1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[HOWTO] SNMPd on Tomato

Discussion in 'Tomato Firmware' started by bokh, Jan 20, 2007.

  1. bokh

    bokh Network Guru Member

    Last MAJOR update: Sat. August 9th 2008

    Here's what I've done to get the Simple Network Management Protocol-daemon (SNMPd called from now on) working on my Tomato. This will provide remote monitoring for a WRT54, e.g. using Cacti:

    [1] create a network-share, either on a Windows- or Unix-host that runs 24/7

    [2] mount that share as /cifs1 using Tomato's CIFS Client

    [3] create a subdirectory on that CIFS-share, eg. sbin/

    [4] get this file: http://www.xs4all.nl/~bokh/downloads/snmpd.zip
    This file contains the SNMPd-binary (version 5.0.9) and snmpd.conf.
    (MD5 (snmpd) = ae0d622648efdb8dceb7b3b5a63e23ac)

    [5] unpack the ZIP-file and move the files into the sbin-directory you just created

    [6] start SNMPd by logging into your WRT54 and entering
    Code:
    /cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf &
    [9] test SNMP from the machine you're going to monitor from:
    Code:
    snmpwalk -c public -v 2c <IP-address of the WRT54>
    It's beyond the scope of this HOWTO, how to install and enable SNMP on a system... there is lot's of good documentation describing this.

    [7] If it's working put these two entries in Administration --> Scripts --> Firewall.
    UPDATE: Changed Init to Firewall. See the Tomato-FAQ why:
    http://www.polarcloud.com/tomatofaq#why_doesnt_my_startup_script_w
    Code:
    sleep 30
    /cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf -s &
    Don't forget to save!
    Now Tomato will start SNMPd after each reboot.

    [8] Start using remote monitoring. I prefer Cacti on FreeBSD:

    [​IMG]

    Issues:
    No more issues thanks to a newly compiled SNMPd by Rodney (aka "rhester72")!
     
    Last edited: Jan 23, 2015
  2. der_Kief

    der_Kief Super Moderator Staff Member Member

    THX bokh. I think this very interesting for some people.

    der_Kief
     
  3. bogderpirat

    bogderpirat Network Guru Member

    first off: thanks lots and lots! i've been waiting for a snmp solution ever since i switched to tomato from dd-wrt.

    i've got the server up and running, however, i can't seem to get it working with snmptrafficgrapher (windows) which i had used for dd-wrt and would very much like to continue using. these are the settings that i have and i used this dd-wrt.com thread to set the program up.
    it only gives me red bars though, since it's always querying the router and apparently doesnt get a response before the timeout (i tried raising it to 3000ms, didnt change nuttin).

    can anyone give me a hint as to what i'm doing wrong?

    oh, and i'm running the latest tomato on a WRT54GL v1.1
     
  4. maxzerker

    maxzerker LI Guru Member

    put that in jffs would be easier
     
  5. bokh

    bokh Network Guru Member

  6. bogderpirat

    bogderpirat Network Guru Member

    not working either. :(
     
  7. bokh

    bokh Network Guru Member

    JFFS2 uses the flash memory and AFAIK it's not good to write to it on a too regular basis.
    Can anyone confirm this (y/n)?
     
  8. bokh

    bokh Network Guru Member

    Check IP-address

    Just to be sure: your Tomato is listening on 192.168.0.1 instead of the default 192.168.1.1?
     
  9. bogderpirat

    bogderpirat Network Guru Member

    yes, i'm on the 192.168.0.x network, my tomato being .1.

    i have used the snmp tester program and played around a little. what i've found out is this: it would appear that any snmp request will fail(=timeout) if SNMP Version are V1 or V2c:
    when i however choose V3 (which is by the way not supported by SNMPTrafficGrapher), i get responses, which however don't make too much sense:
    so it looks like it's not taking my community name. it's defaulted on both the routers end and mine though, so no clue what's failing. in V3, you can add a password. i just left that blank

    is the way the configuration set up maybe blocking V1/V2c connection attempts?
     
  10. bokh

    bokh Network Guru Member

    In the in my HOWTO mentioned "snmpd.conf" only SNMP-v1 and -v2c are used, so no.
    No firewall blocking UDP:161?
     
  11. bogderpirat

    bogderpirat Network Guru Member

    no firewall running.

    the timeouts are reproduceable for every machine in my network.

    edit: i now went to dd-wrt.com's download site and fetched the snmp package out of their packages directory. i extracted their .conf file and ran it with this version of snmp. didn't change anything. i also tried running their executable, but that wouldn't work due to some library missing. i'm out of ideas.

    edit2: alright, i had it log to the syslog and fired the snmpd up via ssh:
    logged to:
    :| ? could you maybe start snmpd with the -s parameter and paste your resulting startup log?
     
  12. digitalgeek

    digitalgeek Network Guru Member

    Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: snmpd.conf: No such file or directory
    Jan 21 12:53:37 dgsworld01 daemon.warn snmpd[4834]: Warning: no access control information configured. It's unlikely this agent can serve any useful purpose in this state. Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for this agent.
    Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: Error opening specified endpoint "udp:161"
    Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: Server Exiting with code 1
    Jan 21 12:55:06 dgsworld01 daemon.err snmpd[4843]: /cifs1/sbin/snmpd.conf: line 5: Error: bad SUBTREE object id
    Jan 21 12:55:06 dgsworld01 daemon.info snmpd[4843]: NET-SNMP version 5.0.9

    these are my log entries, more infomation would be helpfull
     
  13. bogderpirat

    bogderpirat Network Guru Member

    okay, i got it working.

    first thing that i did was a lot of rebooting the router. i don't know whether it was that, but while trying different snmpd-binaries i had noticed that they weren't reloaded on every snmpd-start, but rather it appeared as though they had been cached after the first time they were executed. this step probably didn't do anything.

    i then took a look at the configuration file inside of dd-wrt's .ipkg-package. as described in an earlier posting, i'd already tried using the .conf file with the snmpd executable supplied here, but didn't get it working. this time however, everything went smoothly. STG immediately got a response, albeit an erroneous.

    here's the snmpd.conf i got and used:
    Code:
    com2sec  ro  default    public
    com2sec  rw  localhost  private
    
    group  public   v1   ro
    group  public   v2c  ro
    group  public   usm  ro
    group  private  v1   rw
    group  private  v2c  rw
    group  private  usm  rw
    
    view  all  included  .1
    
    access  public   ""  any  noauth  exact  all  none  none
    access  private  ""  any  noauth  exact  all  all   all
    and this is the syslog entry when using the -s switch while starting snmpd:
    Code:
    Jan 21 20:54:43 superrouter daemon.info snmpd[361]: NET-SNMP version 5.0.9
    additionally, i used snmptest to get a correct OID, that's what it gave me:
    i've got my green OID set to "1.3.6.1.2.1.2.2.1.16.7" and my blue OID1 set to "1.3.6.1.2.1.2.2.1.10.7". everything is working correctly.

    i hope this is helpful to someone in the future. once again: big thanks to you, bokh, for your howto.
     
  14. bokh

    bokh Network Guru Member

    You're welcome, I'm really glad to hear both! :)

    However, I'm not completely sure if my binary was from OpenWRT or DD-WRT, but with the -s option I get the exact same output and version: NET-SNMP 5.0.9. No warnings too.
    So are you using the SNMPd I mentioned in the HOWTO or a different one?
    I think it is strange it needs to have a different config, but maybe it's possible it's a hardware-issue. I run mine on a WRT54GL v1.1 BTW.
     
  15. digitalgeek

    digitalgeek Network Guru Member

    based on the changed conf file you posted above these are the log entries I received:

    Jan 21 17:20:20 dgsworld01 daemon.err snmpd[4885]: /cifs1/sbin/snmpd.conf: line 11: Error: bad SUBTREE object id
    Jan 21 17:20:20 dgsworld01 daemon.info snmpd[4885]: NET-SNMP version 5.0.9
     
  16. bogderpirat

    bogderpirat Network Guru Member

    bokh: same router. i think your binary is from the openwrt repository, the dd-wrt binary along with others wouldn't work for me.

    digitalgeek: try doing the following: delete both of the files from your windows share. then reboot your tomato. re-download the server daemon binary into your share and recreate the conf file i posted above. ssh or telnet to your box and start it via /cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf. check your log. that's the way i got it working.
     
  17. Hypernova

    Hypernova LI Guru Member

    Using an old thread here so I apologize.

    I tried using instructions from bogderpirat's blog but I get the same error as digitalgeek's except my error is on Line 8.

    I have a WRT54G v2 running on 192.168.1.2.
     
  18. bokh

    bokh Network Guru Member

    Please, post your snmpd.conf - I suppose the error is in line 8 of that file...
     
  19. Hypernova

    Hypernova LI Guru Member

    com2sec ro default public
    com2sec rw localhost privategroup public v1 ro
    group public v2c ro
    group public usm ro
    group private v1 rw
    group private v2c rw
    group private usm rw
    view all included .1 <-------------- line 8 basically the same error as digitalgeek's
    access public “” any noauth exact all none none
    access private “” any noauth exact all all all
     
  20. bokh

    bokh Network Guru Member

    Well, I can't help you here.
    Simply because that specific option won't work in the WRT-specific SNMPd-version, it's best to delete the line... It's of no use anyway, one way or another.

    Remember: Tomato is not running on a full blown PC with Linux and all the libraries installed. Hence, some functionality we're used to on Linux / BSD / Unix, isn't available.
     
  21. Hypernova

    Hypernova LI Guru Member

    I try deleting that line then. For the record I have no idea what that thing does as I'm a linux newb.

    [EDIt] Now it starts with no error but the SNMPtester still fails and get nothing.

    Scanning Interfaces
    2007/4/1 11:57:15 (13 ms) : GetOIDList
    2007/4/1 11:57:15 (19 ms) : Create List

    Found interfaces:
    <Nothing>
     
  22. bokh

    bokh Network Guru Member

    Once more here is my snmpd.conf:
    Code:
    com2sec public  default   public
    group public  v1   public
    group public  v2c  public
    group public  usm  public
    view all  included  .1
    access public  ""   any  noauth    exact all    all   all
    syslocation town, country
    syscontact foo@bar.net
    sysservices 15
    Turns out I'm using the same "view all"-line without any error caused...
    I'm far from a Linux-n00b (in fact I've been a Unix-admin for years), but SNMP is still somewhat higher mathematics to me! Read a HOWTO or three on the subject might enlighten us.
    In the meantime, give the above config a try, and change the syslocation and -contact to yours.
     
