JP4358069B2 - COMMUNICATION DEVICE, COMMUNICATION DEVICE CONTROL METHOD, PROGRAM, AND RECORDING MEDIUM - Google Patents

Description

  The present invention relates to a communication device having a function of processing a command in accordance with SNMP (Simple Network Management Protocol), a communication device control method for controlling such a communication device, and a computer for such communication. The present invention relates to a program for functioning as a device and a computer-readable recording medium on which such a program is recorded.

2. Description of the Related Art Conventionally, communication apparatuses capable of communication via a network are adapted to support SNMP, which is a network device management protocol. Examples of such communication devices include office equipment such as printers and digital multi-function peripherals. A device that supports this SNMP can refer to or change settings from an external device via a network by using a management tool called an SNMP manager.
Technologies related to such SNMP-compatible devices are described in, for example, Patent Document 1 and Patent Document 2.
JP 2000-285066 A JP 2003-316672-A

  Also, in recent years, an application having the same function as the SNMP manager is installed in the apparatus, and a setting reference is made by accessing from an external PC (personal computer) using a web browser, a telnet client, or the like. A communication device that can perform update or update has also been developed.

  However, version 1 (v1) and version 2 (v2), which are currently widely used SNMP, are not particularly provided with a user authentication function. Therefore, it is conceivable to take measures such as securing security by using a character string called a community as a substantial password and restricting accessible information according to the community used at the time of access.

However, in this situation, as long as the community name matches, it is necessary to say that the strength of the security is low, such as it becomes possible to refer to and change the device settings with administrator rights. There was a problem.
Japanese Patent Application Laid-Open No. 2004-228620 describes that the access authority at the time of setting change is confirmed using a dynamically generated community name, but if a specific community name is used, this dynamic Since the generated community name can be acquired, the security strength is still not sufficient.

Even in such a situation, if it is not allowed to change the setting of the device for all community names, a situation in which the setting is changed illegally can be prevented. The same applies to setting reference. However, if this is done, there is a problem in that it is impossible to refer to or change the settings of the device via the network and the convenience of the device is reduced.
An object of the present invention is to solve such problems and to maintain high security while enabling a setting change from an external device in a communication device having a function of processing a command according to SNMP.

  In order to achieve the above object, a communication device according to the present invention includes a processing unit that performs processing according to a received command according to SNMP, and an internal that converts a command received from an external device into a command that can be processed by the processing unit. An SNMP manager, an identification means for identifying whether or not a command to be processed by the processing means is generated by the internal SNMP manager, and the contents of processing by the processing means are changed based on a determination result of the means And an access control means.

In such a communication apparatus, the access control means may be provided with means for preventing the processing means from executing a setting change process according to a command not generated by the internal SNMP manager.
Further, the identification means may be provided with means for identifying whether or not the command is generated by the internal SNMP manager based on the socket information used when the processing means receives the command to be processed.

  The communication device control method according to the present invention includes a processing unit that performs processing according to a received command in accordance with SNMP, and an internal SNMP manager that changes a command received from an external device to a command that can be processed by the processing unit. In the control method of the communication device for controlling the communication device having the above, an identification procedure for identifying whether or not the command to be processed by the processing means is generated by the internal SNMP manager in the communication device, An access control procedure for changing the content of processing by the processing means based on the determination result is executed.

In addition, the program of the present invention includes a processing unit that performs processing according to a received command in accordance with SNMP, an internal SNMP manager that changes a command received from an external device to a command that can be processed by the processing unit, As identification means for identifying whether or not the command to be processed by the processing means is generated by the internal SNMP manager, and access control means for changing the contents of processing by the processing means based on the determination result of the means It is a program to make it function.
The recording medium of the present invention is a computer-readable recording medium on which the above program is recorded.

According to the communication apparatus or the communication apparatus control method of the present invention as described above, in a communication apparatus having a function of processing a command according to SNMP, it is possible to maintain high security while enabling setting change from an external apparatus. can do.
Further, according to the program of the present invention, the computer can be functioned as the above communication device to realize its characteristics, and similar effects can be obtained.
According to the recording medium of the present invention, the above effect can be obtained by causing a computer not storing the above program to read and execute the program.

The best mode for carrying out the present invention will be described below with reference to the drawings.
First, the configuration of a network device that is an embodiment of a communication apparatus according to the present invention will be described. FIG. 1 is a block diagram showing the configuration of the network device together with a PC (personal computer) that can access the network device.
A network device 10 shown in FIG. 1 is a digital multi-function peripheral which is an image processing apparatus having various functions such as copying, printers, scanners, and facsimile communications, and includes a CPU 11, a ROM 12, a RAM 13, a non-volatile memory (NVRAM) 14, A network I / F 15 and an engine unit 16 are provided.

