[HOWTO] SNMPd on Tomato

Last MAJOR update: Sat. August 9th 2008

Here's what I've done to get the Simple Network Management Protocol-daemon (SNMPd called from now on) working on my Tomato. This will provide remote monitoring for a WRT54, e.g. using Cacti:

[1] create a network-share, either on a Windows- or Unix-host that runs 24/7

[2] mount that share as /cifs1 using Tomato's CIFS Client

[3] create a subdirectory on that CIFS-share, eg. sbin/

[4] get this file: http://bok.xs4all.nl/downloads/snmpd.zip
Mirror: http://www.xs4all.nl/~bokh/downloads/snmpd.zip
This file contains the SNMPd-binary (version 5.0.9) and snmpd.conf.
(MD5 (snmpd) = ae0d622648efdb8dceb7b3b5a63e23ac)

[5] unpack the ZIP-file and move the files into the sbin-directory you just created

[6] start SNMPd by logging into your WRT54 and entering

Code:

/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf &

[9] test SNMP from the machine you're going to monitor from:

Code:

snmpwalk -c public -v 2c <IP-address of the WRT54>

It's beyond the scope of this HOWTO, how to install and enable SNMP on a system... there is lot's of good documentation describing this.

[7] If it's working put these two entries in Administration --> Scripts --> Firewall.
UPDATE: Changed Init to Firewall. See the Tomato-FAQ why:
http://www.polarcloud.com/tomatofaq#why_doesnt_my_startup_script_w

Code:

sleep 30
/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf -s &

Don't forget to save!
Now Tomato will start SNMPd after each reboot.

[8] Start using remote monitoring. I prefer Cacti on FreeBSD:



Issues:
No more issues thanks to a newly compiled SNMPd by Rodney (aka "rhester72")!

first off: thanks lots and lots! i've been waiting for a snmp solution ever since i switched to tomato from dd-wrt.

i've got the server up and running, however, i can't seem to get it working with snmptrafficgrapher (windows) which i had used for dd-wrt and would very much like to continue using. these are the settings that i have and i used this dd-wrt.com thread to set the program up.
it only gives me red bars though, since it's always querying the router and apparently doesnt get a response before the timeout (i tried raising it to 3000ms, didnt change nuttin).

can anyone give me a hint as to what i'm doing wrong?

oh, and i'm running the latest tomato on a wrt54gl v1.1

put that in jffs would be easier

Try using these settings in STG (they work for me):

"Green" OID: 1.3.6.1.2.1.2.2.1.10.1
"Blue" OID: 1.3.6.1.2.1.2.2.1.16.1

If not, maybe SNMPtester --> http://www.paessler.com/download/freeware/snmptester can provide you with the right OIDs (thought these found don't work in turn for me).

not working either.

JFFS2 uses the flash memory and AFAIK it's not good to write to it on a too regular basis.
Can anyone confirm this (y/n)?

Check IP-address

Just to be sure: your Tomato is listening on 192.168.0.1 instead of the default 192.168.1.1?

yes, i'm on the 192.168.0.x network, my tomato being .1.

i have used the snmp tester program and played around a little. what i've found out is this: it would appear that any snmp request will fail(=timeout) if SNMP Version are V1 or V2c:

when i however choose V3 (which is by the way not supported by SNMPTrafficGrapher), i get responses, which however don't make too much sense:

so it looks like it's not taking my community name. it's defaulted on both the routers end and mine though, so no clue what's failing. in V3, you can add a password. i just left that blank

is the way the configuration set up maybe blocking V1/V2c connection attempts?

In the in my HOWTO mentioned "snmpd.conf" only SNMP-v1 and -v2c are used, so no.
No firewall blocking UDP:161?

no firewall running.

the timeouts are reproduceable for every machine in my network.

edit: i now went to dd-wrt.com's download site and fetched the snmp package out of their packages directory. i extracted their .conf file and ran it with this version of snmp. didn't change anything. i also tried running their executable, but that wouldn't work due to some library missing. i'm out of ideas.

edit2: alright, i had it log to the syslog and fired the snmpd up via ssh:

logged to:

:| ? could you maybe start snmpd with the -s parameter and paste your resulting startup log?

Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: snmpd.conf: No such file or directory
Jan 21 12:53:37 dgsworld01 daemon.warn snmpd[4834]: Warning: no access control information configured. It's unlikely this agent can serve any useful purpose in this state. Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for this agent.
Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: Error opening specified endpoint "udp:161"
Jan 21 12:53:37 dgsworld01 daemon.err snmpd[4834]: Server Exiting with code 1
Jan 21 12:55:06 dgsworld01 daemon.err snmpd[4843]: /cifs1/sbin/snmpd.conf: line 5: Error: bad SUBTREE object id
Jan 21 12:55:06 dgsworld01 daemon.info snmpd[4843]: NET-SNMP version 5.0.9

these are my log entries, more infomation would be helpfull

okay, i got it working.

first thing that i did was a lot of rebooting the router. i don't know whether it was that, but while trying different snmpd-binaries i had noticed that they weren't reloaded on every snmpd-start, but rather it appeared as though they had been cached after the first time they were executed. this step probably didn't do anything.

i then took a look at the configuration file inside of dd-wrt's .ipkg-package. as described in an earlier posting, i'd already tried using the .conf file with the snmpd executable supplied here, but didn't get it working. this time however, everything went smoothly. STG immediately got a response, albeit an erroneous.

here's the snmpd.conf i got and used:

Code:

com2sec  ro  default    public
com2sec  rw  localhost  private

group  public   v1   ro
group  public   v2c  ro
group  public   usm  ro
group  private  v1   rw
group  private  v2c  rw
group  private  usm  rw

view  all  included  .1

access  public   ""  any  noauth  exact  all  none  none
access  private  ""  any  noauth  exact  all  all   all

and this is the syslog entry when using the -s switch while starting snmpd:

Code:

Jan 21 20:54:43 superrouter daemon.info snmpd[361]: NET-SNMP version 5.0.9

additionally, i used snmptest to get a correct OID, that's what it gave me:

i've got my green OID set to "1.3.6.1.2.1.2.2.1.16.7" and my blue OID1 set to "1.3.6.1.2.1.2.2.1.10.7". everything is working correctly.

i hope this is helpful to someone in the future. once again: big thanks to you, bokh, for your howto.

You're welcome, I'm really glad to hear both!

However, I'm not completely sure if my binary was from OpenWRT or DD-WRT, but with the -s option I get the exact same output and version: NET-SNMP 5.0.9. No warnings too.
So are you using the SNMPd I mentioned in the HOWTO or a different one?
I think it is strange it needs to have a different config, but maybe it's possible it's a hardware-issue. I run mine on a WRT54GL v1.1 BTW.

based on the changed conf file you posted above these are the log entries I received:

Jan 21 17:20:20 dgsworld01 daemon.err snmpd[4885]: /cifs1/sbin/snmpd.conf: line 11: Error: bad SUBTREE object id
Jan 21 17:20:20 dgsworld01 daemon.info snmpd[4885]: NET-SNMP version 5.0.9

bokh: same router. i think your binary is from the openwrt repository, the dd-wrt binary along with others wouldn't work for me.

digitalgeek: try doing the following: delete both of the files from your windows share. then reboot your tomato. re-download the server daemon binary into your share and recreate the conf file i posted above. ssh or telnet to your box and start it via /cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf. check your log. that's the way i got it working.

Using an old thread here so I apologize.

I tried using instructions from bogderpirat's blog but I get the same error as digitalgeek's except my error is on Line 8.

I have a WRT54G v2 running on 192.168.1.2.

Please, post your snmpd.conf - I suppose the error is in line 8 of that file...

com2sec ro default public
com2sec rw localhost privategroup public v1 ro
group public v2c ro
group public usm ro
group private v1 rw
group private v2c rw
group private usm rw
view all included .1 <-------------- line 8 basically the same error as digitalgeek's
access public “” any noauth exact all none none
access private “” any noauth exact all all all

Well, I can't help you here.
Simply because that specific option won't work in the WRT-specific SNMPd-version, it's best to delete the line... It's of no use anyway, one way or another.

Remember: Tomato is not running on a full blown PC with Linux and all the libraries installed. Hence, some functionality we're used to on Linux / BSD / Unix, isn't available.

I try deleting that line then. For the record I have no idea what that thing does as I'm a linux newb.

[EDIt] Now it starts with no error but the SNMPtester still fails and get nothing.

Scanning Interfaces
2007/4/1 11:57:15 (13 ms) : GetOIDList
2007/4/1 11:57:15 (19 ms) : Create List

Found interfaces:
<Nothing>

Once more here is my snmpd.conf:

Code:

com2sec public  default   public
group public  v1   public
group public  v2c  public
group public  usm  public
view all  included  .1
access public  ""   any  noauth    exact all    all   all
syslocation town, country
syscontact foo@bar.net
sysservices 15

Turns out I'm using the same "view all"-line without any error caused...
I'm far from a Linux-n00b (in fact I've been a Unix-admin for years), but SNMP is still somewhat higher mathematics to me! Read a HOWTO or three on the subject might enlighten us.
In the meantime, give the above config a try, and change the syslocation and -contact to yours.

A guy on my net is downloading a big file that can't be resumed so I KILL'ed the current snmpd which is no good and restarted with "/cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf &"

Still no good but the odd thing is "cat /var/log/messages | grep -i snmpd" shows the only entry:
"Apr 2 23:04:13 Router daemon.info snmpd[5251]: Received TERM or STOP signal... shutting down..." when I killed the origional. So with the new script it's showing no errors and no nothing. Won't be able to reboot router for at least 3 days. Schoold holiday starts this Friday so I'll try some reading on SNMP. Current google results looks rather arcane though.

Giving up for now as this isn't that critical, hopefully proper SNMP get included into official someday.

No errors is good! :wink:
But when I start my SNMPd with command "/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf -s"
(note the "-s" is at the end - not sure if that makes any difference) it get these notifications in my logfile:

Code:

Mar 19 18:37:26 linksys snmpd[245]: Creating directory: /tmp/snmp-persist
Mar 19 18:37:26 linksys snmpd[245]: NET-SNMP version 5.0.9

"view all included .1" again. bah...

I've done some testing here too and can't reproduce the error.
You're using the SNMPd from my site, right? And you're on a WRT54GL v1.1 too, right? I'm too puzzled so far! Delete the darn line and see if it works without...
Then test form a Unix- or Linux-system with this command:

Code:

# snmpget -c public -v 1 192.168.1.2 hrSystemUptime.0

The output will look like this:
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (119060846) 13 days, 18:43:28.46

Or from a Windows-machine with "Getif": http://www.wtcs.org/snmp4tpc/getif.htm

WRT54G v2 with latest Tomato like I said last page. But it shouldn't matter right?!

"# snmpget -c public -v 1 192.168.1.2 hrSystemUptime.0
-sh: snmpget: not found"

hey, i've only skipped over the postings and i'm not entirely sure, but i'd like to utter the speculation that in fact you should do a reboot.

thing is that apparently, anything that gets read off a cifs share is being cached somewhere - maybe in RAM, and will hence not be loaded from the share itself again after you have changed it. you can easily see that by installing a network monitor on the machine you're running your cifs share on and looking whether you get 700-odd kbytes of traffic while you start the snmpd. after a reboot, this will occur. when killing the process and restarting it, it won't.
the only way to circumvent this is a reboot of the box. however, what you can also do (as you're not altering the snmpd-binary itself) is to save the altered (the view-line removed) config file under a different name and load that file with the -c switch. that will make sure that it's loading the config file you want, and not an old cached version of the snmpd.conf file.

also: what kind of editor are you using to save that file? perhaps there's some idiotic issue, like weird word wrapping, dos line breaks or something similar which the binary doesn't like. i personally pasted the contents of the config-posting i made on page 1 via telnet into a file using echo, like such:

Code:

echo "<paste>">/cifs1/bin/snmpd.conf

. maybe you can try this and see whether it works out.

obviously, the best way of really making sure you have reproduced the exact settings that bokh and i use to get it working successfully, would be to reset the router every once in a while, in order to clear the ram. at least that's what helped me.

hth,
bog

I used notepad to save the script that I ctrl-c'ed straight from the web page.

Different error this time. I guess this is progress?

I can now get snmpd to launch without error... although I do not see the line in the example above [Creating directory: /tmp/snmp-persist]

when I try to run getif or snmpd tester I get time out errors (getif says no SNMP respose from 192.168.1.1)

here is my config...
com2sec ro default public
com2sec rw localhost private
group public v1 ro
group public v2c ro
group public usm ro
group private v1 rw
group private v2c rw
group private usm rw
access public "" any noauth exact all none none
access private "" any noauth exact all all all
syslocation town, country
syscontact foo@bar.net
sysservices 15

Thats the same point I reached before, where although there are no longer errors the SNMP server still doesn't work.

bokh can you provide your script as a file just the way you used it? It may have something to do with space or what not getting lost from copying.

hey, that reminds me an awful lot of this posting.
would you mind trying this config?

also: when doing en echo "">xyz, you'll have to escape (put backslashes "\" in front of) any quotation marks that occur within the paste. which would make the "access"-lines the following:

It's ALIVE, ALIVE!!!

But I don't have a ppp0

The script's /n's show up as black blocks in Notepad, I guess it was the formatting that was doing it. For future reference that guide should recommend ppl adding script through echo.

hey, glad you got it working.

how are you accessing the internet? i'm guessing the ppp sensor will only turn up if you're using some sort of ppp-dialup, i.e. when using DHCP or something similar you won't have that device.

you can alternatively use vlan1 for internet-bandwidth monitoring, so long as you "get" the internet from the WAN-jack. see here for the device naming of the wrt-devices: http://www.dd-wrt.com/wiki/index.php/SNMP#Bandwidth_Monitoring_via_SNMP

Ah ok.

I use DHCP and the WAN is connected to a modem-router in ppp half bridge. vlan1 works for me anyway.

Any other data type that can be monitored? CPU/ram load etc of individual ports? yeah I'm getting greedy here. That DD-wrt page list sever other but would they work with tomato? I'm at school right now so can't test. If they work they would have showed up during the scan right?

Good it works!
But you never used a Unix-like editor (e.g. "vi", "vim" or "ee") to create the snmpd.conf??! Just curious...

this line:
view all included .1

causes this error:
/cifs1/sbin/snmpd.conf: line 14: Error: bad SUBTREE object id


I also received the following message in my log:
snmpd[3047]: Server Exiting with code 1

I have looked at the how to blog and followed the instructions... I copied the .conf file and still can't get it to cooperate...

I have just read regarding the use of notepad to create the .conf... so I have create the .conf from the SSH shell and successfully started snmpd with the .conf sugested above....


but snmptest still returns no interfaces...

I rarely use linux. And when I do it's doing C project from school using Ubuntu with nedit.

Here's the conf I use, remember to take out the .txt

i've only toyed (that a lot though) with linux, never regularly used it. i don't like vi too much, as it's hard to get accustomed to. i prefer nano, which is in my opinion a lot more straight forward.


digitalgeek: just to make sure, you have:
- used snmp version = "SNMP V2c" in the options of snmptest?
- got port="161", community="public" and [o] "scan available interfaces"?
- not soft- nor hard-firewalled your pc from the router which might be blocking port 161?

if that is so, what does snmptest post when running the test?

Thanks... that did it...

it found the interfaces...

Guys... I have a new problem which I was wondering if you guys might be able to share some insight into...


daemon.err snmpd[2938]: Error opening specified endpoint "udp:161"
daemon.err snmpd[2938]: Server Exiting with code 1

Yeah, that looks familiar here (too).
Nothing to worry about as long as SNMPd keeps up and running.

Just to jump onto this topic months later, but I am interested in SNMP for tomato. Does it do per MAC address or IP bandwidth monitoring?

If not, is there a solution to recording bandwidth per MAC address or IP on the WRT54GL?

Cheers

This how to on tomato for monitoring is all good and i have it working on a few devices but when you are installing 5-7 clients a week with tomato on it becomes a bit of a pain to install the file on each device can it realy be that difficult to install it in to it like it is on dd-wrt ?

Finally, I found the root cause of the error "Error: bad SUBTREE object id "...

Just vi snmpd.conf and delte all "^M" in the end of each line.

Hi all,

first of all special thanks bokh for this thread
and to others for the following contributions and feedbacks.

bokh, I am really interested by this feature and I have, sorry for that, a bit of an off topic question. sorry :frown:
I have a Synology running on my LAN and would like to use it as a host for
monitoring what goes on. Cacti combined with syslog pluggin and a syslog
process to catch traps from my 54GL seems like a complete solution.
As I understand, what you describe is installing a snmp daemon on a host
to monitor the WRT54Gx.
- what is the purpose of starting it from the WRT54Gx (step [8]) (and mounting a cifs location) ?
- it seems snmp (net-snmp) can be installed with Cacti. how does this relates to, could come in place of, your proposition ?

many thanks for your help

Yes, I wonder what it would take to get SNMPd to work internally to the box, similarly to dd-wrt?

With the magic that Mr. Roadkill is displaying in other threads, I wonder if he'd be the right person to point us in the correct direction.

John

wow, complicated stuff

all of this is very interesting. I'm a super newb and trying to understand it is incredibly difficult.

I was using dd-wrt for years up until a couple of days ago when I thought I'd try out tomato for it's lack of bloat and bandwidth monitoring capabilities. But now I want MORE!

I've got Wallwatcher installed and capturing data from the syslog but what I really want to is run this 'snmp' thingamabob on my WRT54G Tomato and monitor the info using Cacti from a windoze machine.

