Contents |
SNMP is fairlly compicated to setup. But for most practical uses, the below setup would suffice which allows for the following:
Tested on Fedora Core 4. The same config would work on FreeBSD.
[shanu@faith ~]$ rpm -qa|grep snmp net-snmp-utils-5.2.1.2-fc4.1 net-snmp-libs-5.2.1.2-fc4.1 net-snmp-5.2.1.2-fc4.1
# First, map the community name "public" into a "security name" # sec.name source community com2sec notConfigUser default public com2sec privateUser localhost private com2sec privateUser a.b.c.d private
# Second, map the security name into a group name: # groupName securityModel securityName group notConfigGroup v1 notConfigUser group notConfigGroup v2c notConfigUser group privateGroup v1 privateUser group privateGroup v2c privateUser
# Third, create a view for us to let the group have rights to: # name incl/excl subtree mask(optional) view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 view all included .1 80
# Finally, grant the group read-only access to the systemview view. # group context sec.model sec.level prefix read write notif access notConfigGroup "" any noauth exact systemview none none access privateGroup "" any noauth exact all none all
# System contact information syslocation 'Bangalore, India' syscontact 'Shanker Balan < at shanu-goaway-spammer-balan-dot-net>'
[shanu@faith ~]$ snmpwalk -Os -c public -v 2c localhost .1 sysDescr.0 = STRING: Shanu's Laptop sysObjectID.0 = OID: netSnmpAgentOIDs.10 sysUpTime.0 = Timeticks: (568003) 1:34:40.03 sysContact.0 = STRING: 'Shanker Balan < at shanu-goaway-spammer-balan-dot-net>' sysName.0 = STRING: faith.bangalore.corp.yahoo.com sysLocation.0 = STRING: 'Bangalore, India' sysORLastChange.0 = Timeticks: (22) 0:00:00.22 sysORID.1 = OID: ifMIB sysORID.2 = OID: snmpMIB sysORID.3 = OID: tcpMIB sysORID.4 = OID: ip sysORID.5 = OID: udpMIB sysORID.6 = OID: vacmBasicGroup sysORID.7 = OID: snmpFrameworkMIBCompliance sysORID.8 = OID: snmpMPDCompliance sysORID.9 = OID: usmMIBCompliance sysORDescr.1 = STRING: The MIB module to describe generic objects for network interface sub-layers sysORDescr.2 = STRING: The MIB module for SNMPv2 entities sysORDescr.3 = STRING: The MIB module for managing TCP implementations sysORDescr.4 = STRING: The MIB module for managing IP and ICMP implementations sysORDescr.5 = STRING: The MIB module for managing UDP implementations sysORDescr.6 = STRING: View-based Access Control Model for SNMP. sysORDescr.7 = STRING: The SNMP Management Architecture MIB. sysORDescr.8 = STRING: The MIB for Message Processing and Dispatching. sysORDescr.9 = STRING: The management information definitions for the SNMP User-based Security Model. sysORUpTime.1 = Timeticks: (18) 0:00:00.18 sysORUpTime.2 = Timeticks: (18) 0:00:00.18 sysORUpTime.3 = Timeticks: (18) 0:00:00.18 sysORUpTime.4 = Timeticks: (18) 0:00:00.18 sysORUpTime.5 = Timeticks: (18) 0:00:00.18 sysORUpTime.6 = Timeticks: (18) 0:00:00.18 sysORUpTime.7 = Timeticks: (22) 0:00:00.22 sysORUpTime.8 = Timeticks: (22) 0:00:00.22 sysORUpTime.9 = Timeticks: (22) 0:00:00.22 hrSystemUptime.0 = Timeticks: (3987402) 11:04:34.02 hrSystemUptime.0 = No more variables left in this MIB View (It is past the end of the MIB tree [shanu@faith ~]$ snmpwalk -Os -c public -v 2c localhost .1|wc -l 36 [shanu@faith ~]$ sudo chkconfig --level 35 snmpd on [shanu@faith ~]$ chkconfig --list|grep snmpd snmpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
[shanu@faith ~]$ snmpwalk -Os -c private -v 2c localhost .1 [..] [shanu@faith ~]$ snmpwalk -Os -c private -v 2c localhost .1|wc -l 7790