anyone want to play with SNMP?
-
@Kent-Dorfman I've looked through the RFCs; they're borderline indecipherable. One Wireshark capture of a trap, with the fields decoded, would help more than all of them put together.
I just have to say how amazed I am at the lack of information available on this topic. I can't even find a book that looks like it covers this.
-
Hi @mzimmers,
I guess the way to go is to set up net-snmp.org, get it compiling, inject your code and then compile your own SNMP server. There are some examples how to do this on http://www.net-snmp.org/wiki/index.php/Tutorials, however, you'll have to invest some time in that topic.
As for books, there is "Essential SNMP, Second Edition". I think we have that at work too, but I'm not 100% sure.
Regards
-
@aha_1980 I'm willing to do that if I have to, but I'm not sure how much good that will do. I need an example of a trap message, and can't find a resource that shows me one.
I do have the book you mention on order; perhaps that will shed more light on this amazingly arcane subject.
-
@mzimmers Yeah, I have the book; but it mostly covers the administrators view on the topic, not the programmers.
However, it is a great overview over the technology, and will gain you more undestanding.
Have you already seen http://www.net-snmp.org/wiki/index.php/TUT:snmptrap Probably that's already enough for your case?
Regards
-
@mzimmers from the snmptrap tutorial link that @aha_1980 suggested, I guess you can follow it and use the snmptrap command to generate some sample traps that you can capture and analyze with Wireshark.
In addition, you may want to look at the source code of such command, and you'll see some of the internals...
pdu = snmp_pdu_create(SNMP_MSG_TRAP); -
@aha_1980 the net-snmp page is useful but still doesn't give me the particulars of the message format that I need.
@Pablo-J-Rogina good suggestion -- the source code helps, though the fields seem somewhat inconsistent with those on this page. I'll keep reading through it.
-
Just to bring this to closure: I managed to obtain an example of an SNMP trap message, and after doing some byte-by-byte decoding, I figured out what each byte meant. Then I was able to modify (by hand) to get the trap configured for my application.
For the morbidly curious, here's the code that defines the byte array, with copious annotations. T&L refer to type and length (from TLV). The encoding is some form of BER. Doesn't SNMP look fun?
int Worker::sendTrap() { int rc = ESP_OK; // the byte array below forms a v1 trap const uint8_t trap[] = { 0x30, // ASN.1 header 0x45, // ***** length of remainder of packet 0x02, 0x01, 0x00, // version v1 0x04, 0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, // community "public" 0xa4, 0x38, // ***** T&L for remainder of packet 0x06, 0x0f, // ***** T&L for enterprise 0x2b, 0x06, 0x01, 0x04, 0x01, //0x81, 0x88, 0x53, // encoding for 17491 0x82, 0xe7, 0x01, // encoding for 45953 0x01, 0x01, 0x02, 0x01, 0x02, 0x81, 0x49, 0x40, 0x04, // ***** T&L for agent IP address 0x0, 0x0, 0x0, 0x0, // agent IP address (will be filled in below) 0x02, 0x01, 0x01, // ***** generic trap (warmStart) 0x02, 0x01, 0x00, // ***** specific trap (0) 0x43, 0x01, 0x00, // ***** timestamp 0x30, 0x16, // ***** T&L for varbind 1 0x30, 0x14, // **** T&L for varbind 1 name 0x06, 0x0f, 0x2b, 0x06, 0x01, 0x04, 0x01, //0x81, 0x88, 0x53, // encoding for 17491 0x82, 0xe7, 0x01, // encoding for 45953 0x01, 0x01, 0x02, 0x01, 0x02, 0x81, 0x49, // encoding for 201 0x02, 0x01, 0x01 // ***** varbind value (1) };Anyway, thanks to everyone who looked and helped.
-
@mzimmers OMG, that is sooooo ugly. God bless you man, for figuring it out. Hope it works for you.
-
@Kent-Dorfman heh...as bad as that is, I found it easier than trying to build an agent (or even a part of an agent). And (drumroll please)...to my mind, both are easier than figuring out how to write MIBs!
SNMP is for machines, by machines. Humans need not apply.