Unfortunately, my knowledge or snmp and cacti is slim. I'm having trouble even making sure I have the correct settings after installing the windows snmp component. I started trying to follow bokh's how to but for example I'm stuck at:

"[9] test SNMP from the machine you're going to monitor from:
Code: snmpwalk -c public -v 2c <IP-address of the WRT54>"

because I don't know how to test SNMP from my windoze machine. Is it command line? Using this ssh thingy (which I don't know how to use yet either, 'sigh')

Is there anything out there that can teach a newb step by step how to implement this? Any tutorials that start with enabling snmp on my windows box and then work from there. I'm a newb but pretty savvy. I've tried searching a lot in the last few days and can't get my head around the whole thing.

Nice work you're all doing though, I just want to be able to do it too!

hoplite

@hoplite21: Don't try to run before you can walk!

As a Unix-guy I wouldn't even try to get Cacti running on Windows. But maybe it could be pretty easy once you've got XAMPP installed.
On Windows there is SNMP Traffic Grapher (URL: http://leonidvm.chat.ru/), with which you can probe the Tomato WRT. Give it a try.
I don't have the specific Linksys-configfile at hand now, but if you're having troubles with this, I can post it here at a later time. Success!

Thanks for this HOWTO, bokh. I've added SNMP to my two tomato based routers and am using Cacti on an Ubuntu 8.04 box to monitor them.

hey rickh57,

would you mind sharing your cacti configuration regarding the tomato boxes with me? i cannot, for the love of god, get this software to work.

thank you.

Cacti should have no problem finding your WRT54 with SNMPd as long as you use the right options (security, community, PHP with SNMP compiled, etc.).
I use this simple script to check if SNMPd is responding on the WRT (gives the uptime):

$ ./snmpget.sh 192.168.1.1

==> Probing for system's uptime through SNMP:

HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (174212696) 20 days, 3:55:26.96

Code of the script:
<--- Cute here --->
#!/bin/sh

echo
echo " ==> Probing for system's uptime through SNMP:"
echo

#snmpget -c public -v 1 $1 1.3.6.1.2.1.1.3.0
snmpget -c public -v 1 $1 hrSystemUptime.0
<--- Cute here --->

I didn't do anything special to get Cacti to poll my routers once I got SNMP installed on them.

hi, is there any site that explains about the config file?
I'm trying to understand it in order to read the things i want but not everything.

can anyone give me a kick start direction ?

----------------- never mind ---------------------
i found a site http://www.snmpview.de/snmpd_conf.php
and i'm going to look through it.

Cheers

No more crashing when doing a full snmpwalk, thanks to a newly compiled SNMPd by Rodney (aka "rhester72")!

Both of my download links now point to the new SNMPd / snmp.conf - PLEASE UPGRADE!

Excellent news! Thanks bokh and rhester72 :clap:

Just wanted to say that the binary works great.

I found some additional (unimportant but still useful) variables for the snmpd.conf file.

sysname WRT54G
syslocation Network Cabinet
syscontact Contact Name

Haven't found any documentation for more...

It seems that the SNMP OID differ from router to router and model to model, so you'll definately want to use something like Getif ( http://www.wtcs.org/snmp4tpc/getif.htm ) if you're on Windows to find your router's OIDs.

-sh: /cifs1/sbin/snmpd: not found

Hi all.
I've recently installed tomato onto my WRT54GL and I'm well impressed. It's inspired me to continue tinkering with my netork and I'm trying to get SNMP working (to use Wallwatcher on my Windows machine).
I've been following Julians techblog (http://jultech.wordpress.com/2007/01/22/wrt54gl-tomato-firmware-and-bandwidth-monitoring-via-snmp-2/) and I've successfully enabled SSH on the router and I can talk to it using PuTTy. So far I have downloaded the SNMP zip file(from the location in this thread), expanded it, and edited the snmp.conf file (not an easy task but I think I've cracked it using Textpad). However every time I try to run the command "/cifs1/sbin/snmpd -s -c /cifs1/sbin/snmpd.conf &" (ignoring quotes of course), or alternatively the command "/cifs1/sbin/snmpd -c /cifs1/sbin/snmpd.conf &" posted in this thread, I get the response "-sh: /cifs1/sbin/snmpd: not found" which doesn't seem right as the previous commands have successfully created a folder on the cifs1 share, and expanded the file into that folder and I can see the file in the folder to confirm my success. What am I doing wrong?
Skipping the editing of the snmp.conf file gives the same result, if this is of any use, and the only observation I had was the md5 checksum was different to that posted in Julians blog but I'd have though it would have reported a file error and not that it was missing.
p.s. I'm a Linux/SSH/SNMP noob

On you Administration / CIFS Client page on the WRT....does it show any figures next to "Total / Free Size"? if not I suspect your CIFS hasn't mounted. Include the domain or workgroup name that the server/workstation hosting the share is a member of. The only box that should be empty in the CIFS client set up is "Excecute When Mounted".

I've got 232.88 GB / 57.84 GB shown.
I'd left Domain blank as I thought it wasn't a Windows thing - foolish me

I've entered the Domain and it's working now (odd how part of my SSH-ing worked) - many thanks indeed

the md5 doesn't fit because the binary has been updated recently. i'll adapt the blogpost accordingly.

I've added the new MD5 for the new "snmpd" in the first post accordingly:
MD5 (snmpd) = ae0d622648efdb8dceb7b3b5a63e23ac

Also my IP-address (not the hostname) has changed last week
It's now 80.101.176.242 (instead of 213.84.72.169).

'sleep 30' shouldn't be necessary anymore, because its in the fw script, am I right?

I'm not sure about that. In fact: I've raised it to 60 some time in the past and it works like it's supposed to be, so I don't really care about it.

External Access

Is there a way for me to open the right ports on the firewall only to one computer so that I can access the snmp from a computer on a wan address? I don't have a linux box on the inside network of the router, but I do on the wan. Any help would be appreciated. When I nmap, I can't seem to get the port to be opened. Thanks for your help.

should be port 161/162 UDP. simple port forward rule to 192.168.1.1 or whatever you set your tomato's ip to should do.

Ya, that's what I thought but it did not work. I was trying to do it manually as well with iptables, but I can't figure it out.

I have been reading a lot about getting SNMP to Tomato and this is probably the most detailed instruction I've found so far.
I have a quick question.
By using that command, doesn't that mean that every time the router starts up it will look for snmpd and snmpd.conf over the network?
...or it gets loaded on nvram the first time it gets launched?

thanks

You lost me at mounting a cifs share on the Windows system, honestly.

I have a network of 5 identical IBM quad-Xeon workstations (running XP Pro) in the home, routed by my trusty WRT54G v1.0, and supported by my Vonage Motorola phone box, my D-Link DI-102 packet optimizer, my Charter Cable modem, as well as 5 Adaptec Snap Server NAS boxes and 4 network laser printers.

I've been dabbling with monitoring the network more closely than just the Tomato bandwidth graphic, and would like to use something with SNMP like Spiceworks or my trusty old WallWatcher.

Problem is, none of the IBM workstations run 24/7, and I doubt the little Snap Servers can host the cifs share that is needed. (Or can they if they're just needed as a log file repository?)

So is there perhaps a walk-through on how to implement this SNMPd on Tomato? I see plenty of YouTube videos on other aspects of WRT-54G modifications and firmware setups, so maybe there's hope for somebody as non-savvy as myself?

Also, I noticed when I ran WallWatcher for a while, it really hit the little WRT-54G v1.0 hard, bogging it down and creating a ton of log entries. Would SNMP monitoring on the early model WRT-54G perhaps be too much for its dated hardware?

If these Snap Servers support CIFS that should be no problem. What I see on the net they do. The newer versions that is. What's your specific type of hardware?

The SNMP-daemon runs on the Tomato / WRT54G over the CIFS-share and has little overhead on the little router itself. The 2 files (snmpd and snmpd.conf) take up less than 1MB on a (CIFS-)filesystem.

WallWatcher however can (indeed) be heavy on resources but it has nothing to do with SNMP (syslog it is).

FYI: a walkthrough is in the opening post. Unless you look for a different approach...

Oh, they're old, alright!

I currently have 2 each SnapServer 1000 models, and 3 each SnapServer 1100 models in the fleet. I "fell into" them via a GSA/DRMO auction a few years ago, upgraded the hard drives, and planned on making one or two of them FTP servers so I could retrieve files from work, or at family locations. They actually have internal FTP/HTTP setup capability, but I want to make them accessible through my WRT-54G v1.0 and Tomato without resorting to a DMZ configuration. Monitoring them and the workstations on the home network through an SNMP link would be the icing on the cake, I could make use of Spiceworks, etc.

Hi.

I've been using SNMPd for quite a while now, but recently I've been stumbling over a weird behaviour of Tomato.

Here's a pic to illustrate the problem:


Upon booting, the order of the interfaces SNMPd discovers is like this (the "Before"-section).

But when I change a setting like Wireless, the order is changed (the "After"-section).

It's rather annoying, because this also changes the OIDs for monitoring the vlan1-speed and similiar.

Since I figured that going through all of the Tomato-source to change the interface-initialization would be quite a chore, I wondered, if any of you guys know of a way to limit the monitoring of SNMPd to only one specific interface (vlan1 in my case), either with snmpd.conf or with a commandline-parameter.

