SNMP v3 的 PYSNMP 支持 TRAP 和 Inform Receiver 吗?

问题描述 投票:0回答:3

我可以从其文档站点查看 SNMP v1 和 V2 的陷阱接收器。

不支持SNMP v3 trap。

PYSNMP 中有 v3 陷阱接收器的东西吗?

还有什么可以通知接收者的吗?

python-2.7 snmp pysnmp
3个回答
3
投票

是的,这是一个 SNMPv3 通知接收器 示例。相同的代码也适用于 INFORM。事实上,相同的代码支持 SNMPv1 和 v2c TRAP/INFORM。

更新:

SNMPv1/v2c TRAP 接收方有义务检查传入消息中的 SNMP 社区名称(非常简单的安全措施)。这就是为什么您需要在接收端的 SNMP 引擎中配置 SNMP 团体名。

如果您需要有关 SNMP 引擎操作的更多详细信息(例如对等点的网络地址),可以在 pysnmp 内的战略位置放置一组回调,您可以监听这些回调以收集有关当前正在运行的请求的信息。这是一个例子。也可以使用

getTransportInfo
调用,但它现在被认为已过时。

您可以通过将 INFORM 发送到 demo.snmplabs.com(端口 162)来进行试验。


2
投票

谢谢@llya Etingof 在 GitHub 上的解决方案

示例:

"""
Multiple SNMP USM users
+++++++++++++++++++++++

Receive SNMP TRAP/INFORM messages with the following options:

* SNMPv1/SNMPv2c
  * with SNMP community "public"
  * over IPv4/UDP, listening at 127.0.0.1:162

* SNMPv3
* with USM users:

  * 'usr-md5-des', auth: MD5, priv DES, ContextEngineId: 8000000001020304
  * 'usr-md5-none', auth: MD5, priv NONE, ContextEngineId: 8000000001020304
  * 'usr-sha-aes128', auth: SHA, priv AES, ContextEngineId: 8000000001020304

* over IPv4/UDP, listening at 127.0.0.1:162
* print received data on stdout

Either of the following Net-SNMP commands will send notifications to this
receiver:

| $ snmptrap -v2c -c public 127.0.0.1:162 123 1.3.6.1.6.3.1.1.5.1 1.3.6.1.2.1.1.5.0 s test

| $ snmptrap -v3 -u usr-md5-des -l authPriv -A authkey1 -X privkey1 -e 8000000001020304 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1
| $ snmptrap -v3 -u usr-md5-none -l authNoPriv -A authkey1 -e 8000000001020304 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1
| $ snmpinform -v3 -u usr-sha-aes128 -l authPriv -a SHA -A authkey1 -x AES -X privkey1 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1

"""#
from pysnmp.entity import engine, config
from pysnmp.carrier.asyncore.dgram import udp
from pysnmp.entity.rfc3413 import ntfrcv
from pysnmp.proto.api import v2c

# Create SNMP engine with autogenernated engineID and pre-bound
# to socket transport dispatcher
snmpEngine = engine.SnmpEngine()

# Transport setup

# UDP over IPv4
config.addTransport(
    snmpEngine,
    udp.domainName,
    udp.UdpTransport().openServerMode(('127.0.0.1', 162))
)

# SNMPv1/2c setup
config.addV1System(snmpEngine, 'my-area', 'public')

# SNMPv3/USM setup

# user: usr-md5-des, auth: MD5, priv DES
config.addV3User(
    snmpEngine, 'usr-md5-des',
    config.usmHMACMD5AuthProtocol, 'authkey1',
    config.usmDESPrivProtocol, 'privkey1'
)

# user: usr-md5-des, auth: MD5, priv DES, securityEngineId: 8000000001020304
# this USM entry is used for TRAP receiving purposes
config.addV3User(
    snmpEngine, 'usr-md5-des',
    config.usmHMACMD5AuthProtocol, 'authkey1',
    config.usmDESPrivProtocol, 'privkey1',
    securityEngineId=v2c.OctetString(hexValue='8000000001020304')
)

# user: usr-md5-none, auth: MD5, priv NONE
config.addV3User(
    snmpEngine, 'usr-md5-none',
    config.usmHMACMD5AuthProtocol, 'authkey1'
)

# user: usr-md5-none, auth: MD5, priv NONE, securityEngineId: 8000000001020304
# this USM entry is used for TRAP receiving purposes
config.addV3User(
    snmpEngine, 'usr-md5-none',
    config.usmHMACMD5AuthProtocol, 'authkey1',
    securityEngineId=v2c.OctetString(hexValue='8000000001020304')
)

# user: usr-sha-aes128, auth: SHA, priv AES
config.addV3User(
    snmpEngine, 'usr-sha-aes128',
    config.usmHMACSHAAuthProtocol, 'authkey1',
    config.usmAesCfb128Protocol, 'privkey1'
)
# user: usr-sha-aes128, auth: SHA, priv AES, securityEngineId: 8000000001020304
# this USM entry is used for TRAP receiving purposes
config.addV3User(
    snmpEngine, 'usr-sha-aes128',
    config.usmHMACSHAAuthProtocol, 'authkey1',
    config.usmAesCfb128Protocol, 'privkey1',
    securityEngineId=v2c.OctetString(hexValue='8000000001020304')
)


# Callback function for receiving notifications
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, stateReference, contextEngineId, contextName,
          varBinds, cbCtx):
    print('Notification from ContextEngineId "%s", ContextName "%s"' % (
        contextEngineId.prettyPrint(), contextName.prettyPrint()))
    for name, val in varBinds:
        print('%s = %s' % (name.prettyPrint(), val.prettyPrint()))


# Register SNMP Application at the SNMP engine
ntfrcv.NotificationReceiver(snmpEngine, cbFun)

snmpEngine.transportDispatcher.jobStarted(1)  # this job would never finish

# Run I/O dispatcher which would receive queries and send confirmations
try:
    snmpEngine.transportDispatcher.runDispatcher()
except:
    snmpEngine.transportDispatcher.closeDispatcher()
    raise

命令:

| $ snmptrap -v2c -c public 127.0.0.1:162 123 1.3.6.1.6.3.1.1.5.1 1.3.6.1.2.1.1.5.0 s test

| $ snmptrap -v3 -u usr-md5-des -l authPriv -A authkey1 -X privkey1 -e 8000000001020304 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1
| $ snmptrap -v3 -u usr-md5-none -l authNoPriv -A authkey1 -e 8000000001020304 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1
| $ snmpinform -v3 -u usr-sha-aes128 -l authPriv -a SHA -A authkey1 -x AES -X privkey1 127.0.0.1 123 1.3.6.1.6.3.1.1.5.1

标准输出:

Notification from ContextEngineId "0x80004fb80543794f53335afe60", ContextName ""
1.3.6.1.2.1.1.3.0 = 123
1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.6.3.1.1.5.1
1.3.6.1.2.1.1.5.0 = test

Notification from ContextEngineId "0x80001f88809f7b5c26ef1e1c5e00000000", ContextName ""
1.3.6.1.2.1.1.3.0 = 123
1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.6.3.1.1.5.1

Notification from ContextEngineId "0x80001f88809f7b5c26ef1e1c5e00000000", ContextName ""
1.3.6.1.2.1.1.3.0 = 123
1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.6.3.1.1.5.1

Notification from ContextEngineId "0x80001f88809f7b5c26ef1e1c5e00000000", ContextName ""
1.3.6.1.2.1.1.3.0 = 123
1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.6.3.1.1.5.1


1
投票

执行时出现以下错误: '#python3 示例-above.py'

'#udp.domainName, AttributeError:模块“pysnmp.carrier.asyncore.dgram.udp”没有属性“domainName”“

Centos 7

Python 3.6.8

pysnmp 5.0.0

pysmi-0.3.4

pyasn1-0.4.8

net-snmp5.8.1-pre

'#python3 -v -c '导入 pysnmp' 2>&1 | grep pysmi --> 不产生任何结果'

'#python -v -c '导入 pysnmp' 2>&1 | grep pysmi'

'#zipimport:在 /usr/lib/python2.7/site-packages/pysmi-0.3.4-py2.7.egg 中找到 100 个名称'

'#python3 -v -c '导入 pysnmp' 2>&1 | grep pyasn1'

'# zipimport: 在 '/usr/local/lib/python3.6/site-packages/pyasn1-0.4.8-py3.6.egg' 中找到 77 个名称

修复:git克隆所有依赖源,解压包,cd package-source-dir然后:#python3 setup.py install

由于这是我的第一个 python/snmp 项目,很可能有更好/更干净的方法来解决。 希望知道正确的方法。

黑客快乐:)

© www.soinside.com 2019 - 2024. All rights reserved.