Announcement

Collapse
No announcement yet.

Enable mapping of interface and tunnel name to SNMP ifAlias

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Enable mapping of interface and tunnel name to SNMP ifAlias

    WARNING
    This hack was done as a proof of concept to learn more about net-snmp and how one can extend it. This is the first working version, not production ready and not sanctioned by Untangle as it requires changes via the command line. It has not been tested to survive reboots or upgrades. I am documenting it to demonstrate it is possible and hopefully garner support enough to get it into a future version of the product.


    With that said here is the issue I am trying to solve. I want the “friendly name” that is displayed on the interface configuration page and the tunnel VPN status page to be accessible via SNMP to my network monitoring tools.

    Click image for larger version Name: 1.png Views: 1 Size: 92.8 KB ID: 387082
    Click image for larger version Name: 2.png Views: 1 Size: 41.0 KB ID: 387083

    My network monitoring tool de jour tries to “Always Keep It Purely Simple”. (Look it up via the acronym. The licensed version is great for work and the unlicensed free version is great for homelabs.) It supports the ifDescr, ifName and ifAlias. Untangle only makes ifName (ie eth0, em0, tun200) and ifDescr (ie Intel Corporation Ethernet Connection I354, Intel Corporation I210 Gigabit Network Connection , tun200) available via SNMP. It makes it more difficult for me to remember which one of my physical interfaces was used for guest access and which VPN tunnel I send their traffic out via.

    Click image for larger version Name: 3.png Views: 1 Size: 207.8 KB ID: 387084

    Enough backstory let’s get onto the technical parts. Below are the steps I used to map the data to ifAlias.
    1. Since Untangle still uses Python 2.7 and they don’t include various future proof packages you will need to get the 2.7 compatible snmp-passpersist package file elsewhere. This file makes extending the net-snmp functionality with python a snap. Kinda hard to find by I found it here: https://aur.archlinux.org/packages/p...mp-passpersist Untar it and copy snmp_passpersist.py to /tmp on Untangle. In the future with more modem version of python we could pull this from a current repo.

    2. First review the code below and copy it into a file named ifalias.py in /tmp. Make it executable via “chmod +x ifalias.py” on the Untangle command line.

      Code:
      #!/usr/bin/python -u
# -u is unbuffered and required

from subprocess import check_output
import snmp_passpersist as snmp
import json
import re

# Configure the interface dictionary and ip comamnd regex
interface = {}
regex     = r"^(\d+):\s([\w\d\.]+):"

# Function that runs periodically to update the values
def update():
  # Get the output of "ip link" command to map ifIndex to ifName
  output  = check_output(["/bin/ip", "link"])
  matches = re.finditer(regex, output, re.MULTILINE)

  # Add to dictionary such as eth0 = 1 or tun203 = 2262
  for matchNum, match in enumerate(matches, start=1):
    interface[match.group(2)] = match.group(1)  
  
  # Grab the contents of the network.js file
  with open('/usr/share/untangle/settings/untangle-vm/network.js') as f:
    data = json.load(f)

  # Go through the physical interfaces and add the index number and name into
  # the pass persist object. 4 = "WAN1: Cox Gigablast"
  for item in data["interfaces"]["list"]:
    try:
      pp.add_str(str(interface[str(item["physicalDev"])]), item["name"])
    except: pass

  # Go through the physical interfaces contatidate "tun" with the index number
  # from network.js to get ifName (ie tun203) to then get the actual ifIndex number
  # like 2263 to finally map that to the friendly name
  # into the pass persist object. 263 = "tunnel-WS-Germany"
  for item in data["virtualInterfaces"]["list"]:
    try:
      pp.add_str(str(interface["tun" + str(item["interfaceId"])]), str(item["name"]))
    except: pass

# Configrue pass persis for the ifAlias oid and have it run the update
# This is configured for 5 seconds for testing but would change it
# to 5 minutes (300 seconds) for ongoing as the data should be fairly static
pp=snmp.PassPersist(".1.3.6.1.2.1.31.1.1.1.18")
pp.start(update,5)
    3. Add the following line at the end of /etc/snmp/snmpd.conf that will reference the script anytime the ifAlias OID is requested.
      Code:
      pass_persist .1.3.6.1.2.1.31.1.1.1.18 /tmp/ifalias.py
    4. Restart the snmpd service from the Untangle command line
      Code:
      service snmpd restart
    5. Using your SNMP community string from the Untangle command line check that it works
      Code:
      snmpwalk -c YOURCOMMUNITY -v 2c 127.0.0.1 .1.3.6.1.2.1.31.1.1.1.18
      Click image for larger version Name: 4.png Views: 1 Size: 31.8 KB ID: 387085
    6. Re-walk Untangle from your favorite monitoring tool and notice friendly interfaces names all over

