OTP-8395: Sequence number in Audit Trail Logs.

3 files changed, 562 insertions, 103 deletions

diff --git a/lib/snmp/src/misc/snmp_config.erl b/lib/snmp/src/misc/snmp_config.erl
index ad41eaf160..0ee373a4d4 100644
--- a/lib/snmp/src/misc/snmp_config.erl
+++ b/lib/snmp/src/misc/snmp_config.erl
@@ -1,19 +1,19 @@
 %% 
 %% %CopyrightBegin%
-%% 
-%% Copyright Ericsson AB 1996-2009. All Rights Reserved.
-%% 
+%%
+%% Copyright Ericsson AB 1996-2010. All Rights Reserved.
+%%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
 %% compliance with the License. You should have received a copy of the
 %% Erlang Public License along with this software. If not, it can be
 %% retrieved online at http://www.erlang.org/.
-%% 
+%%
 %% Software distributed under the License is distributed on an "AS IS"
 %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
 %% the License for the specific language governing rights and limitations
 %% under the License.
-%% 
+%%
 %% %CopyrightEnd%
 %% 
 
@@ -327,10 +327,15 @@ config_agent_sys() ->
 			    ATLRepair = ask("23f. Audit trail log repair "
 					    "(true/false/truncate/snmp_repair)?", "true",
 					    fun verify_atl_repair/1),
+			    ATLSeqNo = ask("23g. Audit trail log "
+					   "sequence-numbering (true/false)?", 
+					   "false",
+					   fun verify_atl_seqno/1),
 			    [{audit_trail_log, [{type,   ATLType},
 						{dir,    ATLDir},
 						{size,   ATLSize},
-						{repair, ATLRepair}]}];
+						{repair, ATLRepair},
+						{seqno, ATLSeqNo}]}];
 			no ->
 			    []
 		    end,
@@ -400,8 +405,39 @@ config_agent_sys() ->
 		NetIf = [{module,    NetIfMod},
 			 {verbosity, NetIfVerb},
 			 {options,   NetIfOpts}],
+		TermDiscoEnable = ask("26a. Allow terminating discovery "
+				      "(true/false)?", "true",
+				      fun verify_bool/1),
+		TermDiscoConf = 
+		    case TermDiscoEnable of
+			true ->
+			    TermDiscoStage2 = 
+				ask("26b. Second stage behaviour "
+				    "(discovery/plain)?", "discovery",
+				    fun verify_term_disco_behaviour/1),
+			    TermDiscoTrigger = 
+				ask("26c. Trigger username "
+				    "(default/a string)?", "default",
+				    fun verify_term_disco_trigger_username/1),
+			    [{enable, TermDiscoEnable},
+			     {stage2, TermDiscoStage2},
+			     {trigger_username, TermDiscoTrigger}];
+			false ->
+			    [{enable, TermDiscoEnable},
+			     {stage2, discovery},
+			     {trigger_username, ""}]
+		    end,
+		OrigDiscoEnable = ask("27a. Allow originating discovery "
+				      "(true/false)?", "true",
+				      fun verify_bool/1),
+		OrigDiscoConf = 
+		    [{enable, OrigDiscoEnable}], 
+		DiscoveryConfig = 
+		    [{terminating, TermDiscoConf},
+		     {originating, OrigDiscoConf}], 
 		[{agent_type,      master},
 		 {agent_verbosity, MasterAgentVerb},
+		 {discovery,       DiscoveryConfig}, 
 		 {config,          [{dir,        ConfigDir}, 
 				    {force_load, ForceLoad},
 				    {verbosity,  ConfigVerb}]},
@@ -644,23 +680,31 @@ config_manager_sys() ->
 		 "(y/n)?",
 		 "n", fun verify_yes_or_no/1) of
 	    yes ->
-		ATLDir = ask("19b. Where to store the "
+		ATLType = ask("19b. Audit trail log type "
+			      "(write/read_write)?",
+			      "read_write", fun verify_atl_type/1),
+		ATLDir = ask("19c. Where to store the "
 			     "audit trail log?",
 			     DefDir, fun verify_dir/1),
-		ATLMaxFiles = ask("19c. Max number of files?", 
+		ATLMaxFiles = ask("19d. Max number of files?", 
 				  "10", 
 				  fun verify_pos_integer/1),
-		ATLMaxBytes = ask("19d. Max size (in bytes) "
+		ATLMaxBytes = ask("19e. Max size (in bytes) "
 				  "of each file?", 
 				  "10240", 
 				  fun verify_pos_integer/1),
 		ATLSize = {ATLMaxBytes, ATLMaxFiles},
-		ATLRepair = ask("19e. Audit trail log repair "
+		ATLRepair = ask("19f. Audit trail log repair "
 				"(true/false/truncate/snmp_repair)?", "true",
 				fun verify_atl_repair/1),
-		[{audit_trail_log, [{dir,    ATLDir},
+		ATLSeqNo = ask("19g. Audit trail log sequence-numbering "
+			       "(true/false)?", "false",
+			       fun verify_atl_seqno/1),
+		[{audit_trail_log, [{type,   ATLType},
+				    {dir,    ATLDir},
 				    {size,   ATLSize},
-				    {repair, ATLRepair}]}];
+				    {repair, ATLRepair},
+				    {seqno,  ATLSeqNo}]}];
 	    no ->
 		[]
 	end,
@@ -1180,6 +1224,13 @@ verify_atl_repair("snmp_repair") ->
 verify_atl_repair(R) ->
     {error, "invalid audit trail log repair: " ++ R}.
 
+verify_atl_seqno("true") ->
+    {ok, true};
+verify_atl_seqno("false") ->
+    {ok, false};
+verify_atl_seqno(SN) ->
+    {error, "invalid audit trail log seqno: " ++ SN}.
+
 
 verify_pos_integer(I0) ->
     case (catch list_to_integer(I0)) of
@@ -1237,6 +1288,18 @@ verify_irb_user(TO) ->
     end.
     
 
+verify_term_disco_behaviour("discovery") ->
+    {ok, discovery};
+verify_term_disco_behaviour("plain") ->
+    {ok, plain};
+verify_term_disco_behaviour(B) ->
+    {error, "invalid terminating discovery behaviour: " ++ B}.
+
+verify_term_disco_trigger_username("default") ->
+    {ok, ""};
+verify_term_disco_trigger_username(Trigger) ->
+    {ok, Trigger}.
+
 
 verify_user_id(UserId) when is_list(UserId) ->
     case (catch list_to_atom(UserId)) of
@@ -2096,6 +2159,10 @@ write_sys_config_file_agent_opt(Fid, {audit_trail_log, Opts}) ->
     ok = io:format(Fid, "     {audit_trail_log, [", []),
     write_sys_config_file_agent_atl_opts(Fid, Opts),
     ok = io:format(Fid, "}", []);
+write_sys_config_file_agent_opt(Fid, {discovery, Opts}) ->
+    ok = io:format(Fid, "     {discovery, [", []),
+    write_sys_config_file_agent_disco_opts(Fid, Opts),
+    ok = io:format(Fid, "}", []);
 write_sys_config_file_agent_opt(Fid, {net_if, Opts}) ->
     ok = io:format(Fid, "     {net_if, ~w}", [Opts]);
 write_sys_config_file_agent_opt(Fid, {mib_server, Opts}) ->
@@ -2139,7 +2206,58 @@ write_sys_config_file_agent_atl_opt(Fid, {type, Type}) ->
 write_sys_config_file_agent_atl_opt(Fid, {size, Size}) ->
     ok = io:format(Fid, "{size, ~w}", [Size]);
 write_sys_config_file_agent_atl_opt(Fid, {repair, Rep}) ->
-    ok = io:format(Fid, "{repair, ~w}", [Rep]).
+    ok = io:format(Fid, "{repair, ~w}", [Rep]);
+write_sys_config_file_agent_atl_opt(Fid, {seqno, SeqNo}) ->
+    ok = io:format(Fid, "{seqno, ~w}", [SeqNo]).
+
+
+%% These options are allways there
+write_sys_config_file_agent_disco_opts(Fid, [Opt]) ->
+    write_sys_config_file_agent_disco_opt(Fid, Opt),
+    ok = io:format(Fid, "]", []),
+    ok;
+write_sys_config_file_agent_disco_opts(Fid, [Opt|Opts]) ->
+    write_sys_config_file_agent_disco_opt(Fid, Opt),
+    ok = io:format(Fid, ", ", []),
+    write_sys_config_file_agent_disco_opts(Fid, Opts).
+    
+write_sys_config_file_agent_disco_opt(Fid, {terminating, Opts}) ->
+    ok = io:format(Fid, "{terminating, [", []),
+    write_sys_config_file_agent_term_disco_opts(Fid, Opts),
+    ok = io:format(Fid, "}", []);
+write_sys_config_file_agent_disco_opt(Fid, {originating, Opts}) ->
+    ok = io:format(Fid, "{originating, [", []),
+    write_sys_config_file_agent_orig_disco_opts(Fid, Opts),
+    ok = io:format(Fid, "}", []).
+
+write_sys_config_file_agent_term_disco_opts(Fid, [Opt]) ->
+    write_sys_config_file_agent_term_disco_opt(Fid, Opt),
+    ok = io:format(Fid, "]", []),
+    ok;
+write_sys_config_file_agent_term_disco_opts(Fid, [Opt|Opts]) ->
+    write_sys_config_file_agent_term_disco_opt(Fid, Opt),
+    ok = io:format(Fid, ", ", []),
+    write_sys_config_file_agent_term_disco_opts(Fid, Opts).
+    
+write_sys_config_file_agent_term_disco_opt(Fid, {enable, Enable}) ->
+    ok = io:format(Fid, "{enable, ~w}", [Enable]);
+write_sys_config_file_agent_term_disco_opt(Fid, {stage2, Stage2}) ->
+    ok = io:format(Fid, "{stage2, ~w}", [Stage2]);
+write_sys_config_file_agent_term_disco_opt(Fid, {trigger_username, Trigger}) ->
+    ok = io:format(Fid, "{trigger_username, \"~s\"}", [Trigger]).
+
+write_sys_config_file_agent_orig_disco_opts(Fid, [Opt]) ->
+    write_sys_config_file_agent_orig_disco_opt(Fid, Opt),
+    ok = io:format(Fid, "]", []),
+    ok;
+write_sys_config_file_agent_orig_disco_opts(Fid, [Opt|Opts]) ->
+    write_sys_config_file_agent_orig_disco_opt(Fid, Opt),
+    ok = io:format(Fid, ", ", []),
+    write_sys_config_file_agent_orig_disco_opts(Fid, Opts).
+    
+write_sys_config_file_agent_orig_disco_opt(Fid, {enable, Enable}) ->
+    ok = io:format(Fid, "{enable, ~w}", [Enable]).
+
 
 
 write_sys_config_file_manager_opts(Fid, [Opt]) ->
diff --git a/lib/snmp/src/misc/snmp_log.erl b/lib/snmp/src/misc/snmp_log.erl
index c3932ccc08..9f4fdf97ca 100644
--- a/lib/snmp/src/misc/snmp_log.erl
+++ b/lib/snmp/src/misc/snmp_log.erl
@@ -1,19 +1,19 @@
 %% 
 %% %CopyrightBegin%
-%% 
-%% Copyright Ericsson AB 1997-2009. All Rights Reserved.
-%% 
+%%
+%% Copyright Ericsson AB 1997-2010. All Rights Reserved.
+%%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
 %% compliance with the License. You should have received a copy of the
 %% Erlang Public License along with this software. If not, it can be
 %% retrieved online at http://www.erlang.org/.
-%% 
+%%
 %% Software distributed under the License is distributed on an "AS IS"
 %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
 %% the License for the specific language governing rights and limitations
 %% under the License.
-%% 
+%%
 %% %CopyrightEnd%
 %% 
 
@@ -21,12 +21,19 @@
 
 
 -export([
-	 create/4, create/5, 
+	 create/4, create/5, create/6, 
 	 change_size/2, close/1, sync/1, info/1, 
 	 log/4, 
 	 log_to_txt/5, log_to_txt/6, log_to_txt/7,
 	 log_to_io/4,  log_to_io/5,  log_to_io/6
 	]).
+-export([
+	 upgrade/1, upgrade/2, 
+	 downgrade/1
+	]).
+-export([
+	 validate/1, validate/2
+	]).
 
 
 -define(SNMP_USE_V3, true).
@@ -38,30 +45,74 @@
 -define(LOG_FORMAT, internal).
 -define(LOG_TYPE,   wrap).
 
+-record(snmp_log, {id, seqno}).
+
 
 %% --------------------------------------------------------------------
 %% Exported functions
 %% --------------------------------------------------------------------
 
+upgrade(Log) when is_record(Log, snmp_log) ->
+    Log;
+upgrade(Log) ->
+    upgrade(Log, disabled).
+
+upgrade(Log, _SeqNoGen) when is_record(Log, snmp_log) ->
+    Log;
+upgrade(Log, {M, F, A} = SeqNoGen) 
+  when (is_atom(M) andalso is_atom(F) andalso is_list(A)) ->
+    #snmp_log{id = Log, seqno = SeqNoGen};
+upgrade(Log, SeqNoGen) 
+  when is_function(SeqNoGen, 0) ->
+    #snmp_log{id = Log, seqno = SeqNoGen};
+upgrade(Log, disabled = SeqNoGen) ->
+    #snmp_log{id = Log, seqno = SeqNoGen}.
+
+downgrade(#snmp_log{id = Log}) ->
+    Log;
+downgrade(Log) ->
+    Log.
+
 
 %% -- create ---
 
 create(Name, File, Size, Repair) ->
-    create(Name, File, Size, Repair, false).
-
-create(Name, File, Size, Repair, Notify) ->
+    create(Name, File, disabled, Size, Repair, false).
+
+create(Name, File, Size, Repair, Notify) 
+  when (((Repair =:= true) orelse 
+	 (Repair =:= false) orelse 
+	 (Repair =:= truncate) orelse 
+	 (Repair =:= snmp_repair)) andalso 
+	((Notify =:= true) orelse
+	 (Notify =:= false))) ->
+    create(Name, File, disabled, Size, Repair, Notify);
+create(Name, File, SeqNoGen, Size, Repair) ->
+    create(Name, File, SeqNoGen, Size, Repair, false).
+
+create(Name, File, SeqNoGen, Size, Repair, Notify) 
+  when (((Repair =:= true) orelse 
+	 (Repair =:= false) orelse 
+	 (Repair =:= truncate) orelse 
+	 (Repair =:= snmp_repair)) andalso 
+	((Notify =:= true) orelse
+	 (Notify =:= false))) ->
     ?vtrace("create -> entry with"
-	    "~n   Name:   ~p"
-	    "~n   File:   ~p"
-	    "~n   Size:   ~p"
-	    "~n   Repair: ~p"
-	    "~n   Notify: ~p", [Name, File, Size, Repair, Notify]),
-    log_open(Name, File, Size, Repair, Notify).
+	    "~n   Name:     ~p"
+	    "~n   File:     ~p"
+	    "~n   SeqNoGen: ~p"
+	    "~n   Size:     ~p"
+	    "~n   Repair:   ~p"
+	    "~n   Notify:   ~p", [Name, File, SeqNoGen, Size, Repair, Notify]),
+    log_open(Name, File, SeqNoGen, Size, Repair, Notify);
+create(Name, File, SeqNoGen, Size, Repair, Notify) ->
+    {error, {bad_args, Name, File, SeqNoGen, Size, Repair, Notify}}.
+    
     
 
 %% -- close ---
 
-close(Log) ->
+close(#snmp_log{id = Log}) ->
     ?vtrace("close -> entry with"
 	    "~n   Log: ~p", [Log]),
     disk_log:close(Log).
@@ -69,14 +120,25 @@ close(Log) ->
 
 %% -- close ---
 
+sync(#snmp_log{id = Log}) ->
+    do_sync(Log);
 sync(Log) ->
+    do_sync(Log).
+
+do_sync(Log) ->
     ?vtrace("sync -> entry with"
 	    "~n   Log: ~p", [Log]),
     disk_log:sync(Log).
 
+
 %% -- info ---
 
+info(#snmp_log{id = Log}) ->
+    do_info(Log);
 info(Log) ->
+    do_info(Log).
+
+do_info(Log) ->
     case disk_log:info(Log) of
 	Info when is_list(Info) ->
 	    Items = [no_current_bytes, no_current_items, 
@@ -97,6 +159,138 @@ info_filter([Item|Items], Info, Acc) ->
     end.
 
 
+%% -- validate --
+
+%% This function is used to "validate" a log.
+%% At present this means making sure all entries
+%% are in the proper order, and if sequence numbering
+%% is used that no entries are missing.
+%% It is intended to be used for testing.
+
+validate(Log) ->
+    validate(Log, false).
+
+validate(#snmp_log{id = Log}, SeqNoReq) ->
+    validate(Log, SeqNoReq);
+validate(Log, SeqNoReq) 
+  when ((SeqNoReq =:= true) orelse (SeqNoReq =:= false)) ->
+    Validator = 
+	fun({Timestamp, SeqNo, _Packet, _Addr, _Port}, {PrevTS, PrevSN}) ->
+		?vtrace("validating log entry when"
+			"~n   Timestamp: ~p"
+			"~n   SeqNo:     ~p"
+			"~n   PrevTS:    ~p"
+			"~n   PrevSN:    ~p", 
+			[Timestamp, SeqNo, PrevTS, PrevSN]),
+		validate_timestamp(PrevTS, Timestamp),
+		validate_seqno(PrevSN, SeqNo),
+		{Timestamp, SeqNo};
+
+	   ({Timestamp, _Packet, _Addr, _Port}, {PrevTS, _PrevSN}) when SeqNoReq =:= true -> 
+		?vtrace("validating log entry when"
+			"~n   Timestamp: ~p"
+			"~n   PrevTS:    ~p", 
+			[Timestamp, PrevTS]),
+		throw({error, {missing_seqno, Timestamp}});
+
+	   ({Timestamp, _Packet, _Addr, _Port}, {PrevTS, PrevSN}) -> 
+		?vtrace("validating log entry when"
+			"~n   Timestamp: ~p"
+			"~n   PrevTS:    ~p", 
+			[Timestamp, PrevTS]),
+		validate_timestamp(PrevTS, Timestamp),
+		{Timestamp, PrevSN};
+
+	   (E, Acc) ->
+		?vtrace("validating bad log entry when"
+			"~n   E:   ~p"
+			"~n   Acc: ~p", 
+			[E, Acc]),
+		throw({error, {bad_entry, E, Acc}})
+	end,
+    try
+	begin
+	    validate_loop(disk_log:chunk(Log, start), 
+			  Log, Validator, first, first)
+	end
+    catch 
+	throw:Error ->
+	    Error
+    end.
+    
+%% We shall check that TS2 >= TS1
+validate_timestamp(first, _TS2) ->
+    ok;
+validate_timestamp({LT1, UT1} = TS1, {LT2, UT2} = TS2) ->
+    LT1_Secs = calendar:datetime_to_gregorian_seconds(LT1),
+    UT1_Secs = calendar:datetime_to_gregorian_seconds(UT1),
+    LT2_Secs = calendar:datetime_to_gregorian_seconds(LT2),
+    UT2_Secs = calendar:datetime_to_gregorian_seconds(UT2),
+    case ((LT2_Secs >= LT1_Secs) andalso (UT2_Secs >= UT1_Secs)) of
+	true ->
+	    ok;
+	false ->
+	    throw({error, {invalid_timestamp, TS1, TS2}})
+    end;
+validate_timestamp(TS1, TS2) ->
+    throw({error, {bad_timestamp, TS1, TS2}}).
+
+
+%% The usual case when SN2 = SN1 + 1
+validate_seqno(first, SN2) 
+  when is_integer(SN2) >= 1 ->
+    ok;
+
+%% The usual case when SN2 = SN1 + 1
+validate_seqno(SN1, SN2) 
+  when is_integer(SN1) andalso is_integer(SN2) andalso 
+       (SN2 =:= (SN1 + 1)) andalso (SN1 >= 1) ->
+    ok;
+
+%% The case when we have a wrap
+validate_seqno(SN1, SN2) 
+  when is_integer(SN1) andalso is_integer(SN2) andalso 
+       (SN2 < SN1) andalso (SN2 >= 1) ->
+    ok;
+
+%% And everything else must be an error...
+validate_seqno(SN1, SN2) -> 
+    throw({error, {bad_seqno, SN1, SN2}}).
+
+validate_loop(eof, _Log, _Validatior, _PrevTS, _PrevSN) ->
+    ok;
+validate_loop({error, _} = Error, _Log, _Validator, _PrevTS, _PrevSN) ->
+    Error;
+validate_loop({corrupt_log_file, _} = Reason, 
+	      _Log, _Validator, _PrevTS, _PrevSN) ->
+    {error, Reason};
+validate_loop({Cont, Terms}, Log, Validator, PrevTS, PrevSN) ->
+    ?vtrace("validate_loop -> entry with"
+	    "~n   Terms:  ~p"
+	    "~n   PrevTS: ~p"
+	    "~n   PrevSN: ~p", [Terms, PrevTS, PrevSN]),
+    {NextTS, NextSN} = lists:foldl(Validator, {PrevTS, PrevSN}, Terms), 
+    ?vtrace("validate_loop -> "
+	    "~n   NextTS: ~p"
+	    "~n   NextSN: ~p", [NextTS, NextSN]),
+    validate_loop(disk_log:chunk(Log, Cont), Log, Validator, NextTS, NextSN);
+validate_loop({Cont, Terms, BadBytes}, Log, Validator, PrevTS, PrevSN) ->
+    ?vtrace("validate_loop -> entry with"
+	    "~n   Terms:    ~p"
+	    "~n   BadBytes: ~p"
+	    "~n   PrevTS:   ~p"
+	    "~n   PrevSN:   ~p", [Terms, BadBytes, PrevTS, PrevSN]),
+    error_logger:error_msg("Skipping ~w bytes while validating ~p~n~n", 
+			   [BadBytes, Log]),
+    {NextTS, NextSN} = lists:foldl(Validator, {PrevTS, PrevSN}, Terms), 
+    ?vtrace("validate_loop -> "
+	    "~n   NextTS: ~p"
+	    "~n   NextSN: ~p", [NextTS, NextSN]),
+    validate_loop(disk_log:chunk(Log, Cont), Log, Validator, NextTS, NextSN);
+validate_loop(Error, _Log, _Write, _PrevTS, _PrevSN) ->
+    Error.
+    
+
 %% -- log ---
 
 %%-----------------------------------------------------------------
@@ -109,19 +303,48 @@ info_filter([Item|Items], Info, Acc) ->
 %%-----------------------------------------------------------------
 
 
-log(Log, Packet, Addr, Port) ->
+log(#snmp_log{id = Log, seqno = SeqNo}, Packet, Addr, Port) ->
     ?vtrace("log -> entry with"
 	    "~n   Log:  ~p"
 	    "~n   Addr: ~p"
 	    "~n   Port: ~p", [Log, Addr, Port]),
-    Entry = {timestamp(), Packet, Addr, Port},
-    disk_log:alog(Log, Entry).
+    Entry = make_entry(SeqNo, Packet, Addr, Port), 
+%%     io:format("log -> "
+%% 	      "~n   Entry: ~p"
+%% 	      "~n   Info:  ~p"
+%% 	      "~n", [Entry, disk_log:info(Log)]),
+    Res = disk_log:alog(Log, Entry),
+%%     io:format("log -> "
+%% 	      "~n   Res:  ~p"
+%% 	      "~n   Info: ~p"
+%% 	      "~n", [Res, disk_log:info(Log)]),
+    %% disk_log:sync(Log), 
+    Res.
+   
+
+
+make_entry(SeqNoGen, Packet, Addr, Port) ->
+    try next_seqno(SeqNoGen) of
+	disabled ->
+	    {timestamp(), Packet, Addr, Port};
+	{ok, NextSeqNo} ->
+	    {timestamp(), NextSeqNo, Packet, Addr, Port}
+    catch
+	_:_ ->
+	    {timestamp(), Packet, Addr, Port}
+    end.
 
+next_seqno({M, F, A}) ->
+    {ok, apply(M, F, A)};
+next_seqno(F) when is_function(F) ->
+    {ok, F()};
+next_seqno(_) ->
+    disabled.
 
 
 %% -- change_size ---
 
-change_size(Log, NewSize) ->
+change_size(#snmp_log{id = Log}, NewSize) ->
     ?vtrace("change_size -> entry with"
 	    "~n   Log:     ~p"
 	    "~n   NewSize: ~p", [Log, NewSize]),
@@ -171,6 +394,23 @@ log_to_io(Log, FileName, Dir, Mibs, Start, Stop)
     log_convert(Log, File, Converter).
 
 
+%% -- log_to_plain ---
+
+%% log_to_plain(Log, FileName, Dir) ->
+%%     log_to_plain(Log, FileName, Dir, null, null).
+
+%% log_to_plain(Log, FileName, Dir, Start) ->
+%%     log_to_plain(Log, FileName, Dir, Start, null).
+
+%% log_to_plain(Log, FileName, Dir, Start, Stop) 
+%%   when is_list(Mibs) ->
+%%     File = filename:join(Dir, FileName),
+%%     Converter = fun(L) ->
+%% 			do_log_to_plain(L, Start, Stop)
+%% 		end,
+%%     log_convert(Log, File, Converter).
+
+
 %% --------------------------------------------------------------------
 %% Internal functions
 %% --------------------------------------------------------------------
@@ -178,7 +418,12 @@ log_to_io(Log, FileName, Dir, Mibs, Start, Stop)
 
 %% -- log_convert ---
 
+log_convert(#snmp_log{id = Log}, File, Converter) ->
+    do_log_convert(Log, File, Converter);
 log_convert(Log, File, Converter) ->
+    do_log_convert(Log, File, Converter).
+
+do_log_convert(Log, File, Converter) ->
     %% First check if the caller process has already opened the
     %% log, because if we close an already open log we will cause
     %% a runtime error.
@@ -274,86 +519,151 @@ loop({Cont, Terms, BadBytes}, Log, Write) ->
 loop(Error, _Log, _Write) ->
     Error.
 
-format_msg({TimeStamp, {V3Hdr, ScopedPdu}, {Addr, Port}}, 
-	   Mib, Start, Stop) ->
-    format_msg({TimeStamp, {V3Hdr, ScopedPdu}, Addr, Port}, 
-	      Mib, Start, Stop);
-format_msg({TimeStamp, {V3Hdr, ScopedPdu}, Addr, Port}, 
-	  Mib, Start, Stop) ->
-%     io:format("format_msg -> entry with"
-% 	      "~n   TimeStamp: ~p"
-% 	      "~n   Start:     ~p"
-% 	      "~n   Stop:      ~p", [TimeStamp, Start, Stop]),
-    case timestamp_filter(TimeStamp, Start, Stop) of
-        true ->
-            case (catch snmp_pdus:dec_scoped_pdu(ScopedPdu)) of
-                ScopedPDU when is_record(ScopedPDU, scopedPdu) -> 
-                    Msg = #message{version = 'version-3',
-                                   vsn_hdr = V3Hdr,
-                                   data    = ScopedPDU},
-                    f(ts2str(TimeStamp), Msg, Addr, Port, Mib);
-                {'EXIT', Reason} ->
-                    format_tab("** error in log file at ~s from ~p:~w ~p\n\n", 
-			       [ts2str(TimeStamp), ip(Addr), Port, Reason])
-            end;
-        false ->
-            ignore
-    end;
-format_msg({TimeStamp, Packet, {Addr, Port}}, Mib, Start, Stop) -> 
-    format_msg({TimeStamp, Packet, Addr, Port}, Mib, Start, Stop);
-format_msg({TimeStamp, Packet, Addr, Port}, Mib, Start, Stop) ->
+
+format_msg(Entry, Mib, Start, Stop) ->
+    TimeStamp = element(1, Entry),
     case timestamp_filter(TimeStamp, Start, Stop) of
         true ->
-            case (catch snmp_pdus:dec_message(binary_to_list(Packet))) of
-                Msg when is_record(Msg, message) ->
-                    f(ts2str(TimeStamp), Msg, Addr, Port, Mib);
-                {'EXIT', Reason} ->
-                    format_tab("** error in log file ~p\n\n", [Reason])
-            end;
-        false ->
-            ignore
-    end;
-format_msg(_, _Mib, _Start, _Stop) ->
+	    do_format_msg(Entry, Mib);
+	false ->
+	    ignore
+    end.
+
+%% This is an old-style entry, that never had the sequence-number
+do_format_msg({Timestamp, Packet, {Addr, Port}}, Mib) ->
+    do_format_msg(Timestamp, Packet, Addr, Port, Mib);
+
+%% This is the format without sequence-number
+do_format_msg({Timestamp, Packet, Addr, Port}, Mib) ->
+    do_format_msg(Timestamp, Packet, Addr, Port, Mib);
+
+%% This is the format with sequence-number
+do_format_msg({Timestamp, SeqNo, Packet, Addr, Port}, Mib) ->
+    do_format_msg(Timestamp, SeqNo, Packet, Addr, Port, Mib);
+
+%% This is crap...
+do_format_msg(_, _) ->
     format_tab("** unknown entry in log file\n\n", []).
 
-f(TimeStamp, #message{version = Vsn, vsn_hdr = VsnHdr, data = Data}, 
+do_format_msg(TimeStamp, {V3Hdr, ScopedPdu}, Addr, Port, Mib) ->
+    case (catch snmp_pdus:dec_scoped_pdu(ScopedPdu)) of
+	ScopedPDU when is_record(ScopedPDU, scopedPdu) -> 
+	    Msg = #message{version = 'version-3',
+			   vsn_hdr = V3Hdr,
+			   data    = ScopedPDU},
+	    f(ts2str(TimeStamp), "", Msg, Addr, Port, Mib);
+	{'EXIT', Reason} ->
+	    format_tab("** error in log file at ~s from ~p:~w ~p\n\n", 
+		       [ts2str(TimeStamp), ip(Addr), Port, Reason])
+    end;
+do_format_msg(TimeStamp, Packet, Addr, Port, Mib) ->
+    case (catch snmp_pdus:dec_message(binary_to_list(Packet))) of
+	Msg when is_record(Msg, message) ->
+	    f(ts2str(TimeStamp), "", Msg, Addr, Port, Mib);
+	{'EXIT', Reason} ->
+	    format_tab("** error in log file ~p\n\n", [Reason])
+    end.
+    
+do_format_msg(TimeStamp, SeqNo, {V3Hdr, ScopedPdu}, Addr, Port, Mib) ->
+    case (catch snmp_pdus:dec_scoped_pdu(ScopedPdu)) of
+	ScopedPDU when is_record(ScopedPDU, scopedPdu) -> 
+	    Msg = #message{version = 'version-3',
+			   vsn_hdr = V3Hdr,
+			   data    = ScopedPDU},
+	    f(ts2str(TimeStamp), sn2str(SeqNo), Msg, Addr, Port, Mib);
+	{'EXIT', Reason} ->
+	    format_tab("** error in log file at ~s from ~p:~w ~p\n\n", 
+		       [ts2str(TimeStamp), sn2str(SeqNo), 
+			ip(Addr), Port, Reason])
+    end;
+do_format_msg(TimeStamp, SeqNo, Packet, Addr, Port, Mib) ->
+    case (catch snmp_pdus:dec_message(binary_to_list(Packet))) of
+	Msg when is_record(Msg, message) ->
+	    f(ts2str(TimeStamp), sn2str(SeqNo), Msg, Addr, Port, Mib);
+	{'EXIT', Reason} ->
+	    format_tab("** error in log file ~s from ~p:~w ~p\n\n", 
+		       [ts2str(TimeStamp), sn2str(SeqNo), 
+			ip(Addr), Port, Reason])
+    end.
+    
+    
+%% format_msg({TimeStamp, {V3Hdr, ScopedPdu}, {Addr, Port}}, 
+%% 	   Mib, Start, Stop) ->
+%%     format_msg({TimeStamp, {V3Hdr, ScopedPdu}, Addr, Port}, 
+%% 	      Mib, Start, Stop);
+%% format_msg({TimeStamp, {V3Hdr, ScopedPdu}, Addr, Port}, 
+%% 	  Mib, Start, Stop) ->
+%%     case timestamp_filter(TimeStamp, Start, Stop) of
+%%         true ->
+%%             case (catch snmp_pdus:dec_scoped_pdu(ScopedPdu)) of
+%%                 ScopedPDU when record(ScopedPDU, scopedPdu) -> 
+%%                     Msg = #message{version = 'version-3',
+%%                                    vsn_hdr = V3Hdr,
+%%                                    data    = ScopedPDU},
+%%                     f(ts2str(TimeStamp), Msg, Addr, Port, Mib);
+%%                 {'EXIT', Reason} ->
+%%                     format_tab("** error in log file at ~s from ~p:~w ~p\n\n", 
+%% 			       [ts2str(TimeStamp), ip(Addr), Port, Reason])
+%%             end;
+%%         false ->
+%%             ignore
+%%     end;
+%% format_msg({TimeStamp, Packet, {Addr, Port}}, Mib, Start, Stop) -> 
+%%     format_msg({TimeStamp, Packet, Addr, Port}, Mib, Start, Stop);
+%% format_msg({TimeStamp, Packet, Addr, Port}, Mib, Start, Stop) ->
+%%     case timestamp_filter(TimeStamp, Start, Stop) of
+%%         true ->
+%%             case (catch snmp_pdus:dec_message(binary_to_list(Packet))) of
+%%                 Msg when record(Msg, message) ->
+%%                     f(ts2str(TimeStamp), Msg, Addr, Port, Mib);
+%%                 {'EXIT', Reason} ->
+%%                     format_tab("** error in log file ~p\n\n", [Reason])
+%%             end;
+%%         false ->
+%%             ignore
+%%     end;
+%% format_msg(_, _Mib, _Start, _Stop) ->
+%%     format_tab("** unknown entry in log file\n\n", []).
+
+f(TimeStamp, SeqNo, 
+  #message{version = Vsn, vsn_hdr = VsnHdr, data = Data}, 
   Addr, Port, Mib) ->
     Str    = format_pdu(Data, Mib),
     HdrStr = format_header(Vsn, VsnHdr),
     case get_type(Data) of
         trappdu ->
-            f_trap(TimeStamp, Vsn, HdrStr, Str, Addr, Port);
+            f_trap(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port);
         'snmpv2-trap' ->
-            f_trap(TimeStamp, Vsn, HdrStr, Str, Addr, Port);
+            f_trap(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port);
         'inform-request' ->
-            f_inform(TimeStamp, Vsn, HdrStr, Str, Addr, Port);
+            f_inform(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port);
         'get-response' ->
-            f_response(TimeStamp, Vsn, HdrStr, Str, Addr, Port);
+            f_response(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port);
         report ->
-            f_report(TimeStamp, Vsn, HdrStr, Str, Addr, Port);
+            f_report(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port);
         _ ->
-            f_request(TimeStamp, Vsn, HdrStr, Str, Addr, Port)
+            f_request(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port)
     end.
 
-f_request(TimeStamp, Vsn, HdrStr, Str, Addr, Port) ->
-    format_tab("request ~s:~w - ~s [~s] ~w\n~s", 
-	       [ip(Addr), Port, HdrStr, TimeStamp, Vsn, Str]).
+f_request(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port) ->
+    format_tab("request ~s:~w - ~s [~s]~s ~w\n~s", 
+	       [ip(Addr), Port, HdrStr, TimeStamp, SeqNo, Vsn, Str]).
 
-f_response(TimeStamp, Vsn, HdrStr, Str, Addr, Port) ->
-    format_tab("response ~s:~w - ~s [~s] ~w\n~s", 
-	       [ip(Addr), Port, HdrStr, TimeStamp, Vsn, Str]).
+f_response(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port) ->
+    format_tab("response ~s:~w - ~s [~s]~s ~w\n~s", 
+	       [ip(Addr), Port, HdrStr, TimeStamp, SeqNo, Vsn, Str]).
 
-f_report(TimeStamp, Vsn, HdrStr, Str, Addr, Port) ->
-    format_tab("report ~s:~w - ~s [~s] ~w\n~s", 
-	       [ip(Addr), Port, HdrStr, TimeStamp, Vsn, Str]).
+f_report(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port) ->
+    format_tab("report ~s:~w - ~s [~s]~s ~w\n~s", 
+	       [ip(Addr), Port, HdrStr, TimeStamp, SeqNo, Vsn, Str]).
 
-f_trap(TimeStamp, Vsn, HdrStr, Str, Addr, Port) ->
-    format_tab("trap ~s:~w - ~s [~s] ~w\n~s", 
-	       [ip(Addr), Port, HdrStr, TimeStamp, Vsn, Str]).
+f_trap(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port) ->
+    format_tab("trap ~s:~w - ~s [~s]~s ~w\n~s", 
+	       [ip(Addr), Port, HdrStr, TimeStamp, SeqNo, Vsn, Str]).
 
-f_inform(TimeStamp, Vsn, HdrStr, Str, Addr, Port) ->
-    format_tab("inform ~s:~w - ~s [~s] ~w\n~s", 
-	       [ip(Addr), Port, HdrStr, TimeStamp, Vsn, Str]).
+f_inform(TimeStamp, SeqNo, Vsn, HdrStr, Str, Addr, Port) ->
+    format_tab("inform ~s:~w - ~s [~s]~s ~w\n~s", 
+	       [ip(Addr), Port, HdrStr, TimeStamp, SeqNo, Vsn, Str]).
 
 
 %% Convert a timestamp 2-tupple to a printable string
@@ -363,6 +673,13 @@ ts2str({Local,Universal}) ->
 ts2str(_) ->
     "".
 
+%% Convert a sequence number integer to a printable string
+%%
+sn2str(SeqNo) when is_integer(SeqNo) ->
+    " [" ++ integer_to_list(SeqNo) ++ "]";
+sn2str(_) ->
+    "".
+
 %% Convert a datetime 2-tupple to a printable string
 %%
 dat2str({{Y,M,D},{H,Min,S}}) -> 
@@ -457,19 +774,31 @@ ip({A,B,C,D}) ->
 %% Various utility functions
 %% -------------------------------------------------------------------    
 
-log_open(Name, File, Size, Repair, Notify) ->
+log_open(Name, File, {M, F, A} = SeqNoGen, Size, Repair, Notify) 
+  when (is_atom(M) andalso is_atom(F) andalso is_list(A)) ->
+    log_open2(Name, File, SeqNoGen, Size, Repair, Notify);
+log_open(Name, File, SeqNoGen, Size, Repair, Notify) 
+  when is_function(SeqNoGen, 0) ->
+    log_open2(Name, File, SeqNoGen, Size, Repair, Notify);
+log_open(Name, File, disabled = SeqNoGen, Size, Repair, Notify) ->
+    log_open2(Name, File, SeqNoGen, Size, Repair, Notify);
+log_open(_, _File, BadSeqNoGen, _Size, _Repair, _Notify) ->
+    {error, {bad_seqno, BadSeqNoGen}}.
+
+log_open2(Name, File, SeqNoGen, Size, Repair, Notify) ->
     case do_log_open(Name, File, Size, Repair, Notify) of
 	{ok, Log} ->
-	    {ok, Log};
+	    {ok, #snmp_log{id = Log, seqno = SeqNoGen}};
 	{repaired, Log, Rec, Bad} ->
 	    ?vlog("log_open -> repaired: "
 		  "~n   Rec: ~p"
 		  "~n   Bad: ~p", [Rec, Bad]),
-	    {ok, Log};
+	    {ok, #snmp_log{id = Log, seqno = SeqNoGen}};
 	Error ->
 	    Error
     end.
 
+
 %% We need to make sure we do not end up in an infinit loop
 %% Take the number of files of the wrap log and add 2 (for
 %% the index and size files).
diff --git a/lib/snmp/src/misc/snmp_usm.erl b/lib/snmp/src/misc/snmp_usm.erl
index 6d216e65d6..19be564a8e 100644
--- a/lib/snmp/src/misc/snmp_usm.erl
+++ b/lib/snmp/src/misc/snmp_usm.erl
@@ -1,19 +1,19 @@
 %% 
 %% %CopyrightBegin%
-%% 
-%% Copyright Ericsson AB 2004-2009. All Rights Reserved.
-%% 
+%%
+%% Copyright Ericsson AB 2004-2010. All Rights Reserved.
+%%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
 %% compliance with the License. You should have received a copy of the
 %% Erlang Public License along with this software. If not, it can be
 %% retrieved online at http://www.erlang.org/.
-%% 
+%%
 %% Software distributed under the License is distributed on an "AS IS"
 %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
 %% the License for the specific language governing rights and limitations
 %% under the License.
-%% 
+%%
 %% %CopyrightEnd%
 %% 
 
@@ -206,6 +206,10 @@ des_encrypt(PrivKey, Data, SaltFun) ->
 
 des_decrypt(PrivKey, MsgPrivParams, EncData) 
   when length(MsgPrivParams) =:= 8 ->
+    ?vtrace("des_decrypt -> entry with"
+	    "~n   PrivKey:       ~p"
+	    "~n   MsgPrivParams: ~p"
+	    "~n   EncData:       ~p", [PrivKey, MsgPrivParams, EncData]),
     [A,B,C,D,E,F,G,H | PreIV] = PrivKey,
     DesKey = [A,B,C,D,E,F,G,H],
     Salt = MsgPrivParams,
@@ -213,7 +217,15 @@ des_decrypt(PrivKey, MsgPrivParams, EncData)
     %% Whatabout errors here???  E.g. not a mulitple of 8!
     Data = binary_to_list(crypto:des_cbc_decrypt(DesKey, IV, EncData)),
     Data2 = snmp_pdus:strip_encrypted_scoped_pdu_data(Data),
-    {ok, Data2}.
+    {ok, Data2};
+des_decrypt(PrivKey, BadMsgPrivParams, EncData) ->
+    ?vtrace("des_decrypt -> entry with when bad MsgPrivParams"
+	    "~n   PrivKey:          ~p"
+	    "~n   BadMsgPrivParams: ~p"
+	    "~n   EncData:          ~p", 
+	    [PrivKey, BadMsgPrivParams, EncData]),
+    throw({error, {bad_msgPrivParams, PrivKey, BadMsgPrivParams, EncData}}).
+    
 
 aes_encrypt(PrivKey, Data, SaltFun) ->
     AesKey = PrivKey,
@@ -225,7 +237,7 @@ aes_encrypt(PrivKey, Data, SaltFun) ->
     {ok, binary_to_list(EncData), Salt}.
 
 aes_decrypt(PrivKey, MsgPrivParams, EncData, EngineBoots, EngineTime)
-  when length(MsgPrivParams) == 8 ->
+  when length(MsgPrivParams) =:= 8 ->
     AesKey = PrivKey,
     Salt = MsgPrivParams,
     IV = [?i32(EngineBoots), ?i32(EngineTime) | Salt],