function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER) { global $config, $banned_snmp_strings; $snmp_oid_included = true; $snmp_auth = ''; $snmp_array = array(); $temp_array = array(); /* determine default retries */ if ($retries == 0 || !is_numeric($retries)) { $retries = read_config_option("snmp_retries"); if ($retries == "") { $retries = 3; } } /* determine default max_oids */ if ($max_oids == 0 || !is_numeric($max_oids)) { $max_oids = read_config_option("max_get_size"); if ($max_oids == "") { $max_oids = 10; } } /* do not attempt to poll invalid combinations */ if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == "" && $version != 3) { return array(); } $path_snmpbulkwalk = read_config_option("path_snmpbulkwalk"); if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), "5.1") >= 0 || !file_exists($path_snmpbulkwalk))) { /* make sure snmp* is verbose so we can see what types of data we are getting back */ /* force php to return numeric oid's */ if (function_exists("snmp_set_oid_numeric_print")) { snmp_set_oid_numeric_print(TRUE); } if (function_exists("snmprealwalk")) { $snmp_oid_included = false; } snmp_set_quick_print(0); if ($version == "1") { $temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries); } elseif ($version == "2") { $temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries); } else { if ($priv_proto == "[None]" || $priv_pass == '') { $proto = "authNoPriv"; $priv_proto = ""; } else { $proto = "authPriv"; } $temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries); } if ($temp_array === false) { cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false); } /* check for bad entries */ if (is_array($temp_array) && sizeof($temp_array)) { foreach ($temp_array as $key => $value) { foreach ($banned_snmp_strings as $item) { if (strstr($value, $item) != "") { unset($temp_array[$key]); continue 2; } } } } $o = 0; for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) { if ($temp_array[$i] != "NULL") { $snmp_array[$o]["oid"] = preg_replace("/^\\./", "", $i); $snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included); } $o++; } } else { /* ucd/net snmp want the timeout in seconds */ $timeout = ceil($timeout / 1000); if ($version == "1") { $snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community); /* v1/v2 - community string */ } elseif ($version == "2") { $snmp_auth = read_config_option("snmp_version") == "ucd-snmp" ? snmp_escape_string($community) : "-c " . snmp_escape_string($community); /* v1/v2 - community string */ $version = "2c"; /* ucd/net snmp prefers this over '2' */ } elseif ($version == "3") { if ($priv_proto == "[None]" || $priv_pass == '') { $proto = "authNoPriv"; $priv_proto = ""; } else { $proto = "authPriv"; } if (strlen($priv_pass)) { $priv_pass = "******" . snmp_escape_string($priv_pass) . " -x " . snmp_escape_string($priv_proto); } else { $priv_pass = ""; } if (strlen($context)) { $context = "-n " . snmp_escape_string($context); } else { $context = ""; } $snmp_auth = trim("-u " . snmp_escape_string($username) . " -l " . snmp_escape_string($proto) . " -a " . snmp_escape_string($auth_proto) . " -A " . snmp_escape_string($password) . " " . $priv_pass . " " . $context); /* v3 - username/password */ } if (read_config_option("snmp_version") == "ucd-snmp") { /* escape the command to be executed and vulnerable parameters * numeric parameters are not subject to command injection * snmp_auth is treated seperately, see above */ $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -v{$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} {$snmp_auth} " . cacti_escapeshellarg($oid)); } else { if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) { $temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid)); } else { $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option("path_snmpwalk")) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid)); } } if (substr_count(implode(" ", $temp_array), "Timeout:")) { cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false); } /* check for bad entries */ if (is_array($temp_array) && sizeof($temp_array)) { foreach ($temp_array as $key => $value) { foreach ($banned_snmp_strings as $item) { if (strstr($value, $item) != "") { unset($temp_array[$key]); continue 2; } } } } for ($i = 0; $i < count($temp_array); $i++) { if ($temp_array[$i] != "NULL") { $snmp_array[$i]["oid"] = trim(preg_replace("/(.*) =.*/", "\\1", $temp_array[$i])); $snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true); } } } return $snmp_array; }
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $method = SNMP_VALUE_LIBRARY, $environ = SNMP_POLLER) { global $config, $banned_snmp_strings; $snmp_oid_included = true; $snmp_auth = ''; $snmp_array = array(); $temp_array = array(); /* determine default retries */ if ($retries == 0 || !is_numeric($retries)) { $retries = read_config_option('snmp_retries'); if ($retries == '') { $retries = 3; } } /* do not attempt to poll invalid combinations */ if ($version == 0 || !is_numeric($version) || !is_numeric($max_oids) || !is_numeric($port) || !is_numeric($retries) || !is_numeric($timeout) || $community == '' && $version != 3) { return array(); } $path_snmpbulkwalk = read_config_option('path_snmpbulkwalk'); if (snmp_get_method($version) == SNMP_METHOD_PHP && (!strlen($context) || $version != 3) && ($version == 1 || version_compare(phpversion(), '5.1') >= 0 || !file_exists($path_snmpbulkwalk))) { /* make sure snmp* is verbose so we can see what types of data we are getting back */ /* force php to return numeric oid's */ cacti_oid_numeric_format(); snmp_set_quick_print(0); /* set the output format to numeric */ snmp_set_valueretrieval($method); if ($version == '1') { $temp_array = @snmprealwalk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries); } elseif ($version == '2') { $temp_array = @snmp2_real_walk("{$hostname}:{$port}", "{$community}", "{$oid}", $timeout * 1000, $retries); } else { if ($priv_proto == '[None]') { $proto = 'authNoPriv'; $priv_proto = ''; } else { $proto = 'authPriv'; } $temp_array = @snmp3_real_walk("{$hostname}:{$port}", "{$username}", $proto, $auth_proto, "{$password}", $priv_proto, "{$priv_pass}", "{$oid}", $timeout * 1000, $retries); } if ($temp_array === false) { cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false); } /* check for bad entries */ if (is_array($temp_array) && sizeof($temp_array)) { foreach ($temp_array as $key => $value) { foreach ($banned_snmp_strings as $item) { if (strstr($value, $item) != '') { unset($temp_array[$key]); continue 2; } } } $o = 0; for (reset($temp_array); $i = key($temp_array); next($temp_array)) { if ($temp_array[$i] != 'NULL') { $snmp_array[$o]['oid'] = preg_replace('/^\\./', '', $i); $snmp_array[$o]['value'] = format_snmp_string($temp_array[$i], $snmp_oid_included); } $o++; } } } else { /* ucd/net snmp want the timeout in seconds */ $timeout = ceil($timeout / 1000); if ($version == '1') { $snmp_auth = '-c ' . snmp_escape_string($community); /* v1/v2 - community string */ } elseif ($version == '2') { $snmp_auth = '-c ' . snmp_escape_string($community); /* v1/v2 - community string */ $version = '2c'; /* ucd/net snmp prefers this over '2' */ } elseif ($version == '3') { if ($priv_proto == '[None]') { $proto = 'authNoPriv'; $priv_proto = ''; } else { $proto = 'authPriv'; } if (strlen($priv_pass)) { $priv_pass = '******' . snmp_escape_string($priv_pass) . ' -x ' . snmp_escape_string($priv_proto); } else { $priv_pass = ''; } if (strlen($context)) { $context = '-n ' . snmp_escape_string($context); } else { $context = ''; } $snmp_auth = trim('-u ' . snmp_escape_string($username) . ' -l ' . snmp_escape_string($proto) . ' -a ' . snmp_escape_string($auth_proto) . ' -A ' . snmp_escape_string($password) . ' ' . $priv_pass . ' ' . $context); /* v3 - username/password */ } if (file_exists($path_snmpbulkwalk) && $version > 1 && $max_oids > 1) { $temp_array = exec_into_array(cacti_escapeshellcmd($path_snmpbulkwalk) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} -Cr{$max_oids} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid)); } else { $temp_array = exec_into_array(cacti_escapeshellcmd(read_config_option('path_snmpwalk')) . " -O Qn {$snmp_auth} -v {$version} -t {$timeout} -r {$retries} " . cacti_escapeshellarg($hostname) . ":{$port} " . cacti_escapeshellarg($oid)); } if (substr_count(implode(' ', $temp_array), 'Timeout:')) { cacti_log("WARNING: SNMP Walk Timeout for Host:'{$hostname}', and OID:'{$oid}'", false); } /* check for bad entries */ if (is_array($temp_array) && sizeof($temp_array)) { foreach ($temp_array as $key => $value) { foreach ($banned_snmp_strings as $item) { if (strstr($value, $item) != '') { unset($temp_array[$key]); continue 2; } } } for ($i = 0; $i < count($temp_array); $i++) { if ($temp_array[$i] != 'NULL') { $snmp_array[$i]['oid'] = trim(preg_replace('/(.*) =.*/', "\\1", $temp_array[$i])); $snmp_array[$i]['value'] = format_snmp_string($temp_array[$i], true); } } } } return $snmp_array; }
function cacti_snmp_walk($hostname, $community, $oid, $version, $username, $password, $auth_proto, $priv_pass, $priv_proto, $context, $port = 161, $timeout = 500, $retries = 0, $max_oids = 10, $environ = SNMP_POLLER) { global $config; $snmp_oid_included = false; $snmp_auth = ''; $snmp_array = array(); $temp_array = array(); /* determine default retries */ if (($retries == 0) || (!is_numeric($retries))) { $retries = read_config_option("snmp_retries"); if ($retries == "") $retries = 3; } $path_snmpbulkwalk = read_config_option("path_snmpbulkwalk"); if ((snmp_get_method($version) == SNMP_METHOD_PHP) && (($version == 1) || (version_compare(phpversion(), "5.1") >= 0) || (!file_exists($path_snmpbulkwalk)))) { /* make sure snmp* is verbose so we can see what types of data we are getting back */ /* force php to return numeric oid's */ if (function_exists("snmp_set_oid_numeric_print")) { snmp_set_oid_numeric_print(TRUE); $snmp_oid_included = true; } snmp_set_quick_print(0); if ($version == "1") { $temp_array = @snmprealwalk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries); }elseif ($version == "2") { $temp_array = @snmp2_real_walk("$hostname:$port", "$community", "$oid", ($timeout * 1000), $retries); }else{ if ($priv_proto == "[None]") { $proto = "authNoPriv"; $priv_proto = ""; }else{ $proto = "authPriv"; } $temp_array = @snmp3_real_walk("$hostname:$port", "$username", $proto, $auth_proto, "$password", $priv_proto, "$priv_pass", "$oid", ($timeout * 1000), $retries); } $o = 0; for (@reset($temp_array); $i = @key($temp_array); next($temp_array)) { if ((strstr($temp_array[$i], "No more") == "") && ($temp_array[$i] != "NULL")) { $snmp_array[$o]["oid"] = ereg_replace("^\.", "", $i); $snmp_array[$o]["value"] = format_snmp_string($temp_array[$i], $snmp_oid_included); } $o++; } }else{ /* ucd/net snmp want the timeout in seconds */ $timeout = ceil($timeout / 1000); if ($version == "1") { $snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? snmp_escape_string($community): "-c " . snmp_escape_string($community); /* v1/v2 - community string */ }elseif ($version == "2") { $snmp_auth = (read_config_option("snmp_version") == "ucd-snmp") ? snmp_escape_string($community): "-c " . snmp_escape_string($community); /* v1/v2 - community string */ $version = "2c"; /* ucd/net snmp prefers this over '2' */ }elseif ($version == "3") { if ($priv_proto == "[None]") { $proto = "authNoPriv"; $priv_proto = ""; }else{ $proto = "authPriv"; } if (strlen($priv_pass)) { $priv_pass = "******" . snmp_escape_string($priv_pass) . " -x " . snmp_escape_string($priv_proto); }else{ $priv_pass = ""; } if (strlen($context)) { $context = "-n " . snmp_escape_string($context); }else{ $context = ""; } $snmp_auth = trim("-u " . snmp_escape_string($username) . " -l " . snmp_escape_string($proto) . " -a " . snmp_escape_string($auth_proto) . " -A " . snmp_escape_string($password) . " " . $priv_pass . " " . $context); /* v3 - username/password */ } if (read_config_option("snmp_version") == "ucd-snmp") { $temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -v$version -t $timeout -r $retries $hostname:$port $snmp_auth $oid"); }else { if (file_exists($path_snmpbulkwalk) && ($version > 1) && ($max_oids > 1)) { $temp_array = exec_into_array($path_snmpbulkwalk . " -O Qn $snmp_auth -v $version -t $timeout -r $retries -Cr$max_oids $hostname:$port $oid"); }else{ $temp_array = exec_into_array(read_config_option("path_snmpwalk") . " -O Qn $snmp_auth -v $version -t $timeout -r $retries $hostname:$port $oid"); } } /* check for bad entries */ if ((!sizeof($temp_array)) || (strstr($temp_array[0], "End of MIB") != "") || (strstr($temp_array[0], "No Such") != "")) { return array(); } for ($i=0; $i < count($temp_array); $i++) { if ((strstr($temp_array[$i], "No more") == "") && ($temp_array[$i] != "NULL")) { $snmp_array[$i]["oid"] = trim(ereg_replace("(.*) =.*", "\\1", $temp_array[$i])); $snmp_array[$i]["value"] = format_snmp_string($temp_array[$i], true); } } } return $snmp_array; }