[英]How to configure snmpd.conf file to make work SET command in net-snmp?
I have configured the snmpd.conf as follows我已将 snmpd.conf 配置如下
com2sec AllUser default public
group AllGroup v2c AllUser
view AllView included .1
access AllGroup "" any noauth exact AllView none none
mibs +GET-PDU-INFO-MIB
mibs +NOTIFICATION-TEST-MIB
rocommunity private localhost
rwcommunity private localhost
pass .1.3.6.1.4.1.53864.1 /bin/sh /etc/snmp/pduMIBScript.sh
having the path有路
/etc/snmp/snmpd.conf
So after that i tried to send the following commands所以在那之后我尝试发送以下命令
After trying all the above commands one thing I observe is that all the commands are working perfectly fine except the "Set" command.在尝试了上述所有命令之后,我观察到的一件事是,除了“Set”命令之外,所有命令都运行良好。
To debug this issue first thing I confirmed was that the variable which I was trying to set is having read-write access in the MIB file.为了调试这个问题,我首先确认的是我试图设置的变量在 MIB 文件中具有读写访问权限。 MIB file which I was using as follows
我使用的 MIB 文件如下
GET-PDU-INFO-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, enterprises FROM SNMPv2-SMI
;
pduInfo MODULE-IDENTITY
LAST-UPDATED "202005100000Z"
ORGANIZATION "XYZ"
CONTACT-INFO
"postal: admin @ admin"
DESCRIPTION
"This Mib module defines objects for signal statistics"
REVISION "202005100000Z"
DESCRIPTION
"Corrected notification example definitions"
REVISION "200202060000Z"
DESCRIPTION
"First draft"
::= { enterprises 53864 }
--
-- top level structure
--
pduVar OBJECT IDENTIFIER ::= { pduInfo 1 }
--
-- Example scalars
--
gpsVar1 OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"the latest value of signal"
DEFVAL { "hello" }
::= { pduVar 1 }
END
After sending "SET" command from MIB browser I was getting following error从 MIB 浏览器发送“SET”命令后,出现以下错误
What will be the reason for the "SET command issue". “SET 命令问题”的原因是什么。 Can anyone please help me to understand the issue behind this?
谁能帮我理解这背后的问题?
After searching a lot finally I found the solution.经过大量搜索,我终于找到了解决方案。 Now I have edited the snmpd.conf as follows,
现在我编辑了 snmpd.conf 如下,
########################################################################
#######
# Access Control
#######################################################################
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
# By far, the most common question I get about the agent is "why won't
# it work?", when really it should be "how do I configure the agent to
# allow me to access it?"
#
# By default, the agent responds to the "public" community for read
# only access, if run out of the box without any configuration file in
# place. The following examples show you other ways of configuring
# the agent so that you can change the community names, and give
# yourself write access as well.
#
# The following lines change the access permissions of the agent so
# that the COMMUNITY string provides read-only access to your entire
# NETWORK (EG: 10.10.10.0/24), and read/write access to only the
# localhost (127.0.0.1, not its real ipaddress).
#
# For more information, read the FAQ as well as the snmpd.conf(5)
# manual page.
####
# First, map the community name (COMMUNITY) into a security name
# (local and mynetwork, depending on where the request is coming
# from):
# sec.name source community
#com2sec paranoid default public
#com2sec readonly default public
com2sec readwrite default private
####
# Second, map the security names into group names:
# sec.model sec.name
#group MyROSystem v1 paranoid
#group MyROSystem v2c paranoid
#group MyROSystem usm paranoid
#group MyROGroup v1 readonly
#group MyROGroup v2c readonly
#group MyROGroup usm readonly
group MyRWGroup v1 readwrite
group MyRWGroup v2c readwrite
group MyRWGroup usm readwrite
####
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:
# context sec.model sec.level match read write notif
#access MyROSystem "" any noauth exact system none none
#access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
# ------------------------------------------------------------------
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.