blog.up-link.ro android bsd linux unix & open-source world

25Apr/100

FreeBSD: How To Install and Configure SNMP in FreeBSD

WP Greet Box icon
Hello there! If you are new here, you might want to subscribe to the RSS feed or subscribe via E-mail for updates on this topic.

Simple Network Management Protocol (SNMP) is a UDP-based network protocol. It is used in network management systems to monitor network-attached devices for conditions that warrant administrative attention.

1. SNMP installation using ports

Install net-snmp using this commands:

# cd /usr/ports/net-mgmt/net-snmp
# make install clean

net-snmp

2. SNMP basic configuration

Copy the default configuration file to the right location.

# cp /usr/local/share/snmp/snmpd.conf.example /usr/local/etc/snmpd.conf

Open /usr/local/etc/snmpd.conf and set up the community and network access.

Click here to download an example configuration file.

Open /etc/rc.conf in your favorite editor and make sure snmpd is enabled:

snmpd_enable="YES"
snmpd_conffile="/usr/local/etc/snmpd.conf"

Type the following command to start snmpd:

# /usr/local/etc/rc.d/snmpd start

At this point you should be able to snmpwalk your host

# snmpwalk -v1 -c public 127.0.0.1

This will get you up and running with a basic snmp configuration. Next, we'll use snmpconf utility to set up an advanced configration. The next step is optional.

3. SNMP advanced configuration using snmpconf

There is a handy utility called 'snmpconf' that can be run to help you generate the snmp.conf (optional) and snmpd.conf files. This will give you more options and help you with the security.

# snmpconf -i

I can create the following types of configuration files for you.
Select the file type you wish to create:

1:  snmp.conf
2:  snmptrapd.conf
3:  snmpd.conf

snmp.conf dictates how Net-SNMP applications should operate, snmptrapd.conf  configures the snmptrapd daemon which is used for ongoing monitoring via SNMP, and snmpd.conf defines how the snmp daemon which we will be using, is configured.
Choose option '3'.

The main menu:

1:  System Information Setup
2:  Access Control Setup
3:  Trap Destinations
4:  Monitor Various Aspects of the Running Host
5:  Extending the Agent
6:  Agent Operating Mode

Choose option '1', and at the 'System Information Setup' menu, choose '1' again. You will be asked to enter the location of your system. This can be the country, locality, site name, or any other data you would use to describe the location of the system. After you enter this, you will be returned to the 'System Information Setup' menu.
Choose option '2' and enter the contact information for the administrator of the machine.
Finally, when you choose option '3', you will be asked a number of "Yes/No" questions to determine what the proper value for the sysServices object. This is used to determine what services your machine offers. Reply with a '1' for yes, or '0' for no.
When you are done with the 'System Information Setup' menu, type 'finished' to return to the main menu.

From the main menu, choose option '2' for 'Access Control Setup'

1:  a SNMPv3 read-write user
2:  a SNMPv3 read-only user
3:  a SNMPv1/SNMPv2c read-only access community name
4:  a SNMPv1/SNMPv2c read-write access community name

For the purpose of simplicity, we will set up a read-only SNMPv1 server which listens only on localhost. SNMPv2 and v3 provide some added security in the form of user names and passwords.
To continue, choose option '3'. You will be asked to enter a community name for read-only access. This can be any one-word string you wish (for example pub), and is simply used as a weak method of authentication to restrict access to the service.
Then choose 'localhost' as the hostname from which to accept that community string, and press ENTER for no-restrictions on what the user of that community string can read.

Next we will confirm where the daemon should be listening. From the main menu, choose option '6' for 'Agent Operating Mode'

1:  Should the agent operate as a master agent or not.
2:  The system user that the agent runs as.
3:  The system group that the agent runs as.
4:  The IP address and port number that the agent will listen on.

Choose option '4', and enter 127.0.0.1 as the address at which snmpd will listen. Return to the main menu, and choose 'finished' again. You will be shown to the original menu asking which file you would like to edit. choose to 'quit'.

Finally, we have to copy the configuration to the right location and then restart snmpd:

# cp /usr/local/share/snmp/snmpd.conf /usr/local/etc/snmpd.conf
# /usr/local/etc/rc.d/snmpd restart.

Print This Post Print This Post
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment


*

No trackbacks yet.