def __init__(self, host, port):
# Create SNMP engine instance
self.snmpEngine = engine.SnmpEngine()
# user: usr-sha-aes, auth: SHA, priv AES
config.addV3User(
self.snmpEngine,
"usr-sha-aes128",
config.usmHMACSHAAuthProtocol,
"authkey1",
config.usmAesCfb128Protocol,
"privkey1",
)
config.addTargetParams(self.snmpEngine, "my-creds", "usr-sha-aes128",
"authPriv")
# Setup transport endpoint and bind it with security settings yielding
# a target name (choose one entry depending of the transport needed).
# UDP/IPv4
config.addSocketTransport(self.snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(self.snmpEngine, "my-router", udp.domainName,
(host, port), "my-creds")
def _setup(self, agent, context, host, port):
# TODO support changes to context etc and make a new connection???
if self.snmpEngine is None:
self.snmpEngine = engine.SnmpEngine()
else:
return # already setup
if isinstance(agent, UsmUserData):
config.addV3User(self.snmpEngine, agent.securityName,
agent.authProtocol, agent.authKey,
agent.privProtocol, agent.privKey)
config.addTargetParams(self.snmpEngine, 'myParams',
agent.securityName, agent.securityLevel)
else:
config.addV1System(self.snmpEngine, agent, context)
config.addTargetParams(self.snmpEngine, 'myParams', agent,
'noAuthNoPriv', 1)
config.addTargetAddr(self.snmpEngine,
'myRouter',
config.snmpUDPDomain, (host, port),
'myParams',
timeout=900)
config.addSocketTransport(self.snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
def __init__(self, client_config=None):
if not client_config:
client_config = conpot_config
# Create SNMP engine instance
self.snmpEngine = engine.SnmpEngine()
# user: usr-sha-aes, auth: SHA, priv AES
config.addV3User(
self.snmpEngine, 'usr-sha-aes128',
config.usmHMACSHAAuthProtocol, 'authkey1',
config.usmAesCfb128Protocol, 'privkey1'
)
config.addTargetParams(self.snmpEngine, 'my-creds', 'usr-sha-aes128', 'authPriv')
# Setup transport endpoint and bind it with security settings yielding
# a target name (choose one entry depending of the transport needed).
# UDP/IPv4
config.addSocketTransport(
self.snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
self.snmpEngine, 'my-router',
udp.domainName, (client_config.snmp_host, client_config.snmp_port),
'my-creds'
)
def addNode(self, identifier, address): if identifier in self.identifiers: return false newnode = Node(self, identifier, address) self.append(newnode) self.identifiers[identifier] = newnode config.addTargetAddr(self.snmpEngine, identifier, config.snmpUDPDomain, (address, 161), 'myParams', timeout=5) newnode.reindex()
def test2():
from pysnmp.v4.proto.rfc1902 import ObjectName
from pysnmp.entity import engine, config
from pysnmp.carrier.asynsock.dgram import udp
from pysnmp.entity.rfc3413 import cmdgen
sysName = ObjectName("1.3.6.1.2.1.1.5.0")
ip = "192.168.1.9"
snmp_engine = engine.SnmpEngine()
config.addV1System(snmp_engine, 'test-agent', "public")
config.addTargetParams(snmp_engine, 'myParams', 'test-agent', 'noAuthNoPriv', 0)
config.addTargetAddr(
snmp_engine, 'myRouter', config.snmpUDPDomain,
(ip, 161), 'myParams'
)
config.addSocketTransport(
snmp_engine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
cb = {}
def cbFun(sendRequestHandle, errorIndication, errorStatus, errorIndex,
varBinds, cbCtx):
cbCtx['errorIndication'] = errorIndication
cbCtx['errorStatus'] = errorStatus
cbCtx['errorIndex'] = errorIndex
cbCtx['varBinds'] = varBinds
cmdgen.GetCommandGenerator().sendReq(snmp_engine, 'myRouter', ((sysName, None),), cbFun, cb)
lastmemusage = 0
lastrefs = None
errors = 0
while (errors < 2):
snmp_engine.transportDispatcher.runDispatcher()
print cb['varBinds'][0][1]
snmp_engine.transportDispatcher.closeDispatcher()
#asynCommandGenerator.flushConfig()
newmemusage = resource.getrusage(resource.RUSAGE_SELF)[2]
memdiff = (newmemusage - lastmemusage)
newrefs = get_refcounts()
if memdiff > 0:
print "Leaked %d Kb... printing refcount diff" % memdiff
if lastrefs == None:
print "No previous refcount, skipping"
else:
print_ref_diffs(lastrefs, newrefs)
errors = errors + 1
gc.collect()
lastrefs = newrefs
lastmemusage = newmemusage
#print resource.getrusage(resource.RUSAGE_SELF)[3]
time.sleep(1)
def cfgCmdGen(self, authData, transportTarget, tagList=''):
if self.__knownAuths.has_key(authData):
paramsName = self.__knownAuths[authData]
else:
paramsName = 'p%s' % nextID()
if isinstance(authData, CommunityData):
config.addV1System(
self.snmpEngine,
authData.securityName,
authData.communityName
)
config.addTargetParams(
self.snmpEngine, paramsName,
authData.securityName, authData.securityLevel,
authData.mpModel
)
elif isinstance(authData, UsmUserData):
config.addV3User(
self.snmpEngine,
authData.securityName,
authData.authProtocol, authData.authKey,
authData.privProtocol, authData.privKey
)
config.addTargetParams(
self.snmpEngine, paramsName,
authData.securityName, authData.securityLevel
)
else:
raise error.PySnmpError('Unsupported SNMP version')
self.__knownAuths[authData] = paramsName
if not self.__knownTransports.has_key(transportTarget.transportDomain):
transport = transportTarget.openClientMode()
config.addSocketTransport(
self.snmpEngine,
transportTarget.transportDomain,
transport
)
self.__knownTransports[transportTarget.transportDomain] = transport
k = transportTarget, tagList
if self.__knownTransportAddrs.has_key(k):
addrName = self.__knownTransportAddrs[k]
else:
addrName = 'a%s' % nextID()
config.addTargetAddr(
self.snmpEngine, addrName,
transportTarget.transportDomain,
transportTarget.transportAddr,
paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
tagList
)
self.__knownTransportAddrs[k] = addrName
return addrName, paramsName
def add_udp_endpoint(
self,
snmp_engine,
snmp_timeout=SNMP_TIMEOUT,
snmp_retry_count=SNMP_RETRIES_COUNT,
):
if self._snmp_parameters.ip:
try:
agent_udp_endpoint = socket.getaddrinfo(
self._snmp_parameters.ip,
self._snmp_parameters.port,
socket.AF_INET,
socket.SOCK_DGRAM,
socket.IPPROTO_UDP,
)[0][4][:2]
except socket.gaierror:
raise InitializeSNMPException(
"Failed to validate {} hostname".format(
self._snmp_parameters.ip),
self._logger,
)
else:
raise InitializeSNMPException(
"Failed to validate {} hostname".format(
self._snmp_parameters.ip),
self._logger,
)
ip = ip_address(u"{}".format(self._snmp_parameters.ip))
if isinstance(ip, IPv6Address):
config.addSocketTransport(
snmp_engine,
udp6.domainName,
udp6.Udp6SocketTransport().openClientMode(),
)
config.addTargetAddr(
snmp_engine,
"tgt",
udp6.domainName,
agent_udp_endpoint,
"pms",
snmp_timeout,
snmp_retry_count,
)
else:
config.addSocketTransport(
snmp_engine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(
snmp_engine,
"tgt",
udp.domainName,
agent_udp_endpoint,
"pms",
snmp_timeout,
snmp_retry_count,
)
def __init__(self, host, port, community):
self.snmp = engine.SnmpEngine()
self.snmp.registerTransportDispatcher(dispatch.TwistedDispatcher())
config.addV1System(self.snmp, 'my-area', community)
config.addTargetParams(self.snmp, 'my-creds', 'my-area',
'noAuthNoPriv', 0)
config.addSocketTransport(self.snmp, udp.domainName,
udp.UdpTwistedTransport().openClientMode())
config.addTargetAddr(self.snmp, 'my-router', udp.domainName,
(host, port), 'my-creds')
def _targetName(self, engine, ip, port, paramName):
"""Get/create a target name for given target for given connection name"""
key = (ip, port, paramName)
targetName = self._targetCache.get(key)
if targetName is None:
nameID = self._newTargetName()
targetName = 'target-%s' % (nameID, )
config.addTargetAddr(engine, targetName, config.snmpUDPDomain,
(ip, port), paramName)
self._targetCache[key] = targetName
return targetName
def __init__(self, host, port, community):
self.snmp = engine.SnmpEngine()
self.snmp.registerTransportDispatcher(dispatch.TwistedDispatcher())
config.addV1System(self.snmp, 'my-area', community)
config.addTargetParams(self.snmp,
'my-creds', 'my-area', 'noAuthNoPriv', 0)
config.addSocketTransport(self.snmp,
udp.domainName, udp.UdpTwistedTransport().openClientMode()
)
config.addTargetAddr(self.snmp, 'my-router', udp.domainName,
(host, port), 'my-creds')
def addNode(self, identifier, address):
if identifier in self.identifiers:
return false
newnode = Node(self, identifier, address)
self.append(newnode)
self.identifiers[identifier] = newnode
config.addTargetAddr(self.snmpEngine,
identifier,
config.snmpUDPDomain, (address, 161),
'myParams',
timeout=5)
newnode.reindex()
def _targetName( self, engine, ip, port, paramName ): """Get/create a target name for given target for given connection name""" key = (ip,port,paramName) targetName = self._targetCache.get( key ) if targetName is None: nameID = self._newTargetName() targetName = 'target-%s'%(nameID,) config.addTargetAddr( engine, targetName, config.snmpUDPDomain, (ip, port), paramName ) self._targetCache[ key ] = targetName return targetName
def cfgCmdGen(self, authData, transportTarget):
if authData not in self.__knownAuths:
if isinstance(authData, CommunityData):
config.addV1System(self.snmpEngine, authData.securityName,
authData.communityName,
authData.contextEngineId,
authData.contextName, authData.tag)
elif isinstance(authData, UsmUserData):
config.addV3User(self.snmpEngine, authData.securityName,
authData.authProtocol, authData.authKey,
authData.privProtocol, authData.privKey,
authData.contextEngineId)
else:
raise error.PySnmpError('Unsupported authentication object')
self.__knownAuths[authData] = 1
k = authData.securityName, authData.securityLevel, authData.mpModel
if k in self.__knownParams:
paramsName = self.__knownParams[k]
else:
paramsName = 'p%s' % nextID()
config.addTargetParams(self.snmpEngine, paramsName,
authData.securityName,
authData.securityLevel, authData.mpModel)
self.__knownParams[k] = paramsName
if transportTarget.transportDomain not in self.__knownTransports:
transport = transportTarget.openClientMode()
config.addSocketTransport(self.snmpEngine,
transportTarget.transportDomain,
transport)
self.__knownTransports[transportTarget.transportDomain] = transport
k = paramsName, transportTarget, transportTarget.tagList
if k in self.__knownTransportAddrs:
addrName = self.__knownTransportAddrs[k]
else:
addrName = 'a%s' % nextID()
config.addTargetAddr(self.snmpEngine, addrName,
transportTarget.transportDomain,
transportTarget.transportAddr, paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
transportTarget.tagList)
self.__knownTransportAddrs[k] = addrName
return addrName, paramsName
def __init__(self, community, ip, version=1):
self.__community = community
self.__ip = ip
self.__version = version
self.__errorIndication = None
self.__errorStatus = None
self.__errorIndex = None
self.__varBinds = None
# self.__lock = threading.Lock()
self.__snmp_engine = engine.SnmpEngine()
config.addV1System(self.__snmp_engine, "test-agent", self.__community)
config.addTargetParams(self.__snmp_engine, "myParams", "test-agent", "noAuthNoPriv", self.__version)
config.addTargetAddr(self.__snmp_engine, "myRouter", config.snmpUDPDomain, (self.__ip, 161), "myParams")
config.addSocketTransport(self.__snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode())
def n_Agent_exit(self, cbCtx, node):
snmpEngine, ctx = cbCtx
ctx['addrName'] = '%s-name' % ctx['paramsName']
config.addTargetAddr(
snmpEngine,
ctx['addrName'],
ctx['transportDomain'],
ctx['addrRewriteFun'](*ctx['transportAddress']),
ctx['paramsName'],
# net-snmp defaults
ctx.get('timeout', 100),
ctx.get('retryCount', 5),
tagList=ctx.get('transportTag', ''))
config.addSocketTransport(snmpEngine, ctx['transportDomain'],
ctx['transportModule']().openClientMode())
def setTrapReceiver(self, host, community):
config.addV1System(self._snmpEngine, 'nms-area', community)
config.addVacmUser(self._snmpEngine, 2, 'nms-area', 'noAuthNoPriv',
notifySubTree=(1, 3, 6, 1, 4, 1))
config.addTargetParams(self._snmpEngine,
'nms-creds', 'nms-area', 'noAuthNoPriv', 1)
config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName,
(host, 162), 'nms-creds',
tagList='all-my-managers')
# set last parameter to 'notification' to have it send
# informs rather than unacknowledged traps
config.addNotificationTarget(
self._snmpEngine,
'test-notification', 'my-filter',
'all-my-managers', 'trap')
def setTrapReceiver(self, host, community):
config.addV1System(self._snmpEngine, 'nms-area', community)
config.addVacmUser(self._snmpEngine,
2,
'nms-area',
'noAuthNoPriv',
notifySubTree=(1, 3, 6, 1, 4, 1))
config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area',
'noAuthNoPriv', 1)
config.addTargetAddr(self._snmpEngine,
'my-nms',
udp.domainName, (host, 162),
'nms-creds',
tagList='all-my-managers')
config.addNotificationTarget(self._snmpEngine, 'test-notification',
'my-filter', 'all-my-managers', 'trap')
def setTrapReceiver(self, host, community):
"""Send traps to the host using community string community
"""
config.addV1System(self._snmpEngine, 'nms-area', community)
config.addVacmUser(self._snmpEngine, 2, 'nms-area', 'noAuthNoPriv',
notifySubTree=(1,3,6,1,4,1))
config.addTargetParams(self._snmpEngine,
'nms-creds', 'nms-area', 'noAuthNoPriv', 1)
config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName,
(host, 162), 'nms-creds',
tagList='all-my-managers')
#set last parameter to 'notification' to have it send
#informs rather than unacknowledged traps
config.addNotificationTarget(
self._snmpEngine, 'test-notification', 'my-filter',
'all-my-managers', 'trap')
def initTarget(host='127.0.0.1', port=162, community='LIC_OSS'):
#global snmpEngine, snmpContext, ntfOrg
# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', community)
# Specify security settings per SecurityName (SNMPv2c -> 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addSocketTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-nms',
udp.domainName, (host, port),
'my-creds',
tagList='all-my-managers'
)
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(
snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap'
)
# Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1,3,6))
# *** SNMP engine configuration is complete by this line ***
# Create default SNMP context where contextEngineId == SnmpEngineId
snmpContext = context.SnmpContext(snmpEngine)
# Create Notification Originator App instance.
ntfOrg = ntforg.NotificationOriginator(snmpContext)
return snmpEngine, ntfOrg
def __init__(self, community, ip, version=1):
self.__community = community
self.__ip = ip
self.__version = version
self.__errorIndication = None
self.__errorStatus = None
self.__errorIndex = None
self.__varBinds = None
#self.__lock = threading.Lock()
self.__snmp_engine = engine.SnmpEngine()
config.addV1System(self.__snmp_engine, 'test-agent', self.__community)
config.addTargetParams(self.__snmp_engine, 'myParams', 'test-agent',
'noAuthNoPriv', self.__version)
config.addTargetAddr(self.__snmp_engine, 'myRouter',
config.snmpUDPDomain, (self.__ip, 161),
'myParams')
config.addSocketTransport(self.__snmp_engine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
def setTrapTargetAddress(snmpEngine, security, transportDomain, transportAddress,
src=None, tag=''):
"""Configure SNMP notification target for SNMP security name.
Args:
snmpEngine (object): pysnmp `SnmpEngine` class instance
security (str): SNMP security name to associate SNMP notification target
address with.
transportDomain (tuple): SNMP transport domain instance to send
notifications by.
transportAddress (tuple): notification destination network address in `socket`
format (i.e. ('XXX.XXX.XXX.XXX', NNN)).
tag (str): Tags this target address. Tags can be used internally
by SNMP engine for looking up desired notification destination or SNMP
authentication information by transport address.
"""
config.addTargetAddr(
snmpEngine, _getTrapTargetName(security), transportDomain,
transportAddress, _getTrapCreds(security), tagList=tag,
sourceAddress=src)
def main(argv):
# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()
dispatcher = TornadoDispatcher()
snmpEngine.registerTransportDispatcher(dispatcher)
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', 'public')
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
# UDP/IPv4
config.addSocketTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine,
'my-router',
udp.domainName,
(argv[0], 161),
'my-creds',
timeout=3.0,
retryCount=1
)
cbCtx = dict(dispatcher=dispatcher)
cmdGen = cmdgen.GetCommandGenerator()
cmdGen.sendReq(
snmpEngine,
'my-router',
( ('1.3.6.1.2.1.1.1.0', None), ),
cbFun,
cbCtx
)
IOLoop.instance().start()
def init(self):
self._snmpEngine = engine.SnmpEngine()
# SecurityName <-> CommunityName mapping
config.addV1System(self._snmpEngine, 'my-area', self.community)
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(self._snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
#
# Setup transport endpoint and bind it with security settings yielding
# a target name (choose one entry depending of the transport needed).
#
# UDP/IPv4
config.addSocketTransport(
self._snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
self._snmpEngine, 'my-router',
udp.domainName, (self.host, self.port),
'my-creds'
)
self.mibBuilder = builder.MibBuilder()
self.mibSources
logger.info("[SNMP] client %s: %s / %s", self, self.mibSources, self.mibs)
extraMibSources = tuple([builder.DirMibSource(d) for d in self.mibSources])
totalMibSources = extraMibSources + self.mibBuilder.getMibSources()
self.mibBuilder.setMibSources(*totalMibSources)
if self.mibs:
self.mibBuilder.loadModules(*self.mibs)
self.mibViewController = view.MibViewController(self.mibBuilder)
self.auth_data = cmdgen.CommunityData('krill', self.community, self.version - 1)
self.udp_transport_target = cmdgen.UdpTransportTarget(
(self.host, self.port), timeout=self.timeout, retries=self.retries)
def __init__(self, host, port, username, password, snmp_context):
self.snmp_context = snmp_context
self.snmp_engine = engine.SnmpEngine()
# HiT7300 uses the user password for encryption (privacy protocol) pass phrase (PSK?)
config.addV3User(
self.snmp_engine, username, config.usmHMACMD5AuthProtocol, password, config.usmAesCfb128Protocol, password
)