The CPU 11 is a control unit that performs overall control of the network device 10 and functions as a unit such as a processing unit, an identification unit, and an access control unit by executing various programs recorded in the ROM 12 or the nonvolatile memory 14. As will be described later, various functions according to the features of this embodiment are realized.
The ROM 12 is a nonvolatile storage unit, and stores programs executed by the CPU 11, fixed parameters, and the like. The ROM 12 may be configured as a rewritable storage means so that these data can be updated.

The RAM 13 is storage means for storing temporarily used data or used as a work memory for the CPU 11.
The non-volatile memory 14 is a rewritable non-volatile storage means such as a flash memory or an HDD (hard disk drive), and is a program executed by the CPU 11 and parameters that need to be retained even after the apparatus is turned off. The value of etc. is memorized. Some MIB (Management Information Base) tree format data that is referred to and changed using an SNMP command is stored in the nonvolatile memory 14.

  The network interface (I / F) 15 is an interface for connecting the network device 10 to the network 30, and is an interface for performing, for example, Ethernet (registered trademark) communication. And when communicating with another apparatus via the network 30, this network I / F15 and CPU11 function as a communication means. Note that various types of networks 30 can be used regardless of whether they are wired or wireless, and an appropriate network I / F 15 is prepared according to the standard of the network 30, the communication protocol used, and the like. It is also possible to provide a plurality of network I / Fs 15 corresponding to a plurality of standards.

  The engine unit 16 is an image forming unit, an image reading unit, a facsimile communication unit, and the like. When the CPU 11 appropriately controls these operations, the network unit 10 performs various operations such as copying, printers, scanners, and facsimile communication. Can be executed. Since this part is not so much related to the feature of this embodiment, the illustration is kept simple.

  The network device 10 as described above can communicate with the PC 20 via the network 30 here. The network device 10 is compatible with SNMP as will be described later, and it is possible to refer to or change the set parameter values by accessing the PC 20 using various clients.

  Next, FIG. 2 shows a software configuration of a part related to the feature of this embodiment in the network device 10 and the PC 20. In the following description, in order to simplify the description, expressions such as the software having the function or the function being realized by the software are used for the function realized by the CPU executing the software. Sometimes.

As shown in FIG. 2, software for realizing the functions related to the features of this embodiment in the network device 10 is mainly the network module 100 and the web module 140.
The network module 100 is a program module for providing a function related to communication via the network, and a daemon for providing a function for performing communication according to the protocol for each communication protocol that the network device 10 can use. Contains a called program.

Here, the network module includes three types of daemons: an HTTP (Hypertext Transfer Protocol) daemon 110, a Telnet (telnet) daemon 120, and an SNMP daemon 130.
The HTTP daemon 110 is a protocol daemon that enables communication by HTTP and provides a Web server function. The web module 140 has a function of providing a web page using the HTTP daemon 110.

  The Telnet daemon 120 is a protocol daemon that enables communication using the Telnet protocol and provides a Telnet server function. The Telnet daemon 120 is linked to the SNMP library 121. By using this SNMP library 121, the SNMP daemon 130 can process a Telnet command received from the external device such as the PC 20 by the Telnet protocol. It also has a function of converting to a command and passing the command to the SNMP daemon 130 for processing. The SNMP library 121 is a module for providing the function of the internal SNMP manager.

  The SNMP daemon 130 is a protocol daemon for enabling communication by SNMP (reception of SNMP commands and transmission of responses thereto), and provides the function of an SNMP master agent. The SNMP command is received in the state described in the SNMP request, but can also be received from an SNMP manager provided in an external device such as the PC 20 or received from the SNMP libraries 121 and 142 inside the network device 10. You can also. In addition, although it is possible to process the command received from either one in the same way, here, the command from the inside of the device and the command from the outside are handled differently. For this reason, the SNMP daemon 130 is provided with a module for providing the functions of the request source determination unit 131 and the authority confirmation unit 132.

  The request source determination unit 131 has a function of identifying whether the SNMP request is from the inside of the device or from the outside, using information on the socket used when the SNMP daemon 130 receives the SNMP request. . Moreover, it also has a function of adding information on a family type according to the determination result to the SNMP request, and here corresponds to an identification unit that executes the process of the identification procedure.

  Here, the socket is a communication endpoint for performing inter-process communication. The socket used differs depending on whether communication is performed inside the device or communication with the outside of the device. Therefore, if the SNMP daemon 130 knows which socket is used when receiving the SNMP request, the transmission source is inside or outside of the device without performing a process for particularly authenticating the transmission source. Can be identified.

  Note that, even when communication is performed with the same external device, when a process related to the SNMP daemon 130 performs communication with other processes using a plurality of lower-level protocols, for example, IP (Internet Protocol) and IPX (Internetwork Packet eXchange) ), A different socket may be provided for each protocol used. In such a case, the lower protocol used for communication can also be identified by the socket information. However, identification up to this point is not indispensable, and it is only necessary to identify the inside or the outside of the device as a minimum. The same applies to information described as a family type.

In addition, the authority confirmation unit 132 uses the SNMP request transmission source information acquired by the request source determination unit 131 and the community information described in the request, and is described in the received SNMP request. This function corresponds to an access control means for executing the process of the access control procedure. This determination is made with reference to the internal community information management table 133, the external community information management table 134, and the MIB view table 135.
The contents of each of these tables and the contents of processing related to confirmation of command execution by the authority confirmation unit 132 will be described later. If the authority confirmation unit 132 determines that the command can be executed, the SNMP daemon 130 Is sent to the SNMP subagent 160 to execute processing related to the command.

The SNMP subagent 160 accepts a command from the SNMP daemon 130, which is an SNMP master agent, and performs processing related to the command, for example, references and changes of MIB information stored in the nonvolatile memory 14, and the like. It is a program that realizes a function that returns a simple response. Here, an SNMP subagent 160 is provided for each function of the network device 10 such as a FAX subagent or a copy subagent. Further, the SNMP daemon 130 and the SNMP subagent 160 realize the function of the processing means.
In addition, when receiving a response to the command from the SNMP subagent 160, the SNMP daemon 130 has a function of converting this response into an appropriate format if necessary and returning it to the source of the SNMP request.

Next, the web module 140 is a module that provides a function to refer to or change settings in the network device 10 using a web GUI (graphical user interface).
Then, an HTTP request is received via the HTTP daemon 110, the content of the request by the HTTP request is interpreted by the WWW library (world wide web library: libwww) 141, and if the request is a display of a web page, An operation such as returning the data of the page in the HTTP response is performed. This web page includes a page including a GUI for instructing reference or change of settings in the network device 10 and a page whose contents are dynamically generated.

The web module 140 is linked to the SNMP library 142. When the content of the request by the HTTP request is the reference or change of the setting in the network device 10, the content is passed to the SNMP library 142 and sent to the SNMP library 142. The daemon 130 is converted into an SNMP request including an SNMP command that can be processed. It also has a function of passing the SNMP request to the SNMP daemon 130 to execute a process related to the command, writing the result in an HTTP response, and returning it to the sender of the HTTP request. This result can also be returned as web page data describing the result.
Although the SNMP library 142 is shown separately from the SNMP library 121 in FIG. 2, these may be configured as a common module and linked in common from the Telnet daemon 120 and the web module 140.

On the other hand, the PC 20 includes an HTTP client 21, a Telnet client 22 and an SNMP manager 23 as programs for accessing the network device 10.
For example, a web browser can be used as the HTTP client 21, and an HTTP request can be transmitted to the network device 10. Then, the web page data including the GUI for referring to or changing the setting of the network device 10 can be acquired from the network device 10 and displayed, or the setting reference or change can be instructed from the GUI. .

FIG. 3 shows an example of a GUI displayed on the HTTP client 21.
This GUI screen 210 is a screen for instructing several settings including the name of the network device 10. When the GUI screen 210 is displayed, the setting contents at the time of display are displayed in each item on the screen (if the network device 10 permits the reference of information).
For example, when a name to be set for the network device 10 is input in the name setting field 211 and the apply button 213 is pressed, a command for requesting the name setting to the network device 10 can be transmitted. The data flow in this case is indicated by solid arrows in FIG. This command is described in the HTTP request and transmitted to the network device 10 (S11 in FIG. 2), passed to the WWW library 141 of the web module 140 via the HTTP daemon 110 (S12), and is sent to the SNMP library 142 by the SNMP library 142. It is converted into a command and passed to the SNMP daemon 130 (S13).

If the authority confirmation unit 132 permits the execution, the SNMP daemon 130 passes the command to the SNMP subagent 160 for execution (S15, S16), and returns the result to the SNMP library 142 (S17). When the authority confirmation unit 132 does not permit the execution, a response to that effect is returned to the SNMP library 142. Then, the SNMP library 142 passes this result to the WWW library 141, and the WWW library generates an HTTP response including the result of the setting process, and returns it to the HTTP client 21 via the HTTP daemon 110 (S17, S18). The HTTP client 21 displays a web page indicating a setting result based on the received HTTP response information.
When the display update button 212 is pressed on the GUI screen 210, a command for referring to the setting content is transmitted to the network device 10 as in the above case, and if the execution is permitted, the GUI screen 210 is updated with the latest setting content. The display can be updated to reflect the above.

  The Telnet client 22 is a program for accessing the network device 10 using the Telnet protocol. Then, by logging in to the network device 10 using the Telnet client 22 and inputting a predetermined command, the network device 10 can be instructed to refer to or change the setting.

FIG. 4 shows an example of an operation screen in the case of instructing change of settings using the Telnet client 22.
In this example, the part indicated by reference numeral 221 in the operation screen 220 corresponds to the process of specifying the IP address to access the network apparatus 10, and the part indicated by reference numeral 222 is input to the network apparatus 10 by entering a password. The part corresponding to the process of logging in, the part indicated by reference numeral 223 is the display of the part corresponding to the process of inputting the command for changing the name of the network device 10 to “test” from the command line and causing the network device 10 to execute it. .

  The flow of data in this case is indicated by a dashed line arrow in FIG. In this case, the command is transmitted as a Telnet command from the Telnet client 22 to the network device 10, and on the network device 10 side, the Telnet daemon 120 receives this command and passes it to the SNMP library 121 (S21 in FIG. 2). The command is converted into an SNMP command and passed to the SNMP daemon 130 (S22).

The process in the SNMP daemon 130 is the same as that in the case of the HTTP client 21 described above, and thus the description thereof will be omitted. However, the SNMP daemon 130 returns a command execution result or a result indicating that execution cannot be permitted to the SNMP library 121 (S28). The Telnet daemon 120 receives this, converts it into a response to the Telnet command, and returns it to the Telnet client 22 (S29).
Then, the Telnet client 22 displays the command execution result based on the received response.

  The SNMP manager 23 is a program for managing a device corresponding to SNMP from the PC 20 and has a function of generating an SNMP command and transmitting it to the network device 10.

FIG. 5 shows an example of an operation screen in the case where a setting change is instructed using the SNMP manager 23.
As shown in this figure, the SNMP manager 23 used here has a wizard-type user interface. When the user inputs or selects a necessary or answer to a question from a program, the network device 10 is selected. It is possible to set. The setting screen 230 shown in FIG. 5 is a screen for inputting a name to be set for the network device 10. For example, the name is input to the name input unit 231 and the next screen key 232 is pressed to follow the subsequent instructions. Thus, an SNMP request including a command for requesting the network device 10 to change the name can be transmitted.

The data flow in this case is indicated by broken-line arrows in FIG. In this case, an SNMP command can be directly transmitted from the SNMP manager 23 to the network device 10. Then, on the network device 10 side, the SNMP daemon 130 receives this (S31 in FIG. 2).
The processing in the SNMP daemon 130 is the same as that in the case of the above HTTP client 21 except for the processing described later relating to the determination of whether or not the command can be executed in the authority confirmation unit 132. The execution result or the result indicating that the execution cannot be permitted can be returned to the SNMP manager 23 (S34).
Then, the SNMP manager 23 can display a screen for notifying the user of the contents based on the received result.

  In this way, the user accesses the network device 10 from the PC 20 via the network 30 to instruct reference or change of settings regardless of which program of the HTTP client 21, Telnet client 22, and SNMP manager 23 is used. be able to. However, whether or not the execution is permitted depends on the setting contents on the network device 10 side.

Next, processing related to command execution permission confirmation by the authority confirmation unit 132 will be described together with the contents of each table used for this processing.
First, FIG. 6 shows an example of the internal community information management table 133.
This table is referred to when the authority confirmation unit 132 determines that the target SNMP request is received from the inside of the network device 10. Then, for each community name (item of “community name”) assumed to be described in the SNMP request received from inside, a range (“read”) in which read access (reference) may be permitted in the MIB tree. Item) and information (“write” item) indicating the range in which write access (change) may be permitted.

In the read and write items, the access permitted range is described using information called view, and the contents of the view used here are defined in the MIB view table 135.
In the example illustrated in FIG. 6, when the community name is “internal”, both reference and change may be permitted for the range defined by “View1” in the MIB tree.

FIG. 7 shows an example of the external community information management table 134.
This table is a table that is referred to when the authority confirmation unit 132 determines that the target SNMP request is received from outside the network device 10. Then, in this table, for each community name assumed to be described in the SNMP request received from the outside, as in the case of the internal community information management table 133, read access (reference) ) (Information “write”) indicating a range in which permission is permitted (item “read”) and a range in which write access (change) is permitted.

  In the example shown in FIG. 7, when the community name is “public”, the reference is permitted for the range defined by “View1” in the MIB tree, and the change is also permitted for the range defined by “View0”. It is good. In addition, when the community name is “admin”, the reference indicates that the range defined by “View1” in the MIB tree may be permitted, and the change may also be permitted for the range defined by “View2”. Yes.

FIG. 8 shows an example of the MIB view table 135.
As described above, this table describes the definition of the view that defines the range of the MIB tree that may be permitted to be accessed in each community information management table. For each view type ("view name" item), information indicating whether to specify a range where access is permitted or a range where access is not permitted (item of "designation mode"), the MIB tree Among them, information indicating the contents of the range where access is permitted or not permitted (item of “target tree”) is described.

When specifying a range to allow access, only allow access to the range described in the “Target Tree” item, and to specify a range not to allow access, specify the “Target Tree” item. It is possible to specify that access is permitted only to a range other than the range described in. In addition, a plurality of discontinuous ranges can be described in the “target tree”.
In the example illustrated in FIG. 8, for the view “View 1”, it is defined that access is permitted for the range indicated by “1.3.6.1” of the MIB tree, that is, for all ranges. The view of “Viwe2” defines that access is permitted only for the range indicated by “1.3.6.1.2.1.1” of the MIB tree, that is, the range related to system settings. For the view “View 0”, it is defined that access is not permitted for the entire range of the MIB tree.

When determining whether or not to execute an SNMP command described in a certain SNMP request, the authority confirmation unit 132 first refers to the information of the familytype described in the SNMP request (added by the request source determination unit 131), It is determined whether the SNMP request is received from the inside of the network device 10 or received from the outside.
For example, if the “family_type” is “AF_SNMPLIB” indicating the SNMP library 121 or 142, it can be determined that it has been received from the inside, and if “AF_INET” indicating that it has been received using IP, it can be determined that it has been received from the outside. .

If it is received from the inside, the internal community information management table 133 is referred to, and if it is received from the outside, the external community information management table 134 is referred to To obtain view information indicating a range in which access is permitted based on the community name described in the above and information on whether the command content is reference or change of setting, and refer to the MIB view table 135 Get the definition of that view.
If the reference or change target by the command is within a range where access can be permitted, execution of the command is permitted, and if not, execution of the command is rejected.

Note that when the SNMP daemon 130 communicates with a process of an external device such as the PC 20 using a plurality of lower-level protocols, the socket may differ depending on the protocol, and the family type may differ accordingly. For example, the family type is “AF_INET” when IP is used, but “AF_IPX” when IPX is used.
In this case, it may be possible to prepare a community information management table for each familytype separately. However, if the familytype indicates reception from the outside, the content depends on the contents. Instead, a common external community information management table may be used.
Further, when the familytype indicates reception from the inside, even if the community name does not match that described in the internal community information management table 133, the default view (for example, in FIG. Access may be permitted according to the content of “internal” shown).

Next, the operations of the request source determination unit 131 and the authority confirmation unit 132 described above will be described more specifically.
FIG. 9 is a diagram for explaining processing when an SNMP request is received from the internal SNMP library and the SNMP manager of the external device. In this figure, the contents of each table 133-135 are as shown in FIGS. 6-8.
Further, here, a command for setting the name of the network device 10 to “test” will be described as an example, but this command uses the value “test” as the information on the position of “1.3.6.1.2.1.1.1” in the MIB tree. The command for “SET (change)” is described as the last three lines of the SNMP request 301 or 311.

First, a case where the internal SNMP library 121 or 142 transmits the SNMP request 301 describing “internal” as a community to the SNMP daemon 130 will be described. The processing flow in this case is indicated by solid arrows in FIG.
In this case, when the SNMP daemon 130 receives the SNMP request 301, the request source determining unit 131 first determines that the received SNMP request is from the inside of the network device 10 based on the socket information used at the time of reception. , The SNMP request 302 in which “AF_SNMPLIB” is written as the falimytype is passed to the authority confirmation unit 132.

Then, since the authority confirmation unit 132 knows that the SNMP request 302 is from the inside of the device from the information on the familytype, the authority confirmation unit 132 refers to the internal community information management table 133 and displays view information indicating a range in which access can be permitted. get. In this case, since the community is “internal” and the setting is changed, it can be seen from FIG. 6 that the view is “View1”.
Then, the authority confirmation unit 132 accesses the MIB view table 135 and acquires the content of “View1”. In this case, it can be seen from FIG. 8 that “View 1” is information indicating that all information is accessible. Therefore, since it is understood that the execution of the SNMP request 302 may be permitted, the SNMP request is passed as the SNMP request 303 to the SNMP subagent 160 for execution.

Next, a case where the external SNMP manager 23 sends a command to the SNMP daemon 130 with the SNMP request 211 in which “admin” is described as a community will be described. The flow of processing in this case is indicated by broken arrows in FIG.
In this case, when the SNMP daemon 130 receives the SNMP request 311, the request source determining unit 131 first determines that the received SNMP request is from the outside of the network device 10 based on the socket information used at the time of reception. , The SNMP request 312 in which “AF_INET” is written as the falimytype is passed to the authority confirmation unit 132.

  Since the authority confirmation unit 132 knows that the SNMP request 312 is from the outside of the device from the information of the familytype, the authority confirmation unit 132 refers to the external community information management table 134 and displays view information indicating a range in which access can be permitted. get. In this case, since the community is “admin” and the setting is changed, it can be seen from FIG. 7 that the view is “View 2”.

Then, the authority confirmation unit 132 accesses the MIB view table 135 and acquires the content of “View2”. In this case, it can be seen from FIG. 8 that “View 2” is information indicating that the information below 1.3.6.1.2.1.1 is accessible. Then, it is 1.3.6.1.2.1.1.1 that the SNMP request 212 is trying to access, and since it is included in the range where access is permitted, the execution of the SNMP request 312 may be permitted. Therefore, the SNMP request is passed to the SNMP subagent 160 as an SNMP request 313 for execution.
If the command is an attempt to access outside the permitted range as in 1.3.6.1.2.1.2.1, the authority confirmation unit 132 rejects the execution of the command, An error indicating this is returned to the transmission source of the SNMP request 311.

  By the way, the internal community information management table 133, the external community information management table 134, and the MIB view table 135 are described in the SNMP daemon 130 in FIG. 2, but the contents of these tables are also set in the network device 10. The contents are stored in the nonvolatile memory 14 so that they can be referred to and changed from the web module 140. In this case, the user gives an instruction for reference and change from the GUI displayed on the HTTP client 21. When the web module 140 receives this instruction, the contents of each table are acquired or changed according to the instruction.

In addition to the setting of the table contents, the network device 10 is provided with a mode in which no setting change instruction from an external SNMP manager is accepted. It is possible to shift to the mode.
Such setting is also possible from the GUI displayed on the HTTP client 21. Note that the page data including the GUI in this case is supplied by the web module 140.

FIG. 10 shows an example of a GUI for performing such setting.
In this GUI screen 240, by selecting “valid” in the external setting prohibition mode setting field 241 and pressing the apply key 242, the network device 10 does not accept any setting change instruction from the external SNMP manager. Can be instructed to shift to the mode. This instruction is described in the HTTP request and transmitted to the network device 10.
On the network device 10 side, this instruction is transmitted to the web module 140 via the HTTP daemon 110. When the content of the HTTP request received by the WWW library 141 is interpreted and it is determined that the setting instruction is for the external setting prohibition prohibition mode, the web module 140 executes processing related to the setting.

  FIG. 11 shows a flowchart of this process. This process turns ON the flag indicating “prohibition of setting from outside” in the nonvolatile memory 14 (S101) and restarts the SNMP daemon 130 (S102). It is. The process of returning the execution result as a response is performed according to a general process flow separately from this process.

FIG. 12 is a flowchart of a portion related to the “setting prohibition from outside” setting in the startup process of the SNMP daemon 130.
This activation process is performed not only at the time of the above-described restart but also at the time of power-on or reset of the network device 10. The contents of the external community information management table 134 are read from the nonvolatile memory 14 and the authority is read. This includes processing for making it possible to refer to the confirmation unit 132 (S111). However, if the flag indicating “prohibition of setting from the outside” of the nonvolatile memory 14 is ON in step S112, the item “Write” in the external community information management table 134 is accessed for all communities in step S113. A process of changing to View (in this case, “View 0”) indicating prohibition is performed. If the flag indicating “prohibition of setting from outside” is OFF, the external community information management table 134 is not particularly changed.
The startup process of the SNMP daemon 130 includes a process of reading the contents of the internal community information management table 133 from the nonvolatile memory 14 in addition to the part shown in FIG. Yes.

By performing such activation processing, when the flag indicating “setting prohibition from the outside” is ON, for example, even if information as illustrated in FIG. 7 is stored in the nonvolatile memory, At the end of activation, the information as shown in FIG.
Therefore, the authority confirmation unit 132 is generated by the SNMP request received from the outside of the network device 10, that is, the internal SNMP manager (in this case, the SNMP libraries 121 and 142), regardless of the contents of the original external community information management table 134. For the SNMP command described in the SNMP request other than the requested one, an operation that does not permit execution of the command for changing the setting is performed.
It is also possible to change the flag indicating “prohibition of setting from outside” from ON to OFF. In this case as well, the SNMP daemon 130 is restarted after the change. In this case, the contents of the external community information management table 134 stored in the nonvolatile memory are directly reflected in the operation.

  FIG. 14 is a diagram corresponding to FIG. 9, showing the operations of the request source determination unit 131 and the authority confirmation unit 132 when the flag indicating “setting prohibition from outside” is ON. In this case, the contents of the external community information management table 134 are as shown in FIG. 13 as described above. The contents of the internal community information management table 133 and the MIB view table 135 are the contents shown in FIGS. 6 and 8, respectively, and are the same as those in FIG.

As shown in this figure, even when the flag indicating “setting prohibition from outside” is ON, the operation related to the SNMP request received from the inside of the network device 10 is the same as the case of FIG. 9, that is, “setting prohibition from outside”. This is the same as when the flag shown is OFF.
Even if it is received from the outside, the operation of the request source determination unit 131 is not different from the case of FIG. However, in this case, in the external community information management table 134 referred to by the authority confirmation unit 132, the setting for not permitting “write” access is made, and therefore the authority confirmation unit 132 is described in the SNMP request 312. Returns an error response.

15 and 16 show the processing sequence of the setting change process of the network device 10 as described with reference to FIGS.
FIG. 15 is a diagram showing processing when a change is instructed from the Telnet client 22, that is, processing when an SNMP command generated inside the network device 10 is passed to the SNMP daemon 130.
Of the processes in each step described in FIG. 15, those having numbers corresponding to those in FIG. 2 indicate processes corresponding to the processes described in FIG. 2. Step S23 is processing in which the request source determination unit 131 adds familytype information to the SNMP request and passes the information to the authority confirmation unit 132. Step S24 is applied by the authority confirmation unit 132 with reference to the internal community information management table 133. The process of acquiring the information of the view to be performed, step S25 similarly refers to the process of acquiring the contents of the view acquired in step S24 with reference to the MIB view table 135.

On the other hand, FIG. 16 is a diagram showing a process when a change is instructed from the SNMP manager 23, that is, a process when an SNMP command generated outside the network device 10 is passed to the SNMP daemon 130.
Of the processes in each step described in FIG. 16, those having numbers corresponding to those in FIG. 2 indicate processes corresponding to the processes described in FIG. 2. Step S32 is processing in which the request source determination unit 131 adds familytype information to the SNMP request and passes the information to the authority confirmation unit 132. Step S33 is applied by the authority confirmation unit 132 with reference to the external community information management table 134. The process of acquiring the information of the view to be performed, step S34 similarly indicates the process of acquiring the contents of the view acquired in step S33 with reference to the MIB view table 135.
Step S37 above the broken line is a process in the case where the execution of the command is not permitted and an error response is returned, and steps S35 to S37 below the broken line are a continuation of the process of step S34 above the broken line. The processing when command execution is permitted is shown.

As described above, in the network device 10, by providing the request source determination unit 131 and the authority confirmation unit 132, the SNMP request generated by the SNMP manager inside the device and the SNMP generated by the SNMP manager outside the device. It is possible to respond differently to requests.
In general, the SNMP manager installed in the device can be understood by the device manufacturer. Therefore, it is not possible to provide a function to output a change command for a specific setting. It is possible to take measures to prevent the setting from being changed. Further, when accessing the SNMP manager from the outside, it is necessary to transmit a request to the SNMP manager after accessing the device using a client compatible with another protocol. It is also possible to authenticate a user using a certificate.

On the other hand, regarding the SNMP manager outside the device, it is not always possible to grasp what function the device manufacturer has, and there is a risk that a fatal setting change may be made by mistake. Further, since SNMP does not have a sufficient authentication function, unauthorized access can be made relatively easily. Therefore, it can be said that there is a problem in terms of security if access from an SNMP manager outside the device is permitted over a wide range.
Therefore, as described above, if the SNMP request transmission source is internal or external (other than internal) of the device, it is possible to cope differently and limit the execution of commands related to the SNMP request from the outside. , Can improve security.

In this case, with respect to an SNMP request from the outside, security can be further improved if no execution of a command for changing the setting is permitted. Even if this is done, if an SNMP manager is provided inside, the network device 10 is accessed from the outside via the network by accessing the network device 10 from the HTTP client 21 or the Telnet client 22 or the like. It is possible to change, and convenience does not decrease so much.
In addition, a flag indicating "prohibition of setting from outside" is provided so that an operation that does not permit any execution of a command for changing the setting of an external SNMP request can be performed by setting one item. Therefore, even if it is necessary to change whether or not to allow execution of the command according to the situation, it can be changed with a simple operation.

Further, in the network device 10 described above, the request source determination unit 131 performs identification using information on the socket from which the SNMP daemon 130 has received the SNMP request. Can be easily and reliably identified. Although it is not essential to do so, it is not always necessary to specify the transmission source in the application described here, so it is preferable to adopt such an identification method also from the viewpoint of prevention of impersonation. .
Further, in the above-described embodiment, an example has been described in which even when a setting change due to an SNMP request from the outside is rejected, the original setting is followed when referring to the setting. However, all references may be rejected.

  Further, it goes without saying that the software configuration, communication protocol to be used, data format, contents, etc. are not limited to those described in the above-described embodiment. For example, the range of the MIB tree that allows access to the community information management table may be directly described without using a view. In particular, information indicating that access is not permitted for the entire range such as “View0” may be expressed by a special code such as “none”. It is also conceivable that programs for realizing the functions of the request source determination unit 131 and the authority confirmation unit 132 are provided outside the SNMP daemon 130, and these programs are called when the SNMP daemon 130 is necessary. .

  Of course, the present invention can be applied to any communication device as long as it can be applied to other communication devices via a network. Applicable objects include, for example, general-purpose computers, network home appliances, vending machines, medical equipment, power supply devices, air conditioning systems, gas, in addition to image processing devices such as printers, fax machines, digital copiers, scanners, and digital multifunction peripherals.・ Communication devices that have a communication function in metering systems such as water and electricity, automobiles, and airplanes are conceivable.

The program according to the present invention is a program for causing a computer to function as a communication device such as the network device 10 described above. By causing the computer to execute such a program, the above-described effects can be obtained. Can do.
Such a program may be stored in a storage means such as a ROM or HDD provided in the computer from the beginning, but a non-volatile recording such as a CD-ROM or flexible disk, SRAM, EEPROM, memory card or the like as a recording medium. It can also be recorded on a medium (memory) and provided. Each procedure described above can be executed by installing a program recorded in the memory in a computer and causing the CPU to execute the program, or causing the CPU to read and execute the program from the memory.
Furthermore, it is also possible to download and execute an external device that is connected to a network and includes a recording medium that records the program, or an external device that stores the program in the storage unit.

As described above, according to the communication device, the control method of the communication device, the program, or the recording medium of the present invention, the communication device having the function of processing the command according to the SNMP can change the setting from the external device. Can maintain high security.
Therefore, by utilizing the present invention, a communication device that achieves both high security and convenience can be configured.

It is the block diagram which showed the structure of the network apparatus which is embodiment of the communication apparatus of this invention with PC which can access the network apparatus. FIG. 2 is a diagram illustrating a software configuration of a portion related to the feature of the embodiment in the network device and the PC illustrated in FIG. 1. FIG. 3 is a diagram illustrating an example of a GUI displayed on the HTTP client illustrated in FIG. 2. It is a figure which shows the example of the operation | movement screen in the case of similarly instruct | indicating the change of a setting using a Telnet client. It is a figure which shows the example of the operation | movement screen when instruct | indicating the change of a setting similarly using a SNMP manager. It is a figure which shows the example of the internal community information management table shown in FIG. It is a figure which similarly shows the example of the external community information management table. It is a figure which similarly shows the example of a MIB view table. It is a figure for demonstrating a process when the SNMP daemon shown in FIG. 2 receives an SNMP request from an internal SNMP library and the SNMP manager of an external device. It is a figure which shows the example of GUI for performing the setting regarding the mode which does not accept the setting change instruction from an external SNMP manager at all.

It is a flowchart which shows the process performed when it receives the instruction | indication which transfers to the mode which does not accept the setting change instruction | indication from an external SNMP manager at all. It is a flowchart which shows a part of starting process of a SNMP daemon. It is a figure which shows the example of the external community information management table in the mode which does not accept the setting change instruction from an external SNMP manager at all. FIG. 10 is a diagram corresponding to FIG. 9 for describing the operation of the SNMP daemon in a mode in which no setting change instruction from an external SNMP manager is received. FIG. 3 is a sequence diagram showing a flow of processing when a change in network device setting is instructed from the Telnet client shown in FIG. 2. It is a sequence diagram which shows the flow of a process when similarly instruct | indicating the change of the setting of a network device from the SNMP manager.

Explanation of symbols

10: network device, 11: CPU, 12: ROM, 13: RAM,
14: non-volatile memory, 15: network I / F, 16: engine unit,
17: System bus, 20: PC, 21: HTTP client,
22: Telnet client, 23: SNMP manager, 30: Network
100: Network module, 110: HTTP daemon,
120: Telnet daemon 121, 142: SNMP library
130: SNMP daemon 131: Request source determination unit 132: Authority confirmation unit
133: Community information management table for internal use
134: Community information management table for external use, 135: MIB view table,
140: Web module, 141: WWW library,
160: SNMP subagent

Claims (6)

Processing means for performing processing according to the received command in accordance with SNMP;
An internal SNMP manager that converts a command received from an external device into a command that can be processed by the processing means;
Identifying means for identifying whether a command to be processed by the processing means is generated by the internal SNMP manager;
An access control means for changing the contents of the processing by the processing means based on the determination result of the means. The communication device according to claim 1,
The communication apparatus, wherein the access control means includes means for preventing the processing means from executing a setting change process according to a command not generated by the internal SNMP manager. The communication device according to claim 1 or 2,
The identification means includes means for identifying whether or not the command is generated by the internal SNMP manager based on information on a socket used when the processing means receives a command to be processed. Communication device. Processing means for performing processing according to the received command in accordance with SNMP;
A communication device control method for controlling a communication device having an internal SNMP manager that changes a command received from an external device to a command that can be processed by the processing means,
In the communication device,
An identification procedure for identifying whether the command to be processed by the processing means is generated by the internal SNMP manager;
A control method for a communication apparatus, comprising: executing an access control procedure for changing a content of processing by the processing unit based on a determination result in the procedure. Computer
Processing means for performing processing according to the received command in accordance with SNMP;
An internal SNMP manager that changes a command received from an external device into a command that can be processed by the processing means;
Identifying means for identifying whether a command to be processed by the processing means is generated by the internal SNMP manager;
A program for functioning as an access control means for changing the contents of processing by the processing means based on the determination result of the means. A computer-readable recording medium on which the program according to claim 5 is recorded.

Images