分类: 系统运维
2013-06-13 14:17:37
- By: Bian Jiang ()
- From:
- Date: 2008.11.11
1.mib 库文件 BVCOM-SYSTEMUPTIME-MIB.txt:
BVCOM-SYSTEMUPTIME-MIB DEFINITIONS ::= BEGIN IMPORTS TimeTicks FROM SNMPv2-SMI enterprises FROM SNMPv2-SMI OBJECT-TYPE, Integer32, MODULE-IDENTITY FROM SNMPv2-SMI; bvcom OBJECT IDENTIFIER ::= { enterprises 26814 } ipq6800 OBJECT IDENTIFIER ::= { bvcom 6800 } bvcomAgentModules OBJECT IDENTIFIER ::= { ipq6800 1 } bvcomAgentModuleObject OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This is an object that simply supports a writable integer when compiled into the agent. See for further implementation details." DEFVAL { 1 } ::= { bvcomAgentModules 1 } bvcomAgentSubagentObject OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This is an object that simply supports a writable integer when attached to the agent. The object should be accessible when the agentx subagent containing this object is attached. See for further implementation details." DEFVAL { 2 } ::= { bvcomAgentModules 2 } bvcomAgentPluginObject OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This is an object that simply supports a writable integer when attached to the agent. This object should be accessible when the dynamic plugin has been loaded into the agent. See for further implementation details." DEFVAL { 3 } ::= { bvcomAgentModules 3 } END
PS: 如果找不到mib库可以在/etc/profile文件中增加SNMPCONFPATH环境变量
export SNMPCONFPATH=/usr/local/share/snmp/export MIBS=ALL
2.复制mib库文件到/usr/local/share/snmp/mibs/:
sudo cp BVCOM-SYSTEMUPTIME-MIB.txt /usr/local/share/snmp/mibs/
3.加载mib库:
cat /usr/local/share/snmp/snmp.conf mibs +BVCOM-SYSTEMUPTIME-MIB
4.检查mib是否正常加载:
border@debian:/work/border/snmp/example-demon$ snmptranslate -IR -Tp bvcom +--bvcom(26814) | +--ipq6800(6800) | +--bvcomAgentModules(1) | +-- -RW- Integer32 bvcomAgentModuleObject(1) +-- -RW- Integer32 bvcomAgentSubagentObject(2) +-- -RW- Integer32 bvcomAgentPluginObject(3)
5.查看mib2c支持的模板:
border@debian:/work/border/snmp/example-demon$ ls /usr/local/share/snmp/ mib2c.access_functions.conf mib2c.create-dataset.conf mib2c.scalar.conf mib2c.array-user.conf mib2c-data mib2c.table_data.conf mib2c.check_values.conf mib2c.genhtml.conf mibs mib2c.check_values_local.conf mib2c.int_watch.conf snmp.conf mib2c.column_defines.conf mib2c.iterate_access.conf snmp.conf~ mib2c.column_enums.conf mib2c.iterate.conf snmpconf-data mib2c.column_storage.conf mib2c.mfd.conf snmpd.conf mib2c.conf mib2c.notify.conf snmp_perl.pl mib2c.container.conf mib2c.old-api.conf snmp_perl_trapd.pl
6.通过模板生成.c 和 .h 文件:
border@debian:/work/border/snmp/example-demon$ mib2c -c mib2c.int_watch.conf bvcomAgentModules writing to - *** Warning: only generating code for nodes of MIB type INTEGER writing to bvcomAgentModules.h writing to bvcomAgentModules.c running indent on bvcomAgentModules.c running indent on bvcomAgentModules.h
7.通过 snmp_agent_api 编写守护程序 example-demon.c:
#include#include #include #include #include "bvcomAgentModules.h" static int keep_running; RETSIGTYPE stop_server(int a) { keep_running = 0; } int main (int argc, char **argv) { int agentx_subagent=0; /* change this if you want to be a SNMP master agent */ int background = 0; /* change this if you want to run in the background */ int syslog = 0; /* change this if you want to use syslog */ /* print log errors to syslog or stderr */ if (syslog) snmp_enable_calllog(); else snmp_enable_stderrlog(); /* we're an agentx subagent? */ if (agentx_subagent) { /* make us a agentx client. */ netsnmp_ds_set_boolean(NETSNMP_DS_APPLICATION_ID, NETSNMP_DS_AGENT_ROLE, 1); } /* run in background, if requested */ if (background && netsnmp_daemonize(1, !syslog)) exit(1); /* Initialize tcpip, if necessary */ SOCK_STARTUP; /* Initialize the agent library */ init_agent("example-demon"); // 配置文件名 /* Initialize our mib code here */ printf("Before init bvcomAgentModules \n"); init_bvcomAgentModules(); // 加载节点信息 printf("End init bvcomAgentModules \n"); /* initialize vacm/usm access control */ if (!agentx_subagent) { void init_vacm_vars(); void init_usmUser(); } /* Example-demon will be used to read example-demon.conf files. */ init_snmp("example-demon"); /* If we're going to be a snmp master agent, initial the ports */ if (!agentx_subagent) init_master_agent(); /* open the port to listen on (defaults to udp:161) */ printf("---------------------\n"); /* In case we recevie a request to stop (kill -TERM or kill -INT) */ keep_running = 1; signal(SIGTERM, stop_server); signal(SIGINT, stop_server); snmp_log(LOG_INFO,"example-demon is up and running.\n"); /* your main loop here... */ while(keep_running) { /* if you use select(), see snmp_select_info() in snmp_api(3) */ /* --- OR --- */ agent_check_and_process(1); /* 0 == don't block */ } /* at shutdown time */ snmp_shutdown("example-demon"); SOCK_CLEANUP; return 0; }
8.Makefile:
CC=gcc OBJS2=example-demon.o bvcomAgentModules.o TARGETS=example-demon CFLAGS=-I. `net-snmp-config --cflags` BUILDLIBS=`net-snmp-config --libs` BUILDAGENTLIBS=`net-snmp-config --agent-libs` # shared library flags (assumes gcc) DLFLAGS=-fPIC -shared all: $(TARGETS) example-demon: $(OBJS2) $(CC) -o example-demon $(OBJS2) $(BUILDAGENTLIBS) clean: rm $(OBJS2) $(OBJS2) $(TARGETS)
9.example-demon.conf:
############################################################################### # Access Control ############################################################################### # sec.name source community com2sec local localhost public com2sec mynetwork 192.168.0.0/24 public #### # Second, map the security names into group names: # sec.model sec.name group MyRWGroup v1 local group MyRWGroup v2c local group MyRWGroup usm local group MyROGroup v1 mynetwork group MyROGroup v2c mynetwork group MyROGroup usm mynetwork #### # Third, create a view for us to let the groups have rights to: # incl/excl subtree mask view all included .1 80 #### # Finally, grant the 2 groups access to the 1 view with different # write permissions: # context sec.model sec.level match read write notif access MyROGroup "" any noauth exact all none none access MyRWGroup "" any noauth exact all all none agentaddress 161
10.运行example-demon 时要用超级管理员运行,不然会出错:
sudo ./example-demon
a.没有用超级管理员时,报的错误:
border@debian:/work/border/snmp/example-demon$ ./example-demon netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() netsnmp_assert !"registration != duplicate" failed agent_registry.c:535 netsnmp_subtree_load() Before init bvcomAgentModules End init bvcomAgentModules Error opening specified endpoint "161" --------------------- example-demon is up and running. read_config_store open failure on /var/net-snmp/example-demon.conf read_config_store open failure on /var/net-snmp/example-demon.conf read_config_store open failure on /var/net-snmp/example-demon.conf
b.如果 报Error opening specified endpoint “”错,说明example-demon.conf配置文件没有agentaddress 161
11.拷贝配置文件到 ~/.snmp/目录下:
cp example-demon.conf /home/border/.snmp/
12.sudo ./example-demon:
border@debian:~$ snmpwalk -v1 -c public localhost bvcom BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003 End of MIB
验证:
border@debian:~$ snmpget -v1 -c public localhost bvcomAgentModuleObject.0 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001 border@debian:~$ snmpgetnext -v1 -c public localhost bvcomAgentModuleObject.0 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002
13.支持snmpv3 在配置文件中增加:
rwuser border rwuser border1 createUser border MD5 "bvcombjbj" DES createUser border1 SHA "bvcombjbj" AES (最后一行也可以这样写:createUser border1 SHA "bvcombjbj" AES128)
通过如下命令验证:
a.验证MD5:
snmpwalk -v3 -l authPriv -u border -A bvcombjbj -X bvcombjbj localhost bvcom BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003
b.验证SHA:
snmpwalk -v3 -l authPriv -u border1 -a SHA -x AES -A bvcombjbj -X bvcombjbj localhost bvcom BVCOM-SYSTEMUPTIME-MIB::bvcomAgentModuleObject.0 = INTEGER: 68001 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentSubagentObject.0 = INTEGER: 68002 BVCOM-SYSTEMUPTIME-MIB::bvcomAgentPluginObject.0 = INTEGER: 68003
如果你采用的是AES128,就需要把-x AES改为-x AES128:
snmpwalk -v3 -l authPriv -u border1 -a SHA -x AES128 -A bvcombjbj -X bvcombjbj localhost bvcom
- 用NET-SNMP软件包开发简单客户端代理
- snmpd.examples 配置信息相关
- snmp_agent_api
- Tutorial
–EOF–