# pysnmp bug?
# setting context doesn't affect the getCommandGenerator, so we don't set it
# FIXME: report upstream and have cmdgen use context of snmpEngine!?
# config.addContext(self.snmp_engine, 'tnms')
# snmp_context = context.SnmpContext(self.snmp_engine)
config.addTargetParams(self.snmp_engine, "myParams", username, "authPriv")
# config.addTargetParams(self.snmp_engine, 'myParams', username, 'authPriv')
config.addTargetAddr(self.snmp_engine, "myTarget", config.snmpUDPDomain, (host, int(port)), "myParams")
config.addSocketTransport(self.snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode())
self.cbCtx = {}
def createSNMP(host, community=None):
if community is None:
community = "public"
ip = gethostbyname(host)
snmpEngine = engine.SnmpEngine()
config.addV1System(snmpEngine, 'my-area', community)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv',
0)
config.addTransport(snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine, 'my-router', udp.domainName, (ip, 161),
'my-creds')
cmdgen.NextCommandGenerator().sendVarBinds(
snmpEngine, 'my-router', None, '',
[((1, 3, 6, 1, 2, 1, 1, 0, 0), None)], getHost)
snmpEngine.transportDispatcher.runDispatcher()
cmdgen.NextCommandGenerator().sendVarBinds(
snmpEngine, 'my-router', None, '',
[((1, 3, 6, 1, 2, 1, 4, 34, 1, 3, 2, 16), None)], getAddrs)
snmpEngine.transportDispatcher.runDispatcher()
# Specify security settings per SecurityName (SNMPv2c -> 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
# Create named target
config.addTargetAddr(
snmpEngine, 'my-nms',
udp.domainName, ('127.0.0.1', 162),
'my-creds'
)
# *** SNMP engine configuration is complete by this line ***
# Create SNMP v2c TRAP PDU with defaults
trapPDU = v2c.TrapPDU()
v2c.apiTrapPDU.setDefaults(trapPDU)
# Set custom var-binds to TRAP PDU
v2c.apiTrapPDU.setVarBinds(
trapPDU, [
# sysUpTime
( v2c.ObjectIdentifier('1.3.6.1.2.1.1.3.0'), v2c.TimeTicks(123) ),
# snmpTrapPDU
def setTrapReceiver(self, host, community): config.addV1System(self._snmpEngine, 'nms-area',community) config.addVacmUser(self._snmpEngine, 2, 'nms-area','noAuthNoPriv', notifySubTree=(1,3,6,1,4,1)) config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area','noAuthNoPriv',1) config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName, (host, 162), 'nms-creds',tagList = 'all-my-managers') config.addNotificationTarget(self._snmpEngine, 'test-notification', 'my-filter', 'all-my-managers', 'trap')
def cfgCmdGen(self, authData, transportTarget):
if isinstance(authData, CommunityData):
if authData.communityIndex not in self.__knownAuths:
config.addV1System(self.snmpEngine, authData.communityIndex,
authData.communityName,
authData.contextEngineId,
authData.contextName, authData.tag,
authData.securityName)
self.__knownAuths[authData.communityIndex] = authData
elif isinstance(authData, UsmUserData):
authDataKey = authData.userName, authData.securityEngineId
if authDataKey not in self.__knownAuths:
config.addV3User(self.snmpEngine,
authData.userName,
authData.authProtocol,
authData.authKey,
authData.privProtocol,
authData.privKey,
authData.securityEngineId,
securityName=authData.securityName)
self.__knownAuths[authDataKey] = authData
else:
raise error.PySnmpError('Unsupported authentication object')
paramsKey = authData.securityName, \
authData.securityLevel, \
authData.mpModel
if paramsKey in self.__knownParams:
paramsName, useCount = self.__knownParams[paramsKey]
self.__knownParams[paramsKey] = paramsName, useCount + 1
else:
paramsName = 'p%s' % nextID()
config.addTargetParams(self.snmpEngine, paramsName,
authData.securityName,
authData.securityLevel, authData.mpModel)
self.__knownParams[paramsKey] = paramsName, 1
if transportTarget.transportDomain in self.__knownTransports:
transportTarget.verifyDispatcherCompatibility(self.snmpEngine)
transport, useCount = self.__knownTransports[
transportTarget.transportDomain]
self.__knownTransports[
transportTarget.transportDomain] = transport, useCount + 1
else:
transport = transportTarget.openClientMode()
config.addTransport(self.snmpEngine,
transportTarget.transportDomain, transport)
self.__knownTransports[
transportTarget.transportDomain] = transport, 1
transportKey = (paramsName, transportTarget.transportDomain,
transportTarget.transportAddr, transportTarget.tagList)
if transportKey in self.__knownTransportAddrs:
addrName, useCount = self.__knownTransportAddrs[transportKey]
self.__knownTransportAddrs[transportKey] = addrName, useCount + 1
else:
addrName = 'a%s' % nextID()
config.addTargetAddr(self.snmpEngine, addrName,
transportTarget.transportDomain,
transportTarget.transportAddr, paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
transportTarget.tagList)
self.__knownTransportAddrs[transportKey] = addrName, 1
return addrName, paramsName
config.addV1System(snmpEngine, 'dest-cmt', 'public')
# v3 setup
config.addV3User(
snmpEngine, 'test-user',
config.usmHMACMD5AuthProtocol, 'authkey1',
config.usmDESPrivProtocol, 'privkey1'
# config.usmAesCfb128Protocol, 'privkey1'
)
# Transport targets used by Manager
# Target 1, SNMPv3 setup
config.addTargetParams(snmpEngine, 'v3-dest-1', 'test-user', 'authPriv')
config.addTargetAddr(
snmpEngine, 'tgt-v3-1', config.snmpUDPDomain + (2,),
('127.0.0.1', 161), 'v3-dest-1'
)
# This is to map community to context name in incoming messages
config.addV1System(snmpEngine, 'v2c-src-A', 'tgt-v3-1', contextName='tgt-v3-1')
# Target 1, SNMPv2c setup
config.addTargetParams(snmpEngine, 'v2c-dest-1', 'dest-cmt', 'noAuthNoPriv', 1)
config.addTargetAddr(
snmpEngine, 'tgt-v2c-1', config.snmpUDPDomain + (2,),
('127.0.0.1', 161), 'v2c-dest-1'
)
# This is to map community to context name in incoming messages
config.addV1System(snmpEngine, 'v2c-src-B', 'tgt-v2c-1', contextName='tgt-v2c-1')
# Default SNMP context
config.addContext(snmpEngine, '')
v3Context and v3Context.prettyPrint() or '<default>', v3User,
secLevel, v3AuthKey is None and '<NONE>' or v3AuthKey, v3AuthProto,
v3PrivKey is None and '<NONE>' or v3PrivKey, v3PrivProto))
else:
v3User = '******'
secLevel = 'noAuthNoPriv'
config.addV1System(snmpEngine, v3User, snmpCommunity)
log.info('SNMP version %s, Community name: %s' %
(snmpVersion == 0 and '1' or '2c', snmpCommunity))
config.addTargetParams(snmpEngine, 'pms', v3User, secLevel, snmpVersion)
if agentUDPv6Endpoint:
config.addSocketTransport(snmpEngine, udp6.domainName,
udp6.Udp6SocketTransport().openClientMode())
config.addTargetAddr(snmpEngine, 'tgt', udp6.domainName,
agentUDPv6Endpoint, 'pms', timeout, retryCount)
log.info('Querying UDP/IPv6 agent at [%s]:%s' % agentUDPv6Endpoint)
elif agentUNIXEndpoint:
config.addSocketTransport(snmpEngine, unix.domainName,
unix.UnixSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine, 'tgt', unix.domainName, agentUNIXEndpoint,
'pms', timeout, retryCount)
log.info('Querying UNIX named pipe agent at %s' % agentUNIXEndpoint)
elif agentUDPv4Endpoint:
config.addSocketTransport(snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine, 'tgt', udp.domainName, agentUDPv4Endpoint,
'pms', timeout, retryCount)
log.info('Querying UDP/IPv4 agent at %s:%s' % agentUDPv4Endpoint)
def configure(self, snmpEngine, authData, transportTarget, contextName,
**options):
cache = self._getCache(snmpEngine)
if isinstance(authData, CommunityData):
if authData.communityIndex not in cache['auth']:
config.addV1System(snmpEngine, authData.communityIndex,
authData.communityName,
authData.contextEngineId,
authData.contextName, authData.tag,
authData.securityName)
cache['auth'][authData.communityIndex] = authData
elif isinstance(authData, UsmUserData):
authDataKey = authData.userName, authData.securityEngineId
if authDataKey not in cache['auth']:
config.addV3User(snmpEngine,
authData.userName,
authData.authProtocol,
authData.authKey,
authData.privProtocol,
authData.privKey,
securityEngineId=authData.securityEngineId,
securityName=authData.securityName,
authKeyType=authData.authKeyType,
privKeyType=authData.privKeyType)
cache['auth'][authDataKey] = authData
else:
raise error.PySnmpError('Unsupported authentication object')
paramsKey = (authData.securityName, authData.securityLevel,
authData.mpModel)
if paramsKey in cache['parm']:
paramsName, useCount = cache['parm'][paramsKey]
cache['parm'][paramsKey] = paramsName, useCount + 1
else:
paramsName = 'p%s' % self.nextID()
config.addTargetParams(snmpEngine, paramsName,
authData.securityName,
authData.securityLevel, authData.mpModel)
cache['parm'][paramsKey] = paramsName, 1
if transportTarget.TRANSPORT_DOMAIN in cache['tran']:
transport, useCount = cache['tran'][
transportTarget.TRANSPORT_DOMAIN]
transportTarget.verifyDispatcherCompatibility(snmpEngine)
cache['tran'][
transportTarget.TRANSPORT_DOMAIN] = transport, useCount + 1
elif config.getTransport(snmpEngine, transportTarget.TRANSPORT_DOMAIN):
transportTarget.verifyDispatcherCompatibility(snmpEngine)
else:
transport = transportTarget.openClientMode()
config.addTransport(snmpEngine, transportTarget.TRANSPORT_DOMAIN,
transport)
cache['tran'][transportTarget.TRANSPORT_DOMAIN] = transport, 1
transportKey = (paramsName, transportTarget.TRANSPORT_DOMAIN,
transportTarget.transportAddr, transportTarget.timeout,
transportTarget.retries, transportTarget.tagList,
transportTarget.iface)
if transportKey in cache['addr']:
addrName, useCount = cache['addr'][transportKey]
cache['addr'][transportKey] = addrName, useCount + 1
else:
addrName = 'a%s' % self.nextID()
config.addTargetAddr(snmpEngine, addrName,
transportTarget.TRANSPORT_DOMAIN,
transportTarget.transportAddr, paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
transportTarget.tagList)
cache['addr'][transportKey] = addrName, 1
return addrName, paramsName
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.DOMAIN_NAME,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.DOMAIN_NAME, ('104.236.166.95', 161),
'my-creds',
timeout=300, # in 1/100 sec
retryCount=5
)
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication,
errorStatus, errorIndex, varBinds, cbCtx):
if errorIndication:
print(errorIndication)
elif errorStatus:
print('%s at %s' % (errorStatus.prettyPrint(),
errorIndex and varBinds[int(errorIndex) - 1][0] or '?'))
config.addV3User(
snmpEngine, 'usr-md5-none',
config.usmHMACMD5AuthProtocol, 'authkey1'
)
config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-none', 'authNoPriv')
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-nms',
udp.domainName, ('104.236.166.95', 162),
'my-creds',
tagList='all-my-managers'
)
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(
snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'inform'
)
# Allow NOTIFY access to Agent's MIB by this SNMP model (3), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 3, 'usr-md5-none', 'authNoPriv', (), (), (1, 3, 6))
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0)
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode(('0.0.0.0', 61024))
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.domainName, ('104.236.166.95', 161),
'my-creds'
)
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication,
errorStatus, errorIndex, varBindTable, cbCtx):
if errorIndication:
print(errorIndication)
return
if errorStatus:
print('%s at %s' % (errorStatus.prettyPrint(),
errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?'))
return # stop on error
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.domainName, ('195.218.195.228', 161),
'my-creds',
timeout=300, # in 1/100 sec
retryCount=5
)
@asyncio.coroutine
def snmpOperation(snmpEngine, target, contextEngineId, contextName, varBinds):
( snmpEngine,
errorIndication,
errorStatus,
errorIndex,
varBinds ) = yield from cmdgen.GetCommandGenerator().sendVarBinds(
snmpEngine,
target,
contextEngineId,
contextName,
config.addV1System(snmpEngine,
'my-area',
'public',
transportTag='all-my-managers')
# Specify security settings per SecurityName (SNMPv2c -> 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(snmpEngine, udp.DOMAIN_NAME,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine,
'my-nms',
udp.DOMAIN_NAME, ('104.236.166.95', 162),
'my-creds',
tagList='all-my-managers')
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(snmpEngine, 'my-notification', 'my-filter',
'all-my-managers', 'inform')
# Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1, 3, 6))
# *** SNMP engine configuration is complete by this line ***
# config.usm3DESEDEPrivProtocol, 'privkey1'
#)
#config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-3des', 'authPriv')
#
# Setup transport endpoint and bind it with security settings yielding
# a target name. Since Notifications could be sent to multiple Managers
# at once, more than one target entry may be configured (and tagged).
#
# UDP/IPv4
config.addSocketTransport(snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine,
'my-nms-1',
udp.domainName, ('127.0.0.1', 162),
'my-creds-1',
tagList='all-my-managers')
## UDP/IPv6
config.addSocketTransport(snmpEngine, udp6.domainName,
udp6.Udp6SocketTransport().openClientMode())
config.addTargetAddr(snmpEngine,
'my-nms-2',
udp6.domainName, ('::1', 162),
'my-creds-3',
tagList='all-my-managers')
## Local domain socket
#config.addSocketTransport(
# snmpEngine,
config.addTargetParams(snmpEngine, 'my-creds', 'usr-none-none', 'noAuthNoPriv')
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.domainName, ('195.218.195.228', 161),
'my-creds'
)
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication,
errorStatus, errorIndex, varBindTable, cbCtx):
if errorIndication:
print(errorIndication)
return
if errorStatus:
print('%s at %s' % (errorStatus.prettyPrint(),
errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?'))
return # stop on error
config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-des', 'authPriv')
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpTwistedTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.domainName, ('195.218.195.228', 161),
'my-creds'
)
# Error/response receiver
def cbFun(cbCtx):
(errorIndication, errorStatus, errorIndex, varBindTable) = cbCtx
if errorIndication:
print(errorIndication)
elif errorStatus:
print('%s at %s' % (
errorStatus.prettyPrint(),
errorIndex and varBinds[int(errorIndex)-1][0] or '?'
