diff options
Diffstat (limited to 'data/templates/snmp')
-rw-r--r-- | data/templates/snmp/etc.snmp.conf.tmpl | 4 | ||||
-rw-r--r-- | data/templates/snmp/etc.snmpd.conf.tmpl | 115 | ||||
-rw-r--r-- | data/templates/snmp/override.conf.tmpl | 13 | ||||
-rw-r--r-- | data/templates/snmp/usr.snmpd.conf.tmpl | 6 | ||||
-rw-r--r-- | data/templates/snmp/var.snmpd.conf.tmpl | 14 |
5 files changed, 152 insertions, 0 deletions
diff --git a/data/templates/snmp/etc.snmp.conf.tmpl b/data/templates/snmp/etc.snmp.conf.tmpl new file mode 100644 index 000000000..6e4c6f063 --- /dev/null +++ b/data/templates/snmp/etc.snmp.conf.tmpl @@ -0,0 +1,4 @@ +### Autogenerated by snmp.py ### +{% if trap_source %} +clientaddr {{ trap_source }} +{% endif %} diff --git a/data/templates/snmp/etc.snmpd.conf.tmpl b/data/templates/snmp/etc.snmpd.conf.tmpl new file mode 100644 index 000000000..278506350 --- /dev/null +++ b/data/templates/snmp/etc.snmpd.conf.tmpl @@ -0,0 +1,115 @@ +### Autogenerated by snmp.py ### + +# non configurable defaults +sysObjectID 1.3.6.1.4.1.44641 +sysServices 14 +master agentx +agentXPerms 0777 0777 +pass .1.3.6.1.2.1.31.1.1.1.18 /opt/vyatta/sbin/if-mib-alias +smuxpeer .1.3.6.1.2.1.83 +smuxpeer .1.3.6.1.2.1.157 +smuxsocket localhost + +# linkUp/Down configure the Event MIB tables to monitor +# the ifTable for network interfaces being taken up or down +# for making internal queries to retrieve any necessary information +iquerySecName {{ vyos_user }} + +# Modified from the default linkUpDownNotification +# to include more OIDs and poll more frequently +notificationEvent linkUpTrap linkUp ifIndex ifDescr ifType ifAdminStatus ifOperStatus +notificationEvent linkDownTrap linkDown ifIndex ifDescr ifType ifAdminStatus ifOperStatus +monitor -r 10 -e linkUpTrap "Generate linkUp" ifOperStatus != 2 +monitor -r 10 -e linkDownTrap "Generate linkDown" ifOperStatus == 2 + +######################## +# configurable section # +######################## + +# Default system description is VyOS version +sysDescr VyOS {{ version }} + +{% if description %} +# Description +SysDescr {{ description }} +{% endif %} + +# Listen +agentaddress unix:/run/snmpd.socket{% if listen_on %}{% for li in listen_on %},{{ li }}{% endfor %}{% else %},udp:161{% if ipv6_enabled %},udp6:161{% endif %}{% endif %} + +# SNMP communities +{% for c in communities %} +{% if c.network_v4 %} +{% for network in c.network_v4 %} +{{ c.authorization }}community {{ c.name }} {{ network }} +{% endfor %} +{% elif not c.has_source %} +{{ c.authorization }}community {{ c.name }} +{% endif %} +{% if c.network_v6 %} +{% for network in c.network_v6 %} +{{ c.authorization }}community6 {{ c.name }} {{ network }} +{% endfor %} +{% elif not c.has_source %} +{{ c.authorization }}community6 {{ c.name }} +{% endif %} +{% endfor %} + +{% if contact %} +# system contact information +SysContact {{ contact }} +{% endif %} + +{% if location %} +# system location information +SysLocation {{ location }} +{% endif %} + +{% if smux_peers %} +# additional smux peers +{% for sp in smux_peers %} +smuxpeer {{ sp }} +{% endfor %} +{% endif %} + +{% if trap_targets %} +# if there is a problem - tell someone! +{% for trap in trap_targets %} +trap2sink {{ trap.target }}{{ ":" + trap.port if trap.port is defined }} {{ trap.community }} +{% endfor %} +{% endif %} + +{% if v3_enabled %} +# +# SNMPv3 stuff goes here +# +# views +{% for view in v3_views %} +{% for oid in view.oids %} +view {{ view.name }} included .{{ oid.oid }} +{% endfor %} +{% endfor %} + +# access +# context sec.model sec.level match read write notif +{% for group in v3_groups %} +access {{ group.name }} "" usm {{ group.seclevel }} exact {{ group.view }} {% if group.mode == 'ro' %}none{% else %}{{ group.view }}{% endif %} none +{% endfor %} + +# trap-target +{% for t in v3_traps %} +trapsess -v 3 {{ '-Ci' if t.type == 'inform' }} -e {{ v3_engineid }} -u {{ t.secName }} -l {{ t.secLevel }} -a {{ t.authProtocol }} {% if t.authPassword %}-A {{ t.authPassword }}{% elif t.authMasterKey %}-3m {{ t.authMasterKey }}{% endif %} -x {{ t.privProtocol }} {% if t.privPassword %}-X {{ t.privPassword }}{% elif t.privMasterKey %}-3M {{ t.privMasterKey }}{% endif %} {{ t.ipProto }}:{{ t.ipAddr }}:{{ t.ipPort }} +{% endfor %} + +# group +{% for u in v3_users %} +group {{ u.group }} usm {{ u.name }} +{% endfor %} +{% endif %} + +{% if script_ext %} +# extension scripts +{% for ext in script_ext|sort(attribute='name') %} +extend {{ ext.name }} {{ ext.script }} +{% endfor %} +{% endif %} diff --git a/data/templates/snmp/override.conf.tmpl b/data/templates/snmp/override.conf.tmpl new file mode 100644 index 000000000..e6302a9e1 --- /dev/null +++ b/data/templates/snmp/override.conf.tmpl @@ -0,0 +1,13 @@ +{% set vrf_command = '/sbin/ip vrf exec ' + vrf + ' ' if vrf is defined else '' %} +[Unit] +StartLimitIntervalSec=0 +After=vyos-router.service + +[Service] +Environment= +Environment="MIBSDIR=/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp" +ExecStart= +ExecStart={{vrf_command}}/usr/sbin/snmpd -LS0-5d -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -ipCidrRouteTable,inetCidrRouteTable -f -p /run/snmpd.pid +Restart=on-failure +RestartSec=10 + diff --git a/data/templates/snmp/usr.snmpd.conf.tmpl b/data/templates/snmp/usr.snmpd.conf.tmpl new file mode 100644 index 000000000..9c0337fa8 --- /dev/null +++ b/data/templates/snmp/usr.snmpd.conf.tmpl @@ -0,0 +1,6 @@ +### Autogenerated by snmp.py ### +{%- for u in v3_users %} +{{ u.mode }}user {{ u.name }} +{%- endfor %} + +rwuser {{ vyos_user }} diff --git a/data/templates/snmp/var.snmpd.conf.tmpl b/data/templates/snmp/var.snmpd.conf.tmpl new file mode 100644 index 000000000..6cbc687ef --- /dev/null +++ b/data/templates/snmp/var.snmpd.conf.tmpl @@ -0,0 +1,14 @@ +### Autogenerated by snmp.py ### +# user +{%- for u in v3_users %} +{%- if u.authOID == 'none' %} +createUser {{ u.name }} +{%- else %} +usmUser 1 3 0x{{ v3_engineid }} "{{ u.name }}" "{{ u.name }}" NULL {{ u.authOID }} 0x{{ u.authMasterKey }} {{ u.privOID }} 0x{{ u.privMasterKey }} 0x +{%- endif %} +{%- endfor %} + +createUser {{ vyos_user }} MD5 "{{ vyos_user_pass }}" DES +{%- if v3_engineid %} +oldEngineID 0x{{ v3_engineid }} +{%- endif %} |