SNMP

Started by Zeitkind, February 24, 2016, 08:17:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 24, 2016, 08:17:38 PM
Hi,
fyi: there are still some remnant of pfsense left in snmp stuff. I see things like "pfSense Packet Disposition", "pfSense State Table Entries", "pfSense State Table Operations", "pfSense Source Node Count" and "pfSense Source Node Operations" when collecting data with openNSM. I guess noone used it? ^^
February 25, 2016, 08:46:35 AM #1
Hi Zeitkind,

Which version are you using?
The SNMP code is still up for a refresh (before 16.7), but I can't find the text your mentioning in the current version.

Regards,

Ad
February 25, 2016, 07:32:39 PM #2
Versions    OPNsense 16.1.3-i386
FreeBSD 10.2-RELEASE-p12
OpenSSL 1.0.2f 28 Jan 2016

Some screenshots:



February 25, 2016, 08:00:21 PM #3
Just switched to devel, the same with OPNsense 16.7.a_328-i386
February 25, 2016, 08:12:20 PM #4
Was this previously a pfSense config?
Can you check if the product name is in /var/etc/snmpd.conf?
February 25, 2016, 08:27:21 PM #5
Looks normal:

root@firewall:/ # cat /var/etc/snmpd.conf
location := "xxxx"
contact := "xx"
read := "xxx"
# SNMP Trap support.
traphost := 192.168.x.y
trapport := 162
trap := "mytrap"

system := 1
%snmpd
sysDescr      = "OPNsense (hostname) 16.1.3-cbe0cef57 OPNsense FreeBSD 10.2-RELEASE-p12 i386"
[..]

Contains the stuff I defined via GUI (location, trap server etc.)
Didn't update the version string in sysDesc after switching to devel - bug?
February 25, 2016, 08:30:59 PM #6
strange, do you know how I can query the same on a machine at my end? (snmpwalk/get command?)
To update the sysDescr you probably have to restart the service.
February 25, 2016, 11:03:48 PM #7
I looked at the source code of my openNMS page. A variable came up called "pfSense.disposition" - which led to the source of openNMS
https://github.com/opennms-config-modules/pfsense/blob/master/graphs/pfsense.graph.properties

Seems like openNMS somehow guesses that my host is a pfsense firewall and therefor uses this graphing modul. Have no idea how or why, there must be some kind of match to trigger it.
February 26, 2016, 09:18:06 AM #8
Yes, it's part of your openNMS plugin, if you want to change it, you have to do it in their plugin :)
February 26, 2016, 12:39:24 PM #9
I still wonder how openNMS guesses that this host is a pfsense firewall. I only told openNMS to scan this host and it automatically took the pfsense plugin for that.
February 27, 2016, 05:16:21 PM #10
Maybe the box's MIB is recognised as such--we've made no adjustments in that area so it it looks the same over SNMP.
February 28, 2016, 11:31:56 AM #11
Yeah, must be some kind of predefined good guess. I don't care much if my firewalls show up as a pfsenses, prob. someone makes an openNMS module for opnsense one day. I'm not a real expert in SNMP.. :/
Print
Go Up Pages1
User actions