原创作品,转载请注明出处,严禁非法转载。如有错误,请留言!
email:40879506@qq.com
题外话:技术越是古董级的东西,越是值得学习。
一. 配置
参考: http://www.cnblogs.com/oloroso/p/4595123.html
./configure --prefix=/usr/local/net-snmp --with-default-snmp-version=2c --with-sys-contact="xxx@163.com" --with-sys-location="China" --with-logfile="/var/log/snmpd.log" --with-persistent-directory=/var/net-snmp/ --enable-applications --enable-ipv6 --with-out-transports="TCP TCPv6 Unix" --with-transports="Callback UDP UDPIPv6" --disable-nls --enable-shared --enable-static --disable-embedded-perl
最后输出配置简要如下,说明配置成功。如果遇到缺少perl之类的库错误,说明需要安装依赖库,常用命令是suod apt-get install libxxx-dev或者xxx-dev或者libxxx
---------------------------------------------------------
Net-SNMP configuration summary:
---------------------------------------------------------
SNMP Versions Supported: 1 2c 3
Net-SNMP Version: 5.4.4
Building for: linux
Network transport support: TCPIPv6 Callback UDP UDPIPv6
SNMPv3 Security Modules: usm
Agent MIB code: default_modules => snmpv3mibs mibII ucd_snmp notification notification-log-mib target agent_mibs agentx disman/event disman/schedule utilities host
Embedded Perl support: disabled
SNMP Perl modules: building -- not embeddable
SNMP Python modules: disabled
Authentication support: MD5 SHA1
Encryption support: DES AES
二. 安装
make && make install
三. 设置环境变量
添加如下一行
# vi /etc/profile
PATH=/usr/local/net-snmp/bin:/usr/local/net-snmp/sbin:$PATH
source /etc/profile
四. 配置文件
参考 :http://www.cnblogs.com/oloroso/p/4844907.html
以SNMPv2为例
rocommunity public
rwcommunity private
五.运行和测试SNMP V2
运行:
snmpd -c /usr/local/net-snmp/share/snmp/snmpd.conf
测试:
root@andy:/home/andy/vm_share/netsnmp/net-snmp-5.4.4# snmpget -v 2c -c public 127.0.0.1 system.sysName.0
SNMPv2-MIB::sysName.0 = STRING: andy
snmpwalk -v 2c -c public 127.0.0.1 system
六.配置文件内容
参考:以V2为例, 增加一些高级内容,VACM理论可以参考官方文档。这里等以后学习了,再专门分析一下,基于视图的访问控制模型还是值得学习一下,网上也有很多文章滴。
1 syslocation suzhou_SIP 2 syscontact localhost 3 sysname gateway 4 iquerySecName root 5 6 com2sec public 0.0.0.0 public 7 com2sec private 0.0.0.0 private 8 group public v1 public 9 group private v1 private 10 group public v2c public 11 group private v2c private 12 13 14 view all included .1 80 15 access public "" v2c noauth exact all none all 16 access private "" v2c noauth exact none all all
七.遇到问题
错误:
SNMPv3 report received from remote agent.
Security user name: yy
Security engine ID: 80.00.1F.88.80.3C.89.93.24.CB.C3.B3.58 (hex)
Context name: (zero-length)
Context engine ID: 80.00.1F.88.80.3C.89.93.24.CB.C3.B3.58 (hex)
Authentication protocol: HMAC SHA
Privacy protocol: CFB AES 128
Security level: Authentication And Privacy
Security model: USM
1: usmStatsWrongDigests.0 (counter) 1
原因:认证和加密值不符合要求
1 Name: usmStatsWrongDigests 2 Type: OBJECT-TYPE 3 OID: 1.3.6.1.6.3.15.1.1.5 4 Full path: iso(1).org(3).dod(6).internet(1).snmpV2(6).snmpModules(3).snmpUsmMIB(15).usmMIBObjects(1).usmStats(1).usmStatsWrongDigests(5) 5 Module: SNMP-USER-BASED-SM-MIB 6 7 Parent: usmStats 8 Prev sibling: usmStatsUnknownEngineIDs 9 Next sibling: usmStatsDecryptionErrors 10 11 Numerical syntax: Counter (32 bit) 12 Base syntax: Counter32 13 Composed syntax: Counter32 14 Status: current 15 Max access: read-only 16 17 Description: The total number of packets received by the SNMP 18 engine which were dropped because they didn't 19 contain the expected digest value.
解决办法:
检查认证值和加密值长度是否符合最低要求。或者修改usmStatsWrongDigests里面的函数检查。
八.参考
http://www.cnblogs.com/oloroso/p/4844907.html
http://www.net-snmp.org/wiki/index.php/Tutorials