I would like to send trap and specify clientaddress
As I search there is two ways:
edit /etc/snmp/snmp.conf and set: clientaddr [IP_OF_DEVICE]
specify IP as parameter: --clientAddr="[IP_OF_DEVICE]"
When i try to issue command:
snmptrap -v 3 -l noAuthNoPriv -u SomeUser -n "" AGENT_IP .1.3.6.1.4.1.161.5.2 .1.3.6.1.4.1.161.1.2.3.4 5
It gives an error
getaddrinfo(AGENT_IP, NULL, ...): Address family for hostname not supported
When I not specify clientadress it works as expected but it use IP of the machine where I issed a command as a client IP
To get rid of this I have to:
Define virtual interface for ip of device which you want to simulate
Specify protocol of agent ( by default when I set clientaddr in /etc/snmp/snmp.conf it looks like it tried to use IPv6 for agent )
snmptrap -v 3 -l noAuthNoPriv -u SomeUser -n "" udp:AGENT_IP ...
Related
I'm using WFPSampler to redirect all traffic to a specific interface by using command:
WFPSampler.exe -s PROXY -l FWPM_LAYER_ALE_BIND_REDIRECT_V4 -pla 10.0.2.15 -v -in
This works just fine, traffic from all of the processes is redirected as expected. The only problem is that it binds 127.0.0.1 to 10.0.2.15 as well and then some applications fail to connect.
For example, I've created simple Python HTTP server on 127.0.0.1:8000 and I can not access it over the browser using this address.
I know that on FWPM_LAYER_ALE_BIND_REDIRECT_V4 it is only possible to filter by local address, but I have somehow to filter by remote address at this point to avoid binding localhost to 10.0.2.15
You could redirect the outgoing traffic from 10.0.2.15 to 127.0.0.1 at the same time, with the command like:
WFPSampler.exe -s PROXY -l FWPM_LAYER_ALE_CONNECT_REDIRECT_V4 -ipra 10.0.2.15 -pra 127.0.0.1 -v -in
The comments of this answer has metioned it.
Hi i have written the bash script for downloading configuration from switches and save it to TFTP server.
snmpset -v 2c -c Zaloznik 192.168.50.22 1.3.6.1.4.1.1991.1.1.2.1.6.0 s test_skript.cfg 1.3.6.1.4.1.1991.1.1.2.1.66.0 x C0A846D2 1.3.6.1.4.1.1991.1.1.2.1.9.0 i 22 >> /dev/null;
But it always tell me this:
Error in packet. Reason: wrongLength (The set value has an illegal
length from what the agent expects) Failed object:
iso.3.6.1.4.1.1991.1.1.2.1.66.0
C0A846D2 is a HEX format of ip 192.168.70.210.
Don't you know how to fix it ? Please help, i have tried many combinations and nothing working.
Thanks.
Problem solved, there was a problem with switches that want to have an info about
type of ip address (ipv4 or ipv6), then ip address of tftp, file name and after that he can send config files to tftp.
So i have to add another snmp OID (ip address type) into the script and then it works.
Resolving my local hostname (the one returned by hostname) does not yield the right ip address. Why could that be and how do I fix it?
$ hostname -i
10.21.16.206
$ ping 10.21.16.206
PING 10.21.16.206 (10.21.16.206) 56(84) bytes of data.
From 10.21.16.159 icmp_seq=1 Destination Host Unreachable
$ ifconfig
(...)
inet 10.21.16.159 netmask 255.255.252.0 broadcast 10.21.19.255
(...)
10.21.16.206 != 10.21.16.159
$ host 10.21.16.159
Host 159.16.21.10.in-addr.arpa. not found: 3(NXDOMAIN)
$ host 10.21.16.206
206.16.21.10.in-addr.arpa domain name pointer lxka-czc1166cxw.united.domain.
$ resolveip 10.21.16.159
Host name of 10.21.16.159 is lxka-czc1166cxw
$ resolveip 10.21.16.206
Host name of 10.21.16.206 is lxka-czc1166cxw.united.domain
Help is very much appreciated!
Edit:
$ host $(hostname)
lxka-czc1166cxw.united.domain has address 10.21.16.206
hostname -i relies on DNS resolution to return the IP address of the given hostname. Either your /etc/hosts or dns resolver return that hostname to the incorrect IP address.
from man page of hostname:
option -i, --ip-address
Display the network address(es) of the host name. Note that this works only if the host name can be resolved. Avoid using this option;
use hostname --all-ip-addresses or
To use the hostname -I option instead of it.
./add_device.php 1.2.3.4 catalyst v1
fails with
Try to add 1.2.3.4:
Could not resolve 1.2.3.4.
Devices failed: 1.
but ping works
fping 1.2.3.4
1.2.3.4. is alive
but snmpwalk works like:
snmpwalk -v 1 -c catalyst 1.2.3.4
iso.3.6.1.2.1.1.1.0 = STRING: "Cisco IOS Software, Catalyst...
...
web interface add device also fails same way.
what am I missing?
The community edition can't resolve IP's (go figure), so you have to create an entry in /etc/hosts for your IP and assign somename.whatever to it and then use that hostname and it will work.
This ist my current setup:
Host config:
define host{
use generic-host ; Inherit default values from a template
host_name A+A ; The name we're giving to this host
alias A+A Objektausstattung Router ; A longer name associated with the host
address https://87.139.203.190:444 ; IP address of the host
hostgroups Router ; Host groups this host is associated with
}
Service config:
define service{
use generic-service ; Inherit default values from a template
host_name A+A
service_description HTTP
check_command check_http
}
I´ll get this error from Nagios:
check_icmp: Failed to resolve https://87.139.203.190:444
What am I doing wrong here ?
Nagios tries to resolve to ip-address and port. Try ip-address only.
address https://87.139.203.190 ; IP address of the host
Your host definition should only specify an IP address for the 'address'. The URL is not an attribute of the host, but of the HTTP check your want to perform.
The Service definition specifies the check_command, which is in turn defined in the checkcommands.cfg file. This will specify exactly what command is to be run, possibly using additional parameters passed.
You will probably want to pass the port number as a parameter, and that you are to use HTTPS. How to do this will depend on your settings. For example, you could use this in your checkcommands.cfg:
define command{
command_name check_https
command_line $USER1$/check_http -t 12 -H $HOSTADDRESS$ -f ok --ssl=1 -u "$ARG1$" -p "$ARG2$" -w $ARG3$ -c $ARG4$
}
Then you could configure your service with a checkcommand thus:
check_command check_https!/!444!1!5
This would check for the url http://87.139.203.190:444/, giving a warning if it takes over 1s and a critical if it takes over 5s to complete. TLSv1 would be used (else you might get a false positive on web servers with Poodle protection).