RE: Sending Informs with fixed source ports
This is a discussion on RE: Sending Informs with fixed source ports within the SNMP Coders forums, part of the Networking and Network Related category; This is a multi-part message in MIME format. --===============1670616500== content-class: urn:content-classes:message Content-Type: multipart/alternative; ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-08-2007
|
|||
|
|||
RE: Sending Informs with fixed source ports
This is a multi-part message in MIME format.
--===============1670616500== content-class: urn:content-classes:message Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C79179.DE5EAF14" This is a multi-part message in MIME format. ------_=_NextPart_001_01C79179.DE5EAF14 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I tried adding this line to target.c:get_target_sessoin(): =20 netsnmp_ds_set_string(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_CLIENT_ADDR, "localhost:6666"); =20 So the new code looks like this: Line ------ =20 155 netsnmp_transport *t =3D NULL; 156 157 netsnmp_ds_set_string(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_CLIENT_ADDR, "localhost:6666"); 158 159 t =3D netsnmp_tdomain_transport_oid(targaddrs-> ..... (I also disabled engineID probe, and set the remote engineID manually. as you can see the USM processing is successful) =20 =20 =20 I get an error, you can see in the debug logs: ---------------------------------------------------- netsnmp_sockaddr_in: addr 0xbfe7c040, peername "localhost:6666" netsnmp_sockaddr_in: port number suffix :6666 netsnmp_sockaddr_in: hostname (resolved okay) netsnmp_sockaddr_in: return { AF_INET, 127.0.0.1:6666 } target_sessions: to: UDP: [135.64.102.136]:162 target_sessions: timeout: 1500 -> 1500000 target_sessions: setting SNMP_FLAG_DONT_PROB for snmp_add, and EIDusm: match on user usr1 target_sessions: looking for: trap target_sessions: for: 0=3Dtrap target_sessions: looking for: inform target_sessions: for: 0=3Dinform target_sessions: found one: inform netsnmp_udp: open remote UDP: [135.64.102.136]:162:41472 netsnmp_sockaddr_in: addr 0xbfe7c040, peername "localhost:6666" netsnmp_sockaddr_in: port number suffix :6666 netsnmp_sockaddr_in: hostname (resolved okay) netsnmp_sockaddr_in: return { AF_INET, 127.0.0.1:6666 } target_sessions: to: UDP: [135.64.102.136]:162 target_sessions: timeout: 1500 -> 1500000 target_sessions: setting SNMP_FLAG_DONT_PROB for snmp_add, and EIDusm: match on user usr1 trap: sending trap type=3D166, version=3D3 usm: USM processing has begun (offset 97) usm: getting user usr1 usm: match on user usr1 usm: USM processing completed. netsnmp_udp: send 165 bytes from 0x8f52d83 to UDP: [135.64.102.136]:162 on fd 7 netsnmp_udp: sendto error, rc -1 (errno 22) snmpd: send_trap: Failure in sendto (Invalid argument) target_sessions: looking for: trap target_sessions: for: 0=3Dtrap =20 Erez Makavy Software Engineer AVAYA Communication, ITC Mail : <mailto:makavy@avaya.com <mailto:makavy@avaya.com> > Tel:+972-3-6457562 =20 _____ =20 From: Makavy, Erez (Erez)=20 Sent: Tuesday, May 08, 2007 3:45 PM To: net-snmp-coders@lists.sourceforge.net Subject: Sending Informs with fixed source ports Hi, =20 The initial Problem: ----------------------------- Inform ACKs are block by my Firewall. =20 Net-SNMP sends out an Infrom : [port X] --> [port 162] Std. Infrom receiver replies: [port Y] --> [port X] =20 * X,Y are random ports. =20 Solution concept: -------------------------- AMke net-snmp send the Informs from fixed source-ports. So that we can allow the predefined UDP ports in the Firewall =20 =20 Implementation outline: ------------------------------------ 1) I'm using the snmpNotifyMIB and snmpTargetMIB for sending traps. =20 2) Becasue net-snmp maintains an open session for each Infrom receiver, and each such session binds to a certain port to be re-used for sending out Informs, it seems that I need a different port for each Inform receiver. (In my case I limit the receivers' number to 3, so I'll predefine 3 ports.) =20 3) I thought that in get_target_sessions() (target.c), I can set the [localname , local_port] in the netsnmp_session structure of each receiver, when the session is created. =20 It doesn't seem to be working very neatly. I'm working on it. =20 =20 Quesitons: ---------------- 1) Does this make sence? 2) Can all Infrom-receivers be using the same session? (So I can use only 1 port) =20 P.S: I also would like to disable the engineID Probe which is not really needed since we can take the engineID from the USM table of the appropriate user. Any ideas about that? (I thought I can access the USM table also in the get_target_sessions() and set the appropriate securityEndingID. =20 Thanks, Erez. =20 ------_=_NextPart_001_01C79179.DE5EAF14 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"> <META content=3D"MSHTML 6.00.2900.2963" name=3DGENERATOR></HEAD> <BODY> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>I=20 tried adding this line to = target.c:get_target_sessoin():</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007></SPAN></FONT> </DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007><EM>netsnmp_ds_set_string(NETSNMP_DS_LIBR ARY_I= D,=20 NETSNMP_DS_LIB_CLIENT_ADDR, "localhost:6666");</EM></SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007></SPAN></FONT> </DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>So the=20 new code looks like this:</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>Line</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>------</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007></SPAN></FONT> </DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>155=20 netsnmp_transport *t =3D NULL;</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>156</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>157=20 <EM>netsnmp_ds_set_string(NETSNMP_DS_LIBRARY_ID,=2 0 NETSNMP_DS_LIB_CLIENT_ADDR, = "localhost:6666");<BR></EM>158</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>159=20 t =3D=20 netsnmp_tdomain_transport_oid(targaddrs-></SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>   ;&nbs= p; =20 ......<BR></SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>(I=20 also disabled engineID probe, and set the remote engineID=20 manually.</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007> as you can see the USM processing is=20 successful)</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007></SPAN></FONT> </DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007> </DIV></SPAN></FONT> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007></SPAN></FONT> </DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN = class=3D640075913-08052007>I get=20 an error, you can see in the debug logs:</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>----------------------------------------------= ------</SPAN></FONT></DIV> <DIV><FONT face=3DArial color=3D#008000 size=3D2><SPAN=20 class=3D640075913-08052007>netsnmp_sockaddr_in: addr 0xbfe7c040, = peername=20 "localhost:6666"<BR>netsnmp_sockaddr_in: port number suffix=20 :6666<BR>netsnmp_sockaddr_in: hostname (resolved = okay)<BR>netsnmp_sockaddr_in:=20 return { AF_INET, 127.0.0.1:6666 }<BR>target_sessions: to: = UDP:=20 [135.64.102.136]:162<BR>target_sessions: timeout: 1500 ->=20 1500000<BR>target_sessions: setting SNMP_FLAG_DONT_PROB for snmp_add, = and=20 EIDusm: match on user usr1<BR>target_sessions: looking for:=20 trap<BR>target_sessions: for: 0=3Dtrap<BR>target_sessions: looking = for:=20 inform<BR>target_sessions: for: 0=3Dinform<BR>target_sessions: = found one:=20 inform<BR>netsnmp_udp: open remote UDP:=20 [135.64.102.136]:162:41472<BR>netsnmp_sockaddr_in: addr 0xbfe7c040, = peername=20 "localhost:6666"<BR>netsnmp_sockaddr_in: port number suffix=20 :6666<BR>netsnmp_sockaddr_in: hostname (resolved = okay)<BR>netsnmp_sockaddr_in:=20 return { AF_INET, 127.0.0.1:6666 }<BR>target_sessions: to: = UDP:=20 [135.64.102.136]:162<BR>target_sessions: timeout: 1500 ->=20 1500000<BR>target_sessions: setting SNMP_FLAG_DONT_PROB for snmp_add, = and=20 EIDusm: match on user usr1<BR>trap: sending trap type=3D166, = version=3D3<BR>usm: USM=20 processing has begun (offset 97)<BR>usm: getting user usr1<BR>usm: match = on user=20 usr1<BR>usm: USM processing completed.<BR>netsnmp_udp: send 165 bytes = from=20 0x8f52d83 to UDP: [135.64.102.136]:162 on fd 7<BR>netsnmp_udp: sendto = error, rc=20 -1 (errno 22)<BR>snmpd: send_trap: Failure in sendto (Invalid=20 argument)<BR>target_sessions: looking for: = trap<BR>target_sessions: for:=20 0=3Dtrap<BR></DIV></SPAN></FONT> <DIV><FONT face=3DArial color=3D#008000 size=3D2></FONT> </DIV> <DIV dir=3Dltr align=3Dleft> <DIV class=3DMsoNormal dir=3Dltr align=3Dleft><FONT face=3DArial = size=3D1>Erez=20 Makavy</FONT></DIV> <DIV class=3DMsoNormal><FONT face=3DArial size=3D1>Software = Engineer</FONT></DIV> <DIV class=3DMsoNormal><FONT face=3DArial><FONT size=3D1><SPAN=20 style=3D"COLOR: red">AVAYA</SPAN> Communication, ITC</FONT></FONT></DIV> <DIV class=3DMsoNormal><FONT face=3DArial><FONT size=3D1>Mail : <U><SPAN = style=3D"FONT-SIZE: 10pt"><</SPAN></U></FONT></FONT><A=20 href=3D"mailto:makavy@avaya.com"><SPAN style=3D"FONT-SIZE: 10pt"><FONT = face=3DArial=20 size=3D1>mailto:makavy@avaya.com</FONT></SPAN></A><U><SPAN=20 style=3D"FONT-SIZE: 10pt"><FONT face=3DArial><FONT = size=3D1>><?xml:namespace prefix=20 =3D o ns =3D "urn:schemas-microsoft-com:office:office"=20 /><o:p></o:p></FONT></FONT></SPAN></U></DIV> <DIV class=3DMsoNormal><FONT face=3DArial><FONT size=3D1><SPAN=20 class=3DGramE>Tel:+</SPAN>972-3-6457562</FONT></FONT></DIV></DIV> <DIV> </DIV><BR> <DIV class=3DOutlookMessageHeader lang=3Den-us dir=3Dltr align=3Dleft> <HR tabIndex=3D-1> <FONT face=3DTahoma size=3D2><B>From:</B> Makavy, Erez (Erez) = <BR><B>Sent:</B>=20 Tuesday, May 08, 2007 3:45 PM<BR><B>To:</B>=20 net-snmp-coders@lists.sourceforge.net<BR><B>Subject:</B> Sending Informs = with=20 fixed source ports<BR></FONT><BR></DIV> <DIV></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>Hi,</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>The = initial=20 Problem:</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>-----------------------------</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>Inform = ACKs are=20 block by my Firewall.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2>Net-SNMP sends out=20 an Infrom : [port X] --> [port 162]</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>Std. = Infrom receiver=20 replies: [port Y] --> = [port=20 X]</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>* X,Y = are random=20 ports.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2>Solution=20 concept:</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>--------------------------</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>AMke = net-snmp=20 send the Informs from fixed source-ports.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>So = that we can allow=20 the predefined UDP ports in the Firewall</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2>Implementation =20 outline:</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>------------------------------------</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>1) I'm = using the=20 snmpNotifyMIB and snmpTargetMIB for sending traps.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>2) = Becasue net-snmp=20 maintains an open session for each Infrom receiver,</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2> =20 and each such session binds to a certain port to be re-used for sending = out=20 Informs,</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2> =20 it seems that I need a different port for each Inform=20 receiver.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2> =20 (In my case I limit the receivers' number to 3, so I'll predefine 3=20 ports.)</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>3) I = thought that in=20 get_target_sessions() (target.c),</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2> I=20 can set the [localname , local_port] in the netsnmp_session = structure of=20 each receiver,</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2> when=20 the session is created.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007> <FONT = face=3DArial=20 size=3D2>It doesn't seem to be working very neatly. I'm working on=20 it.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007></SPAN><SPAN=20 class=3D800402712-08052007></SPAN><SPAN = class=3D800402712-08052007></SPAN><SPAN=20 class=3D800402712-08052007><FONT face=3DArial = size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>Quesitons:</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>----------------</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>1) = Does this make=20 sence?</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>2) Can = all=20 Infrom-receivers be using the same session? (So I can use only 1=20 port)</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2>P.S:</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>I also = would like to=20 disable the engineID Probe which is not really needed since we can take = the=20 engineID from the USM table of the appropriate user.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial size=3D2>Any = ideas about=20 that? (I thought I can access the USM table also in the = get_target_sessions()=20 and set the appropriate securityEndingID.</FONT></SPAN></DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial=20 size=3D2></FONT></SPAN> </DIV> <DIV><SPAN class=3D800402712-08052007><FONT face=3DArial = size=3D2></FONT></SPAN><SPAN=20 class=3D800402712-08052007><FONT face=3DArial = size=3D2>Thanks,</FONT></SPAN></DIV> <DIV dir=3Dltr align=3Dleft> <DIV class=3DMsoNormal dir=3Dltr align=3Dleft><FONT face=3DArial = size=3D2><SPAN=20 class=3D800402712-08052007>Erez.</SPAN></FONT></DIV></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV></BODY></HTML> ------_=_NextPart_001_01C79179.DE5EAF14-- --===============1670616500== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ --===============1670616500== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders --===============1670616500==-- 
|
Linear Mode
