AIX6.1 配置snmp方法如下:
1. #/usr/sbin/snmpv3_ssw -n
2. #vi /etc/snmpdv3.conf (修改红色部分为如下内容)
- # @(#)88 1.8 src/tcpip/etc/snmpdv3.conf, snmp, tcpip61D, d2007_49A2 10/3/07 15:19:01
- # IBM_PROLOG_BEGIN_TAG
- # This is an automatically generated prolog.
- #
- # tcpip61D src/tcpip/etc/snmpdv3.conf 1.8
- #
- # Licensed Materials - Property of IBM
- #
- # Restricted Materials of IBM
- #
- # COPYRIGHT International Business Machines Corp. 2002,2007
- # All Rights Reserved
- #
- # US Government Users Restricted Rights - Use, duplication or
- # disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
- #
- # IBM_PROLOG_END_TAG
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # General syntax rules about the snmpdv3.conf file:
- # An entry must be contained on one line (i.e., the newline character will
- # be treated as the end of an entry)
- # All of the entry definitions require that all fields on the entry are
- # specified, either with a specific value or a dash (-) to denote the
- # default value.
- # If an error is detected processing an entry and no appropriate default
- # value can be assumed, the entry will be discarded.
- # Statements in the file are not order-dependent. However if more than one
- # DEFAULT_SECURITY statement is found, the last one in the file is the one
- # that is used.
- # Comments may be entered in the snmpdv3.conf file, with the following
- # restrictions:
- # Comments must begin with the pound sign (#) or asterisk (*).
- # Comments must begin in column 1; this allows the pound sign and asterisk
- # to be used in names of users, views, etc.
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # USM_USER entries
- # Defines a user for the User-based Security Model (USM).
- # Format is:
- # userName engineID authProto authKey privProto privKey keyType storageType
- #
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # VACM_GROUP entries
- # Defines a security group (made up of users or communities)
- # for the View-based Access Control Model (VACM).
- # Format is:
- # groupName securityModel securityName storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # VACM_VIEW entries
- # Defines a particular set of MIB data, called a view, for the
- # View-based Access Control Model.
- # Format is:
- # viewName viewSubtree viewMask viewType storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # VACM_ACCESS entries
- # Identifies the access permitted to different security groups
- # for the View-based Access Control Model.
- # Format is:
- # groupName contextPrefix contextMatch securityLevel securityModel readView writeView notifyView storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # NOTIFY entries
- # Identifies management targets to receive notifications.
- # Format is:
- # notifyName tag type storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # TARGET_ADDRESS
- # Defines a management application's address and parameters
- # to be used in sending notifications.
- # Format is:
- # targetAddrName tDomain tAddress tagList targetParams timeout retryCount storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # TARGET_PARAMETERS
- # Defines the message processing and security parameters
- # to be used in sending notifications to a particular management target.
- # Format is:
- # paramsName mpModel securityModel securityName securityLevel storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # COMMUNITY
- # Defines a community for community-based security.
- # Format is:
- # communityName securityName securityLevel netAddr netMask storageType
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # DEFAULT_SECURITY
- # Identifies the default security posture to be configured for the SNMP agent;
- # additional security definitions defined by the use of the preceding eight entry
- # definition types augment any default security configurations defined
- # as a result of the DEFAULT_SECURITY statement.
- # Format is:
- # securityPosture password privacy
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # logging file= enabled|disabled
- # logging size= level=
- #
- # where specifies the complete path and filename of the
- # log file, enabled turns logging on, disabled turns logging off,
- # specifies the maximum size in bytes of the specified logfile, and
- # specifies the logging level of 0, 1, 2, 3, or 4.
- # The size default is 100000, and the level default is 0.
- # There can be no white spaces around the "=" in the file, size and level fields.
- # There are no restrictions on the order in which the fields are entered in the
- # logging entries. A logging entry can contain single or multiple fields.
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- # smux
- #
- # where is the unique object identifer in dotted
- # decimal notation of the SMUX peer client. specifies the
- # password that snmpd requires from the SMUX peer client to authenticate
- # the SMUX association. is either the hostname, or an IPv4 address
- # in dotted notation of the host, or an IPv6 address on which the SMUX peer
- # client is executing.
- # specifies the network mask for IPv4 address, or a prefix length for
- # IPv6 address. If no password is specified, there is no authentication for the
- # SMUX association. The default address and netmask are 127.0.0.1 and 255.255.255.255.
- # If neither the address nor netmask are specified, the SMUX association
- # is limited to the local host. Fields to the right of
- # are optional, with the limitation that no fields
- # to the left of a specified field are omitted.
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- #----------------------------------------------------------------------------------------------------------------------------------------------------------
- VACM_GROUP group1 SNMPv1 public -
- VACM_VIEW defaultView internet - included -
- VACM_VIEW defaultView 1.3.6.1.4.1.2.2.1.1.1.0 - included -
- VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191.1.6 - included -
- # exclude snmpv3 related MIBs from the default view
- VACM_VIEW defaultView snmpModules - excluded -
- VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
- VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -
- # exclude aixmibd managed MIBs from the default view
- VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -
- VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -
- NOTIFY notify1 traptag trap -
- TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - -
- TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 public noAuthNoPriv -
- COMMUNITY public public noAuthNoPriv 0.0.0.0 0.0.0.0 -
- DEFAULT_SECURITY no-access - -
- logging file=/usr/tmp/snmpdv3.log enabled
- logging size=100000 level=0
- smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated
- VACM_GROUP director_group SNMPv2c public -
- VACM_ACCESS director_group - - noAuthNoPriv SNMPv2c defaultView - defaultView -
3. 停止snmpd及相关进程
# stopsrc -s aixmibd; stopsrc -s hostmibd; stopsrc -s snmpmibd; stopsrc -s snmpd
4. 启动snmpd及相关进程
#startsrc -s aixmibd -a "-c public"; startsrc -s hostmibd -a "-c public"
#startsrc -s snmpmibd -a "-c public"; startsrc -s snmpd
5. 配置开机启动
snmpd及相关进程开机启动是通过/et/rc.tcpip.
snmpd /etc/rc.tcpip
start /usr/sbin/snmpd "$src_running"
mib /etc/rc.tcpip (在如下内容后面增加团体字)
# Start up the hostmibd daemon
start /usr/sbin/hostmibd "$src_running" "-c public"
# Start up the snmpmibd daemon
start /usr/sbin/snmpmibd "$src_running" "-c public"
# Start up the aixmibd daemon
start /usr/sbin/aixmibd "$src_running" "-c public"
阅读(9792) | 评论(0) | 转发(2) |