linksys logs and snmp

Hi,
I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
snmp logs broadcast from my linksys router. Can some recommend a simple
daemon or some such thing that will catch the broadcast and append it to a
file? No gui or anything, just want a small simple daemon doing this little
bit of work.I'll analyze the logs file at my convenience with some other
tool.
Thanks
Eric

On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:

>Hi,
> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>snmp logs broadcast from my linksys router. Can some recommend a simple
>daemon or some such thing that will catch the broadcast and append it to a
>file? No gui or anything, just want a small simple daemon doing this little
>bit of work.I'll analyze the logs file at my convenience with some other
>tool.
>Thanks
>Eric

There are several around.. Here's a link to one I wrote in Rexx, back
when I was running OS/2 (It should work fine in Object Rexx for
Linux). http://www.catherders.com/mwc/linklog.zip

Mike-
Mornings: Evolution in action. Only the grumpy will survive.
-----------------------------------------------------

Please note - Due to the intense volume of spam, we have
installed site-wide spam filters at catherders.com. If
email from you bounces, try non-HTML, non-encoded,
non-attachments.


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Michael W. Cocke wrote:

> On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
>
>>Hi,
>> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>>snmp logs broadcast from my linksys router. Can some recommend a simple
>>daemon or some such thing that will catch the broadcast and append it to a
>>file? No gui or anything, just want a small simple daemon doing this
>>little bit of work.I'll analyze the logs file at my convenience with some
>>other tool.
>>Thanks
>>Eric
>
> There are several around.. Here's a link to one I wrote in Rexx, back
> when I was running OS/2 (It should work fine in Object Rexx for
> Linux). http://www.catherders.com/mwc/linklog.zip
>
> Mike-
> Mornings: Evolution in action. Only the grumpy will survive.
> -----------------------------------------------------
>
> Please note - Due to the intense volume of spam, we have
> installed site-wide spam filters at catherders.com. If
> email from you bounces, try non-HTML, non-encoded,
> non-attachments.
>
>
> ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet
> News==---- http://www.newsfeed.com The #1 Newsgroup Service in the World!
> >100,000 Newsgroups ---= 19 East/West-Coast Specialized Servers - Total
> Privacy via Encryption =---

I tried to go there but its only a blank page.
What would i need to install, I never heard of Rexx.

On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
> Hi,
> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
> snmp logs broadcast from my linksys router. Can some recommend a simple
> daemon or some such thing that will catch the broadcast and append it to a
> file? No gui or anything, just want a small simple daemon doing this little
> bit of work.I'll analyze the logs file at my convenience with some other
> tool.

I was just curious if Linksys routers do normal syslog? My WAP11 v2.2
does even though there is nothing in its docs that say what kind of
loggin. I just pointed its remote logging at a Linux IP which had remote
syslog enabled, and it logs to my /var/log/messages. For SuSE I just set
this in /etc/sysconfig/syslog (where my WAP is aplink.local):

# if not empty: parameters for syslogd
# for example SYSLOGD_PARAMS="-r -s my.dom.ain"
#
SYSLOGD_PARAMS="-r -s local"

And it logs like this (apparently DOS/Win carriage returns):

Dec 13 16:19:26 aplink Created syslog task. ^M
Dec 13 16:19:26 aplink System ready ... ^M
Dec 13 16:19:26 aplink System started ^M
Dec 13 16:19:26 aplink Wireless PC connected 00-04-E2-37-9F-2B^M

--
David Efflandt - All spam ignored http://www.de-srv.com/

On Wed, 17 Dec 2003 03:10:43 GMT, Eric <(E-Mail Removed)> wrote:

>Michael W. Cocke wrote:
>
>> On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
>>
>>>Hi,
>>> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>>>snmp logs broadcast from my linksys router. Can some recommend a simple
>>>daemon or some such thing that will catch the broadcast and append it to a
>>>file? No gui or anything, just want a small simple daemon doing this
>>>little bit of work.I'll analyze the logs file at my convenience with some
>>>other tool.
>>>Thanks
>>>Eric
>>
>> There are several around.. Here's a link to one I wrote in Rexx, back
>> when I was running OS/2 (It should work fine in Object Rexx for
>> Linux). http://www.catherders.com/mwc/linklog.zip
>>
>> Mike-
>> Mornings: Evolution in action. Only the grumpy will survive.
>> -----------------------------------------------------
>>
>> Please note - Due to the intense volume of spam, we have
>> installed site-wide spam filters at catherders.com. If
>> email from you bounces, try non-HTML, non-encoded,
>> non-attachments.
>>
>>
>> ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet
>> News==---- http://www.newsfeed.com The #1 Newsgroup Service in the World!
>> >100,000 Newsgroups ---= 19 East/West-Coast Specialized Servers - Total
>> Privacy via Encryption =---
>
>I tried to go there but its only a blank page.
>What would i need to install, I never heard of Rexx.

Odd... it seems to be working fine. Rexx is like Perl - an
advanced scripting language, available on and for many MANY platforms.

Do a google for 'rexx linux' and you should find more than you ever
wanted to.

Mike-

Mornings: Evolution in action. Only the grumpy will survive.
-----------------------------------------------------

Please note - Due to the intense volume of spam, we have
installed site-wide spam filters at catherders.com. If
email from you bounces, try non-HTML, non-encoded,
non-attachments.


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

On Wed, 17 Dec 2003 04:19:04 +0000 (UTC), (E-Mail Removed) (David
Efflandt) wrote:

>On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
>> Hi,
>> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>> snmp logs broadcast from my linksys router. Can some recommend a simple
>> daemon or some such thing that will catch the broadcast and append it to a
>> file? No gui or anything, just want a small simple daemon doing this little
>> bit of work.I'll analyze the logs file at my convenience with some other
>> tool.
>
>I was just curious if Linksys routers do normal syslog? My WAP11 v2.2
>does even though there is nothing in its docs that say what kind of
>loggin. I just pointed its remote logging at a Linux IP which had remote
>syslog enabled, and it logs to my /var/log/messages. For SuSE I just set
>this in /etc/sysconfig/syslog (where my WAP is aplink.local):
>
># if not empty: parameters for syslogd
># for example SYSLOGD_PARAMS="-r -s my.dom.ain"
>#
>SYSLOGD_PARAMS="-r -s local"
>
>And it logs like this (apparently DOS/Win carriage returns):
>
>Dec 13 16:19:26 aplink Created syslog task. ^M
>Dec 13 16:19:26 aplink System ready ... ^M
>Dec 13 16:19:26 aplink System started ^M
>Dec 13 16:19:26 aplink Wireless PC connected 00-04-E2-37-9F-2B^M


Not sure what you mean by 'normal syslog'. Linksys units (I hate to
call them routers, they aren't - they're buggy hardware NAT layers)
'log' by dumping text out the snmp port. You need to run a 'catcher'
somewhere on the same LAN to write the data to a disk file.


Here - mind the line wrapping -


/* Rexx script to capture LinkSys router/firewall traffic logs via UDP
socket 162 */
/* (Replaces the windows-only 'logcatcher' utility provided by
LinkSys) */

/* Placed in the public domain 9/23/2001 by Michael W. Cocke
((E-Mail Removed)) */

/* Run this program on any machine in the same IP network as the
LinkSys router. */
/* Written for and tested with LinkSys model BEFSR41 V.2 on
OS/2 Warp - */
/* You'll probably need to tinker a bit to change either of those.
*/

/* log format: date time direction source_ip_address port#
destination_ip_address port# */
/* files produced:
*/
/* linklog.in - inbound traffic
*/
/* linklog.out - outbound traffic
*/
/* linklog.all - consolidated in/out traffic
*/
/* logs are appended, not overwritten
*/


/* Load all rexxutil functions */
CALL rxfuncadd sysloadfuncs, rexxutil, sysloadfuncs
CALL sysloadfuncs

/* Load all TCP Socket functions */
CALL rxfuncadd "SockLoadFuncs", "rxSock", "SockLoadFuncs"
ErrCode = SockLoadFuncs(dummy)
if Not ErrCode = 0 Then Do
Say 'SockLoadFuncs() failed:' ErrCode
Return ErrCode
End

/* Open a Socket... */
Socket = SockSocket("AF_INET", "SOCK_DGRAM", "IPPROTO_UDP" )
If Socket < 0 Then Do
Say 'SockSocket() failed:' Socket
Return Socket
End

rc = SockSetSockOpt(socket, "SOL_SOCKET", "SO_REUSEADDR", "1")

/* the LinkSys router/firewall uses port 162 */
address.family = "AF_INET"
address.port = "162"
address.addr = "INADDR_ANY"

rc = sockbind(Socket, 'address.')

/* open the log file streams, appending if existant */
rc=stream('linklog.in','c','open write')
rc=stream('linklog.in','c','seek <0')

rc=stream('linklog.out','c','open write')
rc=stream('linklog.out','c','seek <0')

rc=stream('linklog.all','c','open write')
rc=stream('linklog.all','c','seek <0')

Signal On Halt Name HaltExit
Signal On Error Name HaltExit

/* Loop... */
Do Forever
/* Receive the message... */
Count = SockRecvFrom( Socket, 'Buffer', 512,'raddress.' )
If Count = -1 Then Do
Say 'SockRecv() error.'
Return
End

datline = buffer
datline = left(datline,count-1)
lendat=length(datline)

a = pos('@in',datline)
if a>0 then datline=right(datline,lendat-a)
a = pos('@out',datline)

if a>0 then datline=right(datline,lendat-a)
parse var datline direction' 'ip1' 'port1' 'ip2' 'port2

now = date('u') time()
say now 'from' ip1 port1 'to' ip2 port2 '*'

rc = lineout('linklog.all',now' 'direction' 'ip1' 'port1' 'ip2'
'port2)
if Not rc = 0 Then Say rc 'writing linklog.all'

if direction='in' then do
rc = lineout('linklog.in',now' 'direction' 'ip1' 'port1' 'ip2'
'port2)
if Not rc = 0 Then Say rc 'writing linklog.in'
End

if direction='out' then do
rc = lineout('linklog.out',now' 'direction' 'ip1' 'port1' 'ip2'
'port2)
if Not rc = 0 Then Say rc 'writing linklog.out'
End

End

HaltExit:

ErrCode = SockClose( Socket )
rc=stream('linklog.in','c','close')
rc=stream('linklog.out','c','close')
rc=stream('linklog.all','c','close')

CALL SockDropFuncs



Mike-

Mornings: Evolution in action. Only the grumpy will survive.
-----------------------------------------------------

Please note - Due to the intense volume of spam, we have
installed site-wide spam filters at catherders.com. If
email from you bounces, try non-HTML, non-encoded,
non-attachments.


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

Eric wrote:

> . http://www.catherders.com/mwc/linklog.zip

Konqueror will get it but mozilla wont, anyway i got it

How do i run a rexx script?
How do i know if rexx is installed?

Thanks
Eric

Eric wrote:

> Michael W. Cocke wrote:
>
>> On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
>>
>>>Hi,
>>> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>>>snmp logs broadcast from my linksys router. Can some recommend a simple
>>>daemon or some such thing that will catch the broadcast and append it to
>>>a file? No gui or anything, just want a small simple daemon doing this
>>>little bit of work.I'll analyze the logs file at my convenience with some
>>>other tool.
>>>Thanks
>>>Eric
>>
>> There are several around.. Here's a link to one I wrote in Rexx, back
>> when I was running OS/2 (It should work fine in Object Rexx for
>> Linux). http://www.catherders.com/mwc/linklog.zip
>>
>> Mike-
>> Mornings: Evolution in action. Only the grumpy will survive.
>> -----------------------------------------------------
>>
>> Please note - Due to the intense volume of spam, we have
>> installed site-wide spam filters at catherders.com. If
>> email from you bounces, try non-HTML, non-encoded,
>> non-attachments.
>>
>>
>> ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet
>> News==---- http://www.newsfeed.com The #1 Newsgroup Service in the World!
>> >100,000 Newsgroups ---= 19 East/West-Coast Specialized Servers - Total
>> Privacy via Encryption =---
>
> I tried to go there but its only a blank page.
> What would i need to install, I never heard of Rexx.

well, i downloaded rexx from ibm, version orexx-2.3.3.0-1.i386.rpm
26.11.2002 and tried to

urpmi orexx-2.3.3.0-1.i386.rpm

but it failed to install.

warning: user mic does not exist - using root
warning: user mic does not exist - using root
warning: user mic does not exist - using root
#######################################
ln: creating symbolic link `/usr/local/man/man1/rexx.1.gz' to
`/opt/orexx/man1/rexx.1.gz': No such file or directory
error: %post(orexx-2.3.3.0-1) scriptlet failed, exit status 1


Eric

On Fri, 19 Dec 2003 06:54:33 GMT, Eric <(E-Mail Removed)> wrote:

>Eric wrote:
>
>> Michael W. Cocke wrote:
>>
>>> On Tue, 16 Dec 2003 07:33:58 GMT, Eric <(E-Mail Removed)> wrote:
>>>
>>>>Hi,
>>>> I'm running mandrake 9.2 and 9.0 (2 diff pc's) and I want to catch the
>>>>snmp logs broadcast from my linksys router. Can some recommend a simple
>>>>daemon or some such thing that will catch the broadcast and append it to
>>>>a file? No gui or anything, just want a small simple daemon doing this
>>>>little bit of work.I'll analyze the logs file at my convenience with some
>>>>other tool.
>>>>Thanks
>>>>Eric
>>>
>>> There are several around.. Here's a link to one I wrote in Rexx, back
>>> when I was running OS/2 (It should work fine in Object Rexx for
>>> Linux). http://www.catherders.com/mwc/linklog.zip
>>>
>>> Mike-
>>> Mornings: Evolution in action. Only the grumpy will survive.
>>> -----------------------------------------------------
>>>
>>> Please note - Due to the intense volume of spam, we have
>>> installed site-wide spam filters at catherders.com. If
>>> email from you bounces, try non-HTML, non-encoded,
>>> non-attachments.
>>>
>>>
>>> ----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet
>>> News==---- http://www.newsfeed.com The #1 Newsgroup Service in the World!
>>> >100,000 Newsgroups ---= 19 East/West-Coast Specialized Servers - Total
>>> Privacy via Encryption =---
>>
>> I tried to go there but its only a blank page.
>> What would i need to install, I never heard of Rexx.
>
>well, i downloaded rexx from ibm, version orexx-2.3.3.0-1.i386.rpm
>26.11.2002 and tried to
>
>urpmi orexx-2.3.3.0-1.i386.rpm
>
>but it failed to install.
>
>warning: user mic does not exist - using root
>warning: user mic does not exist - using root
>warning: user mic does not exist - using root
>#######################################
>ln: creating symbolic link `/usr/local/man/man1/rexx.1.gz' to
>`/opt/orexx/man1/rexx.1.gz': No such file or directory
>error: %post(orexx-2.3.3.0-1) scriptlet failed, exit status 1
>
>
>Eric


IBM built the RPM badly... try typing rexx at a prompt - it's
probably installed. I get the same set of errors when I install it
here.

Mike-

Mornings: Evolution in action. Only the grumpy will survive.
-----------------------------------------------------

Please note - Due to the intense volume of spam, we have
installed site-wide spam filters at catherders.com. If
email from you bounces, try non-HTML, non-encoded,
non-attachments.


----== Posted via Newsfeed.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeed.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= 19 East/West-Coast Specialized Servers - Total Privacy via Encryption =---

yeh, it was there but....

# rexx linklog.cmd
*** Function: SYSLOADFUNCS not found in library: librexxutil.so!
Error message: /usr/lib/librexxapi.so.2: undefined symbol: SYSLOADFUNCS
20 *-* CALL sysloadfuncs
REX0043E: Error 43 running linklog.cmd line 20: Routine not found
REX0417E: Error 43.1: Could not find routine "SYSLOADFUNCS"

Do i need a different version of rexx?
thanks
Eric