--- net-snmp-5.2.1.2.orig/debian/tkmib.manpages +++ net-snmp-5.2.1.2/debian/tkmib.manpages @@ -0,0 +1 @@ +debian/manpages/tkmib.1 --- net-snmp-5.2.1.2.orig/debian/snmpd.postinst +++ net-snmp-5.2.1.2/debian/snmpd.postinst @@ -0,0 +1,17 @@ +#! /bin/sh + +set -e + +if [ "$1" = configure ]; then + if dpkg --compare-versions "$2" lt 5.2.1.2-4ubuntu2; then + if getent passwd snmp | grep /home/snmp >/dev/null 2>&1; then + usermod -d /var/lib/snmp snmp + fi + fi + adduser --quiet --system --no-create-home --home /var/lib/snmp snmp + chown -R snmp /var/lib/snmp +fi + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/libsnmp-base.files +++ net-snmp-5.2.1.2/debian/libsnmp-base.files @@ -0,0 +1,3 @@ +usr/share/snmp/mibs +usr/share/snmp/mib2c-data +usr/share/man/man5/* --- net-snmp-5.2.1.2.orig/debian/libsnmp9-dev.files +++ net-snmp-5.2.1.2/debian/libsnmp9-dev.files @@ -0,0 +1,7 @@ +etc/snmp/mib2c*.conf +usr/bin/mib2c +usr/bin/net-snmp-config +usr/include +usr/lib/lib*.{a,so,la} +usr/share/man/man1/mib2c.1 +usr/share/man/man3/* --- net-snmp-5.2.1.2.orig/debian/libsnmp9.files +++ net-snmp-5.2.1.2/debian/libsnmp9.files @@ -0,0 +1 @@ +usr/lib/lib*.so.* --- net-snmp-5.2.1.2.orig/debian/libsnmp9.dirs +++ net-snmp-5.2.1.2/debian/libsnmp9.dirs @@ -0,0 +1 @@ +var/lib/snmp --- net-snmp-5.2.1.2.orig/debian/libsnmp-base.dirs +++ net-snmp-5.2.1.2/debian/libsnmp-base.dirs @@ -0,0 +1 @@ +var/lib/snmp --- net-snmp-5.2.1.2.orig/debian/snmp.preinst +++ net-snmp-5.2.1.2/debian/snmp.preinst @@ -0,0 +1,11 @@ +#! /bin/sh + +set -e + +if [ -d /usr/doc/snmp ]; then + rm -rf /usr/doc/snmp +fi + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/libsnmp9-dev.manpages +++ net-snmp-5.2.1.2/debian/libsnmp9-dev.manpages @@ -0,0 +1 @@ +debian/manpages/net-snmp-config.1 --- net-snmp-5.2.1.2.orig/debian/snmpd.dirs +++ net-snmp-5.2.1.2/debian/snmpd.dirs @@ -0,0 +1 @@ +usr/share/lintian/overrides --- net-snmp-5.2.1.2.orig/debian/tkmib.docs +++ net-snmp-5.2.1.2/debian/tkmib.docs @@ -0,0 +1,3 @@ +FAQ +NEWS +README --- net-snmp-5.2.1.2.orig/debian/rules +++ net-snmp-5.2.1.2/debian/rules @@ -0,0 +1,213 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess. +# This version is for a hypothetical package that builds an +# architecture-dependant package, as well as an architecture-independent +# package. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# This is the debhelper compatability version to use. +export DH_COMPAT=4 + +include debian/cbs-patches.Makefile + +v = 9 +vv = 5.2.1.2-3 + +tmp=$(shell pwd)/debian/tmp + +ifndef PERL +PERL=/usr/bin/perl +endif + +ARCH = $(shell dpkg --print-architecture) + +CFLAGS = -O2 -D_REENTRANT +ifneq "$(findstring debug,$(DEB_BUILD_OPTIONS))" "" +CFLAGS += -g +endif + +MIB_MODULES = host smux ucd-snmp/dlmod ucd-snmp/diskio +BACKUP = aclocal.m4 config.guess config.sub configure ltmain.sh stamp-h \ + stamp-h.in include/net-snmp/net-snmp-config.h.in +#ifeq "$(ARCH)" "i386" +#MIB_MODULES += ucd-snmp/lmSensors +#LIBSENSORS = -lsensors +#endif + +build: build-stamp +build-stamp: debian/stamp-patched + dh_testdir + + # Backup files expected to be modified. + for i in $(BACKUP); do \ + if [ ! -f $$i.backup ]; then mv $$i $$i.backup; fi ; \ + done + # Add here commands to compile the package. + libtoolize --force --copy + aclocal + autoconf + LC_COLLATE=C autoheader + echo timestamp >stamp-h.in + ./configure --prefix=/usr --sysconfdir=/etc --mandir=/usr/share/man \ + --with-persistent-directory=/var/lib/snmp \ + --enable-ucd-snmp-compatibility \ + --enable-shared --with-cflags="$(CFLAGS)" \ + --with-perl-modules="INSTALLDIRS=vendor" \ + --enable-ipv6 --with-logfile=none \ + --without-rpm --with-libwrap --with-openssl \ + --without-dmalloc --without-efence --without-rsaref \ + --with-sys-contact="root" --with-sys-location="Unknown" \ + --with-mib-modules="$(MIB_MODULES)" \ + --enable-mfd-rewrites \ + --with-defaults + $(MAKE) LIBSENSORS=$(LIBSENSORS) LD_RUN_PATH= + touch build-stamp + +clean:: + dh_testdir + dh_testroot + + # Add here commands to clean up after the build process. + -$(MAKE) perlrealclean distclean + + dh_clean EXAMPLE.conf net-snmp-config sedscript \ + include/net-snmp/library/snmpv3-security-includes.h \ + include/net-snmp/agent/mib_module_config.h \ + include/net-snmp/agent/agent_module_config.h \ + build-stamp install-stamp debian/patches/*.log \ + acinclude.m4 agent/mibgroup/mib_module_includes.h \ + agent/mibgroup/agent_module_includes.h \ + agent/mibgroup/mib_module_inits.h \ + agent/mibgroup/agent_module_inits.h \ + agent/mibgroup/mib_module_shutdown.h \ + agent/mibgroup/agent_module_shutdown.h \ + agent/mibgroup/mib_module_dot_conf.h \ + agent/mibgroup/agent_module_dot_conf.h libtool \ + snmplib/snmpsm_init.h config.log configure-summary \ + perl/SNMP/t/snmptest.cmd perl/blib/lib/.exists \ + perl/blib/lib/NetSNMP/.exists perl/blib/lib/NetSNMP/agent/.exists \ + perl/SNMP/SNMP.pod $(shell find -type f -name '*.o') + + for i in $(BACKUP); do \ + if [ -f $$i.backup ]; then mv -f $$i.backup $$i; fi ; \ + done + +install: install-stamp +install-stamp: build-stamp + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/tmp. + $(MAKE) prefix=`pwd`/debian/tmp/usr exec_prefix=`pwd`/debian/tmp/usr \ + mandir=`pwd`/debian/tmp/usr/share/man \ + persistentdir=`pwd`/debian/tmp/var/lib/snmp \ + PREFIX=`pwd`/debian/tmp/usr install + # Install the "broke" headers + cp agent/mibgroup/struct.h debian/tmp/usr/include/net-snmp/agent + cp agent/mibgroup/util_funcs.h debian/tmp/usr/include/net-snmp + cp agent/mibgroup/mibincl.h debian/tmp/usr/include/net-snmp/library + cp agent/mibgroup/header_complex.h debian/tmp/usr/include/net-snmp/agent + # Remove the snmpcheck program since we don't support it (yet). + rm debian/tmp/usr/bin/snmpcheck + # Copy the .conf files. + mkdir -p debian/tmp/etc/snmp + cp EXAMPLE.conf debian/tmp/etc/snmp/snmpd.conf + cp EXAMPLE-trap.conf debian/tmp/etc/snmp/snmptrapd.conf + mv debian/tmp/usr/share/snmp/mib2c*.conf debian/tmp/etc/snmp + mkdir -p debian/tmp/etc/default + cp debian/snmpd.default debian/tmp/etc/default/snmpd + # Perform other man pages fixups. + bash ./debian/fixman + ## Copy the autoconf files. + #mkdir -p debian/tmp/usr/share/aclocal + #cp net-snmp.m4 debian/tmp/usr/share/aclocal + + # Fix all .la files + (cd $(CURDIR)/debian/tmp/usr/lib; \ + for i in *.la ; do \ + sed -e "s#libdir=.*#libdir='/usr/lib'#" < $$i >$$i.new && \ + mv $$i.new $$i ; \ + done ) + + # make lintian happy + mkdir -p debian/tmp/usr/share/lintian/overrides + cp debian/snmpd.lintian-overrides debian/tmp/usr/share/lintian/overrides/snmpd + + dh_movefiles + + touch install-stamp + +# Build architecture-independent files here. +binary-indep: build install + dh_testdir -i + dh_testroot -i + dh_installdocs -i + dh_installexamples -i + #dh_installmenu -i + #dh_installemacsen -i + #dh_installpam -i + #dh_installinit -i + #dh_installcron -i + dh_installman -i + #dh_installinfo -i + dh_installchangelogs -i -k ChangeLog + #dh_link -i + dh_compress -i + dh_fixperms -i + # You may want to make some executables suid here. + #dh_suidregister -i + dh_installdeb -i + dh_perl -i + dh_gencontrol -i + dh_md5sums -i + dh_builddeb -i + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir -a + dh_testroot -a + dh_installdocs -a + for f in libsnmp$(v)-dev ; do \ + rm -rf debian/$$f/usr/share/doc/$$f ; \ + ln -sf libsnmp$(v) debian/$$f/usr/share/doc/$$f ; \ + done + #dh_installexamples -a + dh_installexamples -plibsnmp-perl $(shell ls -d perl/SNMP/examples/* | grep -v SCCS) + #dh_installmenu -a + #dh_installemacsen -a + #dh_installpam -a + dh_installinit -a + #dh_installcron -a + dh_installman -a + #dh_installinfo -a + #dh_installchangelogs -a + dh_installchangelogs -plibsnmp$(v) -k ChangeLog + dh_installchangelogs -plibsnmp-perl -k ChangeLog + dh_installchangelogs -psnmp -k ChangeLog + dh_installchangelogs -psnmpd -k ChangeLog + dh_strip -a + #dh_link -a + dh_compress -a + dh_fixperms -a + chmod 600 debian/snmpd/etc/snmp/snmp*d.conf + # You may want to make some executables suid here. + #dh_suidregister -a + dh_installdeb -a + #dh_makeshlibs -a + dh_makeshlibs -plibsnmp$(v) -V "libsnmp$(v) (>= $(vv))" + dh_makeshlibs -plibsnmp-perl + dh_perl -a + dh_shlibdeps -a -ldebian/libsnmp$(v)/usr/lib -Llibsnmp$(v) + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- net-snmp-5.2.1.2.orig/debian/tkmib.files +++ net-snmp-5.2.1.2/debian/tkmib.files @@ -0,0 +1 @@ +usr/bin/tkmib --- net-snmp-5.2.1.2.orig/debian/control +++ net-snmp-5.2.1.2/debian/control @@ -0,0 +1,100 @@ +Source: net-snmp +Section: net +Priority: optional +Maintainer: Jochen Friedrich +Build-Depends: debhelper (>=4.0), libtool, libwrap0-dev, libssl-dev (>> 0.9.8), perl (>=5.8), autoconf, automake, debianutils (>=1.13.1), bash (>=2.05), findutils (>=4.1.20) +Standards-Version: 3.6.2 + +Package: snmpd +Section: net +Priority: optional +Architecture: any +Conflicts: snmp (<<3.6-3), snmptraplogd +Replaces: snmptraplogd +Depends: ${shlibs:Depends} +Description: NET SNMP (Simple Network Management Protocol) Agents + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP agent is a daemon which listens for + incoming SNMP requests from clients and provides responses. + +Package: snmp +Section: net +Priority: optional +Architecture: any +Recommends: perl-modules +Depends: ${shlibs:Depends} +Description: NET SNMP (Simple Network Management Protocol) Apps + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP applications are a collection of command + line clients for issuing SNMP requests to agents. + +Package: libsnmp-base +Section: libs +Priority: optional +Architecture: all +Replaces: snmp (<=3.6.2-3), libsnmp, zebra, zebra-pj, quagga +Provides: libsnmp +Conflicts: libsnmp +Depends: +Description: NET SNMP (Simple Network Management Protocol) MIBs and Docs + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. This package includes the MIBs (Management Information + Bases) and documentation for the the SNMP libraries, agents and + applications. MIBs contain a formal description of the data that can + be managed using SNMP. They are used by NET SNMP libraries, agents + and applications. + +Package: libsnmp9 +Section: libs +Priority: optional +Architecture: any +Replaces: snmp (<=3.6.2-3), snmpd (<=4.1.2-1) +Depends: libsnmp-base (>=${Source-Version}), ${shlibs:Depends} +Description: NET SNMP (Simple Network Management Protocol) Library + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP library contains common functions for the + construction, sending, receiving, decoding, and manipulation of the + SNMP requests and responses. + +Package: libsnmp9-dev +Section: libdevel +Priority: optional +Architecture: any +Replaces: libsnmp-dev, libsnmp-perl (<<${Source-Version}) +Provides: libsnmp-dev +Conflicts: libsnmp-dev, libsnmp5-dev +Depends: libc6-dev, libsnmp9 (=${Source-Version}), libsnmp-perl (=${Source-Version}), libwrap0-dev, libssl-dev +Description: NET SNMP (Simple Network Management Protocol) Development Files + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP development files include the library + headers, static libraries, and documentation needed for development + of custom SNMP applications. + +Package: libsnmp-perl +Section: perl +Priority: optional +Architecture: any +Depends: ${perl:Depends}, libsnmp9 (=${Source-Version}) +Description: NET SNMP (Simple Network Management Protocol) Perl5 Support + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP perl5 support files provide the perl + functions for integration of SNMP into applications, written in perl. + +Package: tkmib +Section: net +Priority: optional +Architecture: all +Depends: libsnmp-perl (>=${Source-Version}), perl-tk +Description: NET SNMP (Simple Network Management Protocol) MIB Browser + The Simple Network Management Protocol (SNMP) provides a framework + for the exchange of management information between agents (servers) + and clients. The NET SNMP MIB (Management Information Base) Browser + provides a graphical frontend for the NET SNMP tools. It can be used + to browse the MIB tree and interactively send requests to SNMP agents. + --- net-snmp-5.2.1.2.orig/debian/libsnmp-base.prerm +++ net-snmp-5.2.1.2/debian/libsnmp-base.prerm @@ -0,0 +1,9 @@ +#! /bin/sh + +set -e + +rm -f /usr/share/snmp/mibs/.index + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/fixman +++ net-snmp-5.2.1.2/debian/fixman @@ -0,0 +1,59 @@ +#!/bin/bash + +# This script fixes up various problems with the man pages. + +# Create the symlinks for multiple and alternative names when they are +# described in a single man page. + +sections="1 3 5 8" +#echo "sections = $sections" + +for s in $sections; do + files=$(grep -rl '^\.SH NAME' debian/tmp/usr/share/man/man$s | \ + grep -v '/netsnmp_') + #echo "files = $files" + + for f in $files; do + if [[ ! -f $f ]]; then + continue + fi + + f2=$(basename $f .$s) + commands=$(sed -e '/^\.SH NAME/,/^\./p' -e d $f | + sed -e '/^\./d' -e 's/,/ /g' -e 's/\\\?-.*$//') + #echo "$f2 commands = $commands" + + for c in $commands; do + c2=$(basename $c) + if [[ $c2 != $f2 ]]; then + #echo ln -sf $f2.$s debian/tmp/usr/share/man/man$s/$c2.$s + ln -sf $f2.$s debian/tmp/usr/share/man/man$s/$c2.$s + fi + done + done +done + +# Rename the pages to avoid possible conflicts with other packages. + +mv debian/tmp/usr/share/man/man3/SNMP.3 debian/tmp/usr/share/man/man3/SNMP.3pm + +sections="3 5" +#echo "sections = $sections" + +for s in $sections; do + files=debian/tmp/usr/share/man/man$s/*.$s + #echo "files = $files" + + for f in $files; do + if [[ -L $f ]]; then + l=$(readlink $f) + #echo ln -sf ${l}snmp ${f}snmp + ln -sf ${l}snmp ${f}snmp + rm -f $f + else + #echo mv $f ${f}snmp + sed -e "s/^\(\.TH \"[^\"]*\"\|\.TH [^\"][^ ]*\) *${s}/\1 ${s}snmp/" < $f > ${f}snmp + rm -f $f + fi + done +done --- net-snmp-5.2.1.2.orig/debian/changelog +++ net-snmp-5.2.1.2/debian/changelog @@ -0,0 +1,822 @@ +net-snmp (5.2.1.2-4ubuntu2.3) dapper-security; urgency=low + + * SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets. + - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde. + * SECURITY UPDATE: arbitrary code execution via buffer overflow. + - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich. + * SECURITY UPDATE: denial of service via number of getbulk responses. + - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich. + + -- Kees Cook Tue, 18 Nov 2008 13:20:22 -0800 + +net-snmp (5.2.1.2-4ubuntu2.2) dapper-security; urgency=low + + * SECURITY UPDATE: CVE-2007-5846 (LP: #164007) + The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to + cause a denial of service (CPU and memory consumption) via a GETBULK request + with a large max-repeaters value. + * debian/patches/50_CVE-2007-5846.patch, + debian/patches/50_CVE-2007-5846.README: + Applied patch from upstream and explanation + (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 ) + * References: + CVE-2007-5846 + + -- Stephan Hermann Wed, 21 Nov 2007 11:28:43 +0100 + +net-snmp (5.2.1.2-4ubuntu2.1) dapper-security; urgency=low + + * SECURITY UPDATE: denial of service via crafted TCP session. + * Add 14_snmpapi_crash.patch: upstream fixes. + * References + CVE-2005-4837 + + -- Kees Cook Thu, 19 Apr 2007 11:58:52 -0700 + +net-snmp (5.2.1.2-4ubuntu2) dapper; urgency=low + + * Merge the setup of the snmp user from the Debian packaging, which uses + /var/lib/snmp for the user's home, not /home/snmp (launchpad.net/33377) + * Migrate the snmp user's passwd entry from the old home dir to the new. + + -- Adam Conrad Tue, 4 Apr 2006 20:16:30 +1000 + +net-snmp (5.2.1.2-4ubuntu1) dapper; urgency=low + + * Resynchronise with Debian. + + -- Fabio M. Di Nitto Fri, 25 Nov 2005 14:17:40 +0100 + +net-snmp (5.2.1.2-4) unstable; urgency=low + + * Version builddep on libssl-dev and rebuild, for openssl transition + Closes: #334010 Thanks to Henrique de Moraes Holschuh . + + -- Jochen Friedrich Sat, 15 Oct 2005 09:24:26 +0200 + +net-snmp (5.2.1.2-3) unstable; urgency=low + + * Apply official library-version-update-5.2.1.2.patch to clean up the + version mess (Closes: #322500) + * Replace error_snmp6.patch by upstream systemstats-snmp6.patch + * Added upstream inetNetToMedia-01.patch (Closes: #323038) + * Added ipaddress_linux.c-in_len-out_len-type.patch from + Julien BLACHE (Closes: #321713) + + -- Jochen Friedrich Mon, 5 Sep 2005 21:19:30 +0200 + +net-snmp (5.2.1.2-2) unstable; urgency=low + + * Don't print error message if ipv6 module is not loaded. (Closes: #319741) + * Added conflicts against all packages using libsnmp5 due to upstream + changing the binary API without increasing SONAME. See: #322500 + + -- Jochen Friedrich Thu, 28 Jul 2005 20:19:09 +0200 + +net-snmp (5.2.1.2-1) unstable; urgency=low + + * New upstream release (Closes: #293902). Contains fix for CAN-2005-2177 + * Acknowledge NMU (Closes: #302195, #302386). Many thanks to + Henrique de Moraes Holschuh for his quick action! + * Including ucd-snmp/diskio (Closes: #264938) + * Don't relink libraries (Closes: #243870) + * Link against libsensors on all archs again (Closes: 304103) + * Include fixproc (Closes: #310692) + * Updated standards version to 3.6.2 + * Change to patch based build system (Closes: #292412) + * Updated GNOME-SMI.txt + + -- Jochen Friedrich Wed, 20 Jul 2005 21:47:32 +0200 + +net-snmp (5.1.2-6.1ubuntu2) breezy; urgency=low + + * SECURITY UPDATE: Fix remote Denial of Service. + * snmplib/snmp_api.c: Free the correct buffer when a stream-based connection + (like TCP) terminates. + * References: + CAN-2005-2177 + http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694 + + -- Martin Pitt Thu, 29 Sep 2005 15:25:30 +0200 + +net-snmp (5.1.2-6.1ubuntu1) breezy; urgency=low + + * Resynchronise with Debian. + * Prevent snmpd from (failing at) writing its nearly-useless persistent + state file on shutdown and littering syslog with errors (#8765) + + -- Adam Conrad Thu, 14 Apr 2005 22:48:31 -0600 + +net-snmp (5.1.2-6.1) unstable; urgency=emergency + + * NMU (with permission from maintainer) + * debian/rules: clean up libdir in all .la files installed to + /usr/lib, so as to avoid breaking all libtool builds (closes: #302195). + + -- Henrique de Moraes Holschuh Thu, 31 Mar 2005 12:14:11 -0300 + +net-snmp (5.1.2-6ubuntu2) hoary; urgency=low + + * Apply safe-but-hackish patch by Henrique de Moraes Holschuh to + fix the libdir in libsnmp5-dev's .la files (Ubuntu bug #8393) + + -- Adam Conrad Thu, 31 Mar 2005 04:21:37 +0000 + +net-snmp (5.1.2-6ubuntu1) hoary; urgency=low + + * Resync with Debian. + + -- Daniel Stone Wed, 3 Nov 2004 08:53:22 +0100 + +net-snmp (5.1.2-6) unstable; urgency=medium + + * Backed out the unauthorized MIB changes. lm-sensors updates. + Closes: #274624, Downgrades: #249904 + * Fixed debian/fixman to not mangle the man pages (Closes: #273779). + * Fixed snmpset.1 man page. Thanks to + Nicolas François (nicolas.francois@centraliens.net + (Closes: #274431) + * Fix from CVS for v3 enginetime wrapping problem (Closes: #271543). + * Backed out patch to skip over interfaces without stats. + This might have an impact on #254571, #261701. Should be retested. + + -- Jochen Friedrich Fri, 1 Oct 2004 12:54:23 +0200 + +net-snmp (5.1.2-5) unstable; urgency=medium + + * Commented out remaining MemShared message + Thanks to Johan Thelmén (Really closes: #244721) + * New version of lm-sensors from upstream (Thanks to Mike Slifcak). + lm-sensors is now enabled again on i386. + Closes: #264442, #267691, #249839, #249904, 266270 + + -- Jochen Friedrich Thu, 23 Sep 2004 18:45:41 +0200 + +net-snmp (5.1.2-4) unstable; urgency=medium + + * Fix from CVS for scanning 64bit counters from /proc (Closes: #210364) + + -- Jochen Friedrich Fri, 27 Aug 2004 10:12:07 +0200 + +net-snmp (5.1.2-3) unstable; urgency=high + + * Fixed init script to not depend on defaults file (Closes: #267414) + + -- Jochen Friedrich Mon, 23 Aug 2004 17:27:47 +0200 + +net-snmp (5.1.2-2) unstable; urgency=medium + + * Disable lm-sensors support for i386 once again as it's not yet mature + enough for sarge: + - It seems to trash memory: (Downgrades: #264442) + - It doesn't work as expected: #249839, #249904 + - It is a likely candidate for memory leakage (at least it + looks like the result of sensors_get_label() is never freed) + + -- Jochen Friedrich Tue, 17 Aug 2004 00:11:58 +0200 + +net-snmp (5.1.2-1) unstable; urgency=low + + * New upstream release (Closes: #237890, #236326, #217306, #261624) + o Linux 2.6 improvements (Closes: #225253, #244721) + o Misc 64bit processor fixes. + o Misc perl build and install fixes. + o Minor improvements to snmpnetstat (IPv6 output) + o Minor improvements to snmpdelta (error reporting) + * snmp now recommends perl-modules (Closes: #261687) + * added watch file. + * fixed some lintian errors and warnings. + + -- Jochen Friedrich Tue, 10 Aug 2004 11:18:31 +0200 + +net-snmp (5.1.1-2ubuntu3) warty; urgency=low + + * snmpd.default: run as user 'snmp' by default, not root (Warty bug #1151) + * snmpd.postinst: + - create system user snmp + - removed superfluous version check which could have never been executed + * snmpd.postrm: + - delete user snmp on purge + - quoted comparison of $1 (it could be empty) + + -- Martin Pitt Mon, 13 Sep 2004 12:06:21 +0200 + +net-snmp (5.1.1-2ubuntu2) warty; urgency=low + + * don't read /etc/default/snmpd unless it exists. Closes: #267414 + + -- LaMont Jones Mon, 23 Aug 2004 10:34:26 -0600 + +net-snmp (5.1.1-2ubuntu1) warty; urgency=low + + * Disable lm-sensors support. (Closes: #696,#264442) + * Removed lm-sensors as Build-Dep. + + -- Fabio M. Di Nitto Tue, 17 Aug 2004 13:19:57 +0200 + +net-snmp (5.1.1-2) unstable; urgency=low + + * Fix dependency of lm-sensors + * Remove library circular dependency (Closes: #229132) + + -- Jochen Friedrich Fri, 9 Apr 2004 10:52:34 +0200 + +net-snmp (5.1.1-1) unstable; urgency=low + + * New upstream release (Closes: #232602, #238129) + o Improvements on 64 bit architectures. + o A few minor memory leaks fixed. + o An extremely large number of minor bug fixes. + o Many perl module specific bug fixes. + o snmpd will safely handle more signals. + * Enabled and fixed lm-sensors, this time for real. Thanks + to Christopher Price for the patch. + (Closes: #240502) + + -- Jochen Friedrich Tue, 6 Apr 2004 23:27:52 +0200 + +net-snmp (5.1-5) unstable; urgency=low + + * Enabled lm-sensors support again. + * Fixed libsnmp-base postinst -> postrm (Closes: #236405) + + -- Jochen Friedrich Sat, 13 Mar 2004 09:39:17 +0100 + +net-snmp (5.1-4) unstable; urgency=low + + * Really fixed libwrap inclusion in net-snmp-config.in + (Closes: #232396) + + -- Jochen Friedrich Mon, 23 Feb 2004 17:20:21 +0100 + +net-snmp (5.1-3) unstable; urgency=low + + * Applied patch from CVS to fix HOST-RESOURCES-MIB. (Closes: #232374) + * Applied patch from CVS to fix output of strings containing + CR or LF chars (bug 864367 on SF). (Closes: #218210) + * Applied patch from CVS to fix syslog output. + * Disabled lm-sensors support until kernel module issues are resolved. + + -- Jochen Friedrich Sat, 21 Feb 2004 00:29:06 +0100 + +net-snmp (5.1-2) unstable; urgency=low + + * Fix IPv6 MIB leaking file handles. Thanks to + for pointing out the patch at + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=85071. + (Closes: #159495) + * Fixed snmpd.defaults. Thanks to James Samuel + for the patch. (Closes: #232394) + * Fixed libwrap inclusion in net-snmp-config.in (Closes: #232396) + * Updated shlibs to match version 5.1 (Closes: #232422) + + -- Jochen Friedrich Thu, 12 Feb 2004 19:30:57 +0100 + +net-snmp (5.1-1) unstable; urgency=low + + * New upstream release (Closes: #224382) + * New maintainer (Closes: #230679) + * Bumped standards version to 3.6.1 + * Ack old NMUs (Closes: #182426, #186834, #183041) + * Updated GNOME-SMI.txt + * Removed duplicate conffiles + * Fixed description to make litian happy + + -- Jochen Friedrich Mon, 9 Feb 2004 23:38:57 +0100 + +net-snmp (5.0.9-3) unstable; urgency=low + + * Only support lm-sensors on i386 (closes: #216500). + + -- David Engel Wed, 19 Nov 2003 14:13:02 -0600 + +net-snmp (5.0.9-2) unstable; urgency=low + + * Fixed problem with libsnmp5 depending on itself. + * Make sure sysconfdir is defined (fixes bad path in manpages). + * Fixed problem overwriting MIBs (closes: #216034). + + -- David Engel Thu, 16 Oct 2003 14:09:38 -0500 + +net-snmp (5.0.9-1) unstable; urgency=low + + * New upstream version (closes: #214660) + - snmp.conf(5) man page is now corrected (closes: #185888). + - Incorrect behaviour of snmpd allowing to bypass the access + restrictions using snmpbulkget is corrected (closes: #205952). + * Updated the debian/copyright file. + * Changed to work with current libtool and autoconf (closes: $208380). + * Link libraries with complete dependencies (closes: #199166). + * Updated package descriptions (closes: #210122, closes: #210017, + closes: #209704, closes: #209857, closes: #209905, closes: #209839). + * Added manpages for net-snmp-config, snmpvacm, encode_keychange + (closes: #182996) and tkmib (closes: #130684) from Jurij Smakov + . + * Fixed mib2c to look for config files in the correct places. + * Enabled support for the lm-sensors MIB (closes: #204543). + * Use the process name instead of the command-line when matching + processes with proc config file directives (closes: #204542) from + Philippe Troin . + * Really enabled dlmod support (closes: #180639). + * Don't use obsolete SO_BSDCOMPAT sockopt (closes: #201853). + * Don't print SMUX passwords in log file (closes: #195622). + * Fixed typo in default snmpd.conf (closes: #185366). + * Don't include build paths in SNMP.so (closes: #184610). + * Added the BGP4, OSPF and RIPv2 MIBs. + * Ignore interfaces with no statistics (closes: #159321). + * Added the GNOME SMI (closes: #196340). + + -- David Engel Tue, 14 Oct 2003 18:12:36 -0500 + +net-snmp (5.0.8-1) unstable; urgency=low + + * New upstream version. + + -- David Engel Wed, 14 May 2003 17:02:42 -0500 + +net-snmp (5.0.7-1.1) unstable; urgency=low + + * NMU based on patches by Paul Hampson + * Add proper dependencies to libsnmp5-dev. Closes: #183041. + * Use updated libtool for mips/mipsel. Closes: #182426. + * Run debian/fixman.sh using bash. Closes: #186834. + + -- Daniel Schepler Sat, 26 Apr 2003 16:52:18 -0700 + +net-snmp (5.0.7-1) unstable; urgency=low + + * New upstream version (closes:177127, closes:154323, + closes:154322). + * Enabled dlmod support in snmpd (closes:180639). + * Use current config.guess and config.sub (closes:172501). + + -- David Engel Sun, 23 Feb 2003 23:01:45 -0600 + +net-snmp (5.0.6-1) unstable; urgency=low + + * New upstream version. + * Use autoconf2.13 (closes:157117, closes:162441, closes:162781). + * Commented out example proc, exec, disk and load statements in the + default snmpd.conf (closes:164028). Users can re-enable them if + desired. + * Added a note to README.Debian about the new snmpcmd command line + syntax regarding community strings (closes:160198). + + -- David Engel Wed, 23 Oct 2002 09:20:11 -0500 + +net-snmp (5.0.3-2) unstable; urgency=low + + * Rebuild with perl 5.8. + * Install additional UCD compatibility headers (closes: #156166). + + -- David Engel Sun, 1 Sep 2002 21:35:12 -0500 + +net-snmp (5.0.3-1) unstable; urgency=low + + * New upstream version. + * Linked libraries with libcrypto and libwrap to get proper + dependencies. Updated net-snmp-config accordingly + (closes: #155153). + * Included the UCD compatibility headers and library + (closes: #155133). + * Fixed bad snmpinform symlink (closes: #155196). + * Fixed mib2c to look in /etc/snmp for config files + (closes: #155157). + + -- David Engel Mon, 5 Aug 2002 21:01:27 -0500 + +net-snmp (5.0.2a-1) unstable; urgency=low + + * New upstream version (closes: #147761). + * Added missing -f in init script. + + -- David Engel Mon, 1 Jul 2002 21:36:08 -0500 + +ucd-snmp (4.2.5-1) unstable; urgency=low + + * New upstream version (closes:145289). + + -- David Engel Tue, 14 May 2002 19:31:02 -0500 + +ucd-snmp (4.2.4-2) unstable; urgency=low + + * Made libucdmibs depend on libwrap (closes:144521). + + -- David Engel Thu, 25 Apr 2002 15:27:40 -0500 + +ucd-snmp (4.2.4-1) unstable; urgency=low + + * New upstream version. + * Rebuilt with SSL since cryto can now go in main. + * Explicitly use bash for the fixman script (closes:133652). + * Don't use LD_RUN_PATH in perl/SNMP.so. + * Fixed parsing of "-p udp:" in snmpd (closes:141176). + + -- David Engel Tue, 23 Apr 2002 20:50:25 -0500 + +ucd-snmp (4.2.3-2) unstable; urgency=high + + * Fixed potential buffer overflow in snmpnetstat (close:129243). + * Updated upstream URL in debian/copyright file (close:125669). + + -- David Engel Mon, 28 Jan 2002 21:24:59 -0600 + +ucd-snmp (4.2.3-1) unstable; urgency=low + + * New upstream version (closes:122331). + * Changed the snmpd syslog message when interface statistics are + not available from LOG_ERR to LOG_DEBUG (closes:121555). + * Added a note in README.Debian about changes to + ucd-snmp-includes.h (closes:121095). + + -- David Engel Sat, 8 Dec 2001 20:11:34 -0600 + +ucd-snmp (4.2.2-1) unstable; urgency=low + + * New upstream version (closes:111966, closes:112005, closes:112073, + closes:118795, closes:118848). + * Removed Build-Depends on essential sed package (closes:111212). + * Added the ucd-snmp.m4 autoconf file (closes:112078). + * Moved mib2c from libsnmp-perl to libsnmp4.2-dev (closes:112393). + * Remove /var/lib/snmp if libsnmp-base is purged (closes:113729). + * Fixed int/size_t errors in mib_api man page (closes:114478). + * Added a blurb in README.Debian about snmpconf (closes:115378). + * Enabled smux support. + * Moved the agentx socket from /var/agentx/master to /var/run/agents + for FHS compatibility (closes:120015). + + -- David Engel Mon, 19 Nov 2001 13:33:59 -0600 + +ucd-snmp (4.2.1-6) testing unstable; urgency=high + + * Fixed LD_LIBRARY_PATH build problem when running under fakeroot + (closes:107565, closes:104044). + * Applied ucd-snmp-4.2.1-security*.patch from Caldera to fix potential + buffer overflow, temp file race and group permission problems + (closes:109345, closes:109733). + * Documented the -s option in the snmpd manpage (closes:109639). + * Changed the FAQ to reference /usr and /etc instead of /usr/lcoal + (closes:107758). + * Removed duplicate build dependency on libtool (closes:107476). + Changed build dependency from perl5 to perl (>=5.6) (closes:107575). + * Fixed minor typo in snmpd manpage (closes:106326). + * Added symlinks for missing man pages (closes:99614) and renamed + section 3 and 5 man pages to *.