Using snmp++/agent++ with SNMPv3 support (but supporting SNMPv2c requests only) - is it possible to reconfigure the listening port at runtime (e.g. if the user specifies a different port)?
Which objects need to be destroyes / re-instantiated etc?
I’m trying with the following objects being re-instantiated when the port changes but get the error Reason: authorizationError (access denied to that object)
snmp = new Snmpx(status, UdpAddress(address_and_port);
engineId = SnmpEngineID::create_engine_id(agent_port);
v3mp = Agentpp::v3MP(engineId, snmpEngineBoots, stat);
snmp->set_mpv3(v3mp);
reqList->set_v3mp(v3mp);
reqList->set_snmp(snmp);
This code is called only ONCE at initialisation:
mib->add(new snmpGroup());
mib->add(new TestAndIncr(oidSnmpSetSerialNo));
mib->add(new snmp_target_mib());
mib->add(new snmp_notification_mib());
mib->add(new snmp_community_mib(mib));
mib->add(new agentpp_config_mib(mib));
mib->add(new notification_log_mib(mib));
dynamic_cast<MasterAgentXMib*>(mib)->set_agentx(dynamic_cast<AgentXMaster *>(agentx));
uut = new UsmUserTable(v3mp);
uut->addNewRow("unsecureUser",
SNMP_AUTHPROTOCOL_NONE,
SNMP_PRIVPROTOCOL_NONE, "", "", engineId, false);
mib->add(new usm_mib(uut));
mib->add(new V3SnmpEngine(v3mp));
mib->add(new MPDGroup(v3mp));
Vacm *vacm = new Vacm(*mib);
reqList->set_vacm(vacm);
// initialize security information
vacm->addNewContext("");
vacm->addNewGroup(SNMP_SECURITY_MODEL_V2, COMMON_SNMP_COMMUNITY_READ_STRING.c_str(),
"v1v2readgroup", storageType_nonVolatile);
vacm->addNewGroup(SNMP_SECURITY_MODEL_V2, COMMON_SNMP_COMMUNITY_WRITE_STRING.c_str(),
"v1v2writegroup", storageType_nonVolatile);
vacm->addNewAccessEntry("v1v2readgroup", "",
SNMP_SECURITY_MODEL_V2,
SNMP_SECURITY_LEVEL_NOAUTH_NOPRIV,
match_exact,
"v1ReadView", "",
"v1NotifyView", storageType_nonVolatile);
vacm->addNewAccessEntry("v1v2writegroup", "",
SNMP_SECURITY_MODEL_V2,
SNMP_SECURITY_LEVEL_NOAUTH_NOPRIV,
match_exact,
"v1ReadView", "v1WriteView",
"", storageType_nonVolatile);
vacm->addNewView("v1ReadView",
"1.3",
"", // Mask "" is same as 0xFFFFFFFFFF...
view_included, // alternatively: view_excluded
storageType_nonVolatile);
vacm->addNewView("v1WriteView",
"1.3",
"", // Mask "" is same as 0xFFFFFFFFFF...
view_included, // alternatively: view_excluded
storageType_nonVolatile);
vacm->addNewView("v1NotifyView",
"1.3",
"", // Mask "" is same as 0xFFFFFFFFFF...
view_included, // alternatively: view_excluded
storageType_nonVolatile);
// add SNMPv1/v2c community to v3 security name mapping
snmpCommunityEntry *communityEntry = snmpCommunityEntry::get_instance(mib);
if (communityEntry)
{
{
OctetStr read_co(COMMON_SNMP_COMMUNITY_READ_STRING.c_str());
MibTableRow *row = communityEntry->add_row(Oidx::from_string(read_co, FALSE));
OctetStr tag("v1v2cPermittedManagers");
communityEntry->set_row(row, read_co, read_co, reqList->get_v3mp()->get_local_engine_id(), "", tag, 3, 1);
}
{
OctetStr write_co(COMMON_SNMP_COMMUNITY_WRITE_STRING.c_str());
MibTableRow *row = communityEntry->add_row(Oidx::from_string(write_co, FALSE));
OctetStr tag("v1v2cPermittedManagers");
communityEntry->set_row(row, write_co, write_co, reqList->get_v3mp()->get_local_engine_id(), "", tag, 3, 1);
}
}