  23. Hypernova

    Hypernova LI Guru Member

    A guy on my net is downloading a big file that can't be resumed so I KILL'ed the current snmpd which is no good and restarted with "/cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf &"

    Still no good but the odd thing is "cat /var/log/messages | grep -i snmpd" shows the only entry:
    "Apr 2 23:04:13 Router daemon.info snmpd[5251]: Received TERM or STOP signal... shutting down..." when I killed the origional. So with the new script it's showing no errors and no nothing. Won't be able to reboot router for at least 3 days. Schoold holiday starts this Friday so I'll try some reading on SNMP. Current google results looks rather arcane though.

    Giving up for now as this isn't that critical, hopefully proper SNMP get included into official someday.
     
  24. bokh

    bokh Network Guru Member

    No errors is good! :wink:
    But when I start my SNMPd with command "/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf -s"
    (note the "-s" is at the end - not sure if that makes any difference) it get these notifications in my logfile:
    Code:
    Mar 19 18:37:26 linksys snmpd[245]: Creating directory: /tmp/snmp-persist
    Mar 19 18:37:26 linksys snmpd[245]: NET-SNMP version 5.0.9
     
  25. Hypernova

    Hypernova LI Guru Member

    "view all included .1" again. bah...
     
  26. bokh

    bokh Network Guru Member

    I've done some testing here too and can't reproduce the error.
    You're using the SNMPd from my site, right? And you're on a WRT54GL v1.1 too, right? I'm too puzzled so far! Delete the darn line and see if it works without...
    Then test form a Unix- or Linux-system with this command:
    Code:
    # snmpget -c public -v 1 192.168.1.2 hrSystemUptime.0
    
    The output will look like this:
    HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (119060846) 13 days, 18:43:28.46
    Or from a Windows-machine with "Getif": http://www.wtcs.org/snmp4tpc/getif.htm
     
  27. Hypernova

    Hypernova LI Guru Member

    WRT54G v2 with latest Tomato like I said last page. But it shouldn't matter right?!

    "# snmpget -c public -v 1 192.168.1.2 hrSystemUptime.0
    -sh: snmpget: not found"
     
  28. bogderpirat

    bogderpirat Network Guru Member

    hey, i've only skipped over the postings and i'm not entirely sure, but i'd like to utter the speculation that in fact you should do a reboot.

    thing is that apparently, anything that gets read off a cifs share is being cached somewhere - maybe in RAM, and will hence not be loaded from the share itself again after you have changed it. you can easily see that by installing a network monitor on the machine you're running your cifs share on and looking whether you get 700-odd kbytes of traffic while you start the snmpd. after a reboot, this will occur. when killing the process and restarting it, it won't.
    the only way to circumvent this is a reboot of the box. however, what you can also do (as you're not altering the snmpd-binary itself) is to save the altered (the view-line removed) config file under a different name and load that file with the -c switch. that will make sure that it's loading the config file you want, and not an old cached version of the snmpd.conf file.

    also: what kind of editor are you using to save that file? perhaps there's some idiotic issue, like weird word wrapping, dos line breaks or something similar which the binary doesn't like. i personally pasted the contents of the config-posting i made on page 1 via telnet into a file using echo, like such:
    Code:
    echo "<paste>">/cifs1/bin/snmpd.conf
    . maybe you can try this and see whether it works out.

    obviously, the best way of really making sure you have reproduced the exact settings that bokh and i use to get it working successfully, would be to reset the router every once in a while, in order to clear the ram. at least that's what helped me.

    hth,
    bog
     
  29. Hypernova

    Hypernova LI Guru Member

    I used notepad to save the script that I ctrl-c'ed straight from the web page.

    Different error this time. I guess this is progress?
     
  30. digitalgeek

    digitalgeek Network Guru Member

    I can now get snmpd to launch without error... although I do not see the line in the example above [Creating directory: /tmp/snmp-persist]

    when I try to run getif or snmpd tester I get time out errors (getif says no SNMP respose from 192.168.1.1)

    here is my config...
    com2sec ro default public
    com2sec rw localhost private
    group public v1 ro
    group public v2c ro
    group public usm ro
    group private v1 rw
    group private v2c rw
    group private usm rw
    access public "" any noauth exact all none none
    access private "" any noauth exact all all all
    syslocation town, country
    syscontact foo@bar.net
    sysservices 15
     
  31. Hypernova

    Hypernova LI Guru Member

    Thats the same point I reached before, where although there are no longer errors the SNMP server still doesn't work.

    bokh can you provide your script as a file just the way you used it? It may have something to do with space or what not getting lost from copying.
     
  32. bogderpirat

    bogderpirat Network Guru Member

    hey, that reminds me an awful lot of this posting.
    would you mind trying this config?

    also: when doing en echo "">xyz, you'll have to escape (put backslashes "\" in front of) any quotation marks that occur within the paste. which would make the "access"-lines the following:
     
  33. Hypernova

    Hypernova LI Guru Member

    It's ALIVE, ALIVE!!!

    But I don't have a ppp0

    The script's /n's show up as black blocks in Notepad, I guess it was the formatting that was doing it. For future reference that guide should recommend ppl adding script through echo.
     
  34. bogderpirat

    bogderpirat Network Guru Member

    hey, glad you got it working.

    how are you accessing the internet? i'm guessing the ppp sensor will only turn up if you're using some sort of ppp-dialup, i.e. when using DHCP or something similar you won't have that device.

    you can alternatively use vlan1 for internet-bandwidth monitoring, so long as you "get" the internet from the WAN-jack. see here for the device naming of the wrt-devices: http://www.dd-wrt.com/wiki/index.php/SNMP#Bandwidth_Monitoring_via_SNMP
     
  35. Hypernova

    Hypernova LI Guru Member

    Ah ok.