[35]snmp to aboid possible conflicts + with other packages. + * Applied ucd-snmp-4.2-ia64.patch from RedHat to properly set the return + length of IP addresses on 64-bit architectures. + + -- David Engel Sun, 2 Sep 2001 22:47:30 -0500 + +ucd-snmp (4.2.1-5) unstable; urgency=low + + * Rebuilt without SSL (closes:98306, closes:102429). Will look + into doing a non-US version with SSL. + + -- David Engel Sat, 7 Jul 2001 20:53:16 -0500 + +ucd-snmp (4.2.1-4) unstable; urgency=low + + * Fixed bug uncovered by libtool upgrade which caused snmpd + not to build (closes:97965). + + -- David Engel Fri, 18 May 2001 20:49:14 -0500 + +ucd-snmp (4.2.1-3) unstable; urgency=low + + * Installed the libsnmp-perl module into the perl vendor + directory (closes:95530). + * Updated the description of the libsnmp-base package + (closes:97170). + * Upgraded to libtool 1.4 (closes:97660). + + -- David Engel Thu, 17 May 2001 20:16:17 -0500 + +ucd-snmp (4.2.1-2) unstable; urgency=low + + * Enabled SSL support. + * Included the agent libraries in the -dev package to allow + for building agent extensions. + + -- David Engel Tue, 15 May 2001 20:15:56 -0500 + +ucd-snmp (4.2.1-1) unstable; urgency=low + + * New upstream version. + * Gave up and added autoconf and libtool to Build-Depends: + (closes:92103). + * Fixed mib2c to use /etc/snmp instead of /usr/share/snmp. + + -- David Engel Wed, 11 Apr 2001 23:39:52 -0500 + +ucd-snmp (4.2-7) unstable; urgency=low + + * Fixed long standing bug where mibs were not processed if the + .index file was not present (closes: 89597). + * Fixed starting of snmptrapd to be controlled by TRAPDRUN like + it was intended and documented (closes: 90621). + + -- David Engel Sun, 25 Mar 2001 17:51:09 -0600 + +ucd-snmp (4.2-6) unstable; urgency=low + + * Avoid rerunning autoconf/header (Bug#89033). + + -- David Engel Sun, 11 Mar 2001 17:08:41 -0600 + +ucd-snmp (4.2-5) unstable; urgency=low + + * Fixed IBM S/390 build (Bug#88559). + + -- David Engel Tue, 6 Mar 2001 19:56:11 -0600 + +ucd-snmp (4.2-4) unstable; urgency=low + + * Fixed build installs into the live filesystem (Bug#87015). + + -- David Engel Sun, 25 Feb 2001 22:12:21 -0600 + +ucd-snmp (4.2-3) unstable; urgency=low + + * Removed the Pre-Depends for snmpd since it didn't fix the + problem I was trying to solve (Bug#85573). + + -- David Engel Tue, 20 Feb 2001 20:08:41 -0600 + +ucd-snmp (4.2-2) unstable; urgency=low + + * Created new libsnmp-base package to allow future libsnmpX.Y + packages to coexist (Bug#31253). + * Added a slight delay after stopping the daemons to let them + completely exit before restarting them (Bug#84696). + * Added a /etc/default/snmpd file to control daemon activity. + * Hopefully fixed strange error starting snmpd (Bug#58411). + * Changed package priorities to optional to match the overrides + file. + * Added tkmib and libsnmp-perl packages (Bug#78942). + + -- David Engel Sun, 4 Feb 2001 13:27:26 -0600 + +ucd-snmp (4.2-1) unstable; urgency=low + + * New upstream version (Bug#82876). + * Enabled ipv6 support (Bug#82879). + * Updated to packaging standard 3.2.1 (Bug#82878). + * Added BRIDGE- and SOURCE-ROUTING-MIBs (Bug#62696). + + -- David Engel Sun, 21 Jan 2001 12:52:02 -0600 + +ucd-snmp (4.1.2-2) unstable; urgency=low + + * Added real counter objects to the IPFWCHAINS MIB (George Bonser). + * Don't resolve addresses to names in the IPFWCHAINS MIB (George + Bonser). + * Update the IPFWCHAINS MIB information properly. + * Use /dev/null as logfile to force closing of std* (Bug#71959, + Bug#66898). + * Added a README.Debian file describing issues that are specific + to Debian (Bug#70421, Bug#66477). + + -- David Engel Sun, 19 Nov 2000 21:39:38 -0600 + +ucd-snmp (4.1.2-1) unstable; urgency=low + + * New upstream version. + * Fixed segfault in snmpd on processes with long command lines + (Bug#64333). + + -- David Engel Mon, 22 May 2000 20:06:48 -0500 + +ucd-snmp (4.1.1-3) unstable; urgency=low + + * Added the ipfwchains MIB module (Bug#63252). + + -- David Engel Sat, 29 Apr 2000 21:36:34 -0500 + +ucd-snmp (4.1.1-2) frozen unstable; urgency=low + + * Fixed incorrect .so directives in man3 pages which caused + several error messages from man_db. + + -- David Engel Sat, 8 Apr 2000 11:48:23 -0500 + +ucd-snmp (4.1.1-1) frozen unstable; urgency=low + + * New upstream version (Bug#60427). + * Fixed memory leaks in snmpd (Bug#49809). + * Installed snmpv3.h (Bug#60594). + * Turned on syslog logging in snmpd (Bug#60611). + + -- David Engel Sat, 25 Mar 2000 20:45:07 -0600 + +ucd-snmp (4.0.1-9) frozen unstable; urgency=low + + * Fixed more serious build problems (Bug#60381). + + -- David Engel Tue, 14 Mar 2000 21:34:36 -0600 + +ucd-snmp (4.0.1-8) frozen unstable; urgency=low + + * Removed execute permission from header files. (Bug#60369). + + -- David Engel Tue, 14 Mar 2000 11:30:41 -0600 + +ucd-snmp (4.0.1-7) frozen unstable; urgency=low + + * Backported important fixes from 4.1-1 to get into frozen. + * Removed hidden snmpd dependency on rpm (Bug#56471). + * Removed bad paths in snmpd (Bug#56498). + * Fixed segfault in snmpdelta (Bug#57486). + + -- David Engel Sun, 13 Feb 2000 12:52:53 -0600 + +ucd-snmp (4.0.1-6) frozen unstable; urgency=low + + * Issue a warning about retoring the default snmpd configuration + when upgrading from the older, incompatible version (Bug#55883). + + -- David Engel Sat, 22 Jan 2000 20:45:26 -0600 + +ucd-snmp (4.0.1-5) unstable; urgency=low + + * Install EXAMPLE.conf (Bug#51584). + + -- David Engel Thu, 2 Dec 1999 19:55:00 -0600 + +ucd-snmp (4.0.1-4) unstable; urgency=low + + * Change persistent directory to /var/lib/snmp (Bug#48151). + * Used LCD_TIME_SYNC_OPT. + + -- David Engel Mon, 25 Oct 1999 11:29:17 -0500 + +ucd-snmp (4.0.1-3) unstable; urgency=low + + * Removed snmpcheck, at least for now (Bug#44373). + * Fixed shlibs file (Bug#45577). + * Fixed build problems (Bug#45758). + * Use FHS /usr/share/{doc,man}. + + -- David Engel Mon, 27 Sep 1999 20:50:55 -0500 + +ucd-snmp (4.0.1-2) unstable; urgency=low + + * Fixed parse error in the default snmpd.conf file. + * Rebuilt with shared libwrap. + + -- David Engel Fri, 27 Aug 1999 20:59:19 -0500 + +ucd-snmp (4.0.1-1) unstable; urgency=low + + * New upstream version. + * Switched back to normal soname since it no longer conflicts with + the old one. + + -- David Engel Wed, 25 Aug 1999 20:26:03 -0500 + +ucd-snmp (3.6.2-8) unstable; urgency=low + + * Removed execute bit from MIB files (Bug#43300). + * Partially reverted previous interface fixes for 2.0 kernels. + + -- David Engel Sat, 21 Aug 1999 23:08:26 -0500 + +ucd-snmp (3.6.2-7) unstable; urgency=low + + * Fixed incompete arg checking (Bug#43126). + * Fixed ASN.1 length parsing on alpha (William Brioschi). + + -- David Engel Wed, 18 Aug 1999 09:58:40 -0500 + +ucd-snmp (3.6.2-6) unstable; urgency=low + + * Re-did some previous fixes properly. + + -- David Engel Fri, 13 Aug 1999 10:43:20 -0500 + +ucd-snmp (3.6.2-5) unstable; urgency=low + + * Fixed more interface calculation errors. + + -- David Engel Thu, 12 Aug 1999 20:27:39 -0500 + +ucd-snmp (3.6.2-4) unstable; urgency=low + + * Fixed the calculation of if{In,Out}Octets under Linux 2.2. + * Moved the .5 manpages to the libucdsnmp package (Bug#42759 and + Bug#42765). + * Started the snmptrapd daemon to replace the old snmptraplogd + package functionality (Bug#42792). + + -- David Engel Tue, 10 Aug 1999 19:37:28 -0500 + +ucd-snmp (3.6.2-3) unstable; urgency=low + + * Applied upstream patches 3, 4, 9 and 10. + + -- David Engel Fri, 6 Aug 1999 21:59:43 -0500 + +ucd-snmp (3.6.2-2) unstable; urgency=low + + * Don't use --disable-debugging. + * Fix calculation of ifNumber as interfaces are added and removed + (Bug#42452). + * Don't process packets in snmpd when recvfrom returns an error + (Bug#42465). + + -- David Engel Thu, 5 Aug 1999 20:33:28 -0500 + +ucd-snmp (3.6.2-1) unstable; urgency=low + + * Switched to UCD SNMP. + * Use debhelper. + + -- David Engel Sat, 24 Jul 1999 20:33:10 -0500 + +snmp (3.6-3) unstable; urgency=low + + * Split the snmpd agent into a separate package so the apps can + be installed without it (Bug#37560). + * Reduced the amount of information reported by the snmpd agent + by default (Bug#37169). + + -- David Engel Wed, 19 May 1999 21:50:33 -0500 + +snmp (3.6-2) unstable; urgency=low + + * Include libsnmp.a (Bug#34826). + * Change CWD to / before starting snmpd (Bug#35977). + + -- David Engel Tue, 27 Apr 1999 12:01:30 -0500 + +snmp (3.6-1) frozen unstable; urgency=low + + * New upstream version (mainly bug fixes). + + -- David Engel Fri, 27 Nov 1998 21:59:51 -0600 + +snmp (3.5-4) unstable; urgency=low + + * Install mib.h header file (Bug#25777). + + -- David Engel Wed, 19 Aug 1998 20:48:44 -0500 + +snmp (3.5-3) frozen unstable; urgency=low + + * Check for the existence of the rc script before running it + in the prerm script (Bug#21565). + + -- David Engel Mon, 11 May 1998 15:44:17 -0500 + +snmp (3.5-2) unstable; urgency=low + + * Remove old /usr/doc/snmp directory in preinst. Is is now a + symlink to /usr/doc/libsnmp3.5. + * Fixed MIB parsing bug (Bug#19225). + + -- David Engel Sat, 14 Mar 1998 14:24:50 -0600 + +snmp (3.5-1) unstable; urgency=low + + * New upstream version. + * Add libsnmp3.5 and libsnmp3.5-dev packages (Bug#16557). + * Explicitly link libsnmp.so.* with -lc (Bug#18315). + * Add restart|reload|force-reload support to init.d script + (Bug#17118). + + -- David Engel Wed, 18 Feb 1998 12:00:00 -0500 + +snmp (3.4-2) unstable; urgency=low + + * Enable full dumping of debug packets. + * Change /etc/snmpd.conf to mode 600. + + -- David Engel Mon, 8 Dec 1997 13:43:41 -0600 + +snmp (3.4-1) unstable; urgency=low + + * Updated to new upstream version. + * Fixes Bug#9855, Bug#11161 and Bug#11688. + + -- David Engel Thu, 7 Aug 1997 16:44:00 -0500 + +snmp (3.3-2) unstable; urgency=low + + * Built with libc6. + * Updated init.d script messages to current standards. + + -- David Engel Tue, 13 May 1997 20:40:37 -0500 + +snmp (3.3-1) unstable; urgency=low + + * Updated to new upstream version. + + -- David Engel Mon, 31 Mar 1997 19:13:44 -0600 + +snmp (3.2-2) unstable; urgency=low + + * Converted to new packaging standards. + * Removed development files. They may be reappear in a + -dev package sometime in the future. + + -- David Engel Wed, 19 Feb 1997 20:53:07 -0600 --- net-snmp-5.2.1.2.orig/debian/snmp.manpages +++ net-snmp-5.2.1.2/debian/snmp.manpages @@ -0,0 +1,5 @@ +debian/manpages/encode_keychange.1 +debian/manpages/snmpvacm.1 +debian/manpages/fixproc.1 +debian/manpages/mib2c-update.1 +debian/manpages/traptoemail.1 --- net-snmp-5.2.1.2.orig/debian/snmpd.postrm +++ net-snmp-5.2.1.2/debian/snmpd.postrm @@ -0,0 +1,16 @@ +#! /bin/sh + +set -e + +if [ "$1" = purge ]; then + rm -f /var/lib/snmp/snmpd.conf* + rm -f /var/lib/snmp/snmptrapd.conf* + rm -f /var/run/agentx + rm -f /var/run/snmpd.pid + rm -f /var/run/snmptrapd.pid + deluser --quiet --system snmp +fi + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/copyright +++ net-snmp-5.2.1.2/debian/copyright @@ -0,0 +1,156 @@ +This is the Debian GNU/Linux prepackaged version of snmp. + +This package was put together by David Engel , from +sources obtained from http://net-snmp.sourceforge.net/. + +Copyright: + +Various copyrights apply to this package, listed in 4 separate parts +below. Please make sure that you read all the parts. Up until 2001, +the project was based at UC Davis, and the first part covers all code +written during this time. From 2001 onwards, the project has been +based at SourceForge, and Networks Associates Technology, Inc hold the +copyright on behalf of the wider Net-SNMP community, covering all +derivative work done since then. An additional copyright section has +been added as Part 3 below also under a BSD license for the work +contributed by Cambridge Broadband Ltd. to the project since 2001. +An additional copyright section has been added as Part 4 below also +under a BSD license for the work contributed by Sun Microsystems, Inc. +to the project since 2003. + +Code has been contributed to this project by many people over +the years it has been in development, and a full list of contributors +can be found in the README file under the THANKS section. + + +---- Part 1: CMU/UCD copyright notice: (BSD like) ----- + + + Copyright 1989, 1991, 1992 by Carnegie Mellon University + + Derivative Work - 1996, 1998-2000 +Copyright 1996, 1998-2000 The Regents of the University of California + + All Rights Reserved + +Permission to use, copy, modify and distribute this software and its +documentation for any purpose and without fee is hereby granted, +provided that the above copyright notice appears in all copies and +that both that copyright notice and this permission notice appear in +supporting documentation, and that the name of CMU and The Regents of +the University of California not be used in advertising or publicity +pertaining to distribution of the software without specific written +permission. + +CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL +WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CMU OR +THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL, +INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING +FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF +CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + +---- Part 2: Networks Associates Technology, Inc copyright notice (BSD) ----- + +Copyright (c) 2001-2003, Networks Associates Technology, Inc +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +* Neither the name of the Networks Associates Technology, Inc nor the + names of its contributors may be used to endorse or promote + products derived from this software without specific prior written + permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS +IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +---- Part 3: Cambridge Broadband Ltd. copyright notice (BSD) ----- + +Portions of this code are copyright (c) 2001-2003, Cambridge Broadband Ltd. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +* The name of Cambridge Broadband Ltd. may not be used to endorse or + promote products derived from this software without specific prior + written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY +EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +---- Part 4: Sun Microsystems, Inc. copyright notice (BSD) ----- + +Copyright © 2003 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, +California 95054, U.S.A. All rights reserved. + +Use is subject to license terms below. + +This distribution may include materials developed by third parties. + +Sun, Sun Microsystems, the Sun logo and Solaris are trademarks or registered +trademarks of Sun Microsystems, Inc. in the U.S. and other countries. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +* Neither the name of the Sun Microsystems, Inc. nor the + names of its contributors may be used to endorse or promote + products derived from this software without specific prior written + permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS +IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --- net-snmp-5.2.1.2.orig/debian/libsnmp-perl.docs +++ net-snmp-5.2.1.2/debian/libsnmp-perl.docs @@ -0,0 +1 @@ +perl/SNMP/README --- net-snmp-5.2.1.2.orig/debian/snmpd.default +++ net-snmp-5.2.1.2/debian/snmpd.default @@ -0,0 +1,20 @@ +# This file controls the activity of snmpd and snmptrapd + +# MIB directories. /usr/share/snmp/mibs is the default, but +# including it here avoids some strange problems. +export MIBDIRS=/usr/share/snmp/mibs + +# snmpd control (yes means start daemon). +SNMPDRUN=yes + +# snmpd options (use syslog, close stdin/out/err). +SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -p /var/run/snmpd.pid' + +# snmptrapd control (yes means start daemon). As of net-snmp version +# 5.0, master agentx support must be enabled in snmpd before snmptrapd +# can be run. See snmpd.conf(5) for how to do this. +TRAPDRUN=no + +# snmptrapd options (use syslog). +TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid' + --- net-snmp-5.2.1.2.orig/debian/snmpd.init +++ net-snmp-5.2.1.2/debian/snmpd.init @@ -0,0 +1,67 @@ +#! /bin/sh +# /etc/init.d/snmpd: start snmp daemon. + +test -x /usr/sbin/snmpd || exit 0 +test -x /usr/sbin/snmptrapd || exit 0 + +# Defaults +export SNMP_PERSISTENT_FILE=/dev/null +export MIBDIRS=/usr/share/snmp/mibs +SNMPDRUN=yes +SNMPDOPTS='-Lsd -Lf /dev/null -p /var/run/snmpd.pid' +TRAPDRUN=no +TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid' + +# Reads config file (will override defaults above) +[ -r /etc/default/snmpd ] && . /etc/default/snmpd + +# Cd to / before starting any daemons. +cd / + +case "$1" in + start) + echo -n "Starting network management services:" + if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then + start-stop-daemon --quiet --start --exec /usr/sbin/snmpd \ + -- $SNMPDOPTS + echo -n " snmpd" + fi + if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then + start-stop-daemon --quiet --start --exec /usr/sbin/snmptrapd \ + -- $TRAPDOPTS + echo -n " snmptrapd" + fi + echo "." + ;; + stop) + echo -n "Stopping network management services:" + start-stop-daemon --quiet --stop --exec /usr/sbin/snmpd + echo -n " snmpd" + start-stop-daemon --quiet --stop --exec /usr/sbin/snmptrapd + echo -n " snmptrapd" + echo "." + ;; + restart|reload|force-reload) + echo -n "Restarting network management services:" + start-stop-daemon --quiet --stop --exec /usr/sbin/snmpd + start-stop-daemon --quiet --stop --exec /usr/sbin/snmptrapd + # Allow the daemons time to exit completely. + sleep 2 + if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then + start-stop-daemon --quiet --start --exec /usr/sbin/snmpd -- $SNMPDOPTS + echo -n " snmpd" + fi + if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then + # Allow snmpd time to start up. + sleep 1 + start-stop-daemon --quiet --start --exec /usr/sbin/snmptrapd -- $TRAPDOPTS + echo -n " snmptrapd" + fi + echo "." + ;; + *) + echo "Usage: /etc/init.d/snmpd {start|stop|restart|reload|force-reload}" + exit 1 +esac + +exit 0 --- net-snmp-5.2.1.2.orig/debian/simple-patchsys.mk +++ net-snmp-5.2.1.2/debian/simple-patchsys.mk @@ -0,0 +1,126 @@ +# -*- mode: makefile; coding: utf-8 -*- +# Copyright © 2002,2003 Colin Walters +# Description: A sample patch system which uses separate files in debian/patches +# Patch suffix is specified by DEB_PATCH_SUFFIX. Defaults to .patch. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +# 02111-1307 USA. + +ifndef _cdbs_bootstrap +_cdbs_scripts_path ?= /usr/lib/cdbs +_cdbs_rules_path ?= /usr/share/cdbs/1/rules +_cdbs_class_path ?= /usr/share/cdbs/1/class +endif + +ifndef _cdbs_rules_patchsys +_cdbs_rules_patchsys := 1 + +include $(_cdbs_rules_path)/buildcore.mk$(_cdbs_makefile_suffix) + +ifeq ($(_cdbs_included_patchsys),) +_cdbs_included_patchsys := 1 + +_cdbs_patch_system_apply_rule := apply-patches +_cdbs_patch_system_unapply_rule := reverse-patches + +ifeq ($(DEB_PATCH_SUFFIX),) +DEB_PATCH_SUFFIX = .patch +endif +ifeq ($(DEB_PATCHDIRS),) +DEB_PATCHDIRS = debian/patches +endif +DEB_PATCHES = $(foreach dir,$(DEB_PATCHDIRS),$(shell echo $(wildcard $(dir)/*$(DEB_PATCH_SUFFIX)) $(wildcard $(dir)/*.diff))) + +post-patches:: apply-patches + +clean:: reverse-patches + rm -f debian/stamp-patch* + rm -f debian/patches/*.log + +# The patch subsystem +apply-patches: pre-build debian/stamp-patched +debian/stamp-patched: $(DEB_PATCHES) +debian/stamp-patched reverse-patches: + @echo "patches: $(DEB_PATCHES)" + @set -e ; reverse=""; patches="$(DEB_PATCHES)"; \ + if [ "$@" = "reverse-patches" ]; then \ + if [ ! -e debian/stamp-patched ]; then \ + echo "Not reversing not applied patches."; \ + exit 0; \ + fi; \ + reverse="-R"; \ + for patch in $$patches; do reversepatches="$$patch $$reversepatches"; done; \ + patches="$$reversepatches"; \ + fi; \ + for patch in $$patches; do \ + case $$patch in \ + *.gz) cat=zcat ;; \ + *.bz2) cat=bzcat ;; \ + *) cat=cat ;; \ + esac; \ + level=$$(head $$patch | egrep '^#DPATCHLEVEL=' | cut -f 2 -d '='); \ + reverse=""; \ + if [ "$@" = "reverse-patches" ]; then reverse="-R"; fi; \ + success=""; \ + if [ -z "$$level" ]; then \ + echo -n "Trying "; if test -n "$$reverse"; then echo -n "reversed "; fi; echo -n "patch $$patch at level "; \ + for level in 0 1 2; do \ + if test -z "$$success"; then \ + echo -n "$$level..."; \ + if [ "$(DEB_PATCHDIRS_READONLY)" = "yes" ] ; then \ + logfile="/dev/null" ; \ + else \ + logfile="$$patch.level-$$level.log" ; \ + fi ; \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --dry-run -p$$level 1>$$logfile 2>&1; then \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --no-backup-if-mismatch -V never -p$$level 1>$$logfile 2>&1; then \ + success=yes; \ + touch debian/stamp-patch-$$(basename $$patch); \ + echo "success."; \ + fi; \ + fi; \ + fi; \ + done; \ + if test -z "$$success"; then \ + if test -z "$$reverse"; then \ + echo "failure."; \ + exit 1; \ + else \ + echo "failure (ignored)."; \ + fi \ + fi; \ + else \ + echo -n "Trying patch $$patch at level $$level..."; \ + echo -n "$$level..."; \ + if [ "$(DEB_PATCHDIRS_READONLY)" = "yes" ] ; then \ + logfile="/dev/null" ; \ + else \ + logfile="$$patch.log" ; \ + fi ; \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --no-backup-if-mismatch -V never -p$$level 1>$$logfile 2>&1; then \ + touch debian/stamp-patch-$$(basename $$patch); \ + echo "success."; \ + else \ + echo "failure:"; \ + cat $$logfile; \ + if test -z "$$reverse"; then exit 1; fi; \ + fi; \ + fi; \ + done + if [ "$@" = "debian/stamp-patched" ]; then touch debian/stamp-patched; fi + +endif + +endif --- net-snmp-5.2.1.2.orig/debian/libsnmp9.postinst +++ net-snmp-5.2.1.2/debian/libsnmp9.postinst @@ -0,0 +1,9 @@ +#! /bin/sh + +set -e + +ldconfig + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/libsnmp-base.postrm +++ net-snmp-5.2.1.2/debian/libsnmp-base.postrm @@ -0,0 +1,10 @@ +#! /bin/sh + +set -e + +# Remove /var/lib/snmp if being purged. +[ "$1" = purge ] && rm -fr /var/lib/snmp + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/manpages/encode_keychange.1 +++ net-snmp-5.2.1.2/debian/manpages/encode_keychange.1 @@ -0,0 +1,72 @@ +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. +.TH encode_keychange "1" "September 2003" "encode_keychange" +.SH NAME +encode_keychange - produce the KeyChange string for SNMPv3 +.SH SYNOPSIS +.B encode_keychange +-t md5|sha1 +[\fIOPTIONS\fR] +.SH DESCRIPTION +.B encode_keychange +produces a KeyChange string using the old and new passphrases +as described in Section 5 of RFC 2274 "User-based Security Model (USM) for +version 3 of the Simple Network Management Protocol (SNMPv3)". \fB-t\fR +option is mandatory and specifies the hash transform type to use. + +The transform is used to convert passphrase to master key for a given +user (Ku), convert master key to the localized key (Kul), and to hash the +old Kul with the random bits. + +Passphrases are obtained by examining a number of sources until success +(in order listed): +.IP +command line options (see +.B -N +and +.B -O +options below); +.IP +the file +.B $HOME/.snmp/passphrase.ek +which should only contain two lines with old and new passphrase; +.IP +standard input \fB\-or\-\fR user input from the terminal. +.PP + +.SH OPTIONS +.TP +\fB\-E\fR [0x]<\fIengineID\fR> EngineID used for Kul generation. +<\fIengineID\fR> is intepreted as a hex string when preceeded by 0x, +otherwise it is treated as a text string. If no <\fIengineID\fR> is +specified, it is constructed from the first IP address for the local +host. +.TP +\fB\-f\fR +Force passphrases to be read from standard input. +.TP +\fB\-h\fR +Display the help message. +.TP +\fB\-N\fR "<\fInew_passphrase\fR>" +Passphrase used to generate the new Ku. +.TP +\fB\-O\fR "<\fIold_passphrase\fR>" +Passphrase used to generate the old Ku. +.TP +\fB\-P\fR +Turn off the prompt for passphrases when getting data from standard input. +.TP +\fB\-v\fR +Be verbose. +.TP +\fB\-V\fR +Echo passphrases to terminal. +.PP + +.SH "SEE ALSO" +The localized key method is defined in RFC 2274, Sections 2.6 and A.2, and +originally documented in +.IP +U. Blumenthal, N. C. Hien, B. Wijnen, +"Key Derivation for Network Management Applications", +IEEE Network Magazine, April/May issue, 1997. --- net-snmp-5.2.1.2.orig/debian/manpages/tkmib.1 +++ net-snmp-5.2.1.2/debian/manpages/tkmib.1 @@ -0,0 +1,15 @@ +.TH tkmib "1" "September 2003" "tkmib" "User Commands" +.SH NAME +tkmib - an interactive graphical MIB browser for SNMP +.SH SYNOPSIS +.PP +.B tkmib +.SH DESCRIPTION +.PP +Simple Network Management Protocol (SNMP) provides a framework for +exchange of the management information between the agents (servers) +and clients. The Management Information Bases (MIBs) contain a formal +description of a set of network objects that can be managed using the +SNMP for a particular agent. \fBtkmib\fR is a graphical user interface +for browsing the MIBs. It is also capable of sending or retrieving the +SNMP management information to/from the remote agents interactively. --- net-snmp-5.2.1.2.orig/debian/manpages/fixproc.1 +++ net-snmp-5.2.1.2/debian/manpages/fixproc.1 @@ -0,0 +1,40 @@ +.TH fixproc "1" "July 2005" "fixproc" "User Commands" +.SH NAME +fixproc - Fixes a process by performing the specified action. +.SH SYNOPSIS +.PP +.B fixproc +[\fI\-min n\fR] +[\fI\-max n\fR] +[\fI\-check | \-kill | \-restart | \-exist | \-fix\fR] +proc \.\.\. +.SH DESCRIPTION +.PP +Fixes a process named "proc" by performing the specified action. The +actions can be check, kill, restart, exist, or fix. The action is specified +on the command line or is read from a default database, which describes +the default action to take for each process. The database format and +the meaning of each action are described below. +.SH OPTIONS +.TP +.B \-min n +minimum number of processes that should be running, defaults to 1 +.TP +.B \-max n +maximum number of processes that should be running, defaults to 1 +.TP +.B \-check +check process against database /local/etc/fixproc.conf. +.TP +.B \-kill +kill process, wait 5 seconds, kill -9 if still exist +.TP +.B \-restart +kill process, wait 5 seconds, kill -9 if still exist, then start again +.TP +.B \-exist +checks if proc exists in ps && (min <= num. of processes <= max) +.TP +.B \-fix +check process against database /local/etc/fixproc.conf. Perform defined +action, if check fails. --- net-snmp-5.2.1.2.orig/debian/manpages/net-snmp-config.1 +++ net-snmp-5.2.1.2/debian/manpages/net-snmp-config.1 @@ -0,0 +1,88 @@ +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. +.TH net-snmp-config "1" "September 2003" "net-snmp-config" "User Commands" +.SH NAME +net-snmp-config \- returns information about installed net-snmp libraries and binaries +.SH SYNOPSIS +.PP +.B net-snmp-config +[OPTIONS] +.SH DESCRIPTION +.PP +The \fInet-snmp-config\fP shell script is designed to retrieve the +configuration information about the libraries and binaries dealing with +the Simple Network Management Protocol (SNMP), built from the +.B net-snmp +source package. The information is particularily useful for +applications that need to link against the SNMP libraries and hence +must know about any other libraries that must be linked in as well. + +.SH OPTIONS +.TP +\fB\-\-version\fR +displays the net-snmp version number +.TP +\fB\-\-indent\-options\fR +displays the indent options from the Coding Style +.TP +\fB\-\-debug\-tokens\fR +displays a example command line to search to source +code for a list of available debug tokens +.PP +SNMP Setup commands: +.TP +\fB\-\-create\-snmpv3\-user\fR [-ro] [-a authpass] [-x privpass] [-X DES] +[-A MD5|SHA] [username] +.PP +These options produce the various compilation flags needed when +building external SNMP applications: +.TP +\fB\-\-base\-cflags\fR +lists additional compilation flags needed +for external applications (excludes \fB\-I\fR. and +extra developer warning flags, if any) +.TP +\fB\-\-cflags\fR +lists additional compilation flags needed +.TP +\fB\-\-libs\fR +lists libraries needed for building applications +.TP +\fB\-\-agent\-libs\fR +lists libraries needed for building subagents +.TP +\fB\-\-netsnmp\-libs\fR +lists netsnmp specific libraries +.TP +\fB\-\-external\-libs\fR +lists libraries needed by netsnmp libs +.TP +\fB\-\-netsnmp\-agent\-libs\fR +lists netsnmp specific agent libraries +.HP +\fB\-\-external\-agent\-libs\fR lists libraries needed by netsnmp libs +.PP +Automated subagent building (produces an OUTPUTNAME binary file): +[This feature has not been extensively tested, use at your own risk.] +.TP +\fB\-\-compile\-subagent\fR OUTPUTNAME [--norm] [--cflags flags] +[--ldflags flags] mibmodule1.c [...]] +.TP +\fB\-\-norm\fR +leave the generated .c file around to read. +.TP +\fB\-\-cflags\fR flags +extra cflags to use (e.g. \fB\-I\fR...). +.TP +\fB\-\-ldflags\fR flags +extra ld flags to use (e.g. \fB\-L\fR... \fB\-l\fR...). +.IP +Details on how the net-nsmp package was compiled: +.TP +\fB\-\-configure\-options\fR +Display original configure arguments +.TP +\fB\-\-snmpd\-module\-list\fR +Display the modules compiled into the agent +.TP +\fB\-\-prefix\fR +Display the installation prefix --- net-snmp-5.2.1.2.orig/debian/manpages/snmpvacm.1 +++ net-snmp-5.2.1.2/debian/manpages/snmpvacm.1 @@ -0,0 +1,34 @@ +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33. +.TH snmpvacm "1" "September 2003" "snmpvacm" "User Commands" +.SH NAME +snmpvacm - send SNMP requests to a network entity to change VACM database +.SH SYNOPSIS +.PP +.B snmpvacm +[\fICOMMON OPTIONS\fR] \fIAGENT\fR \fICOMMAND\fR +.SH DESCRIPTION +.PP +\fBsnmpvacm\fR is the Simple Network Management Protocol (SNMP) +application for sending SNMP requests to the network entity with the +intention of modifying the information stored in the View-based Access +Control Model (VACM) database. VACM is desribed in detail in RFC 2275 +"View-based Access Control Model (VACM) for the Simple Network +Management Protocol (SNMP)". For the common options supported by +\fBsnmpvacm\fR see the snmpcmd(1) man page. + +.SH COMMANDS +.TP +createAccess \fIGROUPNAME\fR [\fICONTEXTPREFIX\fR] \fISECURITYMODEL\fR \fISECURITYLEVEL\fR \fICONTEXTMATCH\fR \fIREADVIEWNAME\fR \fIWRITEVIEWNAME\fR \fINOTIFYVIEWNAME\fR +.TP +deleteAccess \fIGROUPNAME\fR [\fICONTEXTPREFIX\fR] \fISECURITYMODEL\fR \fISECURITYLEVEL\fR +.TP +createSec2Group \fIMODEL\fR \fISECURITYNAME\fR \fIGROUPNAME\fR +.TP +deleteSec2Group \fIMODEL\fR \fISECURITYNAME\fR +.TP +[-Ce] createView \fINAME\fR \fISUBTREE\fR \fIMASK\fR +.TP +deleteView \fINAME\fR \fISUBTREE\fR + +.SH SEE ALSO +snmpcmd(1), \fBACCESS CONTROL\fR section of snmpd.conf(5) --- net-snmp-5.2.1.2.orig/debian/manpages/mib2c-update.1 +++ net-snmp-5.2.1.2/debian/manpages/mib2c-update.1 @@ -0,0 +1,9 @@ +.TH mib2c-update "1" "July 2005" "mib2c-update" "User Commands" +.SH NAME +mib2c-update - script to merge custom code into updated mib2c code +.SH SYNOPSIS +.PP +.B mib2c-update +.SH DESCRIPTION +.PP +merges custom code into updated mib2c code --- net-snmp-5.2.1.2.orig/debian/manpages/traptoemail.1 +++ net-snmp-5.2.1.2/debian/manpages/traptoemail.1 @@ -0,0 +1,22 @@ +.TH traptoemail "1" "July 2005" "traptoemail" "User Commands" +.SH NAME +traptoemail - snmptrapd handler script to convert snmp traps into emails +.SH SYNOPSIS +.PP +.B traptoemail +[\fI\-f FROM\fR] +[\fI\-s SMTPSERVER\fR] +ADDRESSES +.SH DESCRIPTION +.PP +converts snmp traps into email messages. +.SH OPTIONS +.TP +.B \-f FROM +sender address, defaults to "root" +.TP +.B \-s SMTPSERVER +SMTP server, defaults to "localhost" +.TP +.B ADDRESSES +recipient addresses --- net-snmp-5.2.1.2.orig/debian/README.Debian +++ net-snmp-5.2.1.2/debian/README.Debian @@ -0,0 +1,26 @@ +Please note the following customizations of the Net-SNMP packages for +Debian. + +The default configuration for snmpd is rather paranoid for security +reasons. Edit /etc/snmp/snmpd.conf or run snmpconf to allow greater +access. + +The snmpconf program provides a simple, menu driven way of configuring +the snmp applications and daemons. + +You can individually control whether or not snmpd and snmpdtrap are +run by editing /etc/default/snmp. In addition, neither daemon will be +run if its config file /etc/snmp is removed. + +As of net-snmp version 5.0, master agentx support must be enabled in +snmpd before snmptrapd can be run. See snmpd.conf(5) for how to do +this. + +As of net-snmp version 5.0, the community string can no longer be +specified after the agent parameter on the command line. It must now +be specified with the -c option. Please see snmpcmd(1) for more +information. + +snmpd is built with TCP Wrappers. Make sure your /etc/hosts.allow and +/etc/hosts.deny files account for this. + --- net-snmp-5.2.1.2.orig/debian/libsnmp-perl.files +++ net-snmp-5.2.1.2/debian/libsnmp-perl.files @@ -0,0 +1,2 @@ +usr/lib/perl* +usr/share/perl* --- net-snmp-5.2.1.2.orig/debian/snmp.files +++ net-snmp-5.2.1.2/debian/snmp.files @@ -0,0 +1,7 @@ +usr/bin/snmp* +usr/bin/encode* +usr/bin/fixproc +usr/bin/traptoemail +usr/bin/mib2c-update +usr/share/man/man1/snmp* +usr/share/snmp/snmpconf-data/snmp-data --- net-snmp-5.2.1.2.orig/debian/libsnmp9.docs +++ net-snmp-5.2.1.2/debian/libsnmp9.docs @@ -0,0 +1,10 @@ +AGENT.txt +FAQ +NEWS +README +README.agentx +README.snmpv3 +README.thread +TODO +local/README.mib2c +debian/README.Debian --- net-snmp-5.2.1.2.orig/debian/libsnmp9.prerm +++ net-snmp-5.2.1.2/debian/libsnmp9.prerm @@ -0,0 +1,7 @@ +#! /bin/sh + +set -e + +#DEBHELPER# + +exit 0 --- net-snmp-5.2.1.2.orig/debian/watch +++ net-snmp-5.2.1.2/debian/watch @@ -0,0 +1,2 @@ +version=2 +ftp://ftp2.sf.net/pub/sourceforge/n/ne/net-snmp/net-snmp-([\d+\.]