[Bug 227502] Unable to add pfsense as monitored target in ntopng

Sat, 14 Apr 2018 14:39:06 -0700 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227502

Eugene Grosbein <eu...@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Open
           Assignee|ports-b...@freebsd.org      |ha...@freebsd.org
                 CC|                            |eu...@freebsd.org,
                   |                            |n...@freebsd.org

--- Comment #1 from Eugene Grosbein <eu...@freebsd.org> ---
I've reproduced the problem building and running third-party/snmp/test.c from
net/ntopng source tree. I run bsnmpd in debug mode:

/usr/sbin/bsnmpd -p /var/run/snmpd.pid -d -D dump,trace=0x30000000

Incoming SNMPv1 GetRequest as captured and decoded by tcpdump:

04:15:32.993260 IP (tos 0x0, ttl 62, id 21558, offset 0, flags [none], proto
UDP (17), length 81)
    X.X.X.X.46351 > X.X.X.X.Y: [udp sum ok]  { SNMPv1 C="xxxxxxx" {
GetRequest(34) R=1  .1.3.6.1.2.1.1.5.0 } }

bsnmpd fails to parse it producing errors:

snmpd[45132]: ASN.1: non-minimal integer at 00 00 00 00 04 07 72 65 77 6f 72 74
68 a0 22 02 04 00 00 00 01 02 04 00 00 00 00 02 04 00 00 00 00 30 0e 30 0c 06
08 2b 06 01 02 01 01 05 00 05 00
snmpd[45132]: SNMP: cannot decode version

ntopng uses bundled copy of library https://github.com/ejrh/snmp to encode SNMP
data into packets and this library seems to produce incorrect DER/ASN.1 packets
always encoding integers with 4 bytes per value. The library itself is pretty
old, it was not updated for 6 years.

snmpwalk, on the other hand, produces correct requests and bsnmpd answers just
fine.

It seems, net-snmpd tolerates such standard violation but bsnmpd does not.
Please note that other modern software tend to stick to strict validation too. 
For example, golang's library encoding/asn1 rejects such invalid "non-minimal
integer encodings" since version 1.7: https://golang.org/doc/go1.7

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Reply via email to