net-snmp: Disman Event MIB - snmp

I'm using net-snmp and Disman Event monitor
with the snmpd.conf
======================================================================
monitor -r 1 MachineTooOver .1.3.6.1.2.1.25.3.3.1.2.196612 > 10
monitor -r 1 MachineTooOver .1.3.6.1.2.1.25.3.3.1.2 > 10
i found that the first command not working as the second.
( in case .1.3.6.1.2.1.25.3.3.1.2.196612 object available )
it's the same for all OID such as.
monitor -r 1 MachineOverLoad .1.3.6.1.4.1.8072.2.5 > 10
monitor -r 1 MachineOverLoad .1.3.6.1.4.1.8072.2 > 10
=====================================================================
I need to monitor specific OID like .1.3.6.1.2.1.25.3.3.1.2.196612
Does any one know how to do this?.

Related

Limit on number of wireless "sta" stations in openwrt

I have openwrt implementation on a TPLink WR902AC (pocket router)
I have a /etc/network/wireless configuration file with 10 sta configurations for connecting to AP all of which are active (option disabled '0')
This is to ensure that openwrt connects to any one of the APs configured.
Only the first 4 configured are attempted to be connected and the rest are simply ignored.
(if first 4 configured are not available the 5th one is being ignored)
I tried to identify the bottleneck.
Only first 4 wpa_supplicant instances are called as evident from these files in /tmp/run
./tmp/run/wpa_supplicant/wifi3
./tmp/run/wpa_supplicant/wifi1
./tmp/run/wpa_supplicant/wifi2
./tmp/run/wpa_supplicant/wifi0
When I disable the first one, the fifth one gets connected on reconnect with "wifi"
I tried to check the source code. I lost the track after ubus being called from wifi script.
This I believe is similar question to https://forum.openwrt.org/t/limit-on-the-number-of-wifi-ssids/63141
iw list on openwrt show me the limit.
valid interface combinations:
* #{ IBSS } <= 1, #{ managed, AP, mesh point, P2P-client, P2P-GO } <= 4,
total <= 4, #channels <= 1, STA/AP BI must match
I tried to use wpa_supplicant directly instead of depending on scripts.
wpa_supplicant -c /root/wifi0.conf -i wifi0 -s -B
wpa_supplicant -c /root/wifi1.conf -i wifi1 -s -B
wpa_supplicant -c /root/wifi2.conf -i wifi2 -s -B
wpa_supplicant -c /root/wifi3.conf -i wifi3 -s -B
wpa_supplicant -c /root/wifi4.conf -i wifi4 -s -B
wpa_supplicant -c /root/wifi5.conf -i wifi5 -s -B
This failed with "interface wifi4" not available error.
Could someone point me to the source where this hard limit is set?
Is there any way around this?
Thanks in advance.
Update:-
mt7601u based usb WiFi dongle was added to wr902ac and configured (as radio2)
This time only one is connected. If I have AP configured, sta doesn't even get connected.
so number of slots is limited. (ap counts as one slot and each sta is one slot)
The built-in 2.4 GHZ has 4 slots & 5 GHz has 8 slots.
The mt7601u based wifi has only 1 slot.
Probably there exists a usb dongle that has 8 slots. Could someone point me to the theory behind all this?

debug bpf code on netlink messages

I am writing a bpf filter to prevent certain netlink messages. I am trying to debug the bpf code. Is there any debug tool that could help me?
I was initially thinking of using nlmon to capture netlink messages:
From https://jvns.ca/blog/2017/09/03/debugging-netlink-requests/
# create the network interface
sudo ip link add nlmon0 type nlmon
sudo ip link set dev nlmon0 up
sudo tcpdump -i nlmon0 -w netlink.pcap # capture your packets
Then use ./bpf_dbg (
https://github.com/cloudflare/bpftools/blob/master/linux_tools/bpf_dbg.c)
1) ./bpf_dbg to enter the shell (shell cmds denoted with '>'):
2) > load bpf 6,40 0 0 12,21 0 3 20... (this is the bpf code I intend to debug)
3) > load pcap netlink.pcap
4) > run /disassemble/dump/quit (self-explanatory)
5) > breakpoint 2 (sets bp at loaded BPF insns 2, do run then;
multiple bps can be set, of course, a call to breakpoint
w/o args shows currently loaded bps, breakpoint reset for
resetting all breakpoints)
6) > select 3 (run etc will start from the 3rd packet in the pcap)
7) > step [-, +] (performs single stepping through the BPF)
Did anyone try this before?
Also, I was not able to make nlmon module to load on my linux kernel(Is there a doc for this?)
I am running kernel version Linux version 4.10.0-40-generic
The nlmon module seems to be present in the kernel source:
https://elixir.free-electrons.com/linux/v4.10/source/drivers/net/nlmon.c#L41
But, when I search inside, /lib/modules/ for nlmon.ko I dont find anything.
instance-1:/lib/modules$ find . | grep -i nlmon
instance-1:/lib/modules$

Cannot Figure Out PWM Overlay for BeagleBone Green Wireless

I am new to BeagleBone Green Wireless (BBGW). I just read Derek Molloy's Exploring BeagleBone. Very good read, however, BBGW has Linux 4.4.9-ti-r25 and everything is quite different. Linux 4.4.9 no longer has the device tree source. Just has the device tree overlays (.dto). I am trying to experiment with the PWM's. I loaded am33xx_pwm-00A0.dtbo and BB-PWM1-00A0.dtbo overlays found in /lib/firmware. I presume these are default overlays for PWM1 but not sure.
export SLOTS=/sys/devices/platform/bone_capemgr/slots
export PINS=/sys/kernel/debug/pinctrl/44e10800.pinmux/pins
sudo sh -c "echo am33xx_pwm > $SLOTS"
sudo sh -c "echo BB-PWM1 > $SLOTS"
They appear to be loaded correctly,
root#beaglebone:/lib/firmware# cat $SLOTS
0: PF---- -1
1: PF---- -1
2: PF---- -1
3: PF---- -1
5: P-O-L- 0 Override Board Name,00A0,Override Manuf,am33xx_pwm
7: P-O-L- 1 Override Board Name,00A0,Override Manuf,BB-PWM1
However, I cannot find where to access PWM1's properties. Malloy says that they are in, /sys/devices/ocp.3/pwm_test_p9_22.15. I could not find that directory and the closest I could find was /sys/devices/platform/ocp/. There are several devices but nothing about PWM1. Where can I find the location of PWM1's properties? I want to change them using the echo command using this example,
sudo su
echo 5000 > duty
echo 10000 > period
echo 1 > run
If someone knows of a good document that would be helpful as well.
I know you said you are close to solving it but I got it to work..
Kernel: 4.4.30-ti-r64
Distro: Debian 8.6 Jessie
Now to load the PWM overlay...
My distro is from RCN and comes with the overlays pre-populated in my /lib/firmware/ folder. If you have the overlays there continue to step 4, if not step 2.
apt-get update
sudo apt install bb-cape-overlays
Load the overlay into the cape manager:
echo BB-PWM1 > /sys/devices/platform/bone_capemgr/slots
Ensure the overlay is loaded correctly by doing two things:
First make sure it is in the capemanager:
cat /sys/devices/platform/bone_capemgr/slots
output:
0: PF---- -1
1: PF---- -1
2: PF---- -1
3: PF---- -1
4: P-O-L- 0 Override Board Name,00A0,Override Manuf,BB-PWM1
The second is to make sure the pin is correctly muxed to do this:
cd /sys/kernel/debug/pinctrl/44e10800.pinmux
more pins | grep 848
the output should be similar to this :
pin 18 (44e10848.0) 00000006 pinctrl-single
You can look into the overlay to get a deeper understanding of what is going on but it is a little outside the scope of this question.
if you don't see the 00000006 output. Dont proceed. Reboot the BB and try again. This happened to me and a reboot solved the problem
So, the BB is now ready for PWM.
cd /sys/class/pwm
cd pwmchip0
echo 0 > export
cd pwm0
echo 1000000000 > period
echo 800000000 > duty_cycle
echo 1 > enable
Ta-da. it should work. Sorry for the lengthy response. I wanted to be thorough.
I followed the tutorial: http://www.teachmemicro.com/beaglebone-black-pwm-ubuntu-device-tree/
Edit:
This is for setting the PWM for P9_14

Is my VPS under DDoS atack?

When i run this command on my VPS:
netstat -n|grep :80|cut -c 45-|cut -f 1 -d ':'|sort|uniq -c|sort -nr|more
i get this result:
207 222.73.144.194
89 191.96.249.54
58 191.96.249.53
21 2400
15 51.255.64.23
6 143.137.103.251
3 103.27.72.36
1 89.180.150.168
1 66.102.7.137
1 5.189.170.167
1 191.181.39.208
1 183.2.246.218
I think this command is showing the number of connections per IP to port 80.
Is this a DDoS atack?
Have you check another aspect (eg. cpu load, network throughput to specific ip(s) using iftop or iptraf)? If there's normal, maybe it's just web/http scanner to your web.
If you're use nginx, you can use limit_conn module, to queue the rest of ip(s) if didn't obey your policy.

net-snmp snmptrap sending samples

I'm new in SNMP and I just configured the agent and the manager and I'm
able to receive the traps sent by the agent. But I noticed that the traps
received by the manager are captured between 10 seconds, but I need to
receive the traps as soon as I generate them not between 10 sec.
I'll show you my script which is intended to capture the signal avg power
that a client has with an Access Point, the samples are taking between 1
sec and I need to send that trap to the manager in less time than 1 sec.
while :
do
valor=$(iw dev wlan0 station dump \
| grep 'signal avg': | awk '{print $3}')
snmptrap -v 1 -c public 192.168.1.25 '1.2.3.4.5.6' \
'192.168.1.1' 6 99 '55' 1.11.12.13.14.15 s "$valor"
echo $valor >> muestras.txt
sleep 1
done
But surprisingly the traps seems to be generated between 10 sec or maybe
the manager is receive them in an elapsed time of 10 sec. I don't know
where is the problem, in the agent or in the manager, but I'm sure that the
agent generates samples in 1 sec because "muestras.txt" shows that.
Hope you can help me!.
Greetings!
I found the answer.
The problem was in the server who executes snmptrapd. Simply I passed the argument -n to the snmptrapd and that solved all!.

Resources