+|\d+)(\.tar|\.tgz)(\.gz|\.bz2|) debian uupdate --- net-snmp-5.2.1.2.orig/debian/snmpd.lintian-overrides +++ net-snmp-5.2.1.2/debian/snmpd.lintian-overrides @@ -0,0 +1,2 @@ +snmpd: non-standard-file-perm etc/snmp/snmpd.conf 0600 != 0644 +snmpd: non-standard-file-perm etc/snmp/snmptrapd.conf 0600 != 0644 --- net-snmp-5.2.1.2.orig/debian/patches/04_fixproc.patch +++ net-snmp-5.2.1.2/debian/patches/04_fixproc.patch @@ -0,0 +1,20 @@ +--- net-snmp-5.1.2.orig/local/fixproc 2005-05-20 14:44:30.000000000 +0200 ++++ net-snmp-5.1.2/local/fixproc 2005-03-19 21:16:16.000000000 +0100 +@@ -231,7 +231,7 @@ + { + # it must be "shell", so execute the shell script defined in database + +- local ($tmpfile) = "/tmp/fix_$$"; ++ local ($tmpfile) = `mktemp /tmp/fix.XXXXXXXX`; + + &create_sh_script ($fix{$proc}, $tmpfile); + +@@ -262,7 +262,7 @@ + # if not "exist", then it must be "shell", so execute the shell script + # defined in database + +- local ($tmpfile) = "/tmp/check_$$"; ++ local ($tmpfile) = `mktemp /tmp/fix.XXXXXXXX`; + + &create_sh_script ($check{$proc}, $tmpfile); + --- net-snmp-5.2.1.2.orig/debian/patches/11_library-version-update-5.2.1.2.patch.1 +++ net-snmp-5.2.1.2/debian/patches/11_library-version-update-5.2.1.2.patch.1 @@ -0,0 +1,39 @@ +--- Makefile.top.orig 2005-09-05 22:09:52.000000000 +0200 ++++ Makefile.top 2005-09-05 22:13:21.000000000 +0200 +@@ -52,24 +52,21 @@ + # Misc Compiling Stuff + CC = @CC@ + +-# ok, use libtool versioning, but not quite the way they recommend. +-# The shared library version number will be: ++# use libtool versioning the way they recommend. ++# The (slightly clarified) rules: + # +-# (CURRENT-AGE).AGE.REVISION ++# - If any interfaces/structures have been removed or changed since the ++# last update, increment current, and set age and revision to 0. Stop. + # +-# *** THIS MEANS YOU MAY NEED TO DECREMENT CURRENT FOR A NEW RELEASE *** +-# +-# examples: +-# C.A.R library name +-# ------- --------------- +-# 5.0.9 libxxx.so.5.0.9 +-# 6.1.2 libxxx.so.5.1.2 +-# 7.2.8 libxxx.so.5.2.8 +-# 6.0.0 libxxx.so.6.0.0 ++# - If any interfaces have been added since the last public release, then ++# increment current and age, and set revision to 0. Stop. + # +-LIBCURRENT = 7 +-LIBAGE = 2 +-LIBREVISION = 1 ++# - If the source code has changed at all since the last update, ++# then increment revision (c:r:a becomes c:r+1:a). ++# ++LIBCURRENT = 9 ++LIBAGE = 0 ++LIBREVISION = 0 + + LIB_LD_CMD = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o + LIB_EXTENSION = la --- net-snmp-5.2.1.2.orig/debian/patches/50_CVE-2007-5846.patch +++ net-snmp-5.2.1.2/debian/patches/50_CVE-2007-5846.patch @@ -0,0 +1,104 @@ +diff -Nur net-snmp-5.2.1.2/agent/agent_read_config.c net-snmp-5.2.1.2.new/agent/agent_read_config.c +--- net-snmp-5.2.1.2/agent/agent_read_config.c 2004-10-06 04:02:37.000000000 +0200 ++++ net-snmp-5.2.1.2.new/agent/agent_read_config.c 2007-11-21 11:26:23.141866445 +0100 +@@ -257,6 +257,13 @@ + netsnmp_ds_register_config(ASN_BOOLEAN, app, "leave_pidfile", + NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_LEAVE_PIDFILE); ++ netsnmp_ds_register_config(ASN_INTEGER, app, "maxGetbulkRepeats", ++ NETSNMP_DS_APPLICATION_ID, ++ NETSNMP_DS_AGENT_MAX_GETBULKREPEATS); ++ netsnmp_ds_register_config(ASN_INTEGER, app, "maxGetbulkResponses", ++ NETSNMP_DS_APPLICATION_ID, ++ NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES); ++ + netsnmp_init_handler_conf(); + + #include "agent_module_dot_conf.h" +diff -Nur net-snmp-5.2.1.2/agent/snmp_agent.c net-snmp-5.2.1.2.new/agent/snmp_agent.c +--- net-snmp-5.2.1.2/agent/snmp_agent.c 2004-10-13 06:10:05.000000000 +0200 ++++ net-snmp-5.2.1.2.new/agent/snmp_agent.c 2007-11-21 11:27:12.144658968 +0100 +@@ -2102,8 +2102,39 @@ + r = 0; + asp->bulkcache = NULL; + } else { ++ int numresponses; ++ int maxbulk = ++ netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, ++ NETSNMP_DS_AGENT_MAX_GETBULKREPEATS); ++ int maxresponses = ++ netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, ++ NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES); ++ ++ if (maxresponses == 0) ++ maxresponses = 100; /* more than reasonable default */ ++ ++ if (maxbulk == 0) ++ maxbulk = -1; ++ ++ /* limit getbulk number of repeats to a configured size */ ++ if (asp->pdu->errindex > maxbulk && maxbulk != -1) { ++ asp->pdu->errindex = maxbulk; ++ } ++ ++ numresponses = asp->pdu->errindex * r; ++ ++ /* limit getbulk number of getbulk responses to a configured size */ ++ if (maxresponses != -1 && numresponses > maxresponses) { ++ /* attempt to truncate this */ ++ asp->pdu->errindex = maxresponses/r; ++ numresponses = asp->pdu->errindex * r; ++ DEBUGMSGTL(("snmp_agent", "truncating number of getbulk repeats to %d\n", asp->pdu->errindex)); ++ fprintf(stderr, "GETBULK N = %d, M = %d, R = %d\n", ++ n, asp->pdu->errindex, r); ++ } ++ + asp->bulkcache = +- (netsnmp_variable_list **) malloc(asp->pdu->errindex * r * ++ (netsnmp_variable_list **) malloc(numresponses * + sizeof(struct + varbind_list *)); + } +diff -Nur net-snmp-5.2.1.2/include/net-snmp/agent/ds_agent.h net-snmp-5.2.1.2.new/include/net-snmp/agent/ds_agent.h +--- net-snmp-5.2.1.2/include/net-snmp/agent/ds_agent.h 2004-03-02 06:01:47.000000000 +0100 ++++ net-snmp-5.2.1.2.new/include/net-snmp/agent/ds_agent.h 2007-11-21 11:27:35.145969913 +0100 +@@ -41,5 +41,7 @@ + #define NETSNMP_DS_AGENT_X_SOCK_USER 8 /* ownership for the */ + #define NETSNMP_DS_AGENT_X_SOCK_GROUP 9 /* AgentX socket */ + #define NETSNMP_DS_AGENT_CACHE_TIMEOUT 10 /* default cache timeout */ ++#define NETSNMP_DS_AGENT_MAX_GETBULKREPEATS 13 /* max getbulk repeats */ ++#define NETSNMP_DS_AGENT_MAX_GETBULKRESPONSES 14 /* max getbulk respones */ + + #endif +diff -Nur net-snmp-5.2.1.2/man/snmp.conf.5.def net-snmp-5.2.1.2.new/man/snmp.conf.5.def +--- net-snmp-5.2.1.2/man/snmp.conf.5.def 2004-12-09 17:57:00.000000000 +0100 ++++ net-snmp-5.2.1.2.new/man/snmp.conf.5.def 2007-11-21 11:28:08.147850462 +0100 +@@ -173,6 +173,28 @@ + .IP "serverSendBuf integer" + Similar to serverRecvBuf, but this directive applies to the send + buffer of server sockets. ++.IP "maxGetbulkRepeats NUM" ++Sets the maximum number of responses allowed for a single variable in ++a getbulk request. Set to 0 to enable the default and set it to -1 to ++enable unlimited. Because memory is allocated ahead of time, sitting ++this to unlimited is not considered safe if your user population can ++not be trusted. A repeat number greater than this will be truncated ++to this value. ++.IP ++This is set by default to -1. ++.IP "maxGetbulkResponses NUM" ++Sets the maximum number of responses allowed for a getbulk request. ++This is set by default to 100. Set to 0 to enable the default and set ++it to -1 to enable unlimited. Because memory is allocated ahead of ++time, sitting this to unlimited is not considered safe if your user ++population can not be trusted. ++.IP ++In general, the total number of responses will not be allowed to ++exceed the maxGetbulkResponses number and the total number returned ++will be an integer multiple of the number of variables requested times ++the calculated number of repeats allow to fit below this number. ++.IP ++Also not that processing of maxGetbulkRepeats is handled first. + .IP "clientRecvBuf integer" + Similar to serverRecvBuf, but this directive applies to the receive + buffer of client sockets (eg. snmpget). --- net-snmp-5.2.1.2.orig/debian/patches/05_searchdirs.patch +++ net-snmp-5.2.1.2/debian/patches/05_searchdirs.patch @@ -0,0 +1,14 @@ +--- net-snmp-5.1.2.orig/local/mib2c ++++ net-snmp-5.1.2/local/mib2c +@@ -60,8 +60,9 @@ + if($ENV{MIB2C_DIR}) { + push @def_search_dirs, split(/:/, $ENV{MIB2C_DIR}); + } +-push @def_search_dirs, "/usr/local/share/snmp/"; +-push @def_search_dirs, "/usr/local/share/snmp/mib2c-data"; ++push @def_search_dirs, "/etc/snmp/"; ++push @def_search_dirs, "/usr/share/snmp/"; ++push @def_search_dirs, "/usr/share/snmp/mib2c-data"; + push @def_search_dirs, "./mib2c-conf.d"; + + sub usage { --- net-snmp-5.2.1.2.orig/debian/patches/10_systemstats-snmp6.patch +++ net-snmp-5.2.1.2/debian/patches/10_systemstats-snmp6.patch @@ -0,0 +1,38 @@ +Index: agent/mibgroup/ip-mib/data_access/systemstats_linux.c +=================================================================== +RCS file: /cvsroot/net-snmp/net-snmp/agent/mibgroup/ip-mib/data_access/systemstats_linux.c,v +retrieving revision 1.6 +retrieving revision 1.3.2.5 +diff -u -p -r1.6 -r1.3.2.5 +--- agent/mibgroup/ip-mib/data_access/systemstats_linux.c 8 Jun 2005 19:57:57 -0000 1.6 ++++ agent/mibgroup/ip-mib/data_access/systemstats_linux.c 16 Aug 2005 21:16:04 -0000 1.3.2.5 +@@ -222,6 +223,7 @@ _systemstats_v6(netsnmp_container* conta + int len, rc; + uintmax_t scan_val; + const char *filename = "/proc/net/snmp6"; ++ static int warned_open = 0; + + DEBUGMSGTL(("access:systemstats:container:arch", "load v6 (flags %p)\n", + load_flags)); +@@ -232,12 +234,19 @@ _systemstats_v6(netsnmp_container* conta + if(NULL == entry) + return -3; + ++ /* ++ * try to open file. If we can't, that's ok - maybe the module hasn't ++ * been loaded yet. ++ */ + if (!(devin = fopen(filename, "r"))) { + DEBUGMSGTL(("access:systemstats", + "Failed to load Systemstats Table (linux1)\n")); +- snmp_log(LOG_ERR, "cannot open %s ...\n", filename); ++ if(!warned_open) { ++ ++warned_open; ++ snmp_log(LOG_ERR, "cannot open %s ...\n", filename); ++ } + free(entry); +- return -2; ++ return 0; + } + + /* --- net-snmp-5.2.1.2.orig/debian/patches/53_CVE-2008-4309.patch +++ net-snmp-5.2.1.2/debian/patches/53_CVE-2008-4309.patch @@ -0,0 +1,64 @@ +diff -Nur -x '*.orig' -x '*~' net-snmp-5.2.1.2/agent/snmp_agent.c net-snmp-5.2.1.2.new/agent/snmp_agent.c +--- net-snmp-5.2.1.2/agent/snmp_agent.c 2008-11-18 12:54:02.000000000 -0800 ++++ net-snmp-5.2.1.2.new/agent/snmp_agent.c 2008-11-18 13:03:13.000000000 -0800 +@@ -2102,7 +2102,6 @@ + r = 0; + asp->bulkcache = NULL; + } else { +- int numresponses; + int maxbulk = + netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_MAX_GETBULKREPEATS); +@@ -2113,30 +2112,34 @@ + if (maxresponses == 0) + maxresponses = 100; /* more than reasonable default */ + +- if (maxbulk == 0) +- maxbulk = -1; ++ /* ensure that the total number of responses fits in a mallocable ++ * result vector ++ */ ++ if (maxresponses < 0 || ++ maxresponses > INT_MAX / sizeof(struct varbind_list *)) ++ maxresponses = INT_MAX / sizeof(struct varbind_list *); ++ ++ /* ensure that the maximum number of repetitions will fit in the ++ * result vector ++ */ ++ if (maxbulk <= 0 || maxbulk > maxresponses / r) ++ maxbulk = maxresponses / r; + + /* limit getbulk number of repeats to a configured size */ +- if (asp->pdu->errindex > maxbulk && maxbulk != -1) { ++ if (asp->pdu->errindex > maxbulk) { + asp->pdu->errindex = maxbulk; +- } +- +- numresponses = asp->pdu->errindex * r; +- +- /* limit getbulk number of getbulk responses to a configured size */ +- if (maxresponses != -1 && numresponses > maxresponses) { +- /* attempt to truncate this */ +- asp->pdu->errindex = maxresponses/r; +- numresponses = asp->pdu->errindex * r; +- DEBUGMSGTL(("snmp_agent", "truncating number of getbulk repeats to %d\n", asp->pdu->errindex)); +- fprintf(stderr, "GETBULK N = %d, M = %d, R = %d\n", +- n, asp->pdu->errindex, r); ++ DEBUGMSGTL(("snmp_agent", ++ "truncating number of getbulk repeats to %d\n", ++ asp->pdu->errindex)); + } + + asp->bulkcache = +- (netsnmp_variable_list **) malloc(numresponses * +- sizeof(struct +- varbind_list *)); ++ (netsnmp_variable_list **) malloc( ++ asp->pdu->errindex * r * sizeof(struct varbind_list *)); ++ if (!asp->bulkcache) { ++ DEBUGMSGTL(("snmp_agent", "Bulkcache malloc failed\n")); ++ return SNMP_ERR_GENERR; ++ } + } + DEBUGMSGTL(("snmp_agent", "GETBULK N = %d, M = %d, R = %d\n", + n, asp->pdu->errindex, r)); --- net-snmp-5.2.1.2.orig/debian/patches/02_statistics.patch +++ net-snmp-5.2.1.2/debian/patches/02_statistics.patch @@ -0,0 +1,22 @@ +--- net-snmp-5.1.2.orig/agent/mibgroup/mibII/interfaces.c ++++ net-snmp-5.1.2/agent/mibgroup/mibII/interfaces.c +@@ -1598,6 +1612,10 @@ + struct ifnet *nnew; + char *stats, *ifstart = line; + ++ /* Ignore interfaces with no statistics. */ ++ if (strstr(line, "No statistics available.")) ++ continue; ++ + if (line[strlen(line) - 1] == '\n') + line[strlen(line) - 1] = '\0'; + +@@ -1631,7 +1649,7 @@ + &coll) != 5)) { + if ((scan_line_to_use == scan_line_2_2) + && !strstr(line, "No statistics available")) +- snmp_log(LOG_ERR, ++ snmp_log(LOG_DEBUG, + "/proc/net/dev data format error, line ==|%s|", + line); + continue; --- net-snmp-5.2.1.2.orig/debian/patches/03_makefiles.patch +++ net-snmp-5.2.1.2/debian/patches/03_makefiles.patch @@ -0,0 +1,391 @@ +--- net-snmp-5.1.2.orig/snmplib/Makefile.in ++++ net-snmp-5.1.2/snmplib/Makefile.in +@@ -178,11 +178,11 @@ + + # how to build the libraries. + libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION): ${TOBJS} +- $(LIB_LD_CMD) libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION) ${TOBJS} ++ $(LIB_LD_CMD) libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION) ${TOBJS} @CRYPTOLIBS@ + $(RANLIB) libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION) + + libsnmp.$(LIB_EXTENSION)$(LIB_VERSION): ${TOBJS} +- $(LIB_LD_CMD) libsnmp.$(LIB_EXTENSION)$(LIB_VERSION) ${TOBJS} ++ $(LIB_LD_CMD) libsnmp.$(LIB_EXTENSION)$(LIB_VERSION) ${TOBJS} @CRYPTOLIBS@ + $(RANLIB) libsnmp.$(LIB_EXTENSION)$(LIB_VERSION) + + # +--- net-snmp-5.1.2.orig/agent/Makefile.in ++++ net-snmp-5.1.2/agent/Makefile.in +@@ -94,7 +94,7 @@ + agent_handler.o @agentgroup_list_o@ @OTHERAGENTLIBOBJS@ + LLIBAGENTOBJS=snmp_agent.lo snmp_vars.lo agent_read_config.lo \ + agent_registry.lo agent_index.lo agent_trap.lo kernel.lo \ +- agent_handler.lo @agentgroup_list_lo@ @OTHERAGENTLIBLOBJS@ ++ agent_handler.lo @agentgroup_list_lo@ @OTHERAGENTLIBLOBJS@ @WRAPLIBS@ + + # The agent objects. + AGENTOBJS=snmpd.o @other_agentobjs@ +@@ -129,11 +129,11 @@ + + + libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION): ${LLIBAGENTOBJS} libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION) +- $(LIB_LD_CMD) libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION) ${LLIBAGENTOBJS} $(LIB_LD_LIBS) ++ $(LIB_LD_CMD) libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION) ${LLIBAGENTOBJS} $(LIB_LD_LIBS) + $(RANLIB) libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION) + + libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION): ${LMIBOBJS} +- $(LIB_LD_CMD) libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION) ${LMIBOBJS} $(LIB_LD_LIBS) ++ $(LIB_LD_CMD) libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION) ${LMIBOBJS} $(LIB_LD_LIBS) $(LIBSENSORS) + $(RANLIB) libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION) + + embedperlinstall: +--- net-snmp-5.1.2.orig/local/Makefile.in ++++ net-snmp-5.1.2/local/Makefile.in +@@ -58,7 +58,7 @@ + + mib2c.made: $(srcdir)/mib2c + if test "x$(PERLPROG)" != "x" ; then \ +- $(PERLPROG) -p -e 's%^#!.*/perl.*%#!$(PERLPROG)%;s#/usr/local/share/snmp#$(snmplibdir)#;' ${srcdir}/mib2c > mib2c.made; \ ++ $(PERLPROG) -p -e 's%^#!.*/perl.*%#!$(PERLPROG)%;s#/usr/local/share/snmp#$(snmplibdir)#;s#/usr/local/etc/snmp#$(SNMPCONFPATH)#;' ${srcdir}/mib2c > mib2c.made; \ + else \ + touch mib2c.made; \ + fi +--- net-snmp-5.1.2.orig/mibs/Makefile.in ++++ net-snmp-5.1.2/mibs/Makefile.in +@@ -43,11 +43,15 @@ + UCDMIBS = UCD-SNMP-MIB.txt UCD-DEMO-MIB.txt UCD-IPFWACC-MIB.txt \ + UCD-DLMOD-MIB.txt UCD-DISKIO-MIB.txt + ++EXTRAMIBS = BGP4-MIB.txt BRIDGE-MIB.txt GNOME-SMI.txt OSPF-MIB.txt \ ++ OSPF-TRAP-MIB.txt RIPv2-MIB.txt SOURCE-ROUTING-MIB.txt \ ++ LM-SENSORS-MIB.txt ++ + DEFAULTMIBS = @default_mibs_install@ + + MIBS = $(V1MIBS) $(V2MIBS) $(V3MIBS) $(RFCMIBS) \ + $(AGENTMIBS) $(IANAMIBS) \ +- $(NETSNMPMIBS) $(UCDMIBS) $(DEFAULTMIBS) ++ $(NETSNMPMIBS) $(UCDMIBS) $(DEFAULTMIBS) $(EXTRAMIBS) + + all: standardall + +--- net-snmp-5.1.2.orig/net-snmp-config.in ++++ net-snmp-5.1.2/net-snmp-config.in +@@ -136,13 +136,13 @@ + #################################################### client lib + --libs) + # use this one == --netsnmp-libs + --external-libs +- echo $NSC_LDFLAGS $NSC_LIBDIR -lnetsnmp $NSC_LIBS ++ echo $NSC_LDFLAGS $NSC_LIBDIR -lnetsnmp $NSC_LIBS @WRAPLIBS@ + ;; + --netsnmp-libs) + echo $NSC_LIBDIR -lnetsnmp + ;; + --external-libs) +- echo $NSC_LDFLAGS $NSC_LIBS ++ echo $NSC_LDFLAGS $NSC_LIBS @WRAPLIBS@ + ;; + #################################################### agent lib + --base-agent-libs) +@@ -153,13 +153,13 @@ + ;; + --agent-libs) + # use this one == --netsnmp-agent-libs + --external-libs +- echo $NSC_LDFLAGS $NSC_LIBDIR $NSC_BASE_AGENT_LIBS $NSC_AGENTLIBS ++ echo $NSC_LDFLAGS $NSC_LIBDIR $NSC_BASE_AGENT_LIBS $NSC_AGENTLIBS @WRAPLIBS@ + ;; + --netsnmp-agent-libs) + echo $NSC_LIBDIR $NSC_BASE_AGENT_LIBS + ;; + --external-agent-libs) +- echo $NSC_LDFLAGS $NSC_AGENTLIBS ++ echo $NSC_LDFLAGS $NSC_AGENTLIBS @WRAPLIBS@ + ;; + #################################################### + --version|--ver*) +@@ -445,7 +445,7 @@ + echo "Ack. Can't create $tmpfile." + exit 1 + fi +- cmd="@CC@ $cflags @CFLAGS@ @DEVFLAGS@ -I. -I${NSC_INCLUDEDIR} -o $outname $tmpfile $cfiles $NSC_LDFLAGS $NSC_LIBDIR $NSC_BASE_AGENT_LIBS $NSC_AGENTLIBS $ldflags" ++ cmd="@CC@ $cflags @CFLAGS@ @DEVFLAGS@ -I. -I${NSC_INCLUDEDIR} -o $outname $tmpfile $cfiles $NSC_LDFLAGS $NSC_LIBDIR $NSC_BASE_AGENT_LIBS $NSC_AGENTLIBS @WRAPLIBS@ $ldflags" + echo "running: $cmd" + `$cmd` + if test "x$norm" != "x1" ; then +--- net-snmp-5.1.2.orig/Makefile.top ++++ net-snmp-5.1.2/Makefile.top +@@ -27,6 +27,7 @@ + snmplibdir = $(datadir)/snmp + mibdir = $(snmplibdir)/mibs + persistentdir = @PERSISTENT_DIRECTORY@ ++sysconfdir = @sysconfdir@ + INSTALL_PREFIX = @INSTALL_PREFIX@ + + # +--- net-snmp-5.1.2.orig/acconfig.h ++++ net-snmp-5.1.2/acconfig.h +@@ -560,6 +560,9 @@ + /* define if you have getservbyname */ + #undef HAVE_GETSERVBYNAME + ++/* define if you have dlopen */ ++#undef HAVE_DLOPEN ++ + /* printing system */ + #undef HAVE_LPSTAT + #undef LPSTAT_PATH +--- net-snmp-5.1.2.orig/configure.in ++++ net-snmp-5.1.2/configure.in +@@ -161,6 +161,9 @@ + AC_DEFINE(SNMP_NO_DEBUGGING) + fi + ++AC_ARG_WITH(rpm, ++[ --without-rpm Don't use RPM even if available.]) ++ + AC_ARG_WITH(dmalloc, + [ --with-dmalloc=PATH Use dmalloc library (www.dmalloc.com)], + if test "x$withval" = "xyes"; then +@@ -1539,12 +1542,13 @@ + AC_CHECK_LIB(RSAglue, RSA_PKCS1_RSAref) + fi + +- AC_CHECK_LIB(crypto, EVP_md5) ++ AC_CHECK_LIB(crypto, EVP_md5, [CRYPTOLIBS=-lcrypto], , ) + AC_CHECK_FUNCS(AES_cfb128_encrypt) + fi + elif test "x$askedpkcs" = "xyes"; then + AC_CHECK_LIB(pkcs11, C_Initialize) + fi ++AC_SUBST(CRYPTOLIBS) + + # Check for libraries that the agent needs + # saving old libraries +@@ -1664,8 +1668,9 @@ + # Replace `main' with a function in -lkvm: + AC_CHECK_LIB(kvm, kvm_read) + # DYNAMIC MODULE SUPPORT +-AC_CHECK_LIB(dl, dlopen) +-AC_CHECK_FUNCS(dlopen) ++AC_CHECK_FUNC(dlopen, AC_DEFINE(HAVE_DLOPEN), ++ AC_CHECK_LIB(dl, dlopen, AC_DEFINE(HAVE_DLOPEN) ++ LIBS="${LIBS} -ldl")) + + AC_CHECK_FUNCS(kvm_openfiles nlist knlist kvm_getprocs) + echo "$with_mib_modules" | grep "ucd-snmp/diskio" >/dev/null +@@ -1979,7 +1984,7 @@ + + AC_MSG_RESULT([$ac_cv_type_ssize_t]) + if test $ac_cv_type_ssize_t = yes; then +- AC_DEFINE(HAVE_SSIZE_T) ++ AC_DEFINE(HAVE_SSIZE_T, 1, [Define if type ssize_t is available]) + fi + + # Check ps args +--- net-snmp-5.1.2.orig/Makefile.rules ++++ net-snmp-5.1.2/Makefile.rules +@@ -301,7 +301,7 @@ + # cleaning targets + # + clean: cleansubdirs $(OTHERCLEANTODOS) +- rm -f core ${OBJS} ${LOBJS} $(STANDARDCLEANTARGETS) $(OTHERCLEANTARGETS) ++ rm -f -- core ${OBJS} ${LOBJS} $(STANDARDCLEANTARGETS) $(OTHERCLEANTARGETS) + rm -rf .libs + + cleansubdirs: +--- net-snmp-5.1.2.orig/acinclude.m4 ++++ net-snmp-5.1.2/acinclude.m4 +@@ -0,0 +1,193 @@ ++dnl @synopsis AC_PROMPT_USER_NO_DEFINE(VARIABLENAME,QUESTION,[DEFAULT]) ++dnl ++dnl Asks a QUESTION and puts the results in VARIABLENAME with an optional ++dnl DEFAULT value if the user merely hits return. ++dnl ++dnl @version 1.15 ++dnl @author Wes Hardaker ++dnl ++AC_DEFUN([AC_PROMPT_USER_NO_DEFINE], ++dnl changequote(<<, >>) dnl ++dnl << ++[ ++if test "x$defaults" = "xno"; then ++echo $ac_n "$2 ($3): $ac_c" ++read tmpinput ++if test "$tmpinput" = "" -a "$3" != ""; then ++ tmpinput="$3" ++fi ++eval $1=\"$tmpinput\" ++else ++tmpinput="$3" ++eval $1=\"$tmpinput\" ++fi ++] ++dnl >> ++dnl changequote([, ]) ++) dnl done AC_PROMPT_USER ++ ++dnl @synopsis AC_PROMPT_USER(VARIABLENAME,QUESTION,[DEFAULT],QUOTED) ++dnl ++dnl Asks a QUESTION and puts the results in VARIABLENAME with an optional ++dnl DEFAULT value if the user merely hits return. Also calls ++dnl AC_DEFINE_UNQUOTED() on the VARIABLENAME for VARIABLENAMEs that should ++dnl be entered into the config.h file as well. If QUOTED is "quoted" then ++dnl the result will be defined within quotes. ++dnl ++dnl @version 1.15 ++dnl @author Wes Hardaker ++dnl ++AC_DEFUN([AC_PROMPT_USER], ++[ ++MSG_CHECK=`echo "$2" | tail -1` ++AC_CACHE_CHECK($MSG_CHECK, ac_cv_user_prompt_$1, ++[echo "" >&AC_FD_MSG ++AC_PROMPT_USER_NO_DEFINE($1,[$2],$3) ++eval ac_cv_user_prompt_$1=\$$1 ++echo $ac_n "setting $MSG_CHECK to... $ac_c" >&AC_FD_MSG ++]) ++if test "$ac_cv_user_prompt_$1" != "none"; then ++ if test "x$4" = "xquoted" -o "x$4" = "xQUOTED"; then ++ AC_DEFINE_UNQUOTED($1,"$ac_cv_user_prompt_$1") ++ else ++ AC_DEFINE_UNQUOTED($1,$ac_cv_user_prompt_$1) ++ fi ++fi ++]) dnl ++ ++dnl @synopsis AC_CHECK_STRUCT_FOR(INCLUDES,STRUCT,MEMBER,DEFINE,[no]) ++dnl ++dnl Checks STRUCT for MEMBER and defines DEFINE if found. ++dnl ++dnl @version 1.15 ++dnl @author Wes Hardaker ++dnl ++AC_DEFUN(AC_CHECK_STRUCT_FOR,[ ++ ++ac_safe_struct=`echo "$2" | sed 'y%./+-%__p_%'` ++ac_safe_member=`echo "$3" | sed 'y%./+-%__p_%'` ++ac_safe_all="ac_cv_struct_${ac_safe_struct}_has_${ac_safe_member}" ++changequote(, )dnl ++ ac_uc_define=STRUCT_`echo "${ac_safe_struct}_HAS_${ac_safe_member}" | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` ++changequote([, ])dnl ++ ++AC_MSG_CHECKING([for $2.$3]) ++AC_CACHE_VAL($ac_safe_all, ++[ ++if test "x$4" = "x"; then ++ defineit="= 0" ++elif test "x$4" = "xno"; then ++ defineit="" ++else ++ defineit="$4" ++fi ++AC_TRY_COMPILE([ ++$1 ++],[ ++struct $2 testit; ++testit.$3 $defineit; ++], eval "${ac_safe_all}=yes", eval "${ac_safe_all}=no" ) ++]) ++ ++if eval "test \"x$`echo ${ac_safe_all}`\" = \"xyes\""; then ++ AC_MSG_RESULT(yes) ++ AC_DEFINE_UNQUOTED($ac_uc_define) ++else ++ AC_MSG_RESULT(no) ++fi ++ ++]) ++ ++dnl AC_CHECK_IFNET_FOR(SUBSTRUCT,[no]) ++AC_DEFUN(AC_CHECK_IFNET_FOR,[ ++dnl check for $1 in struct ifnet ++AC_CHECK_STRUCT_FOR([ ++#ifdef IFNET_NEEDS_KERNEL ++#define _KERNEL 1 ++#endif ++#include ++#include ++#ifdef HAVE_SYS_TIME_H ++#include ++#endif ++#include ++#ifdef HAVE_NET_IF_VAR_H ++#include ++#endif ++#ifdef HAVE_SYS_QUEUE_H ++#include ++#endif ++#ifdef linux ++struct ifnet { ++ char *if_name; /* name, e.g. "en" or "lo" */ ++ short if_unit; /* sub-unit for lower level driver */ ++ short if_mtu; /* maximum transmission unit */ ++ short if_flags; /* up/down, broadcast, etc. */ ++ int if_metric; /* routing metric (external only) */ ++ char if_hwaddr [6]; /* ethernet address */ ++ int if_type; /* interface type: 1=generic, ++ 28=slip, ether=6, loopback=24 */ ++ int if_speed; /* interface speed: in bits/sec */ ++ ++ struct sockaddr if_addr; /* interface's address */ ++ struct sockaddr ifu_broadaddr; /* broadcast address */ ++ struct sockaddr ia_subnetmask; /* interface's mask */ ++ ++ struct ifqueue { ++ int ifq_len; ++ int ifq_drops; ++ } if_snd; /* output queue */ ++ int if_ibytes; /* octets received on interface */ ++ int if_ipackets; /* packets received on interface */ ++ int if_ierrors; /* input errors on interface */ ++ int if_iqdrops; /* input queue overruns */ ++ int if_obytes; /* octets sent on interface */ ++ int if_opackets; /* packets sent on interface */ ++ int if_oerrors; /* output errors on interface */ ++ int if_collisions; /* collisions on csma interfaces */ ++/* end statistics */ ++ struct ifnet *if_next; ++}; ++#endif ++], ifnet, $1, $2) ++]) ++ ++dnl ++dnl Add a search path to the LIBS and CFLAGS variables ++dnl ++AC_DEFUN(AC_ADD_SEARCH_PATH,[ ++ if test "x$1" != x -a -d $1; then ++ if test -d $1/lib; then ++ LDFLAGS="-L$1/lib $LDFLAGS" ++ fi ++ if test -d $1/include; then ++ CPPFLAGS="-I$1/include $CPPFLAGS" ++ fi ++ fi ++]) ++ ++dnl ++dnl Store information for displaying later. ++dnl ++AC_DEFUN(AC_MSG_CACHE_INIT,[ ++ rm -f configure-summary ++]) ++ ++AC_DEFUN(AC_MSG_CACHE_ADD,[ ++ cat >> configure-summary << EOF ++ $1 ++EOF ++]) ++ ++AC_DEFUN(AC_MSG_CACHE_DISPLAY,[ ++ echo "" ++ echo "---------------------------------------------------------" ++ echo " Net-SNMP configuration summary:" ++ echo "---------------------------------------------------------" ++ echo "" ++ cat configure-summary ++ echo "" ++ echo "---------------------------------------------------------" ++ echo "" ++]) ++ --- net-snmp-5.2.1.2.orig/debian/patches/50_CVE-2007-5846.README +++ net-snmp-5.2.1.2/debian/patches/50_CVE-2007-5846.README @@ -0,0 +1,3 @@ +Bugfix for CVE-2007-5846: +The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. +Taken from Upstream: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 --- net-snmp-5.2.1.2.orig/debian/patches/08_defaultconfig.patch +++ net-snmp-5.2.1.2/debian/patches/08_defaultconfig.patch @@ -0,0 +1,142 @@ +--- net-snmp-5.1.2.orig/EXAMPLE.conf.def ++++ net-snmp-5.1.2/EXAMPLE.conf.def +@@ -6,7 +6,7 @@ + ############################################################################### + # + # This file is intended to only be an example. If, however, you want +-# to use it, it should be placed in SYSCONFDIR/share/snmp/snmpd.conf. ++# to use it, it should be placed in /etc/snmp/snmpd.conf. + # When the snmpd agent starts up, this is where it will look for it. + # + # You might be interested in generating your own snmpd.conf file using +@@ -58,31 +58,37 @@ + # from): + + # sec.name source community +-com2sec local localhost COMMUNITY +-com2sec mynetwork NETWORK/24 COMMUNITY ++com2sec paranoid default public ++#com2sec readonly default public ++#com2sec readwrite default private + + #### + # Second, map the security names into group names: + + # sec.model sec.name +-group MyRWGroup v1 local +-group MyRWGroup v2c local +-group MyRWGroup usm local +-group MyROGroup v1 mynetwork +-group MyROGroup v2c mynetwork +-group MyROGroup usm mynetwork ++group MyROSystem v1 paranoid ++group MyROSystem v2c paranoid ++group MyROSystem usm paranoid ++group MyROGroup v1 readonly ++group MyROGroup v2c readonly ++group MyROGroup usm readonly ++group MyRWGroup v1 readwrite ++group MyRWGroup v2c readwrite ++group MyRWGroup usm readwrite + + #### + # Third, create a view for us to let the groups have rights to: + + # incl/excl subtree mask + view all included .1 80 ++view system included .iso.org.dod.internet.mgmt.mib-2.system + + #### + # Finally, grant the 2 groups access to the 1 view with different + # write permissions: + + # context sec.model sec.level match read write notif ++access MyROSystem "" any noauth exact system none none + access MyROGroup "" any noauth exact all none none + access MyRWGroup "" any noauth exact all all none + +@@ -100,8 +106,8 @@ + # value of an object whose value is given here will fail with an error + # status of notWritable. + +-syslocation Right here, right now. +-syscontact Me ++syslocation Unknown (configure /etc/snmp/snmpd.local.conf) ++syscontact Root (configure /etc/snmp/snmpd.local.conf) + + # Example output of snmpwalk: + # % snmpwalk -v 1 -c public localhost system +@@ -135,13 +141,13 @@ + # + + # Make sure mountd is running +-proc mountd ++#proc mountd + + # Make sure there are no more than 4 ntalkds running, but 0 is ok too. +-proc ntalkd 4 ++#proc ntalkd 4 + + # Make sure at least one sendmail, but less than or equal to 10 are running. +-proc sendmail 10 1 ++#proc sendmail 10 1 + + # A snmpwalk of the prTable would look something like this: + # +@@ -199,7 +205,7 @@ + # ARGS: optional arguments to be passed to the program + + # a simple hello world +-exec echotest /bin/echo hello world ++#exec echotest /bin/echo hello world + + # Run a shell script containing: + # +@@ -250,7 +256,7 @@ + + # Check the / partition and make sure it contains at least 10 megs. + +-disk / 10000 ++#disk / 10000 + + # % snmpwalk -v 1 -c public localhost .EXTENSIBLEDOTMIB.DISKMIBNUM + # enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0 +@@ -279,7 +285,7 @@ + # 15MAX: Similar, but for 15 min average. + + # Check for loads: +-load 12 14 14 ++#load 12 14 14 + + # % snmpwalk -v 1 -c public localhost .EXTENSIBLEDOTMIB.LOADAVEMIBNUM + # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1 +@@ -365,7 +371,7 @@ + # (commented out here since it requires that you place the + # script in the right location. (its not installed by default)) + +-# pass .EXTENSIBLEDOTMIB.255 /bin/sh PREFIX/local/passtest ++# pass .EXTENSIBLEDOTMIB.255 /bin/sh /usr/local/passtest + + # % snmpwalk -v 1 -c public localhost .EXTENSIBLEDOTMIB.255 + # enterprises.ucdavis.255.1 = "life the universe and everything" +--- net-snmp-5.1.2.orig/EXAMPLE-trap.conf ++++ net-snmp-5.1.2/EXAMPLE-trap.conf +@@ -0,0 +1,18 @@ ++############################################################################### ++# ++# EXAMPLE.conf: ++# An example configuration file for configuring the ucd-snmp snmptrapd agent. ++# ++############################################################################### ++# ++# This file is intended to only be an example. If, however, you want ++# to use it, it should be placed in /etc/snmp/snmptrapd.conf. ++# When the snmptrapd agent starts up, this is where it will look for it. ++# ++# All lines beginning with a '#' are comments and are intended for you ++# to read. All other lines are configuration commands for the agent. ++ ++# ++# PLEASE: read the snmptrapd.conf(5) manual page as well! ++# ++ --- net-snmp-5.2.1.2.orig/debian/patches/06_extramibs.patch +++ net-snmp-5.2.1.2/debian/patches/06_extramibs.patch @@ -0,0 +1,6263 @@ +diff -ruN mibs/BGP4-MIB.txt.orig mibs/BGP4-MIB.txt +--- mibs/BGP4-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/BGP4-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,929 @@ ++ BGP4-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, ++ IpAddress, Integer32, Counter32, Gauge32, mib-2 ++ FROM SNMPv2-SMI ++ MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP ++ FROM SNMPv2-CONF; ++ ++ bgp MODULE-IDENTITY ++ LAST-UPDATED "9902100000Z" ++ ORGANIZATION "IETF IDR Working Group" ++ CONTACT-INFO "E-mail: idr@merit.net ++ ++ Susan Hares (Editor) ++ Merit Network ++ 4251 Plymouth Road ++ Suite C ++ Ann Arbor, MI 48105-2785 ++ Tel: +1 734 936 2095 ++ Fax: +1 734 647 3185 ++ E-mail: skh@merit.edu ++ ++ Jeff Johnson (Editor) ++ RedBack Networks, Inc. ++ 1389 Moffett Park Drive ++ Sunnyvale, CA 94089-1134 ++ Tel: +1 408 548 3516 ++ Fax: +1 408 548 3599 ++ E-mail: jeff@redback.com" ++ DESCRIPTION ++ "The MIB module for BGP-4." ++ REVISION "9902100000Z" ++ DESCRIPTION ++ "Corrected duplicate OBJECT IDENTIFIER ++ assignment in the conformance information." ++ REVISION "9601080000Z" ++ DESCRIPTION ++ "1) Fixed the definitions of the traps to ++ make them equivalent to their initial ++ definition in RFC 1269. ++ 2) Added compliance and conformance info." ++ ::= { mib-2 15 } ++ ++ bgpVersion OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (1..