关于Snmp4j包,最重要三个概念,也是三个类:Snmp、Target、PDU。
Target,表示被管理的设备。对于一个被管理的设备,我们关注它的Address,它使用的协议版本version,访问它的用户名和密码、以及对这个设备我们设置跟它打交道的一些策略,比如超时时间、重传次数等。所以有如下方法:
1)获取或者设置ip地址
void setAddress(Address address)
Address getAddress()
2)设置或者获取版本号(支持V1,V2c,V3)
void setVersion(int ver)
int getVersion()
3)超时时间 ( 单位:milliseconds )
void setTimeout(long out)
long getTimeout()
4)重传次数
void setRetries(int retries)
int getRetries()
5)最大PDU大小值
void setMaxSizeRequestPDU(int max)
int getMaxSizeRequestPDU()
上面这些对于Snmp三个版本都是相同的,不同的只是在于安全方面,具体来说,Snmpv1,v2c采用共同体(community)方式,安全性很差;SnmpV3采用基于用户的安全(USM)方式,安全性能得到很大提高。
(1) 对于Snmpv1,v2c,使用Target派生出一个子类CommunityTarget,增加了对Community的方法:
void setCommunity(OctetString community)
OctetString getCommunity()
(2)对于SnmpV3,使用其子类UserTarget,增加了一些有关USM安全方面的设置,比如采用的安全模型、安全级别、访问该设备的用户名以及权威引擎ID(authoritative engine ID):
i)安全级别(支持三种安全级别)
void setSecurityLevel(int level)
int getSecurityLevel()
ii)访问用户名(该访问用户名称必须在设置USM的时候添加其相应的UsmUser)
void setSecurityName(OctetString name)
OctetString getSecurityName()
iii)安全模型(支持三种安全模型)
void setSecurityModel(int model)
int getSecurityModel()
V)权威引擎ID(authoritative engine ID)
void setAuthoritativeEngineID(byte[] id)
byte[] getAuthoritativeEngineID()
对于Target的代码大致如下:(摘自Snmp4j的说明文档)
//Community Target
CommunityTarget target = new CommunityTarget();
target.setCommunity(new OctetString("public"));
target.setAddress(targetAddress);
target.setVersion(SnmpConstants.version1);
//User Target
UserTarget target = new UserTarget();
target.setAddress(targetAddress);
target.setRetries(1);
// set timeout to 500 milliseconds -> 2*500ms = 1s total timeout
target.setTimeout(500);
target.setVersion(SnmpConstants.version3);
target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
target.setSecurityName(new OctetString("MD5DES"));
PDU(协议数据单元),用来表示管理站跟代理站点进行通信的数据。包括PDU的类型、传输的数据集合、错误说明等。
除Snmpv1 Trap外,其他操作类型的PDU大致相同。
Snmp4j针对Snmp的各个版本,开发了三个有关PDU的类。PDU(针对Snmpv2c)、PDUv1(针对Snmpv1)、ScopedPDU(针对Snmpv3),但三个类除各自特别的一些参数外,都基本相同。所以Snmp4j在设计的时候,将PDU设计成另外两个的超类,使他们能够共享大部分功能。
(1)PDU
1)pdu类型(Snmpv1支持5种,get、set、getnext、trap、getresponse,Snmpv2c增加了getbulk、inform)
int getType()
void setType(int type)
2)错误(主要有6种错误,请参见RFC)
void setErrorStatus(int status)
int getErrorStatus()
String getErrorStatusText()
void setErrorIndex(int index)
int getErrorindex()
3)变量
void add(VariableBinding vb) // 对于除get、getnext、getbulk外
void addAll(VariableBinding[] vbs) // 对于除get、getnext、getbulk外的
void addOID(VariableBinding vb) // 对于get、getnext、getbulk
void addAllOID(VariableBinding[] vbs) // 对于get、getnext、getbulk
VariableBinding get(int i)
VariableBinding[] toArray()
Vector getVariableBindings()
void set(int i,VariableBinding vb)
void remove(int i)
void clear()
int size()
(2)PDUv1
PDUv1继承了PDU,除Snmp v1 trap操作外 ,其它都跟PDU相同。因为Snmp v1的Trap设计PDU不同于其他操作的PDU,它包括:对象标识符(OID)、代理ip地址(agent-addr)、时间戳(time-stamp)、通用代理类型(generic-trap)、特定代理类型(specific-trap)。所以相应的增加了对这些字段的get/set操作。具体参见API文档。
(3)ScopedPDU
SnmpV3采用了不同安全策略,它的PDU也增加了有关安全方面的几个字段:上下文名称(ContextName)、上下文引擎ID(contextEngineID)等,其它PDU字段属于USM来管理。
所以ScopedPDU在PDU的基础上增加了相应的get/set操作。参见API。
示例代码如下:(摘自API文档)
SNMPv1/v2c GETNEXT PDU
import org.snmp4j.PDU;
import org.snmp4j.smi.*;
...
PDU pdu = new PDU();
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.1.1"))); // sysDescr
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.1"))); // ifNumber
pdu.setType(PDU.GETNEXT);
...SNMPv3 GETBULK PDU
import org.snmp4j.ScopedPDU;
import org.snmp4j.smi.*;
...
ScopedPDU pdu = new ScopedPDU();
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.1"))); // ifNumber
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.10"))); // ifInOctets
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.16"))); // ifOutOctets
pdu.setType(PDU.GETBULK);
pdu.setMaxRepetitions(50);
// Get ifNumber only once
pdu.setNonRepeaters(1);
// set context non-default context (default context does not need to be set)
pdu.setContextName(new OctetString("subSystemContextA"));
// set non-default context engine ID (to use targets authoritative engine ID
// use an empty (size == 0) octet string)
pdu.setContextEngineID(OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"));
...SNMPv1 TRAP PDU
import org.snmp4j.PDUv1;
...
PDUv1 pdu = new PDUv1();
pdu.setType(PDU.V1TRAP);
pdu.setGenericTrap(PDUv1.COLDSTART);
...SNMPv2c/SNMPv3 INFORM PDU
import org.snmp4j.ScopedPDU;
...
ScopedPDU pdu = new ScopedPDU();
pdu.setType(PDU.INFORM);
// sysUpTime
long sysUpTime = (System.currentTimeMillis() - startTime) / 10;
pdu.add(new VariableBinding(SnmpConstants.sysUpTime, new TimeTicks(sysUpTime)));
pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID, SnmpConstants.linkDown));
// payload
pdu.add(new VariableBinding(new OID("1.3.6.1.2.1.2.2.1.1"+downIndex),
new Integer32(downIndex)));
...
snmp类是SNMP4J的核心,它提供了发送和接收SNMP PDUs的方法,所有的SNMP PDU 类型都可以采用同步或者异步的方式被发送。
Snmp采用独立的传输协议,通过TransportMapping 接口调用addTransportMapping(TransportMapping transportMapping) 方法或者采用默认的构造函数来实现传输映射,以此来实现信息的传输。
下面的代码片段是采用UDP传输方式来实现一个SNMPv3的SNMP session :
Java代码
Address targetAddress = GenericAddress.parse("udp:127.0.0.1/161");
TransportMapping transport = new DefaultUdpTransportMapping();
snmp = new Snmp(transport);
USM usm = new USM(SecurityProtocols.getInstance(),
new OctetString(MPv3.createLocalEngineID()), 0);
SecurityModels.getInstance().addSecurityModel(usm);
transport.listen();
Address targetAddress = GenericAddress.parse("udp:127.0.0.1/161");
TransportMapping transport = new DefaultUdpTransportMapping();
snmp = new Snmp(transport);
USM usm = new USM(SecurityProtocols.getInstance(),
new OctetString(MPv3.createLocalEngineID()), 0);
SecurityModels.getInstance().addSecurityModel(usm);
transport.listen();
如何实现SNMPv3信息的同步发送,下面举例说明:
Java代码
// add user to the USM
snmp.getUSM().addUser(new OctetString("MD5DES"),
new UsmUser(new OctetString("MD5DES"),
AuthMD5.ID,
new OctetString("MD5DESUserAuthPassword"),
PrivDES.ID,
new OctetString("MD5DESUserPrivPassword")));
// create the target
UserTarget target = new UserTarget();
target.setAddress(targetAddress);
target.setRetries(1);
target.setTimeout(5000);
target.setVersion(SnmpConstants.version3);
target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
target.setSecurityName(new OctetString("MD5DES"));
// create the PDU
PDU pdu = new ScopedPDU();
pdu.add(new VariableBinding(new OID("1.3.6")));
pdu.setType(PDU.GETNEXT);
// send the PDU
ResponseEvent response = snmp.send(pdu, target);
// extract the response PDU (could be null if timed out)
PDU responsePDU = response.getResponse();
// extract the address used by the agent to send the response:
Address peerAddress = response.getPeerAddress();
An asynchronous SNMPv1 request is sent by the following code:
// setting up target
CommunityTarget target = new CommunityTarget();
target.setCommunity(new OctetString("public"));
target.setAddress(targetAddress);
target.setRetries(2);
target.setTimeout(1500);
target.setVersion(SnmpConstants.version1);
// creating PDU
PDU pdu = new PDU();
pdu.add(new VariableBinding(new OID(new int[] {1,3,6,1,2,1,1,1})));
pdu.add(new VariableBinding(new OID(new int[] {1,3,6,1,2,1,1,2})));
pdu.setType(PDU.GETNEXT);
// sending request
ResponseListener listener = new ResponseListener() {
public void onResponse(ResponseEvent event) {
// Always cancel async request when response has been received
// otherwise a memory leak is created! Not canceling a request
// immediately can be useful when sending a request to a broadcast
// address.
((Snmp)event.getSource()).cancel(event.getRequest(), this);
System.out.println("Received response PDU is: "+event.getResponse());
}
};
snmp.sendPDU(pdu, target, null, listener);
//Traps (notifications) and other SNMP PDUs can be received by adding the folling code to the first code snippet above:
CommandResponder trapPrinter = new CommandResponder() {
public synchronized void processPdu(CommandResponderEvent e) {
PDU command = e.getPDU();
if (command != null) {
System.out.println(command.toString());
}
}
};
snmp.addCommandResponder(trapPrinter);
Version:
1.8
Author:
Frank Fock
translate:avery_leo
// add user to the USM
snmp.getUSM().addUser(new OctetString("MD5DES"),
new UsmUser(new OctetString("MD5DES"),
AuthMD5.ID,
new OctetString("MD5DESUserAuthPassword"),
PrivDES.ID,
new OctetString("MD5DESUserPrivPassword")));
// create the target
UserTarget target = new UserTarget();
target.setAddress(targetAddress);
target.setRetries(1);
target.setTimeout(5000);
target.setVersion(SnmpConstants.version3);
target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
target.setSecurityName(new OctetString("MD5DES"));
// create the PDU
PDU pdu = new ScopedPDU();
pdu.add(new VariableBinding(new OID("1.3.6")));
pdu.setType(PDU.GETNEXT);
// send the PDU
ResponseEvent response = snmp.send(pdu, target);
// extract the response PDU (could be null if timed out)
PDU responsePDU = response.getResponse();
// extract the address used by the agent to send the response:
Address peerAddress = response.getPeerAddress();
An asynchronous SNMPv1 request is sent by the following code:
// setting up target
CommunityTarget target = new CommunityTarget();
target.setCommunity(new OctetString("public"));
target.setAddress(targetAddress);
target.setRetries(2);
target.setTimeout(1500);
target.setVersion(SnmpConstants.version1);
// creating PDU
PDU pdu = new PDU();
pdu.add(new VariableBinding(new OID(new int[] {1,3,6,1,2,1,1,1})));
pdu.add(new VariableBinding(new OID(new int[] {1,3,6,1,2,1,1,2})));
pdu.setType(PDU.GETNEXT);
// sending request
ResponseListener listener = new ResponseListener() {
public void onResponse(ResponseEvent event) {
// Always cancel async request when response has been received
// otherwise a memory leak is created! Not canceling a request
// immediately can be useful when sending a request to a broadcast
// address.
