Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snmp decoding ...ubuntu smi issue ?... different then on windows XP ...?

From: Andrew Hood <ajhood () fl net au>
Date: Tue, 18 Jan 2011 23:14:30 +1100
Sandor, Todd (Todd) wrote:

Hi:

I had a couple of Ubuntu newbie problems getting Wireshark installed on Unbuntu that included SMI to allow snmp 
decoding and was finally able to get it to a point where I could configure SMI paths and SMI modules ...
I also have a Wireshark on an XP box ...

I'm using a shared SMI path (same mib files, same SMI modules names) and when I attempt to decode exactly the same 
.pcap file on the XP and Ubuntu, I get errors only on Ubuntu (and doesn't perform the decoding) but on the XP version 
it works fine.   Was going to resort to just use the XP version, but thought I would send out an email asking if 
other people experience this behavior?  (I use Ubuntu mainly, it's a little bit of a pain to have to use my XP box 
for this ...)...

Is this just expected behavior under Ubuntu (weaker smi library support?)....I was suggested I use smilint and I did 
an initial stab at this (admit a some-what weak one), but even the "Standardized MIBs" has some have issues (ones 
under /var/lib/mibs)...

Anyone have any suggestions?

 On Unbuntu I observe:



Stopped processing module RFC1213-MIB due to error(s) to prevent potential crash in libsmi.
Module's conformance level: 1.
See details at:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560325


...
Then after added a SMI path and some private SMI module names on startup I get:



Stopped processing module TIMETRA-SERV-MIB due to error(s) to prevent potential crash in libsmi.
Module's conformance level: 1.
See details at:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560325


What version of libsmi does Ubuntu have? The current one is 0.4.8, but I
tend to use the one in Subversion.

Are your MIBs ones that come with Ubuntu, some other package, or the
ones from libsmi? libsmi's parser is extremely strict and many other
sources have less than perfect (to be polite) syntax and semantics.
Frank and Juergen fix the MIBs they include in libsmi so they are correct.

If you want to include other MIBs you really have to make sure you have
all the IMPORTS, and that smilint accepts all the MIBs as valid with the
"-l 3" option at a minimum. "-l 4" would be better.

Despite the fact that libsmi runs perfectly on 64 bit Unix systems I
have not managed to get it to compile for 64 bit Windows. Now there is a
64 bit box in the house I might give it another try so i can have a 64
bit Wireshark that does SNMP decodes.

Andrew
-- 
There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: