0

过去几天我一直在努力使用 Auth 和 priv 短语发送 SNMPV3 陷阱。这是我的代码。

陷阱接收器

private void init() throws UnknownHostException, IOException {
        threadPool = ThreadPool.create("Trap", 10);
        dispatcher = new MultiThreadedMessageDispatcher(threadPool,
                new MessageDispatcherImpl());
        listenAddress = GenericAddress.parse(System.getProperty(
                "snmp4j.listenAddress", "udp:0.0.0.0/165"));
        TransportMapping<?> transport;
        if (listenAddress instanceof UdpAddress) {
            transport = new DefaultUdpTransportMapping(
                    (UdpAddress) listenAddress);
        } else {
            transport = new DefaultTcpTransportMapping(
                    (TcpAddress) listenAddress);
        }
        USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
                MPv3.createLocalEngineID()), 0);
        usm.setEngineDiscoveryEnabled(true);

        snmp = new Snmp(dispatcher, transport);
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv1());
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv2c());
        snmp.getMessageDispatcher().addMessageProcessingModel(new MPv3(usm));
        SecurityModels.getInstance().addSecurityModel(usm);
        snmp.getUSM().addUser(  new OctetString("MD5DES"),
                new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
                        new OctetString("UserName"), PrivDES.ID,
                        new OctetString("PasswordUser")));
        snmp.getUSM().addUser(new OctetString("MD5DES"),
                new UsmUser(new OctetString("MD5DES"), null, null, null, null));

        snmp.listen();
}

陷阱发送者

private static void sendSnmpV3Trap() {
        try {
            long start = System.currentTimeMillis();
            Address targetAddress = GenericAddress.parse("udp:" + ipAddress
                    + "/" + port);

            // Create Transport Mapping
            TransportMapping<?> transport = new DefaultUdpTransportMapping();
            Snmp snmp = new Snmp(transport);
            USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
                    MPv3.createLocalEngineID()), 0);
            SecurityModels.getInstance().addSecurityModel(usm);
            transport.listen();

            snmp.getUSM().addUser(  new OctetString("MD5DES"),
                    new UsmUser(new OctetString("karthikprasad"), AuthMD5.ID,
                            new OctetString("UserName"), PrivDES.ID,
                            new OctetString("PasswordUser")));

            // Create Target
            UserTarget target = new UserTarget();
            target.setAddress(targetAddress);
            target.setRetries(1);

            // set timeout
            target.setTimeout(11500);
            target.setVersion(SnmpConstants.version3);
            target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
            target.setSecurityName(new OctetString("karthikprasad"));
            target.setSecurityModel(SecurityModel.SECURITY_MODEL_USM);

            // Create PDU for V3
            ScopedPDU pdu = new ScopedPDU();
            pdu.setType(ScopedPDU.NOTIFICATION);

            // need to specify the system up time
            long sysUpTime = (System.currentTimeMillis() - start) / 10;
            pdu.add(new VariableBinding(SnmpConstants.sysUpTime, new TimeTicks(
                    sysUpTime)));
            pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
                    SnmpConstants.linkDown));
            pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.1.1"),
                    new Integer32(1)));

            // Send the PDU
            System.out.println("Sending V3 Trap to " + ipAddress + " on Port "
                    + port);
            snmp.send(pdu, target);
            snmp.addCommandResponder(new CommandResponder() {
                @Override
                public void processPdu(CommandResponderEvent arg0) {
                    System.out.println(arg0);
                }
            });
            snmp.close();
        } catch (Exception e) {
            System.err.println("Error in Sending V2 Trap to " + ipAddress
                    + " on Port " + port);
            System.err.println("Exception Message = " + e.getMessage());
        }
    }

当我设置 noauthand nopriv 它工作正常。但是当我设置为 authpriv 时,我没有收到陷阱消息。当我启用调试时,甚至没有在发件人中收到任何错误。我尝试将文件复制到另一台机器并运行接收器并使用wireshark发送陷阱和监控网络,我能够找到到达目标服务器的消息,但它没有传递给接收器。我相信解密时发生了一些问题。有人可以帮帮我吗?顺便说一句,我正在使用 jdk 6 update 32。

4

3 回答 3

1

snmp v3 陷阱接收器的工作示例

private synchronized void startTrapReceiver() throws UnknownHostException,
            IOException {
    ThreadPool threadPool = ThreadPool.create("DispatcherPool", 10);

    Address listenAddress = new UdpAddress("localhost/162");
    TransportMapping transport;
    if (listenAddress instanceof UdpAddress) {
        transport = new DefaultUdpTransportMapping(
                (UdpAddress) listenAddress);
    } else {
        transport = new DefaultTcpTransportMapping(
                (TcpAddress) listenAddress);
    }
    USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
            MPv3.createLocalEngineID()), 0);
    usm.setEngineDiscoveryEnabled(true);

    MessageDispatcher mDispathcher = new MultiThreadedMessageDispatcher(
            threadPool, new MessageDispatcherImpl());

    // add message processing models
    mDispathcher.addMessageProcessingModel(new MPv1());
    mDispathcher.addMessageProcessingModel(new MPv2c());
    mDispathcher.addMessageProcessingModel(new MPv3(usm));
    // add all security protocols
    SecurityProtocols.getInstance().addDefaultProtocols();
    SecurityProtocols.getInstance().addPrivacyProtocol(new Priv3DES());

    SecurityModels.getInstance().addSecurityModel(usm);

    CommunityTarget target = new CommunityTarget();

    target.setCommunity(new OctetString("public"));

    Snmp snmp = new Snmp(mDispathcher, transport);

    snmp.getUSM().addUser(
            new OctetString("MD5DES"),
            new UsmUser(new OctetString("saikrishna"), AuthMD5.ID,
                    new OctetString("saikrishnapassword"), PrivDES.ID,
                    new OctetString("PasswordUser")));
    snmp.addCommandResponder(this);

    transport.listen();
    System.out.println("listening");
    try {
        this.wait();
    } catch (InterruptedException ex) {
        Thread.currentThread().interrupt();
    }
}

public synchronized void processPdu(CommandResponderEvent cmdRespEvent) {
    System.out.println("Received PDU...");
    PDU pdu = cmdRespEvent.getPDU();
    if (pdu != null) {
        System.out.println("Trap Type = " + pdu.getType());
        System.out.println("Variables = " + pdu.getVariableBindings());
    }
}
于 2015-06-26T10:10:42.047 回答
0

使用像友好的 snmp 这样的封装 API 会使思考变得不容易,但更难理解和调试。这里的问题很可能是发送者和接收者具有相同的引擎 ID,这是 SNMPv3 所不允许的。

因为这是许多用户的常见错误,所以 MPv3.createLocalEngineID 方法在最新的 SNMP4J 版本(自 2.2.4 起)中使用创建的引擎 ID 中的随机组件来避免将来出现此错误。

于 2014-04-25T00:32:38.033 回答
0

SNMPv3 设置起来很棘手。尝试在 SNMP4j 之上使用http://friendlysnmp.org 。FriendlySNMP 支持所有 SNMP 版本,包括 v2c 和 v3。

于 2014-03-27T16:42:16.573 回答