Windows core programming code analysis based on Visual C ++ (31) SNMP protocol programming

The predecessor of the Simple Network Management Protocol (SNMP) is the simple gateway monitoring protocol (sgmp), which is used to manage communication lines. Subsequently, sgmp was greatly modified, especially when SMI and MIB compliant with Internet definitions were added: the improved protocol was the famous SNMP. The goal of SNMP is to manage software and hardware platforms produced by many manufacturers on the Internet. Therefore, SNMP is greatly affected by the internet standard network management framework. Now SNMP has been released to the third version, and its functions have been greatly enhanced and improved.
MiB, Management Information Base: Management Information Base, which is a management object database accessed by the Network Management Protocol. It includes variables that SNMP can set through the SNMP Management proxy of network devices. SMI, structure of management information: management information structure, used to define rules for objects accessible through network management protocols.

SMI defines the data type used in MIB and the name or representation of network resources in MIB.

To use SNMP for network management, you need to manage base stations, management agents, Management Information libraries, and network management tools. A management base station is usually an independent device. It is used as a user interface for network management by network administrators. The base station must be equipped with management software. The administrator can use user interfaces and databases that obtain information from the MIB. In order to manage the network, the Administrator should be able to send management commands to the base station.

A management proxy is a network device, such as a host, a bridge, a router, or a hub. These devices must be able to receive information sent from the management base station, their statuses must also be monitored by the management base station. The management proxy can respond to the requests of the base station for corresponding operations, or send information to the base station without a request.

A MiB is a collection of objects. It represents resources and devices that can be managed in the network. Each object is basically a data variable, which represents one aspect of the managed object.

The last aspect is the management protocol, which is SNMP. The basic function of SNMP is to obtain, set, and receive unexpected information sent by the proxy. Obtaining refers to sending a request from the base station. The proxy returns the corresponding data based on the request and sets the value of the management object (that is, the proxy) set by the base station, an unexpected message sent by the receiving proxy means that the proxy can report an unexpected situation to the base station when the base station does not request it.

SNMP is an application layer protocol and is part of the TCP/IP protocol family. It operates through User Datagram Protocol (UDP. In a separate management site, the management process controls the access to the MIB located in the management site center and provides network administrator interfaces. The Administrator Process manages the network through SNMP. SNMP is implemented on UDP, IP, and related special network protocols (such as Ethernet, FDDI, and X.25.
The core of the SNMPv2 standard is the communication protocol-a request/response protocol.

This Protocol provides an intuitive and basic way to exchange management information between managers, agents, and managers.

Each SNMPv2 Message consists of some fields:

If both parties of the sender and receiver adopt the authentication mechanism, it contains Authentication-related information; otherwise, it is null ).

The verification process is as follows: both the sender and the recipient's Party have a secret key for verification and an algorithm for verification.

Before sending a message, the sender fills in the key value in the Digest field in the figure as the prefix of the message. Then, based on the verification algorithm, calculate the packet data in the Digest domain (including the digest domain) of the message, calculate a digest value (Digest), and replace the key with the digest value, enter the digest field in the message. After receiving the message, the receiver first obtains the digest value in the message, stores it in a location, and then uses the sender's key to put it into the digest packet. Compare the two abstract values. If the values are the same, it indicates that the sender is indeed the Party specified in the srcparty domain. If the values are different, the receiver determines that the sender is invalid. The verification mechanism can prevent illegal users from "impersonating" a legitimate party for destruction.

The authinfo domain also contains two timestamps for synchronization between the sender and receiver to prevent packets from being intercepted and resending.

Another major improvement of SNMPv2 is that it can encrypt communication packets to prevent listeners from stealing the packets. In addition to privdst, the rest of the message can be encrypted. The sender and receiver adopt the same encryption algorithm (such as des ). Communication packets can be verified or both without any security protection.

Next we will implement SNMP programming to capture Network Data

# Include <stdio. h> # include <malloc. h> # include <SNMP. h> # include <mgmtapi. h> # pragma comment (Lib, "mgmtapi. lib ") # pragma comment (Lib," snmpapi. lib ") // when using the snmp api, you need the above header file and library file # define get 1 // get to get an information. # Define getnext 2 // getnext, which is interpreted as obtaining the next information. # Define walk 3 // walk, which is interpreted as getting a bunch of information, that is, information about all database subtree/subdirectories # define timeout 6000/* milliseconds */# define retries 3 // some useful oidchar * snmpoid [5] = {". 1.3.6.1.2.1.25.4.2.1.2 ", // Process List ". 1.3.6.1.4.1.77.1.2.25.1.1 ", // system user ". 1.3.6.1.4.1.77.1.4.1.0 ", // domain name ". 1.3.6.1.2.1.25.6.3.1.2 ", // List Installed Software ". 1.3.6.1.2.1.1 "}; // list system information void usage (char * name) {printf ("========================= SNMP tool =========================== \ N "); printf ("======= gxisone @ hotmail. Com 2004/8/10 ===\ N "); printf (" \ nusage: % s [remoteip] [sysprocess | sysuser | domainname | sysinf | SOFTWARE] \ n ", name ); printf ("exameple: % s 192.168.1.1 sysuser \ n", name);} int main (INT argc, char * argv []) {int operation; lpstr agent; lpstr community; rfc1157varbindlist variablebindings; lpsnmp_mgr_session session; int timeout = timeout; int retries = retries; int I; byte requesttype; asninteger errorstatus; Asninteger errorindex; char * chkptr = NULL; Operation = walk; // This program uses walk to obtain information if (argc! = 3) {usage (argv [0]); Return 0;} else {asnobjectidentifier reqobject; // obtain the IP address agent = (lpstr) snmp_malloc (strlen (* argv) + 1); strcpy (agent, argv [1]); Community = "public"; // set the query password variablebindings. list = NULL; variablebindings. len = 0; // set oidif (! Strcmp (argv [2], "sysprocess") I = 0; else if (! Strcmp (argv [2], "sysuser") I = 1; else if (! Strcmp (argv [2], "domainname") I = 2; else if (! Strcmp (argv [2], "software") I = 3; else if (! Strcmp (argv [2], "sysinf") I = 4; else {usage (argv [0]); Return 0;} printf ("% s \ n ", snmpoid [I]); // converts a string to a standard OID if (! Snmpmgrstrtooid (snmpoid [I], & reqobject) {printf ("error: Invalid OID, % s, specified. \ n ", * argv); return 1;} else {variablebindings. len ++; If (variablebindings. list = (rfc1157varbind *) snmp_realloc (variablebindings. list, sizeof (rfc1157varbind) * variablebindings. len) = NULL) {printf ("error: error allocating OID, % S. \ n ", * argv); return 1;} variablebindings. list [variablebindings. len-1]. name = Reqobject; variablebindings. list [variablebindings. len-1]. value. asntype = asn_null;} // make sure only one variable binding was specified if operation // is walk. if (Operation = walk & variablebindings. len! = 1) {printf ("error: Multiple oids specified for walk. \ n "); return 1;} // establish a SNMP session to communicate with the remote Agent. the // community, communications timeout, and communications retry count // For the session are also required. if (session = snmpmgropen (agent, community, timeout, retries) = NULL) {printf ("error on snmpmgropen % d \ n", getlasterror ()); return 1 ;}// end if {Asnobjectidentifier root; asnobjectidentifier tempoid; snmputiloidcpy (& root, & variablebindings. list [0]. Name); requesttype = response; For (;) {If (! Snmpmgrrequest (Session, requesttype, & variablebindings, & errorstatus, & errorindex) {printf ("error on snmpmgrrequest % d \ n", getlasterror (); break ;} else {If (errorstatus = snmp_errorstatus_nosuchname | snmputiloidncmp (& variablebindings. list [0]. name, & root, root. idlength) {printf ("End of MIB subtree. \ n "); break;} If (errorstatus> 0) {printf (" error: errorstatus = % d, errorindex = % d \ n ", err Orstatus, errorindex); break;} else {// print the query result char * string = NULL; snmpmgroidtostr (& variablebindings. list [0]. name, & string); printf ("variable = % s \ n", string); If (string) snmp_free (string); printf ("value = "); snmputilprintasnany (& variablebindings. list [0]. value); printf ("\ n") ;}// end if () // prepare snmputiloidcpy (& tempoid, & variablebindings. list [0]. name); snmputilvarbindfree (& variablebindi Ngs. list [0]); snmputiloidcpy (& variablebindings. list [0]. name, & tempoid); variablebindings. list [0]. value. asntype = asn_null; snmputiloidfree (& tempoid);} // end while () // release the resource snmputilvarbindlistfree (& variablebindings); snmputiloidfree (& root );} // close the SNMP session if (! Snmpmgrclose (Session) // clear and exit {printf ("error on snmpmgrclose % d \ n", getlasterror (); return 1;} return 0 ;}