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Vector of supported BGP protocol version ++ numbers. Each peer negotiates the version ++ from this vector. Versions are identified ++ via the string of bits contained within this ++ object. The first octet contains bits 0 to ++ 7, the second octet contains bits 8 to 15, ++ and so on, with the most significant bit ++ referring to the lowest bit number in the ++ octet (e.g., the MSB of the first octet ++ refers to bit 0). If a bit, i, is present ++ and set, then the version (i+1) of the BGP ++ is supported." ++ ::= { bgp 1 } ++ ++ bgpLocalAs OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local autonomous system number." ++ ::= { bgp 2 } ++ ++ ++ ++ -- BGP Peer table. This table contains, one entry per BGP ++ -- peer, information about the BGP peer. ++ ++ bgpPeerTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF BgpPeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "BGP peer table. This table contains, ++ one entry per BGP peer, information about the ++ connections with BGP peers." ++ ::= { bgp 3 } ++ ++ bgpPeerEntry OBJECT-TYPE ++ SYNTAX BgpPeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Entry containing information about the ++ connection with a BGP peer." ++ INDEX { bgpPeerRemoteAddr } ++ ::= { bgpPeerTable 1 } ++ ++ BgpPeerEntry ::= SEQUENCE { ++ bgpPeerIdentifier ++ IpAddress, ++ bgpPeerState ++ INTEGER, ++ bgpPeerAdminStatus ++ INTEGER, ++ bgpPeerNegotiatedVersion ++ Integer32, ++ bgpPeerLocalAddr ++ IpAddress, ++ bgpPeerLocalPort ++ INTEGER, ++ bgpPeerRemoteAddr ++ IpAddress, ++ bgpPeerRemotePort ++ INTEGER, ++ bgpPeerRemoteAs ++ INTEGER, ++ bgpPeerInUpdates ++ Counter32, ++ bgpPeerOutUpdates ++ Counter32, ++ bgpPeerInTotalMessages ++ Counter32, ++ bgpPeerOutTotalMessages ++ Counter32, ++ bgpPeerLastError ++ OCTET STRING, ++ bgpPeerFsmEstablishedTransitions ++ Counter32, ++ bgpPeerFsmEstablishedTime ++ Gauge32, ++ bgpPeerConnectRetryInterval ++ INTEGER, ++ bgpPeerHoldTime ++ INTEGER, ++ bgpPeerKeepAlive ++ INTEGER, ++ bgpPeerHoldTimeConfigured ++ INTEGER, ++ bgpPeerKeepAliveConfigured ++ INTEGER, ++ bgpPeerMinASOriginationInterval ++ INTEGER, ++ bgpPeerMinRouteAdvertisementInterval ++ INTEGER, ++ bgpPeerInUpdateElapsedTime ++ Gauge32 ++ } ++ ++ bgpPeerIdentifier OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP Identifier of this entry's BGP peer." ++ ::= { bgpPeerEntry 1 } ++ ++ bgpPeerState OBJECT-TYPE ++ SYNTAX INTEGER { ++ idle(1), ++ connect(2), ++ active(3), ++ opensent(4), ++ openconfirm(5), ++ established(6) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP peer connection state." ++ ::= { bgpPeerEntry 2 } ++ ++ bgpPeerAdminStatus OBJECT-TYPE ++ SYNTAX INTEGER { ++ stop(1), ++ start(2) ++ } ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The desired state of the BGP connection. A ++ transition from 'stop' to 'start' will cause ++ the BGP Start Event to be generated. A ++ transition from 'start' to 'stop' will cause ++ the BGP Stop Event to be generated. This ++ parameter can be used to restart BGP peer ++ connections. Care should be used in providing ++ write access to this object without adequate ++ authentication." ++ ::= { bgpPeerEntry 3 } ++ ++ bgpPeerNegotiatedVersion OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The negotiated version of BGP running between ++ the two peers." ++ ::= { bgpPeerEntry 4 } ++ ++ bgpPeerLocalAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local IP address of this entry's BGP ++ connection." ++ ::= { bgpPeerEntry 5 } ++ ++ bgpPeerLocalPort OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The local port for the TCP connection between ++ the BGP peers." ++ ::= { bgpPeerEntry 6 } ++ ++ bgpPeerRemoteAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote IP address of this entry's BGP ++ peer." ++ ::= { bgpPeerEntry 7 } ++ ++ bgpPeerRemotePort OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote port for the TCP connection between ++ the BGP peers. Note that the objects ++ bgpPeerLocalAddr, bgpPeerLocalPort, ++ bgpPeerRemoteAddr and bgpPeerRemotePort ++ provide the appropriate reference to the ++ standard MIB TCP connection table." ++ ::= { bgpPeerEntry 8 } ++ ++ bgpPeerRemoteAs OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The remote autonomous system number." ++ ::= { bgpPeerEntry 9 } ++ ++ bgpPeerInUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of BGP UPDATE messages received on ++ this connection. This object should be ++ initialized to zero (0) when the connection is ++ established." ++ ::= { bgpPeerEntry 10 } ++ ++ bgpPeerOutUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of BGP UPDATE messages transmitted ++ on this connection. This object should be ++ initialized to zero (0) when the connection is ++ established." ++ ::= { bgpPeerEntry 11 } ++ ++ bgpPeerInTotalMessages OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of messages received from the ++ remote peer on this connection. This object ++ should be initialized to zero when the ++ connection is established." ++ ::= { bgpPeerEntry 12 } ++ ++ bgpPeerOutTotalMessages OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of messages transmitted to ++ the remote peer on this connection. This object ++ should be initialized to zero when the ++ connection is established." ++ ::= { bgpPeerEntry 13 } ++ ++ bgpPeerLastError OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The last error code and subcode seen by this ++ peer on this connection. If no error has ++ occurred, this field is zero. Otherwise, the ++ first byte of this two byte OCTET STRING ++ contains the error code, and the second byte ++ contains the subcode." ++ ::= { bgpPeerEntry 14 } ++ ++ bgpPeerFsmEstablishedTransitions OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of times the BGP FSM ++ transitioned into the established state." ++ ::= { bgpPeerEntry 15 } ++ ++ bgpPeerFsmEstablishedTime OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This timer indicates how long (in seconds) this ++ peer has been in the Established state or how long ++ since this peer was last in the Established state. ++ It is set to zero when a new peer is configured or ++ the router is booted." ++ ::= { bgpPeerEntry 16 } ++ ++ bgpPeerConnectRetryInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ConnectRetry ++ timer. The suggested value for this timer is ++ 120 seconds." ++ ::= { bgpPeerEntry 17 } ++ ++ bgpPeerHoldTime OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 3..65535 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the Hold Timer ++ established with the peer. The value of this ++ object is calculated by this BGP speaker by ++ using the smaller of the value in ++ bgpPeerHoldTimeConfigured and the Hold Time ++ received in the OPEN message. This value ++ must be at lease three seconds if it is not ++ zero (0) in which case the Hold Timer has ++ not been established with the peer, or, the ++ value of bgpPeerHoldTimeConfigured is zero (0)." ++ ::= { bgpPeerEntry 18 } ++ ++ bgpPeerKeepAlive OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 1..21845 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the KeepAlive ++ timer established with the peer. The value of ++ this object is calculated by this BGP speaker ++ such that, when compared with bgpPeerHoldTime, ++ it has the same proportion as what ++ bgpPeerKeepAliveConfigured has when compared ++ with bgpPeerHoldTimeConfigured. If the value ++ of this object is zero (0), it indicates that ++ the KeepAlive timer has not been established ++ with the peer, or, the value of ++ bgpPeerKeepAliveConfigured is zero (0)." ++ ::= { bgpPeerEntry 19 } ++ ++ bgpPeerHoldTimeConfigured OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 3..65535 ) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the Hold Time ++ configured for this BGP speaker with this peer. ++ This value is placed in an OPEN message sent to ++ this peer by this BGP speaker, and is compared ++ with the Hold Time field in an OPEN message ++ received from the peer when determining the Hold ++ Time (bgpPeerHoldTime) with the peer. This value ++ must not be less than three seconds if it is not ++ zero (0) in which case the Hold Time is NOT to be ++ established with the peer. The suggested value for ++ this timer is 90 seconds." ++ ::= { bgpPeerEntry 20 } ++ ++ bgpPeerKeepAliveConfigured OBJECT-TYPE ++ SYNTAX INTEGER ( 0 | 1..21845 ) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the KeepAlive timer ++ configured for this BGP speaker with this peer. ++ The value of this object will only determine the ++ KEEPALIVE messages' frequency relative to the value ++ specified in bgpPeerHoldTimeConfigured; the actual ++ time interval for the KEEPALIVE messages is ++ indicated by bgpPeerKeepAlive. A reasonable ++ maximum value for this timer would be configured to ++ be one third of that of bgpPeerHoldTimeConfigured. ++ If the value of this object is zero (0), no ++ periodical KEEPALIVE messages are sent to the peer ++ after the BGP connection has been established. The ++ suggested value for this timer is 30 seconds." ++ ::= { bgpPeerEntry 21 } ++ ++ bgpPeerMinASOriginationInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ++ MinASOriginationInterval timer. ++ The suggested value for this timer is 15 seconds." ++ ::= { bgpPeerEntry 22 } ++ ++ bgpPeerMinRouteAdvertisementInterval OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "Time interval in seconds for the ++ MinRouteAdvertisementInterval timer. ++ The suggested value for this timer is 30 seconds." ++ ::= { bgpPeerEntry 23 } ++ ++ bgpPeerInUpdateElapsedTime OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Elapsed time in seconds since the last BGP ++ UPDATE message was received from the peer. ++ Each time bgpPeerInUpdates is incremented, ++ the value of this object is set to zero (0)." ++ ::= { bgpPeerEntry 24 } ++ ++ ++ ++ bgpIdentifier OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The BGP Identifier of local system." ++ ::= { bgp 4 } ++ ++ ++ ++ -- Received Path Attribute Table. This table contains, ++ -- one entry per path to a network, path attributes ++ -- received from all peers running BGP version 3 or less. ++ -- This table is obsolete, having been replaced in ++ -- functionality with the bgp4PathAttrTable. ++ ++ bgpRcvdPathAttrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF BgpPathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "The BGP Received Path Attribute Table contains ++ information about paths to destination networks ++ received from all peers running BGP version 3 or ++ less." ++ ::= { bgp 5 } ++ ++ bgpPathAttrEntry OBJECT-TYPE ++ SYNTAX BgpPathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "Information about a path to a network." ++ INDEX { bgpPathAttrDestNetwork, ++ bgpPathAttrPeer } ++ ::= { bgpRcvdPathAttrTable 1 } ++ ++ BgpPathAttrEntry ::= SEQUENCE { ++ bgpPathAttrPeer ++ IpAddress, ++ bgpPathAttrDestNetwork ++ IpAddress, ++ bgpPathAttrOrigin ++ INTEGER, ++ bgpPathAttrASPath ++ OCTET STRING, ++ bgpPathAttrNextHop ++ IpAddress, ++ bgpPathAttrInterASMetric ++ Integer32 ++ } ++ ++ bgpPathAttrPeer OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The IP address of the peer where the path ++ information was learned." ++ ::= { bgpPathAttrEntry 1 } ++ ++ bgpPathAttrDestNetwork OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The address of the destination network." ++ ::= { bgpPathAttrEntry 2 } ++ ++ bgpPathAttrOrigin OBJECT-TYPE ++ SYNTAX INTEGER { ++ igp(1),-- networks are interior ++ egp(2),-- networks learned via EGP ++ incomplete(3) -- undetermined ++ } ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The ultimate origin of the path information." ++ ::= { bgpPathAttrEntry 3 } ++ ++ bgpPathAttrASPath OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2..255)) ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The set of ASs that must be traversed to reach ++ the network. This object is probably best ++ represented as SEQUENCE OF INTEGER. For SMI ++ compatibility, though, it is represented as ++ OCTET STRING. Each AS is represented as a pair ++ of octets according to the following algorithm: ++ ++ first-byte-of-pair = ASNumber / 256; ++ second-byte-of-pair = ASNumber & 255;" ++ ::= { bgpPathAttrEntry 4 } ++ ++ bgpPathAttrNextHop OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The address of the border router that should ++ be used for the destination network." ++ ::= { bgpPathAttrEntry 5 } ++ ++ bgpPathAttrInterASMetric OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The optional inter-AS metric. If this ++ attribute has not been provided for this route, ++ the value for this object is 0." ++ ::= { bgpPathAttrEntry 6 } ++ ++ ++ ++ -- BGP-4 Received Path Attribute Table. This table contains, ++ -- one entry per path to a network, path attributes ++ -- received from all peers running BGP-4. ++ ++ bgp4PathAttrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Bgp4PathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The BGP-4 Received Path Attribute Table contains ++ information about paths to destination networks ++ received from all BGP4 peers." ++ ::= { bgp 6 } ++ ++ bgp4PathAttrEntry OBJECT-TYPE ++ SYNTAX Bgp4PathAttrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about a path to a network." ++ INDEX { bgp4PathAttrIpAddrPrefix, ++ bgp4PathAttrIpAddrPrefixLen, ++ bgp4PathAttrPeer } ++ ::= { bgp4PathAttrTable 1 } ++ ++ Bgp4PathAttrEntry ::= SEQUENCE { ++ bgp4PathAttrPeer ++ IpAddress, ++ bgp4PathAttrIpAddrPrefixLen ++ INTEGER, ++ bgp4PathAttrIpAddrPrefix ++ IpAddress, ++ bgp4PathAttrOrigin ++ INTEGER, ++ bgp4PathAttrASPathSegment ++ OCTET STRING, ++ bgp4PathAttrNextHop ++ IpAddress, ++ bgp4PathAttrMultiExitDisc ++ INTEGER, ++ bgp4PathAttrLocalPref ++ INTEGER, ++ bgp4PathAttrAtomicAggregate ++ INTEGER, ++ bgp4PathAttrAggregatorAS ++ INTEGER, ++ bgp4PathAttrAggregatorAddr ++ IpAddress, ++ bgp4PathAttrCalcLocalPref ++ INTEGER, ++ bgp4PathAttrBest ++ INTEGER, ++ bgp4PathAttrUnknown ++ OCTET STRING ++ } ++ ++ bgp4PathAttrPeer OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of the peer where the path ++ information was learned." ++ ::= { bgp4PathAttrEntry 1 } ++ bgp4PathAttrIpAddrPrefixLen OBJECT-TYPE ++ SYNTAX INTEGER (0..32) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Length in bits of the IP address prefix in the ++ Network Layer Reachability Information field." ++ ::= { bgp4PathAttrEntry 2 } ++ ++ bgp4PathAttrIpAddrPrefix OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "An IP address prefix in the Network Layer ++ Reachability Information field. This object ++ is an IP address containing the prefix with ++ length specified by bgp4PathAttrIpAddrPrefixLen. ++ Any bits beyond the length specified by ++ bgp4PathAttrIpAddrPrefixLen are zeroed." ++ ::= { bgp4PathAttrEntry 3 } ++ ++ bgp4PathAttrOrigin OBJECT-TYPE ++ SYNTAX INTEGER { ++ igp(1),-- networks are interior ++ egp(2),-- networks learned via EGP ++ incomplete(3) -- undetermined ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The ultimate origin of the path information." ++ ::= { bgp4PathAttrEntry 4 } ++ ++ bgp4PathAttrASPathSegment OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence of AS path segments. Each AS ++ path segment is represented by a triple ++ . ++ ++ The type is a 1-octet field which has two ++ possible values: ++ 1 AS_SET: unordered set of ASs a ++ route in the UPDATE message ++ has traversed ++ 2 AS_SEQUENCE: ordered set of ASs ++ a route in the UPDATE message ++ has traversed. ++ ++ The length is a 1-octet field containing the ++ number of ASs in the value field. ++ ++ The value field contains one or more AS ++ numbers, each AS is represented in the octet ++ string as a pair of octets according to the ++ following algorithm: ++ ++ first-byte-of-pair = ASNumber / 256; ++ second-byte-of-pair = ASNumber & 255;" ++ ::= { bgp4PathAttrEntry 5 } ++ ++ bgp4PathAttrNextHop OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The address of the border router that should ++ be used for the destination network." ++ ::= { bgp4PathAttrEntry 6 } ++ ++ bgp4PathAttrMultiExitDisc OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This metric is used to discriminate between ++ multiple exit points to an adjacent autonomous ++ system. A value of -1 indicates the absence of ++ this attribute." ++ ::= { bgp4PathAttrEntry 7 } ++ ++ bgp4PathAttrLocalPref OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The originating BGP4 speaker's degree of ++ preference for an advertised route. A value of ++ -1 indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 8 } ++ ++ bgp4PathAttrAtomicAggregate OBJECT-TYPE ++ SYNTAX INTEGER { ++ lessSpecificRrouteNotSelected(1), ++ lessSpecificRouteSelected(2) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Whether or not a system has selected ++ a less specific route without selecting a ++ more specific route." ++ ::= { bgp4PathAttrEntry 9 } ++ ++ bgp4PathAttrAggregatorAS OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The AS number of the last BGP4 speaker that ++ performed route aggregation. A value of zero (0) ++ indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 10 } ++ ++ bgp4PathAttrAggregatorAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of the last BGP4 speaker that ++ performed route aggregation. A value of ++ 0.0.0.0 indicates the absence of this attribute." ++ ::= { bgp4PathAttrEntry 11 } ++ ++ bgp4PathAttrCalcLocalPref OBJECT-TYPE ++ SYNTAX INTEGER (-1..2147483647) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The degree of preference calculated by the ++ receiving BGP4 speaker for an advertised route. ++ A value of -1 indicates the absence of this ++ attribute." ++ ::= { bgp4PathAttrEntry 12 } ++ ++ bgp4PathAttrBest OBJECT-TYPE ++ SYNTAX INTEGER { ++ false(1),-- not chosen as best route ++ true(2) -- chosen as best route ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "An indication of whether or not this route ++ was chosen as the best BGP4 route." ++ ::= { bgp4PathAttrEntry 13 } ++ ++ bgp4PathAttrUnknown OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..255)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "One or more path attributes not understood ++ by this BGP4 speaker. Size zero (0) indicates ++ the absence of such attribute(s). Octets ++ beyond the maximum size, if any, are not ++ recorded by this object." ++ ::= { bgp4PathAttrEntry 14 } ++ ++ ++ -- Traps. ++ ++ -- note that in RFC 1657, bgpTraps was incorrectly ++ -- assigned a value of { bgp 7 }, and each of the ++ -- traps had the bgpPeerRemoteAddr object inappropriately ++ -- removed from their OBJECTS clause. The following ++ -- definitions restore the semantics of the traps as ++ -- they were initially defined in RFC 1269. ++ ++ -- { bgp 7 } is unused ++ ++ bgpTraps OBJECT IDENTIFIER ::= { bgp 0 } ++ ++ bgpEstablished NOTIFICATION-TYPE ++ OBJECTS { bgpPeerRemoteAddr, ++ bgpPeerLastError, ++ bgpPeerState } ++ STATUS current ++ DESCRIPTION ++ "The BGP Established event is generated when ++ the BGP FSM enters the ESTABLISHED state." ++ ::= { bgpTraps 1 } ++ ++ bgpBackwardTransition NOTIFICATION-TYPE ++ OBJECTS { bgpPeerRemoteAddr, ++ bgpPeerLastError, ++ bgpPeerState } ++ STATUS current ++ DESCRIPTION ++ "The BGPBackwardTransition Event is generated ++ when the BGP FSM moves from a higher numbered ++ state to a lower numbered state." ++ ::= { bgpTraps 2 } ++ ++ -- conformance information ++ ++ bgpMIBConformance OBJECT IDENTIFIER ::= { bgp 8 } ++ bgpMIBCompliances OBJECT IDENTIFIER ::= { bgpMIBConformance 1 } ++ bgpMIBGroups OBJECT IDENTIFIER ::= { bgpMIBConformance 2 } ++ ++ -- compliance statements ++ ++ bgpMIBCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement for entities which ++ implement the BGP4 mib." ++ MODULE -- this module ++ MANDATORY-GROUPS { bgp4MIBGlobalsGroup, ++ bgp4MIBPeerGroup, ++ bgp4MIBPathAttrGroup, ++ bgp4MIBNotificationGroup } ++ ::= { bgpMIBCompliances 1 } ++ ++ -- units of conformance ++ ++ bgp4MIBGlobalsGroup OBJECT-GROUP ++ OBJECTS { bgpVersion, ++ bgpLocalAs, ++ bgpIdentifier } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects providing information ++ on global BGP state." ++ ::= { bgpMIBGroups 1 } ++ ++ bgp4MIBPeerGroup OBJECT-GROUP ++ OBJECTS { bgpPeerIdentifier, ++ bgpPeerState, ++ bgpPeerAdminStatus, ++ bgpPeerNegotiatedVersion, ++ bgpPeerLocalAddr, ++ bgpPeerLocalPort, ++ bgpPeerRemoteAddr, ++ bgpPeerRemotePort, ++ bgpPeerRemoteAs, ++ bgpPeerInUpdates, ++ bgpPeerOutUpdates, ++ bgpPeerInTotalMessages, ++ bgpPeerOutTotalMessages, ++ bgpPeerLastError, ++ bgpPeerFsmEstablishedTransitions, ++ bgpPeerFsmEstablishedTime, ++ bgpPeerConnectRetryInterval, ++ bgpPeerHoldTime, ++ bgpPeerKeepAlive, ++ bgpPeerHoldTimeConfigured, ++ bgpPeerKeepAliveConfigured, ++ bgpPeerMinASOriginationInterval, ++ bgpPeerMinRouteAdvertisementInterval, ++ bgpPeerInUpdateElapsedTime } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects for managing ++ BGP peers." ++ ::= { bgpMIBGroups 2 } ++ ++ bgp4MIBRcvdPathAttrGroup OBJECT-GROUP ++ OBJECTS { bgpPathAttrPeer, ++ bgpPathAttrDestNetwork, ++ bgpPathAttrOrigin, ++ bgpPathAttrASPath, ++ bgpPathAttrNextHop, ++ bgpPathAttrInterASMetric } ++ STATUS obsolete ++ DESCRIPTION ++ "A collection of objects for managing BGP ++ path entries. ++ ++ This conformance group is obsolete, ++ replaced by bgp4MIBPathAttrGroup." ++ ::= { bgpMIBGroups 3 } ++ ++ bgp4MIBPathAttrGroup OBJECT-GROUP ++ OBJECTS { bgp4PathAttrPeer, ++ bgp4PathAttrIpAddrPrefixLen, ++ bgp4PathAttrIpAddrPrefix, ++ bgp4PathAttrOrigin, ++ bgp4PathAttrASPathSegment, ++ bgp4PathAttrNextHop, ++ bgp4PathAttrMultiExitDisc, ++ bgp4PathAttrLocalPref, ++ bgp4PathAttrAtomicAggregate, ++ bgp4PathAttrAggregatorAS, ++ bgp4PathAttrAggregatorAddr, ++ bgp4PathAttrCalcLocalPref, ++ bgp4PathAttrBest, ++ bgp4PathAttrUnknown } ++ STATUS current ++ DESCRIPTION ++ "A collection of objects for managing ++ BGP path entries." ++ ::= { bgpMIBGroups 4 } ++ ++ bgp4MIBNotificationGroup NOTIFICATION-GROUP ++ NOTIFICATIONS { bgpEstablished, ++ bgpBackwardTransition } ++ STATUS current ++ DESCRIPTION ++ "A collection of notifications for signaling ++ changes in BGP peer relationships." ++ ::= { bgpMIBGroups 5 } ++ ++ END +diff -ruN mibs/BRIDGE-MIB.txt.orig mibs/BRIDGE-MIB.txt +--- mibs/BRIDGE-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/BRIDGE-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,1075 @@ ++BRIDGE-MIB DEFINITIONS ::= BEGIN ++ ++IMPORTS ++ Counter, TimeTicks ++ FROM RFC1155-SMI ++ mib-2 ++ FROM RFC1213-MIB ++ OBJECT-TYPE ++ FROM RFC-1212 ++ TRAP-TYPE ++ FROM RFC-1215; ++ ++-- All representations of MAC addresses in this MIB Module ++-- use, as a textual convention (i.e. this convention does ++-- not affect their encoding), the data type: ++MacAddress ::= OCTET STRING (SIZE (6)) -- a 6 octet address ++ -- in the ++ -- "canonical" ++ -- order ++-- defined by IEEE 802.1a, i.e., as if it were transmitted ++-- least significant bit first, even though 802.5 (in ++-- contrast to other n802.x protocols) requires MAC ++-- addresses to be transmitted most significant bit first. ++-- ++-- 16-bit addresses, if needed, are represented by setting ++-- their upper 4 octets to all 0's, i.e., AAFF would be ++-- represented as 00000000AAFF. ++ ++-- Similarly, all representations of Bridge-Id in this MIB ++-- Module use, as a textual convention (i.e. this ++-- convention does not affect their encoding), the data ++-- type: ++BridgeId ::= OCTET STRING (SIZE (8)) -- the ++ -- Bridge-Identifier ++ -- as used in the ++ -- Spanning Tree ++-- Protocol to uniquely identify a bridge. Its first two ++-- octets (in network byte order) contain a priority ++-- value and its last 6 octets contain the MAC address ++-- used to refer to a bridge in a unique fashion ++-- (typically, the numerically smallest MAC address ++-- of all ports on the bridge). ++ ++-- Several objects in this MIB module represent values of ++-- timers used by the Spanning Tree Protocol. In this ++-- MIB, these timers have values in units of hundreths of ++-- a second (i.e. 1/100 secs). ++-- These timers, when stored in a Spanning Tree Protocol's ++-- BPDU, are in units of 1/256 seconds. Note, however, ++-- that 802.1D-1990 specifies a settable granularity of ++-- no more than 1 second for these timers. To avoid ++-- ambiguity, a data type is defined here as a textual ++-- convention and all representation of these timers ++-- in this MIB module are defined using this data type. An ++-- algorithm is also defined for converting between the ++-- different units, to ensure a timer's value is not ++-- distorted by multiple conversions. ++-- The data type is: ++ ++Timeout ::= INTEGER -- a STP timer in units of 1/100 seconds ++ ++-- To convert a Timeout value into a value in units of ++-- 1/256 seconds, the following algorithm should be used: ++-- ++-- b = floor( (n * 256) / 100) ++-- ++-- where: ++-- floor = quotient [ignore remainder] ++-- n is the value in 1/100 second units ++-- b is the value in 1/256 second units ++-- ++-- To convert the value from 1/256 second units back to ++-- 1/100 seconds, the following algorithm should be used: ++-- ++-- n = ceiling( (b * 100) / 256) ++-- ++-- where: ++-- ceiling = quotient [if remainder is 0], or ++-- quotient + 1 [if remainder is non-zero] ++-- n is the value in 1/100 second units ++-- b is the value in 1/256 second units ++-- ++-- Note: it is important that the arithmetic operations are ++-- done in the order specified (i.e., multiply first, divide ++-- second). ++ ++ dot1dBridge OBJECT IDENTIFIER ::= { mib-2 17 } ++ ++-- groups in the Bridge MIB ++ ++dot1dBase OBJECT IDENTIFIER ::= { dot1dBridge 1 } ++ ++dot1dStp OBJECT IDENTIFIER ::= { dot1dBridge 2 } ++ ++dot1dSr OBJECT IDENTIFIER ::= { dot1dBridge 3 } ++-- separately documented ++ ++dot1dTp OBJECT IDENTIFIER ::= { dot1dBridge 4 } ++ ++dot1dStatic OBJECT IDENTIFIER ::= { dot1dBridge 5 } ++ ++-- the dot1dBase group ++ ++-- Implementation of the dot1dBase group is mandatory for all ++-- bridges. ++ ++dot1dBaseBridgeAddress OBJECT-TYPE ++ SYNTAX MacAddress ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The MAC address used by this bridge when it must ++ be referred to in a unique fashion. It is ++ recommended that this be the numerically smallest ++ MAC address of all ports that belong to this ++ bridge. However it is only required to be unique. ++ When concatenated with dot1dStpPriority a unique ++ BridgeIdentifier is formed which is used in the ++ Spanning Tree Protocol." ++ REFERENCE ++ "IEEE 802.1D-1990: Sections 6.4.1.1.3 and 3.12.5" ++ ::= { dot1dBase 1 } ++ ++dot1dBaseNumPorts OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of ports controlled by this bridging ++ entity." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.4.1.1.3" ++ ::= { dot1dBase 2 } ++ ++dot1dBaseType OBJECT-TYPE ++ SYNTAX INTEGER { ++ unknown(1), ++ transparent-only(2), ++ sourceroute-only(3), ++ srt(4) ++ } ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "Indicates what type of bridging this bridge can ++ perform. If a bridge is actually performing a ++ certain type of bridging this will be indicated by ++ entries in the port table for the given type." ++ ::= { dot1dBase 3 } ++ ++-- The Generic Bridge Port Table ++ ++dot1dBasePortTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dBasePortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains generic information about ++ every port that is associated with this bridge. ++ Transparent, source-route, and srt ports are ++ included." ++ ::= { dot1dBase 4 } ++ ++dot1dBasePortEntry OBJECT-TYPE ++ SYNTAX Dot1dBasePortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port of the ++ bridge." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.4.2, 6.6.1" ++ INDEX { dot1dBasePort } ++ ::= { dot1dBasePortTable 1 } ++ ++Dot1dBasePortEntry ::= ++ SEQUENCE { ++ dot1dBasePort ++ INTEGER, ++ dot1dBasePortIfIndex ++ INTEGER, ++ dot1dBasePortCircuit ++ ++ OBJECT IDENTIFIER, ++ dot1dBasePortDelayExceededDiscards ++ Counter, ++ dot1dBasePortMtuExceededDiscards ++ Counter ++ } ++ ++dot1dBasePort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port for which this entry ++ contains bridge management information." ++ ::= { dot1dBasePortEntry 1 } ++ ++dot1dBasePortIfIndex OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The value of the instance of the ifIndex object, ++ defined in MIB-II, for the interface corresponding ++ to this port." ++ ::= { dot1dBasePortEntry 2 } ++ ++dot1dBasePortCircuit OBJECT-TYPE ++ SYNTAX OBJECT IDENTIFIER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "For a port which (potentially) has the same value ++ of dot1dBasePortIfIndex as another port on the ++ same bridge, this object contains the name of an ++ object instance unique to this port. For example, ++ in the case where multiple ports correspond one- ++ to-one with multiple X.25 virtual circuits, this ++ value might identify an (e.g., the first) object ++ instance associated with the X.25 virtual circuit ++ corresponding to this port. ++ ++ For a port which has a unique value of ++ dot1dBasePortIfIndex, this object can have the ++ value { 0 0 }." ++ ::= { dot1dBasePortEntry 3 } ++ ++dot1dBasePortDelayExceededDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames discarded by this port due ++ to excessive transit delay through the bridge. It ++ is incremented by both transparent and source ++ route bridges." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.6.1.1.3" ++ ::= { dot1dBasePortEntry 4 } ++ ++dot1dBasePortMtuExceededDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames discarded by this port due ++ to an excessive size. It is incremented by both ++ transparent and source route bridges." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.6.1.1.3" ++ ::= { dot1dBasePortEntry 5 } ++ ++-- the dot1dStp group ++ ++-- Implementation of the dot1dStp group is optional. It is ++-- implemented by those bridges that support the Spanning Tree ++-- Protocol. ++ ++dot1dStpProtocolSpecification OBJECT-TYPE ++ SYNTAX INTEGER { ++ unknown(1), ++ decLb100(2), ++ ieee8021d(3) ++ } ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "An indication of what version of the Spanning ++ Tree Protocol is being run. The value ++ 'decLb100(2)' indicates the DEC LANbridge 100 ++ Spanning Tree protocol. IEEE 802.1d ++ implementations will return 'ieee8021d(3)'. If ++ future versions of the IEEE Spanning Tree Protocol ++ are released that are incompatible with the ++ current version a new value will be defined." ++ ++ ::= { dot1dStp 1 } ++ ++dot1dStpPriority OBJECT-TYPE ++ SYNTAX INTEGER (0..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The value of the write-able portion of the Bridge ++ ID, i.e., the first two octets of the (8 octet ++ long) Bridge ID. The other (last) 6 octets of the ++ Bridge ID are given by the value of ++ dot1dBaseBridgeAddress." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.7" ++ ::= { dot1dStp 2 } ++ ++dot1dStpTimeSinceTopologyChange OBJECT-TYPE ++ SYNTAX TimeTicks ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The time (in hundredths of a second) since the ++ last time a topology change was detected by the ++ bridge entity." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.8.1.1.3" ++ ::= { dot1dStp 3 } ++ ++dot1dStpTopChanges OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The total number of topology changes detected by ++ this bridge since the management entity was last ++ reset or initialized." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.8.1.1.3" ++ ::= { dot1dStp 4 } ++ ++dot1dStpDesignatedRoot OBJECT-TYPE ++ SYNTAX BridgeId ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The bridge identifier of the root of the spanning ++ tree as determined by the Spanning Tree Protocol ++ as executed by this node. This value is used as ++ ++ the Root Identifier parameter in all Configuration ++ Bridge PDUs originated by this node." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.1" ++ ::= { dot1dStp 5 } ++ ++dot1dStpRootCost OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The cost of the path to the root as seen from ++ this bridge." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.2" ++ ::= { dot1dStp 6 } ++ ++dot1dStpRootPort OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port which offers the ++ lowest cost path from this bridge to the root ++ bridge." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.3" ++ ::= { dot1dStp 7 } ++ ++dot1dStpMaxAge OBJECT-TYPE ++ SYNTAX Timeout ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum age of Spanning Tree Protocol ++ information learned from the network on any port ++ before it is discarded, in units of hundredths of ++ a second. This is the actual value that this ++ bridge is currently using." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.4" ++ ::= { dot1dStp 8 } ++ ++dot1dStpHelloTime OBJECT-TYPE ++ SYNTAX Timeout ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ ++ "The amount of time between the transmission of ++ Configuration bridge PDUs by this node on any port ++ when it is the root of the spanning tree or trying ++ to become so, in units of hundredths of a second. ++ This is the actual value that this bridge is ++ currently using." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.5" ++ ::= { dot1dStp 9 } ++ ++dot1dStpHoldTime OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "This time value determines the interval length ++ during which no more than two Configuration bridge ++ PDUs shall be transmitted by this node, in units ++ of hundredths of a second." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.14" ++ ::= { dot1dStp 10 } ++ ++dot1dStpForwardDelay OBJECT-TYPE ++ SYNTAX Timeout ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "This time value, measured in units of hundredths ++ of a second, controls how fast a port changes its ++ spanning state when moving towards the Forwarding ++ state. The value determines how long the port ++ stays in each of the Listening and Learning ++ states, which precede the Forwarding state. This ++ value is also used, when a topology change has ++ been detected and is underway, to age all dynamic ++ entries in the Forwarding Database. [Note that ++ this value is the one that this bridge is ++ currently using, in contrast to ++ dot1dStpBridgeForwardDelay which is the value that ++ this bridge and all others would start using ++ if/when this bridge were to become the root.]" ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.6" ++ ::= { dot1dStp 11 } ++ ++dot1dStpBridgeMaxAge OBJECT-TYPE ++ SYNTAX Timeout (600..4000) ++ ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The value that all bridges use for MaxAge when ++ this bridge is acting as the root. Note that ++ 802.1D-1990 specifies that the range for this ++ parameter is related to the value of ++ dot1dStpBridgeHelloTime. The granularity of this ++ timer is specified by 802.1D-1990 to be 1 second. ++ An agent may return a badValue error if a set is ++ attempted to a value which is not a whole number ++ of seconds." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.8" ++ ::= { dot1dStp 12 } ++ ++dot1dStpBridgeHelloTime OBJECT-TYPE ++ SYNTAX Timeout (100..1000) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The value that all bridges use for HelloTime when ++ this bridge is acting as the root. The ++ granularity of this timer is specified by 802.1D- ++ 1990 to be 1 second. An agent may return a ++ badValue error if a set is attempted to a value ++ which is not a whole number of seconds." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.9" ++ ::= { dot1dStp 13 } ++ ++dot1dStpBridgeForwardDelay OBJECT-TYPE ++ SYNTAX Timeout (400..3000) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The value that all bridges use for ForwardDelay ++ when this bridge is acting as the root. Note that ++ 802.1D-1990 specifies that the range for this ++ parameter is related to the value of ++ dot1dStpBridgeMaxAge. The granularity of this ++ timer is specified by 802.1D-1990 to be 1 second. ++ An agent may return a badValue error if a set is ++ attempted to a value which is not a whole number ++ of seconds." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.3.10" ++ ::= { dot1dStp 14 } ++ ++-- The Spanning Tree Port Table ++ ++dot1dStpPortTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dStpPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains port-specific information ++ for the Spanning Tree Protocol." ++ ::= { dot1dStp 15 } ++ ++dot1dStpPortEntry OBJECT-TYPE ++ SYNTAX Dot1dStpPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information maintained by every port ++ about the Spanning Tree Protocol state for that ++ port." ++ INDEX { dot1dStpPort } ++ ::= { dot1dStpPortTable 1 } ++ ++Dot1dStpPortEntry ::= ++ SEQUENCE { ++ dot1dStpPort ++ INTEGER, ++ dot1dStpPortPriority ++ INTEGER, ++ dot1dStpPortState ++ INTEGER, ++ dot1dStpPortEnable ++ INTEGER, ++ dot1dStpPortPathCost ++ INTEGER, ++ dot1dStpPortDesignatedRoot ++ BridgeId, ++ dot1dStpPortDesignatedCost ++ INTEGER, ++ dot1dStpPortDesignatedBridge ++ BridgeId, ++ dot1dStpPortDesignatedPort ++ OCTET STRING, ++ dot1dStpPortForwardTransitions ++ Counter ++ } ++ ++dot1dStpPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port for which this entry ++ contains Spanning Tree Protocol management ++ information." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.8.2.1.2" ++ ::= { dot1dStpPortEntry 1 } ++ ++dot1dStpPortPriority OBJECT-TYPE ++ SYNTAX INTEGER (0..255) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The value of the priority field which is ++ contained in the first (in network byte order) ++ octet of the (2 octet long) Port ID. The other ++ octet of the Port ID is given by the value of ++ dot1dStpPort." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.1" ++ ::= { dot1dStpPortEntry 2 } ++ ++dot1dStpPortState OBJECT-TYPE ++ SYNTAX INTEGER { ++ disabled(1), ++ blocking(2), ++ listening(3), ++ learning(4), ++ forwarding(5), ++ broken(6) ++ } ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port's current state as defined by ++ application of the Spanning Tree Protocol. This ++ state controls what action a port takes on ++ reception of a frame. If the bridge has detected ++ a port that is malfunctioning it will place that ++ port into the broken(6) state. For ports which ++ are disabled (see dot1dStpPortEnable), this object ++ will have a value of disabled(1)." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.2" ++ ::= { dot1dStpPortEntry 3 } ++ ++dot1dStpPortEnable OBJECT-TYPE ++ SYNTAX INTEGER { ++ enabled(1), ++ disabled(2) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The enabled/disabled status of the port." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.2" ++ ::= { dot1dStpPortEntry 4 } ++ ++dot1dStpPortPathCost OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The contribution of this port to the path cost of ++ paths towards the spanning tree root which include ++ this port. 802.1D-1990 recommends that the ++ default value of this parameter be in inverse ++ proportion to the speed of the attached LAN." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.3" ++ ::= { dot1dStpPortEntry 5 } ++ ++dot1dStpPortDesignatedRoot OBJECT-TYPE ++ SYNTAX BridgeId ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The unique Bridge Identifier of the Bridge ++ recorded as the Root in the Configuration BPDUs ++ transmitted by the Designated Bridge for the ++ segment to which the port is attached." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.4" ++ ::= { dot1dStpPortEntry 6 } ++ ++dot1dStpPortDesignatedCost OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The path cost of the Designated Port of the ++ segment connected to this port. This value is ++ compared to the Root Path Cost field in received ++ ++ bridge PDUs." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.5" ++ ::= { dot1dStpPortEntry 7 } ++ ++dot1dStpPortDesignatedBridge OBJECT-TYPE ++ SYNTAX BridgeId ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The Bridge Identifier of the bridge which this ++ port considers to be the Designated Bridge for ++ this port's segment." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.6" ++ ::= { dot1dStpPortEntry 8 } ++ ++dot1dStpPortDesignatedPort OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (2)) ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The Port Identifier of the port on the Designated ++ Bridge for this port's segment." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 4.5.5.7" ++ ::= { dot1dStpPortEntry 9 } ++ ++dot1dStpPortForwardTransitions OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of times this port has transitioned ++ from the Learning state to the Forwarding state." ++ ::= { dot1dStpPortEntry 10 } ++ ++-- the dot1dTp group ++ ++-- Implementation of the dot1dTp group is optional. It is ++-- implemented by those bridges that support the transparent ++-- bridging mode. A transparent or SRT bridge will implement ++-- this group. ++ ++dot1dTpLearnedEntryDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The total number of Forwarding Database entries, ++ which have been or would have been learnt, but ++ have been discarded due to a lack of space to ++ store them in the Forwarding Database. If this ++ counter is increasing, it indicates that the ++ Forwarding Database is regularly becoming full (a ++ condition which has unpleasant performance effects ++ on the subnetwork). If this counter has a ++ significant value but is not presently increasing, ++ it indicates that the problem has been occurring ++ but is not persistent." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.7.1.1.3" ++ ::= { dot1dTp 1 } ++ ++dot1dTpAgingTime OBJECT-TYPE ++ SYNTAX INTEGER (10..1000000) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The timeout period in seconds for aging out ++ dynamically learned forwarding information. ++ 802.1D-1990 recommends a default of 300 seconds." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.7.1.1.3" ++ ::= { dot1dTp 2 } ++ ++-- The Forwarding Database for Transparent Bridges ++ ++dot1dTpFdbTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dTpFdbEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about unicast ++ entries for which the bridge has forwarding and/or ++ filtering information. This information is used ++ by the transparent bridging function in ++ determining how to propagate a received frame." ++ ::= { dot1dTp 3 } ++ ++dot1dTpFdbEntry OBJECT-TYPE ++ SYNTAX Dot1dTpFdbEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "Information about a specific unicast MAC address ++ for which the bridge has some forwarding and/or ++ filtering information." ++ INDEX { dot1dTpFdbAddress } ++ ::= { dot1dTpFdbTable 1 } ++ ++Dot1dTpFdbEntry ::= ++ SEQUENCE { ++ dot1dTpFdbAddress ++ MacAddress, ++ dot1dTpFdbPort ++ INTEGER, ++ dot1dTpFdbStatus ++ INTEGER ++ } ++ ++dot1dTpFdbAddress OBJECT-TYPE ++ SYNTAX MacAddress ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "A unicast MAC address for which the bridge has ++ forwarding and/or filtering information." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 3.9.1, 3.9.2" ++ ::= { dot1dTpFdbEntry 1 } ++ ++dot1dTpFdbPort OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "Either the value '0', or the port number of the ++ port on which a frame having a source address ++ equal to the value of the corresponding instance ++ of dot1dTpFdbAddress has been seen. A value of ++ '0' indicates that the port number has not been ++ learned but that the bridge does have some ++ forwarding/filtering information about this ++ address (e.g. in the dot1dStaticTable). ++ Implementors are encouraged to assign the port ++ value to this object whenever it is learned even ++ for addresses for which the corresponding value of ++ dot1dTpFdbStatus is not learned(3)." ++ ::= { dot1dTpFdbEntry 2 } ++ ++dot1dTpFdbStatus OBJECT-TYPE ++ SYNTAX INTEGER { ++ other(1), ++ invalid(2), ++ learned(3), ++ self(4), ++ mgmt(5) ++ } ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The status of this entry. The meanings of the ++ values are: ++ other(1) : none of the following. This would ++ include the case where some other ++ MIB object (not the corresponding ++ instance of dot1dTpFdbPort, nor an ++ entry in the dot1dStaticTable) is ++ being used to determine if and how ++ frames addressed to the value of ++ the corresponding instance of ++ dot1dTpFdbAddress are being ++ forwarded. ++ invalid(2) : this entry is not longer valid ++ (e.g., it was learned but has since ++ aged-out), but has not yet been ++ flushed from the table. ++ learned(3) : the value of the corresponding ++ instance of dot1dTpFdbPort was ++ learned, and is being used. ++ self(4) : the value of the corresponding ++ instance of dot1dTpFdbAddress ++ represents one of the bridge's ++ addresses. The corresponding ++ instance of dot1dTpFdbPort ++ indicates which of the bridge's ++ ports has this address. ++ mgmt(5) : the value of the corresponding ++ instance of dot1dTpFdbAddress is ++ also the value of an existing ++ instance of dot1dStaticAddress." ++ ::= { dot1dTpFdbEntry 3 } ++ ++-- Port Table for Transparent Bridges ++ ++dot1dTpPortTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dTpPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about every ++ port that is associated with this transparent ++ bridge." ++ ::= { dot1dTp 4 } ++ ++dot1dTpPortEntry OBJECT-TYPE ++ SYNTAX Dot1dTpPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port of a ++ transparent bridge." ++ INDEX { dot1dTpPort } ++ ::= { dot1dTpPortTable 1 } ++ ++Dot1dTpPortEntry ::= ++ SEQUENCE { ++ dot1dTpPort ++ INTEGER, ++ dot1dTpPortMaxInfo ++ INTEGER, ++ dot1dTpPortInFrames ++ Counter, ++ dot1dTpPortOutFrames ++ Counter, ++ dot1dTpPortInDiscards ++ Counter ++ } ++ ++dot1dTpPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port for which this entry ++ contains Transparent bridging management ++ information." ++ ::= { dot1dTpPortEntry 1 } ++ ++-- It would be nice if we could use ifMtu as the size of the ++-- largest INFO field, but we can't because ifMtu is defined ++-- to be the size that the (inter-)network layer can use which ++-- can differ from the MAC layer (especially if several layers ++-- of encapsulation are used). ++ ++dot1dTpPortMaxInfo OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum size of the INFO (non-MAC) field that ++ this port will receive or transmit." ++ ::= { dot1dTpPortEntry 2 } ++ ++dot1dTpPortInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames that have been received by ++ this port from its segment. Note that a frame ++ received on the interface corresponding to this ++ port is only counted by this object if and only if ++ it is for a protocol being processed by the local ++ bridging function, including bridge management ++ frames." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.6.1.1.3" ++ ::= { dot1dTpPortEntry 3 } ++ ++dot1dTpPortOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames that have been transmitted ++ by this port to its segment. Note that a frame ++ transmitted on the interface corresponding to this ++ port is only counted by this object if and only if ++ it is for a protocol being processed by the local ++ bridging function, including bridge management ++ frames." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.6.1.1.3" ++ ::= { dot1dTpPortEntry 4 } ++ ++dot1dTpPortInDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "Count of valid frames received which were ++ discarded (i.e., filtered) by the Forwarding ++ Process." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.6.1.1.3" ++ ::= { dot1dTpPortEntry 5 } ++-- The Static (Destination-Address Filtering) Database ++ ++-- Implementation of this group is optional. ++ ++dot1dStaticTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dStaticEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table containing filtering information ++ configured into the bridge by (local or network) ++ management specifying the set of ports to which ++ frames received from specific ports and containing ++ specific destination addresses are allowed to be ++ forwarded. The value of zero in this table as the ++ port number from which frames with a specific ++ destination address are received, is used to ++ specify all ports for which there is no specific ++ entry in this table for that particular ++ destination address. Entries are valid for ++ unicast and for group/broadcast addresses." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.7.2" ++ ::= { dot1dStatic 1 } ++ ++dot1dStaticEntry OBJECT-TYPE ++ SYNTAX Dot1dStaticEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "Filtering information configured into the bridge ++ by (local or network) management specifying the ++ set of ports to which frames received from a ++ specific port and containing a specific ++ destination address are allowed to be forwarded." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 6.7.2" ++ INDEX { dot1dStaticAddress, dot1dStaticReceivePort } ++ ::= { dot1dStaticTable 1 } ++ ++Dot1dStaticEntry ::= ++ SEQUENCE { ++ dot1dStaticAddress ++ MacAddress, ++ dot1dStaticReceivePort ++ INTEGER, ++ dot1dStaticAllowedToGoTo ++ OCTET STRING, ++ dot1dStaticStatus ++ INTEGER ++ } ++ ++dot1dStaticAddress OBJECT-TYPE ++ SYNTAX MacAddress ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The destination MAC address in a frame to which ++ this entry's filtering information applies. This ++ object can take the value of a unicast address, a ++ group address or the broadcast address." ++ REFERENCE ++ "IEEE 802.1D-1990: Section 3.9.1, 3.9.2" ++ ::= { dot1dStaticEntry 1 } ++ ++dot1dStaticReceivePort OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "Either the value '0', or the port number of the ++ port from which a frame must be received in order ++ for this entry's filtering information to apply. ++ A value of zero indicates that this entry applies ++ on all ports of the bridge for which there is no ++ other applicable entry." ++ ::= { dot1dStaticEntry 2 } ++ ++dot1dStaticAllowedToGoTo OBJECT-TYPE ++ SYNTAX OCTET STRING ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The set of ports to which frames received from a ++ specific port and destined for a specific MAC ++ ++ address, are allowed to be forwarded. Each octet ++ within the value of this object specifies a set of ++ eight ports, with the first octet specifying ports ++ 1 through 8, the second octet specifying ports 9 ++ through 16, etc. Within each octet, the most ++ significant bit represents the lowest numbered ++ port, and the least significant bit represents the ++ highest numbered port. Thus, each port of the ++ bridge is represented by a single bit within the ++ value of this object. If that bit has a value of ++ '1' then that port is included in the set of ++ ports; the port is not included if its bit has a ++ value of '0'. (Note that the setting of the bit ++ corresponding to the port from which a frame is ++ received is irrelevant.) The default value of ++ this object is a string of ones of appropriate ++ length." ++ ::= { dot1dStaticEntry 3 } ++ ++dot1dStaticStatus OBJECT-TYPE ++ SYNTAX INTEGER { ++ other(1), ++ invalid(2), ++ permanent(3), ++ deleteOnReset(4), ++ deleteOnTimeout(5) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "This object indicates the status of this entry. ++ The default value is permanent(3). ++ other(1) - this entry is currently in use but ++ the conditions under which it will ++ remain so are different from each of the ++ following values. ++ invalid(2) - writing this value to the object ++ removes the corresponding entry. ++ permanent(3) - this entry is currently in use ++ and will remain so after the next reset ++ of the bridge. ++ deleteOnReset(4) - this entry is currently in ++ use and will remain so until the next ++ reset of the bridge. ++ deleteOnTimeout(5) - this entry is currently ++ in use and will remain so until it is ++ aged out." ++ ++ ::= { dot1dStaticEntry 4 } ++ ++-- Traps for use by Bridges ++ ++-- Traps for the Spanning Tree Protocol ++ ++newRoot TRAP-TYPE ++ ENTERPRISE dot1dBridge ++ DESCRIPTION ++ "The newRoot trap indicates that the sending agent ++ has become the new root of the Spanning Tree; the ++ trap is sent by a bridge soon after its election ++ as the new root, e.g., upon expiration of the ++ Topology Change Timer immediately subsequent to ++ its election. Implementation of this trap is ++ optional." ++ ::= 1 ++ ++topologyChange TRAP-TYPE ++ ENTERPRISE dot1dBridge ++ DESCRIPTION ++ "A topologyChange trap is sent by a bridge when ++ any of its configured ports transitions from the ++ Learning state to the Forwarding state, or from ++ the Forwarding state to the Blocking state. The ++ trap is not sent if a newRoot trap is sent for the ++ same transition. Implementation of this trap is ++ optional." ++ ::= 2 ++ ++END +diff -ruN mibs/GNOME-SMI.txt.orig mibs/GNOME-SMI.txt +--- mibs/GNOME-SMI.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/GNOME-SMI.txt 2005-07-20 21:47:13.000000000 +0200 +@@ -0,0 +1,83 @@ ++GNOME-SMI DEFINITIONS ::= BEGIN ++ ++IMPORTS ++ MODULE-IDENTITY, ++ OBJECT-IDENTITY, ++ enterprises ++ FROM SNMPv2-SMI; ++ ++gnome MODULE-IDENTITY ++ LAST-UPDATED "200505070000Z" ++ ORGANIZATION "GNOME project" ++ CONTACT-INFO ++ "GNU Network Object Model Environment project ++ ++ see http://www.gnome.org for contact persons of a particular ++ area or subproject of GNOME. ++ ++ Administrative contact for MIB module: ++ ++ Jochen Friedrich ++ Buedingerstr. 30b ++ 63546 Hammersbach ++ Germany ++ ++ email: jochen@scram.de" ++ DESCRIPTION ++ "The Structure of GNOME." ++ ++ -- revision history ++ ++ REVISION "200505070000Z" -- May 07, 2005 ++ DESCRIPTION ++ "Added gnomeLDAP subtree for LDAP definitions." ++ ++ REVISION "200312070000Z" -- December 07, 2003 ++ DESCRIPTION ++ "Added gnomeSysadmin subtree for GNOME project system administration. ++ Updated contact info." ++ ++ REVISION "9809010000Z" -- September 01, 1998 ++ DESCRIPTION ++ "Initial version." ++ ++ ::= { enterprises 3317 } -- assigned by IANA ++ ++gnomeProducts OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeProducts is the root OBJECT IDENTIFIER from ++ which sysObjectID values are assigned." ++ ::= { gnome 1 } ++ ++gnomeMgmt OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeMgmt defines the subtree for production GNOME related ++ MIB registrations." ++ ::= { gnome 2 } ++ ++gnomeTest OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeTest defines the subtree for testing GNOME related ++ MIB registrations." ++ ::= { gnome 3 } ++ ++gnomeSysadmin OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeSysadmin defines the subtree for GNOME related Sysadmin ++ MIB registrations." ++ ::= { gnome 4 } ++ ++gnomeLDAP OBJECT-IDENTITY ++ STATUS current ++ DESCRIPTION ++ "gnomeLDAP defines the subtree for GNOME related LDAP ++ registrations." ++ ::= { gnome 5 } ++ ++-- more to come if necessary. ++ ++END +diff -ruN mibs/OSPF-MIB.txt.orig mibs/OSPF-MIB.txt +--- mibs/OSPF-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/OSPF-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,2723 @@ ++OSPF-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, ++ Integer32, IpAddress ++ FROM SNMPv2-SMI ++ TEXTUAL-CONVENTION, TruthValue, RowStatus ++ FROM SNMPv2-TC ++ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ++ mib-2 FROM RFC1213-MIB; ++ ++-- This MIB module uses the extended OBJECT-TYPE macro as ++-- defined in [9]. ++ ++ospf MODULE-IDENTITY ++ LAST-UPDATED "9501201225Z" -- Fri Jan 20 12:25:50 PST 1995 ++ ORGANIZATION "IETF OSPF Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fred@cisco.com ++ ++ Rob Coltun ++ Postal: RainbowBridge Communications ++ Tel: (301) 340-9416 ++ E-Mail: rcoltun@rainbow-bridge.com" ++ DESCRIPTION ++ "The MIB module to describe the OSPF Version 2 ++ Protocol" ++ ::= { mib-2 14 } ++ ++-- The Area ID, in OSPF, has the same format as an IP Address, ++-- but has the function of defining a summarization point for ++-- Link State Advertisements ++ ++AreaID ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "An OSPF Area Identifier." ++ SYNTAX IpAddress ++ ++ ++-- The Router ID, in OSPF, has the same format as an IP Address, ++-- but identifies the router independent of its IP Address. ++ ++RouterID ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "A OSPF Router Identifier." ++ SYNTAX IpAddress ++ ++ ++-- The OSPF Metric is defined as an unsigned value in the range ++ ++Metric ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The OSPF Internal Metric." ++ SYNTAX Integer32 (0..'FFFF'h) ++ ++BigMetric ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The OSPF External Metric." ++ SYNTAX Integer32 (0..'FFFFFF'h) ++ ++-- Status Values ++ ++Status ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The status of an interface: 'enabled' indicates that ++ it is willing to communicate with other OSPF Routers, ++ while 'disabled' indicates that it is not." ++ SYNTAX INTEGER { enabled (1), disabled (2) } ++ ++-- Time Durations measured in seconds ++ ++PositiveInteger ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "A positive integer. Values in excess are precluded as ++ unnecessary and prone to interoperability issues." ++ SYNTAX Integer32 (0..'7FFFFFFF'h) ++ ++HelloRange ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The range of intervals on which hello messages are ++ exchanged." ++ SYNTAX Integer32 (1..'FFFF'h) ++ ++UpToMaxAge ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The values that one might find or configure for ++ variables bounded by the maximum age of an LSA." ++ SYNTAX Integer32 (0..3600) ++ ++ ++-- The range of ifIndex ++ ++InterfaceIndex ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The range of ifIndex." ++ SYNTAX Integer32 ++ ++ ++-- Potential Priorities for the Designated Router Election ++ ++DesignatedRouterPriority ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "The values defined for the priority of a system for ++ becoming the designated router." ++ SYNTAX Integer32 (0..'FF'h) ++ ++TOSType ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "Type of Service is defined as a mapping to the IP Type of ++ Service Flags as defined in the IP Forwarding Table MIB ++ ++ +-----+-----+-----+-----+-----+-----+-----+-----+ ++ | | | | ++ | PRECEDENCE | TYPE OF SERVICE | 0 | ++ | | | | ++ +-----+-----+-----+-----+-----+-----+-----+-----+ ++ ++ IP TOS IP TOS ++ Field Policy Field Policy ++ ++ Contents Code Contents Code ++ 0 0 0 0 ==> 0 0 0 0 1 ==> 2 ++ 0 0 1 0 ==> 4 0 0 1 1 ==> 6 ++ 0 1 0 0 ==> 8 0 1 0 1 ==> 10 ++ 0 1 1 0 ==> 12 0 1 1 1 ==> 14 ++ 1 0 0 0 ==> 16 1 0 0 1 ==> 18 ++ 1 0 1 0 ==> 20 1 0 1 1 ==> 22 ++ 1 1 0 0 ==> 24 1 1 0 1 ==> 26 ++ 1 1 1 0 ==> 28 1 1 1 1 ==> 30 ++ ++ The remaining values are left for future definition." ++ SYNTAX Integer32 (0..30) ++ ++ ++-- OSPF General Variables ++ ++-- These parameters apply globally to the Router's ++-- OSPF Process. ++ ++ospfGeneralGroup OBJECT IDENTIFIER ::= { ospf 1 } ++ ++ ++ ospfRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the ++ router in the Autonomous System. ++ ++ By convention, to ensure uniqueness, this ++ should default to the value of one of the ++ router's IP interface addresses." ++ REFERENCE ++ "OSPF Version 2, C.1 Global parameters" ++ ::= { ospfGeneralGroup 1 } ++ ++ ++ ospfAdminStat OBJECT-TYPE ++ SYNTAX Status ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The administrative status of OSPF in the ++ router. The value 'enabled' denotes that the ++ OSPF Process is active on at least one inter- ++ face; 'disabled' disables it on all inter- ++ faces." ++ ::= { ospfGeneralGroup 2 } ++ ++ ospfVersionNumber OBJECT-TYPE ++ SYNTAX INTEGER { version2 (2) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current version number of the OSPF proto- ++ col is 2." ++ REFERENCE ++ "OSPF Version 2, Title" ++ ::= { ospfGeneralGroup 3 } ++ ++ ++ ospfAreaBdrRtrStatus OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A flag to note whether this router is an area ++ border router." ++ REFERENCE ++ "OSPF Version 2, Section 3 Splitting the AS into ++ Areas" ++ ::= { ospfGeneralGroup 4 } ++ ++ ++ ospfASBdrRtrStatus OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A flag to note whether this router is config- ++ ured as an Autonomous System border router." ++ REFERENCE ++ "OSPF Version 2, Section 3.3 Classification of ++ routers" ++ ::= { ospfGeneralGroup 5 } ++ ++ ospfExternLsaCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of external (LS type 5) link-state ++ advertisements in the link-state database." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.5 AS external link ++ advertisements" ++ ::= { ospfGeneralGroup 6 } ++ ++ ++ ospfExternLsaCksumSum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32-bit unsigned sum of the LS checksums of ++ the external link-state advertisements con- ++ tained in the link-state database. This sum ++ can be used to determine if there has been a ++ change in a router's link state database, and ++ to compare the link-state database of two ++ routers." ++ ::= { ospfGeneralGroup 7 } ++ ++ ++ ospfTOSSupport OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The router's support for type-of-service rout- ++ ing." ++ REFERENCE ++ "OSPF Version 2, Appendix F.1.2 Optional TOS ++ support" ++ ::= { ospfGeneralGroup 8 } ++ ++ ospfOriginateNewLsas OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of new link-state advertisements ++ that have been originated. This number is in- ++ cremented each time the router originates a new ++ LSA." ++ ::= { ospfGeneralGroup 9 } ++ ++ ++ ospfRxNewLsas OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of link-state advertisements re- ++ ceived determined to be new instantiations. ++ This number does not include newer instantia- ++ tions of self-originated link-state advertise- ++ ments." ++ ::= { ospfGeneralGroup 10 } ++ ++ ospfExtLsdbLimit OBJECT-TYPE ++ SYNTAX Integer32 (-1..'7FFFFFFF'h) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The maximum number of non-default AS- ++ external-LSAs entries that can be stored in the ++ link-state database. If the value is -1, then ++ there is no limit. ++ ++ When the number of non-default AS-external-LSAs ++ in a router's link-state database reaches ++ ospfExtLsdbLimit, the router enters Overflow- ++ State. The router never holds more than ++ ospfExtLsdbLimit non-default AS-external-LSAs ++ in its database. OspfExtLsdbLimit MUST be set ++ identically in all routers attached to the OSPF ++ backbone and/or any regular OSPF area. (i.e., ++ OSPF stub areas and NSSAs are excluded)." ++ DEFVAL { -1 } ++ ::= { ospfGeneralGroup 11 } ++ ++ ospfMulticastExtensions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask indicating whether the router is ++ forwarding IP multicast (Class D) datagrams ++ based on the algorithms defined in the Multi- ++ cast Extensions to OSPF. ++ ++ Bit 0, if set, indicates that the router can ++ forward IP multicast datagrams in the router's ++ directly attached areas (called intra-area mul- ++ ticast routing). ++ ++ Bit 1, if set, indicates that the router can ++ forward IP multicast datagrams between OSPF ++ areas (called inter-area multicast routing). ++ ++ Bit 2, if set, indicates that the router can ++ forward IP multicast datagrams between Auto- ++ nomous Systems (called inter-AS multicast rout- ++ ing). ++ ++ Only certain combinations of bit settings are ++ allowed, namely: 0 (no multicast forwarding is ++ enabled), 1 (intra-area multicasting only), 3 ++ (intra-area and inter-area multicasting), 5 ++ (intra-area and inter-AS multicasting) and 7 ++ (multicasting everywhere). By default, no mul- ++ ticast forwarding is enabled." ++ DEFVAL { 0 } ++ ::= { ospfGeneralGroup 12 } ++ ++ ospfExitOverflowInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that, after entering ++ OverflowState, a router will attempt to leave ++ OverflowState. This allows the router to again ++ originate non-default AS-external-LSAs. When ++ set to 0, the router will not leave Overflow- ++ State until restarted." ++ DEFVAL { 0 } ++ ::= { ospfGeneralGroup 13 } ++ ++ ++ ospfDemandExtensions OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "The router's support for demand routing." ++ REFERENCE ++ "OSPF Version 2, Appendix on Demand Routing" ++ ::= { ospfGeneralGroup 14 } ++ ++ ++-- The OSPF Area Data Structure contains information ++-- regarding the various areas. The interfaces and ++-- virtual links are configured as part of these areas. ++-- Area 0.0.0.0, by definition, is the Backbone Area ++ ++ ++ ospfAreaTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information describing the configured parame- ++ ters and cumulative statistics of the router's ++ attached areas." ++ REFERENCE ++ "OSPF Version 2, Section 6 The Area Data Struc- ++ ture" ++ ::= { ospf 2 } ++ ++ ++ ospfAreaEntry OBJECT-TYPE ++ SYNTAX OspfAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information describing the configured parame- ++ ters and cumulative statistics of one of the ++ router's attached areas." ++ INDEX { ospfAreaId } ++ ::= { ospfAreaTable 1 } ++ ++OspfAreaEntry ::= ++ SEQUENCE { ++ ospfAreaId ++ AreaID, ++ ospfAuthType ++ Integer32, ++ ospfImportAsExtern ++ INTEGER, ++ ospfSpfRuns ++ Counter32, ++ ospfAreaBdrRtrCount ++ Gauge32, ++ ospfAsBdrRtrCount ++ Gauge32, ++ ospfAreaLsaCount ++ Gauge32, ++ ospfAreaLsaCksumSum ++ Integer32, ++ ospfAreaSummary ++ INTEGER, ++ ospfAreaStatus ++ RowStatus ++ } ++ ++ ospfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying an area. ++ Area ID 0.0.0.0 is used for the OSPF backbone." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaEntry 1 } ++ ++ ++ ospfAuthType OBJECT-TYPE ++ SYNTAX Integer32 ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "The authentication type specified for an area. ++ Additional authentication types may be assigned ++ locally on a per Area basis." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfAreaEntry 2 } ++ ++ ospfImportAsExtern OBJECT-TYPE ++ SYNTAX INTEGER { ++ importExternal (1), ++ importNoExternal (2), ++ importNssa (3) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The area's support for importing AS external ++ link- state advertisements." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ DEFVAL { importExternal } ++ ::= { ospfAreaEntry 3 } ++ ++ ++ ospfSpfRuns OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times that the intra-area route ++ table has been calculated using this area's ++ link-state database. This is typically done ++ using Dijkstra's algorithm." ++ ::= { ospfAreaEntry 4 } ++ ++ ++ ospfAreaBdrRtrCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of area border routers reach- ++ able within this area. This is initially zero, ++ and is calculated in each SPF Pass." ++ ::= { ospfAreaEntry 5 } ++ ++ ospfAsBdrRtrCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of Autonomous System border ++ routers reachable within this area. This is ++ initially zero, and is calculated in each SPF ++ Pass." ++ ::= { ospfAreaEntry 6 } ++ ++ ++ ospfAreaLsaCount OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The total number of link-state advertisements ++ in this area's link-state database, excluding ++ AS External LSA's." ++ ::= { ospfAreaEntry 7 } ++ ++ ++ ospfAreaLsaCksumSum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32-bit unsigned sum of the link-state ad- ++ vertisements' LS checksums contained in this ++ area's link-state database. This sum excludes ++ external (LS type 5) link-state advertisements. ++ The sum can be used to determine if there has ++ been a change in a router's link state data- ++ base, and to compare the link-state database of ++ two routers." ++ DEFVAL { 0 } ++ ::= { ospfAreaEntry 8 } ++ ++ ospfAreaSummary OBJECT-TYPE ++ SYNTAX INTEGER { ++ noAreaSummary (1), ++ sendAreaSummary (2) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The variable ospfAreaSummary controls the im- ++ port of summary LSAs into stub areas. It has ++ no effect on other areas. ++ ++ If it is noAreaSummary, the router will neither ++ originate nor propagate summary LSAs into the ++ stub area. It will rely entirely on its de- ++ fault route. ++ ++ If it is sendAreaSummary, the router will both ++ summarize and propagate summary LSAs." ++ DEFVAL { noAreaSummary } ++ ::= { ospfAreaEntry 9 } ++ ++ ++ ospfAreaStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaEntry 10 } ++ ++ ++-- OSPF Area Default Metric Table ++ ++-- The OSPF Area Default Metric Table describes the metrics ++-- that a default Area Border Router will advertise into a ++-- Stub area. ++ ++ ++ ospfStubAreaTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfStubAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The set of metrics that will be advertised by ++ a default Area Border Router into a stub area." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2, Area Parameters" ++ ::= { ospf 3 } ++ ++ ++ ospfStubAreaEntry OBJECT-TYPE ++ SYNTAX OspfStubAreaEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The metric for a given Type of Service that ++ will be advertised by a default Area Border ++ Router into a stub area." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2, Area Parameters" ++ INDEX { ospfStubAreaId, ospfStubTOS } ++ ::= { ospfStubAreaTable 1 } ++ ++OspfStubAreaEntry ::= ++ SEQUENCE { ++ ospfStubAreaId ++ AreaID, ++ ospfStubTOS ++ TOSType, ++ ospfStubMetric ++ BigMetric, ++ ospfStubStatus ++ RowStatus, ++ ospfStubMetricType ++ INTEGER ++ } ++ ++ ospfStubAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit identifier for the Stub Area. On ++ creation, this can be derived from the in- ++ stance." ++ ::= { ospfStubAreaEntry 1 } ++ ++ ++ ospfStubTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Type of Service associated with the ++ metric. On creation, this can be derived from ++ the instance." ++ ::= { ospfStubAreaEntry 2 } ++ ++ ++ ospfStubMetric OBJECT-TYPE ++ SYNTAX BigMetric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The metric value applied at the indicated type ++ of service. By default, this equals the least ++ metric at the type of service among the inter- ++ faces to other areas." ++ ::= { ospfStubAreaEntry 3 } ++ ++ ++ ospfStubStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfStubAreaEntry 4 } ++ ++ ospfStubMetricType OBJECT-TYPE ++ SYNTAX INTEGER { ++ ospfMetric (1), -- OSPF Metric ++ comparableCost (2), -- external type 1 ++ nonComparable (3) -- external type 2 ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the type of metric ad- ++ vertised as a default route." ++ DEFVAL { ospfMetric } ++ ::= { ospfStubAreaEntry 5 } ++ ++-- OSPF Link State Database ++ ++-- The Link State Database contains the Link State ++-- Advertisements from throughout the areas that the ++-- device is attached to. ++ ++ ++ ospfLsdbTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Process's Link State Database." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospf 4 } ++ ++ ++ ospfLsdbEntry OBJECT-TYPE ++ SYNTAX OspfLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A single Link State Advertisement." ++ INDEX { ospfLsdbAreaId, ospfLsdbType, ++ ospfLsdbLsid, ospfLsdbRouterId } ++ ::= { ospfLsdbTable 1 } ++ ++OspfLsdbEntry ::= ++ SEQUENCE { ++ ospfLsdbAreaId ++ AreaID, ++ ospfLsdbType ++ INTEGER, ++ ospfLsdbLsid ++ IpAddress, ++ ospfLsdbRouterId ++ RouterID, ++ ospfLsdbSequence ++ Integer32, ++ ospfLsdbAge ++ Integer32, ++ ospfLsdbChecksum ++ Integer32, ++ ospfLsdbAdvertisement ++ OCTET STRING ++ } ++ ospfLsdbAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit identifier of the Area from which ++ the LSA was received." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfLsdbEntry 1 } ++ ++-- External Link State Advertisements are permitted ++-- for backward compatibility, but should be displayed in ++-- the ospfExtLsdbTable rather than here. ++ ++ ospfLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ routerLink (1), ++ networkLink (2), ++ summaryLink (3), ++ asSummaryLink (4), ++ asExternalLink (5), -- but see ospfExtLsdbTable ++ multicastLink (6), ++ nssaExternalLink (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the link state advertisement. ++ Each link state type has a separate advertise- ++ ment format." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfLsdbEntry 2 } ++ ++ ospfLsdbLsid OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Link State ID is an LS Type Specific field ++ containing either a Router ID or an IP Address; ++ it identifies the piece of the routing domain ++ that is being described by the advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.4 Link State ID" ++ ::= { ospfLsdbEntry 3 } ++ ospfLsdbRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit number that uniquely identifies the ++ originating router in the Autonomous System." ++ REFERENCE ++ "OSPF Version 2, Appendix C.1 Global parameters" ++ ::= { ospfLsdbEntry 4 } ++ ++-- Note that the OSPF Sequence Number is a 32 bit signed ++-- integer. It starts with the value '80000001'h, ++-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h ++-- Thus, a typical sequence number will be very negative. ++ ++ ospfLsdbSequence OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence number field is a signed 32-bit ++ integer. It is used to detect old and dupli- ++ cate link state advertisements. The space of ++ sequence numbers is linearly ordered. The ++ larger the sequence number the more recent the ++ advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.6 LS sequence ++ number" ++ ::= { ospfLsdbEntry 5 } ++ ++ ++ ospfLsdbAge OBJECT-TYPE ++ SYNTAX Integer32 -- Should be 0..MaxAge ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the age of the link state adver- ++ tisement in seconds." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.1 LS age" ++ ::= { ospfLsdbEntry 6 } ++ ++ ospfLsdbChecksum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the checksum of the complete ++ contents of the advertisement, excepting the ++ age field. The age field is excepted so that ++ an advertisement's age can be incremented ++ without updating the checksum. The checksum ++ used is the same that is used for ISO connec- ++ tionless datagrams; it is commonly referred to ++ as the Fletcher checksum." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.7 LS checksum" ++ ::= { ospfLsdbEntry 7 } ++ ++ ++ ospfLsdbAdvertisement OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (1..65535)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The entire Link State Advertisement, including ++ its header." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospfLsdbEntry 8 } ++ ++ ++-- Address Range Table ++ ++-- The Address Range Table acts as an adjunct to the Area ++-- Table; It describes those Address Range Summaries that ++-- are configured to be propagated from an Area to reduce ++-- the amount of information about it which is known beyond ++-- its borders. ++ ++ ospfAreaRangeTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaRangeEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "A range if IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospf 5 } ++ ospfAreaRangeEntry OBJECT-TYPE ++ SYNTAX OspfAreaRangeEntry ++ MAX-ACCESS not-accessible ++ STATUS obsolete ++ DESCRIPTION ++ "A range if IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ INDEX { ospfAreaRangeAreaId, ospfAreaRangeNet } ++ ::= { ospfAreaRangeTable 1 } ++ ++OspfAreaRangeEntry ::= ++ SEQUENCE { ++ ospfAreaRangeAreaId ++ AreaID, ++ ospfAreaRangeNet ++ IpAddress, ++ ospfAreaRangeMask ++ IpAddress, ++ ospfAreaRangeStatus ++ RowStatus, ++ ospfAreaRangeEffect ++ INTEGER ++ } ++ ++ ospfAreaRangeAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The Area the Address Range is to be found ++ within." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 1 } ++ ++ ++ ospfAreaRangeNet OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS obsolete ++ DESCRIPTION ++ "The IP Address of the Net or Subnet indicated ++ by the range." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 2 } ++ ++ ++ ospfAreaRangeMask OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "The Subnet Mask that pertains to the Net or ++ Subnet." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaRangeEntry 3 } ++ ++ ospfAreaRangeStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaRangeEntry 4 } ++ ++ ++ ospfAreaRangeEffect OBJECT-TYPE ++ SYNTAX INTEGER { ++ advertiseMatching (1), ++ doNotAdvertiseMatching (2) ++ } ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "Subnets subsumed by ranges either trigger the ++ advertisement of the indicated summary (adver- ++ tiseMatching), or result in the subnet's not ++ being advertised at all outside the area." ++ DEFVAL { advertiseMatching } ++ ::= { ospfAreaRangeEntry 5 } ++ ++ ++ ++-- OSPF Host Table ++ ++-- The Host/Metric Table indicates what hosts are directly ++-- attached to the Router, and what metrics and types of ++-- service should be advertised for them. ++ ++ ospfHostTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfHostEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The list of Hosts, and their metrics, that the ++ router will advertise as host routes." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route param- ++ eters" ++ ::= { ospf 6 } ++ ++ ++ ospfHostEntry OBJECT-TYPE ++ SYNTAX OspfHostEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A metric to be advertised, for a given type of ++ service, when a given host is reachable." ++ INDEX { ospfHostIpAddress, ospfHostTOS } ++ ::= { ospfHostTable 1 } ++ ++OspfHostEntry ::= ++ SEQUENCE { ++ ospfHostIpAddress ++ IpAddress, ++ ospfHostTOS ++ TOSType, ++ ospfHostMetric ++ Metric, ++ ospfHostStatus ++ RowStatus, ++ ospfHostAreaID ++ AreaID ++ } ++ ++ ospfHostIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Host." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 1 } ++ ++ ++ ospfHostTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Type of Service of the route being config- ++ ured." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 2 } ++ ++ ++ ospfHostMetric OBJECT-TYPE ++ SYNTAX Metric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The Metric to be advertised." ++ REFERENCE ++ "OSPF Version 2, Appendix C.6 Host route parame- ++ ters" ++ ::= { ospfHostEntry 3 } ++ ++ ospfHostStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfHostEntry 4 } ++ ++ ++ ospfHostAreaID OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Area the Host Entry is to be found within. ++ By default, the area that a subsuming OSPF in- ++ terface is in, or 0.0.0.0" ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfHostEntry 5 } ++ ++ ++-- OSPF Interface Table ++ ++-- The OSPF Interface Table augments the ipAddrTable ++-- with OSPF specific information. ++ ++ ospfIfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface Table describes the inter- ++ faces from the viewpoint of OSPF." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ ::= { ospf 7 } ++ ++ ++ ospfIfEntry OBJECT-TYPE ++ SYNTAX OspfIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface Entry describes one inter- ++ face from the viewpoint of OSPF." ++ INDEX { ospfIfIpAddress, ospfAddressLessIf } ++ ::= { ospfIfTable 1 } ++ ++OspfIfEntry ::= ++ SEQUENCE { ++ ospfIfIpAddress ++ IpAddress, ++ ospfAddressLessIf ++ Integer32, ++ ospfIfAreaId ++ AreaID, ++ ospfIfType ++ INTEGER, ++ ospfIfAdminStat ++ Status, ++ ospfIfRtrPriority ++ DesignatedRouterPriority, ++ ospfIfTransitDelay ++ UpToMaxAge, ++ ospfIfRetransInterval ++ UpToMaxAge, ++ ospfIfHelloInterval ++ HelloRange, ++ ospfIfRtrDeadInterval ++ PositiveInteger, ++ ospfIfPollInterval ++ PositiveInteger, ++ ospfIfState ++ INTEGER, ++ ospfIfDesignatedRouter ++ IpAddress, ++ ospfIfBackupDesignatedRouter ++ IpAddress, ++ ospfIfEvents ++ Counter32, ++ ospfIfAuthType ++ INTEGER, ++ ospfIfAuthKey ++ OCTET STRING, ++ ospfIfStatus ++ RowStatus, ++ ospfIfMulticastForwarding ++ INTEGER, ++ ospfIfDemand ++ TruthValue ++ } ++ ++ ospfIfIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of this OSPF interface." ++ ::= { ospfIfEntry 1 } ++ ++ ospfAddressLessIf OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "For the purpose of easing the instancing of ++ addressed and addressless interfaces; This ++ variable takes the value 0 on interfaces with ++ IP Addresses, and the corresponding value of ++ ifIndex for interfaces having no IP Address." ++ ::= { ospfIfEntry 2 } ++ ospfIfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the area ++ to which the interface connects. Area ID ++ 0.0.0.0 is used for the OSPF backbone." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 3 } ++ ++ ospfIfType OBJECT-TYPE ++ SYNTAX INTEGER { ++ broadcast (1), ++ nbma (2), ++ pointToPoint (3), ++ pointToMultipoint (5) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The OSPF interface type. ++ ++ By way of a default, this field may be intuited ++ from the corresponding value of ifType. Broad- ++ cast LANs, such as Ethernet and IEEE 802.5, ++ take the value 'broadcast', X.25 and similar ++ technologies take the value 'nbma', and links ++ that are definitively point to point take the ++ value 'pointToPoint'." ++ ::= { ospfIfEntry 4 } ++ ++ ++ ospfIfAdminStat OBJECT-TYPE ++ SYNTAX Status ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The OSPF interface's administrative status. ++ The value formed on the interface, and the in- ++ terface will be advertised as an internal route ++ to some area. The value 'disabled' denotes ++ that the interface is external to OSPF." ++ DEFVAL { enabled } ++ ::= { ospfIfEntry 5 } ++ ++ ospfIfRtrPriority OBJECT-TYPE ++ SYNTAX DesignatedRouterPriority ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The priority of this interface. Used in ++ multi-access networks, this field is used in ++ the designated router election algorithm. The ++ value 0 signifies that the router is not eligi- ++ ble to become the designated router on this ++ particular network. In the event of a tie in ++ this value, routers will use their Router ID as ++ a tie breaker." ++ DEFVAL { 1 } ++ ::= { ospfIfEntry 6 } ++ ++ ++ ospfIfTransitDelay OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The estimated number of seconds it takes to ++ transmit a link state update packet over this ++ interface." ++ DEFVAL { 1 } ++ ::= { ospfIfEntry 7 } ++ ++ ++ ospfIfRetransInterval OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds between link-state ad- ++ vertisement retransmissions, for adjacencies ++ belonging to this interface. This value is ++ also used when retransmitting database descrip- ++ tion and link-state request packets." ++ DEFVAL { 5 } ++ ::= { ospfIfEntry 8 } ++ ++ ++ ospfIfHelloInterval OBJECT-TYPE ++ SYNTAX HelloRange ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The length of time, in seconds, between the ++ Hello packets that the router sends on the in- ++ terface. This value must be the same for all ++ routers attached to a common network." ++ DEFVAL { 10 } ++ ::= { ospfIfEntry 9 } ++ ++ ++ ospfIfRtrDeadInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that a router's Hello ++ packets have not been seen before it's neigh- ++ bors declare the router down. This should be ++ some multiple of the Hello interval. This ++ value must be the same for all routers attached ++ to a common network." ++ DEFVAL { 40 } ++ ::= { ospfIfEntry 10 } ++ ++ ++ ospfIfPollInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The larger time interval, in seconds, between ++ the Hello packets sent to an inactive non- ++ broadcast multi- access neighbor." ++ DEFVAL { 120 } ++ ::= { ospfIfEntry 11 } ++ ++ ++ ospfIfState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ loopback (2), ++ waiting (3), ++ pointToPoint (4), ++ designatedRouter (5), ++ backupDesignatedRouter (6), ++ otherDesignatedRouter (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The OSPF Interface State." ++ DEFVAL { down } ++ ::= { ospfIfEntry 12 } ++ ++ ++ ospfIfDesignatedRouter OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Designated Router." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 13 } ++ ++ ++ ospfIfBackupDesignatedRouter OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Backup Designated ++ Router." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfIfEntry 14 } ++ ++ ospfIfEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this OSPF interface has ++ changed its state, or an error has occurred." ++ ::= { ospfIfEntry 15 } ++ ++ ++ ospfIfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE (0..256)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The Authentication Key. If the Area's Author- ++ ization Type is simplePassword, and the key ++ length is shorter than 8 octets, the agent will ++ left adjust and zero fill to 8 octets. ++ ++ Note that unauthenticated interfaces need no ++ authentication key, and simple password authen- ++ tication cannot use a key of more than 8 oc- ++ tets. Larger keys are useful only with authen- ++ tication mechanisms not specified in this docu- ++ ment. ++ ++ When read, ospfIfAuthKey always returns an Oc- ++ tet String of length zero." ++ REFERENCE ++ "OSPF Version 2, Section 9 The Interface Data ++ Structure" ++ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 ++ ::= { ospfIfEntry 16 } ++ ++ ospfIfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfIfEntry 17 } ++ ++ ++ ospfIfMulticastForwarding OBJECT-TYPE ++ SYNTAX INTEGER { ++ blocked (1), -- no multicast forwarding ++ multicast (2), -- using multicast address ++ unicast (3) -- to each OSPF neighbor ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The way multicasts should forwarded on this ++ interface; not forwarded, forwarded as data ++ link multicasts, or forwarded as data link uni- ++ casts. Data link multicasting is not meaning- ++ ful on point to point and NBMA interfaces, and ++ setting ospfMulticastForwarding to 0 effective- ++ ly disables all multicast forwarding." ++ DEFVAL { blocked } ++ ::= { ospfIfEntry 18 } ++ ++ ++ ospfIfDemand OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Demand OSPF procedures (hel- ++ lo supression to FULL neighbors and setting the ++ DoNotAge flag on proogated LSAs) should be per- ++ formed on this interface." ++ DEFVAL { false } ++ ::= { ospfIfEntry 19 } ++ ++ ++ ospfIfAuthType OBJECT-TYPE ++ SYNTAX INTEGER (0..255) ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The authentication type specified for an in- ++ terface. Additional authentication types may ++ be assigned locally." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfIfEntry 20 } ++ ++ ++-- OSPF Interface Metric Table ++ ++-- The Metric Table describes the metrics to be advertised ++-- for a specified interface at the various types of service. ++-- As such, this table is an adjunct of the OSPF Interface ++-- Table. ++ ++-- Types of service, as defined by RFC 791, have the ability ++-- to request low delay, high bandwidth, or reliable linkage. ++ ++-- For the purposes of this specification, the measure of ++-- bandwidth ++ ++-- Metric = 10^8 / ifSpeed ++ ++-- is the default value. For multiple link interfaces, note ++-- that ifSpeed is the sum of the individual link speeds. ++-- This yields a number having the following typical values: ++ ++-- Network Type/bit rate Metric ++ ++-- >= 100 MBPS 1 ++-- Ethernet/802.3 10 ++-- E1 48 ++-- T1 (ESF) 65 ++-- 64 KBPS 1562 ++-- 56 KBPS 1785 ++-- 19.2 KBPS 5208 ++-- 9.6 KBPS 10416 ++ ++-- Routes that are not specified use the default (TOS 0) metric ++ ++ ospfIfMetricTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfIfMetricEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The TOS metrics for a non-virtual interface ++ identified by the interface index." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ ::= { ospf 8 } ++ ++ ospfIfMetricEntry OBJECT-TYPE ++ SYNTAX OspfIfMetricEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A particular TOS metric for a non-virtual in- ++ terface identified by the interface index." ++ REFERENCE ++ "OSPF Version 2, Appendix C.3 Router interface ++ parameters" ++ INDEX { ospfIfMetricIpAddress, ++ ospfIfMetricAddressLessIf, ++ ospfIfMetricTOS } ++ ::= { ospfIfMetricTable 1 } ++ ++OspfIfMetricEntry ::= ++ SEQUENCE { ++ ospfIfMetricIpAddress ++ IpAddress, ++ ospfIfMetricAddressLessIf ++ Integer32, ++ ospfIfMetricTOS ++ TOSType, ++ ospfIfMetricValue ++ Metric, ++ ospfIfMetricStatus ++ RowStatus ++ } ++ ++ ospfIfMetricIpAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of this OSPF interface. On row ++ creation, this can be derived from the in- ++ stance." ++ ::= { ospfIfMetricEntry 1 } ++ ++ ospfIfMetricAddressLessIf OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "For the purpose of easing the instancing of ++ addressed and addressless interfaces; This ++ variable takes the value 0 on interfaces with ++ IP Addresses, and the value of ifIndex for in- ++ terfaces having no IP Address. On row crea- ++ tion, this can be derived from the instance." ++ ::= { ospfIfMetricEntry 2 } ++ ++ ++ ospfIfMetricTOS OBJECT-TYPE ++ SYNTAX TOSType ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of service metric being referenced. ++ On row creation, this can be derived from the ++ instance." ++ ::= { ospfIfMetricEntry 3 } ++ ++ ++ ospfIfMetricValue OBJECT-TYPE ++ SYNTAX Metric ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The metric of using this type of service on ++ this interface. The default value of the TOS 0 ++ Metric is 10^8 / ifSpeed." ++ ::= { ospfIfMetricEntry 4 } ++ ++ ospfIfMetricStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfIfMetricEntry 5 } ++ ++ ++-- OSPF Virtual Interface Table ++ ++-- The Virtual Interface Table describes the virtual ++-- links that the OSPF Process is configured to ++-- carry on. ++ ++ ospfVirtIfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfVirtIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about this router's virtual inter- ++ faces." ++ REFERENCE ++ "OSPF Version 2, Appendix C.4 Virtual link ++ parameters" ++ ::= { ospf 9 } ++ ++ ++ ospfVirtIfEntry OBJECT-TYPE ++ SYNTAX OspfVirtIfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information about a single Virtual Interface." ++ INDEX { ospfVirtIfAreaId, ospfVirtIfNeighbor } ++ ::= { ospfVirtIfTable 1 } ++ ++OspfVirtIfEntry ::= ++ SEQUENCE { ++ ospfVirtIfAreaId ++ AreaID, ++ ospfVirtIfNeighbor ++ RouterID, ++ ospfVirtIfTransitDelay ++ UpToMaxAge, ++ ospfVirtIfRetransInterval ++ UpToMaxAge, ++ ospfVirtIfHelloInterval ++ HelloRange, ++ ospfVirtIfRtrDeadInterval ++ PositiveInteger, ++ ospfVirtIfState ++ INTEGER, ++ ospfVirtIfEvents ++ Counter32, ++ ospfVirtIfAuthType ++ INTEGER, ++ ospfVirtIfAuthKey ++ OCTET STRING, ++ ospfVirtIfStatus ++ RowStatus ++ } ++ ++ ospfVirtIfAreaId OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Transit Area that the Virtual Link ++ traverses. By definition, this is not 0.0.0.0" ++ ::= { ospfVirtIfEntry 1 } ++ ++ ++ ospfVirtIfNeighbor OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Router ID of the Virtual Neighbor." ++ ::= { ospfVirtIfEntry 2 } ++ ++ ++ ospfVirtIfTransitDelay OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The estimated number of seconds it takes to ++ transmit a link- state update packet over this ++ interface." ++ DEFVAL { 1 } ++ ::= { ospfVirtIfEntry 3 } ++ ++ ++ ospfVirtIfRetransInterval OBJECT-TYPE ++ SYNTAX UpToMaxAge ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds between link-state ad- ++ vertisement retransmissions, for adjacencies ++ belonging to this interface. This value is ++ also used when retransmitting database descrip- ++ tion and link-state request packets. This ++ value should be well over the expected round- ++ trip time." ++ DEFVAL { 5 } ++ ::= { ospfVirtIfEntry 4 } ++ ++ ++ ospfVirtIfHelloInterval OBJECT-TYPE ++ SYNTAX HelloRange ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The length of time, in seconds, between the ++ Hello packets that the router sends on the in- ++ terface. This value must be the same for the ++ virtual neighbor." ++ DEFVAL { 10 } ++ ::= { ospfVirtIfEntry 5 } ++ ++ ++ ospfVirtIfRtrDeadInterval OBJECT-TYPE ++ SYNTAX PositiveInteger ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The number of seconds that a router's Hello ++ packets have not been seen before it's neigh- ++ bors declare the router down. This should be ++ some multiple of the Hello interval. This ++ value must be the same for the virtual neigh- ++ bor." ++ DEFVAL { 60 } ++ ::= { ospfVirtIfEntry 6 } ++ ++ ++ ospfVirtIfState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), -- these use the same encoding ++ pointToPoint (4) -- as the ospfIfTable ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "OSPF virtual interface states." ++ DEFVAL { down } ++ ::= { ospfVirtIfEntry 7 } ++ ++ ++ ospfVirtIfEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of state changes or error events on ++ this Virtual Link" ++ ::= { ospfVirtIfEntry 8 } ++ ++ ++ ospfVirtIfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..256)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "If Authentication Type is simplePassword, the ++ device will left adjust and zero fill to 8 oc- ++ tets. ++ ++ Note that unauthenticated interfaces need no ++ authentication key, and simple password authen- ++ tication cannot use a key of more than 8 oc- ++ tets. Larger keys are useful only with authen- ++ tication mechanisms not specified in this docu- ++ ment. ++ ++ When read, ospfVifAuthKey always returns a ++ string of length zero." ++ REFERENCE ++ "OSPF Version 2, Section 9 The Interface Data ++ Structure" ++ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 ++ ::= { ospfVirtIfEntry 9 } ++ ++ ++ ospfVirtIfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfVirtIfEntry 10 } ++ ++ ++ ospfVirtIfAuthType OBJECT-TYPE ++ SYNTAX INTEGER (0..255) ++ -- none (0), ++ -- simplePassword (1) ++ -- md5 (2) ++ -- reserved for specification by IANA (> 2) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The authentication type specified for a virtu- ++ al interface. Additional authentication types ++ may be assigned locally." ++ REFERENCE ++ "OSPF Version 2, Appendix E Authentication" ++ DEFVAL { 0 } -- no authentication, by default ++ ::= { ospfVirtIfEntry 11 } ++ ++ ++-- OSPF Neighbor Table ++ ++-- The OSPF Neighbor Table describes all neighbors in ++-- the locality of the subject router. ++ ++ ospfNbrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A table of non-virtual neighbor information." ++ REFERENCE ++ "OSPF Version 2, Section 10 The Neighbor Data ++ Structure" ++ ::= { ospf 10 } ++ ++ ++ ospfNbrEntry OBJECT-TYPE ++ SYNTAX OspfNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The information regarding a single neighbor." ++ REFERENCE ++ "OSPF Version 2, Section 10 The Neighbor Data ++ Structure" ++ INDEX { ospfNbrIpAddr, ospfNbrAddressLessIndex } ++ ::= { ospfNbrTable 1 } ++ ++OspfNbrEntry ::= ++ SEQUENCE { ++ ospfNbrIpAddr ++ IpAddress, ++ ospfNbrAddressLessIndex ++ InterfaceIndex, ++ ospfNbrRtrId ++ RouterID, ++ ospfNbrOptions ++ Integer32, ++ ospfNbrPriority ++ DesignatedRouterPriority, ++ ospfNbrState ++ INTEGER, ++ ospfNbrEvents ++ Counter32, ++ ospfNbrLsRetransQLen ++ Gauge32, ++ ospfNbmaNbrStatus ++ RowStatus, ++ ospfNbmaNbrPermanence ++ INTEGER, ++ ospfNbrHelloSuppressed ++ TruthValue ++ } ++ ++ ospfNbrIpAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address this neighbor is using in its ++ IP Source Address. Note that, on addressless ++ links, this will not be 0.0.0.0, but the ad- ++ dress of another of the neighbor's interfaces." ++ ::= { ospfNbrEntry 1 } ++ ++ ++ ospfNbrAddressLessIndex OBJECT-TYPE ++ SYNTAX InterfaceIndex ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "On an interface having an IP Address, zero. ++ On addressless interfaces, the corresponding ++ value of ifIndex in the Internet Standard MIB. ++ On row creation, this can be derived from the ++ instance." ++ ::= { ospfNbrEntry 2 } ++ ++ ++ ospfNbrRtrId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer (represented as a type IpAd- ++ dress) uniquely identifying the neighboring ++ router in the Autonomous System." ++ DEFVAL { '00000000'H } -- 0.0.0.0 ++ ::= { ospfNbrEntry 3 } ++ ++ ++ ospfNbrOptions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask corresponding to the neighbor's op- ++ tions field. ++ ++ Bit 0, if set, indicates that the system will ++ operate on Type of Service metrics other than ++ TOS 0. If zero, the neighbor will ignore all ++ metrics except the TOS 0 metric. ++ ++ Bit 1, if set, indicates that the associated ++ area accepts and operates on external informa- ++ tion; if zero, it is a stub area. ++ ++ Bit 2, if set, indicates that the system is ca- ++ pable of routing IP Multicast datagrams; i.e., ++ that it implements the Multicast Extensions to ++ OSPF. ++ ++ Bit 3, if set, indicates that the associated ++ area is an NSSA. These areas are capable of ++ carrying type 7 external advertisements, which ++ are translated into type 5 external advertise- ++ ments at NSSA borders." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.2 Options" ++ DEFVAL { 0 } ++ ::= { ospfNbrEntry 4 } ++ ++ ++ ospfNbrPriority OBJECT-TYPE ++ SYNTAX DesignatedRouterPriority ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The priority of this neighbor in the designat- ++ ed router election algorithm. The value 0 sig- ++ nifies that the neighbor is not eligible to be- ++ come the designated router on this particular ++ network." ++ DEFVAL { 1 } ++ ::= { ospfNbrEntry 5 } ++ ++ ++ ospfNbrState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ attempt (2), ++ init (3), ++ twoWay (4), ++ exchangeStart (5), ++ exchange (6), ++ loading (7), ++ full (8) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The State of the relationship with this Neigh- ++ bor." ++ REFERENCE ++ "OSPF Version 2, Section 10.1 Neighbor States" ++ DEFVAL { down } ++ ::= { ospfNbrEntry 6 } ++ ++ ++ ospfNbrEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this neighbor relationship ++ has changed state, or an error has occurred." ++ ::= { ospfNbrEntry 7 } ++ ++ ++ ospfNbrLsRetransQLen OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current length of the retransmission ++ queue." ++ ::= { ospfNbrEntry 8 } ++ ++ ++ ospfNbmaNbrStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfNbrEntry 9 } ++ ++ ++ ospfNbmaNbrPermanence OBJECT-TYPE ++ SYNTAX INTEGER { ++ dynamic (1), -- learned through protocol ++ permanent (2) -- configured address ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. 'dynamic' and 'permanent' refer to how ++ the neighbor became known." ++ DEFVAL { permanent } ++ ::= { ospfNbrEntry 10 } ++ ++ ++ ospfNbrHelloSuppressed OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Hellos are being suppressed ++ to the neighbor" ++ ::= { ospfNbrEntry 11 } ++ ++ ++-- OSPF Virtual Neighbor Table ++ ++-- This table describes all virtual neighbors. ++-- Since Virtual Links are configured in the ++-- virtual interface table, this table is read-only. ++ ++ ospfVirtNbrTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfVirtNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A table of virtual neighbor information." ++ REFERENCE ++ "OSPF Version 2, Section 15 Virtual Links" ++ ::= { ospf 11 } ++ ++ ++ ospfVirtNbrEntry OBJECT-TYPE ++ SYNTAX OspfVirtNbrEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Virtual neighbor information." ++ INDEX { ospfVirtNbrArea, ospfVirtNbrRtrId } ++ ::= { ospfVirtNbrTable 1 } ++ ++OspfVirtNbrEntry ::= ++ SEQUENCE { ++ ospfVirtNbrArea ++ AreaID, ++ ospfVirtNbrRtrId ++ RouterID, ++ ospfVirtNbrIpAddr ++ IpAddress, ++ ospfVirtNbrOptions ++ Integer32, ++ ospfVirtNbrState ++ INTEGER, ++ ospfVirtNbrEvents ++ Counter32, ++ ospfVirtNbrLsRetransQLen ++ Gauge32, ++ ospfVirtNbrHelloSuppressed ++ TruthValue ++ } ++ ++ ospfVirtNbrArea OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Transit Area Identifier." ++ ::= { ospfVirtNbrEntry 1 } ++ ++ ++ ospfVirtNbrRtrId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A 32-bit integer uniquely identifying the ++ neighboring router in the Autonomous System." ++ ::= { ospfVirtNbrEntry 2 } ++ ++ ++ ospfVirtNbrIpAddr OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address this Virtual Neighbor is us- ++ ing." ++ ::= { ospfVirtNbrEntry 3 } ++ ++ ++ ospfVirtNbrOptions OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "A Bit Mask corresponding to the neighbor's op- ++ tions field. ++ ++ Bit 1, if set, indicates that the system will ++ operate on Type of Service metrics other than ++ TOS 0. If zero, the neighbor will ignore all ++ metrics except the TOS 0 metric. ++ ++ Bit 2, if set, indicates that the system is ++ Network Multicast capable; ie, that it imple- ++ ments OSPF Multicast Routing." ++ ::= { ospfVirtNbrEntry 4 } ++ ospfVirtNbrState OBJECT-TYPE ++ SYNTAX INTEGER { ++ down (1), ++ attempt (2), ++ init (3), ++ twoWay (4), ++ exchangeStart (5), ++ exchange (6), ++ loading (7), ++ full (8) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The state of the Virtual Neighbor Relation- ++ ship." ++ ::= { ospfVirtNbrEntry 5 } ++ ++ ++ ospfVirtNbrEvents OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of times this virtual link has ++ changed its state, or an error has occurred." ++ ::= { ospfVirtNbrEntry 6 } ++ ++ ++ ospfVirtNbrLsRetransQLen OBJECT-TYPE ++ SYNTAX Gauge32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The current length of the retransmission ++ queue." ++ ::= { ospfVirtNbrEntry 7 } ++ ++ ++ ospfVirtNbrHelloSuppressed OBJECT-TYPE ++ SYNTAX TruthValue ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Indicates whether Hellos are being suppressed ++ to the neighbor" ++ ::= { ospfVirtNbrEntry 8 } ++ ++-- OSPF Link State Database, External ++ ++-- The Link State Database contains the Link State ++-- Advertisements from throughout the areas that the ++-- device is attached to. ++ ++-- This table is identical to the OSPF LSDB Table in ++-- format, but contains only External Link State ++-- Advertisements. The purpose is to allow external ++-- LSAs to be displayed once for the router rather ++-- than once in each non-stub area. ++ ++ ospfExtLsdbTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfExtLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "The OSPF Process's Links State Database." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospf 12 } ++ ++ ++ ospfExtLsdbEntry OBJECT-TYPE ++ SYNTAX OspfExtLsdbEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A single Link State Advertisement." ++ INDEX { ospfExtLsdbType, ospfExtLsdbLsid, ospfExtLsdbRouterId } ++ ::= { ospfExtLsdbTable 1 } ++ ++OspfExtLsdbEntry ::= ++ SEQUENCE { ++ ospfExtLsdbType ++ INTEGER, ++ ospfExtLsdbLsid ++ IpAddress, ++ ospfExtLsdbRouterId ++ RouterID, ++ ospfExtLsdbSequence ++ Integer32, ++ ospfExtLsdbAge ++ Integer32, ++ ospfExtLsdbChecksum ++ Integer32, ++ ospfExtLsdbAdvertisement ++ OCTET STRING ++ } ++ ++ ospfExtLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ asExternalLink (5) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the link state advertisement. ++ Each link state type has a separate advertise- ++ ment format." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfExtLsdbEntry 1 } ++ ++ ++ ospfExtLsdbLsid OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Link State ID is an LS Type Specific field ++ containing either a Router ID or an IP Address; ++ it identifies the piece of the routing domain ++ that is being described by the advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.4 Link State ID" ++ ::= { ospfExtLsdbEntry 2 } ++ ++ ++ ospfExtLsdbRouterId OBJECT-TYPE ++ SYNTAX RouterID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The 32 bit number that uniquely identifies the ++ originating router in the Autonomous System." ++ REFERENCE ++ "OSPF Version 2, Appendix C.1 Global parameters" ++ ::= { ospfExtLsdbEntry 3 } ++ ++-- Note that the OSPF Sequence Number is a 32 bit signed ++-- integer. It starts with the value '80000001'h, ++-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h ++-- Thus, a typical sequence number will be very negative. ++ ospfExtLsdbSequence OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The sequence number field is a signed 32-bit ++ integer. It is used to detect old and dupli- ++ cate link state advertisements. The space of ++ sequence numbers is linearly ordered. The ++ larger the sequence number the more recent the ++ advertisement." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.6 LS sequence ++ number" ++ ::= { ospfExtLsdbEntry 4 } ++ ++ ++ ospfExtLsdbAge OBJECT-TYPE ++ SYNTAX Integer32 -- Should be 0..MaxAge ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the age of the link state adver- ++ tisement in seconds." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.1 LS age" ++ ::= { ospfExtLsdbEntry 5 } ++ ++ ++ ospfExtLsdbChecksum OBJECT-TYPE ++ SYNTAX Integer32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "This field is the checksum of the complete ++ contents of the advertisement, excepting the ++ age field. The age field is excepted so that ++ an advertisement's age can be incremented ++ without updating the checksum. The checksum ++ used is the same that is used for ISO connec- ++ tionless datagrams; it is commonly referred to ++ as the Fletcher checksum." ++ REFERENCE ++ "OSPF Version 2, Section 12.1.7 LS checksum" ++ ::= { ospfExtLsdbEntry 6 } ++ ++ ++ ospfExtLsdbAdvertisement OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(36)) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The entire Link State Advertisement, including ++ its header." ++ REFERENCE ++ "OSPF Version 2, Section 12 Link State Adver- ++ tisements" ++ ::= { ospfExtLsdbEntry 7 } ++ ++ ++-- OSPF Use of the CIDR Route Table ++ ++ospfRouteGroup OBJECT IDENTIFIER ::= { ospf 13 } ++ ++-- The IP Forwarding Table defines a number of objects for use by ++-- the routing protocol to externalize its information. Most of ++-- the variables (ipForwardDest, ipForwardMask, ipForwardPolicy, ++-- ipForwardNextHop, ipForwardIfIndex, ipForwardType, ++-- ipForwardProto, ipForwardAge, and ipForwardNextHopAS) are ++-- defined there. ++ ++-- Those that leave some discretion are defined here. ++ ++-- ipCidrRouteProto is, of course, ospf (13). ++ ++-- ipCidrRouteAge is the time since the route was first calculated, ++-- as opposed to the time since the last SPF run. ++ ++-- ipCidrRouteInfo is an OBJECT IDENTIFIER for use by the routing ++-- protocol. The following values shall be found there depending ++-- on the way the route was calculated. ++ ++ospfIntraArea OBJECT IDENTIFIER ::= { ospfRouteGroup 1 } ++ospfInterArea OBJECT IDENTIFIER ::= { ospfRouteGroup 2 } ++ospfExternalType1 OBJECT IDENTIFIER ::= { ospfRouteGroup 3 } ++ospfExternalType2 OBJECT IDENTIFIER ::= { ospfRouteGroup 4 } ++ ++-- ipCidrRouteMetric1 is, by definition, the primary routing ++-- metric. Therefore, it should be the metric that route ++-- selection is based on. For intra-area and inter-area routes, ++-- it is an OSPF metric. For External Type 1 (comparable value) ++-- routes, it is an OSPF metric plus the External Metric. For ++-- external Type 2 (non-comparable value) routes, it is the ++-- external metric. ++ ++-- ipCidrRouteMetric2 is, by definition, a secondary routing ++-- metric. Therefore, it should be the metric that breaks a tie ++-- among routes having equal metric1 values and the same ++-- calculation rule. For intra-area, inter-area routes, and ++-- External Type 1 (comparable value) routes, it is unused. For ++-- external Type 2 (non-comparable value) routes, it is the metric ++-- to the AS border router. ++ ++-- ipCidrRouteMetric3, ipCidrRouteMetric4, and ipCidrRouteMetric5 are ++-- unused. ++ ++-- ++-- The OSPF Area Aggregate Table ++-- ++-- This table replaces the OSPF Area Summary Table, being an ++-- extension of that for CIDR routers. ++ ++ ospfAreaAggregateTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF OspfAreaAggregateEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A range of IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255. Note that if ++ ranges are configured such that one range sub- ++ sumes another range (e.g., 10.0.0.0 mask ++ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the ++ most specific match is the preferred one." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospf 14 } ++ ++ ++ ospfAreaAggregateEntry OBJECT-TYPE ++ SYNTAX OspfAreaAggregateEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A range of IP addresses specified by an IP ++ address/IP network mask pair. For example, ++ class B address range of X.X.X.X with a network ++ mask of 255.255.0.0 includes all IP addresses ++ from X.X.0.0 to X.X.255.255. Note that if ++ ranges are range configured such that one range ++ subsumes another range (e.g., 10.0.0.0 mask ++ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the ++ most specific match is the preferred one." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ INDEX { ospfAreaAggregateAreaID, ospfAreaAggregateLsdbType, ++ ospfAreaAggregateNet, ospfAreaAggregateMask } ++ ::= { ospfAreaAggregateTable 1 } ++ ++ ++OspfAreaAggregateEntry ::= ++ SEQUENCE { ++ ospfAreaAggregateAreaID ++ AreaID, ++ ospfAreaAggregateLsdbType ++ INTEGER, ++ ospfAreaAggregateNet ++ IpAddress, ++ ospfAreaAggregateMask ++ IpAddress, ++ ospfAreaAggregateStatus ++ RowStatus, ++ ospfAreaAggregateEffect ++ INTEGER ++ } ++ ++ ospfAreaAggregateAreaID OBJECT-TYPE ++ SYNTAX AreaID ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Area the Address Aggregate is to be found ++ within." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 1 } ++ ++ ++ ospfAreaAggregateLsdbType OBJECT-TYPE ++ SYNTAX INTEGER { ++ summaryLink (3), ++ nssaExternalLink (7) ++ } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The type of the Address Aggregate. This field ++ specifies the Lsdb type that this Address Ag- ++ gregate applies to." ++ REFERENCE ++ "OSPF Version 2, Appendix A.4.1 The Link State ++ Advertisement header" ++ ::= { ospfAreaAggregateEntry 2 } ++ ++ ++ ospfAreaAggregateNet OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of the Net or Subnet indicated ++ by the range." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 3 } ++ ++ ++ ospfAreaAggregateMask OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The Subnet Mask that pertains to the Net or ++ Subnet." ++ REFERENCE ++ "OSPF Version 2, Appendix C.2 Area parameters" ++ ::= { ospfAreaAggregateEntry 4 } ++ ++ ++ ospfAreaAggregateStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable displays the status of the en- ++ try. Setting it to 'invalid' has the effect of ++ rendering it inoperative. The internal effect ++ (row removal) is implementation dependent." ++ ::= { ospfAreaAggregateEntry 5 } ++ ++ ++ ospfAreaAggregateEffect OBJECT-TYPE ++ SYNTAX INTEGER { ++ advertiseMatching (1), ++ doNotAdvertiseMatching (2) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Subnets subsumed by ranges either trigger the ++ advertisement of the indicated aggregate (ad- ++ vertiseMatching), or result in the subnet's not ++ being advertised at all outside the area." ++ DEFVAL { advertiseMatching } ++ ::= { ospfAreaAggregateEntry 6 } ++ ++ ++-- conformance information ++ ++ospfConformance OBJECT IDENTIFIER ::= { ospf 15 } ++ ++ospfGroups OBJECT IDENTIFIER ::= { ospfConformance 1 } ++ospfCompliances OBJECT IDENTIFIER ::= { ospfConformance 2 } ++ ++-- compliance statements ++ ++ ospfCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ++ ospfBasicGroup, ++ ospfAreaGroup, ++ ospfStubAreaGroup, ++ ospfIfGroup, ++ ospfIfMetricGroup, ++ ospfVirtIfGroup, ++ ospfNbrGroup, ++ ospfVirtNbrGroup, ++ ospfAreaAggregateGroup ++ } ++ ::= { ospfCompliances 1 } ++ ++ ++-- units of conformance ++ ++ ospfBasicGroup OBJECT-GROUP ++ OBJECTS { ++ ospfRouterId, ++ ospfAdminStat, ++ ospfVersionNumber, ++ ospfAreaBdrRtrStatus, ++ ospfASBdrRtrStatus, ++ ospfExternLsaCount, ++ ospfExternLsaCksumSum, ++ ospfTOSSupport, ++ ospfOriginateNewLsas, ++ ospfRxNewLsas, ++ ospfExtLsdbLimit, ++ ospfMulticastExtensions, ++ ospfExitOverflowInterval, ++ ospfDemandExtensions ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 1 } ++ ++ ++ ospfAreaGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaId, ++ ospfImportAsExtern, ++ ospfSpfRuns, ++ ospfAreaBdrRtrCount, ++ ospfAsBdrRtrCount, ++ ospfAreaLsaCount, ++ ospfAreaLsaCksumSum, ++ ospfAreaSummary, ++ ospfAreaStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ supporting areas." ++ ::= { ospfGroups 2 } ++ ++ ++ ospfStubAreaGroup OBJECT-GROUP ++ OBJECTS { ++ ospfStubAreaId, ++ ospfStubTOS, ++ ospfStubMetric, ++ ospfStubStatus, ++ ospfStubMetricType ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ supporting stub areas." ++ ::= { ospfGroups 3 } ++ ++ ++ ospfLsdbGroup OBJECT-GROUP ++ OBJECTS { ++ ospfLsdbAreaId, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId, ++ ospfLsdbSequence, ++ ospfLsdbAge, ++ ospfLsdbChecksum, ++ ospfLsdbAdvertisement ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that display their link state database." ++ ::= { ospfGroups 4 } ++ ++ ++ ospfAreaRangeGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaRangeAreaId, ++ ospfAreaRangeNet, ++ ospfAreaRangeMask, ++ ospfAreaRangeStatus, ++ ospfAreaRangeEffect ++ } ++ STATUS obsolete ++ DESCRIPTION ++ "These objects are required for non-CIDR OSPF ++ systems that support multiple areas." ++ ::= { ospfGroups 5 } ++ ++ ++ ospfHostGroup OBJECT-GROUP ++ OBJECTS { ++ ospfHostIpAddress, ++ ospfHostTOS, ++ ospfHostMetric, ++ ospfHostStatus, ++ ospfHostAreaID ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that support attached hosts." ++ ::= { ospfGroups 6 } ++ ++ ++ ospfIfGroup OBJECT-GROUP ++ OBJECTS { ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfIfAreaId, ++ ospfIfType, ++ ospfIfAdminStat, ++ ospfIfRtrPriority, ++ ospfIfTransitDelay, ++ ospfIfRetransInterval, ++ ospfIfHelloInterval, ++ ospfIfRtrDeadInterval, ++ ospfIfPollInterval, ++ ospfIfState, ++ ospfIfDesignatedRouter, ++ ospfIfBackupDesignatedRouter, ++ ospfIfEvents, ++ ospfIfAuthType, ++ ospfIfAuthKey, ++ ospfIfStatus, ++ ospfIfMulticastForwarding, ++ ospfIfDemand ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 7 } ++ ++ ++ ospfIfMetricGroup OBJECT-GROUP ++ OBJECTS { ++ ospfIfMetricIpAddress, ++ ospfIfMetricAddressLessIf, ++ ospfIfMetricTOS, ++ ospfIfMetricValue, ++ ospfIfMetricStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 8 } ++ ++ ++ ospfVirtIfGroup OBJECT-GROUP ++ OBJECTS { ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfVirtIfTransitDelay, ++ ospfVirtIfRetransInterval, ++ ospfVirtIfHelloInterval, ++ ospfVirtIfRtrDeadInterval, ++ ospfVirtIfState, ++ ospfVirtIfEvents, ++ ospfVirtIfAuthType, ++ ospfVirtIfAuthKey, ++ ospfVirtIfStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 9 } ++ ++ ++ ospfNbrGroup OBJECT-GROUP ++ OBJECTS { ++ ospfNbrIpAddr, ++ ospfNbrAddressLessIndex, ++ ospfNbrRtrId, ++ ospfNbrOptions, ++ ospfNbrPriority, ++ ospfNbrState, ++ ospfNbrEvents, ++ ospfNbrLsRetransQLen, ++ ospfNbmaNbrStatus, ++ ospfNbmaNbrPermanence, ++ ospfNbrHelloSuppressed ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 10 } ++ ++ ++ ospfVirtNbrGroup OBJECT-GROUP ++ OBJECTS { ++ ospfVirtNbrArea, ++ ospfVirtNbrRtrId, ++ ospfVirtNbrIpAddr, ++ ospfVirtNbrOptions, ++ ospfVirtNbrState, ++ ospfVirtNbrEvents, ++ ospfVirtNbrLsRetransQLen, ++ ospfVirtNbrHelloSuppressed ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 11 } ++ ++ ++ ospfExtLsdbGroup OBJECT-GROUP ++ OBJECTS { ++ ospfExtLsdbType, ++ ospfExtLsdbLsid, ++ ospfExtLsdbRouterId, ++ ospfExtLsdbSequence, ++ ospfExtLsdbAge, ++ ospfExtLsdbChecksum, ++ ospfExtLsdbAdvertisement ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems ++ that display their link state database." ++ ::= { ospfGroups 12 } ++ ++ ++ ospfAreaAggregateGroup OBJECT-GROUP ++ OBJECTS { ++ ospfAreaAggregateAreaID, ++ ospfAreaAggregateLsdbType, ++ ospfAreaAggregateNet, ++ ospfAreaAggregateMask, ++ ospfAreaAggregateStatus, ++ ospfAreaAggregateEffect ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required for OSPF systems." ++ ::= { ospfGroups 13 } ++ ++END +diff -ruN mibs/OSPF-TRAP-MIB.txt.orig mibs/OSPF-TRAP-MIB.txt +--- mibs/OSPF-TRAP-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/OSPF-TRAP-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,443 @@ ++OSPF-TRAP-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress ++ FROM SNMPv2-SMI ++ MODULE-COMPLIANCE, OBJECT-GROUP ++ FROM SNMPv2-CONF ++ ospfRouterId, ospfIfIpAddress, ospfAddressLessIf, ospfIfState, ++ ospfVirtIfAreaId, ospfVirtIfNeighbor, ospfVirtIfState, ++ ospfNbrIpAddr, ospfNbrAddressLessIndex, ospfNbrRtrId, ++ ospfNbrState, ospfVirtNbrArea, ospfVirtNbrRtrId, ospfVirtNbrState, ++ ospfLsdbType, ospfLsdbLsid, ospfLsdbRouterId, ospfLsdbAreaId, ++ ospfExtLsdbLimit, ospf ++ FROM OSPF-MIB; ++ ++ ospfTrap MODULE-IDENTITY ++ LAST-UPDATED "9501201225Z" -- Fri Jan 20 12:25:50 PST 1995 ++ ORGANIZATION "IETF OSPF Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fred@cisco.com ++ ++ Rob Coltun ++ Postal: RainbowBridge Communications ++ Tel: (301) 340-9416 ++ E-Mail: rcoltun@rainbow-bridge.com" ++ DESCRIPTION ++ "The MIB module to describe traps for the OSPF ++ Version 2 Protocol." ++ ::= { ospf 16 } ++ ++-- Trap Support Objects ++ ++-- The following are support objects for the OSPF traps. ++ ++ospfTrapControl OBJECT IDENTIFIER ::= { ospfTrap 1 } ++ospfTraps OBJECT IDENTIFIER ::= { ospfTrap 2 } ++ ++ ospfSetTrap OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(4)) ++ MAX-ACCESS read-write ++ STATUS current ++ DESCRIPTION ++ "A four-octet string serving as a bit map for ++ the trap events defined by the OSPF traps. This ++ object is used to enable and disable specific ++ OSPF traps where a 1 in the bit field ++ represents enabled. The right-most bit (least ++ significant) represents trap 0." ++ ::= { ospfTrapControl 1 } ++ ++ ++ ospfConfigErrorType OBJECT-TYPE ++ SYNTAX INTEGER { ++ badVersion (1), ++ areaMismatch (2), ++ unknownNbmaNbr (3), -- Router is Dr eligible ++ unknownVirtualNbr (4), ++ authTypeMismatch(5), ++ authFailure (6), ++ netMaskMismatch (7), ++ helloIntervalMismatch (8), ++ deadIntervalMismatch (9), ++ optionMismatch (10) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "Potential types of configuration conflicts. ++ Used by the ospfConfigError and ospfConfigVir- ++ tError traps." ++ ::= { ospfTrapControl 2 } ++ ++ ++ ospfPacketType OBJECT-TYPE ++ SYNTAX INTEGER { ++ hello (1), ++ dbDescript (2), ++ lsReq (3), ++ lsUpdate (4), ++ lsAck (5) } ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "OSPF packet types." ++ ::= { ospfTrapControl 3 } ++ ++ ++ ospfPacketSrc OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP address of an inbound packet that can- ++ not be identified by a neighbor instance." ++ ::= { ospfTrapControl 4 } ++ ++ ++-- Traps ++ ++ ++ ospfIfStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfIfState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of a non-virtual ++ OSPF interface. This trap should be generated ++ when the interface state regresses (e.g., goes ++ from Dr to Down) or progresses to a terminal ++ state (i.e., Point-to-Point, DR Other, Dr, or ++ Backup)." ++ ::= { ospfTraps 16 } ++ ++ ++ ospfVirtIfStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfVirtIfState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of an OSPF vir- ++ tual interface. ++ This trap should be generated when the inter- ++ face state regresses (e.g., goes from Point- ++ to-Point to Down) or progresses to a terminal ++ state (i.e., Point-to-Point)." ++ ::= { ospfTraps 1 } ++ ++ ++ ospfNbrStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfNbrIpAddr, ++ ospfNbrAddressLessIndex, ++ ospfNbrRtrId, ++ ospfNbrState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfNbrStateChange trap signifies that ++ there has been a change in the state of a non- ++ virtual OSPF neighbor. This trap should be ++ generated when the neighbor state regresses ++ (e.g., goes from Attempt or Full to 1-Way or ++ Down) or progresses to a terminal state (e.g., ++ 2-Way or Full). When an neighbor transitions ++ from or to Full on non-broadcast multi-access ++ and broadcast networks, the trap should be gen- ++ erated by the designated router. A designated ++ router transitioning to Down will be noted by ++ ospfIfStateChange." ++ ::= { ospfTraps 2 } ++ ++ ++ ospfVirtNbrStateChange NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtNbrArea, ++ ospfVirtNbrRtrId, ++ ospfVirtNbrState -- The new state ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfStateChange trap signifies that there ++ has been a change in the state of an OSPF vir- ++ tual neighbor. This trap should be generated ++ when the neighbor state regresses (e.g., goes ++ from Attempt or Full to 1-Way or Down) or ++ progresses to a terminal state (e.g., Full)." ++ ::= { ospfTraps 3 } ++ ospfIfConfigError NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfConfigErrorType, -- Type of error ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfConfigError trap signifies that a ++ packet has been received on a non-virtual in- ++ terface from a router whose configuration ++ parameters conflict with this router's confi- ++ guration parameters. Note that the event op- ++ tionMismatch should cause a trap only if it ++ prevents an adjacency from forming." ++ ::= { ospfTraps 4 } ++ ++ ++ ospfVirtIfConfigError NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfConfigErrorType, -- Type of error ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfConfigError trap signifies that a pack- ++ et has been received on a virtual interface ++ from a router whose configuration parameters ++ conflict with this router's configuration ++ parameters. Note that the event optionMismatch ++ should cause a trap only if it prevents an ad- ++ jacency from forming." ++ ::= { ospfTraps 5 } ++ ++ ++ ospfIfAuthFailure NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfConfigErrorType, -- authTypeMismatch or ++ -- authFailure ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfAuthFailure trap signifies that a ++ packet has been received on a non-virtual in- ++ terface from a router whose authentication key ++ or authentication type conflicts with this ++ router's authentication key or authentication ++ type." ++ ::= { ospfTraps 6 } ++ ++ ++ ospfVirtIfAuthFailure NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfConfigErrorType, -- authTypeMismatch or ++ -- authFailure ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfVirtIfAuthFailure trap signifies that a ++ packet has been received on a virtual interface ++ from a router whose authentication key or au- ++ thentication type conflicts with this router's ++ authentication key or authentication type." ++ ::= { ospfTraps 7 } ++ ++ ++ ospfIfRxBadPacket NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfPacketSrc, -- The source IP address ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfIfRxBadPacket trap signifies that an ++ OSPF packet has been received on a non-virtual ++ interface that cannot be parsed." ++ ::= { ospfTraps 8 } ++ ++ ospfVirtIfRxBadPacket NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfPacketType ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfRxBadPacket trap signifies that an OSPF ++ packet has been received on a virtual interface ++ that cannot be parsed." ++ ::= { ospfTraps 9 } ++ ++ ++ ospfTxRetransmit NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfIfIpAddress, ++ ospfAddressLessIf, ++ ospfNbrRtrId, -- Destination ++ ospfPacketType, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfTxRetransmit trap signifies than an ++ OSPF packet has been retransmitted on a non- ++ virtual interface. All packets that may be re- ++ transmitted are associated with an LSDB entry. ++ The LS type, LS ID, and Router ID are used to ++ identify the LSDB entry." ++ ::= { ospfTraps 10 } ++ ++ ++ ospfVirtIfTxRetransmit NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfVirtIfAreaId, ++ ospfVirtIfNeighbor, ++ ospfPacketType, ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfTxRetransmit trap signifies than an ++ OSPF packet has been retransmitted on a virtual ++ interface. All packets that may be retransmit- ++ ted are associated with an LSDB entry. The LS ++ type, LS ID, and Router ID are used to identify ++ the LSDB entry." ++ ::= { ospfTraps 11 } ++ ++ ++ ospfOriginateLsa NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfLsdbAreaId, -- 0.0.0.0 for AS Externals ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfOriginateLsa trap signifies that a new ++ LSA has been originated by this router. This ++ trap should not be invoked for simple refreshes ++ of LSAs (which happesn every 30 minutes), but ++ instead will only be invoked when an LSA is ++ (re)originated due to a topology change. Addi- ++ tionally, this trap does not include LSAs that ++ are being flushed because they have reached ++ MaxAge." ++ ::= { ospfTraps 12 } ++ ++ ++ ospfMaxAgeLsa NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfLsdbAreaId, -- 0.0.0.0 for AS Externals ++ ospfLsdbType, ++ ospfLsdbLsid, ++ ospfLsdbRouterId ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfMaxAgeLsa trap signifies that one of ++ the LSA in the router's link-state database has ++ aged to MaxAge." ++ ::= { ospfTraps 13 } ++ ++ ++ ospfLsdbOverflow NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfExtLsdbLimit ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfLsdbOverflow trap signifies that the ++ number of LSAs in the router's link-state data- ++ base has exceeded ospfExtLsdbLimit." ++ ::= { ospfTraps 14 } ++ ++ ++ ospfLsdbApproachingOverflow NOTIFICATION-TYPE ++ OBJECTS { ++ ospfRouterId, -- The originator of the trap ++ ospfExtLsdbLimit ++ } ++ STATUS current ++ DESCRIPTION ++ "An ospfLsdbApproachingOverflow trap signifies ++ that the number of LSAs in the router's link- ++ state database has exceeded ninety percent of ++ ospfExtLsdbLimit." ++ ::= { ospfTraps 15 } ++ ++ ++-- conformance information ++ ++ospfTrapConformance OBJECT IDENTIFIER ::= { ospfTrap 3 } ++ ++ospfTrapGroups OBJECT IDENTIFIER ::= { ospfTrapConformance 1 } ++ospfTrapCompliances OBJECT IDENTIFIER ::= { ospfTrapConformance 2 } ++ ++-- compliance statements ++ ++ ospfTrapCompliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ospfTrapControlGroup } ++ ++ ++ GROUP ospfTrapControlGroup ++ DESCRIPTION ++ "This group is optional but recommended for all ++ OSPF systems" ++ ::= { ospfTrapCompliances 1 } ++ ++ ++-- units of conformance ++ ++ ospfTrapControlGroup OBJECT-GROUP ++ OBJECTS { ++ ospfSetTrap, ++ ospfConfigErrorType, ++ ospfPacketType, ++ ospfPacketSrc ++ } ++ STATUS current ++ DESCRIPTION ++ "These objects are required to control traps ++ from OSPF systems." ++ ::= { ospfTrapGroups 1 } ++ ++ ++END +diff -ruN mibs/RIPv2-MIB.txt.orig mibs/RIPv2-MIB.txt +--- mibs/RIPv2-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/RIPv2-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,530 @@ ++ RIPv2-MIB DEFINITIONS ::= BEGIN ++ ++ IMPORTS ++ MODULE-IDENTITY, OBJECT-TYPE, Counter32, ++ TimeTicks, IpAddress FROM SNMPv2-SMI ++ TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC ++ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ++ mib-2 FROM RFC1213-MIB; ++ ++ -- This MIB module uses the extended OBJECT-TYPE macro as ++ -- defined in [9]. ++ ++ rip2 MODULE-IDENTITY ++ LAST-UPDATED "9407272253Z" -- Wed Jul 27 22:53:04 PDT 1994 ++ ORGANIZATION "IETF RIP-II Working Group" ++ CONTACT-INFO ++ " Fred Baker ++ Postal: Cisco Systems ++ 519 Lado Drive ++ Santa Barbara, California 93111 ++ Tel: +1 805 681 0115 ++ E-Mail: fbaker@cisco.com ++ ++ Postal: Gary Malkin ++ Xylogics, Inc. ++ 53 Third Avenue ++ Burlington, MA 01803 ++ ++ Phone: (617) 272-8140 ++ EMail: gmalkin@Xylogics.COM" ++ DESCRIPTION ++ "The MIB module to describe the RIP2 Version 2 Protocol" ++ ::= { mib-2 23 } ++ ++ -- RIP-2 Management Information Base ++ ++ -- the RouteTag type represents the contents of the ++ -- Route Domain field in the packet header or route entry. ++ -- The use of the Route Domain is deprecated. ++ ++ RouteTag ::= TEXTUAL-CONVENTION ++ STATUS current ++ DESCRIPTION ++ "the RouteTag type represents the contents of the Route Domain ++ field in the packet header or route entry" ++ SYNTAX OCTET STRING (SIZE (2)) ++ ++--4.1 Global Counters ++ ++-- The RIP-2 Globals Group. ++-- Implementation of this group is mandatory for systems ++-- which implement RIP-2. ++ ++-- These counters are intended to facilitate debugging quickly ++-- changing routes or failing neighbors ++ ++rip2Globals OBJECT IDENTIFIER ::= { rip2 1 } ++ ++ rip2GlobalRouteChanges OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of route changes made to the IP Route ++ Database by RIP. This does not include the refresh ++ of a route's age." ++ ::= { rip2Globals 1 } ++ ++ rip2GlobalQueries OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of responses sent to RIP queries ++ from other systems." ++ ::= { rip2Globals 2 } ++ ++--4.2 RIP Interface Tables ++ ++-- RIP Interfaces Groups ++-- Implementation of these Groups is mandatory for systems ++-- which implement RIP-2. ++ ++-- The RIP Interface Status Table. ++ ++ rip2IfStatTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2IfStatEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of subnets which require separate ++ status monitoring in RIP." ++ ::= { rip2 2 } ++ ++ rip2IfStatEntry OBJECT-TYPE ++ SYNTAX Rip2IfStatEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A Single Routing Domain in a single Subnet." ++ INDEX { rip2IfStatAddress } ++ ::= { rip2IfStatTable 1 } ++ ++ Rip2IfStatEntry ::= ++ SEQUENCE { ++ rip2IfStatAddress ++ IpAddress, ++ rip2IfStatRcvBadPackets ++ Counter32, ++ rip2IfStatRcvBadRoutes ++ Counter32, ++ rip2IfStatSentUpdates ++ Counter32, ++ rip2IfStatStatus ++ RowStatus ++ } ++ ++ rip2IfStatAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of this system on the indicated ++ subnet. For unnumbered interfaces, the value 0.0.0.N, ++ where the least significant 24 bits (N) is the ifIndex ++ for the IP Interface in network byte order." ++ ::= { rip2IfStatEntry 1 } ++ ++ rip2IfStatRcvBadPackets OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of RIP response packets received by ++ the RIP process which were subsequently discarded ++ for any reason (e.g. a version 0 packet, or an ++ unknown command type)." ++ ::= { rip2IfStatEntry 2 } ++ ++ rip2IfStatRcvBadRoutes OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of routes, in valid RIP packets, ++ which were ignored for any reason (e.g. unknown ++ address family, or invalid metric)." ++ ::= { rip2IfStatEntry 3 } ++ ++ rip2IfStatSentUpdates OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of triggered RIP updates actually ++ sent on this interface. This explicitly does ++ NOT include full updates sent containing new ++ information." ++ ::= { rip2IfStatEntry 4 } ++ ++ rip2IfStatStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Writing invalid has the effect of deleting ++ this interface." ++ ::= { rip2IfStatEntry 5 } ++ ++-- The RIP Interface Configuration Table. ++ ++ rip2IfConfTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2IfConfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of subnets which require separate ++ configuration in RIP." ++ ::= { rip2 3 } ++ ++ rip2IfConfEntry OBJECT-TYPE ++ SYNTAX Rip2IfConfEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A Single Routing Domain in a single Subnet." ++ INDEX { rip2IfConfAddress } ++ ::= { rip2IfConfTable 1 } ++ ++ Rip2IfConfEntry ::= ++ SEQUENCE { ++ rip2IfConfAddress ++ IpAddress, ++ rip2IfConfDomain ++ RouteTag, ++ rip2IfConfAuthType ++ INTEGER, ++ rip2IfConfAuthKey ++ OCTET STRING (SIZE(0..16)), ++ rip2IfConfSend ++ INTEGER, ++ rip2IfConfReceive ++ INTEGER, ++ rip2IfConfDefaultMetric ++ INTEGER, ++ rip2IfConfStatus ++ RowStatus, ++ rip2IfConfSrcAddress ++ IpAddress ++ } ++ ++ rip2IfConfAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address of this system on the indicated ++ subnet. For unnumbered interfaces, the value 0.0.0.N, ++ where the least significant 24 bits (N) is the ifIndex ++ for the IP Interface in network byte order." ++ ::= { rip2IfConfEntry 1 } ++ ++ rip2IfConfDomain OBJECT-TYPE ++ SYNTAX RouteTag ++ MAX-ACCESS read-create ++ STATUS obsolete ++ DESCRIPTION ++ "Value inserted into the Routing Domain field ++ of all RIP packets sent on this interface." ++ DEFVAL { '0000'h } ++ ::= { rip2IfConfEntry 2 } ++ ++ rip2IfConfAuthType OBJECT-TYPE ++ SYNTAX INTEGER { ++ noAuthentication (1), ++ simplePassword (2), ++ md5 (3) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The type of Authentication used on this ++ interface." ++ DEFVAL { noAuthentication } ++ ::= { rip2IfConfEntry 3 } ++ ++ rip2IfConfAuthKey OBJECT-TYPE ++ SYNTAX OCTET STRING (SIZE(0..16)) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The value to be used as the Authentication Key ++ whenever the corresponding instance of ++ rip2IfConfAuthType has a value other than ++ noAuthentication. A modification of the corresponding ++ instance of rip2IfConfAuthType does not modify ++ the rip2IfConfAuthKey value. If a string shorter ++ than 16 octets is supplied, it will be left- ++ justified and padded to 16 octets, on the right, ++ with nulls (0x00). ++ ++ Reading this object always results in an OCTET ++ STRING of length zero; authentication may not ++ be bypassed by reading the MIB object." ++ DEFVAL { ''h } ++ ::= { rip2IfConfEntry 4 } ++ ++ rip2IfConfSend OBJECT-TYPE ++ SYNTAX INTEGER { ++ doNotSend (1), ++ ripVersion1 (2), ++ rip1Compatible (3), ++ ripVersion2 (4), ++ ripV1Demand (5), ++ ripV2Demand (6) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "What the router sends on this interface. ++ ripVersion1 implies sending RIP updates compliant ++ with RFC 1058. rip1Compatible implies ++ broadcasting RIP-2 updates using RFC 1058 route ++ subsumption rules. ripVersion2 implies ++ multicasting RIP-2 updates. ripV1Demand indicates ++ the use of Demand RIP on a WAN interface under RIP ++ Version 1 rules. ripV2Demand indicates the use of ++ Demand RIP on a WAN interface under Version 2 rules." ++ DEFVAL { rip1Compatible } ++ ::= { rip2IfConfEntry 5 } ++ ++ rip2IfConfReceive OBJECT-TYPE ++ SYNTAX INTEGER { ++ rip1 (1), ++ rip2 (2), ++ rip1OrRip2 (3), ++ doNotRecieve (4) ++ } ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This indicates which version of RIP updates ++ are to be accepted. Note that rip2 and ++ rip1OrRip2 implies reception of multicast ++ packets." ++ DEFVAL { rip1OrRip2 } ++ ::= { rip2IfConfEntry 6 } ++ ++ rip2IfConfDefaultMetric OBJECT-TYPE ++ SYNTAX INTEGER ( 0..15 ) ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "This variable indicates the metric that is to ++ be used for the default route entry in RIP updates ++ originated on this interface. A value of zero ++ indicates that no default route should be ++ originated; in this case, a default route via ++ another router may be propagated." ++ ::= { rip2IfConfEntry 7 } ++ ++ rip2IfConfStatus OBJECT-TYPE ++ SYNTAX RowStatus ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "Writing invalid has the effect of deleting ++ this interface." ++ ::= { rip2IfConfEntry 8 } ++ ++ rip2IfConfSrcAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-create ++ STATUS current ++ DESCRIPTION ++ "The IP Address this system will use as a source ++ address on this interface. If it is a numbered ++ interface, this MUST be the same value as ++ rip2IfConfAddress. On unnumbered interfaces, ++ it must be the value of rip2IfConfAddress for ++ some interface on the system." ++ ::= { rip2IfConfEntry 9 } ++ ++--4.3 Peer Table ++ ++-- Peer Table ++ ++-- The RIP Peer Group ++-- Implementation of this Group is Optional ++ ++-- This group provides information about active peer ++-- relationships intended to assist in debugging. An ++-- active peer is a router from which a valid RIP ++-- updated has been heard in the last 180 seconds. ++ ++ rip2PeerTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Rip2PeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "A list of RIP Peers." ++ ::= { rip2 4 } ++ ++ rip2PeerEntry OBJECT-TYPE ++ SYNTAX Rip2PeerEntry ++ MAX-ACCESS not-accessible ++ STATUS current ++ DESCRIPTION ++ "Information regarding a single routing peer." ++ INDEX { rip2PeerAddress, rip2PeerDomain } ++ ::= { rip2PeerTable 1 } ++ ++ Rip2PeerEntry ::= ++ SEQUENCE { ++ rip2PeerAddress ++ IpAddress, ++ rip2PeerDomain ++ RouteTag, ++ rip2PeerLastUpdate ++ TimeTicks, ++ rip2PeerVersion ++ INTEGER, ++ rip2PeerRcvBadPackets ++ Counter32, ++ rip2PeerRcvBadRoutes ++ Counter32 ++ } ++ ++ rip2PeerAddress OBJECT-TYPE ++ SYNTAX IpAddress ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The IP Address that the peer is using as its source ++ address. Note that on an unnumbered link, this may ++ not be a member of any subnet on the system." ++ ::= { rip2PeerEntry 1 } ++ ++ rip2PeerDomain OBJECT-TYPE ++ SYNTAX RouteTag ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The value in the Routing Domain field in RIP ++ packets received from the peer. As domain suuport ++ is deprecated, this must be zero." ++ ::= { rip2PeerEntry 2 } ++ ++ rip2PeerLastUpdate OBJECT-TYPE ++ SYNTAX TimeTicks ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The value of sysUpTime when the most recent ++ RIP update was received from this system." ++ ::= { rip2PeerEntry 3 } ++ ++ rip2PeerVersion OBJECT-TYPE ++ SYNTAX INTEGER ( 0..255 ) ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The RIP version number in the header of the ++ last RIP packet received." ++ ::= { rip2PeerEntry 4 } ++ ++ rip2PeerRcvBadPackets OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of RIP response packets from this ++ peer discarded as invalid." ++ ::= { rip2PeerEntry 5 } ++ ++ ++ rip2PeerRcvBadRoutes OBJECT-TYPE ++ SYNTAX Counter32 ++ MAX-ACCESS read-only ++ STATUS current ++ DESCRIPTION ++ "The number of routes from this peer that were ++ ignored because the entry format was invalid." ++ ::= { rip2PeerEntry 6 } ++ ++-- conformance information ++ ++rip2Conformance OBJECT IDENTIFIER ::= { rip2 5 } ++ ++rip2Groups OBJECT IDENTIFIER ::= { rip2Conformance 1 } ++rip2Compliances OBJECT IDENTIFIER ::= { rip2Conformance 2 } ++ ++-- compliance statements ++rip2Compliance MODULE-COMPLIANCE ++ STATUS current ++ DESCRIPTION ++ "The compliance statement " ++ MODULE -- this module ++ MANDATORY-GROUPS { ++ rip2GlobalGroup, ++ rip2IfStatGroup, ++ rip2IfConfGroup, ++ rip2PeerGroup ++ } ++ GROUP rip2GlobalGroup ++ DESCRIPTION ++ "This group defines global controls for RIP-II systems." ++ GROUP rip2IfStatGroup ++ DESCRIPTION ++ "This group defines interface statistics for RIP-II systems." ++ GROUP rip2IfConfGroup ++ DESCRIPTION ++ "This group defines interface configuration for RIP-II systems." ++ GROUP rip2PeerGroup ++ DESCRIPTION ++ "This group defines peer information for RIP-II systems." ++ ::= { rip2Compliances 1 } ++ ++-- units of conformance ++ ++rip2GlobalGroup OBJECT-GROUP ++ OBJECTS { ++ rip2GlobalRouteChanges, ++ rip2GlobalQueries ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines global controls for RIP-II systems." ++ ::= { rip2Groups 1 } ++rip2IfStatGroup OBJECT-GROUP ++ OBJECTS { ++ rip2IfStatAddress, ++ rip2IfStatRcvBadPackets, ++ rip2IfStatRcvBadRoutes, ++ rip2IfStatSentUpdates, ++ rip2IfStatStatus ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines interface statistics for RIP-II systems." ++ ::= { rip2Groups 2 } ++rip2IfConfGroup OBJECT-GROUP ++ OBJECTS { ++ rip2IfConfAddress, ++ rip2IfConfAuthType, ++ rip2IfConfAuthKey, ++ rip2IfConfSend, ++ rip2IfConfReceive, ++ rip2IfConfDefaultMetric, ++ rip2IfConfStatus, ++ rip2IfConfSrcAddress ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines interface configuration for RIP-II systems." ++ ::= { rip2Groups 3 } ++rip2PeerGroup OBJECT-GROUP ++ OBJECTS { ++ rip2PeerAddress, ++ rip2PeerDomain, ++ rip2PeerLastUpdate, ++ rip2PeerVersion, ++ rip2PeerRcvBadPackets, ++ rip2PeerRcvBadRoutes ++ } ++ STATUS current ++ DESCRIPTION ++ "This group defines peer information for RIP-II systems." ++ ::= { rip2Groups 4 } ++END +diff -ruN mibs/SOURCE-ROUTING-MIB.txt.orig mibs/SOURCE-ROUTING-MIB.txt +--- mibs/SOURCE-ROUTING-MIB.txt.orig 1970-01-01 01:00:00.000000000 +0100 ++++ mibs/SOURCE-ROUTING-MIB.txt 2005-07-20 21:45:50.000000000 +0200 +@@ -0,0 +1,452 @@ ++SOURCE-ROUTING-MIB DEFINITIONS ::= BEGIN ++ ++IMPORTS ++ Counter, Gauge ++ FROM RFC1155-SMI ++ dot1dBridge, dot1dSr ++ FROM BRIDGE-MIB ++ OBJECT-TYPE ++ FROM RFC-1212; ++ ++-- groups in the SR MIB ++ ++-- dot1dSr is imported from the Bridge MIB ++ ++dot1dPortPair OBJECT IDENTIFIER ::= { dot1dBridge 10 } ++ ++-- the dot1dSr group ++ ++-- this group is implemented by those bridges that ++-- support the source route bridging mode, including Source ++-- Routing and SRT bridges. ++ ++dot1dSrPortTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dSrPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about every ++ port that is associated with this source route ++ bridge." ++ ::= { dot1dSr 1 } ++ ++dot1dSrPortEntry OBJECT-TYPE ++ SYNTAX Dot1dSrPortEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port of a source ++ route bridge." ++ INDEX { dot1dSrPort } ++ ++ ::= { dot1dSrPortTable 1 } ++ ++Dot1dSrPortEntry ::= ++ SEQUENCE { ++ dot1dSrPort ++ INTEGER, ++ dot1dSrPortHopCount ++ INTEGER, ++ dot1dSrPortLocalSegment ++ INTEGER, ++ dot1dSrPortBridgeNum ++ INTEGER, ++ dot1dSrPortTargetSegment ++ INTEGER, ++ dot1dSrPortLargestFrame ++ INTEGER, ++ dot1dSrPortSTESpanMode ++ INTEGER, ++ dot1dSrPortSpecInFrames ++ Counter, ++ dot1dSrPortSpecOutFrames ++ Counter, ++ dot1dSrPortApeInFrames ++ Counter, ++ dot1dSrPortApeOutFrames ++ Counter, ++ dot1dSrPortSteInFrames ++ Counter, ++ dot1dSrPortSteOutFrames ++ Counter, ++ dot1dSrPortSegmentMismatchDiscards ++ Counter, ++ dot1dSrPortDuplicateSegmentDiscards ++ Counter, ++ dot1dSrPortHopCountExceededDiscards ++ Counter, ++ dot1dSrPortDupLanIdOrTreeErrors ++ Counter, ++ dot1dSrPortLanIdMismatches ++ Counter ++ } ++ ++dot1dSrPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the port for which this entry ++ ++ contains Source Route management information." ++ ::= { dot1dSrPortEntry 1 } ++ ++dot1dSrPortHopCount OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum number of routing descriptors allowed ++ in an All Paths or Spanning Tree Explorer frames." ++ ::= { dot1dSrPortEntry 2 } ++ ++dot1dSrPortLocalSegment OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The segment number that uniquely identifies the ++ segment to which this port is connected. Current ++ source routing protocols limit this value to the ++ range: 0 through 4095. (The value 0 is used by ++ some management applications for special test ++ cases.) A value of 65535 signifies that no segment ++ number is assigned to this port." ++ ::= { dot1dSrPortEntry 3 } ++ ++dot1dSrPortBridgeNum OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "A bridge number uniquely identifies a bridge when ++ more than one bridge is used to span the same two ++ segments. Current source routing protocols limit ++ this value to the range: 0 through 15. A value of ++ 65535 signifies that no bridge number is assigned ++ to this bridge." ++ ::= { dot1dSrPortEntry 4 } ++ ++dot1dSrPortTargetSegment OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The segment number that corresponds to the target ++ segment this port is considered to be connected to ++ by the bridge. Current source routing protocols ++ limit this value to the range: 0 through 4095. ++ ++ (The value 0 is used by some management ++ applications for special test cases.) A value of ++ 65535 signifies that no target segment is assigned ++ to this port." ++ ::= { dot1dSrPortEntry 5 } ++ ++-- It would be nice if we could use ifMtu as the size of the ++-- largest frame, but we can't because ifMtu is defined to be ++-- the size that the (inter-)network layer can use which can ++-- differ from the MAC layer (especially if several layers of ++-- encapsulation are used). ++ ++dot1dSrPortLargestFrame OBJECT-TYPE ++ SYNTAX INTEGER ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The maximum size of the INFO field (LLC and ++ above) that this port can send/receive. It does ++ not include any MAC level (framing) octets. The ++ value of this object is used by this bridge to ++ determine whether a modification of the ++ LargestFrame (LF, see [14]) field of the Routing ++ Control field of the Routing Information Field is ++ necessary. ++ ++ 64 valid values are defined by the IEEE 802.5M SRT ++ Addendum: 516, 635, 754, 873, 993, 1112, 1231, ++ 1350, 1470, 1542, 1615, 1688, 1761, 1833, 1906, ++ 1979, 2052, 2345, 2638, 2932, 3225, 3518, 3812, ++ 4105, 4399, 4865, 5331, 5798, 6264, 6730, 7197, ++ 7663, 8130, 8539, 8949, 9358, 9768, 10178, 10587, ++ 10997, 11407, 12199, 12992, 13785, 14578, 15370, ++ 16163, 16956, 17749, 20730, 23711, 26693, 29674, ++ 32655, 35637, 38618, 41600, 44591, 47583, 50575, ++ 53567, 56559, 59551, and 65535. ++ ++ An illegal value will not be accepted by the ++ bridge." ++ ::= { dot1dSrPortEntry 6 } ++ ++dot1dSrPortSTESpanMode OBJECT-TYPE ++ SYNTAX INTEGER { ++ auto-span(1), ++ disabled(2), ++ forced(3) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "Determines how this port behaves when presented ++ with a Spanning Tree Explorer frame. The value ++ 'disabled(2)' indicates that the port will not ++ accept or send Spanning Tree Explorer packets; any ++ STE packets received will be silently discarded. ++ The value 'forced(3)' indicates the port will ++ always accept and propagate Spanning Tree Explorer ++ frames. This allows a manually configured ++ Spanning Tree for this class of packet to be ++ configured. Note that unlike transparent ++ bridging, this is not catastrophic to the network ++ if there are loops. The value 'auto-span(1)' can ++ only be returned by a bridge that both implements ++ the Spanning Tree Protocol and has use of the ++ protocol enabled on this port. The behavior of the ++ port for Spanning Tree Explorer frames is ++ determined by the state of dot1dStpPortState. If ++ the port is in the 'forwarding' state, the frame ++ will be accepted or propagated. Otherwise, it ++ will be silently discarded." ++ ::= { dot1dSrPortEntry 7 } ++ ++dot1dSrPortSpecInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of Specifically Routed frames, also ++ referred to as Source Routed Frames, that have ++ been received from this port's segment." ++ ::= { dot1dSrPortEntry 8 } ++ ++dot1dSrPortSpecOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of Specifically Routed frames, also ++ referred to as Source Routed Frames, that this ++ port has transmitted on its segment." ++ ::= { dot1dSrPortEntry 9 } ++ ++dot1dSrPortApeInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of All Paths Explorer frames, also ++ referred to as All Routes Explorer frames, that ++ have been received by this port from its segment." ++ ::= { dot1dSrPortEntry 10 } ++ ++dot1dSrPortApeOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of all Paths Explorer Frames, also ++ referred to as All Routes Explorer frames, that ++ have been transmitted by this port on its ++ segment." ++ ::= { dot1dSrPortEntry 11 } ++ ++dot1dSrPortSteInFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of spanning tree explorer frames that ++ have been received by this port from its segment." ++ ::= { dot1dSrPortEntry 12 } ++ ++dot1dSrPortSteOutFrames OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of spanning tree explorer frames that ++ have been transmitted by this port on its ++ segment." ++ ::= { dot1dSrPortEntry 13 } ++ ++dot1dSrPortSegmentMismatchDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of explorer frames that have been ++ discarded by this port because the routing ++ descriptor field contained an invalid adjacent ++ segment value." ++ ::= { dot1dSrPortEntry 14 } ++ ++dot1dSrPortDuplicateSegmentDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of frames that have been discarded by ++ this port because the routing descriptor field ++ contained a duplicate segment identifier." ++ ::= { dot1dSrPortEntry 15 } ++ ++dot1dSrPortHopCountExceededDiscards OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of explorer frames that have been ++ discarded by this port because the Routing ++ Information Field has exceeded the maximum route ++ descriptor length." ++ ::= { dot1dSrPortEntry 16 } ++ ++dot1dSrPortDupLanIdOrTreeErrors OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of duplicate LAN IDs or Tree errors. ++ This helps in detection of problems in networks ++ containing older IBM Source Routing Bridges." ++ ::= { dot1dSrPortEntry 17 } ++ ++dot1dSrPortLanIdMismatches OBJECT-TYPE ++ SYNTAX Counter ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The number of ARE and STE frames that were ++ discarded because the last LAN ID in the routing ++ information field did not equal the LAN-in ID. ++ This error can occur in implementations which do ++ only a LAN-in ID and Bridge Number check instead ++ of a LAN-in ID, Bridge Number, and LAN-out ID ++ check before they forward broadcast frames." ++ ::= { dot1dSrPortEntry 18 } ++ ++-- scalar object in dot1dSr ++ ++dot1dSrBridgeLfMode OBJECT-TYPE ++ SYNTAX INTEGER { ++ mode3(1), ++ mode6(2) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "Indicates whether the bridge operates using older ++ 3 bit length negotiation fields or the newer 6 bit ++ length field in its RIF." ++ ::= { dot1dSr 2 } ++ ++-- The Port-Pair Database ++ ++-- Implementation of this group is optional. ++ ++-- This group is implemented by those bridges that support ++-- the direct multiport model of the source route bridging ++-- mode as defined in the IEEE 802.5 SRT Addendum to ++-- 802.1d. ++ ++-- Bridges implementing this group may report 65535 for ++-- dot1dSrPortBridgeNumber and dot1dSrPortTargetSegment, ++-- indicating that those objects are not applicable. ++ ++dot1dPortPairTableSize OBJECT-TYPE ++ SYNTAX Gauge ++ ACCESS read-only ++ STATUS mandatory ++ DESCRIPTION ++ "The total number of entries in the Bridge Port ++ Pair Database." ++ ::= { dot1dPortPair 1 } ++ ++-- the Bridge Port-Pair table ++ ++-- this table represents port pairs within a bridge forming ++-- a unique bridge path, as defined in the IEEE 802.5M SRT ++-- Addendum. ++ ++dot1dPortPairTable OBJECT-TYPE ++ SYNTAX SEQUENCE OF Dot1dPortPairEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A table that contains information about every ++ ++ port pair database entity associated with this ++ source routing bridge." ++ ::= { dot1dPortPair 2 } ++ ++dot1dPortPairEntry OBJECT-TYPE ++ SYNTAX Dot1dPortPairEntry ++ ACCESS not-accessible ++ STATUS mandatory ++ DESCRIPTION ++ "A list of information for each port pair entity ++ of a bridge." ++ INDEX { dot1dPortPairLowPort, dot1dPortPairHighPort } ++ ::= { dot1dPortPairTable 1 } ++ ++Dot1dPortPairEntry ::= ++ SEQUENCE { ++ dot1dPortPairLowPort ++ INTEGER, ++ dot1dPortPairHighPort ++ INTEGER, ++ dot1dPortPairBridgeNum ++ INTEGER, ++ dot1dPortPairBridgeState ++ INTEGER ++ } ++ ++dot1dPortPairLowPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the lower numbered port for ++ which this entry contains port pair database ++ information." ++ ::= { dot1dPortPairEntry 1 } ++ ++dot1dPortPairHighPort OBJECT-TYPE ++ SYNTAX INTEGER (1..65535) ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The port number of the higher numbered port for ++ which this entry contains port pair database ++ information." ++ ::= { dot1dPortPairEntry 2 } ++ ++dot1dPortPairBridgeNum OBJECT-TYPE ++ SYNTAX INTEGER ++ ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "A bridge number that uniquely identifies the path ++ provided by this source routing bridge between the ++ segments connected to dot1dPortPairLowPort and ++ dot1dPortPairHighPort. The purpose of bridge ++ number is to disambiguate between multiple paths ++ connecting the same two LANs." ++ ::= { dot1dPortPairEntry 3 } ++ ++dot1dPortPairBridgeState OBJECT-TYPE ++ SYNTAX INTEGER { ++ enabled(1), ++ disabled(2), ++ invalid(3) ++ } ++ ACCESS read-write ++ STATUS mandatory ++ DESCRIPTION ++ "The state of dot1dPortPairBridgeNum. Writing ++ 'invalid(3)' to this object removes the ++ corresponding entry." ++ ::= { dot1dPortPairEntry 4 } ++ ++END --- net-snmp-5.2.1.2.orig/debian/patches/13_ipaddress_linux.c-in_len-out_len-type.patch +++ net-snmp-5.2.1.2/debian/patches/13_ipaddress_linux.c-in_len-out_len-type.patch @@ -0,0 +1,12 @@ +--- agent/mibgroup/ip-mib/data_access/ipaddress_linux.c~ 2004-10-19 05:23:59.000000000 +0200 ++++ agent/mibgroup/ip-mib/data_access/ipaddress_linux.c 2005-08-14 12:24:51.497056312 +0200 +@@ -174,7 +174,8 @@ + FILE *in; + char line[80], addr[33], if_name[IFNAMSIZ]; + u_char *buf; +- int if_index, pfx_len, scope, flags, rc = 0, in_len, out_len; ++ int if_index, pfx_len, scope, flags, rc = 0; ++ size_t in_len, out_len; + netsnmp_ipaddress_entry *entry; + _ioctl_extras *extras; + static int log_open_err = 1; --- net-snmp-5.2.1.2.orig/debian/patches/12_inetNetToMedia-01.patch +++ net-snmp-5.2.1.2/debian/patches/12_inetNetToMedia-01.patch @@ -0,0 +1,27 @@ +Index: agent/mibgroup/ip-mib/inetNetToMediaTable/inetNetToMediaTable.c +=================================================================== +RCS file: /cvsroot/net-snmp/net-snmp/agent/mibgroup/ip-mib/inetNetToMediaTable/inetNetToMediaTable.c,v +retrieving revision 1.4 +diff -u -p -r1.4 inetNetToMediaTable.c +--- agent/mibgroup/ip-mib/inetNetToMediaTable/inetNetToMediaTable.c 16 Oct 2004 00:21:20 -0000 1.4 ++++ agent/mibgroup/ip-mib/inetNetToMediaTable/inetNetToMediaTable.c 16 Aug 2005 23:44:14 -0000 +@@ -374,11 +374,16 @@ inetNetToMediaPhysAddress_get(inetNetToM + * TODO:231:o: |-> Extract the current value of the inetNetToMediaPhysAddress data. + * set (* inetNetToMediaPhysAddress_val_ptr_ptr ) and (* inetNetToMediaPhysAddress_val_ptr_len_ptr ) from rowreq_ctx->data + */ +- (*inetNetToMediaPhysAddress_val_ptr_ptr) = +- rowreq_ctx->data->arp_physaddress; ++ if ((*inetNetToMediaPhysAddress_val_ptr_len_ptr) < ++ rowreq_ctx->data->arp_physaddress_len) ++ return MFD_SKIP; ++ ++ memcpy((*inetNetToMediaPhysAddress_val_ptr_ptr), ++ rowreq_ctx->data->arp_physaddress, ++ rowreq_ctx->data->arp_physaddress_len); + (*inetNetToMediaPhysAddress_val_ptr_len_ptr) = + rowreq_ctx->data->arp_physaddress_len; +- ++ + return MFD_SUCCESS; + } /* inetNetToMediaPhysAddress_get */ + --- net-snmp-5.2.1.2.orig/debian/patches/52_CVE-2008-2292.patch +++ net-snmp-5.2.1.2/debian/patches/52_CVE-2008-2292.patch @@ -0,0 +1,75 @@ +diff -Nur -x '*.orig' -x '*~' net-snmp-5.3.1/perl/SNMP/SNMP.xs net-snmp-5.3.1.new/perl/SNMP/SNMP.xs +--- net-snmp-5.3.1/perl/SNMP/SNMP.xs 2006-05-26 09:59:15.000000000 -0700 ++++ net-snmp-5.3.1.new/perl/SNMP/SNMP.xs 2008-11-18 12:30:28.000000000 -0800 +@@ -460,14 +460,16 @@ + if (flag == USE_ENUMS) { + for(ep = tp->enums; ep; ep = ep->next) { + if (ep->value == *var->val.integer) { +- strcpy(buf, ep->label); ++ strncpy(buf, ep->label, buf_len); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + break; + } + } + } + if (!len) { +- sprintf(buf,"%ld", *var->val.integer); ++ snprintf(buf, buf_len, "%ld", *var->val.integer); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + } + break; +@@ -476,21 +478,25 @@ + case ASN_COUNTER: + case ASN_TIMETICKS: + case ASN_UINTEGER: +- sprintf(buf,"%lu", (unsigned long) *var->val.integer); ++ snprintf(buf, buf_len, "%lu", (unsigned long) *var->val.integer); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + break; + + case ASN_OCTET_STR: + case ASN_OPAQUE: +- memcpy(buf, (char*)var->val.string, var->val_len); + len = var->val_len; ++ if ( len > buf_len ) ++ len = buf_len; ++ memcpy(buf, (char*)var->val.string, len); + break; + + case ASN_IPADDRESS: +- ip = (u_char*)var->val.string; +- sprintf(buf, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); +- len = strlen(buf); +- break; ++ ip = (u_char*)var->val.string; ++ snprintf(buf, buf_len, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); ++ buf[buf_len-1] = '\0'; ++ len = strlen(buf); ++ break; + + case ASN_NULL: + break; +@@ -502,14 +508,14 @@ + break; + + case SNMP_ENDOFMIBVIEW: +- sprintf(buf,"%s", "ENDOFMIBVIEW"); +- break; ++ snprintf(buf, buf_len, "%s", "ENDOFMIBVIEW"); ++ break; + case SNMP_NOSUCHOBJECT: +- sprintf(buf,"%s", "NOSUCHOBJECT"); +- break; ++ snprintf(buf, buf_len, "%s", "NOSUCHOBJECT"); ++ break; + case SNMP_NOSUCHINSTANCE: +- sprintf(buf,"%s", "NOSUCHINSTANCE"); +- break; ++ snprintf(buf, buf_len, "%s", "NOSUCHINSTANCE"); ++ break; + + case ASN_COUNTER64: + #ifdef OPAQUE_SPECIAL_TYPES --- net-snmp-5.2.1.2.orig/debian/patches/14_snmpapi_crash.patch +++ net-snmp-5.2.1.2/debian/patches/14_snmpapi_crash.patch @@ -0,0 +1,12 @@ +diff -uNrp net-snmp-5.2.1.2.orig/snmplib/snmp_api.c net-snmp-5.2.1.2/snmplib/snmp_api.c +--- net-snmp-5.2.1.2.orig/snmplib/snmp_api.c 2005-06-30 08:51:02.000000000 -0700 ++++ net-snmp-5.2.1.2/snmplib/snmp_api.c 2007-04-19 11:56:45.000000000 -0700 +@@ -5418,7 +5418,7 @@ _sess_read(void *sessp, fd_set * fdset) + sp->s_snmp_errno = SNMPERR_BAD_RECVFROM; + sp->s_errno = errno; + snmp_set_detail(strerror(errno)); +- SNMP_FREE(rxbuf); ++ SNMP_FREE(isp->packet); + if (opaque != NULL) { + SNMP_FREE(opaque); + } --- net-snmp-5.2.1.2.orig/debian/patches/51_CVE-2008-0960.patch +++ net-snmp-5.2.1.2/debian/patches/51_CVE-2008-0960.patch @@ -0,0 +1,14 @@ +diff -Nur -x '*.orig' -x '*~' net-snmp-5.3.1/snmplib/scapi.c net-snmp-5.3.1.new/snmplib/scapi.c +--- net-snmp-5.3.1/snmplib/scapi.c 2006-01-30 04:08:15.000000000 -0800 ++++ net-snmp-5.3.1.new/snmplib/scapi.c 2008-11-18 12:29:36.000000000 -0800 +@@ -561,6 +561,10 @@ + } + + ++ if (maclen != USM_MD5_AND_SHA_AUTH_LEN) { ++ QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit); ++ } ++ + /* + * Generate a full hash of the message, then compare + * the result with the given MAC which may shorter than --- net-snmp-5.2.1.2.orig/debian/patches/01_bsdcompat.patch +++ net-snmp-5.2.1.2/debian/patches/01_bsdcompat.patch @@ -0,0 +1,23 @@ +--- net-snmp-5.1.2.orig/snmplib/snmpUDPDomain.c ++++ net-snmp-5.1.2/snmplib/snmpUDPDomain.c +@@ -589,20 +589,6 @@ + void + _netsnmp_udp_sockopt_set(int fd, int local) + { +-#ifdef SO_BSDCOMPAT +- /* +- * Patch for Linux. Without this, UDP packets that fail get an ICMP +- * response. Linux turns the failed ICMP response into an error message +- * and return value, unlike all other OS's. +- */ +- if (0 == netsnmp_os_prematch("Linux","2.4")) +- { +- int one = 1; +- DEBUGMSGTL(("socket:option", "setting socket option SO_BSDCOMPAT\n")); +- setsockopt(fd, SOL_SOCKET, SO_BSDCOMPAT, (void *) &one, +- sizeof(one)); +- } +-#endif /*SO_BSDCOMPAT */ + /* + * SO_REUSEADDR will allow multiple apps to open the same port at + * the same time. Only the last one to open the socket will get --- net-snmp-5.2.1.2.orig/debian/patches/07_docfiles.patch +++ net-snmp-5.2.1.2/debian/patches/07_docfiles.patch @@ -0,0 +1,127 @@ +--- net-snmp-5.1.2.orig/man/mib2c.1.def ++++ net-snmp-5.1.2/man/mib2c.1.def +@@ -72,8 +72,9 @@ + .TP + .BI -c " CONFIGFILE" + Use CONFIGFILE when generating code. These files will be searched for +-first in the current directory and then in the DATADIR directory +-(which is where the default mib2c configuration files can be found). ++first in the current directory and then in /etc/snmp ++(which is where the default mib2c configuration files can be found) ++and finally in the DATADIR directory. + Running mib2c without the -c CONFIGFILE option will display + a description of the valid values for CONFIGFILE, that is, + the available config files, including new ones that you might +--- net-snmp-5.1.2.orig/man/snmpset.1.def ++++ net-snmp-5.1.2/man/snmpset.1.def +@@ -73,7 +73,7 @@ + .PD + .RE + Most of these will use the obvious corresponding ASN.1 type. +-'s', 'x', 'd' and 'b' are all different ways of specifying an OCTET STRING ++\&'s', 'x', 'd' and 'b' are all different ways of specifying an OCTET STRING + value, and the 'u' unsigned type is also used for handling Gauge32 values. + .PP + If you have the proper MIB file loaded, you can, in most cases, replace the +--- net-snmp-5.1.2.orig/man/snmp_trap_api.3.def ++++ net-snmp-5.1.2/man/snmp_trap_api.3.def +@@ -1,8 +1,7 @@ + .TH SNMP_TRAP_API 3 "7 Mar 2002" VVERSIONINFO "Net-SNMP" + .UC 5 + .SH NAME +-send_easy_trap, send_trap_vars, send_v2trap - send TRAPs or INFORMs +-from a Net-SNMP MIB module ++send_easy_trap, send_trap_vars, send_v2trap - send TRAPs or INFORMs from a Net-SNMP MIB module + .SH SYNOPSIS + .B #include + .PP +--- net-snmp-5.1.2.orig/man/snmp_config.5.def ++++ net-snmp-5.1.2/man/snmp_config.5.def +@@ -11,7 +11,7 @@ + found and read from. By default, the applications look for + configuration files in the following 4 directories, in order: + SYSCONFDIR/snmp, +-DATADIR/snmp, LIBDIR/snmp, and $HOME/.snmp. In each of these ++/etc/snmp, LIBDIR/snmp, and $HOME/.snmp. In each of these + directories, it looks for files with the extension of both + .IR conf " and " local.conf + (reading the second ones last). In this manner, there are +--- net-snmp-5.1.2.orig/FAQ ++++ net-snmp-5.1.2/FAQ +@@ -104,7 +104,7 @@ + I don't understand the new access control stuff - what does it mean? + How do I configure SNMPv3 users? + The 'createUser' line disappears when I start the agent. Why? +- What's the difference between /var/ucd-snmp and /usr/local/share/snmp? ++ What's the difference between /var/ucd-snmp and /usr/share/snmp? + My new agent is ignoring the old snmpd.conf file. Why? + Why am I getting "Connection refused"? + I'm getting errors about "bad security model" - why? +@@ -620,7 +620,7 @@ + + Firstly, + +- cp MY-MIB.txt /usr/local/share/snmp/mibs ++ cp MY-MIB.txt /usr/share/snmp/mibs + + or + +@@ -639,7 +639,7 @@ + Note that you need *both* steps. + The first command copies the file defining the new MIB to a + expected location for MIB files. This defaults to +- /usr/local/share/snmp/mibs (or PREFIX/share/snmp/mibs if the the ++ /usr/share/snmp/mibs (or PREFIX/share/snmp/mibs if the the + suite was installed into a different base location). Some + ready-packaged distributions (such as Linux RPM packages) may look + for MIB files in a different location, such as /etc/snmp/mibs - put +@@ -1111,7 +1111,7 @@ + If this is the case, then you can specify this interpreter + explicitly as part of the trap handle directive: + +- traphandle default /usr/bin/perl /usr/local/bin/log_it ++ traphandle default /usr/bin/perl /usr/bin/log_it + + Note that in this case, it's almost certain that you'll also + need to give the full path to the traphandle script (as shown) +@@ -1263,7 +1263,7 @@ + (if appropriate) the community string to use. + + Some of these (such as the MIB file location), might belong in a +- shared snmp.conf file (typically /usr/local/share/snmp/snmp.conf or ++ shared snmp.conf file (typically /usr/share/snmp/snmp.conf or + /etc/snmp/snmp.conf) to apply to all users of the system. Others + (particularly the SNMPv3 security settings), are more likely to refer + to a particular user, and should go in a personal snmp.conf file +@@ -1522,7 +1522,7 @@ + + + Alternatively, the tools may be looking in the wrong place. +- The default location for the mib files is /usr/local/share/snmp/mibs. ++ The default location for the mib files is /usr/share/snmp/mibs. + Again, this is set when the suite is first configured and compiled. + This can be changed using the environmental variable 'MIBDIRS' + or the snmp.conf directive 'mibdirs'. +@@ -2507,11 +2507,11 @@ + + + +-What's the difference between /var/ucd-snmp and /usr/local/share/snmp? ++What's the difference between /var/ucd-snmp and /usr/share/snmp? + --------------------------------------------------------------------- + + Most "static" agent configuration should go in the traditional location +- (typically /usr/local/share/snmp/snmpd.conf or /etc/snmp). The ++ (typically /usr/share/snmp/snmpd.conf or /etc/snmp). The + /var/ucd-snmp (or /var/net-snmp) location is used for information set during + the running of the agent, which needs to be persistent between one run of + the agent and the next. +@@ -2531,7 +2531,7 @@ + distribution), with the current release installed from the source. + + The default location for this file with the basic distribution is +- /usr/local/share/snmp/snmpd.conf (or PREFIX/share/snmp/snmpd.conf). ++ /usr/share/snmp/snmpd.conf (or PREFIX/share/snmp/snmpd.conf). + Ready-installed versions often look for the file as /etc/snmpd.conf, + or /etc/snmp/snmpd.conf. Try moving the old config file to the new + location, and restart the agent. --- net-snmp-5.2.1.2.orig/debian/patches/11_library-version-update-5.2.1.2.patch +++ net-snmp-5.2.1.2/debian/patches/11_library-version-update-5.2.1.2.patch @@ -0,0 +1,44 @@ +Index: Makefile.top +=================================================================== +RCS file: /cvsroot/net-snmp/net-snmp/Makefile.top,v +retrieving revision 5.17.2.1 +diff -u -p -r5.17.2.1 Makefile.top +--- Makefile.top 25 Dec 2004 06:07:00 -0000 5.17.2.1 ++++ Makefile.top 5 Sep 2005 18:58:36 -0000 +@@ -51,24 +51,21 @@ EXEEXT = @EXEEXT@ + # Misc Compiling Stuff + CC = @CC@ + +-# ok, use libtool versioning, but not quite the way they recommend. +-# The shared library version number will be: ++# use libtool versioning the way they recommend. ++# The (slightly clarified) rules: + # +-# (CURRENT-AGE).AGE.REVISION ++# - If any interfaces/structures have been removed or changed since the ++# last update, increment current, and set age and revision to 0. Stop. + # +-# *** THIS MEANS YOU MAY NEED TO DECREMENT CURRENT FOR A NEW RELEASE *** +-# +-# examples: +-# C.A.R library name +-# ------- --------------- +-# 5.0.9 libxxx.so.5.0.9 +-# 6.1.2 libxxx.so.5.1.2 +-# 7.2.8 libxxx.so.5.2.8 +-# 6.0.0 libxxx.so.6.0.0 ++# - If any interfaces have been added since the last public release, then ++# increment current and age, and set revision to 0. Stop. + # +-LIBCURRENT = 7 +-LIBAGE = 2 +-LIBREVISION = 1 ++# - If the source code has changed at all since the last update, ++# then increment revision (c:r:a becomes c:r+1:a). ++# ++LIBCURRENT = 9 ++LIBAGE = 0 ++LIBREVISION = 0 + + LIB_LD_CMD = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o + LIB_EXTENSION = la --- net-snmp-5.2.1.2.orig/debian/patches/09_agentxpath.patch +++ net-snmp-5.2.1.2/debian/patches/09_agentxpath.patch @@ -0,0 +1,11 @@ +--- net-snmp-5.1.2.orig/agent/mibgroup/agentx/protocol.h ++++ net-snmp-5.1.2/agent/mibgroup/agentx/protocol.h +@@ -10,7 +10,7 @@ + */ + + #define AGENTX_PORT 705 +-#define AGENTX_SOCKET "/var/agentx/master" ++#define AGENTX_SOCKET "/var/run/agentx" + + /* + * AgentX versions --- net-snmp-5.2.1.2.orig/debian/cbs-patches.Makefile +++ net-snmp-5.2.1.2/debian/cbs-patches.Makefile @@ -0,0 +1,87 @@ +# These are based on Colin's Build System +DEB_PATCH_SUFFIX = .patch +DEB_SRCDIR = . +DEB_PATCHDIRS = debian/patches +DEB_PATCHES = $(foreach dir,$(DEB_PATCHDIRS),$(shell echo $(wildcard $(dir)/*$(DEB_PATCH_SUFFIX)) $(wildcard $(dir)/*.diff))) + +pre-build: + # Emptly rule to please CBS patch rules + +# The patch subsystem +apply-patches: pre-build debian/stamp-patched +debian/stamp-patched: $(DEB_PATCHES) +debian/stamp-patched reverse-patches: + @echo "patches: $(DEB_PATCHES)" + @set -e ; reverse=""; patches="$(DEB_PATCHES)"; \ + if [ "$@" = "reverse-patches" ]; then \ + if [ ! -e debian/stamp-patched ]; then \ + echo "Not reversing not applied patches."; \ + exit 0; \ + fi; \ + reverse="-R"; \ + for patch in $$patches; do reversepatches="$$patch $$reversepatches"; done; \ + patches="$$reversepatches"; \ + fi; \ + for patch in $$patches; do \ + case $$patch in \ + *.gz) cat=zcat ;; \ + *.bz2) cat=bzcat ;; \ + *) cat=cat ;; \ + esac; \ + level=$$(head $$patch | egrep '^#DPATCHLEVEL=' | cut -f 2 -d '='); \ + reverse=""; \ + if [ "$@" = "reverse-patches" ]; then reverse="-R"; fi; \ + success=""; \ + if [ -z "$$level" ]; then \ + echo -n "Trying "; if test -n "$$reverse"; then echo -n "reversed "; fi; echo -n "patch $$patch at level "; \ + for level in 0 1 2; do \ + if test -z "$$success"; then \ + echo -n "$$level..."; \ + if [ "$(DEB_PATCHDIRS_READONLY)" = "yes" ] ; then \ + logfile="/dev/null" ; \ + else \ + logfile="$$patch.level-$$level.log" ; \ + fi ; \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --dry-run -p$$level 1>$$logfile 2>&1; then \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --no-backup-if-mismatch -V never -p$$level 1>$$logfile 2>&1; then \ + success=yes; \ + touch debian/stamp-patch-$$(basename $$patch); \ + echo "success."; \ + fi; \ + fi; \ + fi; \ + done; \ + if test -z "$$success"; then \ + if test -z "$$reverse"; then \ + echo "failure."; \ + exit 1; \ + else \ + echo "failure (ignored)."; \ + fi \ + fi; \ + else \ + echo -n "Trying patch $$patch at level $$level..."; \ + echo -n "$$level..."; \ + if [ "$(DEB_PATCHDIRS_READONLY)" = "yes" ] ; then \ + logfile="/dev/null" ; \ + else \ + logfile="$$patch.log" ; \ + fi ; \ + if $$cat $$patch | patch -d $(DEB_SRCDIR) $$reverse -E --no-backup-if-mismatch -V never -p$$level 1>$$logfile 2>&1; then \ + touch debian/stamp-patch-$$(basename $$patch); \ + echo "success."; \ + else \ + echo "failure:"; \ + cat $$logfile; \ + if test -z "$$reverse"; then exit 1; fi; \ + fi; \ + fi; \ + done + if [ "$@" = "debian/stamp-patched" ]; then touch debian/stamp-patched; fi + +post-patches:: apply-patches + +clean:: reverse-patches + rm -f debian/stamp-patch* + rm -f debian/patches/*.log + --- net-snmp-5.2.1.2.orig/debian/snmpd.files +++ net-snmp-5.2.1.2/debian/snmpd.files @@ -0,0 +1,11 @@ +usr/sbin/* +usr/share/man/man5/snmpd.conf.5snmp +usr/share/man/man5/snmptrapd.conf.5snmp +usr/share/man/man8/snmpd.8 +usr/share/man/man8/snmptrapd.8 +usr/share/snmp/snmpconf-data/snmpd-data +usr/share/snmp/snmpconf-data/snmptrapd-data +etc/default/snmpd +etc/snmp/snmpd.conf +etc/snmp/snmptrapd.conf +usr/share/lintian/overrides/ --- net-snmp-5.2.1.2.orig/debian/libsnmp-base.docs +++ net-snmp-5.2.1.2/debian/libsnmp-base.docs @@ -0,0 +1,6 @@ +FAQ +NEWS +README +README.snmpv3 +README.thread +debian/README.Debian