etingof / snmpclitools Goto Github PK
View Code? Open in Web Editor NEWPure-Python SNMP management tools
Home Page: http://snmplabs.com/snmpclitools/
License: BSD 2-Clause "Simplified" License
Pure-Python SNMP management tools
Home Page: http://snmplabs.com/snmpclitools/
License: BSD 2-Clause "Simplified" License
When adding a windows path to an environment variable:
set PYSNMPMIBDIRS=C:\local\mibs
The path is corrupted because the colon (":") is a split point in the string.
The net-snmp site shows
type - one of i, u, t, a, o, s, x, d, n
i: INTEGER, u: unsigned INTEGER, t: TIMETICKS, a: IPADDRESS
o: OBJID, s: STRING, x: HEX STRING, d: DECIMAL STRING
U: unsigned int64, I: signed int64, F: float, D: double
but the help for snmpset.py is missing x: HEX STRING, d: DECIMAL STRING, F: float, and D: double
Management parameters:
<[mib-module::]object-name|oid type| = value> ...
mib-module: MIB name (e.g. SNMPv2-MIB)
object-name: MIB symbol (e.g. sysDescr.0) or OID
type: MIB value type
i integer
u unsigned integer
s string
n NULL
o ObjectIdentifier
t TimeTicks
a IP address
=: use MIB for value type lookup
value: value to write
For my team we use sets of x type daily like this
$ snmpget -v2c -r1 -c <community string> udp6:2001:558:4033:59:4a1d:70ff:fe65:691d .1.3.6.1.2.1.69.1.3.7.0
SNMPv2-SMI::mib-2.69.1.3.7.0 = Hex-STRING: BA DB AD BA DB AD BA DB AD BA DB AD BA DB AD 00
$ snmpset -v2c -r1 -c <community string> udp6:2001:558:4033:59:4a1d:70ff:fe65:691d .1.3.6.1.2.1.69.1.3.7.0 x "FE 80 CD 00 00 00 0C DE 12 57 00 00 21 1E 72 9C"
SNMPv2-SMI::mib-2.69.1.3.7.0 = Hex-STRING: FE 80 CD 00 00 00 0C DE 12 57 00 00 21 1E 72 9C
$ snmpget -v2c -r1 -c <community string> udp6:2001:558:4033:59:4a1d:70ff:fe65:691d .1.3.6.1.2.1.69.1.3.7.0
SNMPv2-SMI::mib-2.69.1.3.7.0 = Hex-STRING: FE 80 CD 00 00 00 0C DE 12 57 00 00 21 1E 72 9C
$
We use the others rarely but there can be cases for them.
Is there a reason the snmpclitools doesn't support the other types?
Just tried the snmptrap.py SNMPv3 example from doc:
snmptrap.py -v3 -e 8000000001020304 -l authPriv -u usr-sha-aes
-A authkey1 -X privkey1 -a SHA -x AES 172.20.16.80 12345
1.3.6.1.4.1.20408.4.1.1.2 SNMPv2-MIB::sysName.0 = "mysystem"
(In the example it's "my system". <But this will cause error Error: Command-line parser error at token string(a)>)
But as soon I enter a security engine ID I get the error:
Error: {'errorIndication': UnknownSecurityName('Unknown SNMP security name encountered',)}
On the receiver side I have
snmptrapd -f -c /etc/snmp/snmptrapd.conf -Lo -On -t
with config:
createUser -e 0x8000000001020304 traptest SHA mypassword AES mypassword
createUser -e 0x8000000001020304 usr-sha-aes SHA authkey1 AES privkey1
authuser log traptest
authuser log usr-sha-aes
engineBoots 5
Foundation libraries: pysmi 0.3.4, pysnmp 4.4.12, pyasn1 0.4.8
Python interpreter: 3.6.15 (default, Sep 23 2021, 15:41:43) [GCC]
If i send the trap via the net-snmp command snmptrap, it works:
emitter:
snmptrap -v3 -e 8000000001020304 -l authPriv -u usr-sha-aes
-A authkey1 -X privkey1 -a SHA -x AES 172.20.16.80 12345
1.3.6.1.4.1.20408.4.1.1.2 SNMPv2-MIB::sysName.0 = "mysystem"
receiver:
NET-SNMP version 5.7.3
2022-02-16 11:46:00 [UDP: [172.17.13.170]:60297->[172.20.16.80]:162]:
.1.3.6.1.2.1.1.3.0 = Timeticks: (12345) 0:02:03.45 .1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.20408.4.1.1.2 .1.3.6.1.2.1.1.5.0 = STRING: mysystem
When I run a command that fails with the NetSNMP tools, it provides an appropriate error condition indicating a failure, 1
:
$ snmpget -v3 -l noAuthnoPriv -u myUser 127.0.0.1:12345 1.0
snmpget: Timeout
$ echo $?
