[prev in list] [next in list] [prev in thread] [next in thread]
List: jffnms-users
Subject: RE: [jffnms-users] Not Discovering Cisco Interfaces ... WORKING
From: Javier Szyszlican <jszysz () yahoo ! com ! ar>
Date: 2003-01-17 18:48:24
[Download RAW message or body]
Hi Aaron,
--- Aaron Monfils <amonfils@paxclearing.com> wrote:
> Ok, summary of findings...
>
> System & Software Summary
> =========================
> - Pentium III 866 MHz w/512M
> - freebsd-4.7-p3 (cvsup)
> - mysql-3.23.52 (from ports, I was lazy)
> - apache-1.3.27 (from source)
> - php4.3.0 (from source)
> - php4-rrdtool-1.03 (from source)
I'll recommend not to use this module, JFFNMS will use
the rrdtool binary... the module is known to work bad
on some situations and is not mantained AFAIK...
> - rrd-tool-1.0.40 (from source)
> - ucd-snmp-4.2.6 (from souce, net-snmp-5.x won't
> work!)
This is true... is a BUG in PHP,
http://bugs.php.net/bug.php?id=20857
There is a patch there... but I haven't tested it...
> - jffnms-0.6.9
Please apply the patch to 0.6.9-2
>
> apache-1.3.27
> =============
> ./configure --enable-module=so
> --enable-module=rewrite --prefix=/usr/local
> --sbindir=/usr/local/sbin \
> --sysconfdir=/usr/local/etc/apache
> --datadir=/usr/local/www
> --runtimedir=/var/run --logfiledir=/var/log/apache
>
> php-4.3.0
> =========
> ./configure --with-apxs=/usr/local/sbin/apxs
> --with-gd --with-png
> --with-mysql --with-rrdtool=/usr/local \
> --with-readline --with-zlib-dir=/usr/local/lib
> --enable-sockets
> --with-snmp=shared,/usr/local \
> --with-config-file-path=/usr/local/etc
> --enable-ucd-snmp-hack --with-openssl
This will only compile the Apache module, no the CLI.
>
> php4-rrdtool-1.03.tar.gz
> ========================
> - get from the rrd website
>
(http://people.ee.ethz.ch/~oetiker/webtools/rrdtool/pub/contrib/php4-rrdtool
> -1.03.tar.gz) and put in your source tree for php
> (php-4.3.0/ext/rrdtool).
> This will replace the existing contents. From the
> php-4.3.0 source root, do
> the buildconf (you may have to install updated
> autoconf and automake
> tools).-
>
> php.ini
> =======
> extension_dir = /usr/local/lib/php/extensions
> # copy snmp.so to /usr/local/lib/php/extensions
> extension=snmp.so
> safe_mode = off
> register_globals = on
> register_argc_argv = on
> magic_quotes_gpc = off
> always_populate_raw_post_data = on
> file_uploads = on
> upload_tmp_dir = /tmp
> session.use_cookies = 0
> session.save_path = /tmp
> session.auto_start = 1
>
> rrd-tool-1.0.40
> ===============
> ./configure --enable-shared --prefix=/usr/local
>
> ucd-snmp-4.2.6
> ==============
> ./configure --enable-shared
>
> jffnms-0.6.9
> ============
> /usr/local/jffnms
>
> crontab
> =======
> */1 * * * * /usr/local/jffnms/scripts/consolidate.sh
> >/dev/null 2>&1
> */5 * * * * /usr/local/jffnms/scripts/poller.sh
> >/dev/null 2>&1
> */30 * * * /usr/local/jffnms/scripts/rrd_analizer.sh
> >/dev/null 2>&1
> */30 * * * *
>
/usr/local/jffnms/scripts/autodiscovery_interfaces.sh
> >
> /dev/null 2>&1
> 02 4 * * *
> /usr/local/jffnms/scripts/tftp_get_host_config.sh
> >/dev/null 2>&1
>
> example consolidate.sh script (replace consolidate
> with the appropriate PHP
> module)
>
============================================================================
> =======
> #!/bin/sh
> cd /usr/local/jffnms/engine
> /usr/local/bin/php -q
> /usr/local/jffnms/engine/consolidate.php
> exit
>
> Notes & Problems
> ================
> - I only had to build PHP once. It created the
> command line and the library
> simultaneously.
