Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SNMP resolution problems

From: Joerg Mayer <jmayer () loplof de>
Date: Thu, 10 Oct 2013 15:43:28 +0200
On Thu, Oct 10, 2013 at 08:07:36AM -0400, Evan Huus wrote:

I don't know, sorry. We're releasing a development snapshot 1.11.0
next week that has had some additional OID resolution improvements; I
don't know if they're related to the issue you're seeing or not, but
it will be worth trying.

If it still isn't fixed, please file a bug on our bugzilla and attach
a capture of a few packets (and possibly the MIB) so we can reproduce.


Actually it looks to me that some Sub-MIB is missing that gets picked up
by the net-snmp tools but not by Wireshark.

Ciao
   Jörg


On Wed, Oct 9, 2013 at 8:23 PM, Aaron Wasserott
<aaron.wasserott () viawest com> wrote:

Upgrading to latest version helped, although there still appears to be some flakiness. Hitting Apply didn't cause 
it to load the MIB but Ok did. But no more errors about SNMPv2-SMI so that's a big step forward.

One thing I noticed is that it doesn't appear to properly format/convert return OIDs. For example if I run snmpwalk 
from a linux box I might see something like the following as the entire returned SNMP data:

A10-AX-MIB::axServiceGroupMemberStatPktsIn."VIRTUAL-SERVER-NAME".tcp."PHYSICAL-SERVER-NAME".80 = Counter64: 22

But Wireshark will just show a bunch of numbers after the ...StatPktsIn portion (like below). It's not converting 
from hex (?) to ASCII in a returned OID string when hitting an index value.

A10-AX-MIB::axServiceGroupMemberStatPktsIn.18.109.121.118.15.97.119.101.115.116.46.99.211.109.45.72.84.82.80.2.38.52.41.51.55.49.45.105.110.116.110.97.110.101.116.57.46.118.105.97.119.101.115.116.46.99.111.114.112.58.109.121.1

Can that be adjusted? I tried adjusting different settings, and tried decoding it as SNMP but no luck.

Thanks again,

-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Evan 
Huus
Sent: Wednesday, October 09, 2013 4:41 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] SNMP resolution problems

Wireshark 1.4 is quite old and has been unsupported for some time now.
I would suggest upgrading to a more recent version if at all possible.

Evan

On Wed, Oct 9, 2013 at 6:18 PM, Aaron Wasserott <aaron.wasserott () viawest com> wrote:

I am having trouble getting SNMP resolution to work. I enabled it and
restarted wireshark and then get this error:



Stopped processing module SNMPv2-SMI due to error(s) to prevent
potential crash in libsmi.

Module's conformance level: 1.

See details at:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560325



I noticed there are a few posts on the web about it, but no solutions.
I am
running:


Wireshark Version 1.4.0 (SVN Rev 34005 from /trunk-1.4) Windows 7
Enterprise, 64-bit



I loaded that same SMI file into another SNMP browser and it opens it
fine, and doesn't report any errors with it. I also tried re-pointing
the MIB directory to the one used by net-snmp and loading the
SNMPv2-SMI module from there in, but I get the same error. If I am
reading the file right, it doesn't seem to import any other MIBs, so maybe it's a formatting thing?



I did that via the GUI, although if I look under About Wireshark >
Folders I see the pre-defined paths are still there as well as the new one I defined.
So it seems like there is an issue with the included SMI file, and the
GUI didn't properly remove the default MIB path, so it's still loading
that one up and not the net-snmp file I tried to point it to.



Anyone have any ideas?


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users

mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe


-- 
Joerg Mayer                                           <jmayer () loplof de>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: