Index: includes/common.php =================================================================== --- includes/common.php (revision 4104) +++ includes/common.php (working copy) @@ -157,10 +157,38 @@ function external_exec($command) { - global $debug; + global $debug, $exec_status; + //$command = str_replace(' 2>/dev/null', '', $command); + $exec_status = array('command' => $command); + if ($debug) { echo($command."\n"); } - $output = shell_exec($command); + //$output = shell_exec($command); // old way + + $descriptorspec = array( + //0 => array('pipe', 'r'), // stdin + 1 => array('pipe', 'w'), // stdout + 2 => array('pipe', 'w') // stderr + ); + $process = proc_open($command, $descriptorspec, $pipes); + stream_set_blocking($pipes[2], 0); // Set nonblocking STDERR (very, very speeds up executing) + if (is_resource($process)) + { + $exec_status['error'] = stream_get_contents($pipes[2]); + if ($exec_status['error']) + { + $output = FALSE; + } else { + $output = stream_get_contents($pipes[1]); + } + fclose($pipes[1]); + fclose($pipes[2]); + $exec_status['status'] = proc_close($process); + } else { + $output = FALSE; + $exec_error['error'] = ''; + $exec_status['status'] = -1; + } if ($debug) { echo($output."\n"); } return $output; Index: includes/defaults.inc.php =================================================================== --- includes/defaults.inc.php (revision 4104) +++ includes/defaults.inc.php (working copy) @@ -538,7 +538,7 @@ $config['poller_modules']['aruba-controller'] = 1; $config['poller_modules']['entity-physical'] = 1; $config['poller_modules']['applications'] = 1; -$config['poller_modules']['q-bridge-mib-fdb'] = 1; +$config['poller_modules']['fdb-table'] = 1; // List of discovery modules. Need to be in this array to be // considered for execution. Index: includes/discovery/functions.inc.php =================================================================== --- includes/discovery/functions.inc.php (revision 4104) +++ includes/discovery/functions.inc.php (working copy) @@ -74,7 +74,7 @@ function discover_device($device, $options = NULL) { - global $config, $valid; + global $config, $valid, $exec_status; $valid = array(); // Reset $valid array Index: includes/discovery/vlans/cisco-vtp.inc.php =================================================================== --- includes/discovery/vlans/cisco-vtp.inc.php (revision 4104) +++ includes/discovery/vlans/cisco-vtp.inc.php (working copy) @@ -30,6 +30,11 @@ $vlan_update['vlan_mtu'] = $vlan['vtpVlanMtu']; } + if (is_array($vlans_db[$vtpdomain_id][$vlan_id]) && $vlans_db[$vtpdomain_id][$vlan_id]['vlan_status'] != $vlan['vtpVlanState']) + { + $vlan_update['vlan_status'] = $vlan['vtpVlanState']; + } + echo(" $vlan_id"); if (is_array($vlan_update)) { Index: includes/discovery/vlans/q-bridge-mib.inc.php =================================================================== --- includes/discovery/vlans/q-bridge-mib.inc.php (revision 4104) +++ includes/discovery/vlans/q-bridge-mib.inc.php (working copy) @@ -9,21 +9,41 @@ echo("VLAN $vlanversion "); $vtpdomain_id = "1"; - $vlans = snmpwalk_cache_oid($device, "dot1qVlanStaticName", array(), "Q-BRIDGE-MIB"); + $vlans = snmpwalk_cache_oid($device, "dot1qVlanStaticEntry", array(), "Q-BRIDGE-MIB"); - foreach ($vlans as $vlan_id => $vlan) - { - echo(" $vlan_id"); - if (is_array($vlans_db[$vtpdomain_id][$vlan_id])) - { - echo("."); - } else { - dbInsert(array('device_id' => $device['device_id'], 'vlan_domain' => $vtpdomain_id, 'vlan_vlan' => $vlan_id, 'vlan_name' => $vlan['dot1qVlanStaticName'], 'vlan_type' => array('NULL')), 'vlans'); - echo("+"); - } - $device['vlans'][$vtpdomain_id][$vlan_id] = $vlan_id; - } + foreach ($vlans as $vlan_id => $vlan) + { + if($device['os'] == 'ftos') + { + $vlan_id = rewrite_ftos_vlanid($device, $vlan_id); + } + unset ($vlan_update); + if (is_array($vlans_db[$vtpdomain_id][$vlan_id]) && $vlans_db[$vtpdomain_id][$vlan_id]['vlan_name'] != $vlan['dot1qVlanStaticName']) + { + $vlan_update['vlan_name'] = $vlan['dot1qVlanStaticName']; + } + + if (is_array($vlans_db[$vtpdomain_id][$vlan_id]) && $vlans_db[$vtpdomain_id][$vlan_id]['vlan_status'] != $vlan['dot1qVlanStaticRowStatus']) + { + $vlan_update['vlan_status'] = $vlan['dot1qVlanStaticRowStatus']; + } + + echo(" $vlan_id"); + if (is_array($vlan_update)) + { + dbUpdate($vlan_update, 'vlans', 'vlan_id = ?', array($vlans_db[$vtpdomain_id][$vlan_id]['vlan_id'])); + echo("U"); + } elseif (is_array($vlans_db[$vtpdomain_id][$vlan_id])) + { + echo("."); + } else { + dbInsert(array('device_id' => $device['device_id'], 'vlan_domain' => $vtpdomain_id, 'vlan_vlan' => $vlan_id, 'vlan_name' => $vlan['dot1qVlanStaticName'], 'vlan_type' => array('NULL')), 'vlans'); + echo("+"); + } + $device['vlans'][$vtpdomain_id][$vlan_id] = $vlan_id; + } + } echo("\n"); Index: includes/discovery/vlans.inc.php =================================================================== --- includes/discovery/vlans.inc.php (revision 4104) +++ includes/discovery/vlans.inc.php (working copy) @@ -16,6 +16,12 @@ include("includes/discovery/vlans/cisco-vtp.inc.php"); // Fetch switchport <> VLAN relationships. This is DIRTY. +//if($device['os_group'] != 'cisco') +//{ +// $vlan_data = snmpwalk_cache_oid($device, "dot1dStpPortEntry", array(), "BRIDGE-MIB:Q-BRIDGE-MIB"); +// $vlan_data = snmpwalk_cache_oid($device, "dot1dBasePortEntry", $vlan_data, "BRIDGE-MIB:Q-BRIDGE-MIB"); +//} +//var_dump($vlan_data); foreach ($device['vlans'] as $domain_id => $vlans) { foreach ($vlans as $vlan_id => $vlan) @@ -28,13 +34,25 @@ // FIXME - do this only when vlan type == ethernet? if (is_numeric($vlan_id) && ($vlan_id <1002 || $vlan_id > 1105)) // Ignore reserved VLAN IDs { - if ($device['os_group'] == "cisco" || $device['os'] == "ios") // This shit only seems to work on IOS + if ($device['os_group'] == "cisco") // This shit only seems to work on Cisco { - # Probably does not work with snmpv3. I have no real idea about what this code is really doing - # This can not be fixed for snmpv3 here. You have to create per-vlan communities on the device. WIN/WIN/WIN. - $vlan_device = array_merge($device, array('community' => $device['community']."@".