((Snmp)event.getSource()).cancel(event.getRequest(), this);
System.out.println("Received response PDU is: "+event.getResponse());
}
};
snmp.sendPDU(pdu, target, null, listener);
//Traps (notifications) and other SNMP PDUs can be received by adding the folling code to the first code snippet above:
CommandResponder trapPrinter = new CommandResponder() {
public synchronized void processPdu(CommandResponderEvent e) {
PDU command = e.getPDU();
if (command != null) {
System.out.println(command.toString());
}
}
};
snmp.addCommandResponder(trapPrinter);
Version:
1.8
Author:
Frank Fock
translate:avery_leo
Snmp类提供了一套有关Snmp的功能接口。具体来讲,就是发送、接受、创建Snmp消息。
一个Snmp对象是一个Session,而在Snmp4j中,一个Session可以同多个远程设备通信。
(1) Snmp、Target、PDU三者的关系
Target代表远程设备或者远程实体、PDU代表管理端同Target通信的数据,Snmp就代表管理者管理功能(其实就是数据的收发)的具体执行者。
打个比方:Target就是你远方的恋人,PDU就是你们之间传递的情书、而Snmp就是负责帮你寄信收信的邮差。
(2)Snmp收发数据的两种方式
Snmp可以同步、也可异步收发数据。详细见代码示例说明。
(3)Snmp与传输层协议
Snmp可以定制传输层协议,一般选择udp,也可以选择tcp。详细见代码示例说明。
(4)Snmp与Usm
创建Snmp用来发送Snmpv3版本的消息时候,一般还要创建USM,将它添加至安全模型管理器(SecriryModels)中,同时还需要向Usm中添加相应的USM用户(UsmUser)。详细见代码示例说明。
代码示例:(摘自Snmp4j的API文档)
(1)创建Snmp
1)使用UDP传输协议
TransportMapping transport = new DefaultUdpTransportMapping();
snmp = new Snmp(transport); 2)使用TCP传输协议
TransportMapping transport = new DefaultTcpTransportMapping();
snmp = new Snmp(transport); 3)创建用于Snmpv3的Snmp
// 创建Snmp
TransportMapping transport =
new DefaultUdpTransportMapping();
Snmp snmp = new Snmp(transport);
if (version == SnmpConstants.version3) {
byte[] localEngineID =
((MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3)).createLocalEngineID();
// 创建USM
USM usm = new USM(SecurityProtocols.getInstance(),
new OctetString(localEngineID), 0);
// 将USM添加至安全模式管理器中
// 安全模型管理器采用了单例模式,它内部可以维护为3个安全模型,分别对应Snmp三个版本
SecurityModels.getInstance().addSecurityModel(usm);
snmp.setLocalEngine(localEngineID, 0, 0);
// 添加用户
snmp.getUSM().addUser(securityName,new UsmUser(securityName,authProtocol,
authPassphrase,privProtocol,privPassphrase));
}
(2)同步收发消息
import org.snmp4j.*;
...
Snmp snmp = new Snmp(new DefaultUdpTransportMapping());
...
ResponseEvent response = snmp.send(requestPDU, target);
if (response.getResponse() == null) {
// request timed out
...
}else {
System.out.println("Received response from: "+
response.getPeerAddress());
// dump response PDU
System.out.println(response.getResponse().toString());
}
(3)异步收发消息
import org.snmp4j.*;
import org.snmp4j.event.*;
...
Snmp snmp = new Snmp(new DefaultUdpTransportMapping());
...
// 增加监听器
ResponseListener listener = new ResponseListener() {
public void onResponse(ResponseEvent event) {
PDU response = event.getResponse();
PDU request = event.getRequest();
if (response == null) {
System.out.println("Request "+request+" timed out");
} else {
System.out.println("Received response "+response+" on request "+
request);
}
};
snmp.sendPDU(request, target, null, listener);
...(4)实现trap
实现trap需要三步:
1)创建Snmp;
2)对于listen()使处于网络监听(实际上是同于网络编程中的Socket监听);
3)实现CommandResponder接口的监听器,并且调用Snmp.addCommandResponder(CommandResponder)注册监听器。
import org.snmp4j.*;
import org.snmp4j.smi.*;
import org.snmp4j.mp.SnmpConstants;
...
TransportMapping transport =
new DefaultUdpTransportMapping(new UdpAddress("0.0.0.0/161"));
Snmp snmp = new Snmp(transport);
if (version == SnmpConstants.version3) {
byte[] localEngineID =
((MPv3)snmp.getMessageProcessingModel(MessageProcessingModel.MPv3)).createLocalEngineID();
USM usm = new USM(SecurityProtocols.getInstance(),
new OctetString(localEngineID), 0);
SecurityModels.getInstance().addSecurityModel(usm);
snmp.setLocalEngine(localEngineID, 0, 0);
// Add the configured user to the USM
...
}
// 注册命令响应监听器
snmp.addCommandResponder(this);
transport.listen();
...
// 实现CommandResponder接口
public synchronized void processPdu(CommandResponderEvent e) {
PDU command = e.getPdu();
if (command != null) {
...
}
}
总结
Snmp内含了一个消息分发器,消息分发器中内含了处理网络的线程,在使用完后最好调用close(),将其资源回归处理。
掌握了上面所说的三个概念,基本上可以使用Snmp4j编写Snmp的程序了。
有关Snmp4j编程最好也最详细的资料:API文档和源代码。关于使用Snmp4j编写Snmp程序的例子,多线程的例子可以参看源代码中:org.snmp4j.test包下的MultiThreadedTrapReceiver.java,完整的例子可以参看 org.snmp4j.tools.console包下的SnmpRequest(一个命令行的Snmp管理器)。
不过,要想快速和深入掌握Snmp编程,最好的办法一定是先弄懂Snmp协议,这方面的资料最权威的就是RFC协议了。