Maybe this is true for FreeBSD, but commonly you need
to compile it twice... maybe you already had the php
binary and because you have the snmp module as shared
when you recompiled the Apache module the PHP CLI
worked too.
> - The supplied crontab example is incorrect for
> freeBSD. I am running this
> stuff as root (I don't want to hear about the
> security aspects of this, I
> know them, hack me, my IP address is 172.18.24.51).
> I also received a bunch
> of errors when running the PHP scripts outside of
> the
> /usr/local/jffnms/engine directory. So I made some
> simple scripts (see
> example above).
I understand this... I will try to see if it can run
properly with the apache/nobody user....
I want the to know the errors you got from running the
consolidate.php as it was....
There is an option in the PHP CLI to disable the
"change to the script directory" feature (maybe is
disabled in PHP 4.3.0)... this was the default
behavior in previous versions.
> - Once you believe that you have everything setup,
> before you even bother to
> attempt to configure jffnms, hit the test page at
> http://host/admin/adm/test.php. Ensure that you see
> support for mySQL,
> RRDtool, SNMP, and Sockets. Without these, your
> configuration is broked.
The setup.php should work to allow you to see whats
not configured properly...
> - If you installed net-snmp (5.x), remove the
> net-snmp-config in
> $prefix/bin, that's the file that php configure uses
> to check whether or not
> you have net-snmp or ucd-snmp.
> - Check your various ownerships and permissions (I
> set everything to be
> owned by nobody:nobody with read/write permissions
> for owner/group).
This is good... I think this is specified in the
INSTALL
>
> Requests
> ========
> - When adding a host, allow an optoin to indicate
> it's a routerand ignore
> the TCP ports. Personally, I don't care about
> telnet/daytime/chargen/echo/discard. I would really
> prefer not to go thru
> 200 host-router entries in jffnms and remove those
> by hand. Perhaps an
> additional option would be allow a daily nmap scan
> to determine what's open
> and provide a report if something is open. Being
> able to tell that scan to
> ignore certain ports (like telnet) would be useful
> to reduce false alarms.
Ok.. I added the nmap discovery exactly for the
detection of this things... :) , maybe you are right
and we could implmente something like that.
>
> /aaron
>
>
>
Javier Szyszlican
>
> -----Original Message-----
> From: Aaron Monfils
> [mailto:amonfils@paxclearing.com]
> Sent: Friday, January 17, 2003 10:15 AM
> To: 'jffnms-users@lists.sourceforge.net'
> Subject: RE: [jffnms-users] Not Discovering Cisco
> Interfaces
>
>
> I've installed UCD-SNMP and it made no difference.
> Actualy php wouldn't
> compile because it couldn't find libnetsnmp.* ... I
> shall try again this
> morning.
>
> Also, with a correct implementation, does the every
> 30 minute autodiscovery
> pull the FULL SNMP table or is that happening right
> now because of the
> NET-SNMP 5 stuff? If it normally happens (the full
> table), it creates a lot
> of CPU load on the target router. I have an RSP8
> and I can distinctly see
> it slamming the CPU every 30 seconds like clockwork.
> I had to disable it
> (until I figure this out).
>
> /aaron
>
> -----Original Message-----
> From: Javier Szyszlican [mailto:javier@szysz.com]
> Sent: Friday, January 17, 2003 7:38 AM
> To: David Lagacé; Aaron Monfils
> Cc: 'jffnms-users@lists.sourceforge.net'
> Subject: Re: [jffnms-users] Not Discovering Cisco
> Interfaces
>
>
> Hi Aaron, David,
>
> This is true... the NET-SNMP 5 (not really the
> snmpwalk, its the libraries)
> doesnt work right with PHP.... I think there is a
> bug report in PHP about
> this...
>
=== message truncated ===
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
-------------------------------------------------------
This SF.NET email is sponsored by: Thawte.com - A 128-bit supercerts will
allow you to extend the highest allowed 128 bit encryption to all your
clients even if they use browsers that are limited to 40 bit encryption.
Get a guide here:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0030en
_______________________________________________
jffnms-users mailing list
jffnms-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jffnms-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic