�� / �� "��, ��, ��"

�� Net-SNMP

Mark Silinio <silinio(at)mail.ru>
�� 21/04/05
��: silinio.webhost.ru

��

�� Net-SNMP Tutorial -- Commands �� Net-SNMP �� SNMP �� UNIX ��, �� Linux � *BSD.
� �� .

�� :

�� :

OID - Object IDentificator - ��
MIB - Management Information Base - ��
TRAP - Trap - �� (��. "��")
INFORM - Inform - ��
SMI - Structure of Management Information - ��
PDU - protocol data units - ��
community - Community name - ��

��:

snmptranslate: �� OID'�� MIB ��

�� snmptranslate �� MIB-��.
� �� , �� OID � �� : �� , �� -On ��, �� , �� , �� OID � �� , � �� -On �� (-O, �� Output): �� OID? �� -Of: �� , �� OID, �� .
�� , �� -IR (-I, �� Input) �� MIB-��: � �� -Ib �� MIB-�� : �� , �� -TB: �� MIB-�� -Td(description) ��: � ��, �� MIB-��, �� -Tp ��: �� snmptranslate -Tp �� -�� , �� ӣ MIB-�� .

snmpget: �� ̣��

�� snmpget �� , �� (host name), �� OID. ��: � ��ģ�� test.net-snmp.org - �� , �� SNMP ��(community string) demopublic � �� OID'� system.sysUpTime.0.
�� ucd-snmp �� SNMPv1 � community name �� . �� net-snmp �� -�� SNMPv3 � �� , �� community string � �� . SNMPv2, �� SNMPv1, �� , � �� community names � �� . �� , �� SNMPv2c, �� : �� (�� snmptranslate) �� OID'�� MIB ��, �� OID'�: �� snmpget OID'� �� . � ��ģ�� OID'� �� , � �� '0'(��). �� '.0' � �� OID'�, � �� ģ� ��. ��, �� SNMPv1 � SNMPv2c: �� OID'�� :

snmpgetnext: �� OID'�

�� snmpgetnext �� snmpget, � �� , �� OID � �� , �� MIB-�� , �� :

��, snmpgetnext �� OID'�� ԣ� �� OID'�:
�� snmpwalk, �� , �� !
� �� snmpget, snmpgetnext �� OID'�, �� (��. �� snmpget ��). � �� snmpgetnext �� , �.�. �� , �� :

snmpwalk: �� snmpnext ��

�� snmpwalk �� snmpnext �� OID'�� . � ��, �� , �� MIB �� system, �� :

snmptable: �� SNMP-��

�� snmptable �� SNMP �� . �� sysORTable. � �� snmpwalk, �� , snmptable �� (��, �� , �� ):

�� :

snmpset: �� OID'��

�� snmpset �� ̣�� /��. �� , �� , �� OID, �� .
�� snmpset, �� -h:
�� , � �� OID'�, �� snmpget � snmpset:

�� , �� OID'� ucdDemoPublicString.0.
��, �� , �� (��) ��, �� SNMPv1 � SNMPv2c:

� SNMPv1 �� , �� SNMPv2c. �� SNMPv2c �� SNMPv1, �� ݣ �� SNMPv3 �� , �� ,- SNMPv3 �� .

snmptrap: �� TRAP'��, ��

TRAP'�(��) �� -�� .
�� TRAP'�� MIB-��, �� snmptrap, � ��ɣ� �� snmptrapd.
��: �� , �� OID'� �� ::��, �� ģ�� , � �� snmptrapd �� -OS.
�� TRAP'��.
TRAP'� SNMPv1 � SNMPv2(INFORM'�) �� .
TRAP'� SNMPv1 �� MIB �� TRAP-TYPE, �� :

TRAP-TEST-MIB DEFINITIONS ::= BEGIN
	IMPORTS ucdExperimental FROM UCD-SNMP-MIB;
	 
	demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 }

	demo-trap TRAP-TYPE
		STATUS current
		ENTERPRISE demotraps
		VARIABLES { sysLocation }
		DESCRIPTION "This is just a demo"
		::= 17

	END

�� enterprice-�� TRAP, �� :

�� ţ �� snmptrapd �� :

1999-11-12 23:26:07 localhost [127.0.0.1] TRAP-TEST-MIB::demotraps: 
        Enterprise Specific Trap (demo-trap) Uptime: 1 day, 5:34:06 
	SNMPv2-MIB::sysLocation.0 = "Just here"

�� INFORM'�� SNMPv2 �� TRAP'�� SNMPv1 � �� :

NOTIFICATION-TEST-MIB DEFINITIONS ::= BEGIN
        IMPORTS ucdavis FROM UCD-SNMP-MIB;

demonotifs OBJECT IDENTIFIER ::= { ucdavis 991 }

demo-notif NOTIFICATION-TYPE
STATUS current
        OBJECTS { sysLocation }
	DESCRIPTION "Just a test notification"
        ::= { demonotifs 17 }

END

�� TRAP'� SNMPv1 �� . �� INFORM'� SNMPv2:

� �� - �� snmptrapd �� INFORM'�:

1999-11-13 08:31:33 localhost [127.0.0.1]:
        SNMPv2-MIB::sysUpTime.0 = Timeticks: (13917129) 1 day, 14:39:31.29
        SNMPv2-MIB::snmpTrapOID.0 = OID: NOTIFICATION-TEST-MIB::demo-notif
        SNMPv2-MIB::sysLocation.0 = "just here"

�� ɣ�� TRAP'�� INFORM'��.
�� snmptrapd �� -��. �� traphandle, �� :

traphandle OID �������

��, �� , �� TRAP(�� INFORM) �� , �� OID. �� SNMPv1 � �� SNMPv2, �� RFC 2089. �� OID �� TRAP �� ԣ� �� ENTERPRICE �� -�� 0 � 17. �� OID'� �� SNMPv1 TRAP'�� SNMPv2.
�� , �� TRAP �� snmptrapd. �� TRAP �� . �� - �� , �� - IP-�� TRAP, � �� OID �� TRAP.
�� shell-��, �� snmptrapd:

#!/bin/sh

read host
read ip
vars=

while read oid val
do
  if [ "$vars" = "" ]
  then
    vars="$oid = $val"
  else
    vars="$vars, $oid = $val"
  fi
done

echo trap: $1 $host $ip $vars

�� snmptrapd.conf ��:

# the generic traps
traphandle SNMPv2-MIB::coldStart    /home/nba/bin/traps cold
traphandle SNMPv2-MIB::warmStart    /home/nba/bin/traps warm
traphandle IF-MIB::linkDown         /home/nba/bin/traps down
traphandle IF-MIB::linkUp           /home/nba/bin/traps up
traphandle SNMPv2-MIB::authenticationFailure /home/nba/bin/traps auth
# this one is deprecated
traphandle .1.3.6.1.6.3.1.1.5.6     /home/nba/bin/traps egp-neighbor-loss

# enterprise specific traps
traphandle TRAP-TEST-MIB::demo-trap /home/nba/bin/traps demo-trap
traphandle NOTIFICATION-TEST-MIB::demo-notif /home/nba/bin/traps demo-notif

� �� snmptrap:

�� snmptrapd:

1999-11-13 12:46:49 localhost [127.0.0.1]  TRAP-TEST-MIB::traps:
        Link Down Trap (0) Uptime: 1 day, 18:54:46.27
	IF-MIB::ifIndex.0 = 1

� �� handler-��:

�� enterprice specific TRAP'� �� handler-��:

� �� - �� enterprice specific INFORM:

�� TRAP'�� 
�� TRAP'�. �� TRAP SNMPv2-MIB::coldStart, � �� UCD-SNMP-MIB::ucdShutDown
�� TRAP'� �� , ��̣�� snmpd.conf �� trapsink � trap2sink (�� SNMPv1 � SNMPv2 ��)

# send v1 traps
trapsink	nms.system.com	public
# also send v2 traps
trap2sink	nms.system.com	secret
# send traps on authentication failures
authtrapenable	1

�� TRAP'� � �� , �� authtrapenable �� snmpd.conf, �� ԣ� �� SNMPv2-MIB::snmpEnableAuthenTraps:

�� ɣ� TRAP'�� INFORM'�� SNMPv3

�� TRAP'�� INFORM'��: TRAP - �� SNMP ��, �� (�� ̣�� ). �� . �� TRAP'�� , �� TRAP �� ̣�� . SNMPv2 PDU �� , �� INFORM, �� TRAP, �� . �� , �� ̣�� INFORM, �� . �� , �� . � �� snmptrap �� TRAP'��, �� INFROM'��, � �� -Ci(�� snmpinform). �� , �� INFORM'�� SNMPv2c �� SNMPv3. �� snmptrapd �� INFORM'�, �� TRAP'�.
��: �� , �� snmptrapd �� TRAP'� � INFORM'� SNMPv3, �� ̣�� , �� , �� createUser, �� . �� snmptrapd � �� -Dusm, �� "no such user". SNMPv3, �� engineID'�

TRAP'� � INFORM'� �� SNMPv3 �� . �� SNMPv1 � SNMPv2c, �� community-��, �� . SNMPv3 �� , �� SNMPv3. �ӣ ��, �� ? �� : �� SNMPv3 �� (�� "securityName") � �� SNMP ��, � �� (��ף�� "engineID"). �� Net-SNMP(snmpget, snmpwalk � ��.), �� engineID � �� , engineID � �� engineID ��̣�� . ��
SNMPv3 INFORM'�

INFORM'� �� . �� INFORM'a �� ̣�� engineID, �� ̣�� securityName. �� snmptrap(� �� ) �� ̣�� engineID � �� (securityName). ��, �ӣ, �� , �� snmptrapd(��, �� TRAP'�� INFORM'��) �� ޣ�� :

�� ݣ�� snmptrapd
�� /var/net-snmp/snmptrapd.conf �� :
```
  createUser myuser MD5 mypassword DES myotherpassword
```
�� myuser �� securityName, mypassword - �� , � myotherpassword - �� (�� , �� )
�� snmptrapd

�� snmpinform �� snmptrapd INFORM'� coldStart:

�� ӣ ��, �� snmptrapd:

2001-10-31 11:21:05 localhost.localdomain [127.0.0.1]:
        sysUpTimeInstance = Timeticks: (42) 0:00:00.42  snmpTrapOID.0 = OID: coldStart.0

TRAP'� SNMPv3
�� TRAP'�� SNMPv3 �� , �� , �� . �� TRAP'�� SNMPv3 � �� engineID �� , �� TRAP �� engineID ��̣�� . �� , �� ̣�� ,- �� engineID, � �� TRAP'�. �� 100 SNMP �� TRAP'� SNMPv3 �� TRAP-��ɣ��, �� 100 �� createUser � �� /var/net-snmp/snmptrapd.conf.
��, �� :

�� snmptrapd
�� /var/net-snmp/snmptrapd.conf �� :
```
 createUser -e 0x0102030405 myuser MD5 mypassword DES myotherpassword
```
��, �� engineID �� 0x0102030405(�� , �� )
(��)�� snmptrapd.

�� snmptrap coldStart v3 TRAP �� TRAP-��:

�� .
�� v3 engineID, INFORM'�, TRAP'�, �� engineID, �� , ��, �� . �ӣ �� 18223 �� RFC 2570-2575, �� ...

�� MIB-��

�� Net-SNMP �� OID'�� -�� MIB'��. � �� ģ� �� MIB'��, �� .
�� Net-SNMP �� MIB'� ��-�� :

$HOME/.snmp/mibs
/usr/local/share/snmp/mibs

� ��, � �� MIB, �� CISCO-RHINO-MIB (�� ). �� MIB � �� . �� MIB �� -�� (�� RFC ��), ��, �� , �� MIB(�� , �� ). �� "CISCO-RHINO-MIB DEFINITIONS ::= BEGIN"
�� CISCO-RHINO-MIB, �� cicsoLS1010ChassisFanLed.
��, �� snmptranslate �� :

��, �� . �� CISCO-RHINO-MIB.mib � �� , �� Net-SNMP. �� $HOME/.snmp/mibs.
�� -m �� snmptranslate �� MIB'�. �� "-m +CISCO-RHINO-MIB �� MIB'��, �� -��, �� CISCO-RHINO-MIB(�� '+' �� "��").