    I use DHCP and the WAN is connected to a modem-router in ppp half bridge. vlan1 works for me anyway.

    Any other data type that can be monitored? CPU/ram load etc of individual ports? yeah I'm getting greedy here. That DD-wrt page list sever other but would they work with tomato? I'm at school right now so can't test. If they work they would have showed up during the scan right?
     
  36. bokh

    bokh Network Guru Member

    Good it works!
    But you never used a Unix-like editor (e.g. "vi", "vim" or "ee") to create the snmpd.conf??! Just curious...
     
  37. digitalgeek

    digitalgeek Network Guru Member

    this line:
    view all included .1

    causes this error:
    /cifs1/sbin/snmpd.conf: line 14: Error: bad SUBTREE object id


    I also received the following message in my log:
    snmpd[3047]: Server Exiting with code 1

    I have looked at the how to blog and followed the instructions... I copied the .conf file and still can't get it to cooperate...
     
  38. digitalgeek

    digitalgeek Network Guru Member

    I have just read regarding the use of notepad to create the .conf... so I have create the .conf from the SSH shell and successfully started snmpd with the .conf sugested above....


    but snmptest still returns no interfaces...
     
  39. Hypernova

    Hypernova LI Guru Member

    I rarely use linux. And when I do it's doing C project from school using Ubuntu with nedit.

    Here's the conf I use, remember to take out the .txt
     

    Attached Files:

  40. bogderpirat

    bogderpirat Network Guru Member

    i've only toyed (that a lot though) with linux, never regularly used it. i don't like vi too much, as it's hard to get accustomed to. i prefer nano, which is in my opinion a lot more straight forward.


    digitalgeek: just to make sure, you have:
    - used snmp version = "SNMP V2c" in the options of snmptest?
    - got port="161", community="public" and [o] "scan available interfaces"?
    - not soft- nor hard-firewalled your pc from the router which might be blocking port 161?

    if that is so, what does snmptest post when running the test?
     
  41. digitalgeek

    digitalgeek Network Guru Member

    Thanks... that did it...

    it found the interfaces...
     
  42. digitalgeek

    digitalgeek Network Guru Member

    Guys... I have a new problem which I was wondering if you guys might be able to share some insight into...


    daemon.err snmpd[2938]: Error opening specified endpoint "udp:161"
    daemon.err snmpd[2938]: Server Exiting with code 1
     
  43. bokh

    bokh Network Guru Member

    Yeah, that looks familiar here (too).
    Nothing to worry about as long as SNMPd keeps up and running.
     
  44. Mayhemmad

    Mayhemmad Guest

    Just to jump onto this topic months later, but I am interested in SNMP for tomato. Does it do per MAC address or IP bandwidth monitoring?

    If not, is there a solution to recording bandwidth per MAC address or IP on the WRT54GL?

    Cheers
     
  45. slarner

    slarner Guest

    This how to on tomato for monitoring is all good and i have it working on a few devices but when you are installing 5-7 clients a week with tomato on it becomes a bit of a pain to install the file on each device can it realy be that difficult to install it in to it like it is on dd-wrt ?
     
  46. wulei

    wulei Guest

    Finally, I found the root cause of the error "Error: bad SUBTREE object id "...

    Just vi snmpd.conf and delte all "^M" in the end of each line.
     
  47. hpsmartyz

    hpsmartyz LI Guru Member

    Hi all,

    first of all special thanks bokh for this thread
    and to others for the following contributions and feedbacks.

    bokh, I am really interested by this feature and I have, sorry for that, a bit of an off topic question. sorry :frown:
    I have a Synology running on my LAN and would like to use it as a host for
    monitoring what goes on. Cacti combined with syslog pluggin and a syslog
    process to catch traps from my 54GL seems like a complete solution.
    As I understand, what you describe is installing a snmp daemon on a host
    to monitor the WRT54Gx.
    - what is the purpose of starting it from the WRT54Gx (step [8]) (and mounting a cifs location) ?
    - it seems snmp (net-snmp) can be installed with Cacti. how does this relates to, could come in place of, your proposition ?

    many thanks for your help

    :)
     
  48. JohnnyO

    JohnnyO Network Guru Member


    Yes, I wonder what it would take to get SNMPd to work internally to the box, similarly to dd-wrt?

    With the magic that Mr. Roadkill is displaying in other threads, I wonder if he'd be the right person to point us in the correct direction.

    John
     
  49. hoplite21

    hoplite21 Guest

    wow, complicated stuff

    all of this is very interesting. I'm a super newb and trying to understand it is incredibly difficult.

    I was using dd-wrt for years up until a couple of days ago when I thought I'd try out tomato for it's lack of bloat and bandwidth monitoring capabilities. But now I want MORE!

    I've got Wallwatcher installed and capturing data from the syslog but what I really want to is run this 'snmp' thingamabob on my WRT54G Tomato and monitor the info using Cacti from a windoze machine.

    Unfortunately, my knowledge or snmp and cacti is slim. I'm having trouble even making sure I have the correct settings after installing the windows snmp component. I started trying to follow bokh's how to but for example I'm stuck at:

    "[9] test SNMP from the machine you're going to monitor from:
    Code: snmpwalk -c public -v 2c <IP-address of the WRT54>"

    because I don't know how to test SNMP from my windoze machine. Is it command line? Using this ssh thingy (which I don't know how to use yet either, 'sigh')

    Is there anything out there that can teach a newb step by step how to implement this? Any tutorials that start with enabling snmp on my windows box and then work from there. I'm a newb but pretty savvy. I've tried searching a lot in the last few days and can't get my head around the whole thing.

    Nice work you're all doing though, I just want to be able to do it too!

    hoplite
     
  50. bokh

    bokh Network Guru Member

    @hoplite21: Don't try to run before you can walk! :)

    As a Unix-guy I wouldn't even try to get Cacti running on Windows. But maybe it could be pretty easy once you've got XAMPP installed.
    On Windows there is SNMP Traffic Grapher (URL: http://leonidvm.chat.ru/), with which you can probe the Tomato WRT. Give it a try.
    I don't have the specific Linksys-configfile at hand now, but if you're having troubles with this, I can post it here at a later time. Success!
     
  51. rickh57

    rickh57 LI Guru Member

    Thanks for this HOWTO, bokh. I've added SNMP to my two tomato based routers and am using Cacti on an Ubuntu 8.04 box to monitor them.
     
  52. bogderpirat

    bogderpirat Network Guru Member

    hey rickh57,

    would you mind sharing your cacti configuration regarding the tomato boxes with me? i cannot, for the love of god, get this software to work.

    thank you.
     
  53. bokh

    bokh Network Guru Member

    Cacti should have no problem finding your WRT54 with SNMPd as long as you use the right options (security, community, PHP with SNMP compiled, etc.).
    I use this simple script to check if SNMPd is responding on the WRT (gives the uptime):

    $ ./snmpget.sh 192.168.1.1

    ==> Probing for system's uptime through SNMP:

    HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (174212696) 20 days, 3:55:26.96

    Code of the script:
    <--- Cute here --->
    #!/bin/sh

    echo
    echo " ==> Probing for system's uptime through SNMP:"
    echo

    #snmpget -c public -v 1 $1 1.3.6.1.2.1.1.3.0
    snmpget -c public -v 1 $1 hrSystemUptime.0
    <--- Cute here --->
     
  54. rickh57

    rickh57 LI Guru Member

    I didn't do anything special to get Cacti to poll my routers once I got SNMP installed on them.
     
  55. AF35

    AF35 LI Guru Member

    hi, is there any site that explains about the config file?
    I'm trying to understand it in order to read the things i want but not everything.

    can anyone give me a kick start direction ?

    ----------------- never mind ---------------------
    i found a site http://www.snmpview.de/snmpd_conf.php
    and i'm going to look through it.

    Cheers
     
  56. bokh

    bokh Network Guru Member

    No more crashing when doing a full snmpwalk, thanks to a newly compiled SNMPd by Rodney (aka "rhester72")!

    Both of my download links now point to the new SNMPd / snmp.conf - PLEASE UPGRADE!
     
  57. Thrasher

    Thrasher Network Guru Member

    Excellent news! Thanks bokh and rhester72 :clap:
     
  58. jcarle

    jcarle Network Guru Member

    Just wanted to say that the binary works great.

    I found some additional (unimportant but still useful) variables for the snmpd.conf file.

    sysname WRT54G
    syslocation Network Cabinet
    syscontact Contact Name

    Haven't found any documentation for more...

    It seems that the SNMP OID differ from router to router and model to model, so you'll definately want to use something like Getif ( http://www.wtcs.org/snmp4tpc/getif.htm ) if you're on Windows to find your router's OIDs.
     
  59. trgz

    trgz Addicted to LI Member

    -sh: /cifs1/sbin/snmpd: not found

    Hi all.
    I've recently installed tomato onto my WRT54GL and I'm well impressed. It's inspired me to continue tinkering with my netork and I'm trying to get SNMP working (to use Wallwatcher on my Windows machine).
    I've been following Julians techblog (http://jultech.wordpress.com/2007/01/22/wrt54gl-tomato-firmware-and-bandwidth-monitoring-via-snmp-2/) and I've successfully enabled SSH on the router and I can talk to it using PuTTy. So far I have downloaded the SNMP zip file(from the location in this thread), expanded it, and edited the snmp.conf file (not an easy task but I think I've cracked it using Textpad). However every time I try to run the command "/cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf &" (ignoring quotes of course), or alternatively the command "/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf &" posted in this thread, I get the response "-sh: /cifs1/sbin/snmpd: not found" which doesn't seem right as the previous commands have successfully created a folder on the cifs1 share, and expanded the file into that folder and I can see the file in the folder to confirm my success. What am I doing wrong? :confused:
    Skipping the editing of the snmp.conf file gives the same result, if this is of any use, and the only observation I had was the md5 checksum was different to that posted in Julians blog but I'd have though it would have reported a file error and not that it was missing.
    p.s. I'm a Linux/SSH/SNMP noob
     
  60. Thrasher

    Thrasher Network Guru Member

    On you Administration / CIFS Client page on the WRT....does it show any figures next to "Total / Free Size"? if not I suspect your CIFS hasn't mounted. Include the domain or workgroup name that the server/workstation hosting the share is a member of. The only box that should be empty in the CIFS client set up is "Excecute When Mounted".
     
  61. trgz

    trgz Addicted to LI Member

    I've got 232.88 GB / 57.84 GB shown.
    I'd left Domain blank as I thought it wasn't a Windows thing - foolish me

    I've entered the Domain and it's working now (odd how part of my SSH-ing worked) - many thanks indeed
     
  62. bogderpirat

    bogderpirat Network Guru Member

    the md5 doesn't fit because the binary has been updated recently. i'll adapt the blogpost accordingly.
     
  63. bokh

    bokh Network Guru Member

    I've added the new MD5 for the new "snmpd" in the first post accordingly:
    MD5 (snmpd) = ae0d622648efdb8dceb7b3b5a63e23ac

    Also my IP-address (not the hostname) has changed last week :rolleyes:
    It's now 80.101.176.242 (instead of 213.84.72.169).
     
  64. nobugme

    nobugme Network Guru Registered

    'sleep 30' shouldn't be necessary anymore, because its in the fw script, am I right?
     
  65. bokh

    bokh Network Guru Member

    I'm not sure about that. In fact: I've raised it to 60 some time in the past and it works like it's supposed to be, so I don't really care about it.
     
  66. hlpimfalling

    hlpimfalling Network Guru Member

    External Access

    Is there a way for me to open the right ports on the firewall only to one computer so that I can access the snmp from a computer on a wan address? I don't have a linux box on the inside network of the router, but I do on the wan. Any help would be appreciated. When I nmap, I can't seem to get the port to be opened. Thanks for your help.
     
  67. bogderpirat

    bogderpirat Network Guru Member

    should be port 161/162 UDP. simple port forward rule to 192.168.1.1 or whatever you set your tomato's ip to should do.
     
  68. hlpimfalling

    hlpimfalling Network Guru Member

    Ya, that's what I thought but it did not work. I was trying to do it manually as well with iptables, but I can't figure it out. :(
     
  69. lucaf

    lucaf LI Guru Member

    I have been reading a lot about getting SNMP to Tomato and this is probably the most detailed instruction I've found so far.
    I have a quick question.
    By using that command, doesn't that mean that every time the router starts up it will look for snmpd and snmpd.conf over the network?
    ...or it gets loaded on nvram the first time it gets launched?

    thanks
     
  70. Gewehr98

    Gewehr98 LI Guru Member

    You lost me at mounting a cifs share on the Windows system, honestly.

    I have a network of 5 identical IBM quad-Xeon workstations (running XP Pro) in the home, routed by my trusty WRT54G v1.0, and supported by my Vonage Motorola phone box, my D-Link DI-102 packet optimizer, my Charter Cable modem, as well as 5 Adaptec Snap Server NAS boxes and 4 network laser printers.

    I've been dabbling with monitoring the network more closely than just the Tomato bandwidth graphic, and would like to use something with SNMP like Spiceworks or my trusty old WallWatcher.

    Problem is, none of the IBM workstations run 24/7, and I doubt the little Snap Servers can host the cifs share that is needed. (Or can they if they're just needed as a log file repository?)

    So is there perhaps a walk-through on how to implement this SNMPd on Tomato? I see plenty of YouTube videos on other aspects of WRT-54G modifications and firmware setups, so maybe there's hope for somebody as non-savvy as myself?

    Also, I noticed when I ran WallWatcher for a while, it really hit the little WRT-54G v1.0 hard, bogging it down and creating a ton of log entries. Would SNMP monitoring on the early model WRT-54G perhaps be too much for its dated hardware?
     
  71. bokh

    bokh Network Guru Member

    If these Snap Servers support CIFS that should be no problem. What I see on the net they do. The newer versions that is. What's your specific type of hardware?

    The SNMP-daemon runs on the Tomato / WRT54G over the CIFS-share and has little overhead on the little router itself. The 2 files (snmpd and snmpd.conf) take up less than 1MB on a (CIFS-)filesystem.

    WallWatcher however can (indeed) be heavy on resources but it has nothing to do with SNMP (syslog it is).

    FYI: a walkthrough is in the opening post. Unless you look for a different approach... :rolleyes:
     
  72. Gewehr98

    Gewehr98 LI Guru Member

    Oh, they're old, alright!

    I currently have 2 each SnapServer 1000 models, and 3 each SnapServer 1100 models in the fleet. I "fell into" them via a GSA/DRMO auction a few years ago, upgraded the hard drives, and planned on making one or two of them FTP servers so I could retrieve files from work, or at family locations. They actually have internal FTP/HTTP setup capability, but I want to make them accessible through my WRT-54G v1.0 and Tomato without resorting to a DMZ configuration. Monitoring them and the workstations on the home network through an SNMP link would be the icing on the cake, I could make use of Spiceworks, etc.
     
  73. Elbart

    Elbart LI Guru Member

    Hi.

    I've been using SNMPd for quite a while now, but recently I've been stumbling over a weird behaviour of Tomato.

    Here's a pic to illustrate the problem:
    [​IMG]

    Upon booting, the order of the interfaces SNMPd discovers is like this (the "Before"-section).

    But when I change a setting like Wireless, the order is changed (the "After"-section).

    It's rather annoying, because this also changes the OIDs for monitoring the vlan1-speed and similiar.

    Since I figured that going through all of the Tomato-source to change the interface-initialization would be quite a chore, I wondered, if any of you guys know of a way to limit the monitoring of SNMPd to only one specific interface (vlan1 in my case), either with snmpd.conf or with a commandline-parameter.
     
  74. occamsrazor

    occamsrazor Network Guru Member

    Is anyone here using SNMP with Mac OS X? I've recently flashed my router with Thor's mod containing SNMP but am wondering...

    1. What sort of things could I use SNMP for that I can't get from the Tomato Web Interface?
    2. Does anyone know a good SNMP manager software for Mac to connect to Tomato's SNMP daemon and display information in a nice graphical way?

    Cheers.
     
  75. bogderpirat

    bogderpirat Network Guru Member

    hey guys,
    i wasn't sure whether this warranted a new thread, and didn't know whether someone had already accomplished this, so i decided to post it in here.

    i have successfully compiled and tested a smaller snmp daemon binary.

    here's the upside:
    - compared to the previous version, it requires next to no configuration on the server side
    - filesize is only ~115KiB compared to the previous monster of ~920KiB
    - size in ram is only a lousy 140KiB compared to a whopping previous 2.7MiB (that is VSIZE)
    - if a network interface disappears (i.e. ppp0 while you have your scheduled reconnection), it doesn't make clients error out, but returns "0" on polled OIDs. this effectively stops snmptrafficgrapher from erroring out somtimes.

    and the (surmountable) downside:
    - client configuration is a bit more tricky. but we'll get to that.


    i took the sources from the link above and compiled them using the toolchain contained within the tomato-RT git tree (kudos to teddy_bear for putting them in there and making life easy), specifically ./tomato/tools/brcm/K24/hdntools-mipsel-uclibc-4.1.2/bin/mipsel-uclibc-gcc.

    you can download the resulting binary here (~115KiB, md5: d58b35bf5c8ea5f5d617fc4e69f67a96).

    Configuration
    as i'm assuming people mostly use snmpds for bandwidth tracking, i'll only cover that part of the binary's functionality.
    configuration is done via command line. the commands can be viewed by (after putting the binary on your router - methods are covered earlier in this thread) doing
    Code:
    ./mini_snmpd --help
    as we want to track network interface traffic, we'll have to input at least one network interface (multiple ones are separated by commas) using the -i switch. pppoe users will want to use ppp0 whilst the dhcp'd-wan guys will want to use vlan1 as a parameter.
    to get going, we have to do the aforementioned (somewhat nasty) client configuration, which consists of finding out correct OIDs to the data we want. for network traffic, this is simple. open two telnet/ssh connections to your router. in one of them, do the following (change ppp0 to what applies):
    Code:
    ./mini_snmpd -i ppp0 -v
    this will output verbose debug data (essentially spits out all discovered OIDs).
    quickly afterwards type this into the second terminal:
    Code:
    ifconfig ppp0
    this will present an output like such:
    Code:
    # ifconfig ppp0
    ppp0       Link encap:Point-to-Point Protocol
               inet addr:1.2.3.4  P-t-P:1.2.3.4  Mask:255.255.255.255
               UP POINTOPOINT RUNNING MULTICAST  MTU:1492  Metric:1
               RX packets:4057326 errors:0 dropped:0 overruns:0 frame:0
               TX packets:3648062 errors:0 dropped:0 overruns:0 carrier:0
               collisions:0 txqueuelen:3
               RX bytes:4061296891 (3.7 GiB)  TX bytes:2119727308 (1.9 GiB)
    memorize (or write down) the large numbers after RX bytes and TX bytes. now go back to the first terminal that is running the snmp daemon verbosely and look through the listed OIDs' "data='xxx'" values. where the number looks similar to that from the ifconfig RX (receive/download) and TX (transmitted/upload) outputs, write the value of "oid='xxx'" down.
    those two are the two oids you can use in conjunction with a program that polls snmp data, like snmptrafficgrapher, cacti, or anything else that runs on rrdtool or is mentioned in this thread.

    BTW, on my WRT54GL running victek's tomato RAF, the ppp0 interface had OIDs
    .1.3.6.1.2.1.2.2.1.16.1 for upstream and
    .1.3.6.1.2.1.2.2.1.10.1 for downstream.

    actually running the daemon can be automated using the methods provided in this thread and adding the line
    Code:
    ./mini_snmpd -i ppp0 > /dev/null 2>&1 &
    into the startup (or wan-up) script.
     
  76. bogderpirat

    bogderpirat Network Guru Member

    i'd also like to share this nifty little script i've written to start the binary. it grabs the binary from a web server (you'll have to upload it somewhere and replace the url to it) if needed whenever your wan interface comes up and starts the daemon:
    Code:
    if [ -z $(pidof mini_snmpd) ] ; then
      if [ ! -f /tmp/mini_snmpd ] ; then
        wget http://some.server.com/mini_snmpd -O /tmp/mini_snmpd
        chmod +x /tmp/mini_snmpd
        logger -p 5 "SNMPD: acquired binaries"
      fi
      /tmp/mini_snmpd -i ppp0 > /dev/null 2>&1 &
      sleep 2
      logger -p 5 "SNMPD: started with pid: $(pidof mini_snmpd)."
    else
      logger -p 5 "SNMPD: already started, resting."
    fi
    place this in the WAN Up scripts part of the administration and save it.
     
  77. rhester72

    rhester72 Network Guru Member

    Thanks for the inspiration. I've done the same now to recompile libpcap and knockd for "next-gen" Tomato and it came out to less than 50% of the legacy Tomato compile (even when both are stripped!). Good job!

    I've also adopted your mini-snmpd (I honestly only use it to check uptimes) and am extremely pleased with the results.

