I am trying to extend agent to support my mib. I was using old api before but this time I decided going into the newer one. So I started by using mib2c.mfd.conf as mib2c configuration file and after some effort by following ifTable tutorial in net-snmp site I succeeded in processing get requests. But in the case of set requests I face the error:
Error in packet.
Reason: notWritable (That object does not support modification)
Failed object: ZT400-CONF-MIB::nodeLoc.1
and no debugging log is outputted by my agent. (In the case of get I receive something like this):
internal:nodeTable:_mfd_nodeTable_pre_request: called
verbose:nodeTable:nodeTable_pre_request: called
internal:nodeTable:_mfd_nodeTable_object_lookup: called
verbose:nodeTable:nodeTable_row_prep: called
internal:nodeTable:_mfd_nodeTable_get_values: called
internal:nodeTable:_mfd_nodeTable_get_column: called for 2
verbose:nodeTable:nodeName_get: called
internal:nodeTable:_mfd_nodeTable_post_request: called
verbose:nodeTable:nodeTable_post_request: called
And for set request as it stated in read-me file I expect receiving at least first two lines.
what is the problem? can anyone help?
Is there a working tutorial for implementing snmp settable objects with net-snmp mfd?
Related
I have a something that is sending an SNMP set command to my server. I can see the packet in wireshark, and I know that I'm getting the packet. Once I get this packet I need to decode it and do an operation (using a script). I can't believe I am the first person that needs to do this, but have googled for hours and found no one else in this use case. I've seen utilities that allow me to use a get snmp, but as the set doesn't actually set anything on my server, there is no way to get it. It doesn't seem traps are helpful as that seems to find the message, as its not labeled a trap. Is there a way to convert the set to a trap once my server gets it, or is there a better method. My server is windows, but if I have to create a linux VM to make this easier I'm all ears. As of now I'm thinking powershell, but if there is an easy way in go, c#, etc I would totally do it.
I am attempting to get a SNMP SET to and use that as a trigger for running a script.
You are 100% correct in that you are not the first person to ask this question. The answer depends on which SNMP agent you have deployed. Many people have had success with Net SNMP and if you want to invoke a shell script from the SNMP agent, see this tutorial. Good luck with your project.
I ended up using pythons pysnmp to build an agent that would recieve the set/get requests. I had to compile my own MIBs for the PDU I was emulating, but got the job done. I also looked into Net SNMP, but I'm more familiar with python and found many helpful examples and good documentation.
I would like to flatten my use case, but at the moment I have two scripts, one that is the agent using pysnmp and one that will do a get request to see what the value is and set off a ssh script. I wish I could hook into the snmp set function, like when the var is written, but for now I have working setup. If anyone wants me to post my code I can.
Copied a lot of code from the second example here:
https://pysnmp.readthedocs.io/en/latest/examples/v3arch/asyncore/agent/cmdrsp/agent-side-mib-implementations.html
Learned about MIB compiling and used the mbidump.py tool. Looks like if you don't provide the proper file the old host server might be compromised and it downloads a file automatically...so be careful.
For over two days, I've been trying to deploy a CloudFormation stack using serverless framework. The thing is, as part of the stack, I have an RDS cluster as well as a custom resource which relies on a Lambda function (written in Python) for initializing some database tables.
The details of this custom resource in the serverless.yml file are the following:
rdsMigration:
Type: Custom::DatabaseMigration
DependsOn: rdsCluster
Properties:
ServiceToken: !GetAtt MigrateDatabaseLambdaFunction.Arn
Version: 1.0
When deploying using sls deploy, the cluster and the lambda functions are created correctly, but the process is stuck on creating the rdsMigration resource.
In the Lambda code, I've been careful to generate the response in all possible scenarios, including exceptions. However, that does not seem to be the problem.
Apparently, the function is not being invoked... kind of, because even the charts look weird:
You can see how there are no invocations, but there is a red dot in "Error count and success rate" about 5:15 PM, which is the time at which the resource creation started. Also, there are no green dots, and you can see the warning down in the legend, which claims that "One or more data-points have been dropped due to non-numeric values (NaN, -Infinite, +Infinite)". How is this possible? I assume it is no standard behavior, since other Lambda functions (which must be called using an API Gateway endpoint) do not show this strange chart.
Also, there are no log streams in CloudWatch. It is completely empty, as if the function was never invoked (which seems the case, except for the strange "red dot" at the moment of resource creation).
