diff options
Diffstat (limited to 'snmptrap/mod')
-rw-r--r-- | snmptrap/mod/trapd_get_cbs_config.py | 12 | ||||
-rw-r--r-- | snmptrap/mod/trapd_http_session.py | 64 | ||||
-rw-r--r-- | snmptrap/mod/trapd_io.py | 8 | ||||
-rw-r--r-- | snmptrap/mod/trapd_settings.py | 13 | ||||
-rw-r--r-- | snmptrap/mod/trapd_snmpv3.py | 195 |
5 files changed, 281 insertions, 11 deletions
diff --git a/snmptrap/mod/trapd_get_cbs_config.py b/snmptrap/mod/trapd_get_cbs_config.py index 524f1c2..1506dca 100644 --- a/snmptrap/mod/trapd_get_cbs_config.py +++ b/snmptrap/mod/trapd_get_cbs_config.py @@ -86,6 +86,8 @@ def get_cbs_config(): stdout_logger(msg) try: tds.c_config = json.load(open(_cbs_sim_json_file)) + msg = ("%s loaded and parsed successfully" % _cbs_sim_json_file) + stdout_logger(msg) except Exception as e: msg = "Unable to load CBS_SIM_JSON " + _cbs_sim_json_file + \ " (invalid json?) - FATAL ERROR, exiting" @@ -94,25 +96,25 @@ def get_cbs_config(): # recalc timeout, set default if not present try: - tds.timeout_seconds = tds.c_config['publisher.http_timeout_milliseconds'] / 1000.0 + tds.timeout_seconds = tds.c_config['publisher']['http_timeout_milliseconds'] * 1000.0 except Exception as e: tds.timeout_seconds = 1.5 # recalc seconds_between_retries, set default if not present try: - tds.seconds_between_retries = tds.c_config['publisher.http_milliseconds_between_retries'] / 1000.0 + tds.seconds_between_retries = tds.c_config['publisher']['http_milliseconds_between_retries'] * 1000.0 except Exception as e: tds.seconds_between_retries = .750 # recalc min_severity_to_log, set default if not present try: - tds.minimum_severity_to_log = tds.c_config['files.minimum_severity_to_log'] + tds.minimum_severity_to_log = tds.c_config['files']['minimum_severity_to_log'] except Exception as e: tds.minimum_severity_to_log = 3 try: - tds.publisher_retries = tds.c_config['publisher.http_retries'] + tds.publisher_retries = tds.c_config['publisher']['http_retries'] except Exception as e: - tds.publisher_retries = 3 + tds.publisher_retries = 2 return True diff --git a/snmptrap/mod/trapd_http_session.py b/snmptrap/mod/trapd_http_session.py index b34c19d..3efca21 100644 --- a/snmptrap/mod/trapd_http_session.py +++ b/snmptrap/mod/trapd_http_session.py @@ -53,6 +53,68 @@ def init_session_obj(): try: _loc_session = requests.Session() except Exception as e: - return None + msg = "Unable to create new http session - FATAL ERROR, exiting" + ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_FATAL, tds.CODE_GENERAL, msg) + stdout_logger(msg) + cleanup_and_exit(1, tds.pid_file_name) return _loc_session + + +# # # # # # # # # # # # # +# fx: close_session_obj +# # # # # # # # # # # # # +def close_session_obj(_loc_http_requ_session): + """ + Closes existing http request session object + :Parameters: + _loc_http_requ_session + :Exceptions: + session object creation + this function will throw an exception if unable to create + a new session object + :Keywords: + http request session + :Variables: + none + """ + + + # Close existing session if present. + if _loc_http_requ_session is not None: + try: + _loc_http_requ_session.close() + return True + except Exception as e: + msg = "Unable to close current http session - FATAL ERROR, exiting" + ecomp_logger(tds.LOG_TYPE_ERROR, tds.SEV_FATAL, tds.CODE_GENERAL, msg) + stdout_logger(msg) + cleanup_and_exit(1, tds.pid_file_name) + + +# # # # # # # # # # # # # +# fx: reset_session_obj +# # # # # # # # # # # # # +def reset_session_obj(_loc_http_requ_session): + """ + Closes existing http request session object + and re-opens with current config vals + :Parameters: + _loc_http_requ_session + :Exceptions: + session object creation + this function will throw an exception if unable to create + a new session object + :Keywords: + http request session + :Variables: + none + """ + + + # close existing http_requ_session if present + ret = close_session_obj(_loc_http_requ_session) + + # open new http_requ_session + _loc_http_requ_session = init_session_obj() + return _loc_http_requ_session diff --git a/snmptrap/mod/trapd_io.py b/snmptrap/mod/trapd_io.py index ef67c69..d079cbe 100644 --- a/snmptrap/mod/trapd_io.py +++ b/snmptrap/mod/trapd_io.py @@ -117,7 +117,7 @@ def open_eelf_logs(): # open various ecomp logs - if any fails, exit tds.eelf_error_file_name = ( - tds.c_config['files.eelf_base_dir'] + "/" + tds.c_config['files.eelf_error']) + tds.c_config['files']['eelf_base_dir'] + "/" + tds.c_config['files']['eelf_error']) tds.eelf_error_fd = open_file(tds.eelf_error_file_name) except Exception as e: @@ -127,7 +127,7 @@ def open_eelf_logs(): try: tds.eelf_debug_file_name = ( - tds.c_config['files.eelf_base_dir'] + "/" + tds.c_config['files.eelf_debug']) + tds.c_config['files']['eelf_base_dir'] + "/" + tds.c_config['files']['eelf_debug']) tds.eelf_debug_fd = open_file(tds.eelf_debug_file_name) except Exception as e: @@ -137,7 +137,7 @@ def open_eelf_logs(): try: tds.eelf_audit_file_name = ( - tds.c_config['files.eelf_base_dir'] + "/" + tds.c_config['files.eelf_audit']) + tds.c_config['files']['eelf_base_dir'] + "/" + tds.c_config['files']['eelf_audit']) tds.eelf_audit_fd = open_file(tds.eelf_audit_file_name) except Exception as e: msg = "Error opening eelf audit log : " + str(e) @@ -146,7 +146,7 @@ def open_eelf_logs(): try: tds.eelf_metrics_file_name = ( - tds.c_config['files.eelf_base_dir'] + "/" + tds.c_config['files.eelf_metrics']) + tds.c_config['files']['eelf_base_dir'] + "/" + tds.c_config['files']['eelf_metrics']) tds.eelf_metrics_fd = open_file(tds.eelf_metrics_file_name) except Exception as e: msg = "Error opening eelf metric log : " + str(e) diff --git a/snmptrap/mod/trapd_settings.py b/snmptrap/mod/trapd_settings.py index be87e26..308a2f2 100644 --- a/snmptrap/mod/trapd_settings.py +++ b/snmptrap/mod/trapd_settings.py @@ -115,7 +115,7 @@ def init(): # <json log of traps published> global json_traps_filename - json_log_filename = "" + json_traps_filename = "" global json_traps_fd json_fd = None # </json log of traps published> @@ -131,6 +131,17 @@ def init(): global pid_file_name pid_file_name = "" + # <stormwatch> + global sw_participant_oid_dict + sw_participant_oid_dict = {} + + global sw_count_dict + sw_count_dict = {} + + global sw_interval_in_seconds + sw_interval_in_seconds = 60 + # </stormwatch > + # <logging types and severities> global LOG_TYPES global LOG_TYPE_NONE diff --git a/snmptrap/mod/trapd_snmpv3.py b/snmptrap/mod/trapd_snmpv3.py new file mode 100644 index 0000000..97c048c --- /dev/null +++ b/snmptrap/mod/trapd_snmpv3.py @@ -0,0 +1,195 @@ +# ============LICENSE_START======================================================= +# org.onap.dcae +# ================================================================================ +# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +# +# ECOMP is a trademark and service mark of AT&T Intellectual Property. +# +""" +module for snmpv3 support + +- loads various USM values for engineID/users + +""" + +__docformat__ = 'restructuredtext' + +import json +import os +import sys +import string +import time +import traceback +import collections +import pprint + +from pysnmp.entity import engine, config +from pysnmp.carrier.asyncore.dgram import udp +from pysnmp.entity.rfc3413 import ntfrcv +from pysnmp.proto.api import v2c + +import trapd_settings as tds +from trapd_exit import cleanup_and_exit +from trapd_io import stdout_logger, ecomp_logger + +prog_name = os.path.basename(__file__) + + +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# module: init +# FMDL: should this re-establish listener, with +# blank V3 config attribs? +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # + + +def init(): + + global v3_config_dict + v3_config_dict = {} + + +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# module: load_snmpv3_credentials +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # + + +def load_snmpv3_credentials (_py_config, _snmp_engine, _cbs_config): + """ + Add V3 credentials from CBS config to receiver config + so traps will be recieved from specified engines/users + :Parameters: + _config: snmp entity config + :Exceptions: + """ + + # add V3 credentials from CBS json structure to running config + try: + v3_users=_cbs_config["snmpv3_config"]["usm_users"] + except Exception as e: + msg = ("No V3 users defined") + ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg) + return _py_config, _snmp_engine + + for v3_user in v3_users: + + # engineId + try: + ctx_engine_id=v3_user['engineId'] + except Exception as e: + ctx_engine_id=None + + # user + try: + userName=v3_user['user'] + except Exception as e: + userName=None + + # authorization + # find options at -> site-packages/pysnmp/entity/config.py + # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # + + # print("Checking auth for %s" % (userName)) + + # usmHMACMD5Auth + try: + authKey=v3_user['usmHMACMD5Auth'] + authProtocol=config.usmHMACMD5AuthProtocol + except Exception as e: + # usmHMACSHAAuth + try: + authKey=v3_user['usmHMACSHAAuth'] + authProtocol=config.usmHMAC192SHA256AuthProtocol + except Exception as e: + # usmNoAuth + try: + authKey=v3_user['usmNoAuth'] + authProtocol=config.usmNoAuthProtocol + except Exception as e: + # FMDL: default to NoAuth, or error/skip entry? + msg = ("No auth specified for user %s ?" % (userName)) + authKey=None + authProtocol=config.usmNoAuthProtocol + ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg) + # break + + # privacy + # find options at -> site-packages/pysnmp/entity/config.py + # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # + + # print("Checking priv for %s" % (userName)) + + # usm3DESEDEPriv + try: + privKey=v3_user['usm3DESEDEPriv'] + privProtocol=config.usm3DESEDEPrivProtocol + except Exception as e: + # usmAesCfb128 + try: + privKey=v3_user['usmAesCfb128'] + privProtocol=config.usmAesCfb128Protocol + except Exception as e: + # usmAesCfb192 + try: + privKey=v3_user['usmAesCfb192'] + privProtocol=config.usmAesCfb192Protocol + except Exception as e: + # usmAesCfb256 + try: + privKey=v3_user['usmAesCfb256'] + privProtocol=config.usmAesCfb256Protocol + except Exception as e: + # usmDESPriv + try: + privKey=v3_user['usmDESPriv'] + privProtocol=config.usmDESPrivProtocol + except Exception as e: + # usmNoPriv + try: + privKey=v3_user['usmNoPriv'] + privProtocol=config.usmNoPrivProtocol + except Exception as e: + # FMDL: default to NoPriv, or error/skip entry? + msg = ("No priv specified for user %s" % (userName)) + ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg) + privKey=None + privProtocol=config.usmNoPrivProtocol + # break + + # msg = ("userName: %s authKey: %s authProtocol: %s privKey: %s privProtocol: %s engineId: %s % (userName, authKey, authProtocol, privKey, privProtocol, ctx_engine_id)) + msg = ("userName: %s authKey: **** authProtocol: %s privKey: **** privProtocol: %s engineId: ****" % (userName, authProtocol, privProtocol)) + ecomp_logger(tds.LOG_TYPE_DEBUG, tds.SEV_INFO, tds.CODE_GENERAL, msg) + + # user: usr-md5-des, auth: MD5, priv DES, contextEngineId: 8000000001020304 + # this USM entry is used for TRAP receiving purposes + + # help(addV3User) returns -> + # addV3User(snmpEngine, userName, authProtocol=(1, 3, 6, 1, 6, 3, 10, 1, 1, 1), authKey=None, privProtocol=(1, 3, 6, 1, 6, 3, 10, 1, 2, 1), priv Key=None, securityEngineId=None, securityName=None, contextEngineId=None) + + if ctx_engine_id is not None: + config.addV3User( + _snmp_engine, userName, + authProtocol, authKey, + privProtocol, privKey, + contextEngineId=v2c.OctetString(hexValue=ctx_engine_id) + ) + else: + config.addV3User( + _snmp_engine, userName, + authProtocol, authKey, + privProtocol, privKey + ) + + return _py_config, _snmp_engine |