From 91a264769da13d3506f1c437248040d5e8f1d36c Mon Sep 17 00:00:00 2001 From: simonzhangsz Date: Fri, 20 Sep 2024 20:21:13 +0800 Subject: [PATCH] add: snmpV3 with ipv6 --- sshsvc/etc/sshsvc.yaml | 4 +- sshsvc/setHLRServiceState | 22 ++++++ sshsvc/snmp/snmp.go | 154 +++++++++++++++++++++++++++++++------- sshsvc/sshsvc.go | 12 ++- 4 files changed, 160 insertions(+), 32 deletions(-) create mode 100644 sshsvc/setHLRServiceState diff --git a/sshsvc/etc/sshsvc.yaml b/sshsvc/etc/sshsvc.yaml index ed3bacf9..7a8435ab 100644 --- a/sshsvc/etc/sshsvc.yaml +++ b/sshsvc/etc/sshsvc.yaml @@ -61,8 +61,8 @@ snmpServer: #engineID: "800007db03360102101101" engineID: "8000000004323030313a6462383a3a39313636" trapPort: 34958 - trapListen: true - trapBool: true + trapListen: false + trapBool: false trapTick: 60 timeOut: 5 trapTarget: "2001:db8::9219" diff --git a/sshsvc/setHLRServiceState b/sshsvc/setHLRServiceState new file mode 100644 index 00000000..bd97f113 --- /dev/null +++ b/sshsvc/setHLRServiceState @@ -0,0 +1,22 @@ +#!/bin/bash + +case "$1" in + 1) + echo -n "Set HLR state link down ... " + snmpset -v3 -l noAuthNoPriv -u manager 192.168.2.219:34957 .1.3.6.1.4.1.1379.2.3.3.3.1.1.9.0 i 1 >/dev/null + echo "done" + ;; + 2) + echo -n "Set HLR state link up ... " + snmpset -v3 -l noAuthNoPriv -u manager 192.168.2.219:34957 .1.3.6.1.4.1.1379.2.3.3.3.1.1.9.0 i 2 >/dev/null + echo "done" + ;; + 3) + echo -n "Set HLR state authentication failure ... " + snmpset -v3 -l noAuthNoPriv -u manager 192.168.2.219:34957 .1.3.6.1.4.1.1379.2.3.3.3.1.1.9.0 i 3 >/dev/null + echo "done" + ;; + *) + echo "Unknown state ($1)" + ;; +esac \ No newline at end of file diff --git a/sshsvc/snmp/snmp.go b/sshsvc/snmp/snmp.go index 26cf2c9d..db40c3b0 100644 --- a/sshsvc/snmp/snmp.go +++ b/sshsvc/snmp/snmp.go @@ -10,6 +10,7 @@ import ( "strings" "time" + "github.com/gosnmp/gosnmp" g "github.com/gosnmp/gosnmp" "github.com/slayercat/GoSNMPServer" "github.com/slayercat/GoSNMPServer/mibImps" @@ -33,8 +34,13 @@ type SNMPService struct { ListenHost string TrapHost string - SysDescr string - SysService int + + SysName string + SysDescr string + SysLocation string + SysContact string + SysStatus string + SysService int } func (s *SNMPService) getAuthProto() g.SnmpV3AuthProtocol { @@ -135,7 +141,39 @@ func (s *SNMPService) StartSNMPServer() { func (s *SNMPService) handleOIDs() []*GoSNMPServer.PDUValueControlItem { customOIDs := []*GoSNMPServer.PDUValueControlItem{ { - OID: "1.3.6.1.2.1.1.1.0", + OID: "1.3.6.1.4.1.1379.2.3.3.3.1.1.1.0", + Type: g.OctetString, + OnGet: func() (value interface{}, err error) { + return s.SysName, nil + }, + OnSet: func(value interface{}) error { + // 将[]uint8转换为string + if v, ok := value.([]uint8); ok { + s.SysName = string(v) + log.Printf("Set request for OID 1.3.6.1.4.1.1379.2.3.3.3.1.1.1.0 with value %v", s.SysName) + return nil + } + return nil + }, + }, + { + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.2.0", + Type: g.OctetString, + OnGet: func() (value interface{}, err error) { + return s.SysStatus, nil + }, + OnSet: func(value interface{}) error { + // 将[]uint8转换为string + if v, ok := value.([]uint8); ok { + s.SysStatus = string(v) + log.Printf("Set request for OID 1.3.6.1.4.1.1379.2.3.3.3.1.1.2.0 with value %v", s.SysStatus) + return nil + } + return nil + }, + }, + { + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.3.0", Type: g.OctetString, OnGet: func() (value interface{}, err error) { return s.SysDescr, nil @@ -144,30 +182,61 @@ func (s *SNMPService) handleOIDs() []*GoSNMPServer.PDUValueControlItem { // 将[]uint8转换为string if v, ok := value.([]uint8); ok { s.SysDescr = string(v) - log.Printf("Set request for OID 1.3.6.1.2.1.1.1.0 with value %v", s.SysDescr) + log.Printf("Set request for OID .1.3.6.1.4.1.1379.2.3.3.3.1.1.3.0 with value %v", s.SysDescr) return nil } return nil }, }, { - OID: "1.3.6.1.2.1.1.3.0", + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.4.0", + Type: g.OctetString, + OnGet: func() (value interface{}, err error) { + return s.SysLocation, nil + }, + OnSet: func(value interface{}) error { + // 将[]uint8转换为string + if v, ok := value.([]uint8); ok { + s.SysLocation = string(v) + log.Printf("Set request for OID .1.3.6.1.4.1.1379.2.3.3.3.1.1.4.0 with value %v", s.SysLocation) + return nil + } + return nil + }, + }, + { + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.5.0", + Type: g.OctetString, + OnGet: func() (value interface{}, err error) { + return s.SysContact, nil + }, + OnSet: func(value interface{}) error { + // 将[]uint8转换为string + if v, ok := value.([]uint8); ok { + s.SysContact = string(v) + log.Printf("Set request for OID .1.3.6.1.4.1.1379.2.3.3.3.1.1.5.0 with value %v", s.SysContact) + return nil + } + return nil + }, + }, + { + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.7.0", Type: g.TimeTicks, OnGet: func() (value interface{}, err error) { return uint32(time.Now().Unix()), nil }, }, { - OID: "1.3.6.1.2.1.1.7.0", + OID: ".1.3.6.1.4.1.1379.2.3.3.3.1.1.9.0", Type: g.Integer, OnGet: func() (value interface{}, err error) { return s.SysService, nil }, OnSet: func(value interface{}) error { - // 将[]uint8转换为string if v, ok := value.(int); ok { s.SysService = v - log.Printf("Set request for OID 1.3.6.1.2.1.1.7.0 with value %v", s.SysService) + log.Printf("Set request for OID .1.3.6.1.4.1.1379.2.3.3.3.1.1.9.0 with value %v", s.SysService) return nil } return nil @@ -311,27 +380,38 @@ func (s *SNMPService) SendPeriodicTraps(gs *g.GoSNMP) { // 1. 设备链路连接失败时发送Trap (LinkDown) func (s *SNMPService) sendLinkDownTrap(gs *g.GoSNMP, ifIndex int, ifDescr string) { + err := gs.Connect() + if err != nil { + log.Fatalf("Connect() err: %v", err) + } + defer gs.Conn.Close() + trap := g.SnmpTrap{ Variables: []g.SnmpPDU{ { - Name: ".1.3.6.1.2.1.2.2.1.1", // ifIndex + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.1", // linkDown + Type: g.OctetString, + Value: ".1.3.6.1.4.1.1379.2.3.3.3.3.1", + }, + { + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.1.1", // ifIndex Type: g.Integer, Value: ifIndex, }, { - Name: ".1.3.6.1.2.1.2.2.1.2", // ifDescr + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.1.2", // ifDescr Type: g.OctetString, Value: ifDescr, }, { - Name: ".1.3.6.1.6.3.1.1.5.3", // linkDown - Type: g.ObjectIdentifier, - Value: ".1.3.6.1.6.3.1.1.5.3", + Name: ".1.3.6.1.4.1.1379.2.3.3.3.4", // severity OID + Type: gosnmp.Integer, + Value: 2, // event }, }, } - _, err := gs.SendTrap(trap) + _, err = gs.SendTrap(trap) if err != nil { log.Printf("error sending LinkDown trap: %s", err) } else { @@ -341,27 +421,38 @@ func (s *SNMPService) sendLinkDownTrap(gs *g.GoSNMP, ifIndex int, ifDescr string // 2. 设备链路恢复正常时发送Trap (LinkUp) func (s *SNMPService) sendLinkUpTrap(gs *g.GoSNMP, ifIndex int, ifDescr string) { + err := gs.Connect() + if err != nil { + log.Fatalf("Connect() err: %v", err) + } + defer gs.Conn.Close() + trap := g.SnmpTrap{ Variables: []g.SnmpPDU{ { - Name: ".1.3.6.1.2.1.2.2.1.1", // ifIndex + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.2", // linkUp + Type: g.OctetString, + Value: ".1.3.6.1.4.1.1379.2.3.3.3.3.2", + }, + { + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.2.1", // ifIndex Type: g.Integer, Value: ifIndex, }, { - Name: ".1.3.6.1.2.1.2.2.1.2", // ifDescr + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.2.2", // ifDescr Type: g.OctetString, Value: ifDescr, }, { - Name: ".1.3.6.1.6.3.1.1.5.4", // linkUp - Type: g.ObjectIdentifier, - Value: ".1.3.6.1.6.3.1.1.5.4", + Name: ".1.3.6.1.4.1.1379.2.3.3.3.4", // severity OID + Type: gosnmp.Integer, + Value: 5, // event }, }, } - _, err := gs.SendTrap(trap) + _, err = gs.SendTrap(trap) if err != nil { log.Printf("error sending LinkUp trap: %s", err) } else { @@ -371,27 +462,38 @@ func (s *SNMPService) sendLinkUpTrap(gs *g.GoSNMP, ifIndex int, ifDescr string) // 3. 设备鉴权失败时发送Trap (AuthenticationFailure) func (s *SNMPService) sendAuthFailureTrap(gs *g.GoSNMP, username, descr string) { + err := gs.Connect() + if err != nil { + log.Fatalf("Connect() err: %v", err) + } + defer gs.Conn.Close() + trap := g.SnmpTrap{ Variables: []g.SnmpPDU{ { - Name: ".1.3.6.1.6.3.1.1.5.5", // authenticationFailure - Type: g.ObjectIdentifier, - Value: ".1.3.6.1.6.3.1.1.5.5", + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.3", // authenticationFailure + Type: g.OctetString, + Value: ".1.3.6.1.4.1.1379.2.3.3.3.3.3", }, { - Name: ".1.3.6.1.4.1.2021.251.1", // 自定义OID,用于记录失败的用户名 + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.3.1", // 自定义OID,用于记录失败的用户名 Type: g.OctetString, Value: username, }, { - Name: ".1.3.6.1.4.1.2021.252.1", // 自定义OID,用于记录描述 + Name: ".1.3.6.1.4.1.1379.2.3.3.3.3.3.2", // 自定义OID,用于记录描述 Type: g.OctetString, Value: descr, }, + { + Name: ".1.3.6.1.4.1.1379.2.3.3.3.4", // severity OID + Type: gosnmp.Integer, + Value: 4, // event + }, }, } - _, err := gs.SendTrap(trap) + _, err = gs.SendTrap(trap) if err != nil { log.Printf("error sending AuthenticationFailure trap: %s", err) } else { diff --git a/sshsvc/sshsvc.go b/sshsvc/sshsvc.go index 5964e062..4989ae8a 100644 --- a/sshsvc/sshsvc.go +++ b/sshsvc/sshsvc.go @@ -155,10 +155,14 @@ func main() { TimeOut: conf.SNMPServer.TimeOut, TrapTarget: conf.SNMPServer.TrapTarget, - ListenHost: conf.SNMPServer.ListenAddr + ":" + strconv.Itoa(int(conf.SNMPServer.ListenPort)), - TrapHost: conf.SNMPServer.ListenAddr + ":" + strconv.Itoa(int(conf.SNMPServer.TrapPort)), - SysDescr: "HLR server", - SysService: 0, + ListenHost: conf.SNMPServer.ListenAddr + ":" + strconv.Itoa(int(conf.SNMPServer.ListenPort)), + TrapHost: conf.SNMPServer.ListenAddr + ":" + strconv.Itoa(int(conf.SNMPServer.TrapPort)), + SysName: "HLR-0", + SysStatus: "Normal", + SysDescr: "HLR server(sysNO=0)", + SysLocation: "Shanghai", + SysContact: "", + SysService: 0, } go snmpSvc.StartSNMPServer()