Finally, if I run a test case using the "AWS CloudFormation Create Request" template, the function runs properly, it creates the initial tables I expected for the DB (not always, but that is a different matter) and returns the response.
Do you have any idea of what is going on here? The worst about this is that I need to wait two hours between tests, since the CFN stack gets stuck during the creation and destruction steps until the timeout occurs.
Thanks!
The issue is with your lambda function. You have to send back the SUCCESS or FAILURE signals back to the CFN. Since your lambda function is nots sending any signals, its waiting for Timeout (2 hours) and the Cloudformation gets failed
1.The custom resource provider processes the AWS CloudFormation request and
returns a response of SUCCESS or FAILED to the pre-signed URL. AWS
CloudFormation waits and listens for a response in the pre-signed URL location.
2.After getting a SUCCESS response, AWS CloudFormation proceeds with the stack
operation. If a FAILURE or no response is returned, the operation fails.
Please use cfnresponse module in your lambda function to send the SUCCESS/FAILURE signals back to your Cloudformation
For more details:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html
I finally managed to find a solution to the issue, albeit it is not explaining the strange behavior with the charts that I explained in the question.
My problem was similar to what Abhinaya suggested in her response. The Lambda function was not sending the signal properly because of a programming error. Essentially, I took the code from the documentation (the one for Python 3, second fragment starting by the end) and apparently I mistakenly removed the line for retrieving the ResponseURL. Of course, that was failing.
A side-comment about this: be careful when using Python's cfnresponse library or even the code snippet I linked in the documentation. It relies on botocore.vendored which was deprecated and no longer exist in latest botocore releases. Therefore, it will fail if your code relies on new versions of this library (as in my case). A simple solution is to replace botocore.vendored.requests with the requests library.
Still, there is some strange behavior that I cannot understand. On creation, the Lambda function is not recording anything to CloudWatch and there is this strange behavior in the charts that I explained in my question. However, this only happens on creation. If the function is manually invoked, or is invoked as part of the delete process (when removing the CFN stack), then it does write to CloudWatch. Therefore, the problem only occurs in the first invokation, apparently.
Best.
So, my issue is as follows:
I need to create an .exe file that, when ran:
1: Creates a local disk in the Computer(say S)-this absolutely 100% needs to be considered local by the system.
2: Whenever S:{idlist} is accessed, create http request to a server: www.server.com:{idlist}. Response is in JSON. Return this response to whatever running app accessed S:{idlist}.
If possible guide me to what i should do to achieve this.(From what i know, it's doable in .NET, with C# or C++, tho i'm not sure exactly how).Any tips, documentation would be perfect.
Thank you and sorry for my english, not my native language and i'm only 15 y/o.
I am currently trying to get a SoftHSM going (on a Windows platform). The goal is establish a communication channel between a client and the HSM server so that some data can be encrypted on the server side and be sent back to the calling client.
I download one from this site: https://www.opendnssec.org/download/
Furthermore, I followed the documentation as stated on this page: https://wiki.opendnssec.org/display/SoftHSMDOCS/SoftHSM+Documentation+Home - but besides from creating a couple of slots, I haven't managed to get anything right.
I ran the following command to create the slot(s):
softhsm --init-token --slot 0 --label "My token 1"
I am not sure how to go from here, I cannot find any useful information / tutorials about the topic. I guess that I should start small and try and create a server application that communicates to the SoftHSM ... I apologize for all the n00b questions!!
If the installation was successful
in /usr/local/bin/softshm there should be the file libsofthsm.so.
This file contains the implementation of crytoki api -
and you can use it like- so/dll that comes with hardware of pkcs#11
I've created a simple Go application on a Mac for writing and reading data to and from a TCP connection. I've used the GAE Go version. Later, I ported that program to Windows, and I got this error :
Connection.SetReadTimeout undefined (type *net.TCPConn has no field or method SetReadTimeout)
I guess the net package information on the Golang website describes the package only for the GAE version. How would I properly set the timeout in a non-GAE Go version?
With latest weekly (aka Go 1 RC2) one has to use the various Set*Deadline methods of the net.Conn type. Note that the old timeouts were relative to some event, deadlines are absolute times. The background for this change is roughly: setting a [relative] timeout of 1 s seems like a good idea in some scenario, but it applied to every event, like receiving a single byte, thus allowing crafted transfers to avoid timeouts forever (with the respective DOS nearby).