snmp - 如何在C中使用net-snmp发送snmptrap？

Question

我正在为嵌入式设备开发应用程序。我想在某些情况发生时发送陷阱。我找到了一些例子，但对我并没有真正的帮助。 net-snmp 中有一个名为 send_v2trap() 的函数。有人能帮我吗？ snmpd.conf和snmptrapd.conf需要做什么吗？

Answer 1

我们将尝试做一些可能更接近实际需要的事情:当您的 OID 被触及时发送陷阱/通知

让我们举个例子...net-snmp-5.7.x/agent/mibgroup/examples/watched.c

我们改变:

reginfo = netsnmp_create_handler_registration("my example string", NULL,

由

reginfo = netsnmp_create_handler_registration("my example string", handler_for_changes,

handler_for_changes(...)的定义是

int handler_for_changes (   netsnmp_mib_handler * p_handler,
                            netsnmp_handler_registration * p_reginfo,
                            netsnmp_agent_request_info * p_requestinfo,
                            netsnmp_request_info * p_requests)
{
    u_char * data_ptr = NULL;

    switch ( p_requestinfo->mode )
    {
        case MODE_SET_COMMIT: 
        {
            switch ( p_requests->requestvb->type )
            {
                case ASN_INTEGER:
                //...
                {
                    data_ptr = (u_char*)p_requests->requestvb->val.integer;
                }
                break;
                case ASN_OCTET_STR:
                //...
                {
                    data_ptr = (u_char*)p_requests->requestvb->val.string;
                }
                break;
            }
            break;
        }

        default:
            break;
    }

    if (  data_ptr )
    {

    //This is likely not the place to do this but this is for example

    netsnmp_variable_list * notification_vars =  NULL;
    static const oid objid_snmptrap[] = {1,3,6,1,6,3,1,1,4,1,0};

    //you will need your own notif OID defined in your own MIB
    static const oid notification_oid[] = {1,3,6,1,4,1,8072,2,3,0,1};
    snmp_varlist_add_variable ( &notification_vars,
                                objid_snmptrap, OID_LENGTH(objid_snmptrap),
                                ASN_OBJECT_ID,
                                (u_char *) notification_oid,
                                OID_LENGTH(notification_oid) * sizeof(oid));

    //the data that changed
    snmp_varlist_add_variable ( &notification_vars,
                                p_reginfo->rootoid,p_reginfo->rootoid_len,
                                p_requests->requestvb->type,
                                data_ptr, p_requests->requestvb->val_len);

    //send the trap is now one line ( + void return )
    send_v2trap(notification_vars);

    snmp_free_varbind(notification_vars);

    }

    return SNMPERR_SUCCESS;
}

net-snmp-config 实用程序可让我们编译代理(请参阅 Net-SNMP 教程)

[nils@localhost trapMCVE]$ net-snmp-config --compile-subagent mysubagent --norm watched.c

generating the temporary code file: netsnmptmp.24494.c
void init_watched(void);
checking for init_watched in watched.c
void init_watched_string(void);
void init_watched(void)
init_watched_string();
void init_watched_string(void)
checking for shutdown_watched in watched.c
running: gcc  -fno-strict-aliasing -g -O2 -Ulinux -Dlinux=linux  -I. -I/usr/local/include -o mysubagent netsnmptmp.24494.c  watched.c  -L/usr/local/lib -lnetsnmpmibs -lnetsnmpagent -lnetsnmp -lnetsnmpmibs -ldl  -lnetsnmpagent   -lnetsnmp  
leaving the temporary code file: netsnmptmp.24494.c
subagent program mysubagent created

然后我们可以使用其本地conf文件启动我们的SNMP守护进程

#likely not a best practise but for example only
rwcommunity public localhost
#inform Request
#informsink localhost:16200
trapsess -Ci -v 2c -c private localhost:16200

我们启动它，以便它监听本地主机和端口 1161 上传入的 SNMP 请求(随机选择，以便 > 1024 且无特权)。陷阱将发送到端口 16200 上的本地主机(随机...)

[nils@localhost trapMCVE]$ snmpd -f -Lo -C -c local_snmpd.conf --master=agentx --agentXSocket=tcp:localhost:1705 udp:localhost:1161

我们启动我们的子代理，它通过端口 1705 上的 tcp 套接字与 SNMP 守护程序进行通信(随机...)

./mysubagent -f -Lo -x tcp:localhost:1705

此时，我们还可以为 SNMP TRAP 守护进程定义本地配置文件

#likely not a best practise but for example only
authCommunity log,execute,net private

我们开始它:

snmptrapd -f -Lo -C -c local_snmptrapd.conf localhost:16200

因此，返回测试我们的子代理，我们可以尝试 snmpget

[nils@localhost trapMCVE]$ snmpget -v 2c -c public localhost:1161 NET-SNMP-EXAMPLES-MIB::netSnmpExampleString.0
NET-SNMP-EXAMPLES-MIB::netSnmpExampleString.0 = STRING: So long, and thanks for all the fish!

现在我们想要修改这个字符串并查看是否生成了陷阱/通知。所以我们做了一个snmpset

[nils@localhost trapMCVE]$ snmpset -v 2c -c public localhost:1161 NET-SNMP-EXAMPLES-MIB::netSnmpExampleString.0 s "Hello world: 42"
NET-SNMP-EXAMPLES-MIB::netSnmpExampleString.0 = STRING: Hello world: 42

并且在 snmptrapd 过程中创造了奇迹

2019-02-16 01:49:10 localhost [UDP: [127.0.0.1]:45864->[127.0.0.1]:16200]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (54342) 0:09:03.42 SNMPv2- 
MIB::snmpTrapOID.0 = OID: NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification     
NET-SNMP-EXAMPLES-MIB::netSnmpExampleString.0 = STRING: Hello world: 42

瞧!

吐槽结束...

希望对你有帮助