$vlan_id)); - $vlan_data = snmpwalk_cache_oid($vlan_device, "dot1dStpPortEntry", array(), "BRIDGE-MIB:Q-BRIDGE-MIB"); - $vlan_data = snmpwalk_cache_oid($vlan_device, "dot1dBasePortEntry", $vlan_data, "BRIDGE-MIB:Q-BRIDGE-MIB"); + list($ios_version) = explode('(', $device['version']); + // vlan context not worked on Cisco IOS <= 12.1 (SNMPv3) + if ($device['snmpver'] == 'v3' && $device['os'] == "ios" && ($ios_version * 10) <= 121) + { + echo("ERROR: For proper work please use SNMP v2/v1 for this device\n"); + break; + } + $device['snmpcontext'] = $vlan_id; + $vlan_data = snmpwalk_cache_oid($device, "dot1dStpPortEntry", array(), "BRIDGE-MIB:Q-BRIDGE-MIB"); + // Detection shit snmpv3 authorization errors for contexts + if ($exec_status['status'] != 0) + { + echo("ERROR: For proper work of 'vlan-' context on cisco device with SNMPv3, it is necessary to add 'match prefix' in snmp-server config\n"); + break; + } + $vlan_data = snmpwalk_cache_oid($device, "dot1dBasePortEntry", $vlan_data, "BRIDGE-MIB:Q-BRIDGE-MIB"); + unset($device['snmpcontext']); } echo("VLAN $vlan_id \n"); Index: includes/polling/fdb-table.inc.php =================================================================== --- includes/polling/fdb-table.inc.php (revision 0) +++ includes/polling/fdb-table.inc.php (working copy) @@ -0,0 +1,142 @@ + port cache table +$port_ifIndex_table = array(); +foreach (dbFetchRows("SELECT `ifIndex`,`port_id`,`ifDescr` FROM `ports` WHERE `device_id` = ?", array($device['device_id'])) as $cache_port) + { $port_ifIndex_table[$cache_port['ifIndex']] = $cache_port; } + +// Build dot1dBasePort > port cache table because people in the '80s were dicks +$dot1dBasePort_table = array(); + +// Build table of existing vlan/mac table +$fdbs_db = array(); +$fdbs_q = dbFetchRows("SELECT * FROM `vlans_fdb` WHERE `device_id` = ?", array($device['device_id'])); +foreach ($fdbs_q as $fdb_db) { $fdbs_db[$fdb_db['vlan_id']][$fdb_db['mac_address']] = $fdb_db; } + +// Fetch data and build array of data for each vlan&mac +if ($device['os_group'] == 'cisco') +{ + // Fetch list of active VLANs + foreach (dbFetchRows('SELECT vlan_vlan FROM `vlans` WHERE (`vlan_status` = \'active\' OR `vlan_status` = \'operational\') AND `device_id` = ?', array($device['device_id'])) as $cisco_vlan) + { + list($ios_version) = explode('(', $device['version']); + // vlan context not worked on Cisco IOS <= 12.1 (SNMPv3) + if ($device['snmpver'] == 'v3' && $device['os'] == "ios" && ($ios_version * 10) <= 121) + { + echo("ERROR: For proper work please use SNMP v2/v1 for this device\n"); + break; + } + + $vlan = $cisco_vlan['vlan_vlan']; + if ($vlan >= 1002 && $vlan <= 1005) { continue; } + $device['snmpcontext'] = $vlan; // Add vlan context for snmp auth + + // Build dot1dBasePort + //dot1dBasePortIfIndex.28 = 10128 + $dot1dBasePortIfIndex = snmpwalk_cache_oid($device, 'dot1dBasePortIfIndex', $port_stats, 'BRIDGE-MIB', mib_dirs()); + // Detection shit snmpv3 authorization errors for contexts + if ($exec_status['status'] != 0) + { + echo("ERROR: For proper work of 'vlan-' context on cisco device with SNMPv3, it is necessary to add 'match prefix' in snmp-server config\n"); + break; + } + foreach ($dot1dBasePortIfIndex as $dot1dbaseport => $data) + { + $dot1dBasePort_table[$dot1dbaseport] = $port_ifIndex_table[$data['dot1dBasePortIfIndex']]; + } + //dot1dTpFdbAddress[0:7:e:6d:55:41] 0:7:e:6d:55:41 + //dot1dTpFdbPort[0:7:e:6d:55:41] 28 + //dot1dTpFdbStatus[0:7:e:6d:55:41] learned + $data = snmp_walk($device, 'dot1dTpFdbEntry', '-OqsX', 'BRIDGE-MIB'); + unset($device['snmpcontext']); + + foreach (explode("\n", $data) as $text) { + list(,$value) = explode(' ', $text); + if (!empty($value)) { + preg_match('/(\w+)\[([a-f0-9:]+)\]/', $text, $oid); + $mac = ''; + foreach (explode(':', $oid[2]) as $m) { $mac .