0

I am new in using PySNMP module in Python. According to this user manual and this manual, the following python scripts perform similar things like the net-snmp command:


net-snmp v1 command:

snmpget -v1 -c public -ObentU 195.218.195.228 1.3.6.1.2.1.1.1.0

Python v1 script:

from twisted.internet import reactor, defer
from pysnmp.entity import engine, config
from pysnmp.entity.rfc3413.twisted import cmdgen
from pysnmp.carrier.twisted import dispatch
from pysnmp.carrier.twisted.dgram import udp

# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()

# Instantiate and register Twisted dispatcher at SNMP engine
snmpEngine.registerTransportDispatcher(dispatch.TwistedDispatcher())

#
# SNMPv1 setup
#

# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', 'public')

# Specify security settings per SecurityName (SNMPv1 - 0, SNMPv2c - 1)
config.addTargetParams(snmpEngine, 'my-creds', 'my-area', 'noAuthNoPriv', 0)

#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#

# UDP/IPv4
config.addSocketTransport(
    snmpEngine,
    udp.domainName,
    udp.UdpTwistedTransport().openClientMode()
)
config.addTargetAddr(
    snmpEngine, 'my-router',
    udp.domainName, ('195.218.195.228', 161),
    'my-creds'
)

# Error/response receiver
def cbFun(cbCtx):
    (errorIndication, errorStatus, errorIndex, varBinds) = cbCtx
    if errorIndication:
        print(errorIndication)
    # SNMPv1 response may contain noSuchName error *and* SNMPv2c exception,
    # so we ignore noSuchName error here
    elif errorStatus and errorStatus != 2:
        print('%s at %s' % (
                errorStatus.prettyPrint(),
                errorIndex and varBinds[int(errorIndex)-1][0] or '?'
            )
        )
    else:
        for oid, val in varBinds:
            print('%s = %s' % (oid.prettyPrint(), val.prettyPrint()))

    reactor.stop()

# Prepare request to be sent yielding Twisted deferred object
df = cmdgen.GetCommandGenerator().sendReq(
    snmpEngine,
    'my-router',
    ( ('1.3.6.1.2.1.1.1.0', None), ('1.3.6.1.2.1.1.2.0', None) ),
)

# Register error/response receiver function at deferred
df.addCallback(cbFun)

# Run Twisted main loop
reactor.run()

net-snmp v3 command:

snmpget -v3 -l authPriv -u usr-sha-aes -a SHA -A authkey1 -x AES -X privkey1 -ObentU 195.218.195.228:161  1.3.6.1.2.1.1.1.0

Python v3 script:

from twisted.internet import reactor, defer
from pysnmp.entity import engine, config
from pysnmp.entity.rfc3413.twisted import cmdgen
from pysnmp.carrier.twisted import dispatch
from pysnmp.carrier.twisted.dgram import udp

# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()

# Instantiate and register Twisted dispatcher at SNMP engine
snmpEngine.registerTransportDispatcher(dispatch.TwistedDispatcher())

#
# SNMPv3/USM setup
#

# user: usr-sha-aes, auth: SHA, priv AES
config.addV3User(
    snmpEngine, 'usr-sha-aes',
        config.usmHMACSHAAuthProtocol, 'authkey1',
            config.usmAesCfb128Protocol, 'privkey1'
            )
config.addTargetParams(snmpEngine, 'my-creds', 'usr-sha-aes', 'authPriv')

#
# Setup transport endpoint and bind it with security settings yielding
# a target name
#

# UDP/IPv4
config.addSocketTransport(
    snmpEngine,
    udp.domainName,
    udp.UdpTwistedTransport().openClientMode()
)
config.addTargetAddr(
    snmpEngine, 'my-router',
    udp.domainName, ('195.218.195.228', 161),
    'my-creds'
)

# Error/response receiver
def cbFun(cbCtx):
    (errorIndication, errorStatus, errorIndex, varBinds) = cbCtx
    if errorIndication:
        print(errorIndication)
    elif errorStatus:
        print('%s at %s' % (
                errorStatus.prettyPrint(),
                errorIndex and varBinds[int(errorIndex)-1][0] or '?'
            )
        )
    else:
        for oid, val in varBinds:
            print('%s = %s' % (oid.prettyPrint(), val.prettyPrint()))

    reactor.stop()

# Prepare request to be sent yielding Twisted deferred object
df = cmdgen.GetCommandGenerator().sendReq(
    snmpEngine,
    'my-router',
    ( ('1.3.6.1.2.1.1.1.0', None), ),
)

# Register error/response receiver function at deferred
df.addCallback(cbFun)

# Run Twisted main loop
reactor.run()

In the above net-snmp commands, you can see that there is no 'my-creds', 'my-area', and 'my-router' parameters. However, these parameters are used in the Python scripts.

May I know what is 'my-creds', 'my-area', and 'my-router' in these Python PySNMP scripts?

4

1 回答 1

3

在 SNMP(不仅仅是 pysnmp)中,系统配置分散在几个“SNMP 表”中。它们在各自的 MIB 中定义,并且它们的行可以通过列名在逻辑上彼此链接。

最后,您可以通过单个 ID 参考特定 SNMP 对等方的所有 SNMP 配置详细信息。此外,您可以为多个不同的对等方重复使用 SNMP 配置的公共部分。

在大多数 pysnmp 脚本中,您可以发现以下表格及其关系:

securityName + securityLevel + snmpMessageProcessingModel (3) -> snmpTargetParameters (see SNMP-TARGET-MIB::snmpTargetParams)
securityName + communityName + snmpMessageVersion (1|2c) -> snmpTargetParameters (see SNMP-COMMUNITY-MIB::snmpCommunity)
snmpTargetParameters + targetAddress + timeout + retries -> snmpTarget (see SNMP-TARGET-MIB::snmpTargetAddr)

所以 snmpTarget(例如'my-router')是在请求 SNMP 应用程序(如命令生成器)通过特定 SNMP 版本和特定凭据向特定对等方发送 SNMP 请求时可以引用的顶级 ID。

这种配置模型的特点之一(至少对于 SNMP 代理的情况)是它可以通过 SNMP 进行远程管理。

于 2014-07-09T19:46:50.267 回答