��... �� , �� CISCO-SMI MIB. �� $HOME/.snmp/mibs. �� :

��!
�ݣ �� : �� (�� Net-SNMP):

�� , �� , �� MIB'� �� Net-SNMP �� . �� .
�� Ethereal: �� Ethereal, �.�. �� MIB'� �� -m � -M, �� .
� �� snmp.conf. �� ݣ� �� Net-SNMP(��. /usr/local/share/snmp.conf), �� ($HOME/.snmp/snmp.conf):

mibs +CISCO-RHINO-MIB
mibs +SOME-OTHER-SPIFFY-MIB

�� MIB'�� MIBS(�� /bin/sh):

�� SNMPv3

3-� �� SNMP �� . ��, SNMPv1 � SNMPv2c �� community-�� . �� , �.�. �� .
SNMPv3 �� :

USM - User-based Security Module, �� . USM �� RFC 2574.
VACM - Version-based Access Control Module, �� (�� SNMPv1/v2c communities), � �.�. �� ̣�� MIB-��. VACM �� RFC 2575.

�� Net-SNMP �� (set) �� ̣�� .
�� :

�� .
- �� (securityName), �� (authProtocol), �� privacy(privProtocol), � �� (authKey) � privacy(privKey).
- �� ԣ� �� authKey. authProtocol �� MD5 �� SHA, �� authKeys � privKeys �� 8-��
- �� privKey �� . privProtocol �� AES �� DES.
�� , ��, �� securityLevel.
�� , �� . �� ~/.snmp/snmp.conf, �� .

��	��	�� `snmp.conf`
securityName	-u NAME	defSecurityName NAME
authProtocol	-a (MD5\|SHA)	defAuthType (MD5\|SHA)
privProtocol	-x (AES\|DES)	defPrivType DES
authKey	-A PASSPHRASE	defAuthPassphrase PASSPHRASE
privKey	-X PASSPHRASE	defPrivPassphrase PASSPHRASE
securityLevel	-l (noAuthNoPriv\|authNoPriv\|authPriv)	defSecurityLevel (noAuthNoPriv\|authNoPriv\|authPriv)
context	-n CONTEXTNAME	defContext CONTEXTNAME

��
�� (�� , �� ):

�� :

� ��, �� :

�� .�. �� . �� . ��, �� , �� ֣�� authNoPriv �� VACM �� . � � ��, �� snmp.conf �� :


defContext none
defSecurityName MD5User
defAuthPassphrase The Net-SNMP Demo Password
defVersion 3
defAuthType MD5
defSecurityLevel authNoPriv

�� , �� , �� :

� �ݣ ��:

��:

��

�� Net-SNMP, �� snmptrapd � snmpd, �� .
�� "-h". � �� -O, �� Net-SNMP, �� :

�� :

-On
�� OID'� � �� :

-Oe
�� , �� (�� ) �� :

-Ob
�� SNMP �� . �� OID �� SNMP ��. �� . �� OID usmUserEntry:

�� , usmUserEntry �� : usmUserEngineID � usmUserName. �� Net-SNMP �� , �� : �� OID'�: �� - ".........", �� - "MD5User". �� engineID, �� (�� ), �� - �� , �� . �� , �� : �� , OID'� - �� , �� ӣ �� .
�� Net-SNMP �� , �� :
-OX
�� . �� , �� .
��, �� MIB'�� IPv6, �� , �� , �� .
�� IPV6-MIB:ipv6RouteTable: ��: � �� IPv6 �� (integer) ��. �� : ��, �� . �� : �� . �� , � �� DISPLAY-HINT � �� .

-Os, -OS, � -Of
�� OID'�� -Os � -OS (-OS �� MIB'� �� OID'��): �� , �� OID'�.
�� -Of, ��, �� OID:
-Ov
�� -Ov �� , �� :
-Oq
�� -Oq �� (q - quick) ��, �� Net-SNMP � �� : ��, �� "OID:" ��.
��, �� : �� shell-�� -Oqv. �� Σ� �� , �� :

��

Q: �� snmpget, snmpgetnext �� snmpwalk, �� "stack smashing attack in function netsnmp_udp_transport()".

A: �� Net-SNMP �� StackProtector. � Gentoo Linux �� GCC-�� hardenednossp, �� : # gcc-config i686-pc-linux-gnu-3.4.5-hardenednossp � �� Net-SNMP �� # emerge net-snmp.

Q: �� , �� TRAP'� �� Jabber'�?

A: �� . � �� sendxmpp �� "��"