SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 

MAN page from Trustix net-snmp-5.4-2tr.i586.rpm

SNMP.CONF

Section: Net-SNMP (5)
Updated: 29 Jun 2005
Index 

NAME

snmp.conf - configuration files for the Net-SNMP applications 

DESCRIPTION

Applications built using the Net-SNMP libraries typically use one ormore configuration files to control various aspects of their operation.These files (snmp.conf and snmp.local.conf) can be locatedin one of several locations, as described in the snmp_config(5)manual page.

In particular, /etc/snmp/snmp.conf is a common file,containing the settings shared by all users of the system.~/.snmp/snmp.conf is a personal file, with the settingsspecific to a particular user. 

IMPORTANT NOTE

Several of these directives may contain sensitive information(such as pass phrases). Configuration files that include suchsettings should only be readable by the user concerned.

As well as application-specific configuration tokens, there areseveral directives that relate to standard library behaviour,relevant to most Net-SNMP applications. Many of these correspondto standard command-line options, which are described in thesnmpcmd(1) manual page.

These directives can be divided into several distinct groups. 

CLIENT BEHAVIOUR

defDomain application domain
The transport domain that should be used for a certain application type unlesssomething else is specified.
defTarget application domain target
The target that should be used for connections to a certain application if theconnection should be in a specific domain.
defaultPort PORT
defines the default UDP port that client SNMP applications willattempt to connect to. This can be overridden by explicitlyincluding a port number in the AGENT specification.See the snmpcmd(1) manual page for more details.
If not specified, the default value for this token is 161.
defVersion (1|2c|3)
defines the default version of SNMP to use.This can be overridden using the -v option.
defCommunity STRING
defines the default community to use for SNMPv1 and SNMPv2c requests.This can be overridden using the -c option.
dumpPacket yes
defines whether to display a hexadecimal dump of the raw SNMP requestssent and received by the application.This is equivalent to the -d option.
doDebugging (1|0)
turns on debugging for all applications run if set to 1.
debugTokens TOKEN[,TOKEN...]
defines the debugging tokens that should be turned on whendoDebugging is set.This is equivalent to the -D option.
16bitIDs yes
restricts requestIDs, etc to 16-bit values.
The SNMP specifications define these ID fields as 32-bit quantities,and the Net-SNMP library typically initialises them to random valuesfor security.However certain (broken) agents cannot handle ID values greater than2^16 - this option allows interoperability with such agents.
clientaddr [<transport-specifier>:]<transport-address>
specifies the source address to be used by command-line applicationswhen sending SNMP requests. See snmpcmd(1) for more informationabout the format of addresses.
This value is also used by snmpd when generating notifications.
clientRecvBuf INTEGER
specifies the desired size of the buffer to be used when receivingresponses to SNMP requests.If the OS hard limit is lower than the clientRecvBuf value,then this will be used instead.Some platforms may decide to increase the size of the bufferactually used for internal housekeeping.
This directive will be ignored if the platforms does not supportsetsockopt().
clientSendBuf INTEGER
is similar to clientRecvBuf, but applies to the sizeof the buffer used when sending SNMP requests.
noRangeCheck yes
disables the validation of varbind values against the MIB definitionfor the relevant OID.This is equivalent to the -Ir option.
This directive is primarily relevant to the snmpset command,but will also apply to any application that calls snmp_add_var()with a non-NULL value.
noTokenWarnings
disables warnings about unknown config file tokens.
reverseEncodeBER (1|yes|true|0|no|false)
controls how the encoding of SNMP requests is handled.
The default behaviour is to encode packets starting from the end ofthe PDU and working backwards.This directive can be used to disable this behaviour, and buildthe encoded request in the (more obvious) forward direction.
It should not normally be necessary to change this setting, asthe encoding is basically the same in either case - but workingbackwards typically produces a slightly more efficient encoding,and hence a smaller network datagram.
 

SNMPv3 SETTINGS

defSecurityName STRING
defines the default security name to use for SNMPv3 requests.This can be overridden using the -u option.
defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
defines the default security level to use for SNMPv3 requests.This can be overridden using the -l option.
If not specified, the default value for this token is noAuthNoPriv.
Note:
authPriv is only available if the software has been compiledto use the OpenSSL libraries.
defPassphrase STRING
defAuthPassphrase STRING
defPrivPassphrase STRING
define the default authentication and privacy pass phrases to usefor SNMPv3 requests.These can be overridden using the -A and -X options respectively.
The defPassphrasevalue will be used for the authentication and/or privacy pass phrasesif either of the other directives are not specified.
defAuthType MD5|SHA
defPrivType DES|AES
define the default authentication and privacy protocols to use forSNMPv3 requests.These can be overridden using the -a and -x options respectively.
If not specified, SNMPv3 requests will default to MD5 authenticationand DES encryption.
Note:
If the software has not been compiled to use the OpenSSL libraries,then only MD5 authentication is supported.Neither SHA authentication nor any form of encryption will be available.
defContext STRING
defines the default context to use for SNMPv3 requests.This can be overridden using the -n option.
If not specified, the default value for this token is the default context(i.e. the empty string "").
defSecurityModel STRING
defines the security model to use for SNMPv3 requests.The default value is "usm" which is the only widely used security model for SNMPv3.
defAuthMasterKey 0xHEXSTRING
defPrivMasterKey 0xHEXSTRING
defAuthLocalizedKey 0xHEXSTRING
defPrivLocalizedKey 0xHEXSTRING
define the (hexadecimal) keys to be used for SNMPv3 secure communications.SNMPv3 keys are frequently derived from a passphrase, as discussed inthe defPassphrase section above. However for improved security atruely random key can be generated and used instead (which wouldnormally has better entropy than a password unless it isamazingly long).The directives are equivalent to the short-formcommand line options -3m, -3M, -3k, and -3K.
Localized keys aremaster keys which have been converted to a unique key which is onlysuitable for on particular SNMP engine (agent). The length of the keyneeds to be appropriate for the authentication or encryption typebeing used (auth keys: MD5=16 bytes, SHA1=20 bytes;priv keys: DES=16 bytes (8bytes of which is used as an IV and not a key), and AES=16 bytes).
 

SERVER BEHAVIOUR

persistentDir DIRECTORY
defines the directory where snmpd and snmptrapd storepersistent configuration settings.
If not specified, the persistent directory defaults to/var/net-snmp
noPersistentLoad yes
noPersistentSave yes
disable the loading and saving of persistent configuration information.
Note:
This will break SNMPv3 operations (and other behaviour that relieson changes persisting across application restart). Use With Care.
tempFilePattern PATTERN
defines a filename template for creating temporary files,for handling input to and output from external shell commands.Used by the mkstemp() and mktemp() functions.
If not specified, the default pattern is /tmp/snmpdXXXXXX.
serverRecvBuf INTEGER
specifies the desired size of the buffer to be used when receivingincoming SNMP requests.If the OS hard limit is lower than the serverRecvBuf value,then this will be used instead.Some platforms may decide to increase the size of the bufferactually used for internal housekeeping.
This directive will be ignored if the platforms does not supportsetsockopt().
serverSendBuf INTEGER
is similar to serverRecvBuf, but applies to the sizeof the buffer used when sending SNMP responses.
 

MIB HANDLING

mibdirs DIRLIST
specifies a list of directories to search for MIB files.This operates in the same way as the -M option -see snmpcmd(1) for details.Note that this value can be overridden by theMIBDIRSenvironment variable, and the -M option.
mibs MIBLIST
specifies a list of MIB modules (not files) that should be loaded.This operates in the same way as the -m option -see snmpcmd(1) for details.Note that this list can be overridden by theMIBSenvironment variable, and the -m option.
mibfile FILE
specifies a (single) MIB file to load, in addition to thelist read from the mibs token (or equivalent configuration).Note that this value can be overridden by theMIBFILESenvironment variable.
showMibErrors (1|yes|true|0|no|false)
whether to display MIB parsing errors.
strictCommentTerm (1|yes|true|0|no|false)
whether MIB parsing should be strict about comment termination.Many MIB writers assume that ASN.1 comments extend to the end ofthe text line, rather than being terminated by the next "--" token.This token can be used to accept such (strictly incorrect) MIBs.
mibAllowUnderline (1|yes|true|0|no|false)
whether to allow underline characters in MIB object names andenumeration values.This token can be used to accept such (strictly incorrect) MIBs.
mibWarningLevel INTEGER
the minimum warning level of the warnings printed by the MIB parser.
 

OUTPUT CONFIGURATION

logTimestamp (1|yes|true|0|no|false)
Whether the commands should log timestamps with their error/messagelogging or not. Note that output will not look as pretty withtimestamps if the source code that is doing the logging doesincremental logging of messages that are not line buffered beforebeing passed to the logging routines. This option is only used when file logging is active.
printNumericEnums (1|yes|true|0|no|false)
Equivalent to-Oe.
printNumericOids (1|yes|true|0|no|false)
Equivalent to-On.
dontBreakdownOids (1|yes|true|0|no|false)
Equivalent to-Ob.
escapeQuotes (1|yes|true|0|no|false)
Equivalent to-OE.
quickPrinting (1|yes|true|0|no|false)
Equivalent to-Oq.
printValueOnly (1|yes|true|0|no|false)
Equivalent to-Ov.
dontPrintUnits (1|yes|true|0|no|false)
Equivalent to-OU.
numericTimeticks (1|yes|true|0|no|false)
Equivalent to-Ot.
printHexText (1|yes|true|0|no|false)
Equivalent to-OT.
hexOutputLength integer
Specifies where to break up the output of hexadecimal strings. Set to 0 to disable line breaks. Defaults to 16.
suffixPrinting (0|1|2)
The value 1 is equivalent to-Osand the value 2 is equivalent to-OS.
oidOutputFormat (1|2|3|4|5|6)
Maps -O options as follow: -Os=1, -OS=2, -Of=3, -On=4, -Ou=5.The value 6 has no matching -O option. It suppresses output.
extendedIndex (1|yes|true|0|no|false)
Equivalent to-OX.
noDisplayHint (1|yes|true|0|no|false)
Disables the use of DISPLAY-HINT information when parsing indices andvalues to set. Equivalent to-Ih.
 

FILES

/etc/snmp/snmp.conf,/etc/snmp/snmp.local.conf - common configuration settings
~/.snmp/snmp.conf - user-specific configuration settings 

SEE ALSO

snmp_config(5), read_config(3), snmpcmd(1).


 

Index

NAME
DESCRIPTION
IMPORTANT NOTE
CLIENT BEHAVIOUR
SNMPv3 SETTINGS
SERVER BEHAVIOUR
MIB HANDLING
OUTPUT CONFIGURATION
FILES
SEE ALSO

This document was created byman2html,using the manual pages.