为什么SNMP损坏?

28

Ubuntu版本:Ubuntu 14.04.1 LTS

SNMP版本:5.7.2

简短问题:“默认”配置文件中的许多条目已损坏。其实并不重要,因为我什至无法启动SNMP。

期望的结果:我想要一个工作正常的SNMP实例,其中包含尽可能多的默认功能。

注意:从很多来源,包括Canonical拥有的Ubuntu网站,据说我必须修改exportSNMPDOPTS才能具有基本功能。

/etc/default/snmpd

export MIBS=UCD-SNMP-MIB
SNMPDRUN=yes
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'
TRAPDRUN=no
TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
SNMPDCOMPAT=yes

/etc/snmp/snmpd.conf

view   systemonly  included   .1.3.6.1.2.1.1
view   systemonly  included   .1.3.6.1.2.1.25.1
rocommunity public
rwcommunity nanana
sysLocation    vm1-ryd-wlo
sysContact     Paul Adams <pauladams@nanana.com>
sysServices    72
disk       /     10000
disk       /var  5%
load   12 10 5
trapsink     localhost public
iquerySecName   internalUser
rouser          internalUser
master          agentx

/var/log/syslog

Oct  3 13:59:51 mdnsreflector-ryd-wlo snmpd[9120]: Server Exiting with code 1
Oct  3 14:00:09 mdnsreflector-ryd-wlo snmpd[9143]: Turning on AgentX master support.
Oct  3 14:00:09 mdnsreflector-ryd-wlo snmpd[9145]: NET-SNMP version 5.7.2

sudo service --status-all

[ + ]  snmpd

sudo service ufw status

Status: inactive

  1. 即使此配置已加载并且显然正在运行。您实际上无法从远程设备从此SNMP实例查询任何内容。连接最终超时。

  2. 从服务器本身查询它不会产生任何结果。

snmpwalk -Os -c public -v 1本地主机系统

system: Unknown Object Identifier (Sub-id not found: (top) -> system)
  1. 我必须删除“ agentAddress”条目,因为该软件在每次尝试处理该命令时都会不断惊慌。(即使这是默认设置,也应该是它在配置中列出的方式。)

/etc/var/syslog

Oct  3 14:10:32 mdnsreflector-ryd-wlo snmpd[9292]: Turning on AgentX master support.
Oct  3 14:10:32 mdnsreflector-ryd-wlo snmpd[9292]: Turning on AgentX master support.
Oct  3 14:10:32 mdnsreflector-ryd-wlo snmpd[9292]: Error opening specified endpoint "udp:161"
Oct  3 14:10:32 mdnsreflector-ryd-wlo snmpd[9292]: Server Exiting with code 1

sudo服务-状态全部

[ - ]  snmpd
  1. 我必须删除配置中的几个默认条目,因为它们在运行它们时也会引起错误。

/etc/snmp/snmpd.conf

proc mount
proc ntalkd    4
proc sendmail    10 1
includeAllDisks 10%
extend    test1   /bin/echo  Hello, world!
extend-sh test2   echo Hello, world! ; echo Hi there ; exit 35

/ var / log / syslog

Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 90: Error: Already have an entry for this process.
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 92: Error: Already have an entry for this process.
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 94: Error: Already have an entry for this process.
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 106: Error: includeAllDisks already specified.
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 106: Error: #011ignoring: includeAllDisks 10%
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 146: Error: duplicate trigger name
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: message repeated 6 times: [ /etc/snmp/snmpd.conf: line 146: Error: duplicate trigger name]
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 148: Error: duplicate trigger name
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: /etc/snmp/snmpd.conf: line 148: Error: duplicate trigger name
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: duplicate table data attempted to be entered. row exists
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: Failed to register extend entry 'test1' - possibly duplicate name.
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: duplicate table data attempted to be entered. row exists
Oct  3 10:51:11 mdnsreflector-ryd-wlo snmpd[7575]: Failed to register extend entry 'test2' - possibly duplicate name.
14.04  snmp 
保罗·亚当斯
source
以下说明已经过验证工作在14.04 askubuntu.com/a/223734/106495
凯文·鲍文

Answers:

2

SNMP没有损坏。使它工作的过程有些复杂。

已验证以下步骤可在14.04上工作:

安装SNMP及其守护进程(sudo apt-get install snmp snmpd)之后,您将需要编辑文件/etc/snmp/snmp.conf并注释掉包含“ mibs”的行。

在此文件中,更改以下行:

mibs :


#mibs :

接下来,假设您尚未执行此操作,则需要获取完整的IETF MIB集。由于许可问题,这些文件默认情况下不在Debian / Ubuntu系统上发布。

从终端(Ctrl- - Alt),t输入以下命令:

sudo apt-get install snmp-mibs-downloader

sudo download-mibs

然后,您将需要进行修改/etc/snmp/snmpd.conf

  1. 要允许SNMP,系统将在其环回地址以外的接口上接收查询。该行应如下所示:

    #  Listen for connections from the local system only
#  agentAddress  udp:127.0.0.1:161
#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
agentAddress udp:161,udp6:[::1]:161

    请注意,这将允许ANY系统查询您的计算机。您将需要对此进行调整,以限制对设备的SNMP访问。

  2. 现在,您需要将只读SNMP字符串从public更改为您选择的自定义字符串,如下所示:

    #rocommunity public  default    -V systemonly
rocommunity <My$ecret$tr1nG> (don't use this example!)

    注意:-V systemonly从行中删除将允许访问整个MIB树,而不是将其限制在树的系统部分。

  3. 重新启动SNMP守护程序

    sudo service snmpd restart

最后,您的SNMP查询现在应该正确响应。

例如:

snmpwalk -v 2c -c <My$ecret$tr1nG> <MachineName> ipadd

IP-MIB::ipAdEntAddr.127.0.0.1 = IpAddress: 127.0.0.1
IP-MIB::ipAdEntAddr.192.168.1.7 = IpAddress: 192.168.1.7
IP-MIB::ipAdEntIfIndex.127.0.0.1 = INTEGER: 1
IP-MIB::ipAdEntIfIndex.192.168.1.7 = INTEGER: 2
IP-MIB::ipAdEntNetMask.127.0.0.1 = IpAddress: 255.0.0.0
IP-MIB::ipAdEntNetMask.192.168.1.7 = IpAddress: 255.255.255.0
IP-MIB::ipAdEntBcastAddr.127.0.0.1 = INTEGER: 0
IP-MIB::ipAdEntBcastAddr.192.168.1.7 = INTEGER: 1

请参阅以下答案以获取其他参考:

如何在Ubuntu 12.04中获取或配置IP-MIB?

什么是SNMP?

凯文·鲍恩
source
0

我将从以.1的视图开始的股票配置开始,启用调试日志记录,然后尝试获取对OID的查询。老实说,我从来没有掌握过MIB,而且由于我只将SNMP用于MRTG和cacti之类的东西,所以我从来不需要真正了解更多。看看是否可以获得最简单的配置,然后在尾随相关日志文件的同时一次添加一个元素。

约翰·奥利弗(John Oliver)
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.