SNMP v3?

perldork · Post by **perldork** » Sun Nov 07, 2004 6:28 pm

TheWitness wrote:Are you suggesting that there are two possible usernames?

Ack, no

. That was a mistake. Fixed. Sorry.

I like the interface. I don't beleive that this is supportable in native PHP. However, we can get close or possibly integrate the Javascript right in the hosts page. Let's keep it up.

Yes, the javascript would have to be integrated into the <head> of the page.

perldork · Post by **perldork** » Sun Nov 07, 2004 6:54 pm

TheWitness wrote:Also, if there is no authentication or privacy protocol, is the device just open to users to poll?
TheWitness

Good question! I found out I misread the net-snmp docs .. I will have to look at RFCs to see if this is true in all cases, but for Net-SNMP the choices look to be:
* User authentication, no privacy protocol, no privacy passphrase
* User authentication, privacy protocol, no privacy passphrase
* User authentication, privacy protocol, privacy passphrase

So it appears that while no auth no priv is a valid state, it isn't useful from a client perspective.

I tried to use that state with the SNMPv3 php functions and it won't allow it

So, the No Authentication, No Privacy appears to be useless for our needs

.. authentication is required always.

Updated the mockup to reflect this.

perldork · Post by **perldork** » Sun Nov 07, 2004 6:58 pm

UI looks good ..

.. no javascript just means you will have to validate the selections server-side, which you would have to do anyway :p.

Make sure to add 'None' as a privacy protocol as that is a valid choice!

I would also put some kind of note to let the user know that the user authentication files are required and all the privacy fields are optional.

Nice job

.

Post by **TheWitness** » Sun Nov 07, 2004 7:05 pm

Where would the authentication files go?

TheWitness

Post by **TheWitness** » Sun Nov 07, 2004 7:09 pm

Would this be a correct mapping for security level?

"authNoPriv" => "User authentication, no privacy protocol, no privacy passphrase",
"authPriv" => "User authentication, privacy protocol, no privacy passphrase ",
"authPriv" => "User authentication, privacy protocol, privacy passphrase");

perldork · Post by **perldork** » Sun Nov 07, 2004 7:10 pm

Updated snmpv3 class to reflect latest changes:

http://ensim.webscorpion.com/scripts/ca ... class.phps

perldork · Post by **perldork** » Sun Nov 07, 2004 7:11 pm

TheWitness wrote:Where would the authentication files go?

TheWitness

More mistyping .. I meant 'fields' not files. Sorry.

perldork · Post by **perldork** » Sun Nov 07, 2004 7:15 pm

TheWitness wrote:Would this be a correct mapping for security level?

"authNoPriv" => "User authentication, no privacy protocol, no privacy passphrase",
"authPriv" => "User authentication, privacy protocol, no privacy passphrase ",
"authPriv" => "User authentication, privacy protocol, privacy passphrase");

Actually, as far as the UI goes, just need two choices:

'authNoPriv' => 'User authentication, no privacy',
'authPriv' => 'User authentication, privacy';

The privacy field choices are:
* No protocol, no passphrase
* Protocol, no passphrase
* Protocol, passphrase

So having a privacy passphrase with no protocol is illegal, but the reverse isn't

.

perldork · Post by **perldork** » Sun Nov 07, 2004 8:14 pm

updated mockup to reflect rule that privacy protocol must be selected in order to use a passphrase.

Post by **TheWitness** » Sun Nov 07, 2004 9:13 pm

I have sent a note to Ian to review your code. I have posted most of the menuing to the 0.8.7 CVS for now. Before going any futher, I have asked him to review the possible inclusion of the Java hooks in the menuing system that he has put in place.

Great work!!!

TheWitness

perldork · Post by **perldork** » Sun Nov 07, 2004 10:08 pm

Hey, thanks for letting me help with this, I have really enjoyed it

; we knocked this one out pretty quickly if you ask me. I would love to help out with this project further if there is need ..

Do you have a bug list posted anywhere? A developer mailing list? Maybe I could help with some bug fixing? Or testing? I have used this project over the course of several years and would really enjoy being able to contribute work to it.

perldork · Post by **perldork** » Sun Nov 07, 2004 10:28 pm

Nevermind, found the bug tracking system. My bad.

Post by **rony** » Mon Nov 08, 2004 1:50 pm

Larry,

I would suggest adding "V3 " on the Authenication and Privacy headers so there is no confusion that they are only used in SNMPv3.

Post by **TheWitness** » Sat Nov 13, 2004 10:09 pm

Perldork,

SNMPv3 is in CVS for 0.8.7. Do not overwrite your production system. Only cmd.php should work right now. Since I don't have any snmpv3 devices, I need testers. If there is anything you don't like about the interface, shout. Also, I am not currently conducting host pre-verification, so I know that there is a possibility of a segfault. Just use known values for now.

The method that you will use is to dump you production database, move it to a separate instance, and then upgrade that instance. New installs will not work right now.

TheWitness

perldork · Post by **perldork** » Sun Nov 14, 2004 8:15 am

Hi Witness,

Cool. I will test the CVS version this week and let you know how it goes

.

Cacti

SNMP v3?

Who is online