Hi Frank,
I am still trying to fix the problem that the response PDU contains the securityName instead of the communityName. This is difficult to prove with your examples as the securityName and communityName are both ‘public’.
The following patch adds a communityName ‘private’ with a securityName comWrite to the proxy_forwarder example agent:
--- a/examples/proxy_forwarder/src/agent.cpp
+++ b/examples/proxy_forwarder/src/agent.cpp
@@ -356,6 +356,19 @@ int main(int argc, char* argv[]) {
init(*mib, engineId);
snmp_community_mib::add_public();
+ // Add write community 'private'
+ Oidx ind = Oidx::from_string("comw", FALSE);
+ MibTableRow* r = snmpCommunityEntry::instance->add_row(ind);
+ snmpCommunityEntry::instance->set_row(r,
+ OctetStr("private"), // CommunityName
+ OctetStr("comWrite"), // SecurityName
+ v3MP::I->get_local_engine_id(), // ContextEngineID
+ OctetStr(""), // ContextName
+ OctetStr("access"), // TransportTag
+ storageType_nonVolatile, // StorageType
+ rowActive); // RowStatus
+
+
ProxyForwarder* proxy = new ProxyForwarder(mib, "", ProxyForwarder::ALL);
mib->register_proxy(proxy);
@@ -381,6 +394,10 @@ int main(int argc, char* argv[]) {
"v1v2group", storageType_nonVolatile);
vacm->addNewGroup(SNMP_SECURITY_MODEL_V1, "public",
"v1v2group", storageType_nonVolatile);
+ vacm->addNewGroup(SNMP_SECURITY_MODEL_V2, "comWrite",
+ "v1v2group", storageType_nonVolatile);
+ vacm->addNewGroup(SNMP_SECURITY_MODEL_V1, "comWrite",
+ "v1v2group", storageType_nonVolatile);
vacm->addNewGroup(SNMP_SECURITY_MODEL_USM, "initial",
"initial", storageType_nonVolatile);
vacm->addNewGroup(SNMP_SECURITY_MODEL_USM, "unsecureUser",
After applying the patch the snmpCommunityTable will look like this:
index Name SecurityName ContextEngineID ContextName TransportTag StorageType Status
'comw' "private" comWrite "80 00 13 70 05 75 62 75 6E 74 75 32 32 30 34 27 B1 " access nonVolatile active
'proxy1'"proxy1" pubProxy1 "80 00 13 70 05 75 62 75 6E 74 75 32 32 30 34 12 5D " access nonVolatile active
'public'"public" public "80 00 13 70 05 75 62 75 6E 74 75 32 32 30 34 27 B1 " access nonVolatile active
If you now start the proxy_forwarder and do a snmpget using the community ‘private’ and capture the packets you’ll get the following:
tcpdump -i lo -n udp port 4700 -T snmp
IP 127.0.0.1.52872 > 127.0.0.1.4700: C="private" GetRequest(28) .1.3.6.1.2.1.1.1.0
IP 127.0.0.1.4700 > 127.0.0.1.52872: C="comWrite" GetResponse(128) .1.3.6.1.2.1.1.1.0="AGENT++v4.7.0 Proxy Forwarder - Use 'MD5' as SNMPv3 user and 'MD5UserAuthPassword' as authentication"
Note how the response contains the comWrite instead of private as community.
Best regards,
Holger
PS: Currently the forum only allows to attach picture formats. Wouldn’t it be useful if we could upload patch files and source files as well?