      Click image for larger version Name: 6.png Views: 1 Size: 105.3 KB ID: 387086

      In summary its not very difficult and I hope it finds its way into a future release.
    Tags: akips, ifalias, nms, snmp
  • #2
    [QUOTE=bcording;250371]
    [*]Since Untangle still uses Python 2.7 and they don’t include various future proof packages you will need to get the 2.7 compatible snmp-passpersist package file elsewhere. This file makes extending the net-snmp functionality with python a snap. Kinda hard to find by I found it here: https://aur.archlinux.org/packages/p...mp-passpersist Untar it and copy snmp_passpersist.py to /tmp on Untangle. In the future with more modem version of python we could pull this from a current repo.
    /QUOTE]

    I am not a python user so just wondering. Seems Untangle has python 3 installed.
    Code:
    [root @ homeuntangle] ~ # dpkg -l |grep python3
ii  libpython3-stdlib:amd64                 3.7.3-1                                                        amd64        interactive high-level object-oriented language (default python3 version)
ii  libpython3.7-minimal:amd64              3.7.3-2+deb10u2                                                amd64        Minimal subset of the Python language (version 3.7)
ii  libpython3.7-stdlib:amd64               3.7.3-2+deb10u2                                                amd64        Interactive high-level object-oriented language (standard library, version 3.7)
ii  python3                                 3.7.3-1                                                        amd64        interactive high-level object-oriented language (default python3 version)
ii  python3-atomicwrites                    1.1.5-2                                                        all          Atomic file writes - Python 3.x
ii  python3-attr                            18.2.0-1                                                       all          Attributes without boilerplate (Python 3)
ii  python3-certifi                         2018.8.24-1                                                    all          root certificates for validating SSL certs and verifying TLS hosts (python3)
ii  python3-chardet                         3.0.4-3                                                        all          universal character encoding detector for Python3
ii  python3-idna                            2.6-1                                                          all          Python IDNA2008 (RFC 5891) handling (Python 3)
ii  python3-minimal                         3.7.3-1                                                        amd64        minimal subset of the Python language (default python3 version)
ii  python3-more-itertools                  4.2.0-1                                                        all          library with routines for operating on iterables, beyond itertools (Python 3)
ii  python3-parse                           1.6.6-0.1                                                      all          Parse provides the reverse function for format(), Python3 package
ii  python3-pil:amd64                       5.4.1-2+deb10u2                                                amd64        Python Imaging Library (Python3)
ii  python3-pkg-resources                   40.8.0-1                                                       all          Package Discovery and Resource Access using pkg_resources
ii  python3-pluggy                          0.8.0-1                                                        all          plugin and hook calling mechanisms for Python - 3.x
ii  python3-py                              1.7.0-2                                                        all          Advanced Python development support library (Python 3)
ii  python3-pycurl                          7.43.0.2-0.1                                                   amd64        Python bindings to libcurl (Python 3)
ii  python3-pytest                          3.10.1-2                                                       all          Simple, powerful testing in Python3
ii  python3-requests                        2.21.0-1                                                       all          elegant and simple HTTP library for Python3, built for human beings
ii  python3-ruamel.yaml                     0.15.34-1+b1                                                   amd64        roundtrip YAML parser/emitter (Python 3 module)
ii  python3-six                             1.12.0-1                                                       all          Python 2 and 3 compatibility library (Python 3 interface)
ii  python3-urllib3                         1.24.1-1                                                       all          HTTP library with thread-safe connection pooling for Python3
ii  python3.7                               3.7.3-2+deb10u2                                                amd64        Interactive high-level object-oriented language (version 3.7)
ii  python3.7-minimal                       3.7.3-2+deb10u2                                                amd64        Minimal subset of the Python language (version 3.7)
ii  untangle-python3-runtests               16.2.2.20200915T235622.e8d22deef-1buster                       all          Library for manipulating Untangle system settings (Python 3)
ii  untangle-python3-sync-settings          16.2.2.20201206T004523.d141d1ef5-1buster                       all          Library for manipulating Untangle system settings (Python 3)
[root @ homeuntangle] ~ #
    And there is a debian version of the file. https://packages.debian.org/buster/python-netsnmp Could that be used? Might need dependancies?

    Thanks

    Comment

    • #3
      I'll admit i am more of a Windows user than Linux so i think i got stuck on just looking for "python" and not "python3". I had actually started this using Perl and had it working but it needed various additional packages to work. I was trying to make this as lightweight and portable as possible without installing too much that may get wiped with upgrades or potentially cause problems. With that said, I dont believe you need the full net-snmp python package. This is the python3 version of the package i was using: https://github.com/nagius/snmp_passpersist

      Comment

      Previous template Next
      Working...
      X
      😀
      🥰
      🤢
      😎
      😡
      👍
      👎