Is anyone here using SNMP with Mac OS X? I've recently flashed my router with Thor's mod containing SNMP but am wondering...

1. What sort of things could I use SNMP for that I can't get from the Tomato Web Interface?
2. Does anyone know a good SNMP manager software for Mac to connect to Tomato's SNMP daemon and display information in a nice graphical way?

Cheers.

hey guys,
i wasn't sure whether this warranted a new thread, and didn't know whether someone had already accomplished this, so i decided to post it in here.

i have successfully compiled and tested a smaller snmp daemon binary.

here's the upside:
- compared to the previous version, it requires next to no configuration on the server side
- filesize is only ~115KiB compared to the previous monster of ~920KiB
- size in ram is only a lousy 140KiB compared to a whopping previous 2.7MiB (that is VSIZE)
- if a network interface disappears (i.e. ppp0 while you have your scheduled reconnection), it doesn't make clients error out, but returns "0" on polled OIDs. this effectively stops snmptrafficgrapher from erroring out somtimes.

and the (surmountable) downside:
- client configuration is a bit more tricky. but we'll get to that.


i took the sources from the link above and compiled them using the toolchain contained within the tomato-RT git tree (kudos to teddy_bear for putting them in there and making life easy), specifically ./tomato/tools/brcm/K24/hdntools-mipsel-uclibc-4.1.2/bin/mipsel-uclibc-gcc.

you can download the resulting binary here (~115KiB, md5: d58b35bf5c8ea5f5d617fc4e69f67a96).

Configuration
as i'm assuming people mostly use snmpds for bandwidth tracking, i'll only cover that part of the binary's functionality.
configuration is done via command line. the commands can be viewed by (after putting the binary on your router - methods are covered earlier in this thread) doing

Code:

./mini_snmpd --help

as we want to track network interface traffic, we'll have to input at least one network interface (multiple ones are separated by commas) using the -i switch. pppoe users will want to use ppp0 whilst the dhcp'd-wan guys will want to use vlan1 as a parameter.
to get going, we have to do the aforementioned (somewhat nasty) client configuration, which consists of finding out correct OIDs to the data we want. for network traffic, this is simple. open two telnet/ssh connections to your router. in one of them, do the following (change ppp0 to what applies):

Code:

./mini_snmpd -i ppp0 -v

this will output verbose debug data (essentially spits out all discovered OIDs).
quickly afterwards type this into the second terminal:

Code:

ifconfig ppp0

this will present an output like such:

Code:

# ifconfig ppp0
ppp0       Link encap:Point-to-Point Protocol
           inet addr:1.2.3.4  P-t-P:1.2.3.4  Mask:255.255.255.255
           UP POINTOPOINT RUNNING MULTICAST  MTU:1492  Metric:1
           RX packets:4057326 errors:0 dropped:0 overruns:0 frame:0
           TX packets:3648062 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:3
           RX bytes:4061296891 (3.7 GiB)  TX bytes:2119727308 (1.9 GiB)

memorize (or write down) the large numbers after RX bytes and TX bytes. now go back to the first terminal that is running the snmp daemon verbosely and look through the listed OIDs' "data='xxx'" values. where the number looks similar to that from the ifconfig RX (receive/download) and TX (transmitted/upload) outputs, write the value of "oid='xxx'" down.
those two are the two oids you can use in conjunction with a program that polls snmp data, like snmptrafficgrapher, cacti, or anything else that runs on rrdtool or is mentioned in this thread.

BTW, on my WRT54GL running victek's tomato RAF, the ppp0 interface had OIDs
.1.3.6.1.2.1.2.2.1.16.1 for upstream and
.1.3.6.1.2.1.2.2.1.10.1 for downstream.

actually running the daemon can be automated using the methods provided in this thread and adding the line

Code:

./mini_snmpd -i ppp0 > /dev/null 2>&1 &

into the startup (or wan-up) script.

i'd also like to share this nifty little script i've written to start the binary. it grabs the binary from a web server (you'll have to upload it somewhere and replace the url to it) if needed whenever your wan interface comes up and starts the daemon:

Code:

if [ -z $(pidof mini_snmpd) ] ; then
  if [ ! -f /tmp/mini_snmpd ] ; then
    wget http://some.server.com/mini_snmpd -O /tmp/mini_snmpd
    chmod +x /tmp/mini_snmpd
    logger -p 5 "SNMPD: acquired binaries"
  fi
  /tmp/mini_snmpd -i ppp0 > /dev/null 2>&1 &
  sleep 2
  logger -p 5 "SNMPD: started with pid: $(pidof mini_snmpd)."
else
  logger -p 5 "SNMPD: already started, resting."
fi

place this in the WAN Up scripts part of the administration and save it.

