Hi,
Some history:
libsmi doesn't provide MIBs any more, due to Debian bug 498476
MIB installation was spun out into an independent package snmp-mibs-downloader
This package downloads the MIBs directly from their source, so these are not cleaned up for libsmi.
libsmi integration is not trivial from an application point of view; it's easier to have it crash than work for you.
It took several iterations for Wireshark to get this right. You'll have to look in the Wireshark bug database and code repository to see what was solved in which release.
All I know is that in the 1.4 release branch things are much better (a.k.a. working).
i.s.o. trying to compile everything yourself it might be a good idea to install the newer Wireshark packages from the Ubuntu repositories of a newer release.
Thanks,
Jaap
On Thu, 20 Jan 2011 07:41:38 -0600, Sandor, Todd (Todd) wrote:
Thanks for the response Andrew ..
I did a find on my entire system, didn't find any "extra" MIB files anywhere, not sure where RFC1213-MIB is found?
Anyway ...Did a purge on snmp-mibs-downloader and got error
dpkg: warning: while removing snmp-mibs-downloader, directory '/var/lib/mibs' not empty so not removed.
Manually removed /var/lib/mibs then installed snmp-mibs-downloader and the /var/lib/mibs was re-populated...
Thus, one possibility is SMI 0.4.8 on Ubuntu doesn't seem like these MIBs..
Looked up the package contents on:
http://packages.ubuntu.com/search?searchon=names&keywords=XXX for
libsmi2-common
libsmi2-dev
libsmi2ldbl
None of them list anything about MIB files ...(these all contain libraries). Are you sure the MIBs that "Frank/Juergen" are part of SMILIB? If so, which one?
Can you tell me how I checkout/build smilib from subversion? I googled and round the command below, but got error on the checkout ...
svn checkout http://libsmi.googlecode.com/svn/trunk/ libsmi-read-only
svn: OPTIONS of 'http://libsmi.googlecode.com/svn/trunk': could not connect to server (http://libsmi.googlecode.com)
Yes - this is a 64bit system...
Cheers...
-----Original Message-----
From: wireshark-dev-bounces@xxxxxxxxxxxxx [mailto:wireshark-dev-bounces@xxxxxxxxxxxxx] On Behalf Of Andrew Hood
Sent: Wednesday, January 19, 2011 5:54 AM
To: Developer support list for Wireshark
Subject: Re: [Wireshark-dev] snmp decoding ...ubuntu smi issue ?... different then on windows XP ...?
Before we get any deeper I don't run Ubuntu. Slackware rules.
Sandor, Todd (Todd) wrote:
What version of libsmi does Ubuntu have? The current one is 0.4.8, but I
tend to use the one in Subversion.
Todd> According to "About Wireshark", it using SMI 0.4.8 ...
Good start.
Are your MIBs ones that come with Ubuntu, some other package, or the
ones from libsmi? libsmi's parser is extremely strict and many other
sources have less than perfect (to be polite) syntax and semantics.
Frank and Juergen fix the MIBs they include in libsmi so they are correct.
Todd> Not sure exactly, possibly with Ubuntu, how do I determine this?
Todd> Notes:
* there are some mibs in directories /var/lib/mibs/iana and /var/lib/mibs/ietf File /etc/smi.conf "path" points to /usr/share/mibs/ which have symbolic links to the ones in /var/lib/mibs ...
* I did purge of the smi library(s), but these mibs were left in place " sudo apt-get purge libsmi2-common libsmi2-dev libsmi2ldbl", so ... (technically they should be removed if they were part of this install, no?), so this might be part of Ubuntu or ?
* I removed my wireshark configuration for SMI Path and SMI modules I added, but still get error " Stopped processing module RFC1213-MIB due to error(s) to prevent potential crash in libsmi." ...
* I then moved /var/lib/mibs/ietf/RFC1213-MIB somewhere else, then started wireshark again and got the same RFC1212-MIB, thus Wireshark must not be using this directory (/etc/smi.conf path points to them via sym-links in /usr/share/mibs/...
Todd> If Frank/Juergen fixed the mibs, where are the put when you install the libsmi?
Left to it's own devices, the libsmi build puts them in
/usr/local/share/mibs/{iana,ietf,irtf,site,tubs} but where Ubuntu choose
to put them is their business. If Wireshark is still finding those two
MIB files, then there must be other copies somewhere. Does Ubuntu's
Wireshark have any MIBs included?
If you want to include other MIBs you really have to make sure you have
all the IMPORTS, and that smilint accepts all the MIBs as valid with the
"-l 3" option at a minimum. "-l 4" would be better.
Todd> If can get base to work, I look into using private mibs and work through smilint, etc., I'm a newbie and part of my issue are finger issues right now...
Andrew
