English
snmp_command.c
资源名称:snmp.src.rar [点击查看]
上传用户:cxs890
上传日期:2021-05-22
资源大小:347k
文件大小:102k
源码类别:
SNMP编程
开发平台:
C/C++
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <assert.h>
- #include <sys/types.h>
- #include <libsys/misc.h>
- #include <ctype.h>
- #ifdef SWITCH
- #include <libvty/vty.h>
- #endif
- #include <libcmd/cmdparse.h>
- #include <libcmd/cmderror.h>
- #include <libcmd/argparse.h>
- #ifndef SWITCH
- #include <libcmd/cmdiface.h>
- #endif
- #include <ip/socket.h>
- #include <ip/netdb.h>
- #include <ip/inet.h>
- #ifdef SWITCH
- #include <ip/ip_misc.h>
- #endif
- #include <libsys/memory.h>
- #include <ip/ip_externs.h>
- #include "config.h"
- #include "types.h"
- #include "asn1.h"
- #include "snmp_vars.h"
- #include "config_struct.h"
- #include "snmp_command.h"
- #include "view.h"
- #include "mib.h"
- #include "snmp_debug.h"
- #include "agent_trap.h"
- /*** sun define for snmp trap-timeout ,because i move structure trap_sink to snmpd.h 2000.03.21 ***/
- #include "snmpd.h"
- #include "snmp_api.h"
- #include "vacm.h"
- #include "snmp.h"
- #include <snmp/snmp_util.h>
- /*#include "snmp_util.h"*/
- #include <snmplib/transform_oids.h>
- #include <snmplib/tools.h>
- #include <snmplib/callback.h>
- #include <snmplib/snmpusm.h>
- #include <snmplib/snmp-tc.h>
- #include <snmplib/snmpv3.h>
- #include <snmplib/keytools.h>
- #include <snmplib/scapi.h>
- #ifdef OS_VXWORKS
- extern int32 set_trace_flag(MODULE_TYPE module, uint32 debug_flag, void (*show_debug)(uint32), void (*no_debug)(), uint8 bStatus);
- #endif
- /*added by sxf*/
- /*in vacm_vars.c*/
- extern void vacm_parse_security (const char *, char *);
- extern void vacm_parse_group (const char *, char *);
- extern void vacm_parse_access (const char *, char *);
- extern void vacm_parse_view (const char *, char *);
- extern BOOL vacm_walkThrSecEntry (void (*thrMethod)(struct vacm_securityEntry*));
- extern struct vacm_securityEntry *vacm_FindSecEntryByCommName (char *);
- extern void vacm_DestroyCommunity (char*);
- extern void vacm_DestroyCommunityAll (void);
- extern int createV1TrapSession (char *sink,char * com,unsigned short trapflags, char *vrfname);
- extern void set_trapsinks(int cmd,long long value);
- extern u_char * translate_objid(u_char *buf);
- extern char *snmp_ntoa (long );
- /*in vacm.c*/
- BOOL vacm_walkThrViewEntry (void (*thrMethod)(struct vacm_viewEntry*));
- /*in agent_registry.c*/
- BOOL ReadObjidFromSubtree (char *str, oid name[], int *name_len);
- /*** sun define end ***/
- static int dosnmp_community(int argc,char *argv[],struct user *u);
- #ifdef INCLUDE_SNMPV3
- static int dosnmp_group(int argc,char *argv[],struct user *u);
- static int dosnmp_user(int argc,char *argv[],struct user *u);
- #endif
- extern int delete_v1_trap_session(char *peer, char *community);
- long snmp_showrunning(DEVICE_ID diID);
- static int dosnmp_contact(int argc,char *argv[],struct user *u);
- #if 0
- static int dosnmp_contact_name(int argc,char *argv[],struct user *u);
- #endif
- void display_snmp_contact(void);
- static int dosnmp_location(int argc,char *argv[],struct user *u);
- static int dosnmp_location_name(int argc,char *argv[],struct user *u);
- void display_snmp_location(void);
- static int dosnmp_packetsize(int argc,char *argv[],struct user *u);
- static int dosnmp_queuelen(int argc,char *argv[],struct user *u);
- static int dosnmp_trap_source(int argc,char *argv[],struct user *u);
- static int dosnmp_trap_timeout(int argc,char *argv[],struct user *u);
- static int dosnmp_host(int argc,char *argv[],struct user *u);
- /*** sun define 2000.03.16 ***/
- static int dosnmp_view(int argc,char *argv[],struct user *u);
- /*** sun define 2000.03.19 ***/
- static int dosnmp_trace(int argc,char *argv[],struct user *u);
- static void CreateSnmpComm (SNMP_COMMUNITY *snmp_para_comm);
- static int dosnmp_engineID(int argc,char *argv[],struct user *u);
- static BOOL display_snmp_user();
- static int display_snmp_group();
- static int resolve_commmunity(char* name,int *index);
- static int dosnmp_srcipaddr(int argc, char *argv[],struct user* u);
- static char *snmp_storage_trans[] = {"nonexistent", "other", "volatile", "nonvolatile",
- "permanent", "readonly"};
- static char *snmp_status_trans[] = {"nonexistent", "active", "not-in-service",
- "not-ready", "create-and-go", "create-and-wait", "destroy"};
- struct cmds Snmpcmds[] = {
- { "community", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_community,NULL,NULL, 0, 0,
- "community -- Enable SNMP; set community string and access privs",
- "community -- 启用 SNMP; 设置 community 字符串",
- NULLCHAR ,NULLCHAR },
- { "contact", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_contact,NULL,NULL, 0, cmdArgc(2,1,0),
- "contact -- Text for mib object sysContact",
- "contact -- 设置 mib 对象 sysContact",
- "LINE -- identification of the contact person for this managed node",
- "LINE -- 该管理节点联系人" },
- #ifdef INCLUDE_SNMPV3
- { "engineID", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_engineID,NULL,NULL, 0, 0,
- "engineID -- Configure a local or remote SNMPv3 engineID",
- "engineID -- 配置本地或远端的SNMP引擎ID",
- NULLCHAR,NULLCHAR},
- { "group", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_group,NULL,NULL, 0, 0,
- "group -- Define a User Security Model group",
- "group -- 定义基于用户的安全模型的组",
- NULLCHAR,NULLCHAR},
- #endif
- { "host", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_host,NULL,NULL, 0, 0,
- "host -- Specify hosts to receive SNMP TRAPs",
- "host -- 指定接收 SNMP TRAPs 的目的主机",
- NULLCHAR,NULLCHAR},
- /*** 2000.03.16 ***
- "?Hostname or A.B.C.D -- IP address of SNMP TRAP host" ,
- "Hostname or A.B.C.D -- IP address of SNMP TRAP host" },
- ******/
- { "location", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_location,NULL,NULL, 0, cmdArgc(2,1,0),
- "location -- Text for mib object sysLocation",
- "location -- 设置 mib 对象 sysLocation",
- NULLCHAR,NULLCHAR },
- { "packetsize", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_packetsize,NULL,NULL, 0, cmdArgc(0,1,0),
- "packetsize -- Largest SNMP packet size",
- "packetsize -- 设置最大的 SNMP 数据包尺寸",
- "<484-17940> -- Packet size",
- "<484-17940> -- 数据包尺寸" },
- { "queue-length", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_queuelen,NULL,NULL, 0, cmdArgc(0,1,0),
- "queue-length -- Message queue length for each TRAP host",
- "queue-length -- 设置针对每个 TRAP 主机的消息队列长度",
- "<1-1000> -- Queue length (default 10)",
- "<1-1000> -- 队列长度 (缺省 10)" },
- { "trap-source", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_trap_source,NULL,NULL, cmdArgc(2,2,0), cmdArgc(0,0,0),
- "trap-source -- Assign an interface for the source address of all traps",
- "trap-source -- 指定一个 interface 用于所有 trap 的源地址",
- NULLCHAR,NULLCHAR},
- { "trap-timeout", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_trap_timeout,NULL,NULL, 0, cmdArgc(0,1,0),
- "trap-timeout -- Set timeout for TRAP message retransmissions",
- "trap-timeout -- 设置重发 TRAP 消息的超时值",
- "<1-1000> -- Timeout (default 30 seconds)",
- "<1-1000> -- 超时值 (缺省 30 秒)"},
- #ifdef INCLUDE_SNMPV3
- { "user", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_user,NULL,NULL, 0, 0,
- "user -- Define a user who can access the SNMP engine",
- "user -- 定义能够访问本SNMP引擎的用户",
- NULLCHAR,NULLCHAR},
- #endif
- { "view", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_view,NULL,NULL, cmdArgc(0,2,0), 0,
- "view -- Define an SNMP MIB view",
- "view -- 定义 SNMP MIB view",
- NULLCHAR,NULLCHAR},
- { "source-addr", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_srcipaddr,NULL,NULL, 2, 0,
- "source-addr -- Set source IP Address",
- "source-addr -- 设置源IP地址",
- NULLCHAR,NULLCHAR},
- { NULLCHAR }
- };
- /*************************************************/
- /** snmp top command */
- int do_snmp(int argc, char *argv[], struct user *u)
- {
- return subcmd(Snmpcmds,NULL, argc, argv, u);
- }
- /* snmp command
- * snmp community ****
- */
- #if 0
- static int dosnmp_community_name(int argc, char *argv[], struct user *u);
- #endif
- static int dosnmp_community_acl(int argc,char *argv[],struct user *u);
- static int dosnmp_community_ro(int argc,char *argv[],struct user *u);
- static int dosnmp_community_rw(int argc,char *argv[],struct user *u);
- static int dosnmp_community_view(int argc,char *argv[],struct user *u);
- static int display_snmp_community(void);
- static void init_a_community(SNMP_COMMUNITY *community);
- /** snmp community command structure */
- struct cmds snmp_community_privilege_cmds[] = {
- { "", MATCH_STR, 0, 0x1, dosnmp_community_acl,NULL,NULL, 0, 0, /*v0.0.6 max 0->1*/
- "WORD -- Std IP accesslist allowing access with this community string",
- "WORD -- 使用该团体允许访问的标准 IP 访问列表",
- NULLCHAR,NULLCHAR},
- { "ro", MATCH_AMB, 0, 0x2, dosnmp_community_ro,NULL,NULL, 0, 0,
- "ro -- Read-only access with this community string",
- "ro -- 使用该团体可访问只读 MIB",
- NULLCHAR,NULLCHAR},
- { "rw", MATCH_AMB, 0, 0x2, dosnmp_community_rw,NULL,NULL, 0, 0,
- "rw -- Read-write access with this community string",
- "rw -- 使用该团体可访问读写 MIB",
- NULLCHAR,NULLCHAR},
- { "view", MATCH_AMB, 0, 0x8, dosnmp_community_view,NULL,NULL, 0, 0,
- "view -- Restrict this community to a named MIB view",
- "view -- 限定该团体可访问的 MIB 视图",
- "WORD -- MIB view to which this community has access",
- "WORD -- MIB 视图",},
- { (char *)-1, MATCH_END, cmdPref(PF_CMDNO, 0, 0), 0x10, NULL,
- NULL,NULL,0, cmdArgc(0,0,0),
- "<cr>",
- "结束",
- NULLCHAR ,NULLCHAR},
- { NULLCHAR }
- };
- /* function: snmp community */
- static int dosnmp_community(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- int i, rc;
- SNMP_COMMUNITY community;
- char *name;
- if(IsNoPref(u) && argc<2){
- vacm_DestroyCommunityAll();
- return 0;
- }
- u->struct_p[COMMUNITY]=(unsigned long )&community;
- switch(getstrrc(&name, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- SNMP community string",
- " WORD -- SNMP 团体名字符串");
- return 1;
- case ARG_PARAM:
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- if (resolve_commmunity(name,&i)<0)
- {
- vty_output("SNMP(@err):exceed the max num of community list(%d)n",SNMP_MAX_COMMUNITY_NUM);
- return 0;
- }else{
- u->struct_p[COMMUNITY_INDEX] = i;
- }
- memset(&community,0,sizeof(SNMP_COMMUNITY));
- strncpy(community.name,name,SNMP_MAX_COMMUNITY_LEN-1);
- if(argc==1){
- if(IsNoPref(u)){/*no snmp community argv[0]*/
- if (vacm_FindSecEntryByCommName (name) != NULL)
- {
- vacm_DestroyCommunity (name);
- }
- else
- {
- vty_output("Cann't find community %sn",name);
- return -1;
- }
- }else{
- CreateSnmpComm (&community); /*Modified by sxf oct.30.2k*/
- /*ASSIGN(snmp_para.community[i],community);*/
- }
- return 0;
- }
- u->cmd_mskbits =0x1f;
- if ((rc = subcmd(snmp_community_privilege_cmds,&u->cmd_mskbits, argc, argv, u))==0){
- CreateSnmpComm (&community);
- return 0;
- }
- else
- return rc;
- }
- void display_a_community(struct vacm_securityEntry *community)
- {
- if(community->community[0]){
- vty_printf("snmp-server community %s ",community->community);
- if (community->viewname[0]){
- vty_printf("view %s ",community->viewname);
- }
- vty_printf("%s ",(community->privilege==READONLY)?"RO":"RW");/*0.0.8*/
- if(community->access_list[0]){
- vty_printf("%s",community->access_list);
- }
- vty_printf("n");
- }
- }
- static int display_snmp_community(void)
- {
- if (vacm_walkThrSecEntry (display_a_community))
- {
- return FALSE;
- }
- else
- {
- return TRUE;
- }
- }
- void init_community(void)
- {
- int i;
- for(i=0;i<SNMP_MAX_COMMUNITY_NUM;i++){
- init_a_community(&snmp_para.community[i]);
- }/*for*/
- return;
- }
- static void init_a_community(SNMP_COMMUNITY *community)
- {
- memset(community,0,sizeof(SNMP_COMMUNITY));
- return;
- }
- /***/
- static int resolve_commmunity(char* name,int *index)
- {
- int i;
- for(i=0;i<SNMP_MAX_COMMUNITY_NUM;i++){
- if(!strcmp(snmp_para.community[i].name,name)) {
- *index=i;
- return 1;
- }
- }
- if(i>=SNMP_MAX_COMMUNITY_NUM){
- for(i=0;i<SNMP_MAX_COMMUNITY_NUM;i++)
- if(snmp_para.community[i].name[0]==0){
- *index=i;
- return 0;
- }
- }
- *index=-1;
- return -1;
- }
- static int dosnmp_community_ro(int argc,char *argv[],struct user *u)
- {
- SNMP_COMMUNITY *community =(SNMP_COMMUNITY *)u->struct_p[COMMUNITY];
- community->privilege = READONLY;
- if (argc>1){
- return subcmd(snmp_community_privilege_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_community_rw(int argc,char *argv[],struct user *u)
- {
- SNMP_COMMUNITY *community =(SNMP_COMMUNITY *)u->struct_p[COMMUNITY];
- community->privilege = READWRITE;
- if (argc>1){
- return subcmd(snmp_community_privilege_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_community_acl(int argc,char *argv[],struct user *u)
- {
- SNMP_COMMUNITY *community =(SNMP_COMMUNITY *)u->struct_p[COMMUNITY];
- char *acl;
- /*由于命令行参数已经被用于匹配命令字,这里需要回退*/
- argc++,argv--;
- switch(getstrrc(&acl, argc--, argv++, 0, NAME_MAXLEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- vty_output("WORDn");
- eng_chi(u, " WORD -- Std IP accesslist allowing access with this community string",
- " WORD -- 使用该团体允许访问的标准 IP 访问列表");
- return 1;
- case ARG_PARAM:
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- strncpy(community->access_list,acl,NAME_MAXLEN-1);
- community->access_list[NAME_MAXLEN-1] = '�';
- if (argc>1){
- return subcmd(snmp_community_privilege_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_community_view(int argc,char *argv[],struct user *u)
- {
- SNMP_COMMUNITY *community =(SNMP_COMMUNITY *)u->struct_p[COMMUNITY];
- char *p;
- if (argc==1){
- if(IsChinese(u)){
- vty_output("命令不完整n");
- }else{
- vty_output("Incomplete commandn");
- }
- return -1;
- }
- switch(getstrrc(&p, argc, argv, 0, SNMP_MAX_VIEW_LEN, u)){
- case ARG_NOERR:
- strncpy(community->viewname,p,MAX_NAME_LEN-1);
- break;
- case ARG_QUERY:
- case ARG_QUEST:
- vty_output("WORDn");
- return 1;
- case ARG_PARAM:
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- --argc;
- ++argv;
- #if 0 /* 2000.06.19 */
- strncpy(community->viewname,argv[1],MAX_NAME_LEN-1);
- u->cmd_mskbits = 0x17;/*for <1-99 and <cr>>*/
- --argc;
- ++argv;
- #endif /* #if 0 */
- if (argc>1){
- return subcmd(snmp_community_privilege_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- #if 0
- struct cmds snmp_contact_cmds[] = {
- { "LINE", MATCH_STR, 0, 0, dosnmp_contact_name, NULL,NULL,0, cmdArgc(0,0,0),
- "LINE -- identification of the contact person for this managed node",
- "LINE -- 该管理节点的联系人标识符",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- #endif
- /**
- **snmp command
- **snmp contact ***
- **/
- static int dosnmp_contact(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- char *p;
- if(argc==1){
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- memset(snmp_para.syscontact,0,SNMP_MAX_SYSCON_LEN);
- }else{
- display_snmp_contact();
- }
- return 0;
- }
- switch(getstrrc(&p, argc, argv, 0, SNMP_MAX_SYSCON_LEN, u)){
- case ARG_NOERR:
- strncpy(snmp_para.syscontact,argv[1],SNMP_MAX_SYSCON_LEN-1);
- break;
- case ARG_QUERY:
- case ARG_QUEST:
- eng_chi(u, " WORDttt-- contact informationn",
- " WORDttt-- 联系信息n");
- return 1;
- case ARG_PARAM:
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- return 0;
- }
- #if 0
- static int dosnmp_contact_name(int argc,char *argv[],struct user *u)
- {
- memset(snmp_para.syscontact,0,SNMP_MAX_SYSCON_LEN);
- strncpy(snmp_para.syscontact,argv[0],SNMP_MAX_SYSCON_LEN-1);
- return 0;
- }
- #endif
- void display_snmp_contact(void)
- {
- if(snmp_para.syscontact[0]){
- vty_output("snmp contact %sn",
- snmp_para.syscontact);
- }else{
- vty_output("Nonen");
- }
- }
- /*snmp command
- *snmp host ***
- */
- static int display_snmp_host(void);
- static void display_a_host(int itemp);
- static int dosnmp_host_delete(SNMP_TRAPSINK *snmphost);
- static int dosnmp_host_add(int argc,char *argv[],struct user *u);
- static int dosnmp_host_community(int argc,char *argv[],struct user *u);
- static int resolve_trapsink(SNMP_TRAPSINK *snmphost, int *index);
- static void dosnmp_host_addhost(SNMP_TRAPSINK *snmphost);
- static int dosnmp_host_community_snmp(int argc,char *argv[],struct user *u);
- static int dosnmp_host_community_auth(int argc,char *argv[],struct user *u);
- static int dosnmp_host_community_config(int argc,char *argv[],struct user *u);
- static int dosnmp_host_inform(int argc,char *argv[],struct user *u);
- static int dosnmp_host_trap(int argc,char *argv[],struct user *u);
- static int dosnmp_host_version(int argc,char *argv[],struct user *u);
- /* by yangyuhua 2006-4-7 */
- static int dosnmp_host_vrf(int argc,char *argv[],struct user *u);
- static int dosnmp_host_version_choice(int argc,char *argv[],struct user *u);
- static int dosnmp_host_version3_authpara(int argc,char *argv[],struct user *u);
- static int do_show_snmp_user(int argc,char *argv[],struct user *u);
- static int do_show_snmp_group(int argc,char *argv[],struct user *u);
- static int do_show_snmp_engineID(int argc,char *argv[],struct user *u);
- struct cmds snmp_host_cmds[] = {
- { (char *)-1, MATCH_STR, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_host_add, NULL,NULL,cmdArgc(0,2,2), 0,
- "Hostname or A.B.C.D -- IP address of SNMP TRAP host",
- "Hostname or A.B.C.D -- 接收SNMP TRAP主机的 IP 地址",
- NULLCHAR ,NULLCHAR},
- /*
- { (char *)-1, MATCH_END, 0, 0x10, NULL, NULL,NULL,0, 0,
- "<cr> -- Display Current host configure",
- "结束 -- 显示当前 host 配置",
- NULLCHAR ,NULLCHAR},
- { (char *)-1, MATCH_END, 0, 0x20, NULL,NULL,NULL,0, 0,
- "<cr>",
- "结束",
- NULLCHAR ,NULLCHAR},
- */
- {NULLCHAR}
- };
- struct cmds snmp_host_hostname_cmds[] = {
- { "WORD", MATCH_STR, cmdPref(PF_CMDNO, 0, 0), 0x1, dosnmp_host_community, NULL,NULL,0, 0,
- #ifdef INCLUDE_SNMPV3
- "WORD -- SNMPv1/v2c community string or SNMPv3 user name",
- "WORD -- SNMPv1/v2c 团体字符串或SNMPv3用户名",
- #else
- "WORD -- SNMP community string",
- "WORD -- SNMP 团体字符串",
- #endif
- NULLCHAR ,NULLCHAR},
- { "informs", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x2, dosnmp_host_inform, NULL,NULL,0, 0,
- "informs -- Send Inform messages to this host",
- "informs -- 向该主机发送inform",
- NULLCHAR ,NULLCHAR},
- { "traps", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x2, dosnmp_host_trap, NULL,NULL,0, 0,
- "traps -- Send Trap messages to this host",
- "traps -- 向该主机发送trap",
- NULLCHAR ,NULLCHAR},
- { "version", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x4, dosnmp_host_version, NULL,NULL,0, 0,
- "version -- SNMP version to use for notification messages",
- "version -- 向主机发送通知类报文的版本号",
- NULLCHAR ,NULLCHAR},
- /* by yangyuhua 2006-4-7 */
- { "vrf", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x8, dosnmp_host_vrf, NULL,NULL,0, 0,
- "vrf -- Bind vrf name ",
- "vrf -- 绑定vrf ",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- #define SNMP_HOST_V1 0x01
- #define SNMP_HOST_V2c 0x02
- #define SNMP_HOST_V3 0x04
- struct cmds snmp_host_hostname_version_cmds[] = {
- { "v1", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMP_HOST_V1, dosnmp_host_version_choice, NULL,NULL,0, 0,
- "v1 -- Use SNMPv1",
- "v1 -- 使用版本1",
- NULLCHAR ,NULLCHAR},
- { "v2c", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMP_HOST_V2c, dosnmp_host_version_choice, NULL,NULL,0, 0,
- "v2c -- Use SNMPv2c",
- "v2c -- 使用版本2c",
- NULLCHAR ,NULLCHAR},
- #ifdef INCLUDE_SNMPV3
- { "v3", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMP_HOST_V3, dosnmp_host_version_choice, NULL,NULL,0, 0,
- "v3 -- Use SNMPv3",
- "v3 -- 使用版本3",
- NULLCHAR ,NULLCHAR},
- #endif
- {NULLCHAR}
- };
- #ifdef INCLUDE_SNMPV3
- #define SNMPV3_HOST_V3_AUTH 0x01
- #define SNMPV3_HOST_V3_NOAUTH 0x02
- struct cmds snmp_host_hostname_version3_auth_cmds[] = {
- { "auth", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_HOST_V3_AUTH, dosnmp_host_version3_authpara, NULL,NULL,0, 0,
- "auth -- Use the SNMPv3 authNoPriv Security Level",
- "auth -- 使用版本3认证不加密安全级别",
- NULLCHAR ,NULLCHAR},
- { "noauth", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_HOST_V3_NOAUTH, dosnmp_host_version3_authpara, NULL,NULL,0, 0,
- "noauth -- Use the SNMPv3 noAuthNoPriv Security Level",
- "noauth -- 使用版本3不认证不加密安全级别",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- #endif
- struct cmds snmp_host_community_cmds[] = {
- { "authentication", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x1, dosnmp_host_community_auth,NULL,NULL,0, cmdArgc(0,0,0),
- "authentication -- Allow authentication failure traps",
- "authentication -- 允许发送认证失败traps",
- NULLCHAR ,NULLCHAR},
- { "configure", MATCH_AMB, 0, 0x2, dosnmp_host_community_config, NULL,NULL,0, 0,
- "configure -- Allow SNMP-configure traps",
- "configure -- 允许发送 SNMP 配置 traps",
- NULLCHAR ,NULLCHAR},
- { "snmp", MATCH_AMB, 0, 0x4, dosnmp_host_community_snmp, NULL,NULL,0, 0,
- "snmp -- Allow SNMP-type traps",
- "snmp -- 允许发送 SNMP traps",
- NULLCHAR ,NULLCHAR},
- { (char *)-1, MATCH_END, cmdPref(PF_CMDNO, 0, 0), 0x20, NULL,
- NULL,NULL,0, 0,
- /* "<cr> -- Allow all traps",
- "结束 -- 允许发送所有traps", *//* v0.0.3*/
- "<cr>",
- "结束",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- static int dosnmp_host(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- return subcmd(snmp_host_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- /*** sun define 2000.03.12 ***/
- static int dosnmp_host_add(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK snmphost;
- int res;
- memset(&snmphost,0,sizeof(SNMP_TRAPSINK));
- snmphost.pdutype = SNMP_MSG_TRAP;
- snmphost.trapflags = 0xFFFF;
- u->struct_p[SNMP_HOST] = (unsigned long)&snmphost;
- strncpy (snmphost.hostname, *(argv), SNMP_MAX_HOSTNAME_LEN-1);
- u->cmd_mskbits = 0x1F;
- #ifdef SWITCH
- res = 0;
- #else
- res=ip_vrf_enable_status();
- #endif
- if(!res){/*support vrf*/
- u->cmd_mskbits &= ~0x8;
- }
- return subcmd(snmp_host_hostname_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- static int display_snmp_host(void)
- {
- int i;
- int emptyconfiguration = TRUE;
- for(i=0;i<SNMP_MAX_TRAPSINK;i++){
- if(snmp_para.trapsink[i].ipaddr!=0)
- break;
- }/*for*/
- if (i>=SNMP_MAX_TRAPSINK){
- #if 0 /* 2000.04.03 */
- vty_printf("Nonen");
- #endif /* #if 0 */
- return emptyconfiguration;
- }else{
- for(i=0;i<SNMP_MAX_TRAPSINK;i++){
- display_a_host(i);
- }/*for*/
- emptyconfiguration = FALSE;
- }
- return emptyconfiguration;
- }
- static void display_a_host(int itemp)
- {
- SNMP_TRAPSINK * trapsink;
- if ((itemp >= 0 ) && (itemp < SNMP_MAX_TRAPSINK))
- trapsink = (SNMP_TRAPSINK * )(&(snmp_para.trapsink[itemp]));
- else return;
- if(trapsink->ipaddr){
- vty_printf("snmp-server host %s ",snmp_ntoa(trapsink->ipaddr));
- /*by yangyuhua 2006-4-7*/
- if(trapsink->vrfname[0])
- vty_printf("vrf %s ",trapsink->vrfname);
- if (trapsink->pdutype == SNMP_MSG_INFORM)
- vty_printf("informs ");
- switch (trapsink->version) {
- case SNMP_VERSION_2c:
- vty_printf("version v2c ");
- break;
- case SNMP_VERSION_3:
- vty_printf("version v3 ");
- if (trapsink->authtype == SNMP_SEC_LEVEL_NOAUTH)
- vty_printf("noauth ");
- else
- vty_printf("auth ");
- break;
- }
- if(trapsink->community[0])
- vty_printf("%s ",trapsink->community);
- if(trapsink->trapflags){
- if(trapsink->trapflags!=0xffff)
- {
- if(trapsink->trapflags&SNMP_AUTH_TRAP)
- vty_printf("authentication ");
- if(trapsink->trapflags&SNMP_CONFIG_TRAP)
- vty_printf("configure ");
- if(trapsink->trapflags&SNMP_SNMPTYPE_TRAP)
- vty_printf("snmp");
- }
- }
- vty_printf("n");
- }
- }
- static int dosnmp_host_delete(SNMP_TRAPSINK *snmphost)
- {
- int i,ret;
- if(snmphost->ipaddr==0){
- vty_output("Invalid IP address or unknow hostnamen");
- /*** 2000.03.15 ***
- vty_output("SNMP:非法IP地址或者未配置的主机名 %sn",argv[1]);
- ******/
- return 0;
- }
- ret = resolve_trapsink(snmphost, &i);
- if(ret==1){
- memset(&snmp_para.trapsink[i],0,sizeof(SNMP_TRAPSINK));
- }else{
- vty_output("Cannot find host %sn",snmp_ntoa(snmphost->ipaddr));
- }
- return 0;
- }
- static int dosnmp_host_community(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- struct hostent *hp;
- int rc;
- strncpy(snmphost->community,argv[0],SNMP_MAX_COMMUNITY_LEN-1);
- if(IsNoPref(u)){/*no snmp host <hostnameipaddree>*/
- u->cmd_mskbits = 0x2F;
- rc = cmdend(--argc, ++argv, u);
- if (rc)
- return rc;
- if ((snmphost->ipaddr = inet_addr (snmphost->hostname))
- == INADDR_NONE) {
- vty_output ("Translating "%s"... n", snmphost->hostname);
- hp = gethostbyname(snmphost->hostname);
- if (hp == NULL)
- {
- vty_output (" Unknown hostname "%s"n", snmphost->hostname);
- return -1;
- }
- else
- {
- vty_output ("Successn");
- memcpy(&(snmphost->ipaddr), hp->h_addr, 4);
- }
- }
- dosnmp_host_delete(snmphost);
- return 0;
- }
- else
- {
- if(argc<2){
- /* strncpy(snmphost->community,argv[0],SNMP_MAX_COMMUNITY_LEN-1);*//*v0.0.3*/
- snmphost->trapflags = 0xffff;/*all*/
- dosnmp_host_addhost(snmphost);
- return 0;
- }
- u->cmd_mskbits = 0xFF;
- snmphost->trapflags = 0;/*For Bug SWBUG00006106*/
- if ((rc = subcmd(snmp_host_community_cmds,&u->cmd_mskbits, argc, argv, u))==0){
- dosnmp_host_addhost(snmphost);
- return 0;
- }
- else
- return rc;
- }
- return 0;
- }
- static int dosnmp_host_inform(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- snmphost->pdutype = SNMP_MSG_INFORM;
- /*yangyhuhua(a) 2006-4-14*/
- snmphost->version = SNMP_VERSION_2c;
- u->cmd_mskbits &= ~0x02;
- return subcmd(snmp_host_hostname_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_host_trap(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- snmphost->pdutype = SNMP_MSG_TRAP;
- u->cmd_mskbits &= ~0x02;
- return subcmd(snmp_host_hostname_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_host_version(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- u->cmd_mskbits = -1;
- /*yangyuhua(a) 2006-4-14*/
- if ((snmphost->version > SNMP_VERSION_1) && (snmphost->version <= SNMP_VERSION_3))
- u->cmd_mskbits &= ~(SNMP_HOST_V1);
- return subcmd(snmp_host_hostname_version_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_host_version_choice(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- /*yangyuhua(m) 2006-4-14*/
- if (snmphost->pdutype == SNMP_MSG_INFORM)
- {
- if ((u->cmd_mskbits & SNMP_HOST_V2c) == 0) {
- snmphost->version = SNMP_VERSION_2c;
- } else if ((u->cmd_mskbits & SNMP_HOST_V3) == 0) {
- snmphost->version = SNMP_VERSION_3;
- } else
- assert(0);
- } else {
- if ((u->cmd_mskbits & SNMP_HOST_V1) == 0) {
- snmphost->version = SNMP_VERSION_1;
- } else if ((u->cmd_mskbits & SNMP_HOST_V2c) == 0) {
- snmphost->version = SNMP_VERSION_2c;
- } else if ((u->cmd_mskbits & SNMP_HOST_V3) == 0) {
- snmphost->version = SNMP_VERSION_3;
- } else
- assert(0);
- }
- if (snmphost->version != SNMP_VERSION_1 && snmphost->pdutype == SNMP_MSG_TRAP)
- snmphost->pdutype = SNMP_MSG_TRAP2;
- #ifdef INCLUDE_SNMPV3
- if (snmphost->version == SNMP_VERSION_3) {
- u->cmd_mskbits = -1;
- return subcmd(snmp_host_hostname_version3_auth_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- else
- #endif
- {
- u->cmd_mskbits = 1;
- return subcmd(snmp_host_hostname_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- }
- #ifdef INCLUDE_SNMPV3
- static int dosnmp_host_version3_authpara(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- if ((u->cmd_mskbits & SNMPV3_HOST_V3_AUTH) == 0) {
- snmphost->authtype = SNMP_SEC_LEVEL_AUTHNOPRIV;
- } else if ((u->cmd_mskbits & SNMPV3_HOST_V3_NOAUTH) == 0) {
- snmphost->authtype = SNMP_SEC_LEVEL_NOAUTH;
- }
- u->cmd_mskbits = 1;
- return subcmd(snmp_host_hostname_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- #endif
- /* by yangyuhua 2006-4-7 */
- static int dosnmp_host_vrf(int argc, char *argv[], struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- char *p;
- uint32 rc;
- if(argc ==1){
- cmderror(ERR_INCOM, argv[0], u);
- return -1;
- }
- else {
- switch(getstrrc(&p, argc, argv, 0, SNMP_VRF_NAME_LEN, u)){
- case ARG_NOERR:
- /*snmphost->vrfid= get_vrf_id_byname(p);*/
- strcpy(snmphost->vrfname,p);
- break;
- case ARG_QUERY:
- case ARG_QUEST:
- eng_chi(u, " WORD -- VPN Routing/Forwarding instance name(up to 16 chars)", " WORD -- VRF名字( 最多16个字符)");
- return 1;
- case ARG_PARAM:
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- }
- if (argc==2) return 0;
- else {
- u->cmd_mskbits &= ~0x08;
- return subcmd(snmp_host_hostname_cmds,&u->cmd_mskbits, argc-1, argv+1, u);
- }
- }
- static void dosnmp_host_addhost(SNMP_TRAPSINK *snmphost)
- {
- int ret,i;
- struct hostent *hp;
- if ((snmphost->ipaddr = inet_addr (snmphost->hostname))
- == INADDR_NONE) {
- vty_output ("Translating "%s"... n", snmphost->hostname);
- hp = gethostbyname(snmphost->hostname);
- if (hp == NULL)
- {
- vty_output ("Unknown hostname "%s"n", snmphost->hostname);
- return;
- }
- else
- {
- vty_output ("Successn");
- memcpy(&(snmphost->ipaddr), hp->h_addr, 4);
- }
- }
- ret=resolve_trapsink(snmphost, &i);
- if (ret<0){
- vty_output("SNMP:Too many trap hosts. The maximum number is(%d)n",SNMP_MAX_TRAPSINK);
- return;
- }else{
- switch (snmphost->version) {
- case SNMP_VERSION_1:
- if(createV1TrapSession((char*)snmp_ntoa(snmphost->ipaddr),(char*)snmphost->community,
- snmphost->trapflags, snmphost->vrfname)>0){
- ASSIGN(snmp_para.trapsink[i],*snmphost);
- }else{
- vty_output("SNMP:system too busy,can not create trap sessionn");
- }
- break;
- case SNMP_VERSION_2c:
- if(createV2TrapSession(snmp_ntoa(snmphost->ipaddr),snmphost->community,
- snmphost->trapflags, snmphost->pdutype, snmphost->vrfname)>0){
- ASSIGN(snmp_para.trapsink[i],*snmphost);
- }else{
- vty_output("SNMP:system too busy,can not create trap sessionn");
- }
- break;
- #ifdef INCLUDE_SNMPV3
- case SNMP_VERSION_3:
- ret = createV3TrapSession(snmp_ntoa(snmphost->ipaddr), snmphost->community,
- snmphost->authtype, snmphost->pdutype, snmphost->trapflags,snmphost->vrfname);
- if (ret>0) {
- ASSIGN(snmp_para.trapsink[i],*snmphost);
- } else if (ret == 0) {
- vty_output("SNMP:system too busy,can not create trap sessionn");
- }
- break;
- #endif /*INCLUDE_SNMPV3*/
- default:
- break;
- }
- }
- return ;
- }
- static int resolve_trapsink(SNMP_TRAPSINK *snmphost, int *index)
- {
- int i;
- int return_val;
- for(i=0;i<SNMP_MAX_TRAPSINK;i++){
- if(snmphost->ipaddr==snmp_para.trapsink[i].ipaddr
- && strcmp (snmphost->community, snmp_para.trapsink[i].community)==0
- && snmp_para.trapsink[i].pdutype == snmphost->pdutype
- && strcmp (snmp_para.trapsink[i].vrfname, snmphost->vrfname)==0){
- return_val = deleteTrapSession(snmp_ntoa(snmphost->ipaddr), snmphost->community, snmphost->version, snmphost->pdutype, snmphost->vrfname);
- snmp_para.trapsink[i].community[0]=0;
- /*** 2000.03.12 ***
- hprintf(mngr_id,"SNMP:配置已修改n");
- ******/
- *index = i;
- return return_val;
- }
- }
- if(i>=SNMP_MAX_TRAPSINK){
- for(i=0;i<SNMP_MAX_TRAPSINK;i++){
- if(snmp_para.trapsink[i].community[0]==0){
- *index = i;
- return_val = deleteTrapSession(snmp_ntoa(snmphost->ipaddr), snmphost->community, snmphost->version, snmphost->pdutype,snmphost->vrfname);
- return return_val;
- }
- }
- }
- *index =-1;
- return -1;
- }
- static int dosnmp_host_community_auth(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- snmphost->trapflags |=SNMP_AUTH_TRAP;
- if(argc>1){
- return subcmd(snmp_host_community_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_host_community_config(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- snmphost->trapflags |=SNMP_CONFIG_TRAP;
- if(argc>1){
- return subcmd(snmp_host_community_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_host_community_snmp(int argc,char *argv[],struct user *u)
- {
- SNMP_TRAPSINK *snmphost=(SNMP_TRAPSINK *)u->struct_p[SNMP_HOST];
- snmphost->trapflags |=SNMP_SNMPTYPE_TRAP;
- if(argc>1){
- return subcmd(snmp_host_community_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- /*snmp command*/
- struct cmds snmp_location_cmds[] = {
- { "LINE", MATCH_STR, 0, 0, dosnmp_location_name, NULL,NULL,0, 0,
- "LINE -- The physical location of this node",
- "LINE -- 该节点的实际位置",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- /* snmp location ***
- */
- static int dosnmp_location(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- if(argc==1){
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- memset(snmp_para.syslocation,0,SNMP_MAX_SYSLOC_LEN);
- }else{
- display_snmp_location();
- }
- return 0;
- }else{
- return subcmd(snmp_location_cmds,NULL, argc, argv, u);
- }
- }
- static int dosnmp_location_name(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- memset(snmp_para.syslocation,0,SNMP_MAX_SYSCON_LEN);
- strncpy(snmp_para.syslocation,argv[0],SNMP_MAX_SYSCON_LEN-1);
- return 0;
- }
- void display_snmp_location(void)
- {
- if(snmp_para.syslocation[0]){
- vty_output("snmp location %sn",snmp_para.syslocation);
- }else{
- vty_output("Nonen");
- }
- }
- static int dosnmp_packetsize(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- int packetsize;
- long rc;/*** sun define 2000.07.28 ***/
- if(argc==1){
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- snmp_para.packetsize = SNMP_DEFAULT_PACKETSIZE;
- }else{
- vty_output("snmp packetsize %dn",
- snmp_para.packetsize);
- }
- return 0;
- }else{
- switch(getintrc(&packetsize, argc,argv,SNMP_MIN_PACKETSIZE,SNMP_MAX_PACKETSIZE,u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST :
- cmderror(ERR_NEXTP, NULL, u);
- default:
- return 1;
- }/*switch*/
- if ((rc = cmdend(argc-2, argv+2, u)))/*** sun define 2000.07.28 ***/
- return rc;
- snmp_para.packetsize = (unsigned short)packetsize;
- }
- return 0;
- }
- static int dosnmp_queuelen(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- int queuelen;
- long rc;/*** sun define 2000.07.28 v0.0.6 ***/
- if(argc==1){
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- snmp_para.queuelen = SNMP_DEFAULT_TRAP_QUEUELEN;
- set_trapsinks(SET_SNMP_TRAP_QUEUELEN,SNMP_DEFAULT_TRAP_QUEUELEN);
- }else{
- vty_output("snmp queue-length %dn",
- snmp_para.queuelen);
- }
- return 0;
- }else{
- switch(getintrc(&queuelen, argc,argv,1,SNMP_MAX_TRAP_QUEUELEN,u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST :
- cmderror(ERR_NEXTP, NULL, u);
- default:
- return 1;
- }/*switch*/
- if ((rc = cmdend(argc-2, argv+2, u)))/*** sun define 2000.07.28 ***/
- return rc;
- snmp_para.queuelen = (unsigned short)queuelen;
- set_trapsinks(SET_SNMP_TRAP_QUEUELEN,queuelen);
- }
- return 0;
- }
- static int dosnmp_trap_source(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- DEVICE_ETERNAL_ID eternalID;
- DEVICE_ID diID;
- int offset;
- UINT32 ifmask;
- long rc; /*** sun define 2000.07.28 v0.0.6 ***/
- /* 0 表示不需要创建,~0L表示所有端口类型 */
- #ifdef SWITCH
- ifmask = INTERFACE_TYPE_MASK_ROUTING;
- #else
- ifmask = (UINT32)~0L;
- #endif
- if (ARG_NOERR != getinterface(&eternalID, &offset, 0,
- ifmask, argc, argv, u))
- return -1;
- /* 修正argc和argv的值,1表示子命令 */
- argc -= 1+offset;
- argv += 1+offset;
- /* 将eternalID转换为diID */
- if (INTERFACE_GLOBAL_SUCCESS != interface_omnivorous_callback_makemomentary(&diID, eternalID))
- return -1;
- /* vty_output("diID=%dn",diID); */
- #if 0 /* 2000.03.21 */
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- snmp_para.trapsource = 0;
- set_trapsinks(SET_SNMP_TRAP_SOURCE,0);
- }else{
- snmp_para.trapsource = diID;
- set_trapsinks(SET_SNMP_TRAP_SOURCE,diID);
- }
- #else
- if ((rc = cmdend(argc, argv, u)))/*** sun define 2000.07.28 ***/
- return rc;
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- snmp_para.trapsource = DEVICE_INVALID_ETERNAL_ID;
- set_trapsinks(SET_SNMP_TRAP_SOURCE,0);
- }else{
- snmp_para.trapsource = eternalID;
- set_trapsinks(SET_SNMP_TRAP_SOURCE,eternalID);
- }
- #endif /* #if 0 */
- return 0;
- }
- static int dosnmp_trap_timeout(argc,argv,u)
- int argc;
- char *argv[];
- struct user *u;
- {
- int timeout;
- long rc;/*** sun define 2000.07.28 v0.0.6 ***/
- if(argc==1){
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- snmp_para.timeout = SNMP_DEFAULT_TRAP_TIMEOUT;
- set_trapsinks(SET_SNMP_TRAP_TIMEOUT,SNMP_DEFAULT_TRAP_TIMEOUT*1000000L);/** in set_traplinks() in us unit */
- }else{
- vty_output("snmp trap-timeout %dn",
- snmp_para.timeout);
- }
- return 0;
- }else{
- switch(getintrc(&timeout, argc,argv,1,SNMP_MAX_TRAP_TIMEOUT,u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST :
- cmderror(ERR_NEXTP, NULL, u);
- default:
- return 1;
- }/*switch*/
- if ((rc = cmdend(argc-2, argv+2, u)))/*** sun define 2000.07.27 v0.0.6***/
- return rc;
- snmp_para.timeout = (unsigned short)timeout;
- set_trapsinks(SET_SNMP_TRAP_TIMEOUT,timeout*1000000L);/** in set_traplinks() in us unit */
- }
- return 0;
- }
- /*snmp command
- * snmp view ***
- */
- static int dosnmp_view_name(int argc,char *argv[],struct user *u);
- /*static int dosnmp_view_name_sun(int argc,char *argv[],struct user *u);*/
- static void dosnmp_view_delete(char *viewName);
- static int dosnmp_view_type(int argc,char *argv[],struct user *u);
- static int display_snmp_view(void);
- struct cmds snmp_view_cmds[] = {
- { "WORD", MATCH_STR, cmdPref(PF_CMDNO, 0, 0), 0x1,
- dosnmp_view_name, NULL,NULL,cmdArgc(2,0,0), cmdArgc(0,0,0),
- "WORD -- Name of the view",
- "WORD -- 视图名",
- NULLCHAR,NULLCHAR},
- { (char *)-1, MATCH_END, 0, 0x20, NULL,NULL,NULL,0, 0,
- "<cr>",
- "结束",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- #if 0
- struct cmds snmp_view_name_cmds[] = {
- { (char *)-1, MATCH_STR, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_view_name_sun, NULL,NULL,2, 2,
- "WORD -- MIB view family name",
- "WORD -- MIB 族名字",
- NULLCHAR,NULLCHAR},
- {NULLCHAR}
- };
- #endif
- struct cmds snmp_view_sides_cmds[] = {
- { "excluded", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_view_type, NULL,NULL,0, 1,
- "excluded -- MIB family is excluded from the view",
- "excluded -- 拒绝该 MIB 族",
- NULLCHAR ,NULLCHAR},
- { "included", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_view_type, NULL,NULL,0, 1,
- "included -- MIB family is included in the view",
- "included -- 包括该 MIB 族",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- /*** sun define 2000.03.16 ***/
- static int dosnmp_view(int argc,char *argv[],struct user *u)
- {
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- u->cmd_mskbits = 0x2F;
- }else{
- u->cmd_mskbits = 0x1F;
- }
- return subcmd(snmp_view_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- void display_a_view (struct vacm_viewEntry *vp)
- {
- char buf[512];
- if (vp->viewStorageType == SNMP_STORAGE_PERMANENT && vp->viewStatus == SNMP_ROW_ACTIVE)
- {
- if (vp->subtreeName[0] == '�')
- {
- sprint_objid(buf,vp->viewSubtree,vp->viewSubtreeLen);
- vty_printf("snmp-server view %s %s %sn",
- vp->viewName+1,translate_objid(buf),
- vp->viewType==VIEW_INCLUDED?"included":"excluded");
- }
- else
- {
- vty_printf("snmp-server view %s %s %sn",
- vp->viewName+1,vp->subtreeName,
- vp->viewType==VIEW_INCLUDED?"included":"excluded");
- }
- }
- }
- static int display_snmp_view(void)
- {
- if (vacm_walkThrViewEntry (display_a_view))
- {
- return FALSE;
- }
- else
- {
- return TRUE;
- }
- }
- static int dosnmp_view_name(int argc,char *argv[],struct user *u)
- {
- SNMP_VIEW view;
- char *name;
- /*** 2000.03.18 test dump_objid ***
- char buf[128];
- ******/
- memset(&view,0,sizeof(SNMP_VIEW));
- u->struct_p[VIEW] = (unsigned long)&view;
- strncpy(view.viewName,argv[0],63);
- view.viewSubtreeLen = 32;/*** sun define 2000.03.17 ***/
- if(IsNoPref(u)){/*no snmp host <hostnameipaddree>*/
- u->cmd_mskbits = 0x2F;
- if(argc<2){
- dosnmp_view_delete(view.viewName);
- return 0;
- }
- }else{
- u->cmd_mskbits = 0x1F;
- }
- switch (getstrrc(&name, argc, argv, 0, NAME_MAXLEN, u)) {
- case ARG_NOERR :
- break;
- case ARG_GENER :
- return -1;
- case ARG_PARAM :
- eng_chi(u, "Incomplete command", "命令不完整");
- return -1;
- case ARG_QUERY :
- eng_chi(u, " WORD -- MIB view family name",
- " WORD -- MIB 族名字");
- return 1;
- case ARG_QUEST :
- eng_chi(u, "WORD", "WORD");
- return 1;
- default :
- return -1;
- }
- /*** 2000.03.17 ***
- strncpy(viewname,argv[1],MAX_NAME_LEN-1);
- ******/
- if (!ReadObjidFromSubtree (name, view.viewSubtree, &view.viewSubtreeLen))
- {
- if (!read_objid(name,view.viewSubtree, (size_t *)(&view.viewSubtreeLen))){
- vty_output("Illegal subtree oid: %sn",name);
- return -1;
- }
- view.subtreeName[0] = '�';
- }
- else
- {
- strcpy (view.subtreeName, name);
- }
- return subcmd(snmp_view_sides_cmds,&u->cmd_mskbits, --argc, ++argv, u);
- }
- #if 0
- static int dosnmp_view_name_sun(int argc,char *argv[],struct user *u)
- {
- SNMP_VIEW *view =(SNMP_VIEW *)u->struct_p[VIEW];
- if (!ReadObjidFromSubtree (argv[0], view->viewSubtree, &view->viewSubtreeLen))
- {
- if (!read_objid(argv[0],view->viewSubtree, (size_t *)(&view->viewSubtreeLen))){
- vty_output("Illegal subtree oid: %sn",argv[0]);
- return -1;
- }
- view->subtreeName[0] = '�';
- }
- else
- {
- strcpy (view->subtreeName, argv[0]);
- }
- return subcmd(snmp_view_sides_cmds,&u->cmd_mskbits, argc, argv, u);
- }
- #endif
- static void dosnmp_view_delete(char *viewName)
- {
- int IsDelete=0;
- struct vacm_viewEntry *vp;
- while (1)
- {
- vp = vacm_findViewEntryByName (viewName);
- if (vp != NULL)
- {
- vacm_destroyViewEntry (vp->viewName+1, vp->viewSubtree, vp->viewSubtreeLen);
- IsDelete = 1;
- }
- else
- {
- break;
- }
- }
- if (!IsDelete)
- vty_output("Cannot find view %sn",viewName);
- }
- static int dosnmp_view_type(int argc,char *argv[],struct user *u)
- {
- SNMP_VIEW *view =(SNMP_VIEW *)u->struct_p[VIEW];
- struct vacm_viewEntry *vp;
- u_char viewMask[sizeof (vp->viewMask)];
- int i;
- switch((char)*argv[0]){
- case 'i':
- case 'I':
- view->viewType=VIEW_INCLUDED;
- break;
- case 'E':
- case 'e':
- view->viewType=VIEW_EXCLUDED;
- break;
- }
- vp = vacm_getViewEntry (view->viewName, view->viewSubtree, view->viewSubtreeLen);
- if (vp == NULL || vp->viewSubtreeLen != view->viewSubtreeLen)
- {
- if(IsNoPref(u)){
- vty_output("%%Error: Can't find snmp viewn");
- return -1;
- }
- if ((vp = vacm_createViewEntry(view->viewName, view->viewSubtree, view->viewSubtreeLen)) == NULL)
- {
- eng_chi(u, "failed to create view entry, may be view name to long","创建view entry失败,或许是view的名字太长");
- return -1;
- }
- strcpy (vp->subtreeName, view->subtreeName);
- }
- else
- {
- if(IsNoPref(u)){
- if (vp->viewType != view->viewType) {
- vty_output("%%Error: View type errorn");
- return -1;
- }
- vacm_destroyViewEntry(vp->viewName+1, vp->viewSubtree, vp->viewSubtreeLen);
- return 0;
- }
- strcpy (vp->subtreeName, view->subtreeName);
- }
- for (i = 0; i < sizeof(viewMask); i++)
- {
- viewMask[i] = 0xff;
- }
- memcpy(vp->viewMask, viewMask, sizeof(viewMask));
- vp->viewType = view->viewType;
- vp->viewStorageType = SNMP_STORAGE_PERMANENT;
- vp->viewStatus = SNMP_ROW_ACTIVE;
- return 0;
- }
- extern ULONG snmp_source_ip;
- extern int change_session_sourceaddr(uint32 source_ip_addr);
- int dosnmp_srcipaddr(int argc, char *argv[], struct user *u)
- {
- ULONG ipaddr;
- long rc;
- int i;
- if(IsNoPref(u))
- {
- if (cmdend (argc - 1, argv + 1, u))
- return -1;
- else {
- ipaddr = INADDR_ANY;
- goto do_it;
- }
- }
- if(argc ==1){
- cmderror(ERR_INCOM, argv[0], u);
- return -1;
- }
- else{
- i = getaddress(&ipaddr, argc, argv, u);
- switch(i){
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, "A.B.C.D -- Source IP Address", "A.B.C.D -- Source IP Address");
- return 1;
- case ARG_GENER:
- case ARG_PARAM:
- return i;
- }
- }
- if ((rc = cmdend(argc-2, argv+2, u)))
- return rc;
- do_it:
- if (snmp_source_ip !=ipaddr)
- {
- if (ipaddr!=INADDR_ANY)
- {
- DEVICE_ID ifid;
- ifid= if_withaddr(ipaddr);
- if (ifid ==0) {
- vty_output("%s is not local ip addressn",snmp_ntoa(ipaddr));
- return -1;
- }
- }
- snmp_source_ip= ipaddr;
- change_session_sourceaddr(snmp_source_ip);
- }
- return 0;
- }
- static int dosnmp_trace_error(int argc,char *argv[],struct user *u);/*** sun define 2000.07.11 ***/
- static int dosnmp_trace_event(int argc,char *argv[],struct user *u);
- static int dosnmp_trace_packet(int argc,char *argv[],struct user *u);
- extern int verbose;
- extern int snmp_dump_packet;
- void display_snmp_trap(void);
- struct cmds debug_snmp_cmds[] = {
- { "snmp", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0, dosnmp_trace, NULL, NULL, cmdArgc(0,1,0), cmdArgc(0,1,0),
- "snmp -- debug SNMP information",
- "snmp -- 跟踪 SNMP 信息",
- NULLCHAR, NULLCHAR },
- { NULLCHAR }
- };
- struct cmds snmp_trace_cmds[] = {
- { "error", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x01,
- dosnmp_trace_error,NULL,NULL, 0, 0,
- "error -- SNMP error information",
- "error -- SNMP 错误信息",
- NULLCHAR,NULLCHAR},
- { "event", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x02,
- dosnmp_trace_event,NULL,NULL, 0, 0,
- "event -- SNMP event",
- "event -- SNMP 事件",
- NULLCHAR,NULLCHAR},
- { "packet", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0x04,
- dosnmp_trace_packet,NULL,NULL, 0, 0,
- "packet -- SNMP packet",
- "packet -- SNMP 报文",
- NULLCHAR,NULLCHAR},
- { (char *)-1, MATCH_END, 0, 0x10,
- NULL,NULL,NULL,0, 0,
- "<cr>",
- "<cr>",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- extern void snmp_set_dump_verbose (int );
- extern int output_error;
- void snmp_no_debug (void )
- {
- SNMPtrace = 0;
- verbose = 0;
- snmp_dump_packet = 0;
- }
- void snmp_show_debug (uint32 debug_flag)
- {
- if (SNMPtrace!=0){
- vty_output ("SNMP:n");
- if (SNMPtrace & SNMP_DEBUG_ERROR)
- vty_output(" SNMP error debugging is onn");
- if (SNMPtrace & SNMP_DEBUG_EVENT)
- vty_output(" SNMP event debugging is onn");
- if (SNMPtrace & SNMP_DEBUG_PACKETS)
- vty_output(" SNMP packet debugging is onn");
- }
- }
- static int dosnmp_trace(int argc,char *argv[],struct user *u)
- {
- if (argc<2)
- {
- if(IsNoPref(u)){/*no snmp host argv[0]*/
- SNMPtrace = 0;
- verbose = 0;
- snmp_dump_packet = 0;
- set_trace_flag(MODULE_TYPE_SNMP,0xffffffff,snmp_show_debug,snmp_no_debug, 0);
- }else{
- /*display_snmp_trap();*/
- /*yangyuhua(m) 2006-4-24*/
- u->struct_p[3] |=(SNMP_DEBUG_ERROR | (SNMP_DEBUG_EVENT|SNMP_DEBUG_VERBOSE) | SNMP_DEBUG_PACKETS);
- SNMPtrace = (unsigned short)(u->struct_p[2]|u->struct_p[3]);
- snmp_set_dump_verbose (SNMPtrace & SNMP_DEBUG_VERBOSE);
- verbose = SNMPtrace & SNMP_DEBUG_VERBOSE;
- snmp_set_dump_packet(SNMPtrace & SNMP_DEBUG_PACKETS);
- set_trace_flag(MODULE_TYPE_SNMP,SNMPtrace,snmp_show_debug, snmp_no_debug,1);
- output_error = SNMPtrace & SNMP_DEBUG_ERROR;
- }
- return 0;
- }
- u->cmd_mskbits = 0x1F;
- u->struct_p[2] = SNMPtrace;/*reserve origin */
- u->struct_p[3] = 0; /*command modify*/
- if (subcmd(snmp_trace_cmds, &u->cmd_mskbits, argc, argv, u)==0){
- SNMPtrace = (unsigned short)(u->struct_p[2]|u->struct_p[3]);
- snmp_set_dump_verbose (SNMPtrace & SNMP_DEBUG_VERBOSE);
- verbose = SNMPtrace & SNMP_DEBUG_VERBOSE;
- snmp_set_dump_packet(SNMPtrace & SNMP_DEBUG_PACKETS);
- set_trace_flag(MODULE_TYPE_SNMP,SNMPtrace,snmp_show_debug, snmp_no_debug,1);
- output_error = SNMPtrace & SNMP_DEBUG_ERROR;
- }
- return 0;
- }
- void display_snmp_trap(void)
- {
- if (SNMPtrace!=0){
- vty_output("snmp-server trace");
- if (SNMPtrace & SNMP_DEBUG_ERROR)
- vty_output(" error");/*v0.0.3*/
- if (SNMPtrace & SNMP_DEBUG_EVENT)
- vty_output(" event");/*v0.0.3*/
- if (SNMPtrace & SNMP_DEBUG_PACKETS)
- vty_output(" packet");
- vty_output("n");
- }else{
- vty_output("Nonen");
- }
- }
- static int dosnmp_trace_error(int argc,char *argv[],struct user *u)
- {
- u->struct_p[3] |= SNMP_DEBUG_ERROR;
- if (argc>1){
- return subcmd(snmp_trace_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_trace_event(int argc,char *argv[],struct user *u)
- {
- u->struct_p[3] |= (SNMP_DEBUG_EVENT|SNMP_DEBUG_VERBOSE);
- if (argc>1){
- return subcmd(snmp_trace_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- static int dosnmp_trace_packet(int argc,char *argv[],struct user *u)
- {
- u->struct_p[3] |= SNMP_DEBUG_PACKETS;
- if (argc>1){
- return subcmd(snmp_trace_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- BOOL do_showrunning_snmpv3_remote_engineID();
- long snmp_showrunning(DEVICE_ID diID)
- {
- char *pstrName=NULLCHAR;
- int emptyconfiguration = TRUE;
- #ifdef INCLUDE_SNMPV3
- emptyconfiguration =
- do_showrunning_snmpv3_remote_engineID()&&emptyconfiguration;
- emptyconfiguration = display_snmp_group()&&emptyconfiguration;
- emptyconfiguration = display_snmp_user()&&emptyconfiguration;
- #endif
- emptyconfiguration = display_snmp_community()&&emptyconfiguration;
- if(snmp_para.syscontact[0]){
- vty_printf("snmp-server contact ");
- if(isquotation(snmp_para.syscontact))
- vty_printf(""");
- vty_printf("%s",snmp_para.syscontact);
- if(isquotation(snmp_para.syscontact))
- vty_printf(""");
- vty_printf("n");
- emptyconfiguration = FALSE;
- }
- emptyconfiguration = display_snmp_host()&&emptyconfiguration;
- if(snmp_para.syslocation[0]){
- vty_printf("snmp-server location ");
- if(isquotation(snmp_para.syslocation))
- vty_printf(""");
- vty_printf("%s",snmp_para.syslocation);
- if(isquotation(snmp_para.syslocation))
- vty_printf(""");
- vty_printf("n");
- emptyconfiguration = FALSE;
- }
- if(snmp_para.packetsize!=SNMP_DEFAULT_PACKETSIZE){
- vty_printf("snmp-server packetsize %dn",snmp_para.packetsize);
- emptyconfiguration = FALSE;
- }
- if(snmp_para.queuelen!=SNMP_DEFAULT_TRAP_QUEUELEN){
- vty_printf("snmp-server queue-length %dn",snmp_para.queuelen);
- emptyconfiguration = FALSE;
- }
- if(snmp_para.trapsource!=DEVICE_INVALID_ETERNAL_ID){
- interface_omnivorous_callback_newgetname(snmp_para.trapsource, &pstrName);
- vty_printf("snmp-server trap-source %sn",pstrName);
- emptyconfiguration = FALSE;
- if(pstrName)
- sys_mem_free(pstrName);
- }
- if(snmp_para.timeout!=SNMP_DEFAULT_TRAP_TIMEOUT){
- vty_printf("snmp-server trap-timeout %dn",snmp_para.timeout);
- emptyconfiguration = FALSE;
- }
- if(snmp_source_ip!=0){
- vty_printf("snmp-server source-addr %sn",snmp_ntoa(snmp_source_ip));
- emptyconfiguration = FALSE;
- }
- emptyconfiguration = display_snmp_view()&&emptyconfiguration;
- if(emptyconfiguration)
- return INTERFACE_DEVICE_ERROR_EMPTYCONFIGURATION;
- else
- return INTERFACE_GLOBAL_SUCCESS;
- }
- /*SunXi added for BCMP*/
- #ifdef INCLUDE_BCMP
- static char *_snmp_bcmp_cfg_buffer;
- static int _snmp_bcmp_cfg_pos, _snmp_bcmp_cfg_max;
- static int32 snmp_bcmp_vty_rio_fun(char* buffer,int len)
- {
- if (_snmp_bcmp_cfg_max <= _snmp_bcmp_cfg_pos + len)
- {
- _snmp_bcmp_cfg_buffer[_snmp_bcmp_cfg_pos] = 0;
- _snmp_bcmp_cfg_pos = _snmp_bcmp_cfg_max ;
- return 0;
- }
- memcpy(&_snmp_bcmp_cfg_buffer[_snmp_bcmp_cfg_pos], buffer, len);
- _snmp_bcmp_cfg_pos += len;
- _snmp_bcmp_cfg_buffer[_snmp_bcmp_cfg_pos] = 0;
- return len;
- }
- int snmp_bcmp_config(char *buffer, size_t size)
- {
- union vty_output_attribute param, old;
- _snmp_bcmp_cfg_pos = 0;
- _snmp_bcmp_cfg_max = size;
- _snmp_bcmp_cfg_buffer = buffer;
- _snmp_bcmp_cfg_buffer[0] = 0;
- param.rio.rflag = RIO_CUSTOM;
- param.rio.u.function =snmp_bcmp_vty_rio_fun;
- /*save old redirection*/
- vty_output_ctrl(VTY_OUTPUT_GET_REDIRECT, &old);
- vty_output_ctrl(VTY_OUTPUT_SET_REDIRECT, ¶m);
- /*get config*/
- display_snmp_community();
- display_snmp_view();
- /*restore old redirection*/
- vty_output_ctrl(VTY_OUTPUT_SET_REDIRECT, &old);
- return strlen(_snmp_bcmp_cfg_buffer);
- }
- #endif
- int do_show_snmp(int argc, char *argv[], struct user *u);
- int do_show_snmp_host(int argc, char *argv[], struct user *u);
- int do_show_snmp_view(int argc, char *argv[], struct user *u);
- extern void show_snmp(void);
- extern void show_snmp_host(void);
- struct cmds snmp_show_cmds[] = {
- { "snmp", MATCH_AMB, 0, 0, do_show_snmp, NULL, NULL, 0, 0,
- "snmp - SNMP statistics",
- "snmp - SNMP 统计信息",
- NULLCHAR, NULLCHAR
- },
- { NULLCHAR }
- };
- struct cmds snmp_show_host_cmds[] = {
- #ifdef INCLUDE_SNMPV3
- { "engineID", MATCH_AMB, 0, 0, do_show_snmp_engineID, NULL, NULL, 0, 1,
- "engineID - show SNMP engine information",
- "engineID - SNMP 引擎信息",
- NULLCHAR, NULLCHAR
- },
- { "group", MATCH_AMB, 0, 0, do_show_snmp_group, NULL, NULL, 0, 1,
- "group - show SNMP group information",
- "group - SNMP 组信息",
- NULLCHAR, NULLCHAR
- },
- #endif
- { "host", MATCH_AMB, 0, 0, do_show_snmp_host, NULL, NULL, 0, 1,
- "host - show SNMP trap hosts",
- "host - SNMP 陷阱主机信息",
- NULLCHAR, NULLCHAR
- },
- { "view", MATCH_AMB, 0, 0, do_show_snmp_view, NULL, NULL, 0, 1,
- "view - show SNMP views",
- "view - SNMP 视图信息",
- NULLCHAR, NULLCHAR
- },
- #ifdef INCLUDE_SNMPV3
- { "user", MATCH_AMB, 0, 0, do_show_snmp_user, NULL, NULL, 0, 1,
- "user - show SNMP group information",
- "user - SNMP 组信息",
- NULLCHAR, NULLCHAR
- },
- #endif
- { (char *)-1, MATCH_END, 0, 0,
- NULL,NULL,NULL,0, 0,
- "<cr>",
- "结束",
- NULLCHAR ,NULLCHAR},
- {NULLCHAR}
- };
- int do_show_snmp(int argc, char *argv[], struct user *u)
- {
- if (argc <= 1)
- {
- show_snmp();
- }
- else
- {
- return subcmd(snmp_show_host_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- return 0;
- }
- int do_show_snmp_host(int argc, char *argv[], struct user *u)
- {
- show_snmp_host();
- return 0;
- }
- void display_view (struct vacm_viewEntry *vp)
- {
- char buf[512], buf1[128], buf2[16];
- int len;
- if (vp->viewMaskLen == 0)
- strcpy (buf1, "-");
- else
- {
- sprintf (buf1, "%X", vp->viewMask[0]);
- for (len = 1; len < vp->viewMaskLen; len ++)
- {
- sprintf (buf2, ":%X", vp->viewMask[len]);
- }
- }
- sprint_objid(buf,vp->viewSubtree,vp->viewSubtreeLen);
- vty_printf("%s %s %s %s %s %sn",
- vp->viewName+1,translate_objid(buf), buf1,
- vp->viewType==VIEW_INCLUDED?"included":"excluded",snmp_storage_trans[vp->viewStorageType],
- snmp_status_trans[vp->viewStatus]);
- }
- int do_show_snmp_view(int argc, char *argv[], struct user *u)
- {
- if (vacm_walkThrViewEntry (display_view))
- {
- vty_printf_end(1);
- }
- else
- {
- vty_printf ("Nonen");
- vty_printf_end(1);
- }
- return 0;
- }
- /*copied and modified from vacm_parse_access, file snmplibvacm.c
- Sunxi, Feb 23, 2004, for SNMPv3*/
- void vacm_parse_access_bdcom(const char *name, int model, int level,
- const char *readview, const char *writeview, const char *notifyview,
- const char *ipacl)
- {
- struct vacm_accessEntry *ap;
- if (model != SNMP_SEC_MODEL_ANY &&
- model != SNMP_SEC_MODEL_SNMPv1 &&
- model != SNMP_SEC_MODEL_SNMPv2c &&
- model != SNMP_SEC_MODEL_USM) {
- vty_output("%%Error: bad security model (any, v1, v2c, usm)n");
- return;
- }
- if (level != SNMP_SEC_LEVEL_NOAUTH &&
- level != SNMP_SEC_LEVEL_AUTHNOPRIV &&
- level != SNMP_SEC_LEVEL_AUTHPRIV) {
- vty_output("%%Error: bad security level (noauthnopriv, authnopriv, authpriv)n");
- return;
- }
- if (readview != NULL && strlen(readview)+1 > sizeof(ap->readView)) {
- vty_output("%%Error: readView too longn");
- return;
- }
- if (writeview != NULL && strlen(writeview)+1 > sizeof(ap->writeView)) {
- vty_output("%%Error: writeView too longn");
- return;
- }
- if (notifyview != NULL && strlen(notifyview)+1 > sizeof(ap->notifyView)) {
- vty_output("%%Error: notifyView too longn");
- return;
- }
- if (ipacl != NULL && strlen(ipacl)+1 > sizeof(ap->access_list)) {
- vty_output("%%Error: ip access list too longn");
- return;
- }
- ap = vacm_getAccessEntry(name, "", model, SNMP_SEC_LEVEL_AUTHPRIV);
- if (ap == NULL) {
- ap = vacm_createAccessEntry (name, "", model, level);
- if (!ap) {
- vty_output("%%Error: failed to create access entryn");
- return;
- }
- } else {
- ap->readView[0] = 0;
- ap->writeView[0] = 0;
- ap->notifyView[0] = 0;
- ap->access_list[0] = 0;
- ap->securityLevel = level;
- ap->securityModel = model;
- }
- strcpy(ap->readView, readview);
- if (writeview != NULL)
- strcpy(ap->writeView, writeview);
- if (notifyview != NULL)
- strcpy(ap->notifyView, notifyview);
- if (ipacl != NULL)
- strcpy(ap->access_list, ipacl);
- ap->contextMatch = CONTEXT_MATCH_EXACT;
- ap->storageType = SNMP_STORAGE_NONVOLATILE;
- ap->status = SNMP_ROW_ACTIVE;
- free (ap->reserved);
- ap->reserved = NULL;
- }
- /*copied and modified from vacm_parse_group, file snmplibvacm.c
- Sunxi, Feb 23, 2004, for SNMPv3*/
- void vacm_parse_group_bdcom(const char *group, const char *security, int model)
- {
- struct vacm_groupEntry *gp;
- if (group == NULL || *group == 0) {
- vty_output("%%Error: missing GROUP parametern");
- return;
- }
- if (security == NULL || *security == 0) {
- vty_output("%%Error: missing SECURITY parametern");
- return;
- }
- if (model != SNMP_SEC_MODEL_SNMPv1 &&
- model != SNMP_SEC_MODEL_SNMPv2c &&
- model != SNMP_SEC_MODEL_USM) {
- vty_output("%%Error: bad security model, should be: v1, v2c or usmn");
- return;
- }
- if (strlen(security)+1 > sizeof(gp->groupName)) {
- vty_output("%%Error: security name too longn");
- return;
- }
- /*destroy the old one*/
- gp = vacm_getGroupEntry(model, security);
- if (gp == NULL) {
- gp = vacm_createGroupEntry(model, security);
- if (!gp) {
- vty_output("%%Error: failed to create group entryn");
- return;
- }
- }
- strcpy (gp->groupName, group);
- gp->storageType = SNMP_STORAGE_PERMANENT;
- gp->status = SNMP_ROW_ACTIVE;
- free (gp->reserved);
- gp->reserved = NULL;
- }
- /*copied and modified from usm_parse_config_usmUser, file snmplibsnmpusm.c
- Sunxi, Feb 24, 2004, for SNMPv3*/
- struct usmUser *
- usm_parse_config_user_bdcom(const char * name,
- oid * authProtocol, size_t authProtocolLen,
- oid * privProtocol, size_t privProtocolLen,
- char *password,
- char *snmpEngineID, size_t snmpEngineIDLen)
- {
- struct usmUser *user;
- int ret;
- u_char userKey[SNMP_MAXBUF_SMALL];
- size_t userKeyLen = SNMP_MAXBUF_SMALL;
- user = usm_create_initial_user(name, authProtocol, authProtocolLen, privProtocol, privProtocolLen);
- if (user == NULL)
- return NULL;
- if (snmpEngineID != NULL) {
- if (user->engineIDLen < snmpEngineIDLen) {
- free(user->engineID);
- user->engineID = malloc(user->engineIDLen);
- } else {
- memset(user->engineID, 0, user->engineIDLen);
- }
- memcpy(user->engineID, snmpEngineID, snmpEngineIDLen);
- user->engineIDLen = snmpEngineIDLen;
- }
- SNMP_FREE(user->cloneFrom);
- user->cloneFrom = NULL;
- user->cloneFromLen = 0;
- if (password != NULL && strlen(password) != 0) {
- ret = generate_Ku(user->authProtocol, user->authProtocolLen,
- (u_char *)password, strlen(password),
- userKey, &userKeyLen );
- if (ret != SNMPERR_SUCCESS) {
- vty_output("%%Error: Generating auth key from pass phrase.n");
- usm_free_user(user);
- return NULL;
- }
- user->authKeyLen =
- sc_get_properlength(user->authProtocol, user->authProtocolLen);
- user->authKey = (u_char *) malloc(user->authKeyLen);
- ret = generate_kul(user->authProtocol, user->authProtocolLen,
- user->engineID, user->engineIDLen,
- userKey, userKeyLen,
- user->authKey, &user->authKeyLen );
- if (ret != SNMPERR_SUCCESS) {
- vty_output("%%Error: Generating auth key from pass phrase.n");
- usm_free_user(user);
- return NULL;
- }
- user->privKey = (u_char *) malloc(user->authKeyLen);
- user->privKeyLen = user->authKeyLen;
- memcpy(user->privKey, user->authKey, user->privKeyLen);
- }
- user->userPublicString = NULL;
- user->userStorageType = ST_NONVOLATILE;
- user->password_plaintext = strdup(password);
- return user;
- }
- /*create ucd_snmpv3 access control structs with community name
- copied by sxf from ucd_snmpv3 function vacm_parse_simple(vacm_vars.c)*/
- static void CreateSnmpComm (SNMP_COMMUNITY *snmp_para_comm)
- {
- char *theoid = ".1.3.6.1";
- char *authType = "noauth";
- char *addressname = "default";
- char rw[SNMP_MAX_COMMUNITY_LEN+16];
- char line[3*SNMP_MAX_COMMUNITY_LEN];
- struct vacm_securityEntry *vp;
- /*if the entry exists, delete it and then insert a new entry*/
- vacm_DestroyCommunity (snmp_para_comm->name);
- strcpy (rw, "none");
- if (snmp_para_comm->privilege == READWRITE)
- {
- if ((snmp_para_comm->viewname)[0] == '�')
- {
- sprintf (rw, "__vn%s", snmp_para_comm->name);
- }
- else
- {
- strcpy (rw, snmp_para_comm->viewname);
- }
- }
- /*add security virtual name*/
- sprintf(line,"__sn%s %s %s", snmp_para_comm->name, addressname, snmp_para_comm->name);
- vacm_parse_security("com2sec",line);
- /*add virtual group name*/
- sprintf(line,"__gn%s v1 __sn%s", snmp_para_comm->name, snmp_para_comm->name);
- vacm_parse_group("group",line);
- sprintf(line,"__gn%s v2c __sn%s", snmp_para_comm->name, snmp_para_comm->name);
- vacm_parse_group("group",line);
- /*add virtual view if viewname is NULL*/
- if ((snmp_para_comm->viewname)[0] == '�')
- {
- sprintf(line,"__vn%s included %s", snmp_para_comm->name, theoid);
- vacm_parse_view("view",line);
- /*create virtual access*/
- sprintf(line, "__gn%s "" any %s exact __vn%s %s %s", snmp_para_comm->name,
- authType, snmp_para_comm->name, rw, rw);
- vacm_parse_access("access",line);
- }
- else
- {
- /*create virtual access*/
- sprintf(line, "__gn%s "" any %s exact %s %s %s", snmp_para_comm->name,
- authType, snmp_para_comm->viewname, rw, rw);
- vacm_parse_access("access",line);
- }
- if ((vp = vacm_FindSecEntryByCommName (snmp_para_comm->name)) != NULL)
- {
- strcpy (vp->access_list, snmp_para_comm->access_list);
- strcpy (vp->viewname, snmp_para_comm->viewname);
- vp->privilege = snmp_para_comm->privilege;
- }
- }
- #ifdef INCLUDE_SNMPV3
- /*
- * snmpv3 group commands
- * u->struct_p[0]: SNMP Security Modely, ie., SNMP version
- * u->struct_p[1]: for version 3: authPriv or authNoPriv or NoAuthNoPriv;
- * for other version, not use
- * u->struct_p[2]: access list
- * u->struct_p[3]: notify view
- * u->struct_p[4]: read view
- * u->struct_p[5]: write view
- *
- */
- #define SNMPV3_GROUP_VER_INDEX 0
- #define SNMPV3_GROUP_AP_INDEX 1
- #define SNMPV3_GROUP_ACL_INDEX 2
- #define SNMPV3_GROUP_NOTIFY_INDEX 3
- #define SNMPV3_GROUP_READ_INDEX 4
- #define SNMPV3_GROUP_WRITE_INDEX 5
- #define SNMPV3_GROUP_VIEW_NOTIFY 0x01
- #define SNMPV3_GROUP_VIEW_READ 0x02
- #define SNMPV3_GROUP_VIEW_WRITE 0x04
- #define SNMPV3_GROUP_ACL 0x08
- static int dosnmp_group_acl(int argc,char *argv[],struct user *u);
- static int dosnmp_group_view(int argc,char *argv[],struct user *u);
- static struct cmds snmp_group_view_access_cmds[] = {
- { "access", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_GROUP_ACL,
- dosnmp_group_acl,NULL,NULL, 0, 0,
- "access -- specify an access-list associated with this group",
- "access -- 为该组指定访问控制列表",
- NULLCHAR,NULLCHAR
- },
- { "notify", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_GROUP_VIEW_NOTIFY,
- dosnmp_group_view,NULL,NULL, 0, 0,
- "notify -- specify a notify view for the group",
- "notify -- 为该组指定通知视图",
- NULLCHAR,NULLCHAR
- },
- { "read", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_GROUP_VIEW_READ,
- dosnmp_group_view,NULL,NULL, 0, 0,
- "read -- specify a read view for the group",
- "read -- 为该组指定读操作视图",
- NULLCHAR,NULLCHAR
- },
- { "write", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_GROUP_VIEW_WRITE,
- dosnmp_group_view,NULL,NULL, 0, 0,
- "write -- specify a write view for the group",
- "write -- 为该组指定写操作视图",
- NULLCHAR,NULLCHAR
- },
- { DUMMYSTR, MATCH_END, cmdPref(0, 0, 0), 0,
- NULL,NULL,NULL, 0, 0,
- "<cr>",
- "<cr>",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- static int dosnmp_group_acl(int argc,char *argv[],struct user *u)
- {
- char *name;
- switch(getstrrc(&name, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- Name of access list",
- " WORD -- 访问列表的名字");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_GROUP_ACL_INDEX] = (int)name;
- if (argc > 1)
- return subcmd(snmp_group_view_access_cmds, &u->cmd_mskbits, argc, argv, u);
- else
- return 0;
- }
- static int dosnmp_group_view(int argc,char *argv[],struct user *u)
- {
- char *name;
- int index;
- switch ((char)*argv[0])
- {
- case 'n':case 'N':
- index = SNMPV3_GROUP_NOTIFY_INDEX;
- break;
- case 'r':case 'R':
- index = SNMPV3_GROUP_READ_INDEX;
- break;
- case 'w':case 'W':
- index = SNMPV3_GROUP_WRITE_INDEX;
- break;
- default:
- assert(0);
- }
- switch(getstrrc(&name, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- Name of view",
- " WORD -- 视图的名字");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[index] = (unsigned long)name;
- if (argc > 1)
- return subcmd(snmp_group_view_access_cmds, &u->cmd_mskbits, argc, argv, u);
- else
- return 0;
- }
- #define SNMPV3_GROUP_AUTHNOPRIV 0x01
- #define SNMPV3_GROUP_NOAUTHNOPRIV 0x02
- #define SNMPV3_GROUP_AUTHPRIV 0x04
- static int dosnmp_group_authpriv_para(int argc,char *argv[],struct user *u)
- {
- if ((u->cmd_mskbits & SNMPV3_GROUP_AUTHNOPRIV) == 0)
- {
- u->struct_p[SNMPV3_GROUP_AP_INDEX] = SNMP_SEC_LEVEL_AUTHNOPRIV;
- }
- else if ((u->cmd_mskbits & SNMPV3_GROUP_NOAUTHNOPRIV) == 0)
- {
- u->struct_p[SNMPV3_GROUP_AP_INDEX] = SNMP_SEC_LEVEL_NOAUTH;
- }
- else if ((u->cmd_mskbits & SNMPV3_GROUP_AUTHPRIV) == 0)
- {
- u->struct_p[SNMPV3_GROUP_AP_INDEX] = SNMP_SEC_LEVEL_AUTHPRIV;
- }
- if (IsNoPref(u)) {
- int rc;
- if ((rc = cmdend(--argc, ++argv, u)))
- return rc;
- return 0;
- }
- u->cmd_mskbits = -1;
- if (argc > 1)
- return subcmd(snmp_group_view_access_cmds, &u->cmd_mskbits, argc, argv, u);
- else
- return 0;
- }
- static struct cmds snmp_group_authpriv_cmds[] = {
- { "auth", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_AUTHNOPRIV,
- dosnmp_group_authpriv_para,NULL,NULL, 0, 0,
- "auth -- Specifies authentication of a packet without encrypting it",
- "auth -- 该组需要认证但不加密",
- NULLCHAR,NULLCHAR
- },
- { "noauth", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_NOAUTHNOPRIV,
- dosnmp_group_authpriv_para,NULL,NULL, 0, 0,
- "noauth -- Specifies no authentication of a packet",
- "noauth -- 该组既不需要认证也不需要加密",
- NULLCHAR,NULLCHAR
- },
- { "priv", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_AUTHPRIV,
- dosnmp_group_authpriv_para,NULL,NULL, 0, 0,
- "priv -- Specifies authentication of a packet with encryption",
- "priv -- 该组需要认证和加密",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- #define SNMPV3_GROUP_SECURITY_V1 0x01
- #define SNMPV3_GROUP_SECURITY_V2c 0x02
- #define SNMPV3_GROUP_SECURITY_V3 0x04
- static int dosnmp_group_security(int argc,char *argv[],struct user *u)
- {
- if ((u->cmd_mskbits & SNMPV3_GROUP_SECURITY_V1) == 0)
- {
- u->struct_p[SNMPV3_GROUP_VER_INDEX] = SNMP_SEC_MODEL_SNMPv1;
- }
- else if ((u->cmd_mskbits & SNMPV3_GROUP_SECURITY_V2c) == 0)
- {
- u->struct_p[SNMPV3_GROUP_VER_INDEX] = SNMP_SEC_MODEL_SNMPv2c;
- }
- else if ((u->cmd_mskbits & SNMPV3_GROUP_SECURITY_V3) == 0)
- {
- u->struct_p[SNMPV3_GROUP_VER_INDEX] = SNMP_SEC_MODEL_USM;
- }
- u->cmd_mskbits = -1;
- if (u->struct_p[SNMPV3_GROUP_VER_INDEX] == SNMP_SEC_MODEL_USM)
- {
- return subcmd(snmp_group_authpriv_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- else
- {
- return subcmd(snmp_group_view_access_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- }
- static struct cmds snmp_group_cmds[] = {
- { "v1", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_SECURITY_V1,
- dosnmp_group_security,NULL,NULL, 0, 0,
- "v1 -- group using the v1 security model",
- "v1 -- 该组使用SNMPv1安全模型",
- NULLCHAR,NULLCHAR
- },
- { "v2c", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_SECURITY_V2c,
- dosnmp_group_security,NULL,NULL, 0, 0,
- "v2c -- group using the v2c security model",
- "v2c -- 该组使用SNMPv2c安全模型",
- NULLCHAR,NULLCHAR
- },
- { "v3", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_GROUP_SECURITY_V3,
- dosnmp_group_security,NULL,NULL, 0, 0,
- "v3 -- group using the User Security Model (SNMPv3)",
- "v3 -- 该组使用基于用户的安全模型",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- static int dosnmp_group(int argc,char *argv[],struct user *u)
- {
- char *name;
- int rc;
- switch(getstrrc(&name, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- Name of the group",
- " WORD -- 组的名字");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- memset((void *)u->struct_p, 0, sizeof(u->struct_p));
- u->cmd_mskbits = -1;
- rc = subcmd(snmp_group_cmds, &u->cmd_mskbits, argc, argv, u);
- if (rc != 0)
- return rc;
- if (IsNoPref(u)) {
- vacm_destroyAccessEntry(name, "",
- u->struct_p[SNMPV3_GROUP_VER_INDEX], u->struct_p[SNMPV3_GROUP_AP_INDEX]);
- return 0;
- }
- if (u->struct_p[SNMPV3_GROUP_READ_INDEX] == NULL)
- u->struct_p[SNMPV3_GROUP_READ_INDEX] = (int)SNMPV3_DEFAULT_VIEW;
- vacm_parse_access_bdcom(name, u->struct_p[SNMPV3_GROUP_VER_INDEX], u->struct_p[SNMPV3_GROUP_AP_INDEX],
- (const char *)u->struct_p[SNMPV3_GROUP_READ_INDEX], (const char *)u->struct_p[SNMPV3_GROUP_WRITE_INDEX], (const char *)u->struct_p[SNMPV3_GROUP_NOTIFY_INDEX],
- (const char *)u->struct_p[SNMPV3_GROUP_ACL_INDEX]);
- return 0;
- }
- /*show running group*/
- static void display_a_group(struct vacm_accessEntry *group)
- {
- vty_printf("snmp-server group %s ", &group->groupName[1]);
- switch(group->securityModel) {
- case SNMP_SEC_MODEL_SNMPv1:
- vty_printf("v1 ");
- break;
- case SNMP_SEC_MODEL_SNMPv2c:
- vty_printf("v2c ");
- break;
- case SNMP_SEC_MODEL_USM:
- vty_printf("v3 ");
- switch(group->securityLevel) {
- case SNMP_SEC_LEVEL_NOAUTH:
- vty_printf("noauth ");
- break;
- case SNMP_SEC_LEVEL_AUTHNOPRIV:
- vty_printf("auth ");
- break;
- case SNMP_SEC_LEVEL_AUTHPRIV:
- vty_printf("priv ");
- break;
- }
- break;
- }
- if (strcasecmp(group->readView, SNMPV3_DEFAULT_VIEW) != 0)
- vty_printf("read %s ", group->readView);
- if (group->writeView[0] != 0)
- vty_printf("write %s ", group->writeView);
- if (group->notifyView[0] != 0)
- vty_printf("notify %s ", group->notifyView);
- if (group->access_list[0] != 0)
- vty_printf("access %s", group->access_list);
- vty_printf("n");
- }
- static int display_snmp_group()
- {
- return vacm_walkThrAccessEntry(display_a_group);
- }
- /*show commands*/
- static void show_a_group(struct vacm_accessEntry *group)
- {
- vty_printf("groupname: %sn", group->groupName);
- vty_printf("security model: ");
- switch(group->securityModel) {
- case SNMP_SEC_MODEL_SNMPv1:
- vty_printf("v1 ");
- break;
- case SNMP_SEC_MODEL_SNMPv2c:
- vty_printf("v2c ");
- break;
- case SNMP_SEC_MODEL_USM:
- vty_printf("v3 ");
- switch(group->securityLevel) {
- case SNMP_SEC_LEVEL_NOAUTH:
- vty_printf("noauth ");
- break;
- case SNMP_SEC_LEVEL_AUTHNOPRIV:
- vty_printf("auth ");
- break;
- case SNMP_SEC_LEVEL_AUTHPRIV:
- vty_printf("priv ");
- break;
- }
- break;
- }
- vty_printf("n");
- vty_printf("read: %s n", (strcasecmp(group->readView, SNMPV3_DEFAULT_VIEW) != 0) ?
- group->readView : "default");
- vty_printf("write: %s n", (strlen(group->writeView) != 0) ?
- group->writeView : "<no writeview specified>");
- vty_printf("notify: %s n", (strlen(group->notifyView) != 0) ?
- group->notifyView : "<no notifyview specified>");
- if (strlen(group->access_list) != 0)
- vty_printf("access list: %sn", group->access_list);
- vty_printf("n");
- }
- static int do_show_snmp_group(int argc,char *argv[],struct user *u)
- {
- int rc;
- if ((rc = cmdend(--argc, ++argv, u)))
- return rc;
- vacm_walkThrAccessEntry(show_a_group);
- vty_printf_end(1);
- return 0;
- }
- /*
- * snmpv3 user commands
- * u->struct_p[0]: SNMP Security Modely, ie., SNMP version
- * u->struct_p[1]: for version 3: authPriv or authNoPriv or NoAuthNoPriv;
- * for other version, not use
- * u->struct_p[2]: remote flag
- * u->struct_p[3]: remote host
- * u->struct_p[4]: remote port
- * u->struct_p[5]: auth digest method, md5 or sha
- * u->struct_p[6]: auth password
- * u->struct_p[7]: access list
- *
- */
- #define SNMPV3_USER_VER_INDEX 0
- #define SNMPV3_USER_AP_INDEX 1
- #define SNMPV3_USER_REMOTE_INDEX 2
- #define SNMPV3_USER_REMOTE_HOST_INDEX 3
- #define SNMPV3_USER_REMOTE_PORT_INDEX 4
- #define SNMPV3_USER_AUTHMETHOD_INDEX 5
- #define SNMPV3_USER_AUTHPSWD_INDEX 6
- #define SNMPV3_USER_ACL_INDEX 7
- static int dosnmp_user_authpriv_para(int argc,char *argv[],struct user *u);
- #define SNMPV3_USER_AUTH 0x01
- #define SNMPV3_USER_AUTH_MD5 0x02
- #define SNMPV3_USER_AUTH_SHA 0x04
- #define SNMPV3_USER_ENCRY 0x08
- #define SNMPV3_USER_ACL 0x10
- #define SNMPV3_USER_CR 0x80000000
- #define SNMPV3_USER_SECURITY_V1 0x01
- #define SNMPV3_USER_SECURITY_V2c 0x02
- #define SNMPV3_USER_SECURITY_V3 0x04
- #define SNMPV3_USER_REMOTE 0x08
- #define SNMPV3_USER_REMOTE_PORT 0x10
- static int dosnmp_user_auth(int argc, char *argv[],struct user *u);
- static int dosnmp_user_encry(int argc, char *argv[],struct user *u);
- static int dosnmp_user_acl(int argc,char *argv[],struct user *u)
- {
- char *acl;
- int rc;
- switch(getstrrc(&acl, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- IP accesslist allowing access with this username",
- " WORD -- 该用户使用的IP访问列表");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- if ((rc = cmdend(--argc, ++argv, u)))
- return rc;
- u->struct_p[SNMPV3_USER_ACL_INDEX] = (unsigned long)acl;
- return 0;
- }
- static struct cmds snmp_user_authprivacl_cmds[] = {
- { "auth", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_USER_AUTH,
- dosnmp_user_auth,NULL,NULL, 0, 0,
- "auth -- Specifies authentication parameters for the user",
- "auth -- 设定用户的认证参数",
- NULLCHAR,NULLCHAR
- },
- { "md5", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_USER_AUTH_MD5,
- dosnmp_user_authpriv_para,NULL,NULL, 0, 0,
- "md5 -- Use HMAC MD5 algorithm for authentication",
- "md5 -- 使用MD5算法",
- NULLCHAR,NULLCHAR
- },
- { "sha", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_USER_AUTH_SHA,
- dosnmp_user_authpriv_para,NULL,NULL, 0, 0,
- "sha -- Use HMAC SHA algorithm for authentication",
- "sha -- 使用SHA算法",
- NULLCHAR,NULLCHAR
- },
- { "encrypted", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_USER_ENCRY,
- dosnmp_user_encry,NULL,NULL, 0, 0,
- "encrypted -- specifying passwords as MD5 or SHA digests",
- "encrypted -- 用户的密码",
- NULLCHAR,NULLCHAR
- },
- { "access", MATCH_AMB, cmdPref(0, 0, 0), SNMPV3_USER_ACL,
- dosnmp_user_acl,NULL,NULL, 0, 0,
- "access -- specify an access-list associated with this user",
- "access -- 指定该用户的访问控制列表",
- NULLCHAR,NULLCHAR
- },
- { DUMMYSTR, MATCH_END, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_CR,
- NULL,NULL,NULL, 0, 0,
- "<cr>",
- "<cr>",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- static int dosnmp_user_auth(int argc, char *argv[],struct user *u)
- {
- u->struct_p[SNMPV3_USER_AP_INDEX] |= SNMPV3_USER_AUTH;
- u->cmd_mskbits = SNMPV3_USER_AUTH_MD5|SNMPV3_USER_AUTH_SHA;
- return subcmd(snmp_user_authprivacl_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_user_encry(int argc, char *argv[],struct user *u)
- {
- u->struct_p[SNMPV3_USER_AP_INDEX] = SNMPV3_USER_ENCRY;
- /*encrypted命令后只能是auth命令*/
- u->cmd_mskbits = SNMPV3_USER_AUTH;
- return subcmd(snmp_user_authprivacl_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_user_authpriv_para(int argc, char *argv[],struct user *u)
- {
- char *password;
- if ((u->cmd_mskbits & SNMPV3_USER_AUTH_MD5) == 0)
- u->struct_p[SNMPV3_USER_AUTHMETHOD_INDEX] = SNMPV3_USER_AUTH_MD5;
- else
- u->struct_p[SNMPV3_USER_AUTHMETHOD_INDEX] = SNMPV3_USER_AUTH_SHA;
- switch(getstrrc(&password, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- authentication pasword for user",
- " WORD -- 用户的密码");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_USER_AUTHPSWD_INDEX] = (unsigned long)password;
- if (argc > 1) {
- u->cmd_mskbits = SNMPV3_USER_ACL|SNMPV3_USER_CR;
- return subcmd(snmp_user_authprivacl_cmds, &u->cmd_mskbits, argc, argv, u);
- } else
- return 0;
- }
- static int dosnmp_user_security(int argc,char *argv[],struct user *u)
- {
- if ((u->cmd_mskbits & SNMPV3_USER_SECURITY_V1) == 0)
- {
- u->struct_p[SNMPV3_USER_VER_INDEX] = SNMP_SEC_MODEL_SNMPv1;
- }
- else if ((u->cmd_mskbits & SNMPV3_USER_SECURITY_V2c) == 0)
- {
- u->struct_p[SNMPV3_USER_VER_INDEX] = SNMP_SEC_MODEL_SNMPv2c;
- }
- else if ((u->cmd_mskbits & SNMPV3_USER_SECURITY_V3) == 0)
- {
- u->struct_p[SNMPV3_USER_VER_INDEX] = SNMP_SEC_MODEL_USM;
- }
- if (u->struct_p[SNMPV3_USER_VER_INDEX] == SNMP_SEC_MODEL_USM)
- {
- u->cmd_mskbits = SNMPV3_USER_ENCRY|SNMPV3_USER_AUTH|SNMPV3_USER_ACL;
- }
- else
- {
- u->cmd_mskbits = SNMPV3_USER_ACL;
- }
- u->cmd_mskbits |= SNMPV3_USER_CR;
- if (argc > 1)
- return subcmd(snmp_user_authprivacl_cmds, &u->cmd_mskbits, argc, argv, u);
- else return 0;
- }
- static int dosnmp_user_remote_host(int argc,char *argv[],struct user *u);
- static int dosnmp_user_remote_port(int argc,char *argv[],struct user *u);
- static struct cmds snmp_user_version_remote_cmds[] = {
- { "v1", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_SECURITY_V1,
- dosnmp_user_security,NULL,NULL, 0, 0,
- "v1 -- user using the v1 security model",
- "v1 -- 该用户使用SNMPv1安全模型",
- NULLCHAR,NULLCHAR
- },
- { "v2c", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_SECURITY_V2c,
- dosnmp_user_security,NULL,NULL, 0, 0,
- "v2c -- user using the v2c security model",
- "v2c -- 该用户使用SNMPv2c安全模型",
- NULLCHAR,NULLCHAR
- },
- { "v3", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_SECURITY_V3,
- dosnmp_user_security,NULL,NULL, 0, 0,
- "v3 -- user using the v3 security model",
- "v3 -- 该用户使用基于用户的安全模型",
- NULLCHAR,NULLCHAR
- },
- { "remote", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_REMOTE,
- dosnmp_user_remote_host,NULL,NULL, 0, 0,
- "remote -- Specify a remote SNMP entity to which the user belongs",
- "remote -- 指定该用户所属的远端SNMP实体",
- NULLCHAR,NULLCHAR
- },
- { "udp-port", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_USER_REMOTE_PORT,
- dosnmp_user_remote_port,NULL,NULL, 0, 0,
- "udp-port -- The remote SNMP entity's UDP port number",
- "udp-port -- 远端SNMP实体的UDP端口号",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- static int dosnmp_user_remote_host(int argc,char *argv[],struct user *u)
- {
- uint32 remoteaddr;
- switch(getaddress((unsigned long *)&remoteaddr, argc--, argv++, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " A.B.C.D -- IP address of remote SNMP entity",
- " A.B.C.D -- 远端SNMP实体的IP地址");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX] = remoteaddr;
- u->cmd_mskbits |= SNMPV3_USER_REMOTE_PORT;
- return subcmd(snmp_user_version_remote_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_user_remote_port(int argc,char *argv[],struct user *u)
- {
- uint32 remoteport;
- switch(getuintrc((unsigned long *)&remoteport, argc--, argv++, 0, 65535, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " <0-65535> -- The remote SNMP entity's UDP port number",
- " <0-65535> -- 远端SNMP实体的端口号");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX] = remoteport;
- u->cmd_mskbits = ~(SNMPV3_USER_REMOTE_PORT|SNMPV3_USER_REMOTE);
- return subcmd(snmp_user_version_remote_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_user(int argc,char *argv[],struct user *u)
- {
- char *username, *group;
- oid *privproto = usmNoPrivProtocol, *authproto = usmNoAuthProtocol;
- size_t privprotoLen = sizeof(usmNoPrivProtocol)/sizeof(oid),
- authprotoLen = sizeof(usmNoAuthProtocol)/sizeof(oid);
- char snmpEngineId[SNMP_MAX_ENG_SIZE], *pEid = NULL;
- size_t snmpEngineIdLen;
- int rc;
- struct usmUser *user;
- switch(getstrrc(&username, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- The name of the user on the host that connects to the agent",
- " WORD -- 用户的名字");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- switch(getstrrc(&group, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- Group to which the user belongs",
- " WORD -- 用户的所属的组");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- memset((void *)u->struct_p, 0, sizeof(u->struct_p));
- u->cmd_mskbits = ~SNMPV3_USER_REMOTE_PORT;
- rc = subcmd(snmp_user_version_remote_cmds, &u->cmd_mskbits, argc, argv, u);
- if (rc != 0)
- return rc;
- if (u->struct_p[SNMPV3_USER_AP_INDEX] & SNMPV3_USER_ENCRY)
- {
- privproto = usmDESPrivProtocol;
- privprotoLen = sizeof(usmDESPrivProtocol)/sizeof(oid);
- }
- if (u->struct_p[SNMPV3_USER_AP_INDEX] & SNMPV3_USER_AUTH)
- {
- if (u->struct_p[SNMPV3_USER_AUTHMETHOD_INDEX] == SNMPV3_USER_AUTH_MD5)
- {
- authproto = usmHMACMD5AuthProtocol;
- authprotoLen = sizeof(usmHMACMD5AuthProtocol)/sizeof(oid);
- }
- else
- {
- authproto = usmHMACSHA1AuthProtocol;
- authprotoLen = sizeof(usmHMACSHA1AuthProtocol)/sizeof(oid);
- }
- }
- if (u->struct_p[SNMPV3_USER_ACL_INDEX] != 0) {
- if (strlen((char*)(u->struct_p[SNMPV3_USER_ACL_INDEX])) > sizeof(user->access_list)) {
- vty_output("%%Error: Access list too long.n");
- return 0;
- }
- }
- /*check if any duplicate snmp users ? */
- memset((void *)snmpEngineId, 0, sizeof(snmpEngineId));
- if (u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX] != 0) {
- if (u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX] == 0)
- u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX] = SNMP_TRAP_PORT;
- pEid = snmpv3_get_remote_engineID(snmp_ntoa(u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX]),
- u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX]);
- if (pEid == NULL && !IsNoPref(u)) {
- vty_output("%%Error: No snmpEngineID configured for remote snmp host %s port %d.n",
- snmp_ntoa(u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX]), u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX]);
- return 0;
- }
- user = usm_get_user(pEid, SNMP_MAX_ENG_SIZE, username);
- if (user != NULL) {
- usm_remove_user(user);
- usm_free_user(user);
- snmpv3_dec_remote_engineID_reference(snmp_ntoa(u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX]),
- u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX]);
- }
- snmpEngineIdLen = SNMP_MAX_ENG_SIZE;
- } else {
- snmpEngineIdLen = snmpv3_get_engineID(snmpEngineId, sizeof(snmpEngineId));
- user = usm_get_user(snmpEngineId, snmpEngineIdLen, username);
- if (user != NULL) {
- usm_remove_user(user);
- usm_free_user(user);
- }
- }
- if (IsNoPref(u)) {
- vacm_destroyGroupEntry(u->struct_p[SNMPV3_USER_VER_INDEX], username);
- return 0;
- }
- user = usm_parse_config_user_bdcom(username,
- authproto, authprotoLen, privproto, privprotoLen,
- (char *)( u->struct_p[SNMPV3_USER_AUTHPSWD_INDEX]),
- pEid, snmpEngineIdLen);
- if (user == NULL)
- return 0;
- if (u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX] != 0)
- snmpv3_inc_remote_engineID_reference(snmp_ntoa(u->struct_p[SNMPV3_USER_REMOTE_HOST_INDEX]),
- u->struct_p[SNMPV3_USER_REMOTE_PORT_INDEX]);
- usm_add_user(user);
- vacm_parse_group_bdcom(group, username, u->struct_p[SNMPV3_USER_VER_INDEX]);
- if (u->struct_p[SNMPV3_USER_ACL_INDEX] != 0) {
- strncpy(user->access_list, (char*)(u->struct_p[SNMPV3_USER_ACL_INDEX]),
- strlen((char *)(u->struct_p[SNMPV3_USER_ACL_INDEX])));
- } else
- user->access_list[0] = 0;
- return 0;
- }
- extern void snmpv3_get_remote_host_info_by_engineID(u_char *snmpEngineID, u_char **addr, u_short *port);
- /*show running commands*/
- static void display_a_user(struct usmUser *user)
- {
- struct vacm_groupEntry *group;
- char *version_info, *auth_info = NULL, *encrypt_info = "", *remote_addr, l_snmpEngineID[SNMP_MAX_ENG_SIZE];
- u_short remote_port;
- size_t l_snmpeidLen;
- if (user->userStatus != RS_ACTIVE || user->userStorageType != ST_NONVOLATILE)
- return;
- vty_printf("snmp-server user %s ", user->name);
- if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_SNMPv1, user->secName)) != NULL) {
- version_info = "v1";
- } else if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_SNMPv2c, user->secName)) != NULL) {
- version_info = "v2c";
- } else if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_USM, user->secName)) != NULL) {
- version_info = "v3";
- if (snmp_oid_compare(user->privProtocol, user->privProtocolLen,
- usmDESPrivProtocol, sizeof(usmDESPrivProtocol)/sizeof(usmDESPrivProtocol[0])) == 0) {
- encrypt_info = "encrypted ";
- }
- if (snmp_oid_compare(user->authProtocol, user->authProtocolLen,
- usmHMACMD5AuthProtocol, sizeof(usmHMACMD5AuthProtocol)/sizeof(usmHMACMD5AuthProtocol[0])) == 0) {
- auth_info = "auth md5";
- } else if (snmp_oid_compare(user->authProtocol, user->authProtocolLen,
- usmHMACSHA1AuthProtocol, sizeof(usmHMACSHA1AuthProtocol)/sizeof(usmHMACSHA1AuthProtocol[0])) == 0) {
- auth_info = "auth sha";
- }
- }
- memset(l_snmpEngineID, 0, sizeof(l_snmpEngineID));
- /*l_snmpeidLen = snmpv3_get_engineID(&l_snmpEngineID, sizeof(l_snmpEngineID));*/
- l_snmpeidLen = snmpv3_get_engineID(l_snmpEngineID, sizeof(l_snmpEngineID));/*by yangyuhua 2005-12-6*/
- if (l_snmpeidLen == user->engineIDLen
- && memcmp(l_snmpEngineID, user->engineID, l_snmpeidLen) == 0) {
- /*local user*/
- vty_printf("%s %s ", group->groupName, version_info);
- } else {
- snmpv3_get_remote_host_info_by_engineID(user->engineID, (u_char **)&remote_addr, &remote_port);
- if (remote_addr == NULL) {
- vty_printf("%s %s ", group->groupName, version_info);
- } else {
- vty_printf("%s remote %s ", group->groupName, remote_addr);
- if (remote_port != SNMP_TRAP_PORT)
- vty_printf("udp-port %d ", remote_port);
- vty_printf("%s ", version_info);
- }
- }
- vty_printf("%s", encrypt_info);
- if (auth_info != NULL)
- vty_printf("%s %s", auth_info, user->password_plaintext);
- if (user->access_list[0] != 0)
- vty_printf("access %s", user->access_list);
- vty_printf("n");
- }
- static BOOL display_snmp_user()
- {
- return usm_walkThrUserEntry(display_a_user);
- }
- /*show commands*/
- static void show_a_user(struct usmUser *user)
- {
- struct vacm_groupEntry *group;
- char engineID[SNMP_MAX_ENG_SIZE * 2 + 1];
- memset((void *)engineID, 0, sizeof(engineID));
- snmpv3_engineID2str(user->engineID, user->engineIDLen, engineID);
- vty_printf("User name: %sn", user->name);
- vty_printf("Engine ID: %sn", engineID);
- vty_printf("storage-type: ");
- switch (user->userStorageType) {
- case ST_OTHER:
- vty_printf("othern");
- break;
- case ST_VOLATILE:
- vty_printf("volatilen");
- break;
- case ST_NONVOLATILE:
- vty_printf("nonvolatilen");
- break;
- case ST_PERMANENT:
- vty_printf("permanentn");
- break;
- case ST_READONLY:
- vty_printf("readonlyn");
- break;
- default:
- vty_printf("unknownn");
- }
- vty_printf("Rowstatus: ");
- switch (user->userStatus) {
- case RS_ACTIVE:
- vty_printf("activen");
- break;
- case RS_NOTINSERVICE:
- vty_printf("notInServicen");
- break;
- case RS_NOTREADY:
- vty_printf("notReadyn");
- break;
- case RS_CREATEANDGO:
- vty_printf("createAndGon");
- break;
- case RS_CREATEANDWAIT:
- vty_printf("createAndWaitn");
- break;
- case RS_DESTROY:
- vty_printf("destroyn");
- break;
- default:
- vty_printf("unknownn");
- }
- vty_printf("Authentication Protocol: ");
- if (snmp_oid_compare(user->authProtocol, user->authProtocolLen,
- usmHMACMD5AuthProtocol, sizeof(usmHMACMD5AuthProtocol)/sizeof(usmHMACMD5AuthProtocol[0])) == 0) {
- vty_printf("MD5 n");
- } else if (snmp_oid_compare(user->authProtocol, user->authProtocolLen,
- usmHMACSHA1AuthProtocol, sizeof(usmHMACSHA1AuthProtocol)/sizeof(usmHMACSHA1AuthProtocol[0])) == 0) {
- vty_printf("SHA n");
- } else vty_printf("none n");
- vty_printf("Group-name: ");
- if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_SNMPv1, user->secName)) != NULL) {
- vty_printf("%st", group->groupName);
- } else if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_SNMPv2c, user->secName)) != NULL) {
- vty_printf("%st", group->groupName);
- } else if ((group = vacm_getGroupEntry(SNMP_SEC_MODEL_USM, user->secName)) != NULL) {
- vty_printf("%st", group->groupName);
- }
- if (user->access_list[0] != 0)
- vty_printf("access list: %s", user->access_list);
- vty_printf("nn");
- }
- static int do_show_snmp_user(int argc,char *argv[],struct user *u)
- {
- int rc;
- if ((rc = cmdend(--argc, ++argv, u))){
- return rc;
- }
- usm_walkThrUserEntry(show_a_user);
- vty_printf_end(1);
- return 0;
- }
- /*
- * 下面两个全局变量用于传递参数.由于在调用其间保证不进行任务切换,因此不会导致同步错误
- */
- static char *_oldEngineID, *_newEngineID;
- static size_t _oldEidLen, _newEidLen;
- static void refresh_a_snmp_user_engineID(struct usmUser *user)
- {
- if (user->engineIDLen == _oldEidLen
- && memcmp(user->engineID, _oldEngineID, _oldEidLen) == 0) {
- /*matched*/
- user->engineID = realloc(user->engineID, _newEidLen);
- memcpy(user->engineID, _newEngineID, _newEidLen);
- user->engineIDLen = _newEidLen;
- }
- }
- void refresh_snmp_user_engineID(char *oldID, size_t oldIDLen, char *newID, size_t newIDLen)
- {
- _oldEngineID = oldID;
- _newEngineID = newID;
- _oldEidLen = oldIDLen;
- _newEidLen = newIDLen;
- usm_walkThrUserEntry(refresh_a_snmp_user_engineID);
- return;
- }
- /*
- * snmpv3 engineid commands
- * u->struct_p[0]: remote address
- * u->struct_p[1]: remote port
- *
- */
- #define SNMPV3_ENGINEID_REMOTE_HOST_INDEX 0
- #define SNMPV3_ENGINEID_REMOTE_PORT_INDEX 1
- static int dosnmp_engineID_local(int argc,char *argv[],struct user *u);
- static int dosnmp_engineID_remote(int argc,char *argv[],struct user *u);
- static int dosnmp_engineID_string(int argc,char *argv[],struct user *u);
- static int dosnmp_engineID_remote_udpport(int argc,char *argv[],struct user *u);
- static struct cmds snmp_engineid_cmds[] = {
- { "local", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_engineID_local,NULL,NULL, 0, 0,
- "local -- engineID of the local agent",
- "local -- 配置本地代理者的SNMP引擎ID",
- NULLCHAR,NULLCHAR
- },
- { "remote", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), 0,
- dosnmp_engineID_remote,NULL,NULL, 0, 0,
- "remote -- engineID of the remote agent",
- "remote -- 配置远端代理者的SNMP引擎ID",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- #define SNMPV3_ENGINEID_REMOTE_PORT 0x01
- #define SNMPV3_ENGINEID_ENGINEID 0x02
- static struct cmds snmp_engineid_string_cmds[] = {
- { "WORD", MATCH_STR, cmdPref(PF_CMDNO, 0, 0), SNMPV3_ENGINEID_ENGINEID,
- dosnmp_engineID_string,NULL,NULL, 0, 0,
- "WORD -- engine ID octet string",
- "WORD -- SNMP引擎ID",
- NULLCHAR,NULLCHAR
- },
- { "udp-port", MATCH_AMB, cmdPref(PF_CMDNO, 0, 0), SNMPV3_ENGINEID_REMOTE_PORT,
- dosnmp_engineID_remote_udpport,NULL,NULL, 0, 0,
- "udp-port -- The remote notification host's UDP port number",
- "udp-port -- 远端接收通知主机的UDP端口号",
- NULLCHAR,NULLCHAR
- },
- { NULLCHAR }
- };
- static int dosnmp_engineID(int argc,char *argv[],struct user *u)
- {
- memset((void *)u->struct_p, 0, sizeof(u->struct_p));
- return subcmd(snmp_engineid_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_engineID_local(int argc,char *argv[],struct user *u)
- {
- u->cmd_mskbits = SNMPV3_ENGINEID_ENGINEID;
- return subcmd(snmp_engineid_string_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_engineID_remote(int argc,char *argv[],struct user *u)
- {
- uint32 remoteaddr;
- switch(getaddress((unsigned long *)&remoteaddr, argc--, argv++, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " A.B.C.D -- IP address of remote SNMP notification host",
- " A.B.C.D -- 远端接收通知主机的IP地址");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_ENGINEID_REMOTE_HOST_INDEX] = remoteaddr;
- u->cmd_mskbits = SNMPV3_ENGINEID_ENGINEID|SNMPV3_ENGINEID_REMOTE_PORT;
- return subcmd(snmp_engineid_string_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- static int dosnmp_engineID_string(int argc,char *argv[],struct user *u)
- {
- char *engineID_str, engineID[SNMP_MAX_ENG_SIZE], *peid = engineID, ipaddr[16];
- int rc;
- argc++;
- argv--;
- switch(getstrrc(&engineID_str, argc--, argv++, 0, SNMP_MAX_COMMUNITY_LEN, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " WORD -- engine ID octet string",
- " WORD -- SNMP引擎ID");
- return 1;
- case ARG_PARAM :
- assert(0);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- rc = cmdend(--argc, ++argv, u);
- if (rc)
- return rc;
- /*convert engineID*/
- memset((void *)engineID, 0, sizeof(engineID));
- while (*engineID_str != 0) {
- int curbyte = 0, i;
- for(i=0;i<2;i++) {
- curbyte = curbyte << 4;
- if (isdigit(*engineID_str)) {
- curbyte += (int)((*engineID_str) - '0');
- } else if (*engineID_str >= 'a' && *engineID_str <= 'f') {
- curbyte += (int)((*engineID_str) - 'a' + 10);
- } else if (*engineID_str >= 'A' && *engineID_str <= 'F') {
- curbyte += (int)((*engineID_str) - 'A' + 10);
- } else {
- vty_output("%%Error: Invalid SNMP engine IDn");
- return -1;
- }
- engineID_str++;
- }
- *peid++ = curbyte;
- }
- if (u->struct_p[SNMPV3_ENGINEID_REMOTE_HOST_INDEX] != 0) {
- /*set remote engineID*/
- int ipaddr_n = ntohl(u->struct_p[SNMPV3_ENGINEID_REMOTE_HOST_INDEX]);
- ip2str((char*)&ipaddr_n, ipaddr);
- if (u->struct_p[SNMPV3_ENGINEID_REMOTE_PORT_INDEX] == 0)
- u->struct_p[SNMPV3_ENGINEID_REMOTE_PORT_INDEX] = SNMP_TRAP_PORT;
- if (IsNoPref(u))
- snmpv3_delete_remote_engineID(ipaddr,
- u->struct_p[SNMPV3_ENGINEID_REMOTE_PORT_INDEX]);
- else
- snmpv3_add_remote_engineID(ipaddr,
- u->struct_p[SNMPV3_ENGINEID_REMOTE_PORT_INDEX],
- engineID, SNMP_MAX_ENG_SIZE);
- } else {
- /*set local engineID*/
- }
- return 0;
- }
- static int dosnmp_engineID_remote_udpport(int argc,char *argv[],struct user *u)
- {
- uint32 remoteport;
- switch(getuintrc((unsigned long *)&remoteport, argc--, argv++, 0, 65535, u)){
- case ARG_NOERR:
- break;
- case ARG_QUEST:
- case ARG_QUERY:
- eng_chi(u, " <0-65535> -- The remote notification host's UDP port number",
- " <0-65535> -- 远端接收通知报文主机的端口号");
- return 1;
- case ARG_PARAM :
- cmderror(ERR_NEXTP, NULL, u);
- return -1;
- case ARG_QPART:
- case ARG_GENER:
- default:
- return -1;
- }
- u->struct_p[SNMPV3_ENGINEID_REMOTE_PORT_INDEX] = remoteport;
- return subcmd(snmp_engineid_string_cmds, &u->cmd_mskbits, argc, argv, u);
- }
- /*show commands*/
- static int do_show_snmp_engineID(int argc,char *argv[],struct user *u)
- {
- int rc;
- if ((rc = cmdend(--argc, ++argv, u)))
- return rc;
- do_show_snmpv3_remote_engineID();
- vty_printf_end(1);
- return 0;
- }
- #endif