= zeropad($m); } + $fdbs[$vlan][$mac][$oid[1]] = $value; + } + } + } +} else { + // Build dot1dBasePort + foreach (snmpwalk_cache_oid($device, "dot1dBasePortIfIndex", $port_stats, "BRIDGE-MIB") as $dot1dbaseport => $data) + { + $dot1dBasePort_table[$dot1dbaseport] = $port_ifIndex_table[$data['dot1dBasePortIfIndex']]; + } + //dot1qTpFdbPort[1][0:0:5e:0:1:1] 50 + //dot1qTpFdbStatus[1][0:0:5e:0:1:1] learned + $data = snmp_walk($device, 'dot1qTpFdbEntry', '-OqsX', 'Q-BRIDGE-MIB'); + foreach (explode("\n", $data) as $text) { + list($oid, $value) = explode(" ", $text); + preg_match('/(\w+)\[(\d+)\]\[([a-f0-9:]+)\]/', $text, $oid); + if (!empty($value)) { + $vlan = $oid[2]; + $mac = ''; + foreach (explode(':', $oid[3]) as $m) { $mac .= zeropad($m); } + $fdbs[$vlan][$mac][$oid[1]] = $value; + } + } +} + +echo(str_pad("Vlan", 8) . " | " . str_pad("MAC",12) . " | " . "Port (dot1d|ifIndex)" ." | ". str_pad("Status",16) . "\n". +str_pad("", 90, "-")."\n"); + +// Loop vlans +foreach ($fdbs as $vlan => $macs) +{ + // Loop macs + foreach ($macs as $mac => $data) + { + if ($device['os_group'] == 'cisco') + { + $fdb_port = $data['dot1dTpFdbPort']; + $fdb_status = $data['dot1dTpFdbStatus']; + } else { + $fdb_port = $data['dot1qTpFdbPort']; + $fdb_status = $data['dot1qTpFdbStatus']; + } + $port_id = $dot1dBasePort_table[$fdb_port]['port_id']; + $ifIndex = $dot1dBasePort_table[$fdb_port]['ifIndex']; + $port_name = $dot1dBasePort_table[$fdb_port]['ifDescr']; + echo(str_pad($vlan, 8) . " | " . str_pad($mac,12) . " | " . str_pad($port_name."|".$port_id,18) . str_pad("(".$fdb_port."|".$ifIndex.")",19," ",STR_PAD_LEFT) ." | ". str_pad($fdb_status,10)); + + // if entry already exists + if (!is_array($fdbs_db[$vlan][$mac])) + { + dbInsert(array('device_id' => $device['device_id'], 'vlan_id' => $vlan, 'port_id' => $port_id, 'mac_address' => $mac, 'fdb_status' => $fdb_status), 'vlans_fdb'); + echo("+"); + } else { + unset($q_update); + // if port/status are different, build an update array and update the db + if ($fdbs_db[$vlan][$mac]['port_id'] != $port_id) { $q_update['port_id'] = $port_id; } + if ($fdbs_db[$vlan][$mac]['fdb_status'] != $fdb_status) { $q_update['fdb_status'] = $data['fdb_status']; } + if (is_array($q_update)) + { + dbUpdate($q_update, 'vlans_fdb', '`device_id` = ? AND `vlan_id` = ? AND `mac_address` = ?', array($device['device_id'], $vlan, $mac)); + echo("U"); + } else { + } + // remove it from the existing list + unset ($fdbs_db[$vlan][$mac]); + } + echo("\n"); + } +} + +// Loop the existing list and delete anything remaining +foreach ($fdbs_db as $vlan => $fdb_macs) +{ + foreach ($fdb_macs as $mac => $data) + { + echo(str_pad($vlan, 8) . " | " . str_pad($mac,12) . " | " . str_pad($data['port_id'],25) ." | ". str_pad($data['fdb_status'],16)); + echo("-\n"); + dbDelete('vlans_fdb', '`device_id` = ? AND `vlan_id` = ? AND `mac_address` = ?', array($device['device_id'], $vlan, $mac)); + } +} + +?> Index: includes/polling/q-bridge-mib-fdb.inc.php =================================================================== --- includes/polling/q-bridge-mib-fdb.inc.php (revision 4104) +++ includes/polling/q-bridge-mib-fdb.inc.php (working copy) @@ -1,91 +0,0 @@ - port cache table -$port_ifIndex_table = array(); -foreach (dbFetchRows("SELECT `ifIndex`,`port_id`,`ifDescr` FROM `ports` WHERE `device_id` = ?", array($device['device_id'])) as $cache_port) - { $port_ifIndex_table[$cache_port['ifIndex']] = $cache_port; } - -// Build dot1dBasePort > port cache table because people in the '80s were dicks -$dot1dBasePort_table = array(); -foreach (snmpwalk_cache_oid($device, "dot1dBasePortIfIndex", $port_stats, "BRIDGE-MIB") AS $dot1dbaseport => $data) -{ - $dot1dBasePort_table[$dot1dbaseport] = $port_ifIndex_table[$data['dot1dBasePortIfIndex']]; -} - -// Build table of existing vlan/mac table -$fdbs_db = array(); -$fdbs_q = dbFetchRows("SELECT * FROM `vlans_fdb` WHERE `device_id` = ?", array($device['device_id'])); -foreach ($fdbs_q as $fdb_db) { $fdbs_db[$fdb_db['vlan_id']][$fdb_db['mac_address']] = $fdb_db; } - -// Fetch data and build array of data for each vlan&mac -$data = snmp_walk($device, 'dot1qTpFdbEntry', '-OqsX', 'Q-BRIDGE-MIB'); -foreach (explode("\n", $data) as $text) { - list($oid, $value) = explode(" ", $text); - preg_match('/(\w+)\[(\d+)\]\[([a-f0-9:]+)\]/', $text, $oid); - if (!empty($value)) { - list($m_a, $m_b, $m_c, $m_d, $m_e, $m_f) = explode(":", $oid[3]); - $m_a = zeropad($m_a);$m_b = zeropad($m_b);$m_c = zeropad($m_c);$m_d = zeropad($m_d);$m_e = zeropad($m_e);$m_f = zeropad($m_f); - $md_a = hexdec($m_a);$md_b = hexdec($m_b);$md_c = hexdec($m_c);$md_d = hexdec($m_d);$md_e = hexdec($m_e);$md_f = hexdec($m_f); -# $mac['readable'] = $m_a.":".$m_b.":".$m_c.":".$m_d.":".$m_e.":".$m_f; -# $mac['cisco'] = $m_a.$m_b.".".$m_c.$m_d.".".$m_e.$m_f; - $mac = $m_a . $m_b . $m_c . $m_d . $m_e . $m_f; - $fdbs[$oid[2]][$mac][$oid[1]] = $value; - } -} - -echo(str_pad("Vlan", 8) . " | " . str_pad("MAC",12) . " | " . "Port (dot1d|ifIndex)" ." | ". str_pad("Status",16) . "\n". -str_pad("", 90, "-")."\n"); - -// Loop vlans -foreach ($fdbs as $vlan => $macs) -{ - // Loop macs - foreach ($macs as $mac => $data) - { - $dot1qTpFdbPort = $data['dot1qTpFdbPort']; - $port_id = $dot1dBasePort_table[$dot1qTpFdbPort]['port_id']; - $ifIndex = $dot1dBasePort_table[$dot1qTpFdbPort]['ifIndex']; - $port_name = $dot1dBasePort_table[$dot1qTpFdbPort]['ifDescr']; - echo(str_pad($vlan, 8) . " | " . str_pad($mac,12) . " | " . str_pad($port_name."|".$port_id,18) . str_pad("(".$dot1qTpFdbPort."|".$ifIndex.")",19," ",STR_PAD_LEFT) ." | ". str_pad($data['dot1qTpFdbStatus'],10)); - - // if entry already exists - if (!is_array($fdbs_db[$vlan][$mac])) - { - dbInsert(array('device_id' => $device['device_id'], 'vlan_id' => $vlan, 'port_id' => $port_id, 'mac_address' => $mac, 'fdb_status' => $data['dot1qTpFdbStatus']), 'vlans_fdb'); - echo("+"); - } else { - unset($q_update); - // if port/status are different, build an update array and update the db - if ($fdbs_db[$vlan][$mac]['port_id'] != $port_id) { $q_update['port_id'] = $port_id; } - if ($fdbs_db[$vlan][$mac]['fdb_status'] != $data['dot1qTpFdbStatus']) { $q_update['fdb_status'] = $data['fdb_status']; } - if (is_array($q_update)) - { - dbUpdate($q_update, 'vlans_fdb', '`device_id` = ? AND `vlan_id` = ? AND `mac_address` = ?', array($device['device_id'], $vlan, $mac)); - echo("U"); - } else { - } - // remove it from the existing list - unset ($fdbs_db[$vlan][$mac]); - } - echo("\n"); - } -} - -// Loop the existing list and delete anything remaining -foreach ($fdbs_db as $vlan => $fdb_macs) -{ - foreach ($fdb_macs as $mac => $data) - { - echo(str_pad($vlan, 8) . " | " . str_pad($mac,12) . " | " . str_pad($data['port_id'],25) ." | ". str_pad($data['fdb_status'],16)); - echo("-\n"); - dbDelete('vlans_fdb', '`device_id` = ? AND `vlan_id` = ? AND `mac_address` = ?', array($device['device_id'], $vlan, $mac)); - } -} - -?> Index: includes/polling/functions.inc.php =================================================================== --- includes/polling/functions.inc.php (revision 4104) +++ includes/polling/functions.inc.php (working copy) @@ -143,7 +143,7 @@ function poll_device($device, $options) { - global $config, $debug, $device, $polled_devices, $db_stats, $memcache; + global $config, $debug, $device, $polled_devices, $db_stats, $memcache, $exec_status; $old_device_state = unserialize($device['device_state']); Index: includes/rewrites.php =================================================================== --- includes/rewrites.php (revision 4104) +++ includes/rewrites.php (working copy) @@ -1654,6 +1654,16 @@ return ($hardware); } +function rewrite_ftos_vlanid($device, $ifindex) +{ + // damn DELL use them one known indexes + //dot1qVlanStaticName.1107787777 = Vlan 1 + //dot1qVlanStaticName.1107787998 = mgmt + $ftos_vlan = dbFetchCell('SELECT ifName FROM `ports` WHERE `device_id` = ? AND `ifIndex` = ?', array($device['device_id'], $ifindex)); + list(,$vlanid) = explode(' ', $ftos_vlan); + return $vlanid; +} + function fixiftype ($type) { global $rewrite_iftype; Index: includes/snmp.inc.php =================================================================== --- includes/snmp.inc.php (revision 4104) +++ includes/snmp.inc.php (working copy) @@ -348,10 +348,13 @@ { global $debug,$config,$runtime_stats; - if (is_numeric($device['timeout']) && $device['timeout'] > 0) { - $timeout = $device['timeout']; - } elseif (isset($config['snmp']['timeout'])) { - $timeout = $config['snmp']['timeout']; } + if (is_numeric($device['timeout']) && $device['timeout'] > 0) + { + $timeout = $device['timeout']; + } elseif (isset($config['snmp']['timeout'])) + { + $timeout = $config['snmp']['timeout']; + } if (is_numeric($device['retries']) && $device['retries'] > 0) { $retries = $device['retries']; @@ -361,10 +364,12 @@ if (!isset($device['transport'])) { $device['transport'] = "udp"; } - if ($device['snmpver'] == 'v1' || (isset($config['os'][$device['os']]['nobulk']) && $config['os'][$device['os']]['nobulk'])) { + if ($device['snmpver'] == 'v1' || (isset($config['os'][$device['os']]['nobulk']) && $config['os'][$device['os']]['nobulk'])) + { $snmpcommand = $config['snmpwalk']; } else { - $snmpcommand = $config['snmpbulkwalk']; } + $snmpcommand = $config['snmpbulkwalk']; + } $cmd = $snmpcommand." ".snmp_gen_auth($device); @@ -404,9 +409,10 @@ if (is_numeric($device['timeout']) && $device['timeout'] > 0) { - $timeout = $device['timeout']; - } elseif (isset($config['snmp']['timeout'])) { - $timeout = $config['snmp']['timeout']; + $timeout = $device['timeout']; + } elseif (isset($config['snmp']['timeout'])) + { + $timeout = $config['snmp']['timeout']; } if (is_numeric($device['retries']) && $device['retries'] > 0) @@ -473,9 +479,10 @@ if (is_numeric($device['timeout']) && $device['timeout'] > 0) { - $timeout = $device['timeout']; - } elseif (isset($config['snmp']['timeout'])) { - $timeout = $config['snmp']['timeout']; + $timeout = $device['timeout']; + } elseif (isset($config['snmp']['timeout'])) + { + $timeout = $config['snmp']['timeout']; } if (is_numeric($device['retries']) && $device['retries'] > 0) @@ -966,45 +973,53 @@ { global $debug; - $cmd = ""; - - if ($device['snmpver'] === "v3") + $cmd = ''; + $vlan = FALSE; + if (isset($device['snmpcontext'])) { - $cmd = " -v3 -n \"\" -l " . $device['authlevel']; - - if ($device['authlevel'] === "noAuthNoPriv") + if (is_numeric($device['snmpcontext']) && $device['snmpcontext'] > 0 && $device['snmpcontext'] < 4096 ) { - // We have to provide a username anyway (see Net-SNMP doc) - $cmd .= " -u observium"; + $vlan = $device['snmpcontext']; } - elseif ($device['authlevel'] === "authNoPriv") - { - $cmd .= " -a " . $device['authalgo']; - $cmd .= " -A \"" . $device['authpass'] . "\""; - $cmd .= " -u " . $device['authname']; - } - elseif ($device['authlevel'] === "authPriv") - { - $cmd .= " -a " . $device['authalgo']; - $cmd .= " -A \"" . $device['authpass'] . "\""; - $cmd .= " -u " . $device['authname']; - $cmd .= " -x " . $device['cryptoalgo']; - $cmd .= " -X \"" . $device['cryptopass'] . "\""; - } - else - { - if ($debug) { print "DEBUG: " . $device['snmpver'] ." : Unsupported SNMPv3 AuthLevel (wtf have you done ?)\n"; } - } } - elseif ($device['snmpver'] === "v2c" or $device['snmpver'] === "v1") + switch($device['snmpver']) { - $cmd = " -" . $device['snmpver']; - $cmd .= " -c " . $device['community']; + case 'v3': + $cmd = ' -v3 -l ' . $device['authlevel']; + /* NOTE. + * For proper work of 'vlan-' context on cisco, it is necessary to add 'match prefix' in snmp-server config --mike + * example: snmp-server group MONITOR v3 auth match prefix access SNMP-MONITOR + */ + $cmd .= ($vlan) ? ' -n "vlan-' . $vlan . '"' : ' -n ""'; // Some devices, like HP, always require option '-n' + + switch($device['authlevel']) + { + case 'authPriv': + $cmd .= ' -x ' . $device['cryptoalgo']; + $cmd .= ' -X "' . $device['cryptopass'] . '"'; + case 'authNoPriv': + $cmd .= ' -a ' . $device['authalgo']; + $cmd .= ' -A "' . $device['authpass'] . '"'; + $cmd .= ' -u ' . $device['authname']; + break; + case 'noAuthNoPriv': + // We have to provide a username anyway (see Net-SNMP doc) + $cmd .= ' -u observium'; + break; + default: + if ($debug) { print 'DEBUG: ' . $device['authlevel'] . ' : Unsupported SNMPv3 AuthLevel.' . PHP_EOL; } + } + break; + + case 'v2c': + case 'v1': + $cmd = ' -' . $device['snmpver']; + $cmd .= ' -c ' . $device['community']; + if ($vlan) { $cmd .= '@' . $vlan; } + break; + default: + if ($debug) { print 'DEBUG: ' . $device['snmpver'] . ' : Unsupported SNMP Version.' . PHP_EOL; } } - else - { - if ($debug) { print "DEBUG: " . $device['snmpver'] ." : Unsupported SNMP Version (wtf have you done ?)\n"; } - } if ($debug) { print "DEBUG: SNMP Auth options = $cmd\n"; } Index: sql-schema/072.sql =================================================================== --- sql-schema/072.sql (revision 0) +++ sql-schema/072.sql (working copy) @@ -0,0 +1 @@ +ALTER TABLE `vlans` ADD `vlan_status` VARCHAR(16) NOT NULL Index: sql-schema/073.sql =================================================================== --- sql-schema/073.sql (revision 0) +++ sql-schema/073.sql (working copy) @@ -0,0 +1 @@ +UPDATE devices_attribs SET attrib_type='poll_fdb-table' WHERE attrib_type='poll_q-bridge-mib-fdb'