Thanks for the inspiration. I've done the same now to recompile libpcap and knockd for "next-gen" Tomato and it came out to less than 50% of the legacy Tomato compile (even when both are stripped!). Good job!

I've also adopted your mini-snmpd (I honestly only use it to check uptimes) and am extremely pleased with the results.

Rodney

One quick caveat about any snmpd on Tomato (that I just noticed during testing)...

Be very careful not to start (mini-)snmpd until *after* Tomato has properly set the clock via NTP if you care about uptime exposed via SNMP. If you don't, you'll end up with very impressive and extremely unrealistic uptimes as seen by SNMP. Looping until `date +%Y` -gt 2000 before starting snmpd seems to do the trick quite nicely.

Rodney

I´m sorry for digging up such an old topic... but since I've upgraded to Tomato Firmware v1.28.8749 ND USB vpn3.6 (Before I was using just the regular Tomato), my snmp deamon is not working anymore...

Yes, the cifs-location is mounted correctly again, and the binary and config file are still the same as before, when it used to work...
However, when I try to run snmpd from the shell, it will just do nothing. No process will start (or so it appears), and no entry in the log. Not even an error... If I run it with all debugging, verbose and logging options on, I will get the following error:

Code:

root@elcamino:/cifs1/snmp# /cifs1/snmp/snmpd -c /cifs1/snmp/snmpd.conf -s -D -V
-L
root@elcamino:/cifs1/snmp# /cifs1/snmp/snmpd: can't resolve symbol 'isspace'

I´m out of inspiration what to do... hopefully someone has more ideas thanks in advance!

Oh and by the way... I'm using a Asus WL500GP. And yes, it used to work before the upgrade!

Tried mini_snmpd already?

Chillout, you're missing a dynamic library dependency (you have the library, but it is missing a required function). Where did you get your snmpd binary?

Rodney

Chillout, rhester72 I tried installing snmp on my WRT54G Tomato and am running into the exact same error:

root@tomato:/cifs1/snmp# /cifs1/snmp/snmpd -c /cifs1/snmp/snmpd.conf -s -D -V -L
root@tomato:/cifs1/snmp# /cifs1/snmp/snmpd: can't resolve symbol 'isspace'

I am running on firmware 1.28.7616 -Toastman ND Std. Search google just turns up this forum. Is it possible to add this 'required function' or file that is missing?
Could someone share / email their 'isspace' required function file?

What firmware versions are you guys successfully running on?

I am using Tostman firmware due to being able to restrict bandwidth by IP/MAC.

Thanks

Count me in at my thread

http://www.linksysinfo.org/index.php?threads/tomato-1-27-bandwidth-monitoring-using-snmpd.35823/

Please update all of us if anyone found a solution

Hi.

I have built a distrib for tomato (both based on the standard and tomatousb-rt) that includes snmp as well as a GUI to configure it... I've had this for years. Much simpler than anything ive read in this thread so far...

Well I am using Tomato Firmware v1.28.8754 ND USB vpn3.6 (usually the biggest version with all the extras) on Linksys WRTSL54GS. This is because I have also configured VPN to connect to my home from any place I am commuting.

Do you think you have made a working version with VPN functionality as well.

We would really like to see or test the versions made by you with SNMPd functionality if you can share them.

Thanks.

Hi

I have...

It includes PPTP VPN support as well and OpenVPN (including various fixes to OpenVPN and support for username/password authentication)

However, I haven't built it for the WRTSL54GS, I've only built it for WRT54GL (no USB) and MIPSR2 machines (with USB)... I would have to build it... unless you don't mind building it yourself.

IF you want the standalone snmp exe, I can extract it easily (which would have none of the issues I've read here). The standalone snmp is 941988 bytes.

Edit: I've built K26 series for MIPSR1 and MIPSR2 there:
http://www.avenard.org/wrt54-tomato/tomatoUSB/

Edit: I've removed the MIPSR1 built, I've bricked my WRT54GL device with it...

Well,

I am a complete noob in that, so I cannot build any new builds myself. Would have to need your help in that.

Would really appreciate if you can build the image for WRTSL54GS and post it, I am not sure it MIPSR1 or MIPSR2 , so I would not risk bricking it with the wrong build type.

Thanks for your co-operation.

You should get the Toastman build... this version http://www.4shared.com/file/4wEdNWp-/tomato-NDUSB-12876281-Toastman.html has snmp + OpenVPN and will load on your device...