SNMP Trap Handler
Posted: Sun May 22, 2016 11:41 am
Does anyone have a suggestion on how I would implement an SNMP Trap Handler using port 162 within an Indigo Plugin?
The below code uses the PYSNMP module and works when using port 1062 with IP 127.0.0.1. The only way I can get that same code to work outside of Indigo using port 162 with IP 0.0.0.0 (to catch all traffic) is by calling it as a privilege user (aka using the sudo command).
When not executed as a privileged user or within Indigo with port 162 and IP 0.0.0.0, I receive the following error; "bind() for ('0.0.0.0', 162) failed: [Errno 13] Permission denied".
I do understand that this error, is telling me that I can not bind to port numbers lower than 1024 as a unprivileged user.
What I'm looking for is a work around which would allow me to use this code within Indigo. Or even, how to get Indigo to call it as a privilege user.
The workaround I used in my plugin APCPDU was to call the 'smptrapd' using sudo. That really seems hack-ish, so I'm trying to implement the Trap Handler in the Indigo Plugin.
One thing I have tried is using pfctl Port Forwarding, forwarding all port 162 traffic to port 1062. Upon testing that solution I had some reliability problems, not to mention that you ultimately have to set that up as a privileged user.
Are there any thoughts on a solution?
The below code uses the PYSNMP module and works when using port 1062 with IP 127.0.0.1. The only way I can get that same code to work outside of Indigo using port 162 with IP 0.0.0.0 (to catch all traffic) is by calling it as a privilege user (aka using the sudo command).
When not executed as a privileged user or within Indigo with port 162 and IP 0.0.0.0, I receive the following error; "bind() for ('0.0.0.0', 162) failed: [Errno 13] Permission denied".
I do understand that this error, is telling me that I can not bind to port numbers lower than 1024 as a unprivileged user.
What I'm looking for is a work around which would allow me to use this code within Indigo. Or even, how to get Indigo to call it as a privilege user.
The workaround I used in my plugin APCPDU was to call the 'smptrapd' using sudo. That really seems hack-ish, so I'm trying to implement the Trap Handler in the Indigo Plugin.
One thing I have tried is using pfctl Port Forwarding, forwarding all port 162 traffic to port 1062. Upon testing that solution I had some reliability problems, not to mention that you ultimately have to set that up as a privileged user.
Are there any thoughts on a solution?
- Code: Select all
def runConcurrentThread(self):
try:
# Create SNMP engine with autogenernated engineID and pre-bound
# to socket transport dispatcher
snmpEngine = engine.SnmpEngine()
# Transport setup
# UDP over IPv4, first listening interface/port
config.addTransport(
snmpEngine,
udp.domainName + (1,),
udp.UdpTransport().openServerMode(('0.0.0.0', 162))
)
# SNMPv1/2c setup
# SecurityName <-> CommunityName mapping
config.addV1System(snmpEngine, 'my-area', 'public')
# Callback function for receiving notifications
# noinspection PyUnusedLocal,PyUnusedLocal,PyUnusedLocal
def cbFun(snmpEngine, stateReference, contextEngineId, contextName,
varBinds, cbCtx):
for name, val in varBinds:
indigo.server.log('%s = %s' % (name, val))
# Register SNMP Application at the SNMP engine
ntfrcv.NotificationReceiver(snmpEngine, cbFun)
snmpEngine.transportDispatcher.jobStarted(1) # this job would never finish
snmpEngine.transportDispatcher.runDispatcher()
except self.StopThread:
#pass # Optionally catch the StopThread exception and do any needed cleanup.
snmpEngine.transportDispatcher.closeDispatcher()