SNMPTrapMgr Component

Properties Methods Events Config Settings Errors

The SNMPTrapMgr component provides a UDP-based listening point for SNMP traps.

Syntax

TipnSNMPTrapMgr

Remarks

The SNMPTrapMgr component provides a UDP-based listening point for SNMP traps and informs as specified by the SNMP RFCs. The component supports v1, v2c, and v3 traps.

SNMP over DTLS is also supported when SSLEnabled is set to True. The SSLCert properties are used to select a certificate for the server. The SSLStatus event provides information about the DTLS handshake. When client authentication is required, the SSLAuthenticateClients property can be set to True and the SSLClientAuthentication event can be used to examine client credentials.

The component provides both encoding/decoding and transport capabilities, making the task of developing a custom SNMP Trap manager as simple as setting a few key properties and handling a few events. SNMP data, such as for instance SNMP object id-s (OID-s) are exchanged as text strings, thus further simplifying the task of handling them.

The component is activated/deactivated by calling the Activate or Deactivate method. These methods enable or disable sending and receiving. The activation status can be found in the Active property.

Messages are received through events such as Trap, InformRequest, or DiscoveryRequest.

SNMP OIDs, types, and values are provided in the Objects collection of SNMP objects for both sent and received packets.

SNMPv3 USM security passwords are requested through the GetUserPassword event, and event parameters such as User and SecurityLevel provide information about the security attributes of received requests, and enable granular decision capability about what to provide and what not to provide.

The AddUser, RemoveUser, ShowCache, ClearCache, AddEngine, and RemoveEngine methods are used to manage an internal authentication cache. This internal cache can be used as an alternative to the GetUserPassword event, automatically checking the cache against the security parameters provided in the request signature.

Property List

The following is the full list of the properties of the component with short descriptions. Click on the links for further details.


AcceptData	Enables or disables data reception.
Active	Indicates whether the component is active.
LocalEngineId	The Engine Id (for SNMPv3).
LocalHost	The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
LocalPort	The port in the local host where the component is bound to.
Objects	The objects in the current request.
RequestId	The request-id to mark outgoing packets with.
SSLAuthenticateClients	If set to True, the server asks the client(s) for a certificate.
SSLCert	The certificate to be used during Secure Sockets Layer (SSL) negotiation.
SSLEnabled	Whether DTLS is enabled.

Method List

The following is the full list of the methods of the component with short descriptions. Click on the links for further details.


Activate	Activates the component.
AddEngine	Adds the engine specified by EngineId to the internal authentication cache.
AddUser	Adds a user for the engine specified by EngineId to the internal authentication cache.
ClearCache	Clears the internal authentication database.
Config	Sets or retrieves a configuration setting.
Deactivate	Deactivates the component.
DoEvents	This method processes events from the internal message queue.
HashPasswords	Hashes all passwords in the cache.
RemoveEngine	Removes the engine specified by EngineId from the internal authentication cache.
RemoveUser	Removes the user specified by User of the engine specified by EngineId from the internal authentication cache.
Reset	Clears the object arrays.
ShowCache	Lists all entries in the internal user and engine database.
Value	Returns the value corresponding to an OID.

Event List

The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.


BadPacket	Fired for erroneous and/or malformed messages.
CacheEntry	Shows engines and users in the internal cache.
CheckEngine	Fired to check engine parameters (timeliness, etc.).
Connected	Fired immediately after a connection completes (or fails).
Disconnected	Fired when a connection is closed.
DiscoveryRequest	Fired when an SNMPv3 discovery packet is received.
Error	Fired when information is available about errors during data delivery.
GetUserPassword	Retrieves a password associated with a user.
GetUserSecurityLevel	Sets the security level for an incoming packet.
HashPassword	Fired before and after a password is hashed.
InformRequest	Fired when an InformRequest packet is received.
PacketTrace	Fired for every packet sent or received.
SSLClientAuthentication	Fired when the client presents its credentials to the server.
SSLStatus	Shows the progress of the secure connection.
Trap	Fired when a SNMP trap packet is received.

Config Settings

The following is a list of config settings for the component with short descriptions. Click on the links for further details.


AuthenticationKey	The key to use for authentication.
CompatibilityMode	Whether to operate the component in a specific compatibility mode.
ContextEngineId	Sets the context engine id of the SNMP entity.
ContextName	Sets the context name of the SNMP entity.
DecryptLogPackets	Whether to decrypt logged packets.
EncryptionKey	The key to use for encryption.
ForceLocalPort	Forces the component to bind to a specific port.
IncomingContextEngineId	The engine Id of the received packet.
IncomingContextName	The context name of the received packet.
ShowCacheForUser	Shows the cache entry for a single user.
SourceAddress	The source address of the received packet.
SourcePort	The source port of the received packet.
TimeWindow	The time window used for SNMPv3 timeliness checking (authentication).
CaptureIPPacketInfo	Used to capture the packet information.
DelayHostResolution	Whether the hostname is resolved when RemoteHost is set.
DestinationAddress	Used to get the destination address from the packet information.
DontFragment	Used to set the Don't Fragment flag of outgoing packets.
LocalHost	The name of the local host through which connections are initiated or accepted.
LocalPort	The port in the local host where the component binds.
MaxPacketSize	The maximum length of the packets that can be received.
QOSDSCPValue	Used to specify an arbitrary QOS/DSCP setting (optional).
QOSTrafficType	Used to specify QOS/DSCP settings (optional).
ShareLocalPort	If set to True, allows more than one instance of the component to be active on the same local port.
UseConnection	Determines whether to use a connected socket.
UseIPv6	Whether or not to use IPv6.
AbsoluteTimeout	Determines whether timeouts are inactivity timeouts or absolute timeouts.
FirewallData	Used to send extra data to the firewall.
InBufferSize	The size in bytes of the incoming queue of the socket.
OutBufferSize	The size in bytes of the outgoing queue of the socket.
BuildInfo	Information about the product's build.
CodePage	The system code page used for Unicode to Multibyte translations.
LicenseInfo	Information about the current license.
MaskSensitiveData	Whether sensitive data is masked in log messages.
UseInternalSecurityAPI	Whether or not to use the system security libraries or an internal implementation.

AcceptData Property (SNMPTrapMgr Component)

Enables or disables data reception.

Syntax

property AcceptData: Boolean read get_AcceptData write set_AcceptData;

Default Value

true

Remarks

Setting the property to False temporarily disables data reception. Setting the property to True re-enables data reception.

This property is not available at design time.

Active Property (SNMPTrapMgr Component)

Indicates whether the component is active.

Syntax

property Active: Boolean read get_Active write set_Active;

Default Value

false

Remarks

This property indicates whether the component is currently active and can send or receive data.

The component will be automatically activated if it is not already and you attempt to perform an operation which requires the component to be active.

Use the Activate and Deactivate methods to control whether the component is active.

This property is not available at design time.

LocalEngineId Property (SNMPTrapMgr Component)

The Engine Id (for SNMPv3).

Syntax

property LocalEngineId: String read get_LocalEngineId write set_LocalEngineId;
property LocalEngineIdB: TBytes read get_LocalEngineIdB write set_LocalEngineIdB;

Default Value

Remarks

This property is necessary for properly handling InformRequest packets.

LocalHost Property (SNMPTrapMgr Component)

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax

property LocalHost: String read get_LocalHost write set_LocalHost;

Default Value

Remarks

This property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface) setting LocalHost to the IP address of an interface will make the component initiate connections (or accept in the case of server components) only through that interface. It is recommended to provide an IP address rather than a hostname when setting this property to ensure the desired interface is used.

If the component is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

Note: LocalHost is not persistent. You must always set it in code, and never in the property window.

LocalPort Property (SNMPTrapMgr Component)

The port in the local host where the component is bound to.

Syntax

property LocalPort: Integer read get_LocalPort write set_LocalPort;

Default Value

162

Remarks

The LocalPort property must be set before the component is activated (Active is set to True). It instructs the component to bind to a specific port (or communication endpoint) in the local machine.

The default port is 162 (standard trap port). If that port is busy, an error will be returned, unless the ForceLocalPort configuration setting is set to False, in which case a random port will be chosen.

LocalPort cannot be changed once the component is Active. Any attempt to set the LocalPort property when the component is Active will generate an error.

Note: on macOS and iOS, root permissions are required to set LocalPort to any value below 1024.

Objects Property (SNMPTrapMgr Component)

The objects in the current request.

Syntax

property Objects: TipnSNMPObjectList read get_Objects write set_Objects;

Remarks

The SNMP objects being sent or received in the current request. The collection is first cleared, then populated every time an SNMP packet is received. It is also used to create outgoing SNMP packets.

Please refer to the SNMPObject type for a complete list of fields.

RequestId Property (SNMPTrapMgr Component)

The request-id to mark outgoing packets with.

Syntax

property RequestId: Integer read get_RequestId write set_RequestId;

Default Value

Remarks

If a custom value is needed for RequestId, the property must be set before sending the request. The component increments RequestId automatically after sending each packet.

This property is not available at design time.

SSLAuthenticateClients Property (SNMPTrapMgr Component)

If set to True, the server asks the client(s) for a certificate.

Syntax

property SSLAuthenticateClients: Boolean read get_SSLAuthenticateClients write set_SSLAuthenticateClients;

Default Value

false

Remarks

This property is used in conjunction with the SSLClientAuthentication event. Please refer to the documentation of the SSLClientAuthentication event for details.

SSLCert Property (SNMPTrapMgr Component)

The certificate to be used during Secure Sockets Layer (SSL) negotiation.

Syntax

property SSLCert: TipnCertificate read get_SSLCert write set_SSLCert;

Remarks

This property includes the digital certificate that the component will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

Please refer to the Certificate type for a complete list of fields.

SSLEnabled Property (SNMPTrapMgr Component)

Whether DTLS is enabled.

Syntax

property SSLEnabled: Boolean read get_SSLEnabled write set_SSLEnabled;

Default Value

false

Remarks

This setting specifies whether DTLS is enabled in the component. When False (default) the component operates in plaintext mode. When True DTLS is enabled.

This property is not available at design time.

Activate Method (SNMPTrapMgr Component)

Activates the component.

Syntax

procedure Activate();

Remarks

This method activates the component and will allow it to send or receive data.

The component will be automatically activated if it is not already and you attempt to perform an operation which requires the component to be active.

Note: Use the Active property to check whether the component is active.

AddEngine Method (SNMPTrapMgr Component)

Adds the engine specified by EngineId to the internal authentication cache.

Syntax

procedure AddEngine(EngineId: TBytes; EngineBoots: Integer; EngineTime: Integer);

Remarks

The internal authentication cache can be used as an alternative to the GetUserPassword event, automatically checking the cache against the security parameters provided in the request signature.

The ShowCache method is used to show the contents of the internal authentication cache.

The ClearCache method can be used to completely clear the cache.

If the engine parameters are unknown, the SNMPMgr component's Discover method can be used to perform a discovery with the agent. The RemoteEngineId, RemoteEngineTime, and RemoteEngineBoots properties will hold the values that can then be passed to this method.

AddUser Method (SNMPTrapMgr Component)

Adds a user for the engine specified by EngineId to the internal authentication cache.

Syntax

procedure AddUser(User: String; EngineId: TBytes; AuthenticationProtocol: Integer; AuthenticationPassword: String; EncryptionAlgorithm: Integer; EncryptionPassword: String);

Remarks

The internal authentication cache can be used as an alternative to the GetUserPassword event, automatically checking the cache against the security parameters provided in the request signature.

The ShowCache method is used to show the contents of the internal authentication cache.

The ClearCache method can be used to completely clear the cache.

Valid Authentication Protocols are:


HMAC-MD5-96 (1)	Message-Digest algorithm 5.
HMAC-SHA-96 (2)	Secure Hash Algorithm.
HMAC-192-SHA-256 (3)	Secure Hash Algorithm.
HMAC-384-SHA-512 (4)	Secure Hash Algorithm.

Valid Encryption Algorithms are:


DES (1)	Data Encryption Standard.
AES (2)	Advanced Encryption Standard with key length of 128.
3DES (3)	Triple Data Encryption Standard.
AES192 (4)	Advanced Encryption Standard with key length of 192.
AES256 (5)	Advanced Encryption Standard with key length of 256.

ClearCache Method (SNMPTrapMgr Component)

Clears the internal authentication database.

Syntax

procedure ClearCache();

Remarks

All user and engine records are removed from the internal authentication cache as a result of this call.

Config Method (SNMPTrapMgr Component)

Sets or retrieves a configuration setting.

Syntax

function Config(ConfigurationString: String): String;

Remarks

Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Deactivate Method (SNMPTrapMgr Component)

Deactivates the component.

Syntax

procedure Deactivate();

Remarks

This method deactivates the component and will prohibit it from sending and receiving data.

Note: Use the Active property to check whether the component is active.

DoEvents Method (SNMPTrapMgr Component)

This method processes events from the internal message queue.

Syntax

procedure DoEvents();

Remarks

When DoEvents is called, the component processes any available events. If no events are available, it waits for a preset period of time, and then returns.

HashPasswords Method (SNMPTrapMgr Component)

Hashes all passwords in the cache.

Syntax

procedure HashPasswords();

Remarks

Forces computation of all passwords hashes in the cache. Used together with the HashPassword event to enable implementations of external password hash storage.

RemoveEngine Method (SNMPTrapMgr Component)

Removes the engine specified by EngineId from the internal authentication cache.

Syntax

procedure RemoveEngine(EngineId: TBytes);

Remarks

The internal authentication cache can be used as an alternative to the GetUserPassword event, automatically checking the cache against the security parameters provided in the request signature.

The ShowCache method is used to show the contents of the internal authentication cache.

The ClearCache method can be used to completely clear the cache.

RemoveUser Method (SNMPTrapMgr Component)

Removes the user specified by User of the engine specified by EngineId from the internal authentication cache.

Syntax

procedure RemoveUser(User: String; EngineId: TBytes);

Remarks

The internal authentication cache can be used as an alternative to the GetUserPassword event, automatically checking the cache against the security parameters provided in the request signature.

The ShowCache method is used to show the contents of the internal authentication cache.

The ClearCache method can be used to completely clear the cache.

Reset Method (SNMPTrapMgr Component)

Clears the object arrays.

Syntax

procedure Reset();

Remarks

Clears the object arrays, and sets the trap and error properties to their default values. This is useful for reinitializing all the properties that are used to create outgoing packets before building a new packet.

Note: SNMPVersion will be reset to snmpverV2c (2).

ShowCache Method (SNMPTrapMgr Component)

Lists all entries in the internal user and engine database.

Syntax

procedure ShowCache();

Remarks

A CacheEntry event is fired for every record in the database.

Value Method (SNMPTrapMgr Component)

Returns the value corresponding to an OID.

Syntax

function Value(OID: String): String;

Remarks

If the OID does not exist in the Objects collection, a trappable error is generated.

Please refer to the SNMPObject type for more information.

BadPacket Event (SNMPTrapMgr Component)

Fired for erroneous and/or malformed messages.

Syntax

type TBadPacketEvent = procedure (
  Sender: TObject;
  const Packet: String;
  const PacketB: TBytes;
  const SourceAddress: String;
  SourcePort: Integer;
  ErrorCode: Integer;
  const ErrorDescription: String;
  var Report: Boolean
) of Object;

property OnBadPacket: TBadPacketEvent read FOnBadPacket write FOnBadPacket;

Remarks

The full message is provided in the Packet parameter.

The BadPacket event is also fired when authentication fails for received packets due to a bad password or other reasons.

If the Report parameter is set to True, an unauthenticated error report will be sent to the client, otherwise the packet will be silently ignored.

Please refer to the GetUserPassword event for more information concerning SNMPv3 authentication.

CacheEntry Event (SNMPTrapMgr Component)

Shows engines and users in the internal cache.

Syntax

type TCacheEntryEvent = procedure (
  Sender: TObject;
  const EngineId: String;
  const EngineIdB: TBytes;
  EngineBoots: Integer;
  EngineTime: Integer;
  const User: String;
  const AuthenticationProtocol: String;
  const AuthenticationPassword: String;
  const EncryptionAlgorithm: String;
  const EncryptionPassword: String
) of Object;

property OnCacheEntry: TCacheEntryEvent read FOnCacheEntry write FOnCacheEntry;

Remarks

CacheEntry events are triggered by a call to ShowCache. One event is fired for each user and engine. If there are no users for a particular engine, a single event is fired with the engine information, but empty values for user information.

CheckEngine Event (SNMPTrapMgr Component)

Fired to check engine parameters (timeliness, etc.).

Syntax

type TCheckEngineEvent = procedure (
  Sender: TObject;
  const EngineId: String;
  const EngineIdB: TBytes;
  EngineBoots: Integer;
  EngineTime: Integer;
  const User: String;
  SecurityLevel: Integer;
  const RemoteAddress: String;
  RemotePort: Integer;
  IsNew: Boolean;
  var Accept: Boolean
) of Object;

property OnCheckEngine: TCheckEngineEvent read FOnCheckEngine write FOnCheckEngine;

Remarks

The Accept parameter determines if the engine will be accepted or not. If you set Accept to False prior to exiting the event, the processing on the message will stop and a BadPacket event will be fired.

The default value of Accept is True if and only if:

a) the engine already exists in the internal authentication cache (the IsNew parameter is False) and the timeliness has been verified;

b) the engine does not exist in the internal authentication cache (the IsNew parameter is True), but the packet has been authenticated by the component (SecurityLevel >= 1).

In all other cases, the default value for Accept is False, and you are responsible for accepting or not accepting the engine based on other considerations.

If Accept is true upon event exit, then:

a) if the engine already exists in the internal authentication cache, its time is updated to reflect the new time and the processing of the packet continues;

b) if the engine does not exist in the internal authentication cache, it is added there and if User is authenticated, the User will be added too.

Connected Event (SNMPTrapMgr Component)

Fired immediately after a connection completes (or fails).

Syntax

type TConnectedEvent = procedure (
  Sender: TObject;
  const RemoteAddress: String;
  RemotePort: Integer;
  StatusCode: Integer;
  const Description: String
) of Object;

property OnConnected: TConnectedEvent read FOnConnected write FOnConnected;

Remarks

This event fires after a connection completes or fails.

StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was successful.

Description contains a human readable description of the status. This will be "OK" if the connection was successful.

RemoteAddress is the IP address of the remote host.

RemotePort is the port on the remote host.

Disconnected Event (SNMPTrapMgr Component)

Fired when a connection is closed.

Syntax

type TDisconnectedEvent = procedure (
  Sender: TObject;
  const RemoteAddress: String;
  RemotePort: Integer;
  StatusCode: Integer;
  const Description: String
) of Object;

property OnDisconnected: TDisconnectedEvent read FOnDisconnected write FOnDisconnected;

Remarks

This event fires after a connection is broken.

StatusCode is the value returned by the system TCP/IP stack. This will be 0 if the connection was broken normally.

Description contains a human readable description of the status. This will be "OK" if the connection was broken normally.

RemoteAddress is the IP address of the remote host.

RemotePort is the port on the remote host.

DiscoveryRequest Event (SNMPTrapMgr Component)

Fired when an SNMPv3 discovery packet is received.

Syntax

type TDiscoveryRequestEvent = procedure (
  Sender: TObject;
  const EngineId: String;
  const EngineIdB: TBytes;
  EngineBoots: Integer;
  EngineTime: Integer;
  const User: String;
  SecurityLevel: Integer;
  const SourceAddress: String;
  SourcePort: Integer;
  var Respond: Boolean
) of Object;

property OnDiscoveryRequest: TDiscoveryRequestEvent read FOnDiscoveryRequest write FOnDiscoveryRequest;

Remarks

EngineId, EngineBoots, EngineTime, and User are the values received from SourceAddress.

For SNMPv3, the User parameter shows the user that was supplied with the packet. This parameter MUST be used together with the SecurityLevel parameter which shows the level of security in the message.

The SecurityLevel parameter shows whether the request has been authenticated. If SecurityLevel is 0, the request has NOT been authenticated (i.e. the packet signature has not been verified). For an authenticated, non encrypted request, SecurityLevel is 1. For an authenticated and encrypted request, SecurityLevel is 2.

Respond is True by default, and will automatically send a response using the value in LocalEngineId. To suppress the response, set Respond to False.

The value returned to SourceAddress for EngineBoots is always 0, and EngineTime is the number of seconds since January 1st, 1970 (GMT).

Error Event (SNMPTrapMgr Component)

Fired when information is available about errors during data delivery.

Syntax

type TErrorEvent = procedure (
  Sender: TObject;
  ErrorCode: Integer;
  const Description: String
) of Object;

property OnError: TErrorEvent read FOnError write FOnError;

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the component raises an exception.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

GetUserPassword Event (SNMPTrapMgr Component)

Retrieves a password associated with a user.

Syntax

type TGetUserPasswordEvent = procedure (
  Sender: TObject;
  PasswordType: Integer;
  const User: String;
  const EngineId: String;
  const EngineIdB: TBytes;
  var Password: String;
  var Algorithm: Integer
) of Object;

property OnGetUserPassword: TGetUserPasswordEvent read FOnGetUserPassword write FOnGetUserPassword;

Remarks

The GetUserPassword event is fired after initial inspection of SNMPv3 requests.

The type of password required is provided in the PasswordType parameter: 1 for authentication, and 2 for encryption (privacy).

The password corresponding to User and EngineId must be provided in the Password parameter. If the password is valid, processing will continue to other events such as GetRequest, SetRequest, etc.

If the PasswordType parameter is 1 (authentication is used), the Algorithm parameter can be set. Possible values are:


Value	Authentication Algorithm
0 (default)	Any
1	MD5
2	SHA1
3	SHA256
4	SHA512

If the PasswordType parameter is 2 (encryption is used), the Algorithm parameter must also be set. Possible values are:


Value	Encryption Algorithm
1 (default)	DES
2	AES
3	3DES
4	AES192
5	AES256

If the password does not match the signature in the request, a BadPacket event will be fired, at which point you can decide whether to report the error to the client (see the description of the BadPacket event for more information).

If the User is invalid or unknown, set the password to empty string (default) to ignore the request. This will result in a BadPacket event being fired, at which point you can decide whether to report the error to the client or not.

GetUserSecurityLevel Event (SNMPTrapMgr Component)

Sets the security level for an incoming packet.

Syntax

type TGetUserSecurityLevelEvent = procedure (
  Sender: TObject;
  const User: String;
  const EngineId: String;
  const EngineIdB: TBytes;
  var SecurityLevel: Integer
) of Object;

property OnGetUserSecurityLevel: TGetUserSecurityLevelEvent read FOnGetUserSecurityLevel write FOnGetUserSecurityLevel;

Remarks

The GetUserSecurityLevel event is fired after the first inspection of each SNMPv3 request. The SecurityLevel parameter determines the level of security for the message.

On entry, the SecurityLevel parameter contains the default security level for User if the user is located in the internal cache, or if the User is not found in the cache, the SecurityLevel will be -1.

The value of SecurityLevel upon exiting the event, determines how the message will be processed:


-1	The message will be ignored and a BadPacket event will be fired.
0	No security. The message will be processed without any authentication and/or encryption.
1	Authentication only. The message will be checked for a valid signature and the GetUserPassword event will be fired to verify the authentication password.
2	Authentication and Privacy. The message will be checked for a valid signature and the GetUserPassword event will be fired twice: first to verify the authentication password, and then to verify the privacy password.

HashPassword Event (SNMPTrapMgr Component)

Fired before and after a password is hashed.

Syntax

type THashPasswordEvent = procedure (
  Sender: TObject;
  const Password: String;
  AuthAlgorithm: Integer;
  var Hash: String
) of Object;

property OnHashPassword: THashPasswordEvent read FOnHashPassword write FOnHashPassword;

Remarks

SNMPv3 passwords are hashed in order to obtain authentication and encryption keys. This is an expensive operation, and in certain situations it may be preferable to store the hashed passwords externally and supply them on demand.

If a hash is required, the event fires with an empty string in the Hash parameter. In this case, you can choose to supply a value for the hash and stop the component from computing the hash.

The event also fires every time a hash is computed. In this case, the Hash parameter contains the value of the computed hash.

AuthAlgorithm contains either 1 for HMAC-MD5-96, 2 for HMAC-SHA-96 or 3 for HMAC-192-SHA-256

InformRequest Event (SNMPTrapMgr Component)

Fired when an InformRequest packet is received.

Syntax

type TInformRequestEvent = procedure (
  Sender: TObject;
  RequestId: Integer;
  SNMPVersion: Integer;
  const Community: String;
  const User: String;
  SecurityLevel: Integer;
  const SourceAddress: String;
  SourcePort: Integer;
  var ErrorIndex: Integer;
  var ErrorStatus: Integer;
  const ErrorDescription: String;
  var Respond: Boolean
) of Object;

property OnInformRequest: TInformRequestEvent read FOnInformRequest write FOnInformRequest;

Remarks

The user in an InformRequest packet (SNMPv3) must be a valid user in the internal authentication cache (see the AddUser method and the CheckEngine event for more information). If not, the request is rejected, and a BadPacket event is fired before InformRequest is fired.

The list of variables in the SNMP packet, including optional values and types, is provided through the Objects collection. Each object is of type SNMPObject. This type describes the Oid, ObjectType, and Value of each SNMP object. These variables must be copied to another location before the event has completed executing, or they may be overridden by other events.

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

The MessageId parameter identifies the received request.

To send a response, the Respond parameter must be set to true. By default, this value is false, which means no response will be sent. The ErrorStatus parameter may also be set to a valid SNMP status code (the default value is 0, which represents no error).

The following is a list of valid SNMP status code values:


0 (noError)	No error.
1 (tooBig)	The response cannot fit in a single SNMP message.
2 (noSuchName)	Variable does not exist.
3 (badValue)	Invalid value or syntax.
4 (readOnly)	Variable is read-only.
5 (genError)	Other error (SNMPv1).
6 (noAccess)	Access denied.
7 (wrongType)	Wrong object type.
8 (wrongLength)	Wrong length.
9 (wrongEncoding)	Wrong encoding.
10 (wrongValue)	Wrong value.
11 (noCreation)	No creation.
12 (inconsistentValue)	Inconsistent value.
13 (resourceUnavailable)	Resource unavailable.
14 (commitFailed)	Commit failed.
15 (undoFailed)	Undo failed.
16 (authorizationError)	Authorization error.
17 (notWritable)	Variable is not writable.
18 (inconsistentName)	Inconsistent name.

The ErrorIndex parameter indicates the index of the first variable (object) that caused an error. The default value is 0.

Variable indexes start with 0. ErrorIndex has no meaning when ErrorStatus is 0 (no error).

PacketTrace Event (SNMPTrapMgr Component)

Fired for every packet sent or received.

Syntax

type TPacketTraceEvent = procedure (
  Sender: TObject;
  const Packet: String;
  const PacketB: TBytes;
  Direction: Integer;
  const PacketAddress: String;
  PacketPort: Integer
) of Object;

property OnPacketTrace: TPacketTraceEvent read FOnPacketTrace write FOnPacketTrace;

Remarks

The PacketTrace event shows all the packets sent or received by the component.

Packet contains the full contents of the datagram.

Direction shows the direction of the packet: 1 for incoming packets, and 2 for outgoing packets.

In the case of an incoming packet, PacketAddress and PacketPort identify the source of the packet.

In the case of an outgoing packet, PacketAddress and PacketPort identify the destination of the packet.

SSLClientAuthentication Event (SNMPTrapMgr Component)

Fired when the client presents its credentials to the server.

Syntax

type TSSLClientAuthenticationEvent = procedure (
  Sender: TObject;
  const RemoteAddress: String;
  RemotePort: Integer;
  const CertEncoded: String;
  const CertEncodedB: TBytes;
  const CertSubject: String;
  const CertIssuer: String;
  const Status: String;
  var Accept: Boolean
) of Object;

property OnSSLClientAuthentication: TSSLClientAuthenticationEvent read FOnSSLClientAuthentication write FOnSSLClientAuthentication;

Remarks

This event fires when a client connects to the component and presents a certificate for authentication. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").

RemoteAddress is the IP address of the connecting client.

RemotePort is the source port of the connecting client.

CertEncoded is the base64 encoded certificate presented by the client.

CertSubject is the subject of the certificate presented by the client.

CertIssuer is the subject of the issuer of the certificate presented by the client.

Status is the stauts of the certificate.

Accept defines whether the certificate is accepted.

SSLStatus Event (SNMPTrapMgr Component)

Shows the progress of the secure connection.

Syntax

type TSSLStatusEvent = procedure (
  Sender: TObject;
  const RemoteAddress: String;
  RemotePort: Integer;
  const Message: String
) of Object;

property OnSSLStatus: TSSLStatusEvent read FOnSSLStatus write FOnSSLStatus;

Remarks

The event is fired for informational and logging purposes only. It is used to track the progress of the connection.

RemoteAddress is the IP address of the remote machine.

RemotePort is the port of the remote machine.

Message is the log message.

Trap Event (SNMPTrapMgr Component)

Fired when a SNMP trap packet is received.

Syntax

type TTrapEvent = procedure (
  Sender: TObject;
  RequestId: Integer;
  SNMPVersion: Integer;
  const Community: String;
  const User: String;
  SecurityLevel: Integer;
  const TrapOID: String;
  TimeStamp: Int64;
  const AgentAddress: String;
  const SourceAddress: String;
  SourcePort: Integer
) of Object;

property OnTrap: TTrapEvent read FOnTrap write FOnTrap;

Remarks

The TrapOID and TimeStamp parameters contain the Trap OID and TimeStamp. In the case of an SNMPv1 trap, there are two possible scenarios:

First, if the enterprise of the trap is "1.3.6.1.6.3.1.1.5", TrapOID will be a concatenation of TrapEnterprise and GenericTrap + 1. For instance a TrapOID of "1.3.6.1.6.3.1.1.5.5" has a TrapEnterprise of "1.3.6.1.6.3.1.1.5" and a GenericTrap of "4".

Second, In all other cases TrapOID will be a concatenation of the values for TrapEnterprise, GenericTrap, and SpecificTrap, separated by '.'.

For SNMPv2 and above, they are read from the variable-value list (if available).

The SourceAddress and SourcePort parameters show the address and port of the sender as reported by the TCP/IP stack.

Some parameters are only applicable depending on the SNMPVersion value. The table below shows which parameters are applicable to which SNMP versions.


	SNMPv1	SNMPv2	SNMPv3
AgentAddress	X
Community	X	X
RequestId		X	X
SecurityLevel			X
User			X
SNMPVersion	X	X	X
SourceAddress	X	X	X
SourcePort	X	X	X
TimeStamp	X	X	X
TrapOID	X	X	X

Certificate Type

This is the digital certificate being used.

Remarks

This type describes the current digital certificate. The certificate may be a public or private key. The fields are used to identify or select certificates.

The following fields are available:

Fields

EffectiveDate
String (read-only)
Default Value: ""

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

ExpirationDate
String (read-only)
Default Value: ""

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

ExtendedKeyUsage
String (read-only)
Default Value: ""

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

Fingerprint
String (read-only)
Default Value: ""

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

FingerprintSHA1
String (read-only)
Default Value: ""

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

FingerprintSHA256
String (read-only)
Default Value: ""

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

Issuer
String (read-only)
Default Value: ""

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

PrivateKey
String (read-only)
Default Value: ""

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The PrivateKey may be available but not exportable. In this case, PrivateKey returns an empty string.

PrivateKeyAvailable
Boolean (read-only)
Default Value: False

Whether a PrivateKey is available for the selected certificate. If PrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

PrivateKeyContainer
String (read-only)
Default Value: ""

The name of the PrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

PublicKey
String (read-only)
Default Value: ""

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

PublicKeyAlgorithm
String (read-only)
Default Value: ""

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

PublicKeyLength
Integer (read-only)
Default Value: 0

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

SerialNumber
String (read-only)
Default Value: ""

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

SignatureAlgorithm
String (read-only)
Default Value: ""

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

Store
String
Default Value: "MY"

The name of the certificate store for the client certificate.

The StoreType property denotes the type of the certificate store specified by Store. If the store is password-protected, specify the password in StorePassword.

Store is used in conjunction with the Subject property to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:


MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

StoreB
TBytes
Default Value: "MY"

The name of the certificate store for the client certificate.

The StoreType property denotes the type of the certificate store specified by Store. If the store is password-protected, specify the password in StorePassword.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:


MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.

StorePassword
String
Default Value: ""

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

StoreType
TipnCertStoreTypes
Default Value: 0

The type of certificate store for this certificate.

The component supports both public and private keys in a variety of formats. When the cstAuto value is used, the component will automatically determine the type. This property can take one of the following values:


0 (cstUser - default)	For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: This store type is not available in Java.
1 (cstMachine)	For Windows, this specifies that the certificate store is a machine store. Note: This store type is not available in Java.
2 (cstPFXFile)	The certificate store is the name of a PFX (PKCS#12) file containing certificates.
3 (cstPFXBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format.
4 (cstJKSFile)	The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: This store type is only available in Java.
5 (cstJKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: This store type is only available in Java.
6 (cstPEMKeyFile)	The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)	The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)	The certificate store is the name of a PKCS#7 file containing certificates.
12 (cstP7BBlob)	The certificate store is a string (binary) representing a certificate store in PKCS#7 format.
13 (cstSSHPublicKeyFile)	The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)	The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)	The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)	The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)	The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)	The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)	The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)	The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: This store type is only available in Java and .NET.
22 (cstBCFKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: This store type is only available in Java and .NET.
23 (cstPKCS11)	The certificate is present on a physical security key accessible via a PKCS#11 interface. To use a security key, the necessary data must first be collected using the CertMgr component. The ListStoreCertificates method may be called after setting CertStoreType to `cstPKCS11`, CertStorePassword to the PIN, and CertStore to the full path of the PKCS#11 DLL. The certificate information returned in the CertList event's `CertEncoded` parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN. Code Example. SSH Authentication with Security Key: `certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);`
99 (cstAuto)	The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

SubjectAltNames
String (read-only)
Default Value: ""

Comma-separated lists of alternative subject names for the certificate.

ThumbprintMD5
String (read-only)
Default Value: ""

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA1
String (read-only)
Default Value: ""

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA256
String (read-only)
Default Value: ""

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

Usage
String (read-only)
Default Value: ""

The text description of UsageFlags.

This value will be one or more of the following strings and will be separated by commas:

Digital Signature
Non-Repudiation
Key Encipherment
Data Encipherment
Key Agreement
Certificate Signing
CRL Signing
Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

UsageFlags
Integer (read-only)
Default Value: 0

The flags that show intended use for the certificate. The value of UsageFlags is a combination of the following flags:


0x80	Digital Signature
0x40	Non-Repudiation
0x20	Key Encipherment
0x10	Data Encipherment
0x08	Key Agreement
0x04	Certificate Signing
0x02	CRL Signing
0x01	Encipher Only

Please see the Usage property for a text representation of UsageFlags.

This functionality currently is not available when the provider is OpenSSL.

Version
String (read-only)
Default Value: ""

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

Subject
String
Default Value: ""

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:


Field	Meaning
CN	Common Name. This is commonly a hostname like www.server.com.
O	Organization
OU	Organizational Unit
L	Locality
S	State
C	Country
E	Email Address

If a field value contains a comma, it must be quoted.

Encoded
String
Default Value: ""

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The Store and Subject properties also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

EncodedB
TBytes
Default Value: ""

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The Store and Subject properties also may be used to specify a certificate.

Constructors

constructor Create();

Creates a instance whose properties can be set. This is useful for use with when generating new certificates.

constructor Create(valEncoded: TBytes);

Parses Encoded as an X.509 public key.

constructor Create(valStoreType: TipnCertStoreTypes; valStore: String; valStorePassword: String; valSubject: String);

StoreType identifies the type of certificate store to use. See for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store.

After the store has been successfully opened, the component will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X.509 certificate's subject Distinguished Name (DN). The Subject parameter can also take an MD5, SHA-1, or SHA-256 thumbprint of the certificate to load in a "Thumbprint=value" format.

constructor Create(valStoreType: TipnCertStoreTypes; valStore: TBytes; valStorePassword: String; valSubject: String);

StoreType identifies the type of certificate store to use. See for descriptions of the different certificate stores. Store is a byte array containing the certificate data. StorePassword is the password used to protect the store.

SNMPObject Type

The current SNMP object.

Remarks

This type defines an SNMP object. Each object has an Oid, ObjectType, and Value. These values are populated by the component when incoming packets are received. You may use these fields to define objects to be used in outgoing packets.

The following fields are available:

Fields

ObjectType
TipnSNMPObjectTypes
Default Value: 5

The current object's type. The default type is NULL (5).

The corresponding object id and value are specified by the Oid and Value properties.

Possible object type values include:


otInteger (2)	2
otOctetString (4)	4
otNull (5)	5
otObjectID (6)	6
otIPAddress (64)	64
otCounter32 (65)	65
otGauge32 (66)	66
otTimeTicks (67)	67
otOpaque (68)	68
otNSAP (69)	69
otCounter64 (70)	70
otUnsignedInteger32 (71)	71

The component also supports the following artificial object values used to designate error conditions:


otNoSuchObject (128)	No such object error.
otNoSuchInstance (129)	No such instance error.
otEndOfMibView (130)	End of MIB View error.

Oid
String
Default Value: ""

The current object's id which is encoded as a string of numbers separated by periods. For instance: "1.3.6.1.2.1.1.1.0" (OID for "system description").

The corresponding object type and value (if any) are specified by the ObjectType and Value properties.

Example

SNMPControl.ObjCount = 1 SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0"

TypeString
String (read-only)
Default Value: ""

A string representation of the current object's ObjectType.

The corresponding object id and value are specified by the Oid and Value properties.

Value
String
Default Value: ""

The current object's value. The corresponding object id and type are specified by the Oid and ObjectType properties.

Example

SNMPControl.ObjCount = 1 SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0" SNMPControl.ObjValue(0) = "New Value"

ValueB
TBytes
Default Value: ""

The current object's value. The corresponding object id and type are specified by the Oid and ObjectType properties.

Example

SNMPControl.ObjCount = 1 SNMPControl.ObjId(0) = "1.3.6.1.2.1.1.1.0" SNMPControl.ObjValue(0) = "New Value"

Constructors

constructor Create();

constructor Create(valOid: String);

constructor Create(valOid: String; valValue: TBytes);

Config Settings (SNMPTrapMgr Component)

The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

SNMPTrapMgr Config Settings

AuthenticationKey: The key to use for authentication.

This setting takes the hex-encoded key for authentication and may be set inside GetUserPassword.

CompatibilityMode: Whether to operate the component in a specific compatibility mode.

This setting will cause the component to operate in a manner different than normal so that it is compatible with third-party products and libraries. The following table lists the possible values for this setting:


0 (default)	Component operates normally for greatest compatibility.
1	Component uses SNMP4j-compatible encryption (AES192 and AES256).
2	Component automatically detects whether to use SNMP4j-compatible encryption (AES192 and AES256). Note: This option is only applicable when receiving packets. If you are using SNMPMgr or sending secure traps, you will need to select either 0 or 1.

ContextEngineId: Sets the context engine id of the SNMP entity.

If set, the context engine id included in the PDU will be set.

ContextName: Sets the context name of the SNMP entity.

If set, the context name included in the PDU will be set.

DecryptLogPackets: Whether to decrypt logged packets.

When set to True this setting will cause the component to decrypt packets logged in PacketTrace. This only applies when using SNMP Version 3. The default is False.

EncryptionKey: The key to use for encryption.

This setting takes the hex-encoded key for encryption and may be set inside GetUserPassword.

ForceLocalPort: Forces the component to bind to a specific port.

The default value is True, which makes the component throw an error if LocalPort is busy. When ForceLocalPort is set to False and the port is busy, the component silently chooses another random port.

IncomingContextEngineId: The engine Id of the received packet.

This setting holds the engine Id of the received packet. This may be queried at any time, including from within an event, and returns the engine Id of the received packet. This is not needed in most cases, but can be used to store the incoming engine Id to send an asynchronous response later. This value is read-only.

IncomingContextName: The context name of the received packet.

This setting holds the context name of the received packet. This may be queried at any time, including from within an event, and returns the context name of the received packet. This is not needed in most cases, but can be used to store the incoming context name to send an asynchronous response later. This value is read-only.

ShowCacheForUser: Shows the cache entry for a single user.

This configuration setting causes the component to call ShowCache internally, and only fire the CacheEntry event for the user specified.

SourceAddress: The source address of the received packet.

This setting holds the source address of the received packet. This may be queried at any time, including from within an event, and returns the source address of the received packet. This value is read-only.

SourcePort: The source port of the received packet.

This setting holds the source port of the received packet. This may be queried at any time, including from within an event, and returns the source port of the received packet. This value is read-only.

TimeWindow: The time window used for SNMPv3 timeliness checking (authentication).

The default value is 150 (seconds).

UDP Config Settings

CaptureIPPacketInfo: Used to capture the packet information.

If this is set to True, the component will capture the IP packet information.

The default value for this setting is False.

Note: This configuration setting is available only in Windows.

DelayHostResolution: Whether the hostname is resolved when RemoteHost is set.

This configuration setting specifies whether a hostname is resolved immediately when RemoteHost is set. If True the component will resolve the hostname and the IP address will be present in the RemoteHost property. If False, the hostname is not resolved until needed by the component when a method to connect or send data is called. If desired, ResolveRemoteHost may be called to manually resolve the value in RemoteHost at any time.

The default value is False.

DestinationAddress: Used to get the destination address from the packet information.

If CaptureIPPacketInfo is set to True, then this will be populated with the packet's destination address when a packet is received. This information will be accessible in the DataIn event.

Note: This configuration setting is available only in Windows.

DontFragment: Used to set the Don't Fragment flag of outgoing packets.

When set to True, packets sent by the component will have the Don't Fragment flag set. The default value is False.

LocalHost: The name of the local host through which connections are initiated or accepted.

The LocalHost setting contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multihomed hosts (machines with more than one IP interface), setting LocalHost to the value of an interface will make the component initiate connections (or accept in the case of server components) only through that interface.

If the component is connected, the LocalHost setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multihomed hosts (machines with more than one IP interface).

LocalPort: The port in the local host where the component binds.

This configuration setting must be set before a connection is attempted. It instructs the component to bind to a specific port (or communication endpoint) in the local machine.

Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by LocalPort after the connection is established.

LocalPort cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.

This configuration setting is useful when trying to connect to services that require a trusted port on the client side. An example is the remote shell (rsh) service in UNIX systems.

MaxPacketSize: The maximum length of the packets that can be received.

This configuration setting specifies the maximum size of the datagrams that the component will accept without truncation.

QOSDSCPValue: Used to specify an arbitrary QOS/DSCP setting (optional).

UseConnection must be True to use this configuration setting. This option allows you to specify an arbitrary DSCP value between 0 and 63. The default is 0. When set to the default value, the component will not set a DSCP value.

Note: This configuration setting uses the qWAVE API and is available only on Windows 7, Windows Server 2008 R2, and later.

QOSTrafficType: Used to specify QOS/DSCP settings (optional).

UseConnection must be True to use this setting. You may specify either the text or integer values: BestEffort (0), Background (1), ExcellentEffort (2), AudioVideo (3), Voice (4), and Control (5).

Note: This configuration setting uses the qWAVE API and is available only on Windows Vista and Windows Server 2008 or above.

Note: QOSTrafficType must be set before setting Active to True.

ShareLocalPort: If set to True, allows more than one instance of the component to be active on the same local port.

This option must be set before the component is activated through the Active property or it will have no effect.

The default value for this setting is False.

UseConnection: Determines whether to use a connected socket.

UseConnection specifies whether or not the component should use a connected socket. The connection is defined as an association in between the local address/port and the remote address/port. As such, this is not a connection in the traditional Transmission Control Protocol (TCP) sense. It means only that the component will send and receive data to and from the specified destination.

The default value for this setting is False.

UseIPv6: Whether or not to use IPv6.

By default, the component expects an IPv4 address for local and remote host properties, and it will create an IPv4 socket. To use IPv6 instead, set this to True.

Socket Config Settings

AbsoluteTimeout: Determines whether timeouts are inactivity timeouts or absolute timeouts.

If AbsoluteTimeout is set to True, any method that does not complete within Timeout seconds will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout.

Note: This option is not valid for User Datagram Protocol (UDP) ports.

FirewallData: Used to send extra data to the firewall.

When the firewall is a tunneling proxy, use this property to send custom (additional) headers to the firewall (e.g., headers for custom authentication schemes).

InBufferSize: The size in bytes of the incoming queue of the socket.

This is the size of an internal queue in the Transmission Control Protocol (TCP)/IP stack. You can increase or decrease its size depending on the amount of data that you will be receiving. In some cases, increasing the value of the InBufferSize setting can provide significant improvements in performance.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the component is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

OutBufferSize: The size in bytes of the outgoing queue of the socket.

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be sending. In some cases, increasing the value of the OutBufferSize setting can provide significant improvements in performance.

Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the component is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

Base Config Settings

BuildInfo: Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

CodePage: The system code page used for Unicode to Multibyte translations.

The default code page is Unicode UTF-8 (65001).

The following is a list of valid code page identifiers:


Identifier	Name
037	IBM EBCDIC - U.S./Canada
437	OEM - United States
500	IBM EBCDIC - International
708	Arabic - ASMO 708
709	Arabic - ASMO 449+, BCON V4
710	Arabic - Transparent Arabic
720	Arabic - Transparent ASMO
737	OEM - Greek (formerly 437G)
775	OEM - Baltic
850	OEM - Multilingual Latin I
852	OEM - Latin II
855	OEM - Cyrillic (primarily Russian)
857	OEM - Turkish
858	OEM - Multilingual Latin I + Euro symbol
860	OEM - Portuguese
861	OEM - Icelandic
862	OEM - Hebrew
863	OEM - Canadian-French
864	OEM - Arabic
865	OEM - Nordic
866	OEM - Russian
869	OEM - Modern Greek
870	IBM EBCDIC - Multilingual/ROECE (Latin-2)
874	ANSI/OEM - Thai (same as 28605, ISO 8859-15)
875	IBM EBCDIC - Modern Greek
932	ANSI/OEM - Japanese, Shift-JIS
936	ANSI/OEM - Simplified Chinese (PRC, Singapore)
949	ANSI/OEM - Korean (Unified Hangul Code)
950	ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC)
1026	IBM EBCDIC - Turkish (Latin-5)
1047	IBM EBCDIC - Latin 1/Open System
1140	IBM EBCDIC - U.S./Canada (037 + Euro symbol)
1141	IBM EBCDIC - Germany (20273 + Euro symbol)
1142	IBM EBCDIC - Denmark/Norway (20277 + Euro symbol)
1143	IBM EBCDIC - Finland/Sweden (20278 + Euro symbol)
1144	IBM EBCDIC - Italy (20280 + Euro symbol)
1145	IBM EBCDIC - Latin America/Spain (20284 + Euro symbol)
1146	IBM EBCDIC - United Kingdom (20285 + Euro symbol)
1147	IBM EBCDIC - France (20297 + Euro symbol)
1148	IBM EBCDIC - International (500 + Euro symbol)
1149	IBM EBCDIC - Icelandic (20871 + Euro symbol)
1200	Unicode UCS-2 Little-Endian (BMP of ISO 10646)
1201	Unicode UCS-2 Big-Endian
1250	ANSI - Central European
1251	ANSI - Cyrillic
1252	ANSI - Latin I
1253	ANSI - Greek
1254	ANSI - Turkish
1255	ANSI - Hebrew
1256	ANSI - Arabic
1257	ANSI - Baltic
1258	ANSI/OEM - Vietnamese
1361	Korean (Johab)
10000	MAC - Roman
10001	MAC - Japanese
10002	MAC - Traditional Chinese (Big5)
10003	MAC - Korean
10004	MAC - Arabic
10005	MAC - Hebrew
10006	MAC - Greek I
10007	MAC - Cyrillic
10008	MAC - Simplified Chinese (GB 2312)
10010	MAC - Romania
10017	MAC - Ukraine
10021	MAC - Thai
10029	MAC - Latin II
10079	MAC - Icelandic
10081	MAC - Turkish
10082	MAC - Croatia
12000	Unicode UCS-4 Little-Endian
12001	Unicode UCS-4 Big-Endian
20000	CNS - Taiwan
20001	TCA - Taiwan
20002	Eten - Taiwan
20003	IBM5550 - Taiwan
20004	TeleText - Taiwan
20005	Wang - Taiwan
20105	IA5 IRV International Alphabet No. 5 (7-bit)
20106	IA5 German (7-bit)
20107	IA5 Swedish (7-bit)
20108	IA5 Norwegian (7-bit)
20127	US-ASCII (7-bit)
20261	T.61
20269	ISO 6937 Non-Spacing Accent
20273	IBM EBCDIC - Germany
20277	IBM EBCDIC - Denmark/Norway
20278	IBM EBCDIC - Finland/Sweden
20280	IBM EBCDIC - Italy
20284	IBM EBCDIC - Latin America/Spain
20285	IBM EBCDIC - United Kingdom
20290	IBM EBCDIC - Japanese Katakana Extended
20297	IBM EBCDIC - France
20420	IBM EBCDIC - Arabic
20423	IBM EBCDIC - Greek
20424	IBM EBCDIC - Hebrew
20833	IBM EBCDIC - Korean Extended
20838	IBM EBCDIC - Thai
20866	Russian - KOI8-R
20871	IBM EBCDIC - Icelandic
20880	IBM EBCDIC - Cyrillic (Russian)
20905	IBM EBCDIC - Turkish
20924	IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol)
20932	JIS X 0208-1990 & 0121-1990
20936	Simplified Chinese (GB2312)
21025	IBM EBCDIC - Cyrillic (Serbian, Bulgarian)
21027	Extended Alpha Lowercase
21866	Ukrainian (KOI8-U)
28591	ISO 8859-1 Latin I
28592	ISO 8859-2 Central Europe
28593	ISO 8859-3 Latin 3
28594	ISO 8859-4 Baltic
28595	ISO 8859-5 Cyrillic
28596	ISO 8859-6 Arabic
28597	ISO 8859-7 Greek
28598	ISO 8859-8 Hebrew
28599	ISO 8859-9 Latin 5
28605	ISO 8859-15 Latin 9
29001	Europa 3
38598	ISO 8859-8 Hebrew
50220	ISO 2022 Japanese with no halfwidth Katakana
50221	ISO 2022 Japanese with halfwidth Katakana
50222	ISO 2022 Japanese JIS X 0201-1989
50225	ISO 2022 Korean
50227	ISO 2022 Simplified Chinese
50229	ISO 2022 Traditional Chinese
50930	Japanese (Katakana) Extended
50931	US/Canada and Japanese
50933	Korean Extended and Korean
50935	Simplified Chinese Extended and Simplified Chinese
50936	Simplified Chinese
50937	US/Canada and Traditional Chinese
50939	Japanese (Latin) Extended and Japanese
51932	EUC - Japanese
51936	EUC - Simplified Chinese
51949	EUC - Korean
51950	EUC - Traditional Chinese
52936	HZ-GB2312 Simplified Chinese
54936	Windows XP: GB18030 Simplified Chinese (4 Byte)
57002	ISCII Devanagari
57003	ISCII Bengali
57004	ISCII Tamil
57005	ISCII Telugu
57006	ISCII Assamese
57007	ISCII Oriya
57008	ISCII Kannada
57009	ISCII Malayalam
57010	ISCII Gujarati
57011	ISCII Punjabi
65000	Unicode UTF-7
65001	Unicode UTF-8

The following is a list of valid code page identifiers for Mac OS only:


Identifier	Name
1	ASCII
2	NEXTSTEP
3	JapaneseEUC
4	UTF8
5	ISOLatin1
6	Symbol
7	NonLossyASCII
8	ShiftJIS
9	ISOLatin2
10	Unicode
11	WindowsCP1251
12	WindowsCP1252
13	WindowsCP1253
14	WindowsCP1254
15	WindowsCP1250
21	ISO2022JP
30	MacOSRoman
10	UTF16String
0x90000100	UTF16BigEndian
0x94000100	UTF16LittleEndian
0x8c000100	UTF32String
0x98000100	UTF32BigEndian
0x9c000100	UTF32LittleEndian
65536	Proprietary

LicenseInfo: Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a component is using. It will return the following information:

Product: The product the license is for.
Product Key: The key the license was generated from.
License Source: Where the license was found (e.g., RuntimeLicense, License File).
License Type: The type of license installed (e.g., Royalty Free, Single Server).
Last Valid Build: The last valid build number for which the license will work.

MaskSensitiveData: Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to True to mask sensitive data. The default is True.

This setting only works on these components: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

UseInternalSecurityAPI: Whether or not to use the system security libraries or an internal implementation.

When set to False, the component will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this configuration setting to True tells the component to use the internal implementation instead of using the system security libraries.

This setting is set to False by default on all platforms.

Trappable Errors (SNMPTrapMgr Component)

SNMPTrapMgr Errors

301	Bad Object Index.
302	Value exceeds maximum number of objects allowed.
303	The value must be an IP address in dotted format.
305	Unsupported SNMP version.
306	Unknown PDU type.
307	The component is busy performing the current action.
308	Verification failed.
309	Missing password for Verification.
310	Missing signature.
311	Missing remote time.
312	Missing timeout value.
313	Decryption Failed.
314	Missing password for decryption.
315	Not encrypted.
316	Security model not supported.
317	Defective packet
318	Not from bound point.
319	Operation not permitted in current role.
320	Bad packet.
321	Message not authenticated.
322	No such oid.
323	Missing privacy parameter.
324	Bad engine id.
325	Bad time frame.
326	Bad user name.
327	Security level was not accepted.
328	Discovery failed.
329	Incorrect key length.

The component may also return one of the following error codes, which are inherited from other components.

UDP Errors

104	UDP is already Active.
106	You cannot change the LocalPort while the component is Active.
107	You cannot change the LocalHost at this time. A connection is in progress.
109	The component must be Active for this operation.
112	You cannot change MaxPacketSize while the component is Active.
113	You cannot change ShareLocalPort option while the component is Active.
114	You cannot change RemoteHost when UseConnection is set and the component Active.
115	You cannot change RemotePort when UseConnection is set and the component is Active.
116	RemotePort cannot be zero when UseConnection is set. Please specify a valid service port number.
117	You cannot change UseConnection while the component is Active.
118	Message cannot be longer than MaxPacketSize.
119	Message too short.
434	Unable to convert string to selected CodePage.

SSL Errors

270	Cannot load specified security library.
271	Cannot open certificate store.
272	Cannot find specified certificate.
273	Cannot acquire security credentials.
274	Cannot find certificate chain.
275	Cannot verify certificate chain.
276	Error during handshake.
280	Error verifying certificate.
281	Could not find client certificate.
282	Could not find server certificate.
283	Error encrypting data.
284	Error decrypting data.

TCP/IP Errors

10004	[10004] Interrupted system call.
10009	[10009] Bad file number.
10013	[10013] Access denied.
10014	[10014] Bad address.
10022	[10022] Invalid argument.
10024	[10024] Too many open files.
10035	[10035] Operation would block.
10036	[10036] Operation now in progress.
10037	[10037] Operation already in progress.
10038	[10038] Socket operation on nonsocket.
10039	[10039] Destination address required.
10040	[10040] Message is too long.
10041	[10041] Protocol wrong type for socket.
10042	[10042] Bad protocol option.
10043	[10043] Protocol is not supported.
10044	[10044] Socket type is not supported.
10045	[10045] Operation is not supported on socket.
10046	[10046] Protocol family is not supported.
10047	[10047] Address family is not supported by protocol family.
10048	[10048] Address already in use.
10049	[10049] Cannot assign requested address.
10050	[10050] Network is down.
10051	[10051] Network is unreachable.
10052	[10052] Net dropped connection or reset.
10053	[10053] Software caused connection abort.
10054	[10054] Connection reset by peer.
10055	[10055] No buffer space available.
10056	[10056] Socket is already connected.
10057	[10057] Socket is not connected.
10058	[10058] Cannot send after socket shutdown.
10059	[10059] Too many references, cannot splice.
10060	[10060] Connection timed out.
10061	[10061] Connection refused.
10062	[10062] Too many levels of symbolic links.
10063	[10063] File name is too long.
10064	[10064] Host is down.
10065	[10065] No route to host.
10066	[10066] Directory is not empty
10067	[10067] Too many processes.
10068	[10068] Too many users.
10069	[10069] Disc Quota Exceeded.
10070	[10070] Stale NFS file handle.
10071	[10071] Too many levels of remote in path.
10091	[10091] Network subsystem is unavailable.
10092	[10092] WINSOCK DLL Version out of range.
10093	[10093] Winsock is not loaded yet.
11001	[11001] Host not found.
11002	[11002] Nonauthoritative 'Host not found' (try again or check DNS setup).
11003	[11003] Nonrecoverable errors: FORMERR, REFUSED, NOTIMP.
11004	[11004] Valid name, no data record (check DNS setup).