Re: SNMP OID resolution not working

["Crowe, Graham GP" <Graham.Crowe () bluescopesteel com>]

Removing BROTHER-MIB from the list made no difference.


Thanks

GC

-----Original Message-----
From: wireshark-users-bounces () wireshark org
[mailto:wireshark-users-bounces () wireshark org]On Behalf Of Anders Broman
Sent: Wednesday, 12 June 2013 9:15 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] SNMP OID resolution not working


Hi,
What happens if you remove the BROTHER-MIB?
Regards
Anders

-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Anders 
Broman
Sent: den 12 juni 2013 10:20
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] SNMP OID resolution not working

Sorry I missed that you already have it.
Regards
Anders

-----Original Message-----
From: Anders Broman
Sent: den 12 juni 2013 10:18
To: 'Community support list for Wireshark'
Subject: RE: SNMP OID resolution not working

Try loading
SNMPv2-MIB


-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Crowe, 
Graham GP
Sent: den 12 juni 2013 10:02
To: 'Community support list for Wireshark'
Subject: Re: [Wireshark-users] SNMP OID resolution not working


Anders,
        Thanks for the reply. Yes I have added the modules and path while working around the bug that I mentioned (see 
configuration file contents at the bottom of my post).

I have tried going into the directory and addidng it, I have also tried selecting it from the parent directory. Neither 
of these helped.


Thanks

GC

-----Original Message-----
From: wireshark-users-bounces () wireshark org
[mailto:wireshark-users-bounces () wireshark org]On Behalf Of Anders Broman
Sent: Wednesday, 12 June 2013 5:52 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] SNMP OID resolution not working


Hi,
Have you added the mibs under Edit->preferences->Name resolution->SMI (MIB and PIB) modules?
Changing the path was a bit "fiddly" you have to point to the dir not enter it I think.
Regards
Anders

-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Crowe, 
Graham GP
Sent: den 12 juni 2013 09:30
To: 'wireshark-users () wireshark org'
Subject: [Wireshark-users] SNMP OID resolution not working


I am trying to inspect SNMP packets but wireshark doesn't resolve the OID names at all.

I am running Wireshark 1.10.0 (the current download on wireshark.org for 64bit Windows). The "about" screen says "with 
SMI 0.4.8".

An example of how an OID appears is "1.3.6.1.2.1.43.5.1.1.2.1"
All the help pages I have found when searching have as a starting point the OID in the form of 
"SNMPv2-SMI::enterprise....." but mine are only showing up as numbers without any text prefix.

Nothing changes, and no errors are given when I right click on the OID and select "Resolve Name".

Also, there appears to be a bug when specifying the MIB paths. If I try to specify "C:\Program 
Files\Wireshark\snmp\mibs" then it changes it to "C:\users\username". I have copied all my MIBs to c:\mibs as Wireshark 
will accept "C:\mibs" without changing it.

I have also been through the MIBs I am interested in and added their dependencies (as well as the dependencies of the 
dependecies, and so on). It is possible that I have missed one, I guess. (I have not deleted any references to MIBs 
that were there after a default Wireshark install)

I believe that the MIBs work, as I have managed to resolve the same OIDs on a linux box with snmpwalk.

I have also played with the order of the MIBs, although I am unsure as to how this works as there appear to be some 
circular dependencies.

I have run out of things to try to get these to resolve. Is there a setting somewhere that I have missed?

Note that I am particularly interested in the Printer-MIB and the BROTHER-MIB.


Thanks

GC




---- Wireshark packet dissector output

No.     Time            Size  Source                Destination           Protocol Info
      2 19:41:25.918602 87    192.168.128.15        192.168.131.53        SNMP     get-response 1.3.6.1.2.1.43.5.1.1.2.1

Frame 2: 87 bytes on wire (696 bits), 87 bytes captured (696 bits) Ethernet II, Src: BrotherI_d9:e2:6a 
(00:1b:a9:d9:e2:6a), Dst: Netgear_76:a3:92 (00:18:4d:76:a3:92) Internet Protocol Version 4, Src: 192.168.128.15 
(192.168.128.15), Dst: 192.168.131.53 (192.168.131.53) User Datagram Protocol, Src Port: snmp (161), Dst Port: 6a44 
(1027) Simple Network Management Protocol
    version: version-1 (0)
    community: public
    data: get-response (2)
        get-response
            request-id: 201
            error-status: noError (0)
            error-index: 0
            variable-bindings: 1 item
                1.3.6.1.2.1.43.5.1.1.2.1:
                    Object Name: 1.3.6.1.2.1.43.5.1.1.2.1 (iso.3.6.1.2.1.43.5.1.1.2.1)
                    Value (Integer32): 1



-- Contents of c:\Users\username\AppData\Roaming\Wireshark\smi_paths

# This file is automatically generated, DO NOT MODIFY.
"C:\x5cmibs"



-- Contents of c:\Users\username\AppData\Roaming\Wireshark\smi_modules

# This file is automatically generated, DO NOT MODIFY.
"IP-MIB"
"IF-MIB"
"TCP-MIB"
"UDP-MIB"
"SNMPv2-MIB"
"RFC1155-SMI"
"RFC1158-MIB"
"RFC-1212"
"RFC1213-MIB"
"IPV6-ICMP-MIB"
"IPV6-MIB"
"SNMP-COMMUNITY-MIB"
"SNMP-FRAMEWORK-MIB"
"SNMP-MPD-MIB"
"SNMP-NOTIFICATION-MIB"
"SNMP-PROXY-MIB"
"SNMP-TARGET-MIB"
"SNMP-USER-BASED-SM-MIB"
"SNMP-USM-DH-OBJECTS-MIB"
"SNMP-VIEW-BASED-ACM-MIB"
"SNMPv2-SMI"
"SNMPv2-CONF"
"SNMPv2-TC"
"HOST-RESOURCES-MIB"
"IANA-PRINTER-MIB"
"IANA-CHARSET-MIB"
"Printer-MIB"
"IPV6-TC"
"BROTHER-MIB"
"SNMPv2-MIB"
"IANAifType-MIB"




NOTICE - This message and any attached files may contain information that is confidential, legally privileged or 
proprietary. It is intended only for use by the intended recipient. If you are not the intended recipient or the person 
responsible for delivering the message to the intended recipient, be advised that you have received this message in 
error. Any dissemination, copying, use or re-transmission of this message or attachment, or the disclosure of any 
information therein, is strictly forbidden. BlueScope Steel Limited does not represent or guarantee that this message 
or attachment is free of errors, virus or interference.

If you have received this message in error please notify the sender immediately and delete the message. Any views 
expressed in this email are not necessarily the views of BlueScope Steel Limited.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe



NOTICE - This message and any attached files may contain information that is confidential, legally privileged or 
proprietary. It is intended only for use by the intended recipient. If you are not the intended recipient or the person 
responsible for delivering the message to the intended recipient, be advised that you have received this message in 
error. Any dissemination, copying, use or re-transmission of this message or attachment, or the disclosure of any 
information therein, is strictly forbidden. BlueScope Steel Limited does not represent or guarantee that this message 
or attachment is free of errors, virus or interference.

If you have received this message in error please notify the sender immediately and delete the message. Any views 
expressed in this email are not necessarily the views of BlueScope Steel Limited.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe



NOTICE - This message and any attached files may contain information that is confidential, legally privileged or 
proprietary. It is intended only for use by the intended recipient. If you are not the intended recipient or the person 
responsible for delivering the message to the intended recipient, be advised that you have received this message in 
error. Any dissemination, copying, use or re-transmission of this message or attachment, or the disclosure of any 
information therein, is strictly forbidden. BlueScope Steel Limited does not represent or guarantee that this message 
or attachment is free of errors, virus or interference.

If you have received this message in error please notify the sender immediately and delete the message. Any views 
expressed in this email are not necessarily the views of BlueScope Steel Limited.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe