch? Thank you in advance for any feedback or guidance. commit 1c7881da5963508bcbcbd4ac44a60192fec4f7d8 Author: Mark Johnston <markj@FreeBSD.org> Date: Thu Apr 4 16:34:26 2024 -0400 snmpd: Enable the use of libkvm without kmem access on FreeBSD diff --git a/agent/kernel.c b/agent/kernel.c index 285a603a77..164a6a8ca2 100644 --- a/agent/kernel.c +++ b/agent/kernel.c @@ -259,7 +259,37 @@ free_kmem(void) kmem = -1; } } +#elif defined(__FreeBSD__) +kvm_t *kd; + +/** + * Initialize the libkvm descriptor. On FreeBSD we can use most of libkvm + * without requiring /dev/kmem access. Only kvm_nlist() and kvm_read() need + * that, and we don't use them. + * + * @return TRUE upon success; FALSE upon failure. + */ +int +init_kmem(const char *file) +{ + char err[4096]; + kd = kvm_openfiles(NULL, "/dev/null", NULL, O_RDONLY, err); + if (!kd) { + snmp_log(LOG_CRIT, "init_kmem: kvm_openfiles failed: %s\n", err); + return FALSE; + } + return TRUE; +} + +void +free_kmem(void) +{ + if (kd != NULL) { + (void)kvm_close(kd); + kd = NULL; + } +} #else int init_kmem(const char *file) |
From: Teus B. <teu...@gm...> - 2024-04-04 08:35:00
|
On Wed, 3 Apr 2024 at 18:45, Bart Van Assche <bva...@ac...> wrote: > > I think this is the callchain for registering the ports that the agent > listens on: > [...] > One possible approach is to implement the .f_setup_session() callback in > the TCP transport and to make it copy the port information from the > transport into the session. > Hi Bart, Thank you for the very helpful information about the call chain for registering the agent listening ports, and for the possible suggestions on how to get the port number into the session. I am going to look into this and try it all out. My hope and expectation is that this leads to a good patch acceptable for the Net-SNMP project! Regards, Teus |
From: Craig S. <cs...@dr...> - 2024-04-04 06:48:36
|
On Wed, 3 Apr 2024 at 16:05, Bart Van Assche <bva...@ac...> wrote: > Something else must be going on. This is the code from configure.ac that > checks for libnl-3: > > if test "x$ac_cv_header_netlink_netlink_h" = xyes; then > AC_EGREP_HEADER([nl_socket_free], [netlink/socket.h], > [AC_DEFINE([HAVE_LIBNL3], [1], > [Define to 1 if <netlink/netlink.h> provides > the > libnl3 API])]) > fi > It's a little bit more complicated than that. The issue is when HAVE_LIBNL3 is not defined but HAVE_NETLINK_NETLINK_H is defined. /* Define to 1 if you have the <netlink/netlink.h> header file. */ #define HAVE_NETLINK_NETLINK_H 1 /* Define to 1 if <netlink/netlink.h> provides the libnl3 API */ /* #undef HAVE_LIBNL3 */ Then the compat stuff around line 622 of tcpTable.c comes into play, but its not nl1, its nl3 we have here. So what's going on with the detection? Something strange in automake and some magic variables. The reason why HAVE_LIBNL3 is blank is the test for AC_EGREP_HEADER fails: configure:28188: result: no conftest.c:186:10: fatal error: netlink/socket.h: No such file or directory 186 | #include <netlink/socket.h> | ^~~~~~~~~~~~~~~~~~ compilation terminated. It can't find the include file because the CFLAGS needs to set the include path and it doesn't if the libnl-route-3 test fails (I guess it zeroes it on failure or maybe because LIBNLROUTE3_CFLAGS is blank?) Moving the EGREP test for nl_socket_free immediately before the test for libnl-route-3 works, because it uses the CFLAGS of the previous successful test. Compiling works too, until you try to link it to the missing library for some of the data_access/*_linux.c files. The fix isn't to move the EGREP(nl_socket_free) test, that's a symptom. I'm not sure if the older library needs the route library or not, so the next steps are hard to say. If it was just the new library then a fatal error on Linux for the absence of either libnl3 or libnl-route-3 would do it. |
From: Bart V. A. <bva...@ac...> - 2024-04-03 16:46:11
|
On 4/3/24 02:35, Teus Benschop wrote: > > A snmpd was set to listen on 10 ports through multiple entries like > “agentaddress tcp:<port>” in the snmpd.conf file. > It was verified through snmpget that the snmpd listens on all 10 ports. > > Function “netsnmp_callback_open” in file > snmplib/transports/snmpCallbackDomain.c was patched to write a few > debug messages. > > It appears that the function “netsnmp_callback_open” is called once. > It sets the “callback_ss->local_port” to “((netsnmp_callback_info *) > callback_tr->data)->callback_num”, which is 1. > In the handler callback function, the > reqinfo->asp->session->local_port is 0 while processing each snmpget. > > You wrote "Make sure that session->local_port is set correctly." I > studied the code to set this properly, but didn't manage to get the > port number set correctly. I think this is the callchain for registering the ports that the agent listens on: init_master_agent() netsnmp_agent_listen_on() netsnmp_transport_open_server() netsnmp_register_agent_nsap() netsnmp_sess_config_transport() snmp_add() snmp_sess_add_ex() transport->f_setup_session() One possible approach is to implement the .f_setup_session() callback in the TCP transport and to make it copy the port information from the transport into the session. Best regards, Bart. |
From: Teus B. <teu...@gm...> - 2024-04-03 09:35:45
|
On Thu, 28 Mar 2024 at 00:13, Bart Van Assche <bva...@ac...> wrote: > Thanks for the background information. I'm not sure the Net-SNMP API needs > to be modified to realize this. How about the following approach: > > - Use netsnmp_register_handler() in MIB implementations to associate > OIDs with callback functions. > - In the handler callback function, use the > reqinfo->asp->session->local_port information. > - Make sure that session->local_port is set correctly. This may > require a code change in Net-SNMP. > > > Hi Bart, I have gone through the above very helpful steps, as follows: A snmpd was set to listen on 10 ports through multiple entries like “agentaddress tcp:<port>” in the snmpd.conf file. It was verified through snmpget that the snmpd listens on all 10 ports. Function “netsnmp_callback_open” in file snmplib/transports/snmpCallbackDomain.c was patched to write a few debug messages. It appears that the function “netsnmp_callback_open” is called once. It sets the “callback_ss->local_port” to “((netsnmp_callback_info *) callback_tr->data)->callback_num”, which is 1. In the handler callback function, the reqinfo->asp->session->local_port is 0 while processing each snmpget. You wrote "Make sure that session->local_port is set correctly." I studied the code to set this properly, but didn't manage to get the port number set correctly. Any help or hints for setting session->local_port would be greatly appreciated :) With kind regards, Teus. |
From: Pushpa T. <pus...@gm...> - 2024-04-03 06:08:31
|
Hi All, For snmpv2c traps, Is it possible to configure hostname in the field of source address Eg: *Current behaviour: snmptrap received at manager* 2024-04-03 09:09:54 192.168.112.122(via UDP: [192.168.112.122]:35620->[192.168.168.136]:162) TRAP, SNMP v1, community public iso.3.6.1.4.1.8072.2.3.1 Enterprise Specific Trap (17) Uptime: 4 days, 15:30:06.57 iso.3.6.1.4.1.8072.2.1.1 = INTEGER: 123456 *Expected behviour:* 2024-04-03 09:09:54 192.168.112.122(via UDP: [snmp_agent_122]:35620->[192.168.168.136]:162) TRAP, SNMP v1, community public iso.3.6.1.4.1.8072.2.3.1 Enterprise Specific Trap (17) Uptime: 4 days, 15:30:06.57 iso.3.6.1.4.1.8072.2.1.1 = INTEGER: 123456 or 2024-04-03 09:09:54 192.168.112.122(via UDP: [192.168.112.122_agent_122]:35620->[192.168.168.136]:162) TRAP, SNMP v1, community public iso.3.6.1.4.1.8072.2.3.1 Enterprise Specific Trap (17) Uptime: 4 days, 15:30:06.57 iso.3.6.1.4.1.8072.2.1.1 = INTEGER: 123456 Kindly guide. Thanks, Pushpa.T |
From: Bart V. A. <bva...@ac...> - 2024-04-03 05:05:17
|
On 4/2/24 13:40, Craig Small wrote: > On Wed, 3 Apr 2024 at 02:19, Bart Van Assche <bva...@ac...> wrote: > > Can you please check the configure script logs to see why libnl-3 was > not detected? > > libnl-3 was detected: > configure:27875: $PKG_CONFIG --exists --print-errors "libnl-3.0" > configure:27878: $? = 0 > configure:27936: result: yes > > But libnl-route-3.0 was not: > configure:27942: $PKG_CONFIG --exists --print-errors "libnl-route-3.0" > Package libnl-route-3.0 was not found in the pkg-config search path. > > I added libnl-route-3-dev and it compiled ok. > > There's something not quite right with the configure script, because > it evaluates > libnl-3 + !libnl-route-3 = libnl1 > instead of failing. Something else must be going on. This is the code from configure.ac that checks for libnl-3: if test "x$ac_cv_header_netlink_netlink_h" = xyes; then AC_EGREP_HEADER([nl_socket_free], [netlink/socket.h], [AC_DEFINE([HAVE_LIBNL3], [1], [Define to 1 if <netlink/netlink.h> provides the libnl3 API])]) fi Thanks, Bart. |
From: Craig S. <cs...@dr...> - 2024-04-02 21:12:02
|
On Wed, 3 Apr 2024 at 02:19, Bart Van Assche <bva...@ac...> wrote: > Can you please check the configure script logs to see why libnl-3 was > not detected? > libnl-3 was detected: configure:27875: $PKG_CONFIG --exists --print-errors "libnl-3.0" configure:27878: $? = 0 configure:27936: result: yes But libnl-route-3.0 was not: configure:27942: $PKG_CONFIG --exists --print-errors "libnl-route-3.0" Package libnl-route-3.0 was not found in the pkg-config search path. I added libnl-route-3-dev and it compiled ok. There's something not quite right with the configure script, because it evaluates libnl-3 + !libnl-route-3 = libnl1 instead of failing. - Craig |
From: Bart V. A. <bva...@ac...> - 2024-04-02 15:19:57
|
On 4/2/24 01:49, Craig Small via Net-snmp-coders wrote: > Hello All, > I was attempting to compile the git head of net-snmp. One big change > is that uses netlink sockets instead of reading /proc/net/* > > The issue is the API is different to the library I can see. > > mibgroup/mibII/tcpTable.c:631:12: error: too few arguments to function > ‘nl_geterror’ > 631 | return nl_geterror(); > | ^~~~~~~~~~~ > > And indeed nl_geterror() requires a int: > https://github.com/tgraf/libnl/blob/master/include/netlink/errno.h#L56 > <https://github.com/tgraf/libnl/blob/master/include/netlink/errno.h#L56> > extern const char * nl_geterror(int); > > So I'm not exactly sure what netlink library is being used here. I > cannot disable this feature either: > mibgroup/if-mib/data_access/interface_linux.c:27:2: error: #error > libnl-3 is required. Please install the libnl-3 and libnl-route-3 > development packages and remove --without-nl from the configure options > if necessary. > 27 | #error libnl-3 is required. Please install the libnl-3 and > libnl-route-3 development packages and remove --without-nl from the > configure options if necessary. > | ^~~~~ The Net-SNMP configure script detects whether libnl-1 / libnl-3 is present. The above error message comes from the libnl-3 compat code and hence means that libnl-3 was not detected. I'm referring to this code: if test "x$ac_cv_header_netlink_netlink_h" = xyes; then AC_EGREP_HEADER([nl_socket_free], [netlink/socket.h], [AC_DEFINE([HAVE_LIBNL3], [1], [Define to 1 if <netlink/netlink.h> provides the libnl3 API])]) fi Can you please check the configure script logs to see why libnl-3 was not detected? Thanks, Bart. |
From: Craig S. <cs...@dr...> - 2024-04-02 09:58:13
|
Hello All, I was attempting to compile the git head of net-snmp. One big change is that uses netlink sockets instead of reading /proc/net/* The issue is the API is different to the library I can see. mibgroup/mibII/tcpTable.c:631:12: error: too few arguments to function ‘nl_geterror’ 631 | return nl_geterror(); | ^~~~~~~~~~~ And indeed nl_geterror() requires a int: https://github.com/tgraf/libnl/blob/master/include/netlink/errno.h#L56 extern const char * nl_geterror(int); So I'm not exactly sure what netlink library is being used here. I cannot disable this feature either: mibgroup/if-mib/data_access/interface_linux.c:27:2: error: #error libnl-3 is required. Please install the libnl-3 and libnl-route-3 development packages and remove --without-nl from the configure options if necessary. 27 | #error libnl-3 is required. Please install the libnl-3 and libnl-route-3 development packages and remove --without-nl from the configure options if necessary. | ^~~~~ - Craig -- Craig Small https://dropbear.xyz/ csmall at : dropbear.xyz Debian GNU/Linux https://www.debian.org/ <http://www.debian.org/> csmall at : debian.org GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5 |
From: Teus B. <teu...@gm...> - 2024-03-28 06:14:06
|
On Thu, 28 Mar 2024 at 00:13, Bart Van Assche <bva...@ac...> wrote: > Hi Teus, > > Thanks for the background information. I'm not sure the Net-SNMP API needs > to be modified to realize this. How about the following approach: > > - Use netsnmp_register_handler() in MIB implementations to associate > OIDs with callback functions. > - In the handler callback function, use the > reqinfo->asp->session->local_port information. > - Make sure that session->local_port is set correctly. This may > require a code change in Net-SNMP. > > Best regards, > > Bart. > > > Hi Bart, What a great hint this is: No API change, and making sure that the local_port is set correctly. I am going to look into this for sure, and try to get this to work for TCP. Thank you a lot for this information, that is helpful :) Teus. |
From: Bart V. A. <bva...@ac...> - 2024-03-27 23:13:42
|
On 3/27/24 00:15, Teus Benschop wrote: > On Wed, 27 Mar 2024 at 00:58, Bart Van Assche <bva...@ac...> wrote: > > Please explain why you want to obtain that information and also > how you plan to use it. Which APIs to modify will depend on the > answer to that question. > > > > Hello Bert, > > Thank you for asking this question. > > The background to this is that we are building software to control > traffic signs above the highways. These signs are controlled through > one of the NTCIP protocols (https://www.ntcip.org). And this protocol > again is based on the SNMP protocol. Each traffic sign contains one > SNMP agent that listens on a given port number. > > We are building a simulator to simulate all of those traffic signs. > Currently one simulator simulates one traffic sign. The traffic sign > has many and large SNMP tables registered with Net-SNMP. Due to the > sheer size and amount of objects in the SNMP tables, plus many other > registered objects, one simulator now allocates about 350 Mbytes of > memory. > > If we simulate, say, 20 traffic signs, then the allocated memory > becomes about 7 Gbytes. If we simulate 100 traffic signs, then the > allocated memory becomes around 35 Gigabytes. > > We now have the idea to only run one SNMP agent, and hence allocate > only 350 Megabytes of memory, but then let this SNMP agent listen on > multiple ports, through the Net-SNMP library. > > The traffic signs listen on the TCP protocol, hence the simulator uses > TCP too. > > If the simulator listens on, say, port 2001, 2002, 2003, and so on, > then this would simulate traffic sign #1 on port 2001, traffic sign #2 > on port 2002, and traffic sign #3 on port 2003. If the traffic control > software sends a SNMP get request to, say, port 2002, then the traffic > sign simulator knows that it should respond with data about traffic > sign #2. > > Hence if the Net-SNMP library would expose the TCP port number that a > given request was sent to, the simulator would make a call to the > Net-SNMP library to find the port number, and give an appropriate > response. > > This is the reason why I want to obtain the port number, and this > would be the intended usage of it. Hi Teus, Thanks for the background information. I'm not sure the Net-SNMP API needs to be modified to realize this. How about the following approach: * Use netsnmp_register_handler() in MIB implementations to associate OIDs with callback functions. * In the handler callback function, use the reqinfo->asp->session->local_port information. * Make sure that session->local_port is set correctly. This may require a code change in Net-SNMP. Best regards, Bart. |
From: Teus B. <teu...@gm...> - 2024-03-27 07:16:08
|
On Wed, 27 Mar 2024 at 00:58, Bart Van Assche <bva...@ac...> wrote: > Please explain why you want to obtain that information and also how you > plan to use it. Which APIs to modify will depend on the answer to that > question. > > > Hello Bert, Thank you for asking this question. The background to this is that we are building software to control traffic signs above the highways. These signs are controlled through one of the NTCIP protocols (https://www.ntcip.org). And this protocol again is based on the SNMP protocol. Each traffic sign contains one SNMP agent that listens on a given port number. We are building a simulator to simulate all of those traffic signs. Currently one simulator simulates one traffic sign. The traffic sign has many and large SNMP tables registered with Net-SNMP. Due to the sheer size and amount of objects in the SNMP tables, plus many other registered objects, one simulator now allocates about 350 Mbytes of memory. If we simulate, say, 20 traffic signs, then the allocated memory becomes about 7 Gbytes. If we simulate 100 traffic signs, then the allocated memory becomes around 35 Gigabytes. We now have the idea to only run one SNMP agent, and hence allocate only 350 Megabytes of memory, but then let this SNMP agent listen on multiple ports, through the Net-SNMP library. The traffic signs listen on the TCP protocol, hence the simulator uses TCP too. If the simulator listens on, say, port 2001, 2002, 2003, and so on, then this would simulate traffic sign #1 on port 2001, traffic sign #2 on port 2002, and traffic sign #3 on port 2003. If the traffic control software sends a SNMP get request to, say, port 2002, then the traffic sign simulator knows that it should respond with data about traffic sign #2. Hence if the Net-SNMP library would expose the TCP port number that a given request was sent to, the simulator would make a call to the Net-SNMP library to find the port number, and give an appropriate response. This is the reason why I want to obtain the port number, and this would be the intended usage of it. Thanks, Teus |
From: sukeerthi bj <suk...@gm...> - 2024-03-27 04:45:58
|
Hi Team, I am currently working on NET-SNMP code integration for a project. I want to understand the code changes for this CVE-2008-6123. Can someone please point to the change list for same? -Sukeerthi |
From: Bart V. A. <bva...@ac...> - 2024-03-26 23:58:37
|
On 3/25/24 11:26, Teus Benschop wrote: > 2. What are the ideas to expose this agent_tcp_port_number via the > API? (Possibly I could add a function in the public API, that gets > this variable and exposes it as a call.) Ideas? Please explain why you want to obtain that information and also how you plan to use it. Which APIs to modify will depend on the answer to that question. Thanks, Bart. |
From: Niels B. <ni...@ba...> - 2024-03-26 22:52:06
|
Den 26-03-2024 kl. 10:10 skrev Craig Small via Net-snmp-coders: > Hi, > This email is about working out how the LM-SENSORS MIB should be updated. If it was just a matter of updating the SNMP agent, I'd just create a pull request but the MIB is (might be?) different. Great! > How do I get this MIB updated? I'm willing to write it up and the change for the agent, would a PR for the MIB be enough or does it need to go through some sort of other approval process? There is nothing special about updating the MIB, so just include the update in your PR. Personally I would prefer that that new object had UNITS "Cel" DISPLAY-HINT "d-3" instead of displaying a milli-value, but that is personal taste. Remember to add a REVISION section to the MIB when you update it. /Niels -- Niels Baggesen -- @home -- Århus -- Denmark -- ni...@ba... The purpose of computing is insight, not numbers -- R W Hamming |