def __init__(self, host, port): # Create SNMP engine instance self.snmpEngine = engine.SnmpEngine() # user: usr-sha-aes, auth: SHA, priv AES config.addV3User( self.snmpEngine, "usr-sha-aes128", config.usmHMACSHAAuthProtocol, "authkey1", config.usmAesCfb128Protocol, "privkey1", ) config.addTargetParams(self.snmpEngine, "my-creds", "usr-sha-aes128", "authPriv") # Setup transport endpoint and bind it with security settings yielding # a target name (choose one entry depending of the transport needed). # UDP/IPv4 config.addSocketTransport(self.snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(self.snmpEngine, "my-router", udp.domainName, (host, port), "my-creds")
def _setup(self, agent, context, host, port): # TODO support changes to context etc and make a new connection??? if self.snmpEngine is None: self.snmpEngine = engine.SnmpEngine() else: return # already setup if isinstance(agent, UsmUserData): config.addV3User(self.snmpEngine, agent.securityName, agent.authProtocol, agent.authKey, agent.privProtocol, agent.privKey) config.addTargetParams(self.snmpEngine, 'myParams', agent.securityName, agent.securityLevel) else: config.addV1System(self.snmpEngine, agent, context) config.addTargetParams(self.snmpEngine, 'myParams', agent, 'noAuthNoPriv', 1) config.addTargetAddr(self.snmpEngine, 'myRouter', config.snmpUDPDomain, (host, port), 'myParams', timeout=900) config.addSocketTransport(self.snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode())
def __init__(self, client_config=None): if not client_config: client_config = conpot_config # Create SNMP engine instance self.snmpEngine = engine.SnmpEngine() # user: usr-sha-aes, auth: SHA, priv AES config.addV3User( self.snmpEngine, 'usr-sha-aes128', config.usmHMACSHAAuthProtocol, 'authkey1', config.usmAesCfb128Protocol, 'privkey1' ) config.addTargetParams(self.snmpEngine, 'my-creds', 'usr-sha-aes128', 'authPriv') # Setup transport endpoint and bind it with security settings yielding # a target name (choose one entry depending of the transport needed). # UDP/IPv4 config.addSocketTransport( self.snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( self.snmpEngine, 'my-router', udp.domainName, (client_config.snmp_host, client_config.snmp_port), 'my-creds' )
def addNode(self, identifier, address): if identifier in self.identifiers: return false newnode = Node(self, identifier, address) self.append(newnode) self.identifiers[identifier] = newnode config.addTargetAddr(self.snmpEngine, identifier, config.snmpUDPDomain, (address, 161), 'myParams', timeout=5) newnode.reindex()
def test2(): from pysnmp.v4.proto.rfc1902 import ObjectName from pysnmp.entity import engine, config from pysnmp.carrier.asynsock.dgram import udp from pysnmp.entity.rfc3413 import cmdgen sysName = ObjectName("1.3.6.1.2.1.1.5.0") ip = "192.168.1.9" snmp_engine = engine.SnmpEngine() config.addV1System(snmp_engine, 'test-agent', "public") config.addTargetParams(snmp_engine, 'myParams', 'test-agent', 'noAuthNoPriv', 0) config.addTargetAddr( snmp_engine, 'myRouter', config.snmpUDPDomain, (ip, 161), 'myParams' ) config.addSocketTransport( snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) cb = {} def cbFun(sendRequestHandle, errorIndication, errorStatus, errorIndex, varBinds, cbCtx): cbCtx['errorIndication'] = errorIndication cbCtx['errorStatus'] = errorStatus cbCtx['errorIndex'] = errorIndex cbCtx['varBinds'] = varBinds cmdgen.GetCommandGenerator().sendReq(snmp_engine, 'myRouter', ((sysName, None),), cbFun, cb) lastmemusage = 0 lastrefs = None errors = 0 while (errors < 2): snmp_engine.transportDispatcher.runDispatcher() print cb['varBinds'][0][1] snmp_engine.transportDispatcher.closeDispatcher() #asynCommandGenerator.flushConfig() newmemusage = resource.getrusage(resource.RUSAGE_SELF)[2] memdiff = (newmemusage - lastmemusage) newrefs = get_refcounts() if memdiff > 0: print "Leaked %d Kb... printing refcount diff" % memdiff if lastrefs == None: print "No previous refcount, skipping" else: print_ref_diffs(lastrefs, newrefs) errors = errors + 1 gc.collect() lastrefs = newrefs lastmemusage = newmemusage #print resource.getrusage(resource.RUSAGE_SELF)[3] time.sleep(1)
def cfgCmdGen(self, authData, transportTarget, tagList=''): if self.__knownAuths.has_key(authData): paramsName = self.__knownAuths[authData] else: paramsName = 'p%s' % nextID() if isinstance(authData, CommunityData): config.addV1System( self.snmpEngine, authData.securityName, authData.communityName ) config.addTargetParams( self.snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel ) elif isinstance(authData, UsmUserData): config.addV3User( self.snmpEngine, authData.securityName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey ) config.addTargetParams( self.snmpEngine, paramsName, authData.securityName, authData.securityLevel ) else: raise error.PySnmpError('Unsupported SNMP version') self.__knownAuths[authData] = paramsName if not self.__knownTransports.has_key(transportTarget.transportDomain): transport = transportTarget.openClientMode() config.addSocketTransport( self.snmpEngine, transportTarget.transportDomain, transport ) self.__knownTransports[transportTarget.transportDomain] = transport k = transportTarget, tagList if self.__knownTransportAddrs.has_key(k): addrName = self.__knownTransportAddrs[k] else: addrName = 'a%s' % nextID() config.addTargetAddr( self.snmpEngine, addrName, transportTarget.transportDomain, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, tagList ) self.__knownTransportAddrs[k] = addrName return addrName, paramsName
def add_udp_endpoint( self, snmp_engine, snmp_timeout=SNMP_TIMEOUT, snmp_retry_count=SNMP_RETRIES_COUNT, ): if self._snmp_parameters.ip: try: agent_udp_endpoint = socket.getaddrinfo( self._snmp_parameters.ip, self._snmp_parameters.port, socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP, )[0][4][:2] except socket.gaierror: raise InitializeSNMPException( "Failed to validate {} hostname".format( self._snmp_parameters.ip), self._logger, ) else: raise InitializeSNMPException( "Failed to validate {} hostname".format( self._snmp_parameters.ip), self._logger, ) ip = ip_address(u"{}".format(self._snmp_parameters.ip)) if isinstance(ip, IPv6Address): config.addSocketTransport( snmp_engine, udp6.domainName, udp6.Udp6SocketTransport().openClientMode(), ) config.addTargetAddr( snmp_engine, "tgt", udp6.domainName, agent_udp_endpoint, "pms", snmp_timeout, snmp_retry_count, ) else: config.addSocketTransport( snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr( snmp_engine, "tgt", udp.domainName, agent_udp_endpoint, "pms", snmp_timeout, snmp_retry_count, )
def __init__(self, host, port, community): self.snmp = engine.SnmpEngine() self.snmp.registerTransportDispatcher(dispatch.TwistedDispatcher()) config.addV1System(self.snmp, 'my-area', community) config.addTargetParams(self.snmp, 'my-creds', 'my-area', 'noAuthNoPriv', 0) config.addSocketTransport(self.snmp, udp.domainName, udp.UdpTwistedTransport().openClientMode()) config.addTargetAddr(self.snmp, 'my-router', udp.domainName, (host, port), 'my-creds')
def _targetName(self, engine, ip, port, paramName): """Get/create a target name for given target for given connection name""" key = (ip, port, paramName) targetName = self._targetCache.get(key) if targetName is None: nameID = self._newTargetName() targetName = 'target-%s' % (nameID, ) config.addTargetAddr(engine, targetName, config.snmpUDPDomain, (ip, port), paramName) self._targetCache[key] = targetName return targetName
def __init__(self, host, port, community): self.snmp = engine.SnmpEngine() self.snmp.registerTransportDispatcher(dispatch.TwistedDispatcher()) config.addV1System(self.snmp, 'my-area', community) config.addTargetParams(self.snmp, 'my-creds', 'my-area', 'noAuthNoPriv', 0) config.addSocketTransport(self.snmp, udp.domainName, udp.UdpTwistedTransport().openClientMode() ) config.addTargetAddr(self.snmp, 'my-router', udp.domainName, (host, port), 'my-creds')
def _targetName( self, engine, ip, port, paramName ): """Get/create a target name for given target for given connection name""" key = (ip,port,paramName) targetName = self._targetCache.get( key ) if targetName is None: nameID = self._newTargetName() targetName = 'target-%s'%(nameID,) config.addTargetAddr( engine, targetName, config.snmpUDPDomain, (ip, port), paramName ) self._targetCache[ key ] = targetName return targetName
def cfgCmdGen(self, authData, transportTarget): if authData not in self.__knownAuths: if isinstance(authData, CommunityData): config.addV1System(self.snmpEngine, authData.securityName, authData.communityName, authData.contextEngineId, authData.contextName, authData.tag) elif isinstance(authData, UsmUserData): config.addV3User(self.snmpEngine, authData.securityName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey, authData.contextEngineId) else: raise error.PySnmpError('Unsupported authentication object') self.__knownAuths[authData] = 1 k = authData.securityName, authData.securityLevel, authData.mpModel if k in self.__knownParams: paramsName = self.__knownParams[k] else: paramsName = 'p%s' % nextID() config.addTargetParams(self.snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel) self.__knownParams[k] = paramsName if transportTarget.transportDomain not in self.__knownTransports: transport = transportTarget.openClientMode() config.addSocketTransport(self.snmpEngine, transportTarget.transportDomain, transport) self.__knownTransports[transportTarget.transportDomain] = transport k = paramsName, transportTarget, transportTarget.tagList if k in self.__knownTransportAddrs: addrName = self.__knownTransportAddrs[k] else: addrName = 'a%s' % nextID() config.addTargetAddr(self.snmpEngine, addrName, transportTarget.transportDomain, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, transportTarget.tagList) self.__knownTransportAddrs[k] = addrName return addrName, paramsName
def __init__(self, community, ip, version=1): self.__community = community self.__ip = ip self.__version = version self.__errorIndication = None self.__errorStatus = None self.__errorIndex = None self.__varBinds = None # self.__lock = threading.Lock() self.__snmp_engine = engine.SnmpEngine() config.addV1System(self.__snmp_engine, "test-agent", self.__community) config.addTargetParams(self.__snmp_engine, "myParams", "test-agent", "noAuthNoPriv", self.__version) config.addTargetAddr(self.__snmp_engine, "myRouter", config.snmpUDPDomain, (self.__ip, 161), "myParams") config.addSocketTransport(self.__snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode())
def n_Agent_exit(self, cbCtx, node): snmpEngine, ctx = cbCtx ctx['addrName'] = '%s-name' % ctx['paramsName'] config.addTargetAddr( snmpEngine, ctx['addrName'], ctx['transportDomain'], ctx['addrRewriteFun'](*ctx['transportAddress']), ctx['paramsName'], # net-snmp defaults ctx.get('timeout', 100), ctx.get('retryCount', 5), tagList=ctx.get('transportTag', '')) config.addSocketTransport(snmpEngine, ctx['transportDomain'], ctx['transportModule']().openClientMode())
def setTrapReceiver(self, host, community): config.addV1System(self._snmpEngine, 'nms-area', community) config.addVacmUser(self._snmpEngine, 2, 'nms-area', 'noAuthNoPriv', notifySubTree=(1, 3, 6, 1, 4, 1)) config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area', 'noAuthNoPriv', 1) config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName, (host, 162), 'nms-creds', tagList='all-my-managers') # set last parameter to 'notification' to have it send # informs rather than unacknowledged traps config.addNotificationTarget( self._snmpEngine, 'test-notification', 'my-filter', 'all-my-managers', 'trap')
def setTrapReceiver(self, host, community): config.addV1System(self._snmpEngine, 'nms-area', community) config.addVacmUser(self._snmpEngine, 2, 'nms-area', 'noAuthNoPriv', notifySubTree=(1, 3, 6, 1, 4, 1)) config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area', 'noAuthNoPriv', 1) config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName, (host, 162), 'nms-creds', tagList='all-my-managers') config.addNotificationTarget(self._snmpEngine, 'test-notification', 'my-filter', 'all-my-managers', 'trap')
def setTrapReceiver(self, host, community): """Send traps to the host using community string community """ config.addV1System(self._snmpEngine, 'nms-area', community) config.addVacmUser(self._snmpEngine, 2, 'nms-area', 'noAuthNoPriv', notifySubTree=(1,3,6,1,4,1)) config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area', 'noAuthNoPriv', 1) config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName, (host, 162), 'nms-creds', tagList='all-my-managers') #set last parameter to 'notification' to have it send #informs rather than unacknowledged traps config.addNotificationTarget( self._snmpEngine, 'test-notification', 'my-filter', 'all-my-managers', 'trap')
def initTarget(host='127.0.0.1', port=162, community='LIC_OSS'): #global snmpEngine, snmpContext, ntfOrg # Create SNMP engine instance snmpEngine = engine.SnmpEngine() # SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, 'my-area', community) # Specify security settings per SecurityName (SNMPv2c -> 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # Setup transport endpoint and bind it with security settings yielding # a target name config.addSocketTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-nms', udp.domainName, (host, port), 'my-creds', tagList='all-my-managers' ) # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget( snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap' ) # Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1,3,6)) # *** SNMP engine configuration is complete by this line *** # Create default SNMP context where contextEngineId == SnmpEngineId snmpContext = context.SnmpContext(snmpEngine) # Create Notification Originator App instance. ntfOrg = ntforg.NotificationOriginator(snmpContext) return snmpEngine, ntfOrg
def __init__(self, community, ip, version=1): self.__community = community self.__ip = ip self.__version = version self.__errorIndication = None self.__errorStatus = None self.__errorIndex = None self.__varBinds = None #self.__lock = threading.Lock() self.__snmp_engine = engine.SnmpEngine() config.addV1System(self.__snmp_engine, 'test-agent', self.__community) config.addTargetParams(self.__snmp_engine, 'myParams', 'test-agent', 'noAuthNoPriv', self.__version) config.addTargetAddr(self.__snmp_engine, 'myRouter', config.snmpUDPDomain, (self.__ip, 161), 'myParams') config.addSocketTransport(self.__snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode())
def setTrapTargetAddress(snmpEngine, security, transportDomain, transportAddress, src=None, tag=''): """Configure SNMP notification target for SNMP security name. Args: snmpEngine (object): pysnmp `SnmpEngine` class instance security (str): SNMP security name to associate SNMP notification target address with. transportDomain (tuple): SNMP transport domain instance to send notifications by. transportAddress (tuple): notification destination network address in `socket` format (i.e. ('XXX.XXX.XXX.XXX', NNN)). tag (str): Tags this target address. Tags can be used internally by SNMP engine for looking up desired notification destination or SNMP authentication information by transport address. """ config.addTargetAddr( snmpEngine, _getTrapTargetName(security), transportDomain, transportAddress, _getTrapCreds(security), tagList=tag, sourceAddress=src)
def main(argv): # Create SNMP engine instance snmpEngine = engine.SnmpEngine() dispatcher = TornadoDispatcher() snmpEngine.registerTransportDispatcher(dispatcher) # SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, 'my-area', 'public') # Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # UDP/IPv4 config.addSocketTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, (argv[0], 161), 'my-creds', timeout=3.0, retryCount=1 ) cbCtx = dict(dispatcher=dispatcher) cmdGen = cmdgen.GetCommandGenerator() cmdGen.sendReq( snmpEngine, 'my-router', ( ('1.3.6.1.2.1.1.1.0', None), ), cbFun, cbCtx ) IOLoop.instance().start()
def init(self): self._snmpEngine = engine.SnmpEngine() # SecurityName <-> CommunityName mapping config.addV1System(self._snmpEngine, 'my-area', self.community) # Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1) config.addTargetParams(self._snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # # Setup transport endpoint and bind it with security settings yielding # a target name (choose one entry depending of the transport needed). # # UDP/IPv4 config.addSocketTransport( self._snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( self._snmpEngine, 'my-router', udp.domainName, (self.host, self.port), 'my-creds' ) self.mibBuilder = builder.MibBuilder() self.mibSources logger.info("[SNMP] client %s: %s / %s", self, self.mibSources, self.mibs) extraMibSources = tuple([builder.DirMibSource(d) for d in self.mibSources]) totalMibSources = extraMibSources + self.mibBuilder.getMibSources() self.mibBuilder.setMibSources(*totalMibSources) if self.mibs: self.mibBuilder.loadModules(*self.mibs) self.mibViewController = view.MibViewController(self.mibBuilder) self.auth_data = cmdgen.CommunityData('krill', self.community, self.version - 1) self.udp_transport_target = cmdgen.UdpTransportTarget( (self.host, self.port), timeout=self.timeout, retries=self.retries)
def __init__(self, host, port, username, password, snmp_context): self.snmp_context = snmp_context self.snmp_engine = engine.SnmpEngine() # HiT7300 uses the user password for encryption (privacy protocol) pass phrase (PSK?) config.addV3User( self.snmp_engine, username, config.usmHMACMD5AuthProtocol, password, config.usmAesCfb128Protocol, password ) # pysnmp bug? # setting context doesn't affect the getCommandGenerator, so we don't set it # FIXME: report upstream and have cmdgen use context of snmpEngine!? # config.addContext(self.snmp_engine, 'tnms') # snmp_context = context.SnmpContext(self.snmp_engine) config.addTargetParams(self.snmp_engine, "myParams", username, "authPriv") # config.addTargetParams(self.snmp_engine, 'myParams', username, 'authPriv') config.addTargetAddr(self.snmp_engine, "myTarget", config.snmpUDPDomain, (host, int(port)), "myParams") config.addSocketTransport(self.snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode()) self.cbCtx = {}
def createSNMP(host, community=None): if community is None: community = "public" ip = gethostbyname(host) snmpEngine = engine.SnmpEngine() config.addV1System(snmpEngine, 'my-area', community) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0) config.addTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-router', udp.domainName, (ip, 161), 'my-creds') cmdgen.NextCommandGenerator().sendVarBinds( snmpEngine, 'my-router', None, '', [((1, 3, 6, 1, 2, 1, 1, 0, 0), None)], getHost) snmpEngine.transportDispatcher.runDispatcher() cmdgen.NextCommandGenerator().sendVarBinds( snmpEngine, 'my-router', None, '', [((1, 3, 6, 1, 2, 1, 4, 34, 1, 3, 2, 16), None)], getAddrs) snmpEngine.transportDispatcher.runDispatcher()
# Specify security settings per SecurityName (SNMPv2c -> 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) # Create named target config.addTargetAddr( snmpEngine, 'my-nms', udp.domainName, ('127.0.0.1', 162), 'my-creds' ) # *** SNMP engine configuration is complete by this line *** # Create SNMP v2c TRAP PDU with defaults trapPDU = v2c.TrapPDU() v2c.apiTrapPDU.setDefaults(trapPDU) # Set custom var-binds to TRAP PDU v2c.apiTrapPDU.setVarBinds( trapPDU, [ # sysUpTime ( v2c.ObjectIdentifier('1.3.6.1.2.1.1.3.0'), v2c.TimeTicks(123) ), # snmpTrapPDU
def setTrapReceiver(self, host, community): config.addV1System(self._snmpEngine, 'nms-area',community) config.addVacmUser(self._snmpEngine, 2, 'nms-area','noAuthNoPriv', notifySubTree=(1,3,6,1,4,1)) config.addTargetParams(self._snmpEngine, 'nms-creds', 'nms-area','noAuthNoPriv',1) config.addTargetAddr(self._snmpEngine, 'my-nms', udp.domainName, (host, 162), 'nms-creds',tagList = 'all-my-managers') config.addNotificationTarget(self._snmpEngine, 'test-notification', 'my-filter', 'all-my-managers', 'trap')
def cfgCmdGen(self, authData, transportTarget): if isinstance(authData, CommunityData): if authData.communityIndex not in self.__knownAuths: config.addV1System(self.snmpEngine, authData.communityIndex, authData.communityName, authData.contextEngineId, authData.contextName, authData.tag, authData.securityName) self.__knownAuths[authData.communityIndex] = authData elif isinstance(authData, UsmUserData): authDataKey = authData.userName, authData.securityEngineId if authDataKey not in self.__knownAuths: config.addV3User(self.snmpEngine, authData.userName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey, authData.securityEngineId, securityName=authData.securityName) self.__knownAuths[authDataKey] = authData else: raise error.PySnmpError('Unsupported authentication object') paramsKey = authData.securityName, \ authData.securityLevel, \ authData.mpModel if paramsKey in self.__knownParams: paramsName, useCount = self.__knownParams[paramsKey] self.__knownParams[paramsKey] = paramsName, useCount + 1 else: paramsName = 'p%s' % nextID() config.addTargetParams(self.snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel) self.__knownParams[paramsKey] = paramsName, 1 if transportTarget.transportDomain in self.__knownTransports: transportTarget.verifyDispatcherCompatibility(self.snmpEngine) transport, useCount = self.__knownTransports[ transportTarget.transportDomain] self.__knownTransports[ transportTarget.transportDomain] = transport, useCount + 1 else: transport = transportTarget.openClientMode() config.addTransport(self.snmpEngine, transportTarget.transportDomain, transport) self.__knownTransports[ transportTarget.transportDomain] = transport, 1 transportKey = (paramsName, transportTarget.transportDomain, transportTarget.transportAddr, transportTarget.tagList) if transportKey in self.__knownTransportAddrs: addrName, useCount = self.__knownTransportAddrs[transportKey] self.__knownTransportAddrs[transportKey] = addrName, useCount + 1 else: addrName = 'a%s' % nextID() config.addTargetAddr(self.snmpEngine, addrName, transportTarget.transportDomain, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, transportTarget.tagList) self.__knownTransportAddrs[transportKey] = addrName, 1 return addrName, paramsName
config.addV1System(snmpEngine, 'dest-cmt', 'public') # v3 setup config.addV3User( snmpEngine, 'test-user', config.usmHMACMD5AuthProtocol, 'authkey1', config.usmDESPrivProtocol, 'privkey1' # config.usmAesCfb128Protocol, 'privkey1' ) # Transport targets used by Manager # Target 1, SNMPv3 setup config.addTargetParams(snmpEngine, 'v3-dest-1', 'test-user', 'authPriv') config.addTargetAddr( snmpEngine, 'tgt-v3-1', config.snmpUDPDomain + (2,), ('127.0.0.1', 161), 'v3-dest-1' ) # This is to map community to context name in incoming messages config.addV1System(snmpEngine, 'v2c-src-A', 'tgt-v3-1', contextName='tgt-v3-1') # Target 1, SNMPv2c setup config.addTargetParams(snmpEngine, 'v2c-dest-1', 'dest-cmt', 'noAuthNoPriv', 1) config.addTargetAddr( snmpEngine, 'tgt-v2c-1', config.snmpUDPDomain + (2,), ('127.0.0.1', 161), 'v2c-dest-1' ) # This is to map community to context name in incoming messages config.addV1System(snmpEngine, 'v2c-src-B', 'tgt-v2c-1', contextName='tgt-v2c-1') # Default SNMP context config.addContext(snmpEngine, '')
v3Context and v3Context.prettyPrint() or '<default>', v3User, secLevel, v3AuthKey is None and '<NONE>' or v3AuthKey, v3AuthProto, v3PrivKey is None and '<NONE>' or v3PrivKey, v3PrivProto)) else: v3User = '******' secLevel = 'noAuthNoPriv' config.addV1System(snmpEngine, v3User, snmpCommunity) log.info('SNMP version %s, Community name: %s' % (snmpVersion == 0 and '1' or '2c', snmpCommunity)) config.addTargetParams(snmpEngine, 'pms', v3User, secLevel, snmpVersion) if agentUDPv6Endpoint: config.addSocketTransport(snmpEngine, udp6.domainName, udp6.Udp6SocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'tgt', udp6.domainName, agentUDPv6Endpoint, 'pms', timeout, retryCount) log.info('Querying UDP/IPv6 agent at [%s]:%s' % agentUDPv6Endpoint) elif agentUNIXEndpoint: config.addSocketTransport(snmpEngine, unix.domainName, unix.UnixSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'tgt', unix.domainName, agentUNIXEndpoint, 'pms', timeout, retryCount) log.info('Querying UNIX named pipe agent at %s' % agentUNIXEndpoint) elif agentUDPv4Endpoint: config.addSocketTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'tgt', udp.domainName, agentUDPv4Endpoint, 'pms', timeout, retryCount) log.info('Querying UDP/IPv4 agent at %s:%s' % agentUDPv4Endpoint)
def configure(self, snmpEngine, authData, transportTarget, contextName, **options): cache = self._getCache(snmpEngine) if isinstance(authData, CommunityData): if authData.communityIndex not in cache['auth']: config.addV1System(snmpEngine, authData.communityIndex, authData.communityName, authData.contextEngineId, authData.contextName, authData.tag, authData.securityName) cache['auth'][authData.communityIndex] = authData elif isinstance(authData, UsmUserData): authDataKey = authData.userName, authData.securityEngineId if authDataKey not in cache['auth']: config.addV3User(snmpEngine, authData.userName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey, securityEngineId=authData.securityEngineId, securityName=authData.securityName, authKeyType=authData.authKeyType, privKeyType=authData.privKeyType) cache['auth'][authDataKey] = authData else: raise error.PySnmpError('Unsupported authentication object') paramsKey = (authData.securityName, authData.securityLevel, authData.mpModel) if paramsKey in cache['parm']: paramsName, useCount = cache['parm'][paramsKey] cache['parm'][paramsKey] = paramsName, useCount + 1 else: paramsName = 'p%s' % self.nextID() config.addTargetParams(snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel) cache['parm'][paramsKey] = paramsName, 1 if transportTarget.TRANSPORT_DOMAIN in cache['tran']: transport, useCount = cache['tran'][ transportTarget.TRANSPORT_DOMAIN] transportTarget.verifyDispatcherCompatibility(snmpEngine) cache['tran'][ transportTarget.TRANSPORT_DOMAIN] = transport, useCount + 1 elif config.getTransport(snmpEngine, transportTarget.TRANSPORT_DOMAIN): transportTarget.verifyDispatcherCompatibility(snmpEngine) else: transport = transportTarget.openClientMode() config.addTransport(snmpEngine, transportTarget.TRANSPORT_DOMAIN, transport) cache['tran'][transportTarget.TRANSPORT_DOMAIN] = transport, 1 transportKey = (paramsName, transportTarget.TRANSPORT_DOMAIN, transportTarget.transportAddr, transportTarget.timeout, transportTarget.retries, transportTarget.tagList, transportTarget.iface) if transportKey in cache['addr']: addrName, useCount = cache['addr'][transportKey] cache['addr'][transportKey] = addrName, useCount + 1 else: addrName = 'a%s' % self.nextID() config.addTargetAddr(snmpEngine, addrName, transportTarget.TRANSPORT_DOMAIN, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, transportTarget.tagList) cache['addr'][transportKey] = addrName, 1 return addrName, paramsName
# # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.DOMAIN_NAME, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-router', udp.DOMAIN_NAME, ('104.236.166.95', 161), 'my-creds', timeout=300, # in 1/100 sec retryCount=5 ) # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBinds, cbCtx): if errorIndication: print(errorIndication) elif errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex) - 1][0] or '?'))
config.addV3User( snmpEngine, 'usr-md5-none', config.usmHMACMD5AuthProtocol, 'authkey1' ) config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-none', 'authNoPriv') # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-nms', udp.domainName, ('104.236.166.95', 162), 'my-creds', tagList='all-my-managers' ) # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget( snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'inform' ) # Allow NOTIFY access to Agent's MIB by this SNMP model (3), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 3, 'usr-md5-none', 'authNoPriv', (), (), (1, 3, 6))
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0) # # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode(('0.0.0.0', 61024)) ) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, ('104.236.166.95', 161), 'my-creds' ) # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBindTable, cbCtx): if errorIndication: print(errorIndication) return if errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?')) return # stop on error
# # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.domainName, udp.UdpTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, ('195.218.195.228', 161), 'my-creds', timeout=300, # in 1/100 sec retryCount=5 ) @asyncio.coroutine def snmpOperation(snmpEngine, target, contextEngineId, contextName, varBinds): ( snmpEngine, errorIndication, errorStatus, errorIndex, varBinds ) = yield from cmdgen.GetCommandGenerator().sendVarBinds( snmpEngine, target, contextEngineId, contextName,
config.addV1System(snmpEngine, 'my-area', 'public', transportTag='all-my-managers') # Specify security settings per SecurityName (SNMPv2c -> 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport(snmpEngine, udp.DOMAIN_NAME, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-nms', udp.DOMAIN_NAME, ('104.236.166.95', 162), 'my-creds', tagList='all-my-managers') # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget(snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'inform') # Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1, 3, 6)) # *** SNMP engine configuration is complete by this line ***
# config.usm3DESEDEPrivProtocol, 'privkey1' #) #config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-3des', 'authPriv') # # Setup transport endpoint and bind it with security settings yielding # a target name. Since Notifications could be sent to multiple Managers # at once, more than one target entry may be configured (and tagged). # # UDP/IPv4 config.addSocketTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-nms-1', udp.domainName, ('127.0.0.1', 162), 'my-creds-1', tagList='all-my-managers') ## UDP/IPv6 config.addSocketTransport(snmpEngine, udp6.domainName, udp6.Udp6SocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-nms-2', udp6.domainName, ('::1', 162), 'my-creds-3', tagList='all-my-managers') ## Local domain socket #config.addSocketTransport( # snmpEngine,
config.addTargetParams(snmpEngine, 'my-creds', 'usr-none-none', 'noAuthNoPriv') # # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, ('195.218.195.228', 161), 'my-creds' ) # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBindTable, cbCtx): if errorIndication: print(errorIndication) return if errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?')) return # stop on error
config.addTargetParams(snmpEngine, 'my-creds', 'usr-md5-des', 'authPriv') # # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.domainName, udp.UdpTwistedTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, ('195.218.195.228', 161), 'my-creds' ) # Error/response receiver def cbFun(cbCtx): (errorIndication, errorStatus, errorIndex, varBindTable) = cbCtx if errorIndication: print(errorIndication) elif errorStatus: print('%s at %s' % ( errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex)-1][0] or '?' ) ) else:
config.addV1System(snmpEngine, 'test-agent', 'public') # v3 setup config.addV3User( snmpEngine, 'test-user', config.usmHMACMD5AuthProtocol, 'authkey1', config.usmDESPrivProtocol, 'privkey1' ) # Transport params config.addTargetParams(snmpEngine, 'myParams', 'test-user', 'authPriv') #config.addTargetParams(snmpEngine, 'myParams', 'test-agent', 'noAuthNoPriv', 0) # Transport addresses config.addTargetAddr( snmpEngine, 'myNMS', config.snmpUDPDomain, ('127.0.0.1', 162), 'myParams', tagList='myManagementStations' ) # Notification targets config.addNotificationTarget( # snmpEngine, 'myNotifyName', 'myParams', 'myManagementStations', 'trap' snmpEngine, 'myNotifyName', 'myParams', 'myManagementStations', 'inform' ) # Setup transport endpoint config.addSocketTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() )
# to let it match first in snmpCommunityTable on response processing. # config.addV1System(snmpEngine, '0-distant-area', 'public', transportTag='remote') # # Transport target used by Manager # config.addTargetParams( snmpEngine, 'distant-agent-auth', '0-distant-area', 'noAuthNoPriv', 1 ) config.addTargetAddr( snmpEngine, 'distant-agent', udp.DOMAIN_NAME, ('104.236.166.95', 161), 'distant-agent-auth', retryCount=0, tagList='remote' ) # Default SNMP context config.addContext(snmpEngine, '') class CommandResponder(cmdrsp.CommandResponderBase): CMDGEN_MAP = { v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(), v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(), v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(), v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun() } SUPPORTED_PDU_TYPES = tuple(CMDGEN_MAP) # This app will handle these PDUs
# Transport setup # # Setup transport endpoint and bind it with security settings yielding # a target name. Since Notifications could be sent to multiple Managers # at once, more than one target entry may be configured (and tagged). # # UDP/IPv4 config.addTransport( snmpEngine, udp.domainName, udp.UdpTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-nms-1', udp.domainName, ('127.0.0.1', 162), 'my-creds', tagList='all-my-managers' ) # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget( snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap' ) # Allow NOTIFY access to Agent's MIB by this SNMP model (1), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 1, 'my-area', 'noAuthNoPriv', (), (), (1,3,6))
def snmpv3_getbulk(ip='',user='',hash_meth=None,hash_key=None,cry_meth=None,cry_key=None,oid='',num=10): #usmHMACMD5AuthProtocol - MD5 hashing #usmHMACSHAAuthProtocol - SHA hashing #usmNoAuthProtocol - no authentication #usmDESPrivProtocol - DES encryption #usm3DESEDEPrivProtocol - triple-DES encryption #usmAesCfb128Protocol - AES encryption, 128-bit #usmAesCfb192Protocol - AES encryption, 192-bit #usmAesCfb256Protocol - AES encryption, 256-bit #usmNoPrivProtocol - no encryption global maxRepetitions maxRepetitions = num hashval = None cryval = None model = None config.addTargetAddr(#添加目标,'yourDevice'(OID与处理方法),'my-creds'(用户,密码,安全模型),目的IP与端口号 snmpEngine, 'yourDevice', udp.domainName, (ip, 161), 'my-creds' ) #========================下面的操作在判断安全模型========================== #NoAuthNoPriv if hash_meth == None and cry_meth == None: hashval = config.usmNoAuthProtocol cryval = config.usmNoPrivProtocol model = 'noAuthNoPriv' #AuthNoPriv elif hash_meth != None and cry_meth == None: if hash_meth == 'md5': hashval = config.usmHMACMD5AuthProtocol elif hash_meth == 'sha': hashval = config.usmHMACSHAAuthProtocol else: print('哈希算法必须是md5 or sha!') return cryval = config.usmNoPrivProtocol model = 'authNoPriv' #AuthPriv elif hash_meth != None and cry_meth != None: if hash_meth == 'md5': hashval = config.usmHMACMD5AuthProtocol elif hash_meth == 'sha': hashval = config.usmHMACSHAAuthProtocol else: print('哈希算法必须是md5 or sha!') return if cry_meth == '3des': cryval = config.usm3DESEDEPrivProtocol elif cry_meth == 'des': cryval = config.usmDESPrivProtocol elif cry_meth == 'aes128': cryval = config.usmAesCfb128Protocol elif cry_meth == 'aes192': cryval = config.usmAesCfb192Protocol elif cry_meth == 'aes256': cryval = config.usmAesCfb256Protocol else: print('加密算法必须是3des, des, aes128, aes192 or aes256 !') return model = 'authPriv' #提供的参数不符合标准时给出提示 else: print('三种USM: NoAuthNoPriv, AuthNoPriv, AuthPriv.。请选择其中一种。') return #========================判断安全模型结束========================== config.addV3User(#添加用户与他的密钥 snmpEngine, user, hashval, hash_key, cryval, cry_key ) config.addTargetParams(snmpEngine, 'my-creds', user, model)#创建'my-creds',里边有用户和安全模型 # Prepare initial request to be sent cmdgen.BulkCommandGenerator().sendReq(snmpEngine,'yourDevice', 0, 1,((oid, None),),cbFun)#创建'yourDevice',有OID和处理方法cbFun # Run I/O dispatcher which would send pending queries and process responses snmpEngine.transportDispatcher.runDispatcher()#运行实例 return oid_list#返回oid_list
# # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport( snmpEngine, udp.DOMAIN_NAME, udp.UdpSocketTransport().openClientMode(('0.0.0.0', 61024)) ) config.addTargetAddr( snmpEngine, 'my-router', udp.DOMAIN_NAME, ('104.236.166.95', 161), 'my-creds' ) # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBindTable, cbCtx): if errorIndication: print(errorIndication) return False if errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBindTable[-1][int(errorIndex) - 1][0] or '?'))
# SNMP credentials used by Manager # v1/2 setup config.addV1System(snmpEngine, 'dest-cmt', 'public') # v3 setup config.addV3User(snmpEngine, 'test-user', config.usmHMACMD5AuthProtocol, 'authkey1', config.usmDESPrivProtocol, 'privkey1' # config.usmAesCfb128Protocol, 'privkey1' ) # Transport targets used by Manager # Target 1, SNMPv3 setup config.addTargetParams(snmpEngine, 'v3-dest-1', 'test-user', 'authPriv') config.addTargetAddr(snmpEngine, 'tgt-v3-1', config.snmpUDPDomain + (2, ), ('127.0.0.1', 161), 'v3-dest-1') # This is to map community to context name in incoming messages config.addV1System(snmpEngine, 'v2c-src-A', 'tgt-v3-1', contextName='tgt-v3-1') # Target 1, SNMPv2c setup config.addTargetParams(snmpEngine, 'v2c-dest-1', 'dest-cmt', 'noAuthNoPriv', 1) config.addTargetAddr(snmpEngine, 'tgt-v2c-1', config.snmpUDPDomain + (2, ), ('127.0.0.1', 161), 'v2c-dest-1') # This is to map community to context name in incoming messages config.addV1System(snmpEngine, 'v2c-src-B', 'tgt-v2c-1', contextName='tgt-v2c-1') # Default SNMP context config.addContext(snmpEngine, '')
# user: usr-sha-aes, auth: SHA, priv AES config.addV3User(snmpEngine, 'usr-sha-aes', config.USM_AUTH_HMAC96_SHA, 'authkey1', config.USM_PRIV_CFB128_AES, 'privkey1') config.addTargetParams(snmpEngine, 'my-creds', 'usr-sha-aes', 'authPriv') # # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport(snmpEngine, udp.DOMAIN_NAME, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-router', udp.DOMAIN_NAME, ('104.236.166.95', 161), 'my-creds') # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBinds, cbCtx): if errorIndication: print(errorIndication) elif errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex) - 1][0] or '?')) else:
# # SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, 'my-area', 'public') # # Transport target used by Manager # # Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1) config.addTargetParams(snmpEngine, 'distant-agent-auth', 'my-area', 'noAuthNoPriv', 0) config.addTargetAddr( snmpEngine, 'distant-agent', udp.DOMAIN_NAME + (2,), ('104.236.166.95', 161), 'distant-agent-auth', retryCount=0 ) # Default SNMP context config.addContext(snmpEngine, '') class CommandResponder(cmdrsp.CommandResponderBase): CMDGEN_MAP = { v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(), v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(), v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(), v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun() }
# # SecurityName <-> CommunityName <-> Transport mapping config.addV1System(snmpEngine, 'distant-area', 'public', transportTag='distant') # # Transport target used by Manager # # Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1) config.addTargetParams(snmpEngine, 'distant-agent-auth', 'distant-area', 'noAuthNoPriv', 0) config.addTargetAddr( snmpEngine, 'distant-agent', udp.domainName + (2,), ('195.218.195.228', 161), 'distant-agent-auth', retryCount=0, tagList='distant' ) # Default SNMP context config.addContext(snmpEngine, '') class CommandResponder(cmdrsp.CommandResponderBase): cmdGenMap = { v2c.GetRequestPDU.tagSet: cmdgen.GetCommandGenerator(), v2c.SetRequestPDU.tagSet: cmdgen.SetCommandGenerator(), v2c.GetNextRequestPDU.tagSet: cmdgen.NextCommandGeneratorSingleRun(), v2c.GetBulkRequestPDU.tagSet: cmdgen.BulkCommandGeneratorSingleRun() } pduTypes = cmdGenMap.keys() # This app will handle these PDUs
# SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, 'my-area', 'public', transportTag='all-my-managers') # Specify security settings per SecurityName (SNMPv2c -> 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr(snmpEngine, 'my-nms', udp.domainName, ('104.236.166.95', 162), 'my-creds', tagList='all-my-managers') # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget(snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap') # Allow NOTIFY access to Agent's MIB by this SNMP model (2), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 2, 'my-area', 'noAuthNoPriv', (), (), (1, 3, 6)) # *** SNMP engine configuration is complete by this line ***
# Create SNMP engine instance snmpEngine = engine.SnmpEngine() # SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, "my-area", "public") # Specify security settings per SecurityName (SNMPv2c -> 1) config.addTargetParams(snmpEngine, "my-creds", "my-area", "noAuthNoPriv", 1) # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) # Create named target config.addTargetAddr(snmpEngine, "my-nms", udp.domainName, ("195.218.195.228", 162), "my-creds") # *** SNMP engine configuration is complete by this line *** # Create SNMP v2c TRAP PDU with defaults trapPDU = v2c.TrapPDU() v2c.apiTrapPDU.setDefaults(trapPDU) # Set custom var-binds to TRAP PDU v2c.apiTrapPDU.setVarBinds( trapPDU, [ # sysUpTime (v2c.ObjectIdentifier("1.3.6.1.2.1.1.3.0"), v2c.TimeTicks(123)), # snmpTrapPDU ((1, 3, 6, 1, 6, 3, 1, 1, 4, 1, 0), v2c.ObjectIdentifier((1, 3, 6, 1, 6, 3, 1, 1, 5, 1))),
def cfgCmdGen(self, authData, transportTarget, tagList=null): if authData not in self.__knownAuths: if isinstance(authData, CommunityData): config.addV1System( self.snmpEngine, authData.securityName, authData.communityName, authData.contextEngineId, authData.contextName, tagList ) elif isinstance(authData, UsmUserData): config.addV3User( self.snmpEngine, authData.securityName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey, authData.contextEngineId ) else: raise error.PySnmpError('Unsupported authentication object') self.__knownAuths[authData] = 1 k = authData.securityName, authData.securityLevel, authData.mpModel if k in self.__knownParams: paramsName = self.__knownParams[k] else: paramsName = 'p%s' % nextID() config.addTargetParams( self.snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel ) self.__knownParams[k] = paramsName if transportTarget.transportDomain not in self.__knownTransports: transport = transportTarget.openClientMode() config.addSocketTransport( self.snmpEngine, transportTarget.transportDomain, transport ) self.__knownTransports[transportTarget.transportDomain] = transport k = paramsName, transportTarget, tagList if k in self.__knownTransportAddrs: addrName = self.__knownTransportAddrs[k] else: addrName = 'a%s' % nextID() config.addTargetAddr( self.snmpEngine, addrName, transportTarget.transportDomain, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, tagList ) self.__knownTransportAddrs[k] = addrName return addrName, paramsName
def configure(self, snmpEngine, authData, transportTarget, *options): cache = self._getCache(snmpEngine) if isinstance(authData, CommunityData): if authData.communityIndex not in cache['auth']: config.addV1System( snmpEngine, authData.communityIndex, authData.communityName, authData.contextEngineId, authData.contextName, authData.tag, authData.securityName ) cache['auth'][authData.communityIndex] = authData elif isinstance(authData, UsmUserData): authDataKey = authData.userName, authData.securityEngineId if authDataKey not in cache['auth']: config.addV3User( snmpEngine, authData.userName, authData.authProtocol, authData.authKey, authData.privProtocol, authData.privKey, authData.securityEngineId, securityName=authData.securityName ) cache['auth'][authDataKey] = authData else: raise error.PySnmpError('Unsupported authentication object') paramsKey = (authData.securityName, authData.securityLevel, authData.mpModel) if paramsKey in cache['parm']: paramsName, useCount = cache['parm'][paramsKey] cache['parm'][paramsKey] = paramsName, useCount + 1 else: paramsName = 'p%s' % self.nextID() config.addTargetParams( snmpEngine, paramsName, authData.securityName, authData.securityLevel, authData.mpModel ) cache['parm'][paramsKey] = paramsName, 1 if transportTarget.transportDomain in cache['tran']: transport, useCount = cache['tran'][transportTarget.transportDomain] transportTarget.verifyDispatcherCompatibility(snmpEngine) cache['tran'][transportTarget.transportDomain] = transport, useCount + 1 elif config.getTransport(snmpEngine, transportTarget.transportDomain): transportTarget.verifyDispatcherCompatibility(snmpEngine) else: transport = transportTarget.openClientMode() config.addTransport( snmpEngine, transportTarget.transportDomain, transport ) cache['tran'][transportTarget.transportDomain] = transport, 1 transportKey = (paramsName, transportTarget.transportDomain, transportTarget.transportAddr, transportTarget.tagList) if transportKey in cache['addr']: addrName, useCount = cache['addr'][transportKey] cache['addr'][transportKey] = addrName, useCount + 1 else: addrName = 'a%s' % self.nextID() config.addTargetAddr( snmpEngine, addrName, transportTarget.transportDomain, transportTarget.transportAddr, paramsName, transportTarget.timeout * 100, transportTarget.retries, transportTarget.tagList ) cache['addr'][transportKey] = addrName, 1 return addrName, paramsName
# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 1) # # Setup transport endpoint and bind it with security settings yielding # a target name # # UDP/IPv4 config.addTransport(snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode()) config.addTargetAddr( snmpEngine, 'my-router', udp.domainName, ('104.236.166.95', 161), 'my-creds', timeout=300, # in 1/100 sec retryCount=5) # Error/response receiver # noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal def cbFun(snmpEngine, sendRequestHandle, errorIndication, errorStatus, errorIndex, varBinds, cbCtx): if errorIndication: print(errorIndication) elif errorStatus: print('%s at %s' % (errorStatus.prettyPrint(), errorIndex and varBinds[int(errorIndex) - 1][0] or '?'))
def __init__(self, ip, port=161, is_ipv6=False, timeout=2000, retry_count=2, get_bulk_flag=False, continue_on_errors=0, get_bulk_repetitions=25, v3_context_engine_id=None, v3_context=''): self.ip = ip self.continue_on_errors = continue_on_errors self.get_bulk_repetitions = get_bulk_repetitions self.timeout = timeout self.output_file = list() self.retry_count = retry_count self.get_bulk_flag = get_bulk_flag self.v3_context_engine_id = v3_context_engine_id self.v3_context = v3_context if self.v3_context_engine_id: if self.v3_context_engine_id[2:] == '0x': self.v3_context_engine_id = univ.OctetString(hexValue=self.v3_context_engine_id[2:]) else: self.v3_context_engine_id = univ.OctetString(self.v3_context_engine_id) if self.v3_context: if self.v3_context[:2] == '0x': self.v3_context = univ.OctetString(hexValue=self.v3_context[2:]) else: self.v3_context = univ.OctetString(self.v3_context) if ip: try: agent_udp_endpoint = \ socket.getaddrinfo(ip, port, socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)[0][4][:2] except socket.gaierror: sys.stderr.write('ERROR: unknown hostname {}\r\n'.format(ip)) sys.exit(-1) else: sys.stderr.write('ERROR: unknown hostname {}\r\n'.format(ip)) sys.exit(-1) self._snmp_engine = engine.SnmpEngine() config.addTargetParams(self._snmp_engine, 'pms', self.get_user, self.get_security, self.get_snmp_version) if agent_udp_endpoint: if is_ipv6: config.addSocketTransport( self._snmp_engine, udp6.domainName, udp6.Udp6SocketTransport().openClientMode() ) config.addTargetAddr( self._snmp_engine, 'tgt', udp6.domainName, agent_udp_endpoint, 'pms', self.timeout, self.retry_count ) else: config.addSocketTransport( self._snmp_engine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( self._snmp_engine, 'tgt', udp.domainName, agent_udp_endpoint, 'pms', self.timeout, self.retry_count ) else: sys.stderr.write('ERROR: Failed to communicate with provided IP Address {}\r\n'.format(ip)) sys.exit(-1)
# SecurityName <-> CommunityName mapping config.addV1System(snmpEngine, 'my-area', 'public', transportTag='all-my-managers') # Specify security settings per SecurityName (SNMPv1 -> 0) config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0) # Setup transport endpoint and bind it with security settings yielding # a target name config.addTransport( snmpEngine, udp.domainName, udp.UdpSocketTransport().openClientMode() ) config.addTargetAddr( snmpEngine, 'my-nms', udp.domainName, ('195.218.195.228', 162), 'my-creds', tagList='all-my-managers' ) # Specify what kind of notification should be sent (TRAP or INFORM), # to what targets (chosen by tag) and what filter should apply to # the set of targets (selected by tag) config.addNotificationTarget( snmpEngine, 'my-notification', 'my-filter', 'all-my-managers', 'trap' ) # Allow NOTIFY access to Agent's MIB by this SNMP model (1), securityLevel # and SecurityName config.addContext(snmpEngine, '') config.addVacmUser(snmpEngine, 1, 'my-area', 'noAuthNoPriv', (), (), (1,3,6))