Re: AgentX: client address/port info not propagated to subagent? - SNMP

This is a discussion on Re: AgentX: client address/port info not propagated to subagent? - SNMP ; On Mon, 2008-08-25 at 13:49 +0200, Marco Mussini wrote: > Hi, > in a situation where AgentX support is enabled, the subagent receives > from master agent the incoming request for processing. > Sometimes the subagent needs to know the ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: AgentX: client address/port info not propagated to subagent?

  1. Re: AgentX: client address/port info not propagated to subagent?

    On Mon, 2008-08-25 at 13:49 +0200, Marco Mussini wrote:
    > Hi,
    > in a situation where AgentX support is enabled, the subagent receives
    > from master agent the incoming request for processing.
    > Sometimes the subagent needs to know the IP address of the manager
    > that issued a request; this information is easily found in the source
    > PDU header that can be captured between manager and master agent.
    > Since the master agent merely acts as a dispatcher, the same
    > information should be also made available to the sub-agent.


    No, since it is dispatched through a protocol that assumes that all
    security processing is to take place in the master agent and thus have
    no features for that.

    > According to documentation, it should be reachable through the NetSNMP
    > API by following reqinfo->asp->session->peername. However, it appears
    > this is not the case. Perhaps the master agent does not propagate this
    > info to the subagent?


    No, it doesn't.
    Furthermore, that field might be something other than an IP address,
    Net-SNMP supports using among other things IPX and IPv6 addresses in
    that field.

    > Anyone ever noticed this (mis)behaviour?


    This is a feature, not a bug.
    An information module really that behaves differently for different
    callers (save from what the view handling allows) is quite unexpected.

    Regarding that structure, my personal opinion is that it is a mess that
    should be splitted up (it has everything and a kitchen sink) but I
    suppose that is quite some time into the future before that happens (I
    have to do the job first and then get the change approved) so the fields
    in it are not always set and some of them are deprecated.

    > Thanks in advance for any suggestion/comment on this topic,
    > Marco
    >
    > -------------------------------------------------------------------------
    > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
    > Build the coolest Linux based applications with Moblin SDK & win great prizes
    > Grand prize is a trip for two to an Open Source event anywhere in the world
    > http://moblin-contest.org/redirect.p...r_id=100&url=/
    > _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders



    -------------------------------------------------------------------------
    This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
    Build the coolest Linux based applications with Moblin SDK & win great prizes
    Grand prize is a trip for two to an Open Source event anywhere in the world
    http://moblin-contest.org/redirect.p...r_id=100&url=/
    _______________________________________________
    Net-snmp-coders mailing list
    Net-snmp-coders@lists.sourceforge.net
    https://lists.sourceforge.net/lists/...et-snmp-coders


  2. Re: AgentX: client address/port info not propagated to subagent?

    [ First - *please* don't mail me privately, without copying
    any responses to the mailing list. I don't have the time
    or inclination to offer private, unpaid, SNMP consultancy.
    Keep discussions to the list, where others can both learn
    and offer advice. Thanks. ]

    On Wed, 2008-08-27 at 15:15 +0200, Marco Mussini wrote:
    > Hi Magnus, thanks a lot for your answer; I understand.
    > However in our application we do have the special need to propagate
    > the manager address information to the subagents, and not for security
    > reasons - actually, for functional reasons.


    That do sound very odd, why should it matter what machine it is that
    asks the question unless it is security?

    > So I wonder if there is a way to register some custom handler code in
    > the master agent, for example, so that it can do something with the
    > source IP address found in the received PDU: for example it could
    > append that information to the list of existing Varbindings before
    > passing the PDU on to the subagents. This way the subagents will be
    > able to access that information as needed.


    That would probably be possible (it's software, everything is
    possible...), but I think it would be a really bad idea to do this, not
    least since it would mean that you would be lying to your subagent and
    not speaking proper AgentX

    > In your opinioni is this something that could be achieved
    > using/abusing the existing hooks/registration mechanisms, without
    > changing NetSNMP code?


    You have to add things to the master agent but it could be done, with
    that said I wish to repeat that it probably would be a really bad idea.

    /MF


    -------------------------------------------------------------------------
    This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
    Build the coolest Linux based applications with Moblin SDK & win great prizes
    Grand prize is a trip for two to an Open Source event anywhere in the world
    http://moblin-contest.org/redirect.p...r_id=100&url=/
    _______________________________________________
    Net-snmp-coders mailing list
    Net-snmp-coders@lists.sourceforge.net
    https://lists.sourceforge.net/lists/...et-snmp-coders


+ Reply to Thread