    Rodney
     
  78. rhester72

    rhester72 Network Guru Member

    One quick caveat about any snmpd on Tomato (that I just noticed during testing)...

    Be very careful not to start (mini-)snmpd until *after* Tomato has properly set the clock via NTP if you care about uptime exposed via SNMP. If you don't, you'll end up with very impressive and extremely unrealistic uptimes as seen by SNMP. Looping until `date +%Y` -gt 2000 before starting snmpd seems to do the trick quite nicely. ;)

    Rodney
     
  79. Chillout

    Chillout Networkin' Nut Member

    I´m sorry for digging up such an old topic... but since I've upgraded to Tomato Firmware v1.28.8749 ND USB vpn3.6 (Before I was using just the regular Tomato), my snmp deamon is not working anymore...

    Yes, the cifs-location is mounted correctly again, and the binary and config file are still the same as before, when it used to work...
    However, when I try to run snmpd from the shell, it will just do nothing. No process will start (or so it appears), and no entry in the log. Not even an error... If I run it with all debugging, verbose and logging options on, I will get the following error:

    Code:
    root@elcamino:/cifs1/snmp# /cifs1/snmp/snmpd -c /cifs1/snmp/snmpd.conf -s -D -V
    -L
    root@elcamino:/cifs1/snmp# /cifs1/snmp/snmpd: can't resolve symbol 'isspace'
    
    I´m out of inspiration what to do... hopefully someone has more ideas :) thanks in advance!

    Oh and by the way... I'm using a Asus WL500GP. And yes, it used to work before the upgrade!
     
  80. Elbart

    Elbart LI Guru Member

    Tried mini_snmpd already?
     
  81. rhester72

    rhester72 Network Guru Member

    Chillout, you're missing a dynamic library dependency (you have the library, but it is missing a required function). Where did you get your snmpd binary?

    Rodney
     
  82. razorxtr

    razorxtr Networkin' Nut Member


    Chillout, rhester72 I tried installing snmp on my WRT54G Tomato and am running into the exact same error:

    root@tomato:/cifs1/snmp# /cifs1/snmp/snmpd -c /cifs1/snmp/snmpd.conf -s -D -V -L
    root@tomato:/cifs1/snmp# /cifs1/snmp/snmpd: can't resolve symbol 'isspace'

    I am running on firmware 1.28.7616 -Toastman ND Std. Search google just turns up this forum. Is it possible to add this 'required function' or file that is missing?
    Could someone share / email their 'isspace' required function file?

    What firmware versions are you guys successfully running on?

    I am using Tostman firmware due to being able to restrict bandwidth by IP/MAC.

    Thanks
     
  83. AlterEgo

    AlterEgo Networkin' Nut Member

    Count me in at my thread

    http://www.linksysinfo.org/index.php?threads/tomato-1-27-bandwidth-monitoring-using-snmpd.35823/

    Please update all of us if anyone found a solution
     
  84. jyavenard

    jyavenard Network Guru Member

  85. AlterEgo

    AlterEgo Networkin' Nut Member

    Well I am using Tomato Firmware v1.28.8754 ND USB vpn3.6 (usually the biggest version with all the extras) on Linksys WRTSL54GS. This is because I have also configured VPN to connect to my home from any place I am commuting.

    Do you think you have made a working version with VPN functionality as well.

    We would really like to see or test the versions made by you with SNMPd functionality if you can share them.

    Thanks.
     
  86. jyavenard

    jyavenard Network Guru Member

    Hi

    I have...

    It includes PPTP VPN support as well and OpenVPN (including various fixes to OpenVPN and support for username/password authentication)

    However, I haven't built it for the WRTSL54GS, I've only built it for WRT54GL (no USB) and MIPSR2 machines (with USB)... I would have to build it... unless you don't mind building it yourself.

    IF you want the standalone snmp exe, I can extract it easily (which would have none of the issues I've read here). The standalone snmp is 941988 bytes.

    Edit: I've built K26 series for MIPSR1 and MIPSR2 there:
    http://www.avenard.org/wrt54-tomato/tomatoUSB/

    Edit: I've removed the MIPSR1 built, I've bricked my WRT54GL device with it...
     
  87. AlterEgo

    AlterEgo Networkin' Nut Member

    Well,

    I am a complete noob in that, so I cannot build any new builds myself. Would have to need your help in that.

    Would really appreciate if you can build the image for WRTSL54GS and post it, I am not sure it MIPSR1 or MIPSR2 , so I would not risk bricking it with the wrong build type.

    Thanks for your co-operation.
     
  88. jyavenard

    jyavenard Network Guru Member

  89. Toastman

    Toastman Super Moderator Staff Member Member

    Jean-Yves, I just tried your compile of the PPTP client. Looks very interesting! I've sent you a PM about it.
     
  90. crashnburn

    crashnburn LI Guru Member


    Hi Toastman - I was considering doing the same here so I was wondering about one thing.

    Do we now have the ability to monitoring abilities equivalent to Networx? It has some nice quick ways to split and graph data usage data.
    E.g.
    http://www.softperfect.com/products/networx/manual/totals.htm
    http://www.softperfect.com/products/networx/manual/graph.htm

    Or can the Networx related monitoring become a Bonus/ Add-on besides Tomato USB's monitoring capabilities.

    Apparently, someone got it work here - Not sure if that has some flaws.
    http://www.softperfect.com/board/read.php?8,13178,13178,quote=1
     

Share This Page