Installing MIB in Ubuntu and Solving the Error “SNMP Cannot Find Module …”

Has noticed an error after executing the command snmpwalk with the indication of MIB instead of OID:

snmpwalk -v 2c -c public 192.168.0.1 ifIndex
ifIndex: Unknown Object Identifier (Sub-id not found: (top) -> ifIndex)

And:

For error such as:
Cannot find module (HOST-RESOURCES-MIB): At line 0 in (none)
Cannot find module (HOST-RESOURCES-TYPES): At line 0 in (none)
Cannot find module (SNMPv2-TC): At line 10 in /usr/share/mibs/netsnmp/UCD-DLMOD-MIB
Cannot find module (SNMPv2-SMI): At line 34 in /usr/share/mibs/netsnmp/UCD-SNMP-MIB
Cannot find module (SNMPv2-TC): At line 37 in /usr/share/mibs/netsnmp/UCD-SNMP-MIB
Did not find ‘enterprises’ in module #-1 (/usr/share/mibs/netsnmp/UCD-SNMP-MIB)
Did not find ‘DisplayString’ in module #-1 (/usr/share/mibs/netsnmp/UCD-SNMP-MIB)
Did not find ‘TruthValue’ in module #-1 (/usr/share/mibs/netsnmp/UCD-SNMP-MIB)
Unlinked OID in UCD-SNMP-MIB: ucdavis ::= { enterprises 2021 }
Undefined identifier: enterprises near line 39 of /usr/share/mibs/netsnmp/UCD-SNMP-MIB
Did not find ‘DisplayString’ in module #-1 (/usr/share/mibs/netsnmp/UCD-DLMOD-MIB)
Did not find ‘ucdExperimental’ in module UCD-SNMP-MIB (/usr/share/mibs/netsnmp/UCD-DLMOD-MIB)
...

We look at the tree of mibs:

snmptranslate -Tp

The solution to the above errors is the execution of the following commands:

sudo apt-get install snmp-mibs-downloader
sudo download-mibs
sudo sed -i "s/^\(mibs *:\).*/#\1/" /etc/snmp/snmp.conf
sudo service snmpd restart

Why the Far Cry 4 progress not saving?

I noticed once on one computer that the game Far Cry 4 can not save the game.

Far Cry 4 itself was not installed, but was moved from another computer to the folder + transferred to Save to Documents.

The reason for not saving was probably different owners to the files and directory of the game, this quickest solution is right-clicking on the game’s shortcut, then “Properties” – tab “Compatibility” and setting the checkbox “Run this program as administrator“, click “ОК“.

Done, there should not be any problems with saving.

SNMP MIBs and OIDs for Ubiquiti PowerBeam 5AC

I wrote a template for Ubiquiti PowerBeam 5AC for Zabbix and explored several basic SNMP OIDs for which you need to draw graphics.
OID tested for devices that are configured in Station mode and with firmware v7.1.4 (XC).

You can check the OID from a Linux command, for example:

snmpwalk -v 1 -c public 192.168.1.20 .1

First of all, I looked at what interfaces there are (if you add VLAN, etc. on the device, their number can be shifted):

snmpwalk -v 1 -c public 192.168.1.20 ifDescr

The next MIBs can read incoming and outgoing traffic (I have LAN eth0 under index 4, WLAN ath0 under 10), for example for LAN traffic:

ifInOctets.4
ifOutOctets.4

Average CPU usage per 1min / 5min / 15min:

1.3.6.1.4.1.10002.1.1.1.4.2.1.3.1
1.3.6.1.4.1.10002.1.1.1.4.2.1.3.2
1.3.6.1.4.1.10002.1.1.1.4.2.1.3.3

TX and RX AP in kilobytes can be found by the following OID:

1.3.6.1.4.1.41112.1.4.7.1.17.1.4.24.214
1.3.6.1.4.1.41112.1.4.7.1.18.1.4.24.214

OID noise can be found by:

1.3.6.1.4.1.41112.1.4.7.1.4.1.4.24.214

Signal strength: 1.3.6.1.4.1.41112.1.4.5.1.5.1
Frequency: 1.3.6.1.4.1.41112.1.4.1.1.4.1
SSID: 1.3.6.1.4.1.41112.1.4.5.1.2.1
Uptime: 1.3.6.1.2.1.1.3.0
Free memory: 1.3.6.1.4.1.10002.1.1.1.1.2.0
Total Memory: 1.3.6.1.4.1.10002.1.1.1.1.1.0
MAC address of the access point to which the device is connected: 1.3.6.1.4.1.41112.1.4.5.1.4.1
The IP address of the access point to which the device is connected: 1.3.6.1.4.1.41112.1.4.7.1.10.1.4.24.214.232.12.159
Antenna type: 1.3.6.1.4.1.41112.1.4.1.1.9.1

See also:
SNMP OID and MIB for interfaces

How to hard reset LG L80 Dual D380

Recently did a hard reset on the LG L80 Dual D380 as it worked slowly and the battery was quickly discharged.

I will describe the order of actions:
1) We’ll turn off the phone.
2) Press the volume down and the power button, when the picture appears holding the volume button, release the power button and back press.
3) The reset menu appears with the volume buttons selected “YES” and the power button confirm “OK”, the second question similarly select “YES” and “OK”.

The phone will reboot and the user data will be cleared and reset to the factory settings, you will have to wait a little, done.

Updating phpBB 3.1.8 to phpBB 3.1.9

Today has updated the phpBB 3.1.8 forum to phpBB 3.1.9 with the automatic service pack.

Below I will describe the order of actions for the update:

1) Let’s make a backup copy of the files and the forum base.
In Linux, you can do this with commands:

sudo tar -cvjf backup_forum_files.tar.bz2 /var/www/forum/
mysqldump -u USER -h localhost -p BASE | gzip -c > backup_forum_base.sql.gz

2) Now you need to download the archive with the service pack “https://www.phpbb.com/downloads/#update”.

3) Unpack from the archive only install/ and vendor/ in the directory with the forum. If the install folder is located in the directory with the forum, it automatically turns off, that is, no one on it will not write and walk.
If the files were moved from the terminal, then the rights of the owner from which they moved could be set and the web server can not access them, so let’s specify the group and owner from which the web north is working:

sudo chown -R user:user /var/www/forum/install/
sudo chown -R user:user /var/www/forum/vendor/

4) Open the browser link to the forum by adding install to it, for example http://example.com/forum/install/.
Now it’s time to press Update and follow the instructions.

If you made changes in the code of some files and they are affected by the update, you will be informed about this and offered to choose which version of the files to leave, in my opinion it is better to put the new version from the update, and then make the changes after the update by comparing both files for example in Notepad++ with using the plugin Notepad++ Compare plugin which shows the differences in the code of files.

Hiding the site name in the phpBB header

Did somehow a great logo in the header of the forum phpBB and of course the name of the site and the description was imposed on it and prevented.
To hide the site name and description in the directory of the active theme (style), find the file /style/stylename/template/overall_header.html

Open it in a text editor and find the following two lines in it:

<h1>{SITENAME}</h1>
<p>{SITE_DESCRIPTION}</p>

Just they are responsible for displaying the site name and description in the forum header, we will not delete them, they will come in handy, but simply comment:

<!-- <h1>{SITENAME}</h1>
<p>{SITE_DESCRIPTION}</p> -->

After that, clear the forum cache by clicking the button in the administrator’s pane.

Done.

Solution of Postfix error “mailbox_size_limit is smaller than message_size_limit”

I noticed somehow in the logs the following error:

postfix/local[32288]: fatal: main.cf configuration error: mailbox_size_limit is smaller than message_size_limit

And remembered that I recently increased the parameter message_size_limit in the configuration file /etc/postfix/main.cf, which specifies in bytes the maximum size of messages sent and received.
The error occurs because the value of the message_size_limit parameter is greater than the value of mailbox_size_limit, and it should be the reverse, by the way virtual_mailbox_limit is not specified in the configuration file, apparently if it is not specified, then the standard value is 51200000, which in my case was less message_size_limit.

Let’s look at the value specified in the configuration file mailbox_size_limit and virtual_mailbox_limit (-d shows the standard value):

postconf -n | grep mailbox_size_limit
postconf -d | grep mailbox_size_limit
postconf -n | grep virtual_mailbox_limit
postconf -d | grep virtual_mailbox_limit

Let’s look at the value of message_size_limit:

postconf -n | grep message_size_limit
postconf -d | grep message_size_limit

Let’s manually specify the values mailbox_size_limit and virtual_mailbox_limit manually in /etc/postfix/main.cf so that they are greater than message_size_limit, or by adding the following commands to the file:

sudo postconf -e 'mailbox_size_limit = 102400000'
sudo postconf -e 'virtual_mailbox_limit = 102400000'

Alternatively, you can disable the limit altogether by specifying 0:

postconf -e 'mailbox_size_limit = 0'
postconf -e 'virtual_mailbox_limit = 0'

Restart Postfix to apply the changes:

sudo /etc/init.d/postfix restart

Done, the error should not be.

Configuring the D-Link DES-3028 Switch

Today, I configured the next switch D-Link DES-3028, the firmware was 2.94.B07.

And so, connect the console cable to the switch and add the vlan control (I have it 207, 25 port uplink):

create vlan core tag 207
config vlan core add tagged 25

Assign the switch IP address:

config ipif System vlan core ipaddress 192.168.1.2/24 state enable

Let’s specify the default route:

create iproute default 192.168.1.1 1

Add the admin account:

create account admin NAME

Add a client VLAN (I have it 226), specify PVID and remove the standard VLAN:

create vlan local_smart tag 226
config vlan local_smart add tagged 25
config vlan local_smart add untagged 1-24,26-28
disable gvrp
config gvrp 1-28 state disable ingress_checking enable acceptable_frame admit_all pvid 226
config vlan default delete 1-28

Let’s configure protection against broadcast flooding:

config traffic trap both
config traffic control 1-24,26-28 broadcast enable multicast disable unicast disable action drop threshold 64 countdown 5 time_interval 5

Let’s configure the loop protection:

enable loopdetect
config loopdetect recover_timer 3000
config loopdetect interval 10
config loopdetect trap none
config loopdetect port 1-24,26-28 state enabled
config loopdetect port 25 state disabled

Let’s configure traffic segmentation, if it is necessary that users within the switchboard do not see each other:

config traffic_segmentation 1-24 forward_list 25
config traffic_segmentation 25 forward_list 1-24,26-28

Set up the time zone and time synchronization:

enable sntp
config time_zone operator + hour 2 min 0
config sntp primary 192.168.1.1 secondary 0.0.0.0 poll-interval 7000

Let’s specify from what IP the access to WEB, telnet and SNMP of the switch is allowed:

create trusted_host 192.168.1.1
create trusted_host 192.168.5.20

Let’s configure the protection from DOS:

disable dos_prevention trap_log
config dos_prevention dos_type land_attack action drop state enable
config dos_prevention dos_type blat_attack action drop state enable
config dos_prevention dos_type smurf_attack action drop state enable
config dos_prevention dos_type tcp_null_scan action drop state enable
config dos_prevention dos_type tcp_xmascan action drop state enable
config dos_prevention dos_type tcp_synfin action drop state enable
config dos_prevention dos_type tcp_syn_srcport_less_1024 action drop state disable

For IP-MAC-Port Binding functions, we allow IP 0.0.0.0 (under it Windows tries to get IP):

config address_binding ip_mac ports 1-28 state disable allow_zeroip enable forward_dhcppkt enable

Configuring SNMP:

delete snmp community public
delete snmp community private
delete snmp user initial
create snmp community TEXT view CommunityView read_write
create snmp community TEXT view CommunityView read_only
config snmp system_name TEXT
config snmp system_location TEXT
config snmp system_contact TEXT

Let’s configure protection from third-party DHCP servers:

config filter dhcp_server ports 1-24,26-28 state enable
config filter dhcp_server trap_log enable
config filter dhcp_server illegal_server_log_suppress_duration 30min

From third-party DHCP servers can also be protected through ACL:

create access_profile ip udp src_port 0xFFFF profile_id 1
config access_profile profile_id 1 add access_id 1 ip udp src_port 67 port 25 permit
config access_profile profile_id 1 add access_id 2 ip udp src_port 67 port 1-24,26-28 deny

We will configure protection against BPDU of garbage:

config bpdu_protection ports 1-24,26-28 mode drop

Turn on the function SAFEGUARD_ENGINE, so you can go to the switch at 100% CPU utilization:

config safeguard_engine state enable utilization rising 100 falling 95 trap_log enable mode fuzzy

Fine-Tuning FDB:

config fdb aging_time 300
config multicast port_filtering_mode 1-28 filter_unregistered_groups
disable flood_fdb
config flood_fdb log disable trap disable

Other small settings:

config serial_port baud_rate 9600 auto_logout 10_minutes
enable password encryption
config terminal_line default
enable clipaging
disable command logging
enable password_recovery
enable syslog
config log_save_timing on_demand

Done.