I've been reading the book pictured at left, which I hope to review with the next few days. In the text they show examples using Net-SNMP tools to read and change system attributes using SNMP.
One of the examples involves something like the following. They show modification of the sysLocation value.
orr:/home/richard$ snmpget -v 1 -c read 127.0.0.1 sysLocation.0
SNMPv2-MIB::sysLocation.0 = STRING: somewhere
Here I'm reading the system location. Where does "somewhere" come from? I look at /usr/ports/net-mgmt/net-snmp/Makefile and find this:
CONFIGURE_ARGS+=--enable-shared --enable-internal-md5
--with-mib-modules="${_NET_SNMP_MIB_MODULES}"
--with-default-snmp-version="${DEFAULT_SNMP_VERSION}"
--with-sys-contact="${NET_SNMP_SYS_CONTACT}"
--with-sys-location="${NET_SNMP_SYS_LOCATION}"
--with-logfile="${NET_SNMP_LOGFILE}"
--with-persistent-directory="${NET_SNMP_PERSISTENTDIR}"
--with-gnu-ld --with-libwrap --with-libs="-lkvm -ldevstat"
...edited...
DEFAULT_SNMP_VERSION?= 3
NET_SNMP_SYS_CONTACT?= nobody@nowhere.invalid
NET_SNMP_SYS_LOCATION?= somewhere
NET_SNMP_LOGFILE?= /var/log/snmpd.log
NET_SNMP_PERSISTENTDIR?=/var/net-snmp
NET_SNMP_MIB_MODULES?= ${NET_SNMP_MIB_MODULE_LIST}
Since I installed the FreeBSD package, I'm using the default value.
System location is defined in /usr/local/share/snmp/mibs/SNMPv2-MIB.txt
sysLocation OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The physical location of this node (e.g., 'telephone
closet, 3rd floor'). If the location is unknown, the
value is the zero-length string."
::= { system 6 }
As you can see, this is read-write. I should be able to modify it using the example in the text.
orr:/home/richard$ snmpset -v 1 -c write 127.0.0.1 sysLocation.0 s Manassas
SNMPv2-MIB::sysLocation.0 = STRING: Manassas
I can also use SNMP v2c.
orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 sysLocation.0 s Manassas
SNMPv2-MIB::sysLocation.0 = STRING: Manassas
Here is my /usr/local/etc/snmp/snmpd.conf. Note that if I set syslocation and syscontact in this file, I would not be able to change these values using snmpset. The FAQ makes that point.
###########################################################################
#
# snmpd.conf
#
# - created by the snmpconf configuration program
#
###########################################################################
# SECTION: Access Control Setup
#
# This section defines who is allowed to talk to your running
# snmp agent.
# rocommunity: a SNMPv1/SNMPv2c read-only access community name
# arguments: community [default|hostname|network/bits] [oid]
rocommunity read
# rwcommunity: a SNMPv1/SNMPv2c read-write access community name
# arguments: community [default|hostname|network/bits] [oid]
rwcommunity write
As you can see I have no access control and I do not set sysLocation here.
I can alter other values, too. For example:
orr:/home/richard$ snmpget -v 2c -c read 127.0.0.1 1.3.6.1.2.1.11.30.0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 1.3.6.1.2.1.11.30.0 = 1
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: enabled(1)
orr:/home/richard$ snmpget -v 2c -c read 127.0.0.1 1.3.6.1.2.1.11.30.0
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: enabled(1)
orr:/home/richard$ snmpset -v 2c -c write 127.0.0.1 1.3.6.1.2.1.11.30.0 = 2
SNMPv2-MIB::snmpEnableAuthenTraps.0 = INTEGER: disabled(2)
I appreciate Dale Coddington pointing out a syntax error that caused problems with the first version of this post!
0 komentar:
Posting Komentar