2
* snmpvacm.c - send snmp SET requests to a network entity to change the
6
#include <net-snmp/net-snmp-config.h>
19
#include <sys/types.h>
21
#include <netinet/in.h>
25
#if TIME_WITH_SYS_TIME
27
# include <sys/timeb.h>
29
# include <sys/time.h>
34
# include <sys/time.h>
40
#include <sys/select.h>
49
#include <arpa/inet.h>
52
#include <net-snmp/net-snmp-includes.h>
54
int main(int, char **);
56
#define CMD_CREATESEC2GROUP_NAME "createSec2Group"
57
#define CMD_CREATESEC2GROUP 1
58
#define CMD_DELETESEC2GROUP_NAME "deleteSec2Group"
59
#define CMD_DELETESEC2GROUP 2
60
#define CMD_CREATEACCESS_NAME "createAccess"
61
#define CMD_CREATEACCESS 3
62
#define CMD_DELETEACCESS_NAME "deleteAccess"
63
#define CMD_DELETEACCESS 4
64
#define CMD_CREATEVIEW_NAME "createView"
65
#define CMD_CREATEVIEW 5
66
#define CMD_DELETEVIEW_NAME "deleteView"
67
#define CMD_DELETEVIEW 6
71
static const char *successNotes[CMD_NUM] = {
72
"Sec2group successfully created.",
73
"Sec2group successfully deleted.",
74
"Access successfully created.",
75
"Access successfully deleted.",
76
"View successfully created.",
77
"View successfully deleted."
80
#define SEC2GROUP_OID_LEN 11
81
#define ACCESS_OID_LEN 11
82
#define VIEW_OID_LEN 12
84
static oid vacmGroupName[MAX_OID_LEN] =
85
{ 1, 3, 6, 1, 6, 3, 16, 1, 2, 1, 3 },
86
vacmSec2GroupStorageType[MAX_OID_LEN] = {
87
1, 3, 6, 1, 6, 3, 16, 1, 2, 1, 4}, vacmSec2GroupStatus[MAX_OID_LEN] = {
88
1, 3, 6, 1, 6, 3, 16, 1, 2, 1, 5}, vacmAccessContextMatch[MAX_OID_LEN] = {
89
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 4}, vacmAccessReadViewName[MAX_OID_LEN] = {
90
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 5}, vacmAccessWriteViewName[MAX_OID_LEN] = {
91
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 6}, vacmAccessNotifyViewName[MAX_OID_LEN] = {
92
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 7}, vacmAccessStorageType[MAX_OID_LEN] = {
93
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 8}, vacmAccessStatus[MAX_OID_LEN] = {
94
1, 3, 6, 1, 6, 3, 16, 1, 4, 1, 9}, vacmViewTreeFamilyMask[MAX_OID_LEN] = {
95
1, 3, 6, 1, 6, 3, 16, 1, 5, 2, 1, 3}, vacmViewTreeFamilyType[MAX_OID_LEN] = {
96
1, 3, 6, 1, 6, 3, 16, 1, 5, 2, 1, 4},
97
vacmViewTreeFamilyStorageType[MAX_OID_LEN] = {
98
1, 3, 6, 1, 6, 3, 16, 1, 5, 2, 1, 5},
99
vacmViewTreeFamilyStatus[MAX_OID_LEN] = {
100
1, 3, 6, 1, 6, 3, 16, 1, 5, 2, 1, 6}
104
int viewTreeFamilyType = 1;
109
fprintf(stderr, "Usage: snmpvacm ");
110
snmp_parse_args_usage(stderr);
111
fprintf(stderr, " COMMAND\n\n");
112
snmp_parse_args_descriptions(stderr);
113
fprintf(stderr, "\nsnmpvacm commands:\n");
114
fprintf(stderr, " createAccess GROUPNAME [CONTEXTPREFIX] SECURITYMODEL SECURITYLEVEL CONTEXTMATCH READVIEWNAME WRITEVIEWNAME NOTIFYVIEWNAME\n");
115
fprintf(stderr, " deleteAccess GROUPNAME [CONTEXTPREFIX] SECURITYMODEL SECURITYLEVEL\n");
116
fprintf(stderr, " createSec2Group MODEL SECURITYNAME GROUPNAME\n");
117
fprintf(stderr, " deleteSec2Group MODEL SECURITYNAME\n");
118
fprintf(stderr, " [-Ce] createView NAME SUBTREE [MASK]\n");
119
fprintf(stderr, " deleteView NAME SUBTREE\n");
124
access_oid(oid * it, size_t * len, const char *groupName,
125
const char *prefix, int model, int level)
129
int itIndex = ACCESS_OID_LEN;
131
*len = itIndex + 4 + +strlen(groupName);
133
it[itIndex++] = strlen(groupName);
134
for (i = 0; i < (int) strlen(groupName); i++)
135
it[itIndex++] = groupName[i];
138
*len += strlen(prefix);
139
it[itIndex++] = strlen(prefix);
140
for (i = 0; i < (int) strlen(prefix); i++)
141
it[itIndex++] = prefix[i];
145
it[itIndex++] = model;
146
it[itIndex++] = level;
151
sec2group_oid(oid * it, size_t * len, int model, const char *name)
155
int itIndex = SEC2GROUP_OID_LEN;
157
*len = itIndex + 2 + strlen(name);
159
it[itIndex++] = model;
161
it[itIndex++] = strlen(name);
162
for (i = 0; i < (int) strlen(name); i++)
163
it[itIndex++] = name[i];
167
view_oid(oid * it, size_t * len, const char *viewName, char *viewSubtree)
170
oid c_oid[SPRINT_MAX_LEN];
171
size_t c_oid_length = SPRINT_MAX_LEN;
173
int itIndex = VIEW_OID_LEN;
175
if (!snmp_parse_oid(viewSubtree, c_oid, &c_oid_length)) {
176
printf("Error parsing subtree (%s)\n", viewSubtree);
180
*len = itIndex + 2 + strlen(viewName) + c_oid_length;
182
it[itIndex++] = strlen(viewName);
183
for (i = 0; i < (int) strlen(viewName); i++)
184
it[itIndex++] = viewName[i];
187
it[itIndex++] = c_oid_length;
188
for (i = 0; i < (int) c_oid_length; i++)
189
it[itIndex++] = c_oid[i];
192
* sprint_objid(c_oid, it, *len);
197
optProc(int argc, char *const *argv, int opt)
204
viewTreeFamilyType = 2;
209
"Unknown flag passed to -C: %c\n", optarg[-1]);
219
main(int argc, char *argv[])
221
netsnmp_session session, *ss;
222
netsnmp_pdu *pdu = NULL, *response = NULL;
224
netsnmp_variable_list *vars;
230
int current_name = 0;
231
int current_type = 0;
232
int current_value = 0;
236
oid name[MAX_OID_LEN];
243
int secModel, secLevel, contextMatch, val, i = 0;
244
char *mask, *groupName, *prefix;
245
u_char viewMask[VACMSTRINGLEN];
249
* get the common command line arguments
251
switch (arg = snmp_parse_args(argc, argv, &session, "C:", optProc)) {
265
* open an SNMP session
268
* Note: this wil obtain the engineID needed below
270
ss = snmp_open(&session);
273
* diagnose snmp_open errors with the input netsnmp_session pointer
275
snmp_sess_perror("snmpvacm", &session);
280
* create PDU for SET request and add object names and values to request
282
pdu = snmp_pdu_create(SNMP_MSG_SET);
285
fprintf(stderr, "Please specify a operation to perform.\n");
290
if (strcmp(argv[arg], CMD_DELETEVIEW_NAME) == 0)
292
* deleteView: delete a view
294
* deleteView NAME SUBTREE
298
if (++arg + 2 != argc) {
299
fprintf(stderr, "You must specify the view to delete\n");
304
command = CMD_DELETEVIEW;
305
name_length = VIEW_OID_LEN;
306
view_oid(vacmViewTreeFamilyStatus, &name_length, argv[arg],
308
longvar = RS_DESTROY;
309
snmp_pdu_add_variable(pdu, vacmViewTreeFamilyStatus, name_length,
310
ASN_INTEGER, (u_char *) & longvar,
312
} else if (strcmp(argv[arg], CMD_CREATEVIEW_NAME) == 0)
314
* createView: create a view
316
* createView NAME SUBTREE MASK
320
if (++arg + 2 > argc) {
321
fprintf(stderr, "You must specify name, subtree and mask\n");
325
command = CMD_CREATEVIEW;
326
name_length = VIEW_OID_LEN;
327
view_oid(vacmViewTreeFamilyStatus, &name_length, argv[arg],
329
longvar = RS_CREATEANDGO;
330
snmp_pdu_add_variable(pdu, vacmViewTreeFamilyStatus, name_length,
331
ASN_INTEGER, (u_char *) & longvar,
336
if (arg + 3 == argc) {
337
mask = argv[arg + 2];
338
for (mask = strtok(mask, ".:"); mask; mask = strtok(NULL, ".:")) {
339
if (i >= sizeof(viewMask)) {
340
printf("MASK too long\n");
343
if (sscanf(mask, "%x", &val) == 0) {
344
printf("invalid MASK\n");
351
for (i=0 ; i < ((int)name_length+7)/8; i++)
352
viewMask[i] = (u_char)0xff;
354
view_oid(vacmViewTreeFamilyMask, &name_length, argv[arg],
356
snmp_pdu_add_variable(pdu, vacmViewTreeFamilyMask, name_length,
357
ASN_OCTET_STR, viewMask, i);
359
view_oid(vacmViewTreeFamilyType, &name_length, argv[arg],
361
snmp_pdu_add_variable(pdu, vacmViewTreeFamilyType, name_length,
362
ASN_INTEGER, (u_char *) & viewTreeFamilyType,
363
sizeof(viewTreeFamilyType));
365
} else if (strcmp(argv[arg], CMD_DELETESEC2GROUP_NAME) == 0)
367
* deleteSec2Group: delete security2group
369
* deleteSec2Group MODEL SECURITYNAME
373
if (++arg + 2 != argc) {
374
fprintf(stderr, "You must specify the sec2group to delete\n");
379
command = CMD_DELETESEC2GROUP;
380
name_length = SEC2GROUP_OID_LEN;
381
if (sscanf(argv[arg], "%d", &secModel) == 0) {
382
printf("invalid security model\n");
386
sec2group_oid(vacmSec2GroupStatus, &name_length, secModel,
388
longvar = RS_DESTROY;
389
snmp_pdu_add_variable(pdu, vacmSec2GroupStatus, name_length,
390
ASN_INTEGER, (u_char *) & longvar,
392
} else if (strcmp(argv[arg], CMD_CREATESEC2GROUP_NAME) == 0)
394
* createSec2Group: create a security2group
396
* createSec2Group MODEL SECURITYNAME GROUPNAME
400
if (++arg + 3 != argc) {
402
"You must specify model, security name and group name\n");
407
command = CMD_CREATESEC2GROUP;
408
name_length = SEC2GROUP_OID_LEN;
409
if (sscanf(argv[arg], "%d", &secModel) == 0) {
410
printf("invalid security model\n");
414
sec2group_oid(vacmSec2GroupStatus, &name_length, secModel,
416
longvar = RS_CREATEANDGO;
417
snmp_pdu_add_variable(pdu, vacmSec2GroupStatus, name_length,
418
ASN_INTEGER, (u_char *) & longvar,
420
sec2group_oid(vacmGroupName, &name_length, secModel,
422
snmp_pdu_add_variable(pdu, vacmGroupName, name_length,
423
ASN_OCTET_STR, (u_char *) argv[arg + 2],
424
strlen(argv[arg + 2]));
425
} else if (strcmp(argv[arg], CMD_DELETEACCESS_NAME) == 0)
427
* deleteAccess: delete access entry
429
* deleteAccess GROUPNAME [CONTEXTPREFIX] SECURITYMODEL SECURITYLEVEL
433
if (++arg + 3 > argc) {
435
"You must specify the access entry to delete\n");
440
command = CMD_DELETEACCESS;
441
name_length = ACCESS_OID_LEN;
442
groupName = argv[arg];
444
prefix = argv[++arg];
448
if (sscanf(argv[arg + 1], "%d", &secModel) == 0) {
449
printf("invalid security model\n");
453
if (sscanf(argv[arg + 2], "%d", &secLevel) == 0) {
454
printf("invalid security level\n");
458
access_oid(vacmAccessStatus, &name_length, groupName, prefix,
460
longvar = RS_DESTROY;
461
snmp_pdu_add_variable(pdu, vacmAccessStatus, name_length,
462
ASN_INTEGER, (u_char *) & longvar,
464
} else if (strcmp(argv[arg], CMD_CREATEACCESS_NAME) == 0)
466
* createAccess: create access entry
468
* createAccess GROUPNAME [CONTEXTPREFIX] SECURITYMODEL SECURITYLEVEL CONTEXTMATCH READVIEWNAME WRITEVIEWNAME NOTIFYVIEWNAME
472
if (++arg + 7 > argc) {
474
"You must specify the access entry to create\n");
479
command = CMD_CREATEACCESS;
480
name_length = ACCESS_OID_LEN;
481
groupName = argv[arg];
483
prefix = argv[++arg];
487
if (sscanf(argv[arg + 1], "%d", &secModel) == 0) {
488
printf("invalid security model\n");
492
if (sscanf(argv[arg + 2], "%d", &secLevel) == 0) {
493
printf("invalid security level\n");
497
access_oid(vacmAccessStatus, &name_length, groupName, prefix,
499
longvar = RS_CREATEANDGO;
500
snmp_pdu_add_variable(pdu, vacmAccessStatus, name_length,
501
ASN_INTEGER, (u_char *) & longvar,
504
access_oid(vacmAccessContextMatch, &name_length, groupName, prefix,
506
if (sscanf(argv[arg + 3], "%d", &contextMatch) == 0) {
507
printf("invalid contextMatch\n");
511
snmp_pdu_add_variable(pdu, vacmAccessContextMatch, name_length,
512
ASN_INTEGER, (u_char *) & contextMatch,
513
sizeof(contextMatch));
515
access_oid(vacmAccessReadViewName, &name_length, groupName, prefix,
517
snmp_pdu_add_variable(pdu, vacmAccessReadViewName, name_length,
518
ASN_OCTET_STR, (u_char *) argv[arg + 4],
519
strlen(argv[arg + 4]));
521
access_oid(vacmAccessWriteViewName, &name_length, groupName,
522
prefix, secModel, secLevel);
523
snmp_pdu_add_variable(pdu, vacmAccessWriteViewName, name_length,
524
ASN_OCTET_STR, (u_char *) argv[arg + 5],
525
strlen(argv[arg + 5]));
527
access_oid(vacmAccessNotifyViewName, &name_length, groupName,
528
prefix, secModel, secLevel);
529
snmp_pdu_add_variable(pdu, vacmAccessNotifyViewName, name_length,
530
ASN_OCTET_STR, (u_char *) argv[arg + 6],
531
strlen(argv[arg + 6]));
533
printf("Unknown command\n");
541
status = snmp_synch_response(ss, pdu, &response);
542
if (status == STAT_SUCCESS) {
544
if (response->errstat == SNMP_ERR_NOERROR) {
545
fprintf(stderr, "%s\n", successNotes[command - 1]);
547
fprintf(stderr, "Error in packet.\nReason: %s\n",
548
snmp_errstring(response->errstat));
549
if (response->errindex != 0){
551
struct variable_list *vars = response->variables;
552
fprintf(stderr, "Failed object: ");
553
for(count = 1; vars && (count != response->errindex);
554
vars = vars->next_variable, count++)
557
fprint_objid(stderr, vars->name, vars->name_length);
558
fprintf(stderr, "\n");
563
} else if (status == STAT_TIMEOUT) {
564
fprintf(stderr, "Timeout: No Response from %s\n",
568
snmp_sess_perror("snmpset", ss);
573
snmp_free_pdu(response);