我在过去的几天里一直在努力使用Auth和priv短语发送SNMPV3陷阱。这是我的代码。
陷阱接收器
private void init() throws UnknownHostException, IOException {
threadPool = ThreadPool.create("Trap", 10);
dispatcher = new MultiThreadedMessageDispatcher(threadPool,
new MessageDispatcherImpl());
listenAddress = GenericAddress.parse(System.getProperty(
"snmp4j.listenAddress", "udp:0.0.0.0/165"));
TransportMapping<?> transport;
if (listenAddress instanceof UdpAddress) {
transport = new DefaultUdpTransportMapping(
(UdpAddress) listenAddress);
} else {
transport = new DefaultTcpTransportMapping(
(TcpAddress) listenAddress);
}
USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
MPv3.createLocalEngineID()), 0);
usm.setEngineDiscoveryEnabled(true);
snmp = new Snmp(dispatcher, transport);
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv1());
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv2c());
snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3(usm));
SecurityModels.getInstance().addSecurityModel(usm);
snmp.getUSM().addUser( new OctetString("MD5DES"),
new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
new OctetString("UserName"), PrivDES.ID,
new OctetString("PasswordUser")));
snmp.getUSM().addUser(new OctetString("MD5DES"),
new UsmUser(new OctetString("MD5DES"), null, null, null, null));
snmp.listen();
}
陷阱发件人
private static void sendSnmpV3Trap() {
try {
long start = System.currentTimeMillis();
Address targetAddress = GenericAddress.parse("udp:" + ipAddress
+ "/" + port);
// Create Transport Mapping
TransportMapping<?> transport = new DefaultUdpTransportMapping();
Snmp snmp = new Snmp(transport);
USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
MPv3.createLocalEngineID()), 0);
SecurityModels.getInstance().addSecurityModel(usm);
transport.listen();
snmp.getUSM().addUser( new OctetString("MD5DES"),
new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
new OctetString("UserName"), PrivDES.ID,
new OctetString("PasswordUser")));
// Create Target
UserTarget target = new UserTarget();
target.setAddress(targetAddress);
target.setRetries(1);
// set timeout
target.setTimeout(11500);
target.setVersion(SnmpConstants.version3);
target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
target.setSecurityName(new OctetString("karthikprasad"));
target.setSecurityModel(SecurityModel.SECURITY_MODEL_USM);
// Create PDU for V3
ScopedPDU pdu = new ScopedPDU();
pdu.setType(ScopedPDU.NOTIFICATION);
// need to specify the system up time
long sysUpTime = (System.currentTimeMillis() - start) / 10;
pdu.add(new VariableBinding(SnmpConstants.sysUpTime, new TimeTicks(
sysUpTime)));
pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
SnmpConstants.linkDown));
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.1.1"),
new Integer32(1)));
// Send the PDU
System.out.println("Sending V3 Trap to " + ipAddress + " on Port "
+ port);
snmp.send(pdu, target);
snmp.addCommandResponder(new CommandResponder() {
@Override
public void processPdu(CommandResponderEvent arg0) {
System.out.println(arg0);
}
});
snmp.close();
} catch (Exception e) {
System.err.println("Error in Sending V2 Trap to " + ipAddress
+ " on Port " + port);
System.err.println("Exception Message = " + e.getMessage());
}
}
当我设置noauthand nopriv时它工作正常。但是当我设置为authpriv时,我没有收到陷阱消息。当我启用调试时,甚至没有在发送方中收到任何错误。我试图将文件复制到另一台机器并运行接收器并使用wireshark发送陷阱和受监控的网络,我能够找到发送到目标服务器的消息,但它没有传递给接收器。我相信在解密时会发生一些问题。有人可以帮帮我吗?顺便说一句,我使用的是jdk 6 update 32。
答案 0 :(得分:1)
working Example for snmp v3 trap receiver
private synchronized void startTrapReceiver() throws UnknownHostException,
IOException {
ThreadPool threadPool = ThreadPool.create("DispatcherPool", 10);
Address listenAddress = new UdpAddress("localhost/162");
TransportMapping transport;
if (listenAddress instanceof UdpAddress) {
transport = new DefaultUdpTransportMapping(
(UdpAddress) listenAddress);
} else {
transport = new DefaultTcpTransportMapping(
(TcpAddress) listenAddress);
}
USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
MPv3.createLocalEngineID()), 0);
usm.setEngineDiscoveryEnabled(true);
MessageDispatcher mDispathcher = new MultiThreadedMessageDispatcher(
threadPool, new MessageDispatcherImpl());
// add message processing models
mDispathcher.addMessageProcessingModel(new MPv1());
mDispathcher.addMessageProcessingModel(new MPv2c());
mDispathcher.addMessageProcessingModel(new MPv3(usm));
// add all security protocols
SecurityProtocols.getInstance().addDefaultProtocols();
SecurityProtocols.getInstance().addPrivacyProtocol(new Priv3DES());
SecurityModels.getInstance().addSecurityModel(usm);
CommunityTarget target = new CommunityTarget();
target.setCommunity(new OctetString("public"));
Snmp snmp = new Snmp(mDispathcher, transport);
snmp.getUSM().addUser(
new OctetString("MD5DES"),
new UsmUser(new OctetString("saikrishna"), AuthMD5.ID,
new OctetString("saikrishnapassword"), PrivDES.ID,
new OctetString("PasswordUser")));
snmp.addCommandResponder(this);
transport.listen();
System.out.println("listening");
try {
this.wait();
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
}
}
public synchronized void processPdu(CommandResponderEvent cmdRespEvent) {
System.out.println("Received PDU...");
PDU pdu = cmdRespEvent.getPDU();
if (pdu != null) {
System.out.println("Trap Type = " + pdu.getType());
System.out.println("Variables = " + pdu.getVariableBindings());
}
}
答案 1 :(得分:0)
SNMPv3设置起来很棘手。尝试在SNMP4j上使用http://friendlysnmp.org。 FriendlySNMP支持所有SNMP版本,包括v2c和v3。
答案 2 :(得分:0)
使用像友好snmp这样的包装API会让人觉得不容易理解和调试。 这里的问题很可能是发送方和发送方具有相同的引擎ID,而SNMPv3是不允许的。
因为这是许多用户的常见错误,所以MPv3.createLocalEngineID方法在最新的SNMP4J版本(自2.2.4版本)中使用创建的引擎ID中的随机组件,以避免将来出现此错误。