1
However, the similar command (only tested in windows, but I believe this is not platform dependent) with these tools returns 0
:
C:\>python snmpget.py -v3 -u myUser -l noAuthNoPriv 127.0.0.1:12345 1.0
No SNMP response received before timeout
C:\>echo %ERRORLEVEL%
0
Whenever a value of unsigned int is attempted for snmpset.py, when the PDU is generated, it used the type Integer32 instead of Unsigned32 on line 232 of pdu.py.
I have experienced an issue using SNMPv3, performing a snmpget:
$ snmpget.py -v3 -l authPriv -u snmptestuser -a SHA -A MyPassw0rd -x DES -X MyPassw0rd \ 192.168.0.185 .1.3.6.1.4.1.193.183.4.1.3.1.0
and running tcpdump:
$ sudo tcpdump -vv -nn -T snmp -i any udp port 161
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
10:29:23.041875 IP (tos 0x0, ttl 64, id 48591, offset 0, flags [DF], proto UDP (17), length 90)
10.0.2.15.33652 > 192.168.0.185.161: { SNMPv3 { F= } { USM B=0 T=0 U="" } { ScopedPDU E= C="" { GetRequest(13) R=3486371 } } }
10:29:24.055095 IP (tos 0x0, ttl 64, id 48761, offset 0, flags [DF], proto UDP (17), length 90)
10.0.2.15.33652 > 192.168.0.185.161: { SNMPv3 { F= } { USM B=0 T=0 U="" } { ScopedPDU E= C="" { GetRequest(13) R=3486372 } } }
10:29:25.058611 IP (tos 0x0, ttl 64, id 48972, offset 0, flags [DF], proto UDP (17), length 90)
10.0.2.15.33652 > 192.168.0.185.161: { SNMPv3 { F= } { USM B=0 T=0 U="" } { ScopedPDU E= C="" { GetRequest(13) R=3486373 } } }
10:29:26.063067 IP (tos 0x0, ttl 64, id 49191, offset 0, flags [DF], proto UDP (17), length 90)
10.0.2.15.33652 > 192.168.0.185.161: { SNMPv3 { F= } { USM B=0 T=0 U="" } { ScopedPDU E= C="" { GetRequest(13) R=3486374 } } }
10:29:27.067360 IP (tos 0x0, ttl 64, id 49271, offset 0, flags [DF], proto UDP (17), length 90)
10.0.2.15.33652 > 192.168.0.185.161: { SNMPv3 { F= } { USM B=0 T=0 U="" } { ScopedPDU E= C="" { GetRequest(13) R=3486375 } } }`
I see the USM is not contaning the user ({ USM B=0 T=0 U="" }), the engineID is not discovered and the request goes in timeout with no response.
What I expect to see (using another snmp client) is something like this:
`15:43:34.323357 IP (tos 0x0, ttl 62, id 7797, offset 0, flags [DF], proto UDP (17), length 92)
100.93.92.190.51762 > 10.247.246.211.35161: { SNMPv3 { F=r } { USM B=0 T=0 U= } { ScopedPDU E= C= { GetRequest(14) R=1584950095 } } }
15:43:34.323967 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 149)
10.247.246.211.35161 > 100.93.92.190.51762: { SNMPv3 { F= } { USM B=0 T=0 U= } { ScopedPDU E= 0x800x000x130x700x040x450x4E0x4D0x2D0x4E0x420x2D0x490x6E0x740x650x720x660x610x630x65 C= { Report(29) R=0 .1.3.6.1.6.3.15.1.1.4.0=177 } } }
15:43:34.388796 IP (tos 0x0, ttl 62, id 7798, offset 0, flags [DF], proto UDP (17), length 168)
100.93.92.190.51762 > 10.247.246.211.35161: { SNMPv3 { F=r } { USM B=0 T=0 U=snmptestuser } { ScopedPDU E= 0x800x000x130x700x040x450x4E0x4D0x2D0x4E0x420x2D0x490x6E0x740x650x720x660x610x630x65 C= { GetRequest(34) R=1584950094 .1.3.6.1.4.1.193.183.4.1.3.1.0 } } }
15:43:34.389898 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 170)
10.247.246.211.35161 > 100.93.92.190.51762: { SNMPv3 { F= } { USM B=0 T=0 U=snmptestuser } { ScopedPDU E= 0x800x000x130x700x040x450x4E0x4D0x2D0x4E0x420x2D0x490x6E0x740x650x720x660x610x630x65 C= { GetResponse(36) R=1584950094 .1.3.6.1.4.1.193.183.4.1.3.1.0=193 } } }
Where the USM is populated.
Regards,
Paolo
Windows 10 & Python 3.9
python snmpget.py -v2c -cPUBLIC 192.168.1.2 1.3.6.1.2.1.1.5.0
SNMPv2-MIB::sysName.0 = DisplayString: My Machine
python snmpset.py -v2c -cPUBLIC 192.168.1.2 1.3.6.1.2.1.1.5.0 s "mymachine"
SNMPv2-MIB::sysName.0 = DisplayString: mymachine
python snmpget.py -v2c -cPUBLIC 192.168.1.2 1.3.6.1.2.1.1.5.0
SNMPv2-MIB::sysName.0 = DisplayString: mymachine
python snmpset.py -v2c -cPUBLIC 192.168.1.2 1.3.6.1.2.1.1.5.0 s "my machine"
Error: Command-line parser error at token string(machine)
Hi,
From a beginner: A failure like this "No SNMP response received before timeout" in case of the below command input:
1)snmpget.py -v3 -u usr-sha-aes -l authPriv -A authkey1 -X privkey1 demo.snmplabs.com IP-MIB::ipAdEntBcastAddr."127.0.0.1"
2)snmpget.py -v3 -l authPriv -u usr-md5-des -A authkey1 -X privkey1 demo.snmplabs.com sysDescr.0
Do I need to do some network configuration?
My OS: VMware +Ubuntu16.04
Hope you help me out.
I'd like to suggest a change to snmpwalk.py to allow it to be used from other programs.
I propose putting everything from snmpEngine = engine.SnmpEngine()
to the end of the program in a function called "run()".
e.g.
def run(arg_vector):
snmpEngine = engine.SnmpEngine()
ctx = {}
try:
# Parse c/l into AST
ast = Parser().parse(
Scanner().tokenize(' '.join(arg_vector))
)
main.generator((snmpEngine, ctx), ast)
# etc....
then, at the end,
if __name__ == '__main__':
run(sys.argv[1:])
this allows me to from snmpwalk.py import run
in my own code, and use it,
I don't have to make my python code run a subshell to run your python code :-)
e.g.
from snmpwalk import run
run('-v3', '-l', 'authPriv', '-u', 'myuser',
'-a', 'SHA', '-A', 'apasswd12345', '-x', 'AES', '-X', 'prvpass12345',
'127.0.0.1', '.1.3.6.1.2.1.2.2.1.2'])
Example:
snmpset.py -v1 -c public 127.0.0.1:161 1.3.6.1.4.1.40989.10.16.1.5.8.0 i -583
Error: Command-line parser error at token whitespace
(but snmpset.py -v1 -c public 127.0.0.1:161 1.3.6.1.4.1.40989.10.16.1.5.8.0 i 583
is OK)
Traced the error to the fact that the parser expects a string for the value, but '-' is not a valid first character for the string.
Fixed by adding '-' as a valid start character in the regular expression for strings - file cli/base.py around line 101:
class FirstLevelScanner(ScannerTemplate):
def t_string(self, s):
""" [!#$%&'()*+-,.//0-9<=>?@a-z\^a-z\{\|\}~][!#\$%&\'\(\)\*\+,\-\.//0-9<=>\?@A-Z\\\^_
a-z{|}~]* """
##""" [!#$%&'()*+,.//0-9<=>?@a-z\^a-z\{\|\}~][!#\$%&\'\(\)\*\+,\-\.//0-9<=>\?@A-Z\\\^_
a-z{|}~]* """
self.rv.append(ConfigToken('string', s))
Obviously a possible risk that breaks something else - I'm only using the tools in a very basic way.
I would like to set time and date on a piece of hardware and can successfully set the date as follows.
snmpset.py -v2c -c private 192.168.1.11 .1.3.6.1.4.1.3808.2.1.5.1.0 s 06\15\2020
However the following results in an error: Command-line parser error at token semicolon
snmpset.py -v2c -c private 192.168.1.11 .1.3.6.1.4.1.3808.2.1.5.2.0 s 12:20:20
I believe the ':'s are the cause and not a semicolon. How can I use snmpset.py to set the time?
$ snmpget.py -v2c -c <removed> 2001:558:4070:82:7654:7dff:feb2:e689 .1.3.6.1.2.1.1
Error: Command-line parser error at token semicolon
Tried the agent address instructions and get the same error
$ snmpget.py -v2c -c hDaFHJG7 udp6:2001:558:4070:82:7654:7dff:feb2:e689 .1.3.6.1.2.1.1
Error: Command-line parser error at token semicolon
I also tried the other comands
$ snmpwalk.py -v2c -c hDaFHJG7 udp6:2001:558:4070:82:7654:7dff:feb2:e689 .1.3.6.1.2.1.1
Error: Command-line parser error at token semicolon
$ snmpbulkwalk.py -v2c -c hDaFHJG7 udp6:2001:558:4070:82:7654:7dff:feb2:e689 .1.3.6.1.2.1.1
Error: Command-line parser error at token semicolon
I tried turning on debugging but got the same output here is the version info:
SNMP management tools 0.6.4, written by Ilya Etingof <[email protected]>
Software documentation and support at http://snmplabs.com
Foundation libraries: pysmi 0.3.4, pysnmp 4.4.11, pyasn1 0.4.6
Python interpreter: 3.5.2 (default, Jul 10 2019, 11:58:48) [GCC 5.4.0 20160609]
I search on the website for an example but all of them use an FQDN and don't use the agent address intructions.
Agent address:
[<transport-domain>:]<transport-endpoint>
transport-domain: (udp|udp6)
transport-endpoint: (IP|IPv6|FQDN[:port])
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.