Skip to content

Add an integration test for non-standard AES256 with Triple DES. #80

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 9, 2025
Merged

Add an integration test for non-standard AES256 with Triple DES. #80

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b289ddc
Add an integration test for non-standard AES256 with Triple DES. This…
mashhurs Oct 7, 2025
3487717
Use port variable in the snmpsim command instead static predefined port.
mashhurs Oct 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions .ci/Dockerfile.snmpsim
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
FROM ubuntu:20.04

ARG PORT

# Install Python and pip
RUN apt-get update && apt-get -y install \
python3 \
python3-pip \
&& rm -rf /var/lib/apt/lists/*

# Install snmpsim
RUN pip3 install snmpsim

# Create a non-privileged user
RUN useradd -r -s /bin/false snmpsim

# Create directory for data
RUN mkdir -p /app/data

# Copy the SNMP data file
COPY snmpsim/data/self.snmprec /app/data/

# Set ownership of the app directory
RUN chown -R snmpsim:snmpsim /app

# Set working directory
WORKDIR /app

# Switch to non-privileged user
USER snmpsim

# Expose the SNMP port
EXPOSE $PORT $PORT/udp

# Start the SNMP simulator with the specified configuration
ENTRYPOINT ["snmpsim-command-responder", \
"--data-dir=./data", \
"--agent-udpv4-endpoint=0.0.0.0:163", \
Copy link
Contributor

@edmocosta edmocosta Oct 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should use the $PORT value here, so the argument works as expected.

Copy link
Contributor Author

@mashhurs mashhurs Oct 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, I was aware but forgot to make this change. fixed with 3487717

"--v3-user=testuser", \
"--v3-auth-proto=SHA", \
"--v3-auth-key=authp123", \
"--v3-priv-proto=AES256", \
"--v3-priv-key=privpass123", \
"--v3-only", \
"--log-level=debug"]
16 changes: 16 additions & 0 deletions .ci/docker-compose-integration.override.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ services:
depends_on:
- snmp1
- snmp2
- snmpsim
networks:
app_net:
ipv4_address: 172.16.238.10
Expand Down Expand Up @@ -42,6 +43,21 @@ services:
dockerfile: Dockerfile.snmp
args:
- PORT=162
snmpsim:
hostname: snmpsim
container_name: snmpsim
ports:
- "163:163/tcp"
- "163:163/udp"
networks:
app_net:
ipv4_address: 172.16.238.163
ipv6_address: 2001:3984:3989::163
build:
context: .
dockerfile: Dockerfile.snmpsim
args:
- PORT=163

networks:
app_net:
Expand Down
53 changes: 53 additions & 0 deletions .ci/snmpsim/data/self.snmprec
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
1.3.6.1.2.1.1.1.0|4|SNMP Simulator for AES256 with 3DES Key Extension Testing
1.3.6.1.2.1.1.2.0|6|1.3.6.1.4.1.8072.3.2.10
1.3.6.1.2.1.1.3.0|67|233425120
1.3.6.1.2.1.1.4.0|4|Test Administrator
1.3.6.1.2.1.1.5.0|4|test-agent
1.3.6.1.2.1.1.6.0|4|Test Location
1.3.6.1.2.1.1.7.0|2|72
1.3.6.1.2.1.1.8.0|67|0
1.3.6.1.2.1.2.1.0|2|2
1.3.6.1.2.1.2.2.1.1.1|2|1
1.3.6.1.2.1.2.2.1.1.2|2|2
1.3.6.1.2.1.2.2.1.2.1|4|lo
1.3.6.1.2.1.2.2.1.2.2|4|eth0
1.3.6.1.2.1.2.2.1.3.1|2|24
1.3.6.1.2.1.2.2.1.3.2|2|6
1.3.6.1.2.1.2.2.1.4.1|2|65536
1.3.6.1.2.1.2.2.1.4.2|2|1500
1.3.6.1.2.1.2.2.1.5.1|4|10000000000
1.3.6.1.2.1.2.2.1.5.2|4|1000000000
1.3.6.1.2.1.2.2.1.6.1|4x|
1.3.6.1.2.1.2.2.1.6.2|4x|00127962f940
1.3.6.1.2.1.2.2.1.7.1|2|1
1.3.6.1.2.1.2.2.1.7.2|2|1
1.3.6.1.2.1.2.2.1.8.1|2|1
1.3.6.1.2.1.2.2.1.8.2|2|1
1.3.6.1.2.1.2.2.1.9.1|67|0
1.3.6.1.2.1.2.2.1.9.2|67|0
1.3.6.1.2.1.2.2.1.10.1|70|0
1.3.6.1.2.1.2.2.1.10.2|70|0
1.3.6.1.2.1.2.2.1.11.1|70|0
1.3.6.1.2.1.2.2.1.11.2|70|0
1.3.6.1.2.1.2.2.1.12.1|70|0
1.3.6.1.2.1.2.2.1.12.2|70|0
1.3.6.1.2.1.2.2.1.13.1|70|0
1.3.6.1.2.1.2.2.1.13.2|70|0
1.3.6.1.2.1.2.2.1.14.1|70|0
1.3.6.1.2.1.2.2.1.14.2|70|0
1.3.6.1.2.1.2.2.1.15.1|70|0
1.3.6.1.2.1.2.2.1.15.2|70|0
1.3.6.1.2.1.2.2.1.16.1|70|0
1.3.6.1.2.1.2.2.1.16.2|70|0
1.3.6.1.2.1.2.2.1.17.1|70|0
1.3.6.1.2.1.2.2.1.17.2|70|0
1.3.6.1.2.1.2.2.1.18.1|70|0
1.3.6.1.2.1.2.2.1.18.2|70|0
1.3.6.1.2.1.2.2.1.19.1|70|0
1.3.6.1.2.1.2.2.1.19.2|70|0
1.3.6.1.2.1.2.2.1.20.1|70|0
1.3.6.1.2.1.2.2.1.20.2|70|0
1.3.6.1.2.1.2.2.1.21.1|70|0
1.3.6.1.2.1.2.2.1.21.2|70|0
1.3.6.1.2.1.2.2.1.22.1|70|0
1.3.6.1.2.1.2.2.1.22.2|70|0
21 changes: 21 additions & 0 deletions spec/integration/inputs/snmp_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,27 @@

it_behaves_like 'snmp plugin return single get event'
end

describe 'snmp v3 with AES256 & Triple-DES' do
let(:config) { {
'hosts' => [{ 'host' => "udp:snmpsim/163", 'version' => '3' }],
'security_name' => 'testuser',
'auth_protocol' => 'sha',
'auth_pass' => 'authp123',
'priv_protocol' => 'aes256with3desKey',
'priv_pass' => 'privpass123',
'security_level' => 'authPriv',
'get' => [
"1.3.6.1.2.1.1.1.0", # sysDescr
]
} }

it 'fetches system description from snmpsim' do
event = run_plugin_and_get_queue(plugin).pop
expect(event).to be_a(LogStash::Event)
expect(event.get('iso.org.dod.internet.mgmt.mib-2.system.sysDescr.0')).to eq('SNMP Simulator for AES256 with 3DES Key Extension Testing')
end
end
end

describe '`walk` operation' do
Expand Down