[Bug 227502] Unable to add pfsense as monitored target in ntopng

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Apr 14 21:38:19 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227502

Eugene Grosbein <eugen at freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|New                         |Open
           Assignee|ports-bugs at FreeBSD.org      |harti at FreeBSD.org
                 CC|                            |eugen at freebsd.org,
                   |                            |net at FreeBSD.org

--- Comment #1 from Eugene Grosbein <eugen at freebsd.org> ---
I've reproduced the problem building and running third-party/snmp/test.c from
net/ntopng source tree. I run bsnmpd in debug mode:

/usr/sbin/bsnmpd -p /var/run/snmpd.pid -d -D dump,trace=0x30000000

Incoming SNMPv1 GetRequest as captured and decoded by tcpdump:

04:15:32.993260 IP (tos 0x0, ttl 62, id 21558, offset 0, flags [none], proto
UDP (17), length 81)
    X.X.X.X.46351 > X.X.X.X.Y: [udp sum ok]  { SNMPv1 C="xxxxxxx" {
GetRequest(34) R=1  .1.3.6.1.2.1.1.5.0 } }

bsnmpd fails to parse it producing errors:

snmpd[45132]: ASN.1: non-minimal integer at 00 00 00 00 04 07 72 65 77 6f 72 74
68 a0 22 02 04 00 00 00 01 02 04 00 00 00 00 02 04 00 00 00 00 30 0e 30 0c 06
08 2b 06 01 02 01 01 05 00 05 00
snmpd[45132]: SNMP: cannot decode version

ntopng uses bundled copy of library https://github.com/ejrh/snmp to encode SNMP
data into packets and this library seems to produce incorrect DER/ASN.1 packets
always encoding integers with 4 bytes per value. The library itself is pretty
old, it was not updated for 6 years.

snmpwalk, on the other hand, produces correct requests and bsnmpd answers just
fine.

It seems, net-snmpd tolerates such standard violation but bsnmpd does not.
Please note that other modern software tend to stick to strict validation too. 
For example, golang's library encoding/asn1 rejects such invalid "non-minimal
integer encodings" since version 1.7: https://golang.org/doc/go1.7

-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the freebsd-net mailing list