无法使用Auth和Priv发送snmp v3陷阱

时间:2014-03-19 15:14:33

标签: java snmp snmp4j

我在过去的几天里一直在努力使用Auth和priv短语发送SNMPV3陷阱。这是我的代码。

陷阱接收器

private void init() throws UnknownHostException, IOException {
        threadPool = ThreadPool.create("Trap", 10);
        dispatcher = new MultiThreadedMessageDispatcher(threadPool,
                new MessageDispatcherImpl());
        listenAddress = GenericAddress.parse(System.getProperty(
                "snmp4j.listenAddress", "udp:0.0.0.0/165"));
        TransportMapping<?> transport;
        if (listenAddress instanceof UdpAddress) {
            transport = new DefaultUdpTransportMapping(
                    (UdpAddress) listenAddress);
        } else {
            transport = new DefaultTcpTransportMapping(
                    (TcpAddress) listenAddress);
        }
        USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
                MPv3.createLocalEngineID()), 0);
        usm.setEngineDiscoveryEnabled(true);

        snmp = new Snmp(dispatcher, transport);
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv1());
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv2c());
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3(usm));
        SecurityModels.getInstance().addSecurityModel(usm);
        snmp.getUSM().addUser(  new OctetString("MD5DES"),
                new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
                        new OctetString("UserName"), PrivDES.ID,
                        new OctetString("PasswordUser")));
        snmp.getUSM().addUser(new OctetString("MD5DES"),
                new UsmUser(new OctetString("MD5DES"), null, null, null, null));

        snmp.listen();
}

陷阱发件人

private static void sendSnmpV3Trap() {
        try {
            long start = System.currentTimeMillis();
            Address targetAddress = GenericAddress.parse("udp:" + ipAddress
                    + "/" + port);

            // Create Transport Mapping
            TransportMapping<?> transport = new DefaultUdpTransportMapping();
            Snmp snmp = new Snmp(transport);
            USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
                    MPv3.createLocalEngineID()), 0);
            SecurityModels.getInstance().addSecurityModel(usm);
            transport.listen();

            snmp.getUSM().addUser(  new OctetString("MD5DES"),
                    new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
                            new OctetString("UserName"), PrivDES.ID,
                            new OctetString("PasswordUser")));

            // Create Target
            UserTarget target = new UserTarget();
            target.setAddress(targetAddress);
            target.setRetries(1);

            // set timeout
            target.setTimeout(11500);
            target.setVersion(SnmpConstants.version3);
            target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
            target.setSecurityName(new OctetString("karthikprasad"));
            target.setSecurityModel(SecurityModel.SECURITY_MODEL_USM);

            // Create PDU for V3
            ScopedPDU pdu = new ScopedPDU();
            pdu.setType(ScopedPDU.NOTIFICATION);

            // need to specify the system up time
            long sysUpTime = (System.currentTimeMillis() - start) / 10;
            pdu.add(new VariableBinding(SnmpConstants.sysUpTime, new TimeTicks(
                    sysUpTime)));
            pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
                    SnmpConstants.linkDown));
            pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.1.1"),
                    new Integer32(1)));

            // Send the PDU
            System.out.println("Sending V3 Trap to " + ipAddress + " on Port "
                    + port);
            snmp.send(pdu, target);
            snmp.addCommandResponder(new CommandResponder() {
                @Override
                public void processPdu(CommandResponderEvent arg0) {
                    System.out.println(arg0);
                }
            });
            snmp.close();
        } catch (Exception e) {
            System.err.println("Error in Sending V2 Trap to " + ipAddress
                    + " on Port " + port);
            System.err.println("Exception Message = " + e.getMessage());
        }
    }

当我设置noauthand nopriv时它工作正常。但是当我设置为authpriv时,我没有收到陷阱消息。当我启用调试时,甚至没有在发送方中收到任何错误。我试图将文件复制到另一台机器并运行接收器并使用wireshark发送陷阱和受监控的网络,我能够找到发送到目标服务器的消息,但它没有传递给接收器。我相信在解密时会发生一些问题。有人可以帮帮我吗?顺便说一句,我使用的是jdk 6 update 32。

3 个答案:

答案 0 :(得分:1)

working Example for snmp v3 trap receiver

private synchronized void startTrapReceiver() throws UnknownHostException,
            IOException {
    ThreadPool threadPool = ThreadPool.create("DispatcherPool", 10);

    Address listenAddress = new UdpAddress("localhost/162");
    TransportMapping transport;
    if (listenAddress instanceof UdpAddress) {
        transport = new DefaultUdpTransportMapping(
                (UdpAddress) listenAddress);
    } else {
        transport = new DefaultTcpTransportMapping(
                (TcpAddress) listenAddress);
    }
    USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
            MPv3.createLocalEngineID()), 0);
    usm.setEngineDiscoveryEnabled(true);

    MessageDispatcher mDispathcher = new MultiThreadedMessageDispatcher(
            threadPool, new MessageDispatcherImpl());

    // add message processing models
    mDispathcher.addMessageProcessingModel(new MPv1());
    mDispathcher.addMessageProcessingModel(new MPv2c());
    mDispathcher.addMessageProcessingModel(new MPv3(usm));
    // add all security protocols
    SecurityProtocols.getInstance().addDefaultProtocols();
    SecurityProtocols.getInstance().addPrivacyProtocol(new Priv3DES());

    SecurityModels.getInstance().addSecurityModel(usm);

    CommunityTarget target = new CommunityTarget();

    target.setCommunity(new OctetString("public"));

    Snmp snmp = new Snmp(mDispathcher, transport);

    snmp.getUSM().addUser(
            new OctetString("MD5DES"),
            new UsmUser(new OctetString("saikrishna"), AuthMD5.ID,
                    new OctetString("saikrishnapassword"), PrivDES.ID,
                    new OctetString("PasswordUser")));
    snmp.addCommandResponder(this);

    transport.listen();
    System.out.println("listening");
    try {
        this.wait();
    } catch (InterruptedException ex) {
        Thread.currentThread().interrupt();
    }
}

public synchronized void processPdu(CommandResponderEvent cmdRespEvent) {
    System.out.println("Received PDU...");
    PDU pdu = cmdRespEvent.getPDU();
    if (pdu != null) {
        System.out.println("Trap Type = " + pdu.getType());
        System.out.println("Variables = " + pdu.getVariableBindings());
    }
}

答案 1 :(得分:0)

SNMPv3设置起来很棘手。尝试在SNMP4j上使用http://friendlysnmp.org。 FriendlySNMP支持所有SNMP版本,包括v2c和v3。

答案 2 :(得分:0)

使用像友好snmp这样的包装API会让人觉得不容易理解和调试。 这里的问题很可能是发送方和发送方具有相同的引擎ID,而SNMPv3是不允许的。

因为这是许多用户的常见错误,所以MPv3.createLocalEngineID方法在最新的SNMP4J版本(自2.2.4版本)中使用创建的引擎ID中的随机组件,以避免将来出现此错误。