)
)
else:
config.addV1System(snmpEngine, 'test-agent', 'public')
# v3 setup
config.addV3User(
snmpEngine, 'test-user',
config.usmHMACMD5AuthProtocol, 'authkey1',
config.usmDESPrivProtocol, 'privkey1'
)
# Transport params
config.addTargetParams(snmpEngine, 'myParams', 'test-user', 'authPriv')
#config.addTargetParams(snmpEngine, 'myParams', 'test-agent', 'noAuthNoPriv', 0)
# Transport addresses
config.addTargetAddr(
snmpEngine, 'myNMS', config.snmpUDPDomain,
('127.0.0.1', 162), 'myParams', tagList='myManagementStations'
)
# Notification targets
config.addNotificationTarget(
# snmpEngine, 'myNotifyName', 'myParams', 'myManagementStations', 'trap'
snmpEngine, 'myNotifyName', 'myParams', 'myManagementStations', 'inform'
)
# Setup transport endpoint
config.addSocketTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
# to let it match first in snmpCommunityTable on response processing.
#
config.addV1System(snmpEngine, '0-distant-area', 'public', transportTag='remote')
#
# Transport target used by Manager
#
config.addTargetParams(
snmpEngine, 'distant-agent-auth', '0-distant-area', 'noAuthNoPriv', 1
)
config.addTargetAddr(
snmpEngine, 'distant-agent',
udp.DOMAIN_NAME, ('104.236.166.95', 161),
'distant-agent-auth', retryCount=0, tagList='remote'
)
# Default SNMP context
config.addContext(snmpEngine, '')
class CommandResponder(cmdrsp.CommandResponderBase):
CMDGEN_MAP = {
v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(),
v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(),
v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(),
v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun()
}
SUPPORTED_PDU_TYPES = tuple(CMDGEN_MAP) # This app will handle these PDUs
# Transport setup
#
# Setup transport endpoint and bind it with security settings yielding
# a target name. Since Notifications could be sent to multiple Managers
# at once, more than one target entry may be configured (and tagged).
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-nms-1',
udp.domainName, ('127.0.0.1', 162),
'my-creds',
tagList='all-my-managers'
)
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(
snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap'
)
# Allow NOTIFY access to Agent's MIB by this SNMP model (1), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 1, 'my-area', 'noAuthNoPriv', (), (), (1,3,6))
def snmpv3_getbulk(ip='',user='',hash_meth=None,hash_key=None,cry_meth=None,cry_key=None,oid='',num=10):
#usmHMACMD5AuthProtocol - MD5 hashing
#usmHMACSHAAuthProtocol - SHA hashing
#usmNoAuthProtocol - no authentication
#usmDESPrivProtocol - DES encryption
#usm3DESEDEPrivProtocol - triple-DES encryption
#usmAesCfb128Protocol - AES encryption, 128-bit
#usmAesCfb192Protocol - AES encryption, 192-bit
#usmAesCfb256Protocol - AES encryption, 256-bit
#usmNoPrivProtocol - no encryption
global maxRepetitions
maxRepetitions = num
hashval = None
cryval = None
model = None
config.addTargetAddr(#添加目标,'yourDevice'(OID与处理方法),'my-creds'(用户,密码,安全模型),目的IP与端口号
snmpEngine, 'yourDevice',
udp.domainName, (ip, 161),
'my-creds'
)
#========================下面的操作在判断安全模型==========================
#NoAuthNoPriv
if hash_meth == None and cry_meth == None:
hashval = config.usmNoAuthProtocol
cryval = config.usmNoPrivProtocol
model = 'noAuthNoPriv'
#AuthNoPriv
elif hash_meth != None and cry_meth == None:
if hash_meth == 'md5':
hashval = config.usmHMACMD5AuthProtocol
elif hash_meth == 'sha':
hashval = config.usmHMACSHAAuthProtocol
else:
print('哈希算法必须是md5 or sha!')
return
cryval = config.usmNoPrivProtocol
model = 'authNoPriv'
#AuthPriv
elif hash_meth != None and cry_meth != None:
if hash_meth == 'md5':
hashval = config.usmHMACMD5AuthProtocol
elif hash_meth == 'sha':
hashval = config.usmHMACSHAAuthProtocol
else:
print('哈希算法必须是md5 or sha!')
return
if cry_meth == '3des':
cryval = config.usm3DESEDEPrivProtocol
elif cry_meth == 'des':
cryval = config.usmDESPrivProtocol
elif cry_meth == 'aes128':
cryval = config.usmAesCfb128Protocol
elif cry_meth == 'aes192':
cryval = config.usmAesCfb192Protocol
elif cry_meth == 'aes256':
cryval = config.usmAesCfb256Protocol
else:
print('加密算法必须是3des, des, aes128, aes192 or aes256 !')
return
model = 'authPriv'
#提供的参数不符合标准时给出提示
else:
print('三种USM: NoAuthNoPriv, AuthNoPriv, AuthPriv.。请选择其中一种。')
return
#========================判断安全模型结束==========================
config.addV3User(#添加用户与他的密钥
snmpEngine, user,
hashval, hash_key,
cryval, cry_key
)
config.addTargetParams(snmpEngine, 'my-creds', user, model)#创建'my-creds',里边有用户和安全模型
# Prepare initial request to be sent
cmdgen.BulkCommandGenerator().sendReq(snmpEngine,'yourDevice', 0, 1,((oid, None),),cbFun)#创建'yourDevice',有OID和处理方法cbFun
# Run I/O dispatcher which would send pending queries and process responses
snmpEngine.transportDispatcher.runDispatcher()#运行实例
return oid_list#返回oid_list
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(
snmpEngine,
udp.DOMAIN_NAME,
udp.UdpSocketTransport().openClientMode(('0.0.0.0', 61024))
)
config.addTargetAddr(
snmpEngine, 'my-router',
udp.DOMAIN_NAME, ('104.236.166.95', 161),
'my-creds'
)
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication,
errorStatus, errorIndex, varBindTable, cbCtx):
if errorIndication:
print(errorIndication)
return False
if errorStatus:
print('%s at %s' % (errorStatus.prettyPrint(),
errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?'))
# SNMP credentials used by Manager
# v1/2 setup
config.addV1System(snmpEngine, 'dest-cmt', 'public')
# v3 setup
config.addV3User(snmpEngine, 'test-user', config.usmHMACMD5AuthProtocol,
'authkey1', config.usmDESPrivProtocol, 'privkey1'
# config.usmAesCfb128Protocol, 'privkey1'
)
# Transport targets used by Manager
# Target 1, SNMPv3 setup
config.addTargetParams(snmpEngine, 'v3-dest-1', 'test-user', 'authPriv')
config.addTargetAddr(snmpEngine, 'tgt-v3-1', config.snmpUDPDomain + (2, ),
('127.0.0.1', 161), 'v3-dest-1')
# This is to map community to context name in incoming messages
config.addV1System(snmpEngine, 'v2c-src-A', 'tgt-v3-1', contextName='tgt-v3-1')
# Target 1, SNMPv2c setup
config.addTargetParams(snmpEngine, 'v2c-dest-1', 'dest-cmt', 'noAuthNoPriv', 1)
config.addTargetAddr(snmpEngine, 'tgt-v2c-1', config.snmpUDPDomain + (2, ),
('127.0.0.1', 161), 'v2c-dest-1')
# This is to map community to context name in incoming messages
config.addV1System(snmpEngine,
'v2c-src-B',
'tgt-v2c-1',
contextName='tgt-v2c-1')
# Default SNMP context
config.addContext(snmpEngine, '')
# user: usr-sha-aes, auth: SHA, priv AES
config.addV3User(snmpEngine, 'usr-sha-aes', config.USM_AUTH_HMAC96_SHA,
'authkey1', config.USM_PRIV_CFB128_AES, 'privkey1')
config.addTargetParams(snmpEngine, 'my-creds', 'usr-sha-aes', 'authPriv')
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(snmpEngine, udp.DOMAIN_NAME,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine, 'my-router', udp.DOMAIN_NAME,
('104.236.166.95', 161), 'my-creds')
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus,
errorIndex, varBinds, cbCtx):
if errorIndication:
print(errorIndication)
elif errorStatus:
print('%s at %s' %
(errorStatus.prettyPrint(),
errorIndex and varBinds[int(errorIndex) - 1][0] or '?'))
else:
#
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', 'public')
#
# Transport target used by Manager
#
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(snmpEngine, 'distant-agent-auth', 'my-area',
'noAuthNoPriv', 0)
config.addTargetAddr(
snmpEngine, 'distant-agent',
udp.DOMAIN_NAME + (2,), ('104.236.166.95', 161),
'distant-agent-auth', retryCount=0
)
# Default SNMP context
config.addContext(snmpEngine, '')
class CommandResponder(cmdrsp.CommandResponderBase):
CMDGEN_MAP = {
v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(),
v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(),
v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(),
v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun()
}
#
# SecurityName <-> CommunityName <-> Transport mapping
config.addV1System(snmpEngine, 'distant-area', 'public', transportTag='distant')
#
# Transport target used by Manager
#
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(snmpEngine, 'distant-agent-auth', 'distant-area',
'noAuthNoPriv', 0)
config.addTargetAddr(
snmpEngine, 'distant-agent',
udp.domainName + (2,), ('195.218.195.228', 161),
'distant-agent-auth', retryCount=0, tagList='distant'
)
# Default SNMP context
config.addContext(snmpEngine, '')
class CommandResponder(cmdrsp.CommandResponderBase):
cmdGenMap = {
v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(),
v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(),
v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(),
v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun()
}
pduTypes = cmdGenMap.keys() # This app will handle these PDUs
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine,
'my-area',
'public',
transportTag='all-my-managers')
# Specify security settings per SecurityName (SNMPv2c -> 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(snmpEngine,
'my-nms',
udp.domainName, ('104.236.166.95', 162),
'my-creds',
tagList='all-my-managers')
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(snmpEngine, 'my-notification', 'my-filter',
'all-my-managers', 'trap')
# Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1, 3, 6))
# *** SNMP engine configuration is complete by this line ***
# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, "my-area", "public")
# Specify security settings per SecurityName (SNMPv2c -> 1)
config.addTargetParams(snmpEngine, "my-creds", "my-area", "noAuthNoPriv", 1)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode())
# Create named target
config.addTargetAddr(snmpEngine, "my-nms", udp.domainName, ("195.218.195.228", 162), "my-creds")
# *** SNMP engine configuration is complete by this line ***
# Create SNMP v2c TRAP PDU with defaults
trapPDU = v2c.TrapPDU()
v2c.apiTrapPDU.setDefaults(trapPDU)
# Set custom var-binds to TRAP PDU
v2c.apiTrapPDU.setVarBinds(
trapPDU,
[
# sysUpTime
(v2c.ObjectIdentifier("1.3.6.1.2.1.1.3.0"), v2c.TimeTicks(123)),
# snmpTrapPDU
((1, 3, 6, 1, 6, 3, 1, 1, 4, 1, 0), v2c.ObjectIdentifier((1, 3, 6, 1, 6, 3, 1, 1, 5, 1))),
def cfgCmdGen(self, authData, transportTarget, tagList=null):
if authData not in self.__knownAuths:
if isinstance(authData, CommunityData):
config.addV1System(
self.snmpEngine,
authData.securityName,
authData.communityName,
authData.contextEngineId,
authData.contextName,
tagList
)
elif isinstance(authData, UsmUserData):
config.addV3User(
self.snmpEngine,
authData.securityName,
authData.authProtocol, authData.authKey,
authData.privProtocol, authData.privKey,
authData.contextEngineId
)
else:
raise error.PySnmpError('Unsupported authentication object')
self.__knownAuths[authData] = 1
k = authData.securityName, authData.securityLevel, authData.mpModel
if k in self.__knownParams:
paramsName = self.__knownParams[k]
else:
paramsName = 'p%s' % nextID()
config.addTargetParams(
self.snmpEngine, paramsName,
authData.securityName, authData.securityLevel, authData.mpModel
)
self.__knownParams[k] = paramsName
if transportTarget.transportDomain not in self.__knownTransports:
transport = transportTarget.openClientMode()
config.addSocketTransport(
self.snmpEngine,
transportTarget.transportDomain,
transport
)
self.__knownTransports[transportTarget.transportDomain] = transport
k = paramsName, transportTarget, tagList
if k in self.__knownTransportAddrs:
addrName = self.__knownTransportAddrs[k]
else:
addrName = 'a%s' % nextID()
config.addTargetAddr(
self.snmpEngine, addrName,
transportTarget.transportDomain,
transportTarget.transportAddr,
paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
tagList
)
self.__knownTransportAddrs[k] = addrName
return addrName, paramsName
def configure(self, snmpEngine, authData, transportTarget, *options):
cache = self._getCache(snmpEngine)
if isinstance(authData, CommunityData):
if authData.communityIndex not in cache['auth']:
config.addV1System(
snmpEngine,
authData.communityIndex,
authData.communityName,
authData.contextEngineId,
authData.contextName,
authData.tag,
authData.securityName
)
cache['auth'][authData.communityIndex] = authData
elif isinstance(authData, UsmUserData):
authDataKey = authData.userName, authData.securityEngineId
if authDataKey not in cache['auth']:
config.addV3User(
snmpEngine,
authData.userName,
authData.authProtocol, authData.authKey,
authData.privProtocol, authData.privKey,
authData.securityEngineId,
securityName=authData.securityName
)
cache['auth'][authDataKey] = authData
else:
raise error.PySnmpError('Unsupported authentication object')
paramsKey = (authData.securityName,
authData.securityLevel,
authData.mpModel)
if paramsKey in cache['parm']:
paramsName, useCount = cache['parm'][paramsKey]
cache['parm'][paramsKey] = paramsName, useCount + 1
else:
paramsName = 'p%s' % self.nextID()
config.addTargetParams(
snmpEngine, paramsName,
authData.securityName, authData.securityLevel, authData.mpModel
)
cache['parm'][paramsKey] = paramsName, 1
if transportTarget.transportDomain in cache['tran']:
transport, useCount = cache['tran'][transportTarget.transportDomain]
transportTarget.verifyDispatcherCompatibility(snmpEngine)
cache['tran'][transportTarget.transportDomain] = transport, useCount + 1
elif config.getTransport(snmpEngine, transportTarget.transportDomain):
transportTarget.verifyDispatcherCompatibility(snmpEngine)
else:
transport = transportTarget.openClientMode()
config.addTransport(
snmpEngine,
transportTarget.transportDomain,
transport
)
cache['tran'][transportTarget.transportDomain] = transport, 1
transportKey = (paramsName, transportTarget.transportDomain,
transportTarget.transportAddr,
transportTarget.tagList)
if transportKey in cache['addr']:
addrName, useCount = cache['addr'][transportKey]
cache['addr'][transportKey] = addrName, useCount + 1
else:
addrName = 'a%s' % self.nextID()
config.addTargetAddr(
snmpEngine, addrName,
transportTarget.transportDomain,
transportTarget.transportAddr,
paramsName,
transportTarget.timeout * 100,
transportTarget.retries,
transportTarget.tagList
)
cache['addr'][transportKey] = addrName, 1
return addrName, paramsName
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1)
#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#
# UDP/IPv4
config.addTransport(snmpEngine, udp.domainName,
udp.UdpSocketTransport().openClientMode())
config.addTargetAddr(
snmpEngine,
'my-router',
udp.domainName,
('104.236.166.95', 161),
'my-creds',
timeout=300, # in 1/100 sec
retryCount=5)
# Error/response receiver
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus,
errorIndex, varBinds, cbCtx):
if errorIndication:
print(errorIndication)
elif errorStatus:
print('%s at %s' %
(errorStatus.prettyPrint(),
errorIndex and varBinds[int(errorIndex) - 1][0] or '?'))
def __init__(self, ip, port=161, is_ipv6=False, timeout=2000, retry_count=2, get_bulk_flag=False,
continue_on_errors=0, get_bulk_repetitions=25, v3_context_engine_id=None, v3_context=''):
self.ip = ip
self.continue_on_errors = continue_on_errors
self.get_bulk_repetitions = get_bulk_repetitions
self.timeout = timeout
self.output_file = list()
self.retry_count = retry_count
self.get_bulk_flag = get_bulk_flag
self.v3_context_engine_id = v3_context_engine_id
self.v3_context = v3_context
if self.v3_context_engine_id:
if self.v3_context_engine_id[2:] == '0x':
self.v3_context_engine_id = univ.OctetString(hexValue=self.v3_context_engine_id[2:])
else:
self.v3_context_engine_id = univ.OctetString(self.v3_context_engine_id)
if self.v3_context:
if self.v3_context[:2] == '0x':
self.v3_context = univ.OctetString(hexValue=self.v3_context[2:])
else:
self.v3_context = univ.OctetString(self.v3_context)
if ip:
try:
agent_udp_endpoint = \
socket.getaddrinfo(ip,
port,
socket.AF_INET, socket.SOCK_DGRAM,
socket.IPPROTO_UDP)[0][4][:2]
except socket.gaierror:
sys.stderr.write('ERROR: unknown hostname {}\r\n'.format(ip))
sys.exit(-1)
else:
sys.stderr.write('ERROR: unknown hostname {}\r\n'.format(ip))
sys.exit(-1)
self._snmp_engine = engine.SnmpEngine()
config.addTargetParams(self._snmp_engine, 'pms', self.get_user, self.get_security,
self.get_snmp_version)
if agent_udp_endpoint:
if is_ipv6:
config.addSocketTransport(
self._snmp_engine,
udp6.domainName,
udp6.Udp6SocketTransport().openClientMode()
)
config.addTargetAddr(
self._snmp_engine, 'tgt', udp6.domainName, agent_udp_endpoint, 'pms',
self.timeout, self.retry_count
)
else:
config.addSocketTransport(
self._snmp_engine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
self._snmp_engine, 'tgt', udp.domainName, agent_udp_endpoint, 'pms',
self.timeout, self.retry_count
)
else:
sys.stderr.write('ERROR: Failed to communicate with provided IP Address {}\r\n'.format(ip))
sys.exit(-1)
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', 'public', transportTag='all-my-managers')
# Specify security settings per SecurityName (SNMPv1 -> 0)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0)
# Setup transport endpoint and bind it with security settings yielding
# a target name
config.addTransport(
snmpEngine,
udp.domainName,
udp.UdpSocketTransport().openClientMode()
)
config.addTargetAddr(
snmpEngine, 'my-nms',
udp.domainName, ('195.218.195.228', 162),
'my-creds',
tagList='all-my-managers'
)
# Specify what kind of notification should be sent (TRAP or INFORM),
# to what targets (chosen by tag) and what filter should apply to
# the set of targets (selected by tag)
config.addNotificationTarget(
snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap'
)
# Allow NOTIFY access to Agent's MIB by this SNMP model (1), securityLevel
# and SecurityName
config.addContext(snmpEngine, '')
config.addVacmUser(snmpEngine, 1, 'my-area', 'noAuthNoPriv', (), (), (1,3,6))
