NAS-140368 / 27.0.0-BETA.1 / Add SNMP trap C extension using net-snmp

[ixhamza]

Summary

Replace pysnmp with a native C extension for sending SNMP trap notifications. Uses net-snmp's libnetsnmp for session management, PDU construction, and SNMPv3 USM authentication.

Exposes send_alert(), send_alert_cancellation(), and get_engine_id(). OIDs derived from TRUENAS-MIB notification section.

Testing

Tested with snmptrapd (net-snmp 5.9.4) as trap receiver:

v2c:

• Basic alert/cancellation with community string
• All 7 alert levels (info through emergency)
• Validation errors (missing host/port/community/alert_id/level/message)
• Edge cases (unicode, long messages, empty messages, special chars)
• 100-trap stress test

v3:

• MD5 + DES (authPriv)
• SHA + AES (authPriv)
• MD5 authNoPriv
• SHA authNoPriv
• noAuthNoPriv
• Protocol switching within same process (MD5↔SHA, auth↔noauth, v2c↔v3)
• Wrong auth key correctly rejected by receiver
• Correct credentials work after wrong credentials
• Engine ID stable across calls, changes per process

Verified against upstream:

• Trap PDU structure matches snmptrap CLI output
• v3 session setup follows snmptrap.c approach
• USM user table handling tested for credential switching

Next steps

• Middleware integration to follow to wire into snmp_trap.py and replace pysnmp
• Add to build system

[bugclerk]

Jira URL: https://ixsystems.atlassian.net/browse/NAS-140368

[anodos325]

Can we add a github runner pipeline that minimally builds the debian package and runs mypy stub tests?

https://github.com/truenas/truenas_pyos/tree/master/.github/workflows

For example. Though in this case we probably don't need to use a qemu VM.

I think a tests dir with some basic pytest tests might also be useful.

[ixhamza]

@anodos325 - Yeah, that's a very good point. Will add.