This is net-snmp on ARM Linux, calling a C# program using the pass_persist. My snmpd.conf looks like this:
agentAddress udp:161
engineIDType 3
syslocation "My Location"
syscontact "root@unknown"
rocommunity public
rwcommunity private
view all included .1.3.6.1.4.1.12345
pass_persist .1.3.6.1.4.1.12345.999.1 /usr/share/test/TestSnmpResponder
I also tried with the following line:
pass_persist .1.3.6.1.4.1.12345 /usr/share/test/TestSnmpResponder
The responder works fine in the command line (sending PING results in PONG, and responds to all the requests with a fixed integer number just as a test.
When I start the net-snmp daemon, I get the following in the log:
/etc/snmp/snmpd.conf: line 12: Warning: Unknown token: pass_persist.
NET-SNMP version 5.9
It then responds to SNMP requests normally, but does not call or load the pass_persist program. I get the same error if I replace pass_persist with pass just as a test.
Just for completeness, the C# code is:
internal class Program
{
static void Main(string[] args)
{
File.AppendAllText("log.txt", $"Started daemon");
using (var inputStream = Console.OpenStandardInput())
using (var strStream = new StreamReader(inputStream))
{
while (true)
{
var command = strStream.ReadLine()!;
switch (command.ToUpper())
{
case "":
//Tells the system to stop and quit
Environment.ExitCode = 0;
Environment.Exit(0);
break;
case "PING":
Console.WriteLine("PONG");
break;
case "GET":
string oid = strStream.ReadLine()!;
File.AppendAllText("log.txt", $"GET {oid}");
Console.WriteLine("integer");
Console.WriteLine("998877");
break;
case "GETNEXT":
case "SET":
default:
break;
}
}
}
}
}
Am I missing some kind of configuration in the net-snmp configuration during build?
So apparently this was a problem with Buildroot's default configuration. To diagnose the problem, I ran the following command:
snmpd -Dmib_init -H
Which produced the following output of "understandable" directives:
Configuration directives understood: In snmpd.conf and snmpd.local.conf:
authtrapenable 1 | 2 (1 = enable, 2 = disable)
trapsink [-profile p] [-name n] [-tag t] host [community] [port]
trap2sink [-profile p] [-name n] [-tag t] host [community] [port]
informsink [-profile p] [-name n] [-tag t] host [community] [port]
trapsess [-profile p] [-name n] [-tag t] [snmpcmdargs] host
trapcommunity community-string
v1trapaddress string
agentuser userid
agentgroup groupid
agentaddress SNMP bind address
quit (1|yes|true|0|no|false)
leave_pidfile (1|yes|true|0|no|false)
dontLogTCPWrappersConnects (1|yes|true|0|no|false)
maxGetbulkRepeats integerValue
maxGetbulkResponses integerValue
avgBulkVarbindSize integerValue
pduStatsMax integerValue
pduStatsThreshold integerValue
injectHandler injectHandler NAME INTONAME [BEFORE_OTHER_NAME]
table tableoid
add_row table_name indexes... values...
agentxsocket AgentX bind address
agentxRetries AgentX Retries
agentxTimeout AgentX Timeout (seconds)
master specify 'agentx' for AgentX support
agentxperms AgentX socket permissions: socket_perms [directory_perms [username|userid [groupname|groupid]]]
com2sec [-Cn CONTEXT] secName IPv4-network-address[/netmask] community
com2sec6 [-Cn CONTEXT] secName IPv6-network-address[/netmask] community
com2secunix [-Cn CONTEXT] secName sockpath community
certSecName certSecName PRIORITY FINGERPRINT [--shaNN|md5] <--sn SECNAME | --rfc822 | --dns | --ip | --cn | --any>
snmpTlstmParams snmpTlstmParams targetParamsName hashType:fingerPrint
snmpTlstmAddr snmpTlstmAddr targetAddrName hashType:fingerprint serverIdentity
group name v1|v2c|usm|... security
access name context model level prefix read write notify
setaccess name context model level prefix viewname viewval
view name type subtree [mask]
authcommunity authtype1,authtype2 community [default|hostname|network/bits [oid|-V view [context]]]
authuser authtype1,authtype2 [-s secmodel] user [noauth|auth|priv [oid|-V view [context]]]
authgroup authtype1,authtype2 [-s secmodel] group [noauth|auth|priv [oid|-V view [context]]]
authaccess name authtype1,authtype2 [-s secmodel] group view [noauth|auth|priv [context|context*]]
rwcommunity community [default|hostname|network/bits [oid|-V view [context]]]
rocommunity community [default|hostname|network/bits [oid|-V view [context]]]
rwcommunity6 community [default|hostname|network/bits [oid|-V view [context]]]
rocommunity6 community [default|hostname|network/bits [oid|-V view [context]]]
rwuser user [noauth|auth|priv [oid|-V view [context]]]
rouser user [noauth|auth|priv [oid|-V view [context]]]
createUser username [-e ENGINEID] (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224|default) authpassphrase [(DES|AES|default) [privpassphrase]]
dlmod module-name module-path
sysdescr description
syslocation location
syscontact contact-name
sysname node-name
sysservices NUMBER
sysobjectid OID
skipNFSInHostResources (1|yes|true|0|no|false)
realStorageUnits (1|yes|true|0|no|false)
storageUseNFS 1 | 2 (1 = enable, 2 = disable)
count_kthreads 0|1 0 to exclude kernel threads from hrSystemProcesses.0
ignoredisk name
interface name type speed
ifmib_max_num_ifaces IF-MIB MAX Number of ifaces
include_ifmib_iface_prefix IF-MIB iface names included
defDomain application domain
defTarget application domain target
sourceFilterType none|acceptlist|blocklist
sourceFilterAddress host
engineID string
engineIDType num
engineIDNic string
interface_fadeout interface_fadeout seconds
interface_replace_old interface_replace_old yes|no In snmp.conf and snmp.local.conf:
extraX509SubDir string
x509CRLFile string
tlsAlgorithms string
localCert string
peerCert string
alias NAME TRANSPORT_DEFINITION
doDebugging (1|0)
debugTokens token[,token...]
debugLogLevel (emerg|alert|crit|err|warning|notice|info|debug)
logTimestamp (1|yes|true|0|no|false)
logOption string
mibdirs [mib-dirs|+mib-dirs|-mib-dirs]
mibs [mib-tokens|+mib-tokens]
mibfile mibfile-to-read
showMibErrors (1|yes|true|0|no|false)
commentToEOL (1|yes|true|0|no|false)
strictCommentTerm (1|yes|true|0|no|false)
mibAllowUnderline (1|yes|true|0|no|false)
mibWarningLevel integerValue
mibReplaceWithLatest (1|yes|true|0|no|false)
printNumericEnums (1|yes|true|0|no|false)
printNumericOids (1|yes|true|0|no|false)
escapeQuotes (1|yes|true|0|no|false)
dontBreakdownOids (1|yes|true|0|no|false)
quickPrinting (1|yes|true|0|no|false)
numericTimeticks (1|yes|true|0|no|false)
oidOutputFormat integerValue
suffixPrinting integerValue
extendedIndex (1|yes|true|0|no|false)
printHexText (1|yes|true|0|no|false)
printValueOnly (1|yes|true|0|no|false)
dontPrintUnits (1|yes|true|0|no|false)
hexOutputLength integerValue
dumpPacket (1|yes|true|0|no|false)
reverseEncodeBER (1|yes|true|0|no|false)
defaultPort integerValue
disableSNMPv3 (1|yes|true|0|no|false)
disableSNMPv1 (1|yes|true|0|no|false)
disableSNMPv2c (1|yes|true|0|no|false)
defCommunity string
noTokenWarnings (1|yes|true|0|no|false)
noRangeCheck (1|yes|true|0|no|false)
persistentDir string
tempFilePattern string
noDisplayHint (1|yes|true|0|no|false)
16bitIDs (1|yes|true|0|no|false)
clientaddr string
clientaddrUsesPort (1|yes|true|0|no|false)
serverSendBuf integerValue
serverRecvBuf integerValue
clientSendBuf integerValue
clientRecvBuf integerValue
sendMessageMaxSize integerValue
noPersistentLoad (1|yes|true|0|no|false)
noPersistentSave (1|yes|true|0|no|false)
noContextEngineIDDiscovery (1|yes|true|0|no|false)
timeout integerValue
retries integerValue
outputPrecision string
defDomain application domain
defTarget application domain target
dontLoadHostConfig (1|yes|true|0|no|false)
defSecurityModel string
tsmUseTransportPrefix (1|yes|true|0|no|false)
defAuthType MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224
defPrivType DES|AES|AES-128
defSecurityName string
defContext string
defPassphrase string
defAuthPassphrase string
defPrivPassphrase string
defAuthMasterKey string
defPrivMasterKey string
defAuthLocalizedKey string
defPrivLocalizedKey string
defVersion 1|2c|3
defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
trustCert trustCert FINGERPRINT|FILENAME In agentx.conf and agentx.local.conf:
agentxsocket AgentX bind address
agentxRetries AgentX Retries
agentxTimeout AgentX Timeout (seconds)
agentxperms AgentX socket permissions: socket_perms [directory_perms [username|userid [groupname|groupid]]]
Which does not include pass or pass_persist. There is no "real good" documentation on the build parameters, but I was able to find this net-snmp issue on GitHub which gave me the hint.
In BuildRoot, the "Build with these MIB modules" needs to have the following added:
agent/extend ucd-snmp/pass ucd-snmp/pass_persist ucd-snmp/proxy ucd-snmp/pass_common util_funcs/restart
Delete the build/netsnmp-5.9 directory in the buildroot/output/ directory to force a rebuild of that module. Rebuild Buildroot.
Now when running the command
snmpd -Dmib_init -H
Results in the following:
Configuration directives understood:
In snmpd.conf and snmpd.local.conf:
authtrapenable 1 | 2 (1 = enable, 2 = disable)
trapsink [-profile p] [-name n] [-tag t] host [community] [port]
trap2sink [-profile p] [-name n] [-tag t] host [community] [port]
informsink [-profile p] [-name n] [-tag t] host [community] [port]
trapsess [-profile p] [-name n] [-tag t] [snmpcmdargs] host
trapcommunity community-string
v1trapaddress string
agentuser userid
agentgroup groupid
agentaddress SNMP bind address
quit (1|yes|true|0|no|false)
leave_pidfile (1|yes|true|0|no|false)
dontLogTCPWrappersConnects (1|yes|true|0|no|false)
maxGetbulkRepeats integerValue
maxGetbulkResponses integerValue
avgBulkVarbindSize integerValue
pduStatsMax integerValue
pduStatsThreshold integerValue
injectHandler injectHandler NAME INTONAME [BEFORE_OTHER_NAME]
table tableoid
add_row table_name indexes... values...
agentxsocket AgentX bind address
agentxRetries AgentX Retries
agentxTimeout AgentX Timeout (seconds)
master specify 'agentx' for AgentX support
agentxperms AgentX socket permissions: socket_perms [directory_perms [username|userid [groupname|groupid]]]
com2sec [-Cn CONTEXT] secName IPv4-network-address[/netmask] community
com2sec6 [-Cn CONTEXT] secName IPv6-network-address[/netmask] community
com2secunix [-Cn CONTEXT] secName sockpath community
certSecName certSecName PRIORITY FINGERPRINT [--shaNN|md5] <--sn SECNAME | --rfc822 | --dns | --ip | --cn | --any>
snmpTlstmParams snmpTlstmParams targetParamsName hashType:fingerPrint
snmpTlstmAddr snmpTlstmAddr targetAddrName hashType:fingerprint serverIdentity
group name v1|v2c|usm|... security
access name context model level prefix read write notify
setaccess name context model level prefix viewname viewval
view name type subtree [mask]
authcommunity authtype1,authtype2 community [default|hostname|network/bits [oid|-V view [context]]]
authuser authtype1,authtype2 [-s secmodel] user [noauth|auth|priv [oid|-V view [context]]]
authgroup authtype1,authtype2 [-s secmodel] group [noauth|auth|priv [oid|-V view [context]]]
authaccess name authtype1,authtype2 [-s secmodel] group view [noauth|auth|priv [context|context*]]
rwcommunity community [default|hostname|network/bits [oid|-V view [context]]]
rocommunity community [default|hostname|network/bits [oid|-V view [context]]]
rwcommunity6 community [default|hostname|network/bits [oid|-V view [context]]]
rocommunity6 community [default|hostname|network/bits [oid|-V view [context]]]
rwuser user [noauth|auth|priv [oid|-V view [context]]]
rouser user [noauth|auth|priv [oid|-V view [context]]]
createUser username [-e ENGINEID] (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224|default) authpassphrase [(DES|AES|default) [privpassphrase]]
dlmod module-name module-path
** pass miboid command
** pass_persist miboid program
proxy [snmpcmd args] host oid [remoteoid]
sysdescr description
syslocation location
syscontact contact-name
sysname node-name
sysservices NUMBER
sysobjectid OID
skipNFSInHostResources (1|yes|true|0|no|false)
realStorageUnits (1|yes|true|0|no|false)
storageUseNFS 1 | 2 (1 = enable, 2 = disable)
count_kthreads 0|1 0 to exclude kernel threads from hrSystemProcesses.0
ignoredisk name
interface name type speed
ifmib_max_num_ifaces IF-MIB MAX Number of ifaces
include_ifmib_iface_prefix IF-MIB iface names included
defDomain application domain
defTarget application domain target
sourceFilterType none|acceptlist|blocklist
sourceFilterAddress host
engineID string
engineIDType num
engineIDNic string
interface_fadeout interface_fadeout seconds
interface_replace_old interface_replace_old yes|no
In snmp.conf and snmp.local.conf:
extraX509SubDir string
x509CRLFile string
tlsAlgorithms string
localCert string
peerCert string
alias NAME TRANSPORT_DEFINITION
doDebugging (1|0)
debugTokens token[,token...]
debugLogLevel (emerg|alert|crit|err|warning|notice|info|debug)
logTimestamp (1|yes|true|0|no|false)
logOption string
mibdirs [mib-dirs|+mib-dirs|-mib-dirs]
mibs [mib-tokens|+mib-tokens]
mibfile mibfile-to-read
showMibErrors (1|yes|true|0|no|false)
commentToEOL (1|yes|true|0|no|false)
strictCommentTerm (1|yes|true|0|no|false)
mibAllowUnderline (1|yes|true|0|no|false)
mibWarningLevel integerValue
mibReplaceWithLatest (1|yes|true|0|no|false)
printNumericEnums (1|yes|true|0|no|false)
printNumericOids (1|yes|true|0|no|false)
escapeQuotes (1|yes|true|0|no|false)
dontBreakdownOids (1|yes|true|0|no|false)
quickPrinting (1|yes|true|0|no|false)
numericTimeticks (1|yes|true|0|no|false)
oidOutputFormat integerValue
suffixPrinting integerValue
extendedIndex (1|yes|true|0|no|false)
printHexText (1|yes|true|0|no|false)
printValueOnly (1|yes|true|0|no|false)
dontPrintUnits (1|yes|true|0|no|false)
hexOutputLength integerValue
dumpPacket (1|yes|true|0|no|false)
reverseEncodeBER (1|yes|true|0|no|false)
defaultPort integerValue
disableSNMPv3 (1|yes|true|0|no|false)
disableSNMPv1 (1|yes|true|0|no|false)
disableSNMPv2c (1|yes|true|0|no|false)
defCommunity string
noTokenWarnings (1|yes|true|0|no|false)
noRangeCheck (1|yes|true|0|no|false)
persistentDir string
tempFilePattern string
noDisplayHint (1|yes|true|0|no|false)
16bitIDs (1|yes|true|0|no|false)
clientaddr string
clientaddrUsesPort (1|yes|true|0|no|false)
serverSendBuf integerValue
serverRecvBuf integerValue
clientSendBuf integerValue
clientRecvBuf integerValue
sendMessageMaxSize integerValue
noPersistentLoad (1|yes|true|0|no|false)
noPersistentSave (1|yes|true|0|no|false)
noContextEngineIDDiscovery (1|yes|true|0|no|false)
timeout integerValue
retries integerValue
outputPrecision string
defDomain application domain
defTarget application domain target
dontLoadHostConfig (1|yes|true|0|no|false)
defSecurityModel string
tsmUseTransportPrefix (1|yes|true|0|no|false)
defAuthType MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224
defPrivType DES|AES|AES-128
defSecurityName string
defContext string
defPassphrase string
defAuthPassphrase string
defPrivPassphrase string
defAuthMasterKey string
defPrivMasterKey string
defAuthLocalizedKey string
defPrivLocalizedKey string
defVersion 1|2c|3
defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
trustCert trustCert FINGERPRINT|FILENAME
In agentx.conf and agentx.local.conf:
agentxsocket AgentX bind address
agentxRetries AgentX Retries
agentxTimeout AgentX Timeout (seconds)
agentxperms AgentX socket permissions: socket_perms [directory_perms [username|userid [groupname|groupid]]]
Which now includes the pass and pass_persist directives. Hopefully this saves somebody a day of Googling that I wasted finding this.