1 |
28 |
unneback |
<!-- Copyright (C) 2003 Red Hat, Inc. -->
|
2 |
|
|
<!-- This material may be distributed only subject to the terms -->
|
3 |
|
|
<!-- and conditions set forth in the Open Publication License, v1.0 -->
|
4 |
|
|
<!-- or later (the latest version is presently available at -->
|
5 |
|
|
<!-- http://www.opencontent.org/openpub/). -->
|
6 |
|
|
<!-- Distribution of the work or derivative of the work in any -->
|
7 |
|
|
<!-- standard (paper) book form is prohibited unless prior -->
|
8 |
|
|
<!-- permission is obtained from the copyright holder. -->
|
9 |
|
|
<HTML
|
10 |
|
|
><HEAD
|
11 |
|
|
><TITLE
|
12 |
|
|
>snmpd.conf</TITLE
|
13 |
|
|
><meta name="MSSmartTagsPreventParsing" content="TRUE">
|
14 |
|
|
<META
|
15 |
|
|
NAME="GENERATOR"
|
16 |
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
|
17 |
|
|
"><LINK
|
18 |
|
|
REL="HOME"
|
19 |
|
|
TITLE="eCos Reference Manual"
|
20 |
|
|
HREF="ecos-ref.html"><LINK
|
21 |
|
|
REL="UP"
|
22 |
|
|
TITLE="SNMP for eCos"
|
23 |
|
|
HREF="net-snmp-ecos-port.html"><LINK
|
24 |
|
|
REL="PREVIOUS"
|
25 |
|
|
TITLE="MIB Compiler "
|
26 |
|
|
HREF="net-snmp-mib-compiler.html"><LINK
|
27 |
|
|
REL="NEXT"
|
28 |
|
|
TITLE="Embedded HTTP Server"
|
29 |
|
|
HREF="net-httpd.html"></HEAD
|
30 |
|
|
><BODY
|
31 |
|
|
CLASS="SECT1"
|
32 |
|
|
BGCOLOR="#FFFFFF"
|
33 |
|
|
TEXT="#000000"
|
34 |
|
|
LINK="#0000FF"
|
35 |
|
|
VLINK="#840084"
|
36 |
|
|
ALINK="#0000FF"
|
37 |
|
|
><DIV
|
38 |
|
|
CLASS="NAVHEADER"
|
39 |
|
|
><TABLE
|
40 |
|
|
SUMMARY="Header navigation table"
|
41 |
|
|
WIDTH="100%"
|
42 |
|
|
BORDER="0"
|
43 |
|
|
CELLPADDING="0"
|
44 |
|
|
CELLSPACING="0"
|
45 |
|
|
><TR
|
46 |
|
|
><TH
|
47 |
|
|
COLSPAN="3"
|
48 |
|
|
ALIGN="center"
|
49 |
|
|
>eCos Reference Manual</TH
|
50 |
|
|
></TR
|
51 |
|
|
><TR
|
52 |
|
|
><TD
|
53 |
|
|
WIDTH="10%"
|
54 |
|
|
ALIGN="left"
|
55 |
|
|
VALIGN="bottom"
|
56 |
|
|
><A
|
57 |
|
|
HREF="net-snmp-mib-compiler.html"
|
58 |
|
|
ACCESSKEY="P"
|
59 |
|
|
>Prev</A
|
60 |
|
|
></TD
|
61 |
|
|
><TD
|
62 |
|
|
WIDTH="80%"
|
63 |
|
|
ALIGN="center"
|
64 |
|
|
VALIGN="bottom"
|
65 |
|
|
>Chapter 47. SNMP for <SPAN
|
66 |
|
|
CLASS="emphasis"
|
67 |
|
|
><I
|
68 |
|
|
CLASS="EMPHASIS"
|
69 |
|
|
>eCos</I
|
70 |
|
|
></SPAN
|
71 |
|
|
></TD
|
72 |
|
|
><TD
|
73 |
|
|
WIDTH="10%"
|
74 |
|
|
ALIGN="right"
|
75 |
|
|
VALIGN="bottom"
|
76 |
|
|
><A
|
77 |
|
|
HREF="net-httpd.html"
|
78 |
|
|
ACCESSKEY="N"
|
79 |
|
|
>Next</A
|
80 |
|
|
></TD
|
81 |
|
|
></TR
|
82 |
|
|
></TABLE
|
83 |
|
|
><HR
|
84 |
|
|
ALIGN="LEFT"
|
85 |
|
|
WIDTH="100%"></DIV
|
86 |
|
|
><DIV
|
87 |
|
|
CLASS="SECT1"
|
88 |
|
|
><H1
|
89 |
|
|
CLASS="SECT1"
|
90 |
|
|
><A
|
91 |
|
|
NAME="NET-SNMP-AGENT-MANPAGES-SNMPD.CONF">snmpd.conf</H1
|
92 |
|
|
><TABLE
|
93 |
|
|
BORDER="5"
|
94 |
|
|
BGCOLOR="#E0E0F0"
|
95 |
|
|
WIDTH="70%"
|
96 |
|
|
><TR
|
97 |
|
|
><TD
|
98 |
|
|
><PRE
|
99 |
|
|
CLASS="SCREEN"
|
100 |
|
|
>SNMPD.CONF(5) SNMPD.CONF(5)
|
101 |
|
|
|
102 |
|
|
|
103 |
|
|
|
104 |
|
|
NAME
|
105 |
|
|
share/snmp/snmpd.conf - configuration file for the ucd-
|
106 |
|
|
snmp SNMP agent.
|
107 |
|
|
|
108 |
|
|
DESCRIPTION
|
109 |
|
|
snmpd.conf is the configuration file which defines how the
|
110 |
|
|
ucd-smnp SNMP agent operates. These files may contain any
|
111 |
|
|
of the directives found in the DIRECTIVES section below.
|
112 |
|
|
This file is not required for the agent to operate and
|
113 |
|
|
report mib entries.
|
114 |
|
|
|
115 |
|
|
PLEASE READ FIRST
|
116 |
|
|
First, make sure you have read the snmp_config(5) manual
|
117 |
|
|
page that describes how the ucd-snmp configuration files
|
118 |
|
|
operate, where they are located and how they all work
|
119 |
|
|
together.
|
120 |
|
|
|
121 |
|
|
EXTENSIBLE-MIB
|
122 |
|
|
The ucd-snmp SNMP agent reports much of its information
|
123 |
|
|
through queries to the 1.3.6.1.4.1.2021 section of the mib
|
124 |
|
|
tree. Every mib in this section has the following table
|
125 |
|
|
entries in it.
|
126 |
|
|
|
127 |
|
|
.1 -- index
|
128 |
|
|
This is the table's index numbers for each of the
|
129 |
|
|
DIRECTIVES listed below.
|
130 |
|
|
|
131 |
|
|
.2 -- name
|
132 |
|
|
The name of the given table entry. This should be
|
133 |
|
|
unique, but is not required to be.
|
134 |
|
|
|
135 |
|
|
.100 -- errorFlag
|
136 |
|
|
This is a flag returning either the integer value 1
|
137 |
|
|
or 0 if an error is detected for this table entry.
|
138 |
|
|
|
139 |
|
|
.101 -- errorMsg
|
140 |
|
|
This is a DISPLAY-STRING describing any error trig-
|
141 |
|
|
gering the errorFlag above.
|
142 |
|
|
|
143 |
|
|
.102 -- errorFix
|
144 |
|
|
If this entry is SNMPset to the integer value of 1
|
145 |
|
|
AND the errorFlag defined above is indeed a 1, a
|
146 |
|
|
program or script will get executed with the table
|
147 |
|
|
entry name from above as the argument. The program
|
148 |
|
|
to be executed is configured in the config.h file
|
149 |
|
|
at compile time.
|
150 |
|
|
|
151 |
|
|
Directives
|
152 |
|
|
proc NAME
|
153 |
|
|
|
154 |
|
|
proc NAME MAX
|
155 |
|
|
|
156 |
|
|
proc NAME MAX MIN
|
157 |
|
|
|
158 |
|
|
Checks to see if the NAME'd processes are running
|
159 |
|
|
on the agent's machine. An error flag (1) and a
|
160 |
|
|
description message are then passed to the
|
161 |
|
|
1.3.6.1.4.1.2021.2.100 and 1.3.6.1.4.1.2021.2.101
|
162 |
|
|
mib tables (respectively) if the NAME'd program is
|
163 |
|
|
not found in the process table as reported by
|
164 |
|
|
"/bin/ps -e".
|
165 |
|
|
|
166 |
|
|
If MAX and MIN are not specified, MAX is assumed to
|
167 |
|
|
be infinity and MIN is assumed to be 1.
|
168 |
|
|
|
169 |
|
|
If MAX is specified but MIN is not specified, MIN
|
170 |
|
|
is assumed to be 0.
|
171 |
|
|
|
172 |
|
|
procfix NAME PROG ARGS
|
173 |
|
|
This registers a command that knows how to fix
|
174 |
|
|
errors with the given process NAME. When
|
175 |
|
|
1.3.6.1.4.1.2021.2.102 for a given NAMEd program is
|
176 |
|
|
set to the integer value of 1, this command will be
|
177 |
|
|
called. It defaults to a compiled value set using
|
178 |
|
|
the PROCFIXCMD definition in the config.h file.
|
179 |
|
|
|
180 |
|
|
exec NAME PROG ARGS
|
181 |
|
|
|
182 |
|
|
exec MIBNUM NAME PROG ARGS
|
183 |
|
|
|
184 |
|
|
If MIBNUM is not specified, the agent executes the
|
185 |
|
|
named PROG with arguments of ARGS and returns the
|
186 |
|
|
exit status and the first line of the STDOUT output
|
187 |
|
|
of the PROG program to queries of the
|
188 |
|
|
1.3.6.1.4.1.2021.8.100 and 1.3.6.1.4.1.2021.8.101
|
189 |
|
|
mib tables (respectively). All STDOUT output
|
190 |
|
|
beyond the first line is silently truncated.
|
191 |
|
|
|
192 |
|
|
If MIBNUM is specified, it acts as above but
|
193 |
|
|
returns the exit status to MIBNUM.100.0 and the
|
194 |
|
|
entire STDOUT output to the table MIBNUM.101 in a
|
195 |
|
|
mib table. In this case, the MIBNUM.101 mib con-
|
196 |
|
|
tains the entire STDOUT output, one mib table entry
|
197 |
|
|
per line of output (ie, the first line is output as
|
198 |
|
|
MIBNUM.101.1, the second at MIBNUM.101.2, etc...).
|
199 |
|
|
|
200 |
|
|
Note: The MIBNUM must be specified in dotted-inte-
|
201 |
|
|
ger notation and can not be specified as
|
202 |
|
|
".iso.org.dod.internet..." (should instead
|
203 |
|
|
be
|
204 |
|
|
|
205 |
|
|
Note: The agent caches the exit status and STDOUT
|
206 |
|
|
of the executed program for 30 seconds after
|
207 |
|
|
the initial query. This is to increase
|
208 |
|
|
speed and maintain consistency of informa-
|
209 |
|
|
tion for consecutive table queries. The
|
210 |
|
|
cache can be flushed by a snmp-set request
|
211 |
|
|
of integer(1) to 1.3.6.1.4.1.2021.100.VER-
|
212 |
|
|
CLEARCACHE.
|
213 |
|
|
|
214 |
|
|
execfix NAME PROG ARGS
|
215 |
|
|
This registers a command that knows how to fix
|
216 |
|
|
errors with the given exec or sh NAME. When
|
217 |
|
|
1.3.6.1.4.1.2021.8.102 for a given NAMEd entry is
|
218 |
|
|
set to the integer value of 1, this command will be
|
219 |
|
|
called. It defaults to a compiled value set using
|
220 |
|
|
the EXECFIXCMD definition in the config.h file.
|
221 |
|
|
|
222 |
|
|
disk PATH
|
223 |
|
|
|
224 |
|
|
disk PATH [ MINSPACE | MINPERCENT% ]
|
225 |
|
|
|
226 |
|
|
Checks the named disks mounted at PATH for avail-
|
227 |
|
|
able disk space. If the disk space is less than
|
228 |
|
|
MINSPACE (kB) if specified or less than MINPERCENT
|
229 |
|
|
(%) if a % sign is specified, or DEFDISKMINI-
|
230 |
|
|
MUMSPACE (kB) if not specified, the associated
|
231 |
|
|
entry in the 1.3.6.1.4.1.2021.9.100 mib table will
|
232 |
|
|
be set to (1) and a descriptive error message will
|
233 |
|
|
be returned to queries of 1.3.6.1.4.1.2021.9.101.
|
234 |
|
|
|
235 |
|
|
load MAX1
|
236 |
|
|
|
237 |
|
|
load MAX1 MAX5
|
238 |
|
|
|
239 |
|
|
load MAX1 MAX5 MAX15
|
240 |
|
|
|
241 |
|
|
Checks the load average of the machine and returns
|
242 |
|
|
an error flag (1), and an text-string error message
|
243 |
|
|
to queries of 1.3.6.1.4.1.2021.10.100 and
|
244 |
|
|
1.3.6.1.4.1.2021.10.101 (respectively) when the
|
245 |
|
|
1-minute, 5-minute, or 15-minute averages exceed
|
246 |
|
|
the associated maximum values. If any of the MAX1,
|
247 |
|
|
MAX5, or MAX15 values are unspecified, they default
|
248 |
|
|
to a value of DEFMAXLOADAVE.
|
249 |
|
|
|
250 |
|
|
file FILE [MAXSIZE]
|
251 |
|
|
Monitors file sizes and makes sure they don't grow
|
252 |
|
|
beyond a certain size. MAXSIZE defaults to infi-
|
253 |
|
|
nite if not specified, and only monitors the size
|
254 |
|
|
without reporting errors about it.
|
255 |
|
|
|
256 |
|
|
Errors
|
257 |
|
|
Any errors in obtaining the above information are reported
|
258 |
|
|
via the 1.3.6.1.4.1.2021.101.100 flag and the
|
259 |
|
|
1.3.6.1.4.1.2021.101.101 text-string description.
|
260 |
|
|
|
261 |
|
|
SMUX SUB-AGENTS
|
262 |
|
|
To enable and SMUX based sub-agent, such as gated, use the
|
263 |
|
|
smuxpeer configuration entry
|
264 |
|
|
|
265 |
|
|
smuxpeer OID PASS
|
266 |
|
|
For gated a sensible entry might be
|
267 |
|
|
|
268 |
|
|
.1.3.6.1.4.1.4.1.3 secret
|
269 |
|
|
|
270 |
|
|
ACCESS CONTROL
|
271 |
|
|
snmpd supports the View-Based Access Control Model (vacm)
|
272 |
|
|
as defined in RFC 2275. To this end, it recognizes the
|
273 |
|
|
following keywords in the configuration file: com2sec,
|
274 |
|
|
group, access, and view as well as some easier-to-use
|
275 |
|
|
wrapper directives: rocommunity, rwcommunity, rouser,
|
276 |
|
|
rwuser.
|
277 |
|
|
|
278 |
|
|
rocommunity COMMUNITY [SOURCE] [OID]
|
279 |
|
|
|
280 |
|
|
rwcommunity COMMUNITY [SOURCE] [OID]
|
281 |
|
|
These create read-only and read-write communities
|
282 |
|
|
that can be used to access the agent. They are a
|
283 |
|
|
quick method of using the following com2sec, group,
|
284 |
|
|
access, and view directive lines. They are not as
|
285 |
|
|
efficient either, as groups aren't created so the
|
286 |
|
|
tables are possibly larger. In other words: don't
|
287 |
|
|
use these if you have complex situations to set up.
|
288 |
|
|
|
289 |
|
|
The format of the SOURCE is token is described in
|
290 |
|
|
the com2sec directive section below. The OID token
|
291 |
|
|
restricts access for that community to everything
|
292 |
|
|
below that given OID.
|
293 |
|
|
|
294 |
|
|
rouser USER [noauth|auth|priv] [OID]
|
295 |
|
|
|
296 |
|
|
rwuser USER [noauth|auth|priv] [OID]
|
297 |
|
|
Creates a SNMPv3 USM user in the VACM access
|
298 |
|
|
configuration tables. Again, its more efficient
|
299 |
|
|
(and powerful) to use the combined com2sec, group,
|
300 |
|
|
access, and view directives instead.
|
301 |
|
|
|
302 |
|
|
The minimum level of authentication and privacy the
|
303 |
|
|
user must use is specified by the first token
|
304 |
|
|
(which defaults to "auth"). The OID parameter
|
305 |
|
|
restricts access for that user to everything below
|
306 |
|
|
the given OID.
|
307 |
|
|
|
308 |
|
|
com2sec NAME SOURCE COMMUNITY
|
309 |
|
|
This directive specifies the mapping from a
|
310 |
|
|
source/community pair to a security name. SOURCE
|
311 |
|
|
can be a hostname, a subnet, or the word "default".
|
312 |
|
|
A subnet can be specified as IP/MASK or IP/BITS.
|
313 |
|
|
The first source/community combination that matches
|
314 |
|
|
the incoming packet is selected.
|
315 |
|
|
|
316 |
|
|
group NAME MODEL SECURITY
|
317 |
|
|
This directive defines the mapping from security-
|
318 |
|
|
model/securityname to group. MODEL is one of v1,
|
319 |
|
|
v2c, or usm.
|
320 |
|
|
|
321 |
|
|
access NAME CONTEXT MODEL LEVEL PREFX READ WRITE NOTIFY
|
322 |
|
|
The access directive maps from group/security
|
323 |
|
|
model/security level to a view. MODEL is one of
|
324 |
|
|
any, v1, v2c, or usm. LEVEL is one of noauth,
|
325 |
|
|
auth, or priv. PREFX specifies how CONTEXT should
|
326 |
|
|
be matched against the context of the incoming pdu,
|
327 |
|
|
either exact or prefix. READ, WRITE and NOTIFY
|
328 |
|
|
specifies the view to be used for the corresponding
|
329 |
|
|
access. For v1 or v2c access, LEVEL will be
|
330 |
|
|
noauth, and CONTEXT will be empty.
|
331 |
|
|
|
332 |
|
|
view NAME TYPE SUBTREE [MASK]
|
333 |
|
|
The defines the named view. TYPE is either included
|
334 |
|
|
or excluded. MASK is a list of hex octets, sepa-
|
335 |
|
|
rated by '.' or ':'. The MASK defaults to "ff" if
|
336 |
|
|
not specified.
|
337 |
|
|
|
338 |
|
|
The reason for the mask is, that it allows you to
|
339 |
|
|
control access to one row in a table, in a rela-
|
340 |
|
|
tively simple way. As an example, as an ISP you
|
341 |
|
|
might consider giving each customer access to his
|
342 |
|
|
or her own interface:
|
343 |
|
|
|
344 |
|
|
view cust1 included interfaces.ifTable.ifEntry.ifIndex.1 ff.a0
|
345 |
|
|
view cust2 included interfaces.ifTable.ifEntry.ifIndex.2 ff.a0
|
346 |
|
|
|
347 |
|
|
(interfaces.ifTable.ifEntry.ifIndex.1 == .1.3.6.1.2.1.2.2.1.1.1,
|
348 |
|
|
ff.a0 == 11111111.10100000. which nicely covers up and including
|
349 |
|
|
the row index, but lets the user vary the field of the row)
|
350 |
|
|
|
351 |
|
|
VACM Examples:
|
352 |
|
|
# sec.name source community
|
353 |
|
|
com2sec local localhost private
|
354 |
|
|
com2sec mynet 10.10.10.0/24 public
|
355 |
|
|
com2sec public default public
|
356 |
|
|
|
357 |
|
|
# sec.model sec.name
|
358 |
|
|
group mygroup v1 mynet
|
359 |
|
|
group mygroup v2c mynet
|
360 |
|
|
group mygroup usm mynet
|
361 |
|
|
group local v1 local
|
362 |
|
|
group local v2c local
|
363 |
|
|
group local usm local
|
364 |
|
|
group public v1 public
|
365 |
|
|
group public v2c public
|
366 |
|
|
group public usm public
|
367 |
|
|
|
368 |
|
|
# incl/excl subtree mask
|
369 |
|
|
view all included .1 80
|
370 |
|
|
view system included system fe
|
371 |
|
|
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
|
372 |
|
|
|
373 |
|
|
# context sec.model sec.level prefix read write notify
|
374 |
|
|
access mygroup "" any noauth exact mib2 none none
|
375 |
|
|
access public "" any noauth exact system none none
|
376 |
|
|
access local "" any noauth exact all all all
|
377 |
|
|
|
378 |
|
|
Default VACM model
|
379 |
|
|
The default configuration of the agent, as shipped, is functionally
|
380 |
|
|
equivalent to the following entries:
|
381 |
|
|
com2sec public default public
|
382 |
|
|
group public v1 public
|
383 |
|
|
group public v2c public
|
384 |
|
|
group public usm public
|
385 |
|
|
view all included .1
|
386 |
|
|
access public "" any noauth exact all none none
|
387 |
|
|
|
388 |
|
|
SNMPv3 CONFIGURATION
|
389 |
|
|
engineID STRING
|
390 |
|
|
The snmpd agent needs to be configured with an
|
391 |
|
|
engineID to be able to respond to SNMPv3 messages.
|
392 |
|
|
With this configuration file line, the engineID
|
393 |
|
|
will be configured from STRING. The default value
|
394 |
|
|
of the engineID is configured with the first IP
|
395 |
|
|
address found for the hostname of the machine.
|
396 |
|
|
|
397 |
|
|
createUser username (MD5|SHA) authpassphrase [DES] [priv-
|
398 |
|
|
passphrase]
|
399 |
|
|
This directive should be placed into the "/var/ucd-
|
400 |
|
|
snmp"/snmpd.conf file instead of the other normal
|
401 |
|
|
locations. The reason is that the information is
|
402 |
|
|
read from the file and then the line is removed
|
403 |
|
|
(eliminating the storage of the master password for
|
404 |
|
|
that user) and replaced with the key that is
|
405 |
|
|
derived from it. This key is a localized key, so
|
406 |
|
|
that if it is stolen it can not be used to access
|
407 |
|
|
other agents. If the password is stolen, however,
|
408 |
|
|
it can be.
|
409 |
|
|
|
410 |
|
|
MD5 and SHA are the authentication types to use,
|
411 |
|
|
but you must have built the package with openssl
|
412 |
|
|
installed in order to use SHA. The only privacy
|
413 |
|
|
protocol currently supported is DES. If the pri-
|
414 |
|
|
vacy passphrase is not specified, it is assumed to
|
415 |
|
|
be the same as the authentication passphrase. Note
|
416 |
|
|
that the users created will be useless unless they
|
417 |
|
|
are also added to the VACM access control tables
|
418 |
|
|
described above.
|
419 |
|
|
|
420 |
|
|
Warning: the minimum pass phrase length is 8 char-
|
421 |
|
|
acters.
|
422 |
|
|
|
423 |
|
|
SNMPv3 users can be created at runtime using the
|
424 |
|
|
snmpusm command.
|
425 |
|
|
|
426 |
|
|
|
427 |
|
|
SETTING SYSTEM INFORMATION
|
428 |
|
|
syslocation STRING
|
429 |
|
|
|
430 |
|
|
syscontact STRING
|
431 |
|
|
|
432 |
|
|
Sets the system location and the system contact for
|
433 |
|
|
the agent. This information is reported by the
|
434 |
|
|
'system' table in the mibII tree.
|
435 |
|
|
|
436 |
|
|
authtrapenable NUMBER
|
437 |
|
|
Setting authtrapenable to 1 enables generation of
|
438 |
|
|
authentication failure traps. The default value is
|
439 |
|
|
2 (disable).
|
440 |
|
|
|
441 |
|
|
trapcommunity STRING
|
442 |
|
|
This defines the default community string to be
|
443 |
|
|
used when sending traps. Note that this command
|
444 |
|
|
must be used prior to any of the following three
|
445 |
|
|
commands that are intended use this community
|
446 |
|
|
string.
|
447 |
|
|
|
448 |
|
|
trapsink HOST [COMMUNITY [PORT]]
|
449 |
|
|
|
450 |
|
|
trap2sink HOST [COMMUNITY [PORT]]
|
451 |
|
|
|
452 |
|
|
informsink HOST [COMMUNITY [PORT]]
|
453 |
|
|
These commands define the hosts to receive traps
|
454 |
|
|
(and/or inform notifications). The daemon sends a
|
455 |
|
|
Cold Start trap when it starts up. If enabled, it
|
456 |
|
|
also sends traps on authentication failures. Mul-
|
457 |
|
|
tiple trapsink, trap2sink and informsink lines may
|
458 |
|
|
be specified to specify multiple destinations. Use
|
459 |
|
|
trap2sink to send SNMPv2 traps and informsink to
|
460 |
|
|
send inform notifications. If COMMUNITY is not
|
461 |
|
|
specified, the string from a preceding trapcommu-
|
462 |
|
|
nity directive will be used. If PORT is not speci-
|
463 |
|
|
fied, the well known SNMP trap port (162) will be
|
464 |
|
|
used.
|
465 |
|
|
|
466 |
|
|
PASS-THROUGH CONTROL
|
467 |
|
|
pass MIBOID EXEC
|
468 |
|
|
Passes entire control of MIBOID to the EXEC pro-
|
469 |
|
|
gram. The EXEC program is called in one of the
|
470 |
|
|
following three ways:
|
471 |
|
|
|
472 |
|
|
EXEC -g MIBOID
|
473 |
|
|
|
474 |
|
|
EXEC -n MIBOID
|
475 |
|
|
|
476 |
|
|
These call lines match to SNMP get and get-
|
477 |
|
|
next requests. It is expected that the EXEC
|
478 |
|
|
program will take the arguments passed to it
|
479 |
|
|
and return the appropriate response through
|
480 |
|
|
it's stdout.
|
481 |
|
|
|
482 |
|
|
The first line of stdout should be the mib
|
483 |
|
|
OID of the returning value. The second line
|
484 |
|
|
should be the TYPE of value returned, where
|
485 |
|
|
TYPE is one of the text strings: string,
|
486 |
|
|
integer, unsigned, objectid, timeticks,
|
487 |
|
|
ipaddress, counter, or gauge. The third
|
488 |
|
|
line of stdout should be the VALUE corre-
|
489 |
|
|
sponding with the returned TYPE.
|
490 |
|
|
|
491 |
|
|
For instance, if a script was to return the
|
492 |
|
|
value integer value "42" when a request for
|
493 |
|
|
.1.3.6.1.4.100 was requested, the script
|
494 |
|
|
should return the following 3 lines:
|
495 |
|
|
.1.3.6.1.4.100
|
496 |
|
|
integer
|
497 |
|
|
42
|
498 |
|
|
|
499 |
|
|
To indicate that the script is unable to
|
500 |
|
|
comply with the request due to an end-of-mib
|
501 |
|
|
condition or an invalid request, simple exit
|
502 |
|
|
and return no output to stdout at all. A
|
503 |
|
|
snmp error will be generated corresponding
|
504 |
|
|
to the SNMP NO-SUCH-NAME response.
|
505 |
|
|
|
506 |
|
|
EXEC -s MIBOID TYPE VALUE
|
507 |
|
|
|
508 |
|
|
For SNMP set requests, the above call method
|
509 |
|
|
is used. The TYPE passed to the EXEC pro-
|
510 |
|
|
gram is one of the text strings: integer,
|
511 |
|
|
counter, gauge, timeticks, ipaddress, objid,
|
512 |
|
|
or string, indicating the type of value
|
513 |
|
|
passed in the next argument.
|
514 |
|
|
|
515 |
|
|
Return nothing to stdout, and the set will
|
516 |
|
|
assumed to have been successful. Otherwise,
|
517 |
|
|
return one of the following error strings to
|
518 |
|
|
signal an error: not-writable, or wrong-type
|
519 |
|
|
and the appropriate error response will be
|
520 |
|
|
generated instead.
|
521 |
|
|
|
522 |
|
|
Note: By default, the only community
|
523 |
|
|
allowed to write (ie snmpset) to
|
524 |
|
|
your script will be the "private"
|
525 |
|
|
community,or community #2 if defined
|
526 |
|
|
differently by the "community" token
|
527 |
|
|
discussed above. Which communities
|
528 |
|
|
are allowed write access are con-
|
529 |
|
|
trolled by the RWRITE definition in
|
530 |
|
|
the snmplib/snmp_impl.h source file.
|
531 |
|
|
|
532 |
|
|
EXAMPLE
|
533 |
|
|
See the EXAMPLE.CONF file in the top level source direc-
|
534 |
|
|
tory for a more detailed example of how the above informa-
|
535 |
|
|
tion is used in real examples.
|
536 |
|
|
|
537 |
|
|
RE-READING snmpd.conf and snmpd.local.conf
|
538 |
|
|
The ucd-snmp agent can be forced to re-read its configura-
|
539 |
|
|
tion files. It can be told to do so by one of two ways:
|
540 |
|
|
|
541 |
|
|
1. An snmpset of integer(1) to
|
542 |
|
|
1.3.6.1.4.1.2021.100.VERUPDATECONFIG.
|
543 |
|
|
|
544 |
|
|
2. A "kill -HUP" signal sent to the snmpd agent pro-
|
545 |
|
|
cess.
|
546 |
|
|
|
547 |
|
|
FILES
|
548 |
|
|
share/snmp/snmpd.conf
|
549 |
|
|
|
550 |
|
|
SEE ALSO
|
551 |
|
|
snmp_config(5), snmpd(1), EXAMPLE.conf, read_config(3).
|
552 |
|
|
|
553 |
|
|
|
554 |
|
|
|
555 |
|
|
27 Jan 2000 SNMPD.CONF(5)
|
556 |
|
|
</PRE
|
557 |
|
|
></TD
|
558 |
|
|
></TR
|
559 |
|
|
></TABLE
|
560 |
|
|
></DIV
|
561 |
|
|
><DIV
|
562 |
|
|
CLASS="NAVFOOTER"
|
563 |
|
|
><HR
|
564 |
|
|
ALIGN="LEFT"
|
565 |
|
|
WIDTH="100%"><TABLE
|
566 |
|
|
SUMMARY="Footer navigation table"
|
567 |
|
|
WIDTH="100%"
|
568 |
|
|
BORDER="0"
|
569 |
|
|
CELLPADDING="0"
|
570 |
|
|
CELLSPACING="0"
|
571 |
|
|
><TR
|
572 |
|
|
><TD
|
573 |
|
|
WIDTH="33%"
|
574 |
|
|
ALIGN="left"
|
575 |
|
|
VALIGN="top"
|
576 |
|
|
><A
|
577 |
|
|
HREF="net-snmp-mib-compiler.html"
|
578 |
|
|
ACCESSKEY="P"
|
579 |
|
|
>Prev</A
|
580 |
|
|
></TD
|
581 |
|
|
><TD
|
582 |
|
|
WIDTH="34%"
|
583 |
|
|
ALIGN="center"
|
584 |
|
|
VALIGN="top"
|
585 |
|
|
><A
|
586 |
|
|
HREF="ecos-ref.html"
|
587 |
|
|
ACCESSKEY="H"
|
588 |
|
|
>Home</A
|
589 |
|
|
></TD
|
590 |
|
|
><TD
|
591 |
|
|
WIDTH="33%"
|
592 |
|
|
ALIGN="right"
|
593 |
|
|
VALIGN="top"
|
594 |
|
|
><A
|
595 |
|
|
HREF="net-httpd.html"
|
596 |
|
|
ACCESSKEY="N"
|
597 |
|
|
>Next</A
|
598 |
|
|
></TD
|
599 |
|
|
></TR
|
600 |
|
|
><TR
|
601 |
|
|
><TD
|
602 |
|
|
WIDTH="33%"
|
603 |
|
|
ALIGN="left"
|
604 |
|
|
VALIGN="top"
|
605 |
|
|
>MIB Compiler</TD
|
606 |
|
|
><TD
|
607 |
|
|
WIDTH="34%"
|
608 |
|
|
ALIGN="center"
|
609 |
|
|
VALIGN="top"
|
610 |
|
|
><A
|
611 |
|
|
HREF="net-snmp-ecos-port.html"
|
612 |
|
|
ACCESSKEY="U"
|
613 |
|
|
>Up</A
|
614 |
|
|
></TD
|
615 |
|
|
><TD
|
616 |
|
|
WIDTH="33%"
|
617 |
|
|
ALIGN="right"
|
618 |
|
|
VALIGN="top"
|
619 |
|
|
>Embedded HTTP Server</TD
|
620 |
|
|
></TR
|
621 |
|
|
></TABLE
|
622 |
|
|
></DIV
|
623 |
|
|
></BODY
|
624 |
|
|
></HTML
|
625 |
|
|
>
|