[BACK]Return to snmpd.config CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / uboot

Diff for /elwix/config/etc/uboot/snmpd.config between versions 1.1 and 1.2

version 1.1, 2014/01/23 09:24:03 version 1.2, 2014/09/15 19:06:48
Line 0 Line 1
   # $FreeBSD: src/etc/snmpd.config,v 1.14 2012/11/17 01:49:02 svnexp Exp $
   #
   # Example configuration file for bsnmpd(1).
   #
   
   #
   # Set some common variables
   #
   location := "Room 200"
   contact := "sysmeister@elwix.org"
   system := 1     # FreeBSD
   traphost := localhost
   trapport := 162
   
   #
   # Set the SNMP engine ID.
   #
   # The snmpEngineID object required from the SNMPv3 Framework. If not explicitly set via
   # this configuration file, an ID is assigned based on the value of the
   # kern.hostid variable
   # engine := 0x80:0x10:0x08:0x10:0x80:0x25
   # snmpEngineID = $(engine)
   
   # Change this!
   read := "public"
   # Uncomment begemotSnmpdCommunityString.0.2 below that sets the community
   # string to enable write access.
   write := "geheim"
   trap := "mytrap"
   
   #
   # Declarations for SNMP-USER-BASED-SM-MIB authentication and privacy options
   #
   
   NoAuthProtocol          := 1.3.6.1.6.3.10.1.1.1
   HMACMD5AuthProtocol     := 1.3.6.1.6.3.10.1.1.2
   HMACSHAAuthProtocol     := 1.3.6.1.6.3.10.1.1.3
   NoPrivProtocol          := 1.3.6.1.6.3.10.1.2.1
   DESPrivProtocol         := 1.3.6.1.6.3.10.1.2.2
   AesCfb128Protocol       := 1.3.6.1.6.3.10.1.2.4
   
   #
   # Enumerations from SNMP-FRAMEWORK-MIB
   #
   
   # Security models
   securityModelAny        := 0
   securityModelSNMPv1     := 1
   securityModelSNMPv2c    := 2
   securityModelUSM        := 3
   
   # Message Processing models
   MPmodelSNMPv1           := 0
   MPmodelSNMPv2c          := 1
   MPmodelSNMPv3           := 3
   
   # Security levels
   noAuthNoPriv := 1
   authNoPriv := 2
   authPriv := 3
   
   
   # SNMPv3 USM User definition
   #
   # The localized hex password for a user may be obtained by setting SNMPUSER, SNMPPASSWD,
   # SNMPAUTH and SNMPPRIV environment variables to the desired parameters and invoking
   # 'bsnmpget -v 3 -D -K -o verbose' against the running bsnmpd(1). For other
   # usages refer to the bsnmpget(1) manual page. The following lines define a user "bsnmp"
   # with a private password "bsnmptest", localized for the above engine ID.
   #
   #user1 := "bsnmp"
   #user1passwd := 0x22:0x98:0x1a:0x6e:0x39:0x93:0x16:0x5e:0x6a:0x21:0x1b:0xd8:0xa9:0x81:0x31:0x05:0x16:0x33:0x38:0x60
   
   #
   # Configuration
   #
   %snmpd
   begemotSnmpdDebugDumpPdus       = 2
   begemotSnmpdDebugSyslogPri      = 7
   
   #
   # Set the read and write communities.
   #
   # The default value of the community strings is NULL (note, that this is
   # different from the empty string). This disables both read and write access.
   # To enable read access only the read community string must be set. Setting
   # the write community string enables both read and write access with that
   # string.
   #
   # Be sure to understand the security implications of SNMPv2 - the community
   # strings are readable on the wire!
   #
   begemotSnmpdCommunityString.0.1 = $(read)
   # begemotSnmpdCommunityString.0.2       = $(write)
   begemotSnmpdCommunityDisable    = 1
   
   # open standard SNMP ports
   begemotSnmpdPortStatus.0.0.0.0.161 = 1
   
   # open a unix domain socket
   begemotSnmpdLocalPortStatus."/var/run/snmpd.sock" = 1
   begemotSnmpdLocalPortType."/var/run/snmpd.sock" = 4
   
   # send traps to the traphost
   begemotTrapSinkStatus.[$(traphost)].$(trapport) = 4
   begemotTrapSinkVersion.[$(traphost)].$(trapport) = 2
   begemotTrapSinkComm.[$(traphost)].$(trapport) = $(trap)
   
   sysContact      = $(contact)
   sysLocation     = $(location)
   sysObjectId     = 1.3.6.1.4.1.12325.1.1.2.1.$(system)
   
   snmpEnableAuthenTraps = 2
   
   #
   # SNMPv3 User-based security module - must be loaded for SNMPv3 USM
   #
   #begemotSnmpdModulePath."usm"   = "/usr/lib/snmp_usm.so"
   
   #
   # SNMPv3 USM User definition.
   #
   
   #%usm
   
   #
   # The following block creates a user with name "bsnmp" and sets privacy
   # and encryption options to SHA256 message digests and AES encryption
   # for this user.
   # 
   # usmUserStatus.$(engine).$(user1) = 5
   # usmUserAuthProtocol.$(engine).$(user1) = $(HMACSHAAuthProtocol)
   # usmUserAuthKeyChange.$(engine).$(user1) = $(user1passwd)
   # usmUserPrivProtocol.$(engine).$(user1) = $(AesCfb128Protocol)
   # usmUserPrivKeyChange.$(engine).$(user1) = $(user1passwd)
   # usmUserStatus.$(engine).$(user1) = 1
   #
   
   #
   # The following block creates a user with name "public" with no authentication
   # or encryption options.
   #
   # usmUserStatus.$(engine).$(read) = 5
   # usmUserAuthProtocol.$(engine).$(read) = $(NoAuthProtocol)
   # usmUserPrivProtocol.$(engine).$(read) = $(NoPrivProtocol)
   # usmUserStatus.$(engine).$(read) = 1
   #
   
   #
   # SNMPv3 View-based Access Control module
   #
   #begemotSnmpdModulePath."vacm"  = "/usr/lib/snmp_vacm.so"
   
   #
   # Definition of view-based access control entries.
   #
   #%vacm
   
   # Definition of a SNMPv1 group
   # vacmSecurityToGroupStatus.$(securityModelSNMPv1).$(read) = 4
   # vacmGroupName.$(securityModelSNMPv1).$(read) = $(read)
   
   # Definition of SNMPv2 group
   # vacmSecurityToGroupStatus.$(securityModelSNMPv2c).$(write) = 4
   # vacmGroupName.$(securityModelSNMPv2c).$(write) = $(write)
   
   # Definition of SNMPv3 group with users "bsnmp" and "public"
   # vacmSecurityToGroupStatus.$(securityModelUSM).$(user1) = 4
   # vacmGroupName.$(securityModelUSM).$(user1) = $(write)
   # vacmSecurityToGroupStatus.$(securityModelUSM).$(read) = 4
   # vacmGroupName.$(securityModelUSM).$(read) = $(write)
   
   # 
   # The OID of the .iso.org.dod.internet subtree
   #
   # internetoid := 1.3.6.1
   # internetoidlen := 4
   
   #
   # Definitions of two views
   #
   # vacmViewTreeFamilyStatus."internet".$(internetoidlen).$(internetoid) = 4
   # vacmViewTreeFamilyStatus."restricted".$(internetoidlen).$(internetoid) = 4
   
   #
   # Access control
   #
   
   #
   # Read-only access for SNMPv1 users
   #
   # vacmAccessStatus.$(read)."".$(securityModelSNMPv1).$(noAuthNoPriv) = 4
   # vacmAccessReadViewName.$(read)."".$(securityModelSNMPv1).$(noAuthNoPriv) = "internet"
   
   #
   # Read-write access for SNMPv2 users 
   #
   # vacmAccessStatus.$(write)."".$(securityModelSNMPv2c).$(noAuthNoPriv) = 4
   # vacmAccessReadViewName.$(write)."".$(securityModelSNMPv2c).$(noAuthNoPriv) = "internet"
   # vacmAccessWriteViewName.$(write)."".$(securityModelSNMPv2c).$(noAuthNoPriv) = "internet"
   
   #
   # Read-write-notify access for SNMPv3 USM users with noAuthNoPriv
   #
   # vacmAccessStatus.$(write)."".3.$(noAuthNoPriv) = 4
   # vacmAccessReadViewName.$(write)."".$(securityModelUSM).$(noAuthNoPriv) = "internet"
   # vacmAccessWriteViewName.$(write)."".$(securityModelUSM).$(noAuthNoPriv) = "internet"
   # vacmAccessNotifyViewName.$(write)."".$(securityModelUSM).$(noAuthNoPriv) = "internet"
   
   #
   #Read-write-notify access to restricted for SNMPv3 USM users with authPriv
   #
   # vacmAccessStatus.$(write)."".3.$(authPriv) = 4
   # vacmAccessReadViewName.$(write)."".3.$(authPriv) = "restricted"
   # vacmAccessWriteViewName.$(write)."".3.$(authPriv) = "restricted"
   # vacmAccessNotifyViewName.$(write)."".3.$(authPriv) = "restricted"
   
   #
   # SNMPv3 Notification Targets
   #
   # begemotSnmpdModulePath."target"       = "/usr/lib/snmp_target.so"
   
   #%target
   # Send notifications to target tag "test"
   # tag           := "test"
   # snmpNotifyRowStatus.$(tag) = 4
   # snmpNotifyTag.$(tag) = $(tag)
   
   # tagremote             := "testremote"
   # snmpNotifyRowStatus.$(tagremote) = 4
   # snmpNotifyTag.$(tagremote) = $(tagremote)
   
   #
   # Specify the target parameters for the notifications - send with the credentials
   # of user "bsnmp"
   #
   # snmpTargetParamsRowStatus.$(tag) = 5
   # snmpTargetParamsMPModel.$(tag) = $(MPmodelSNMPv3)
   # snmpTargetParamsSecurityModel.$(tag) = $(securityModelUSM)
   # snmpTargetParamsSecurityName.$(tag) = $(user1)
   # snmpTargetParamsSecurityLevel.$(tag) = $(authPriv)
   # snmpTargetParamsRowStatus.$(tag) = 1
   
   #
   # Define the notifications' target address - port 162 on localhost
   #
   # snmpTargetAddrRowStatus.$(tag) = 5
   # snmpTargetAddrTAddress.$(tag) = 0x7f:0x0:0x0:0x1:0x0:0xa2
   # snmpTargetAddrTagList.$(tag) = "test notification"
   # snmpTargetAddrParams.$(tag) = $(tag)
   # snmpTargetAddrRowStatus.$(tag) = 1
   
   #
   # Define the notifications' target address - port 162 on 10.0.0.1
   #
   # snmpTargetAddrRowStatus.$(tagremote) = 5
   # snmpTargetAddrTAddress.$(tagremote) = 0x0a:0x00:0x00:0x1:0x0:0xa2
   # snmpTargetAddrTagList.$(tagremote) = $(tagremote)
   # snmpTargetAddrParams.$(tagremote) = $(tag)
   # snmpTargetAddrRowStatus.$(tagremote) = 1
   
   #
   # Load MIB-2 module
   #
   begemotSnmpdModulePath."mibII"  = "/usr/lib/snmp_mibII.so"
   
   # Force a polling rate for the 64-bit interface counters in case
   # the automatic computation is wrong (which may be the case if an interface
   # announces the wrong bit rate via its MIB).
   #%mibII
   #begemotIfForcePoll = 2000
   
   
   # Netgraph module
   #
   #begemotSnmpdModulePath."netgraph" = "/usr/lib/snmp_netgraph.so"
   #
   #%netgraph
   #begemotNgControlNodeName = "snmpd"
   
   #
   # pf(4) module
   #
   #begemotSnmpdModulePath."pf"    = "/usr/lib/snmp_pf.so"
   
   #
   # Host resources module
   #  This requires the mibII module.
   #
   #begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
   
   #
   # Bridge module
   #  This requires the mibII module.
   #
   #begemotSnmpdModulePath."bridge" = "/usr/lib/snmp_bridge.so"
   
   #
   # Wireless module
   #  This requires the mibII module.
   #
   #begemotSnmpdModulePath."wlan" = "/usr/lib/snmp_wlan.so"
Removed from v.1.1  
changed lines
  Added in v.1.2

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>