Quote snmp v2c community #2927

merged 1 commit into from Feb 5, 2016


None yet

3 participants

  • Quote the SNMP v2c community, v3 is already quoted.
  • Change the snmpver to double quotes for consistency.

Fixes #2448

@adaniels21487 adaniels21487 - Quote the SNMP v2c community, v3 is already quoted.
- Change the snmpver to double quotes for consistency.
@laf laf merged commit 3f8ecc5 into librenms:master Feb 5, 2016

1 of 2 checks passed

Auto-Deploy Triggered
Scrutinizer No new issues
snis commented on 4ff9248 Feb 6, 2016

This commit made many of my Procurve switches to go down...

Log from switch.
00236 snmp: ST3-CMDR: Security access violation from [librenms] for the community name or user name : xxxxxxx (11 times in 60 seconds)


Hi @snis,
When you say many, does that mean you have some Procurves that arent affected by this?

When I saw your message, I suspected that net-snmp may send the quotes and leave it to the device to strip them, so I did some packet captures and this does not appear to be the case.

When I run the following commands:
/usr/bin/snmpget -v2c -c public -OQnUs udp: . iso. = 3:5:44:07.80 /usr/bin/snmpget -v2c -c 'public' -OQnUs udp: . iso. = 3:5:44:14.47

I see the following tcpdump:
tcpdump -vv -A -T snmp host 06:39:37.492414 IP (tos 0x0, ttl 64, id 40401, offset 0, flags [DF], proto UDP (17), length 71) dev.laptop.43168 > { SNMPv2c { GetRequest(28) R=1174375295 system.sysUpTime.0 } } E..G..@.@..k.............3..0).....public....E.........0.0...+......... 06:39:44.162178 IP (tos 0x0, ttl 64, id 42054, offset 0, flags [DF], proto UDP (17), length 71) dev.laptop.33442 > { SNMPv2c { GetRequest(28) R=1972552625 system.sysUpTime.0 } } E..G.F@.@................3..0).....public....u.........0.0...+.........

These requests, quoted and unquoted, both look the same in wireshark.

Are you able to perform a similar test to confirm if your net-snmp is changing what is sent on the wire for quoted and unquoted?


snis commented Feb 7, 2016

@adaniels21487 as usual I acted fast and reverted this commit localy after having recieved more than 1600 alerts on devices down. The change only affected Procurve (HP 2920 and 5300), not other devices, ie Extreme, Aruba, Fortigate or HP Comware. I think i was all of the Procurve switches.

...oooh facepalm

Now when I was about to do some packet captures I went to LibreNMS to copy the SNMP community name, guess what I discovered: A space character in front of the community " xxxxx".

The flaws of copy / paste


Awesome, glad its resolved.

@adaniels21487 adaniels21487 deleted the adaniels21487:issue-2448 branch Feb 8, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment