FreeBSD 9.2: install net-snmp by using ports

# cd /usr/ports/net-mgmt/net-snmp/ # make install clean

clock OK

done!

bin/cat /usr/ports/net-mgmt/net-snmp/work/pkg-message **** This port installs snmp daemon, header files and libraries but don't     invokes snmpd by default.     If you want to invoke snmpd and/or snmptrapd at startup, put these     lines into /etc/rc.conf.        snmpd_enable="YES"        snmpd_flags="-a"        snmpd_conffile="/usr/local/share/snmp/snmpd.conf /etc/snmpd.conf"        snmptrapd_enable="YES"        snmptrapd_flags="-a -p /var/run/snmptrapd.pid" **** You may specify the following make variables:        NET_SNMP_SYS_CONTACT="zi@FreeBSD.org"        NET_SNMP_SYS_LOCATION="USA"        DEFAULT_SNMP_VERSION=3        NET_SNMP_MIB_MODULES="host smux mibII/mta_sendmail ucd-snmp/diskio"        NET_SNMP_LOGFILE=/var/log/snmpd.log        NET_SNMP_PERSISTENTDIR=/var/net-snmp     to define default values (or overwriting defaults).  At least     setting first two variables, you will not be prompted during     configuration process.  You may also set        BATCH="yes"     to avoid interactive configuration. /bin/mkdir -p /var/agentx ===>   Compressing manual pages for net-snmp-5.7.2_3 ===>   Running ldconfig /sbin/ldconfig -m /usr/local/lib ===>   Registering installation for net-snmp-5.7.2_3 ===> SECURITY REPORT:      This port has installed the following files which may act as network      servers and may therefore pose a remote security risk to the system. /usr/local/lib/libnetsnmp.so.30 /usr/local/lib/libnetsnmpagent.so.30      This port has installed the following startup scripts which may cause      these network services to be started at boot time. /usr/local/etc/rc.d/snmpd /usr/local/etc/rc.d/snmptrapd      If there are vulnerabilities in these programs there may be a security      risk to the system. FreeBSD makes no guarantee about the security of      ports included in the Ports Collection. Please type 'make deinstall'      to deinstall the port if this is a concern.      For more information, and contact details about the security      status of this software, see the following webpage: http://net-snmp.sourceforge.net/ ===>  Cleaning for perl-5.14.4 ===>  Cleaning for net-snmp-5.7.2_3 #

edit /etc/rc.conf to boot SNMPD when booting the OS

# tail -4 /etc/rc.conf snmpd_enable="YES" snmpd_flags="-a -p /var/run/snmpd.pid" snmptrapd_enable="YES" snmptrapd_flags="-a -p /var/run/snmptrapd.pid"

make /usr/local/share/snmp/snmpd.conf

# cd /usr/local/share/snmp/ # cat snmpd.conf com2sec notConfigUser  default       public group   notConfigGroup v1           notConfigUser group   notConfigGroup v2c           notConfigUser view    systemview    included   .1 access  notConfigGroup ""      any       noauth    exact  systemview systemview none access MyRWGroup ""      any       noauth    0      all    all    all syslocation Unknown (edit /etc/snmp/snmpd.conf) syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf) dontLogTCPWrappersConnects yes master agentx agentX Socket /var/agentx/master trap2sink localhost public

start SNMPD

error..

# /usr/local/etc/rc.d/snmpd start /usr/local/etc/rc.d/snmpd: ERROR: $snmpd_flags includes -p option. Please use $snmpd_pidfile instead.

edit /etc/rc.conf

# cat /etc/rc.conf #snmpd_enable="YES" #snmpd_flags="-a -p /var/run/snmpd.pid" #snmptrapd_enable="YES" #snmptrapd_flags="-a -p /var/run/snmptrapd.pid" snmpd_enable="YES" snmpd_flags="-a" snmpd_conffile="/usr/local/share/snmp/snmpd.conf /etc/snmpd.conf" snmptrapd_enable="YES" snmptrapd_flags="-a -p /var/run/snmptrapd.pid"

start SNMPD.

other errors.

# /usr/local/etc/rc.d/snmpd start /usr/local/etc/rc.d/snmpd: ERROR: snmpd configuration file /etc/snmpd.conf not found.

copy snmpd.conf to /etc

# cp /usr/local/share/snmp/snmpd.conf /etc/snmpd.conf

# /usr/local/etc/rc.d/snmpd start Starting snmpd. # netstat -an | grep 161 udp4       0      0 *.161                  *.*

run snmpwalk

# snmpwalk -v 2c -c public 127.0.0.1 . | head -10 SNMPv2-MIB::sysDescr.0 = STRING: FreeBSD bsd01.localdomain 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 2013     root@bake.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.8 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (11611) 0:01:56.11 SNMPv2-MIB::sysContact.0 = STRING: Root <root@localhost> (configure /etc/snmp/snmp.local.conf) SNMPv2-MIB::sysName.0 = STRING: bsd01.localdomain SNMPv2-MIB::sysLocation.0 = STRING: Unknown (edit /etc/snmp/snmpd.conf) SNMPv2-MIB::sysServices.0 = INTEGER: 72 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (2) 0:00:00.02 SNMPv2-MIB::sysORID.1 = OID: SNMP-MPD-MIB::snmpMPDCompliance SNMPv2-MIB::sysORID.2 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance

Ubuntu12.04 : net-snmp how to allow SNMP clients to retrieve all OIDs

# tail -1 /etc/lsb-release ;uname -ri DISTRIB_DESCRIPTION="Ubuntu 12.04.3 LTS" 3.2.0-56-generic x86_64

install snmpd, snmp client

# apt-get install snmp snmpd # dpkg -l snmpd Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name           Version        Description +++-==============-==============-============================================ ii  snmpd          5.4.3~dfsg-2.4 SNMP (Simple Network Management Protocol) ag

edit /etc/snmp/snmpd.conf

view all included .1 80 rocommunity public  default    -V all

restart snmpd

# service snmpd restart

run snmpbulkwalk to confirm you could collect all OIDs info.

# snmpbulkwalk -v 2c -c public 127.0.0.1 .1 -On  | head -10 .1.3.6.1.2.1.1.1.0 = STRING: "Linux ans1.localdomain 3.2.0-56-generic #86-Ubuntu SMP Wed Oct 23 09:20:45 UTC 2013 x86_64" .1.3.6.1.2.1.1.2.0 = OID: .1.3.6.1.4.1.8072.3.2.10 .1.3.6.1.2.1.1.3.0 = Timeticks: (1818) 0:00:18.18 .1.3.6.1.2.1.1.4.0 = STRING: "Me <me@example.org>" .1.3.6.1.2.1.1.5.0 = STRING: "ans1.localdomain" .1.3.6.1.2.1.1.6.0 = STRING: "Sitting on the Dock of the Bay" .1.3.6.1.2.1.1.7.0 = INTEGER: 72 .1.3.6.1.2.1.1.8.0 = Timeticks: (0) 0:00:00.00 .1.3.6.1.2.1.1.9.1.2.1 = OID: .1.3.6.1.6.3.10.3.1.1

to install SNMP MIB files, install snmp-mibs-downloader via apt-get.

# apt-get install snmp-mibs-downloader

download MIB files.

# download-mibs

# snmpbulkwalk -v 2c -c public 127.0.0.1 .1 . -m ALL | head -10 SNMPv2-MIB::sysDescr.0 = STRING: Linux ans1.localdomain 3.2.0-56-generic #86-Ubuntu SMP Wed Oct 23 09:20:45 UTC 2013 x86_64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-TC::linux DISMAN-EXPRESSION-MIB::sysUpTimeInstance = Timeticks: (48594) 0:08:05.94 SNMPv2-MIB::sysContact.0 = STRING: Me <me@example.org> SNMPv2-MIB::sysName.0 = STRING: ans1.localdomain SNMPv2-MIB::sysLocation.0 = STRING: Sitting on the Dock of the Bay SNMPv2-MIB::sysServices.0 = INTEGER: 72 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance

how to install libvirt-snmp on Ubuntu 12.10

# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:    Ubuntu 12.10 Release:        12.10 Codename:       quantal # uname -ri 3.5.0-22-generic x86_64 # libvirtd --version libvirtd (libvirt) 0.9.13 # kvm --version QEMU emulator version 1.2.0 (qemu-kvm-1.2.0+noroms-0ubuntu2.12.10.2, Debian), Copyright (c) 2003-2008 Fabrice Bellard

[ install libvirt-snmp ]

download libvirt-snmp via git

#  git clone git://libvirt.org/libvirt-snmp.git

# cd libvirt-snmp

error

# ./autobuild.sh <snip> checking for LIBVIRT... no configure: error: Package requirements (libvirt >= 0.8.0) were not met: No package 'libvirt' found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables LIBVIRT_CFLAGS and LIBVIRT_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details.

no libvirt traces..

# pkg-config --list-all | grep libvirt #

it seems that I need to install libvirt library

# apt-get install libvirt-dev

# pkg-config --list-all | grep libvirt libvirt                        libvirt - libvirt library

again .. error

# ./autobuild.sh <snip> config.status: creating config.h config.status: executing depfiles commands Now type 'make' to compile libvirt-snmp. make make  all-recursive make[1]: Entering directory `/root/libvirt-snmp/build' Making all in src/ make[2]: Entering directory `/root/libvirt-snmp/build/src' gcc -DHAVE_CONFIG_H -I. -I../../src -I..     -DNETSNMP_ENABLE_IPV6 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Ulinux -Dlinux=linux -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fstack-protector -fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/lib/perl/5.14/CORE -D_FORTIFY_SOURCE=2 -I/usr/include     -g -O2 -MT libvirtMib_subagent-libvirtGuestTable_data_get.o -MD -MP -MF .deps/libvirtMib_subagent-libvirtGuestTable_data_get.Tpo -c -o libvirtMib_subagent-libvirtGuestTable_data_get.o `test -f 'libvirtGuestTable_data_get.c' || echo '../../src/'`libvirtGuestTable_data_get.c ../../src/libvirtGuestTable_data_get.c:24:38: fatal error: net-snmp/net-snmp-config.h: No such file or directory compilation terminated. make[2]: *** [libvirtMib_subagent-libvirtGuestTable_data_get.o] Error 1 make[2]: Leaving directory `/root/libvirt-snmp/build/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/root/libvirt-snmp/build' make: *** [all] Error 2

I forgot installing snmp related packages which are required to build libvirt-snmp.
install snmp packages which are required to build libvirt-snmp

# apt-get install snmp snmpd libsnmp-dev libsnmp-perl –y

# ./autobuild.sh

libvirt-snmp.tgz will be created under “libvirt-snmp/build” directory.

# ls ~/libvirt-snmp/build/*.tar.gz /root/libvirt-snmp/build/libvirt-snmp-0.0.3.tar.gz

build

# cp libvirt-snmp/build/libvirt-snmp-0.0.3.tar.gz /root/ # tar xzvf libvirt-snmp-0.0.3.tar.gz # cd libvirt-snmp-0.0.3/ # ./configure # make # make install

# which libvirtMib_subagent /usr/local/bin/libvirtMib_subagent

[ snmp configuration ]

# cat /etc/snmp/snmpd.conf com2sec notConfigUser  default       public group   notConfigGroup v1           notConfigUser group   notConfigGroup v2c           notConfigUser view    systemview    included   .1 access  notConfigGroup ""      any       noauth    exact  systemview systemview none access MyRWGroup ""      any       noauth    0      all    all    all syslocation Unknown (edit /etc/snmp/snmpd.conf) syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf) dontLogTCPWrappersConnects yes master agentx agentX Socket /var/agentx/master trap2sink localhost public

restart snmpd

# /etc/init.d/snmpd restart * Restarting network management services:

start libvirtMib_subagent

# LIBVIRT_DEFAULT_URI="qemu:///system" libvirtMib_subagent -f -L NET-SNMP version 5.4.3 AgentX subagent connected

send snmp packets
nnn , can’t find MIBs..

# snmpbulkwalk -c public -v2c localhost . -m ALL | head -5 MIB search path: /root/.snmp/mibs:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp Cannot find module (SNMPv2-SMI): At line 10 in /usr/share/mibs/netsnmp/LIBVIRT-MIB.txt Cannot find module (SNMPv2-TC): At line 14 in /usr/share/mibs/netsnmp/LIBVIRT-MIB.txt Did not find 'enterprises' in module #-1 (/usr/share/mibs/netsnmp/LIBVIRT-MIB.txt) <snip>

check MIB path

# net-snmp-config --default-mibdirs /root/.snmp/mibs:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp

download MIBs

# apt-get install -y snmp-mibs-downloader

some errors were displayed , however I was able to translate SNMP GET replies with MIBs.

# snmpbulkwalk -v 2c -c public localhost -OX libvirtMIB -m all Undefined OBJECT-GROUP (diffServMIBMultiFieldClfrGroup): At line 2195 in /usr/share/mibs/ietf/IPSEC-SPD-MIB Undefined OBJECT-GROUP (diffServMultiFieldClfrNextFree): At line 2157 in /usr/share/mibs/ietf/IPSEC-SPD-MIB Undefined OBJECT-GROUP (diffServMIBMultiFieldClfrGroup): At line 2062 in /usr/share/mibs/ietf/IPSEC-SPD-MIB Bad operator (INTEGER): At line 73 in /usr/share/mibs/ietf/SNMPv2-PDU Unlinked OID in IPATM-IPMC-MIB: marsMIB ::= { mib-2 57 } Undefined identifier: mib-2 near line 18 of /usr/share/mibs/ietf/IPATM-IPMC-MIB Expected "::=" (RFC5644): At line 493 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB Expected "{" (EOF): At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB Bad object identifier: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB Bad parse of OBJECT-IDENTITY: At line 651 in /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB LIBVIRT-MIB::libvirtGuestName[STRING: 4866b0fd-b782-45ad-3b73-c480960ea08f] = STRING: "ubuntu12-04-vm1" LIBVIRT-MIB::libvirtGuestName[STRING: 486887f5-2501-75ec-33a7-9985911fe0a1] = STRING: "ubuntu12-04-vm2" <snip>

net-snmp: snmptrapd

[ snmptrapd のコンフィグ ]

trap を受信できればいいので、ちょーシンプル。

# cat /etc/snmp/snmpdtrapd.conf

authCommunity log,execute,net test

コミュニティ test からの trap を受け付ける。

action として、ログ、コマンドの実行、別ネットワークへの転送を許可。

[ 動作確認 ]

# snmptrapd -f -P -M /usr/share/snmp/mibs -m ALL -c /etc/snmp/snmpdtrapd.conf -Of

Warning: -P option is deprecated; use -f -Le instead

NET-SNMP version 5.3.2.2

-P オプション(ログメッセージを標準エラーに表示する)は deprecated .. 

-P を -Le にして起動

# snmptrapd -f -Le -M /usr/share/snmp/mibs -m ALL -c /etc/snmp/snmpdtrapd.conf -Of

NET-SNMP version 5.3.2.2

ネットワーク機器のリンクをdown　-> up させてトラップを発砲。

# snmptrapd -f -Le -M /usr/share/snmp/mibs -m ALL -c /etc/snmp/snmpdtrapd.conf -Of

NET-SNMP version 5.3.2.2

2010-04-07 20:09:53 172.20.90.165(via UDP: [172.20.90.165]:1024) TRAP, SNMP v1, community test

        .iso.org.dod.internet.private.enterprises.cisco.ciscoMgmt.arrowPoint.apProducts.css11501 Link Down Trap (0) Uptime: 0:33:54.88

        .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifIndex.7 = INTEGER: 7        .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifAdminStatus.7 = INTEGER: down(2)    .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOperStatus.7 = INTEGER: down(2)

2010-04-07 20:09:57 172.20.90.165(via UDP: [172.20.90.165]:1024) TRAP, SNMP v1, community test

        .iso.org.dod.internet.private.enterprises.cisco.ciscoMgmt.arrowPoint.apProducts.css11501 Link Up Trap (0) Uptime: 0:33:58.16

        .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifIndex.7 = INTEGER: 7        .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifAdminStatus.7 = INTEGER: up(1)      .iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOperStatus.7 = INTEGER: up(1)

- OID 表示 ( -Of -> -On に変更 )

# snmptrapd -f -Le -M /usr/share/snmp/mibs -m ALL -c /etc/snmp/snmpdtrapd.conf -On

NET-SNMP version 5.3.2.2

2010-04-07 20:12:52 172.20.90.165(via UDP: [172.20.90.165]:1024) TRAP, SNMP v1, community test

        .1.3.6.1.4.1.9.9.368.4.7 Link Down Trap (0) Uptime: 0:36:53.01

        .1.3.6.1.2.1.2.2.1.1.7 = INTEGER: 7     .1.3.6.1.2.1.2.2.1.7.7 = INTEGER: down(2) .1.3.6.1.2.1.2.2.1.8.7 = INTEGER: down(2)

2010-04-07 20:12:54 172.20.90.165(via UDP: [172.20.90.165]:1024) TRAP, SNMP v1, community test

        .1.3.6.1.4.1.9.9.368.4.7 Link Up Trap (0) Uptime: 0:36:55.16

        .1.3.6.1.2.1.2.2.1.1.7 = INTEGER: 7     .1.3.6.1.2.1.2.2.1.7.7 = INTEGER: up(1) .1.3.6.1.2.1.2.2.1.8.7 = INTEGER: up(1)

- capture data

リンクダウン

Simple Network Management Protocol

version: version-1 (0)

    community: test

    data: trap (4)

        trap

            enterprise: 1.3.6.1.4.1.9.9.368.4.7 (SNMPv2-SMI::enterprises.9.9.368.4.7)

            agent-addr: 172.20.90.165 (172.20.90.165)

            generic-trap: linkDown (2)

            specific-trap: 0

            time-stamp: 228025

            variable-bindings: 3 items

                IF-MIB::ifIndex.7 (1.3.6.1.2.1.2.2.1.1.7): 7

                    Object Name: 1.3.6.1.2.1.2.2.1.1.7 (IF-MIB::ifIndex.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifIndex: 7

                IF-MIB::ifAdminStatus.7 (1.3.6.1.2.1.2.2.1.7.7): down (2)

                    Object Name: 1.3.6.1.2.1.2.2.1.7.7 (IF-MIB::ifAdminStatus.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifAdminStatus: down (2)

                IF-MIB::ifOperStatus.7 (1.3.6.1.2.1.2.2.1.8.7): down (2)

                    Object Name: 1.3.6.1.2.1.2.2.1.8.7 (IF-MIB::ifOperStatus.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifOperStatus: down (2)

リンクアップ

Simple Network Management Protocol

    version: version-1 (0)

    community: test

    data: trap (4)

        trap

            enterprise: 1.3.6.1.4.1.9.9.368.4.7 (SNMPv2-SMI::enterprises.9.9.368.4.7)

            agent-addr: 172.20.90.165 (172.20.90.165)

            generic-trap: linkUp (3)

            specific-trap: 0

            time-stamp: 228536

            variable-bindings: 3 items

                IF-MIB::ifIndex.7 (1.3.6.1.2.1.2.2.1.1.7): 7

                    Object Name: 1.3.6.1.2.1.2.2.1.1.7 (IF-MIB::ifIndex.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifIndex: 7

                IF-MIB::ifAdminStatus.7 (1.3.6.1.2.1.2.2.1.7.7): up (1)

                    Object Name: 1.3.6.1.2.1.2.2.1.7.7 (IF-MIB::ifAdminStatus.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifAdminStatus: up (1)

                IF-MIB::ifOperStatus.7 (1.3.6.1.2.1.2.2.1.8.7): up (1)

                    Object Name: 1.3.6.1.2.1.2.2.1.8.7 (IF-MIB::ifOperStatus.7)

                        IF-MIB::ifEntry.ifIndex: 7

                    IF-MIB::ifOperStatus: up (1)