This article presents a simple example of an SNMPv3 Set request using the SNMP4J library. SNMP is used in managing and monitoring network devices. It is an Internet standard protocol for managing devices on IP networks.
1. Tools and Prerequisites
2. Create the Project
You may skip this process because this is a fairly small example which can be made using a text editor. We’ll just do a quick Java project creation through Eclipse. Click on File -> New -> Java Project to create the project. Then create the com.javacodegeeks.example package. Next, create an empty SnmpV3Set class. We’re not done yet. We have to add the SNMP4J library. Right-click on the project and go to Build Path -> Configure Build Path, then Libraries Tab -> Add External Jars… and add snmp4j-2.5.6.jar (latest version as of this writing).
3. Java Code and Code Walkthrough
SnmpV3Set.java
package com.javacodegeeks.example;
import org.snmp4j.PDU;
import org.snmp4j.ScopedPDU;
import org.snmp4j.Snmp;
import org.snmp4j.TransportMapping;
import org.snmp4j.UserTarget;
import org.snmp4j.event.ResponseEvent;
import org.snmp4j.mp.MPv3;
import org.snmp4j.mp.SnmpConstants;
import org.snmp4j.security.AuthMD5;
import org.snmp4j.security.PrivDES;
import org.snmp4j.security.SecurityLevel;
import org.snmp4j.security.SecurityModels;
import org.snmp4j.security.SecurityProtocols;
import org.snmp4j.security.TSM;
import org.snmp4j.security.USM;
import org.snmp4j.security.UsmUser;
import org.snmp4j.smi.Address;
import org.snmp4j.smi.GenericAddress;
import org.snmp4j.smi.Integer32;
import org.snmp4j.smi.OID;
import org.snmp4j.smi.OctetString;
import org.snmp4j.smi.VariableBinding;
import org.snmp4j.transport.DefaultUdpTransportMapping;
public class SnmpV3Set {
public static void main(String[] args) throws Exception {
TransportMapping<? extends Address> transport = new DefaultUdpTransportMapping();
Snmp snmp = new Snmp(transport);
OctetString localEngineId = new OctetString(MPv3.createLocalEngineID());
USM usm = new USM(SecurityProtocols.getInstance(), localEngineId, 0);
SecurityModels.getInstance().addSecurityModel(usm);
OctetString securityName = new OctetString("your-security-name");
OID authProtocol = AuthMD5.ID;
OID privProtocol = PrivDES.ID;
OctetString authPassphrase = new OctetString("your-auth-passphrase");
OctetString privPassphrase = new OctetString("your-priv-passphrase");
snmp.getUSM().addUser(securityName, new UsmUser(securityName, authProtocol, authPassphrase, privProtocol, privPassphrase));
SecurityModels.getInstance().addSecurityModel(new TSM(localEngineId, false));
UserTarget target = new UserTarget();
target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
target.setSecurityName(securityName);
target.setAddress(GenericAddress.parse(String.format("udp:%s/%s", "your-target-ip", "your-port-number")));
target.setVersion(SnmpConstants.version3);
target.setRetries(2);
target.setTimeout(60000);
transport.listen();
PDU pdu = new ScopedPDU();
pdu.add(new VariableBinding(new OID("your-oid"), new OctetString("Hello world!")));
pdu.setType(PDU.SET);
ResponseEvent event = snmp.send(pdu, target);
if (event != null) {
pdu = event.getResponse();
if (pdu.getErrorStatus() == PDU.noError) {
System.out.println("SNMPv3 SET Successful!");
} else {
System.out.println("SNMPv3 SET Unsuccessful.");
}
} else {
System.out.println("SNMP send unsuccessful.");
}
}
}
If you’re familiar with the earlier versions of SNMP (e.g., v2c, 1) then with a quick look through the code, you will notice that we are not using any write community.
In order to do the SNMPv3 Set operation, we need to instantiate the USM class which implements the User Based Security Model as defined in RFC 3414. Our Security Model uses the Message Processing model for SNMPv3 (lines 33 & 34).
Depending on your SNMP agent configuration, you will need to provide a security name, authentication and privacy protocols, authentication and privacy pass phrases. Our agent is configured to use the security name your-security-name. It uses the MD5 hash function for its authentication protocol and DES encryption for its privacy protocol. The password for the authentication protocol is your-auth-passphrase. The password for the privacy protocol is your-priv-passphrase.
These are the available authentication protocols:
- AuthMD5
- AuthSHA
- AuthHMAC192SHA256
- AuthHMAC384SHA512
These are the available privacy protocols:
- PrivDES
- PrivAES128
- PrivAES128
- PrivAES192
- PrivAES256
- Priv3DES
- Priv3DES
Our user information and Transport Security Model is then added to the Security Model (lines 43 & 44). The TSM (Transport Security Model) implements a SecurityModel which uses transport security mechanisms as defined in RFC 5591.
Instead of using the CommunityTarget class, we are using the UserTarget class. Since we are using both authentication and privacy protocols, our security level is set to SecurityLevel.AUTH_PRIV (line 47). The security level can also be set to SecurityLevel.AUTH_NOPRIV if there is no privacy protocol and SecurityLevel.NOAUTH_NOPRIV if both protocols are not used.
The target object contains the target IP and port number, SNMP version used, security name, number of retries, and the timeout.
We set the transport to listen so that we will be able to receive the response.
We use the ScopedPDU class for SNMPv3 instead of PDU (line 57). Next, we add our variable bindings data. The variable bindings contain the target object identifier (OID) and the value to set it with. Just change the your-oid to your desired OID and its corresponding value. We make sure that the protocol data unit type is PDU.SET to make it an SNMP Set operation.
Finally, we send the PDU to its target. If all is well, we should see an “SNMPv3 SET Successful!” output in the console.
Just replace the your-xxxx with your configuration to run the program.
4. Summary
In this example, we learned how to change an SNMP agent’s data by sending an SNMPv3 set command. The notable key differences of the SNMPv3 set command with the older versions are the user security model, the use of user target instead of community target, the use of authentication and privacy protocols, and using ScopedPDU instead of PDU.
5. Download the Source Code
This is an example of an SNMPv3 Set Request using SNMP4J.
You can download the source code of this example here: snmpv3-set-example-snmp4j.zip.
I’m not finding the class TSM in the org.snmp4j.security package. I do find USM.
Hey Jeff,
Perhaps you have the wrong snmp4j version. https://www.snmp4j.org/doc/org/snmp4j/security/TSM.html
Cheers,
sir please write one agent program in java GET or GETBULK ?
sir please write one agent program Snmp v3 in java GET or GETBULK ?
Hello Sir this is my java snmp code issue is my server send the request for agent and server accept the request but agent not respond the server sir please help.how to respond the agent for server. Java Snmp GetBulk Agent version 3 program. public class JavaExample implements CommandResponder { public static final OID sysDescr = new OID(“1.3.6.1.2.1.1.1.0”); private Snmp snmp; String SHADESAuthPassword; OctetString contextEngineID; OctetString contextName; public JavaExample() throws IOException { MessageDispatcher dispatcher = new MessageDispatcherImpl(); dispatcher.addMessageProcessingModel(new MPv3()); snmp = new Snmp(dispatcher, new DefaultUdpTransportMapping(new UdpAddress(“127.0.0.1/162”), true)); snmp.addCommandResponder(this); OctetString localEngineId = new OctetString(MPv3.createLocalEngineID()); USM usm = new USM(SecurityProtocols.getInstance(), localEngineId, 0);… Read more »
hii joel please explain me CommandResponderEvent. and how it’s work in snmp version 3 java.
The
CommandResponderEventis fired by theMessageDispatcherto listeners that potentially can process the included request, report, or trap/notification. – Javadocs. This object is passed to the method that process the PDU.