2

Currently, my OIDs branch from Net-SNMP using extend, which results in an OID like this:

SNMPv2-SMI::enterprises.8072.1.3.2.4.1.2.1.49.1258

or without the MIB:

.1.3.6.1.4.1.8072.1.3.2.4.1.2.1.49.1258

8072 is Net-SNMP,
49 is the decimal value of an ASCII "1" (an arbitrary name I gave my extension), and
1258 is a 'leaf' on my root OID (49).

Now that I have a PEN, how do I go about making my OID tree under my PEN so that I can execute an snmpwalk that displays:

.1.3.6.1.4.1.<MyPEN>.<MyOIDTree>

OS: Linux (Raspbian)

Ctrl S
  • 1,053
  • 12
  • 31
  • The last example you posted seems to be the way to go: https://tools.ietf.org/id/draft-liang-iana-pen-06.html. – LMC Jun 01 '18 at 20:05
  • @LuisMuñoz Definitely. The question is how to use it. – Ctrl S Jun 01 '18 at 20:27
  • Check this https://netbeez.net/blog/snmp/. – LMC Jun 01 '18 at 20:35
  • @LuisMuñoz That's for creating MIBs. – Ctrl S Jun 01 '18 at 20:39
  • 1
    yes, that's what "OID tree" means to me, you want to build your own mib. – LMC Jun 01 '18 at 22:47
  • I need `.1.3.6.1.4.1..` instead of `.1.3.6.1.4.1.8072.1.3.2.4.1.2.1.49.1258` – Ctrl S Jun 03 '18 at 02:14
  • 1
    [MIBs are OID](https://thwack.solarwinds.com/community/solarwinds-community/geek-speak/blog/2013/12/26/what-are-mibs-and-oids-how-to-manage-them) tree definitions:"OID or Object Identifier, is an identifier used to name and point to an object in the MIB hierarchy.". – LMC Jun 03 '18 at 02:30
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/172325/discussion-between-ctrl-s-and-luis-munoz). – Ctrl S Jun 03 '18 at 02:45

1 Answers1

2

Partial Solutions:

-Good-
Specify an OID in the extend command (in snmpd.conf) like so:

extend [OID] <extName> </dir/binary> </dir/script>

The OID is optional, however, omitting it will cause the Net-SNMP PEN to be used by default.

In my case, my extend looks like this:

extend .1.3.6.1.4.1.<myPEN> SQL /bin/sh /usr/sbin/MyScript.sh

This produces the following output:

.1.3.6.1.4.1.[PEN redacted].4.1.2.3.83.81.76.1258 = STRING: "My Data"

This is much closer to the desired structure since it is now extending from a custom PEN, though one is now faced with trimming off the .4.1.2.3 and the .83.81.76 (resulting from the extension name 'SQL').

If anyone knows how to remove those, post it as a new answer!

-Better-
Use the pass command:
pass .1.3.6.1.4.1.PEN /bin/sh /home/pi/net-snmp/local/shellCode
Shell code example: passtest

Output: 

.1.3.6.1.4.1.PEN.1.0 = STRING: "Hello World!"
.1.3.6.1.4.1.PEN.2.1.2.1 = INTEGER: 9
.1.3.6.1.4.1.PEN.2.1.3.1 = OID: .1.3.6.1.4.1.PEN.99
.1.3.6.1.4.1.PEN.3.0 = Timeticks: (363136200) 42 days, 0:42:42.00
.1.3.6.1.4.1.PEN.4.0 = IpAddress: 127.0.0.1
.1.3.6.1.4.1.PEN.5.0 = Counter32: 9
.1.3.6.1.4.1.PEN.6.0 = Gauge32: 9

This appears to solve both issues, however I am unsure of the extent of its capabilities in comparison to a 'proper' OID tree installation.

-Best- (Complete Solution)
Register OIDs using a MIB...

Ctrl S
  • 1,053
  • 12
  • 31
  • Seems you can't get rid of those unless you write a custom MIB or a [perl extension](https://docs-old.fedoraproject.org/en-US/Fedora/18/html/System_Administrators_Guide/sect-System_Monitoring_Tools-Net-SNMP-Extending.html). For an explanation of what the numbers mean see [this question](https://stackoverflow.com/questions/50752081/oid-objects-after-pen-when-using-net-snmp-extend-in-snmpd-conf). – LMC Jun 08 '18 at 01:24
  • Yeah, I've discovered that the `extend` command is responsible for the '.4.1.2.3' after the PEN and cannot be removed. The custom MIB needs to extend from the SNMP agent in order for the tree to 'work correctly'. My MIBs are now understood by `snmptranslate`, I'm now working on getting my auto-generated C files recognized/installed so that I can see my OID tree when walking my IP address. – Ctrl S Jun 08 '18 at 01:51
  • Great reference. Thanks! I will try that when I get a chance. – Ctrl S Jun 08 '18 at 02:39
  • @LuisMuñoz I followed your answer on the question you linked, and I've nearly got it to work except for one issue. I can't seem to get my subagent to connect to the master agent. – Ctrl S Jun 12 '18 at 12:50
  • How are you starting the subagent, remember that ports below 1024 are privileged ones so you have to pick one above that. – LMC Jun 12 '18 at 12:56
  • master agent as root: `sudo snmpd -f -Lo -C --rwcommunity=public --master=agentx --agentXSocket=tcp:localhost:1705` output: `pcilib: Cannot open /proc/bus/pci pcilib: Cannot find any working access method. pcilib: pci_init failed Turning on AgentX master support. Error opening specified endpoint "" Server Exiting with code 1` – Ctrl S Jun 12 '18 at 13:00
  • [Here](https://stackoverflow.com/a/9471975/2834978) something about that. Seems something to do when compiling your subagent. Did not happen to me. – LMC Jun 12 '18 at 13:44
  • @LuisMuñoz Saw that already, and when I went to make the changes, the PCI lines were already commented. I don't know where else it could be getting that 'command' from... – Ctrl S Jun 12 '18 at 13:54
  • Try starting the subagent first. – LMC Jun 12 '18 at 13:58
  • `Warning: Failed to connect to the agentx master agent (tcp:localhost:1705):` I assume this is because the master is not functioning properly. This output repeats every 10 seconds or so until stopped by the user by pressing `Ctrl + C`. – Ctrl S Jun 12 '18 at 14:05
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/172985/discussion-between-luis-munoz-and-ctrl-s). – LMC Jun 12 '18 at 14:08