Folks,
I need to use this command (snmptrap) from Linux command line to send my custom message to a trap listener. I need to send the same message in both v1 and v2c depending on user settings.
Here is what I found.
For v1:
snmptrap -v 1 -c Tas hostname 1.3.6.1.4.1.2.3 "" 6 3 1234 s s "This is a test"
The above command works, I see the following message in my listener.
Display of SNMPv1 trap:
community: Tas
enterprise oid: 1.3.6.1.4.1.2.3
..... ibmAgents
agentAddress: hostname
generic-trap: enterpriseSpecific ('00000006'h)
specific-trap: 3 ('00000003'h)
time-stamp: 1234 - 12.34 seconds
varBind oid: OBJECT_IDENTIFIER 1.3.6.1.6
name: snmpV2
value: OCTET_STRING This is a test <- Here is my message.
My listener is a basically an AIX system, running the following command.
clsnmp -c public TRAP
For v2c: I am issuing this command.
snmptrap -v 2c -c "Tas" hostname '1234' 1.3.6.1.4.1.2.3 s s "This is a Test"
The command does not give me any error. But on the listener I see this.
Display of SNMPv2 trap with SNMPV2C security
community: Tas
The message "This is a Test" is not shown.
I am not familiar with snmptrap command - know very little about the protocol also. I have googled the command. My questions...
Is there anything wrong with the v2c command?
Is there anything wrong with my listener command? Let me know if I should something else. I can set up a Linux listener too.
Any suggestion is most welcome. I want to keep it simple - sending a custom message over snmp to a host, v1 and v2c and set up a listener to verify that my commands are working.
Thanks a lot
Tas
The command should look like this:
snmptrap -v 2c -c "Tas" 127.0.0.1 0 1.3.6.1.4.1.2.3 1.3.6.1.6.1.4.1.2.3.1.1.1.1.1 s "This is a Test"
Please note that varbind (OCTET STRING in this case) which is part of your SNMP trap PDU should also have an OID assigned. I've just used random OID for this varbind: 1.3.6.1.6.1.4.1.2.3.1.1.1.1.1
Please also note that you should use proper OIDs based on trap definitions from MIB file(s).
I'd suggest using enterprise class SNMP tools to send out SNMP traps like NetDecision Trap Simulator. This tool sends out traps in full accordance with SNMP standards and based on MIB file definitions:
Related
Recently we have migrated Unix OS to new flavor. Since then we couldn't able to send mails. I think we are missing some configuration, Could someone help in resolving the issue.
Command: echo "" | mutt -s "subject" -i /tmp/test.txt -a /tmp/test.txt xxx#gmail.com
Error: Can't stat xxx#gmail.com: No such file or directory
xxx#gmail.com: unable to attach file.
Current OS: Oracle Linux Server release 7.1
Mutt 1.5.21 (2010-09-15)
Please let me know what would be the issue.
Take a look at the man page. It states, that -a takes a list of arguments, which need to be terminated by --.
This is my first time working with SNMP, but after reading the SNMP pages I'm still having trouble getting a simple shell script to run when receiving a trap.
My /etc/snmp/snmptrapd.conf file looks like this:
# Example configuration file for snmptrapd
#
# No traps are handled by default, you must edit this file!
#
disableAuthorization yes
authCommunity log,execute,net public
# the generic traps
traphandle default /usr/local/bin/snmptrapd.sh
The snmptrapd.sh script just says "hello".
#!/bin/sh
echo "hello"
The script is executable and runs when executed independently:
> /usr/local/bin/snmptrapd.sh
hello
The snmptrapd is running as a background process:
> ps -ef | grep snmp
root 29477 1 0 14:49 ? 00:00:00 /usr/sbin/snmptrapd -Lsd -p /var/run/snmptrapd.pid -Cc /etc/snmp/snmptrapd.conf
And yet when I send a trap locally using snmptrap nothing happens:
> snmptrap -v 2c -c public localhost "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 123456
>
Now it seems that the trap does get logged, because the system log file (/var/log/messages) has the following entry:
Aug 8 15:46:10 <server_name> snmptrapd[29477]: 2017-08-08 15:46:10 localhost
[UDP: [127.0.0.1]:44928->[127.0.0.1]]:#012DISMAN-EVENT-MIB::sysUpTimeInstance =
Timeticks: (1338382434) 154 days, 21:43:44.34#011SNMPv2-MIB::snmpTrapOID.0 =
OID: NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification#011NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatRate
= INTEGER: 123456
As far as I can see everything is set up correctly. If so, why is the trap handle not working and how can one check why the trap doesn't trigger the script?
Thanks in advance.
EDIT: When I added the -Ci option to the snmptrapd command line options I got the following error:
No log handling enabled - turning on stderr logging
: Unknown Object Identifier (Sub-id not found: (top) -> )
OK, so after looking around some more I found the answer.
The reason that we are not seeing the output is because snmptrapd is being run as a daemon and doesn't send its standard output to the console. One can replace this with
echo "hello" > $HOME/output.txt
and the word 'hello' appears in the output.txt file.
See also http://www.linuxquestions.org/questions/linux-newbie-8/net-snmp-trap-handling-4175420577/
and
https://superuser.com/questions/823435/where-to-log-stdout-and-stderr-of-a-daemon
I would like to trigger a service when a change of an ip address on a specific interface occurs. Is there a target for this or some other method I am not aware of to achieve this using systemd on Linux (Kernel 3.19)?
The service would be used to send a SIGNAL to a defined process. The Linux is running on an embedded system.
Thanks!
Because you use Systemd you might already use systemd-networkd for managing your devices instead of relying on 3rd party code.
You could use the structured journal output to get the last 2 ADDRESS field of the current BOOD_ID.(sadly, there is no notification mechanism for address changes in systemd-networkd):
→ sudo journalctl -F ADDRESS -u systemd-networkd -n 2
192.168.178.29
So, if there is only one line output, there was no address change.
There is an solution in other question of StackOverflow. Just here:
Detecting a change of IP address in Linux
I like this code, it's easy, you onli need a cron job with frecuency as you need (I made a little change):
#!/bin/bash
OLD_IP=`cat ip.txt`
NEW_IP=`/sbin/ifconfig | awk -F "[: ]+'{ print $4}'`
if [ $NEW_IP != OLD_IP ]; then
YOU_COMMAND <commands>
echo $NEW_IP > ip.txt
fi
exit 0
I am making a simple bash script with Telegram-cli, in which I send 2 parameters (destination and message), and it should send a Telegram message to the destination (Name_FamilyName).
The script looks as follows:
#!/bin/bash
destination=$1;
message=$2;
(echo "msg $destination $message"; echo "safe_quit") | bin/telegram-cli -k tg-server.pub -W
With that, in theory, messages should be sent. I change the permissions of the script, and I call it in the next way:
./script_send_message.sh Max_Musterman "Hola qute tal estas"
And that is the output I get:
Telegram-cli version 1.2.0, Copyright (C) 2013-2015 Vitaly Valtman
Telegram-cli comes with ABSOLUTELY NO WARRANTY; for details type `show_license'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show_license' for details.
Telegram-cli uses libtgl version 1.2.0
I: config dir=[/home/machine/.telegram-cli]
> msg Max_Musterman Hola qute tal estas
> safe_quit
User Max_Musterman updated username
User Max_Musterman online (was online [2015/04/09 06:56:04])
User Test Phone offline (was online [2015/04/09 06:51:42])
> > All done. Exit
halt
No message has been sent at all. Insted, if I send exactly the same message from the console, it works fine. Here is what I do:
bin/telegram-cli -k server.pub -W
Telegram-cli version 1.2.0, Copyright (C) 2013-2015 Vitaly Valtman
Telegram-cli comes with ABSOLUTELY NO WARRANTY; for details type `show_license'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show_license' for details.
Telegram-cli uses libtgl version 1.2.0
I: config dir=[/home/machine/.telegram-cli]
User Max_Musterman updated username
User Max_Musterman online (was online [2015/04/09 06:59:46])
User Max_Musterman offline (was online [2015/04/09 06:51:42])
> msg Max_Musterman Hola qute tal estas
[06:57] Max_Musterman <<< Hola qute tal estas
User Max_Musterman marked read 1 outbox and 0 inbox messages
User Max_Musterman offline (was online [2015/04/09 06:57:29])
>
I am running out of ideas. I start to think that, somehow, the contact list is not loaded when the command msg is sent in the script, so it sends nothing(in the console, if you send a message to a made up user, it won't do anything like in the script).
Has anyone experienced something similar? Any solution? Thank you for your help.
You have other option:
instead of piping commands to telegram-cli you can use "-e" option and the user_id, this way:
telegram-cli -RD -e "msg user#nnnnnnn Hola caracola"
where nnnnn is the user_id. You can find it via the "user_info ....." command.
This way you don't need to sleep, just make the telegram-cli do all the work, and without using the -W command telegram doesn't need to get all your contacts.
Looks like when you run telegram_cli from the script, it needs a bit of time to be able to send any message (until it shows the list of Users at least). If you send a message before the user list is loaded, you won't be able to send anything. So a quick fix (or we may call it a naughty hack) is to tell the script to wait 3 seconds for sending the message:
#!/bin/bash
destination=$1;
message=$2;
(sleep 3;echo "msg $destination $message"; echo "safe_quit") | bin/telegram-cli -k tg-server.pub -W
Maybe you have to change the sleep3 to sleep 5 or something like that, but it should be able to send the messages after that.
In order to thwart a persistent hacker I have developed a tcpdump command which prints failed authentications plus the preceding 4 lines to the console. Since sometimes I have to sleep, I would like to write a program to automatically add the IP to the firewall when the failed login is printed.
simplified example:
tcpdump [options] | grep [username] | perl -en [
isolate username using regex;
if username is the target username,
examine previous lines looping until IP is detected;
append properly formatted firewall command to firewall file;
run firewall file]
I've got the tcpdump and the grep working. I know enough about Perl to program this in a script file but the command line Perl has me stumped.
For what you're trying to do, I would suggest another route, and install a service such as denyhosts, which can detect repeated failed login attempts, log them, and automatically block them.
denyhosts is available from http://denyhosts.sourceforge.net - or is likely available on the repositories for your flavour of Linux.