summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rw-r--r--scripts/vyatta-show-snmp-v3.pl168
-rwxr-xr-xscripts/vyatta-show-snmp.pl28
2 files changed, 191 insertions, 5 deletions
diff --git a/scripts/vyatta-show-snmp-v3.pl b/scripts/vyatta-show-snmp-v3.pl
new file mode 100644
index 0000000..dc81623
--- /dev/null
+++ b/scripts/vyatta-show-snmp-v3.pl
@@ -0,0 +1,168 @@
+#! /usr/bin/perl
+
+use Getopt::Long;
+
+sub show_view() {
+ print <<END;
+
+SNMPv3 Views:
+
+END
+
+ foreach my $view ( listNodes("view") ) {
+ print "View : $view\nOIDs :\n";
+ foreach my $oid ( listNodes("view $view oid") ) {
+ my $exclude = '';
+ $exclude = ' exclude'
+ if ( isExists("view $view oid $oid exclude") );
+ my $mask = '';
+ if ( isExists("view $view oid $oid mask") ) {
+ my $value = returnValue("view $view oid $oid mask");
+ $mask = " mask $value";
+ }
+ print " .$oid$exclude$mask\n";
+ }
+ print "\n";
+ }
+}
+
+sub show_group() {
+ print <<END;
+
+SNMPv3 Groups:
+
+Group View
+----- ----
+END
+
+ foreach my $group ( listNodes("group") ) {
+ my $view = returnValue("group $group view");
+ my $mode = returnValue("group $group mode");
+ if ( length($group) >= 20 ) {
+ print "$group\n $view($mode)\n";
+ }
+ else {
+ $~ = "GROUP_FORMAT";
+ format GROUP_FORMAT =
+@<<<<<<<<<<<<<<<<<< @*(@*)
+$group $view $mode
+.
+ write;
+ }
+ }
+ print "\n";
+}
+
+sub show_user() {
+ print <<END;
+
+SNMPv3 Users:
+
+User Auth Priv Mode Group
+---- ---- ---- ---- -----
+END
+
+ foreach my $user ( listNodes("user") ) {
+ my $auth = returnValue("user $user auth type");
+ my $priv = returnValue("user $user privacy type");
+ my $mode = returnValue("user $user mode");
+ my $group = returnValue("user $user group");
+ if ( length($user) >= 20 ) {
+ print "$user\n $auth $priv $mode $group\n";
+ }
+ else {
+ $~ = "USER_FORMAT";
+ format USER_FORMAT =
+@<<<<<<<<<<<<<<<<<< @<<< @<<< @<<< @*
+$user $auth $priv $mode $group
+.
+ write;
+ }
+ }
+ print "\n";
+}
+
+sub show_trap() {
+ print <<END;
+
+SNMPv3 Trap-targets:
+
+Tpap-target Port Protocol Auth Priv Type EngineID User
+----------- ---- -------- ---- ---- ---- -------- ----
+END
+
+ foreach my $trap ( listNodes("trap-target") ) {
+ my $auth = returnValue("trap-target $trap auth type");
+ my $priv = returnValue("trap-target $trap privacy type");
+ my $type = returnValue("trap-target $trap type");
+ my $port = returnValue("trap-target $trap port");
+ my $user = returnValue("trap-target $trap user");
+ my $protocol = returnValue("trap-target $trap protocol");
+ my $engineid = returnValue("trap-target $trap engineid");
+ if ( length($trap) >= 30 ) {
+ $~ = "TRAP_BIG_FORMAT";
+ format TRAP_BIG_FORMAT =
+^*
+$trap
+ @<<<<< @<<<<<<< @<<< @<<< @<<<<< @<<<<<<<<<<<<<<<<<<<<... @*
+$port $protocol $auth $priv $type $engineid $user
+.
+ write;
+ }
+ else {
+ $~ = "TRAP_FORMAT";
+ format TRAP_FORMAT =
+@<<<<<<<<<<<<<<<<<<<<<<<<<<<< @<<<<< @<<<<<<< @<<< @<<< @<<<<< @<<<<<<<<<<<<<<<<<<<<... @*
+$trap $port $protocol $auth $priv $type $engineid $user
+.
+ write;
+ }
+ }
+ print "\n";
+}
+
+sub show_all() {
+ show_user();
+ show_group();
+ show_view();
+ show_trap();
+}
+
+sub listNodes {
+ my $path = shift;
+ my @nodes =
+ split( ' ', `cli-shell-api listActiveNodes service snmp v3 $path` );
+ return map { substr $_, 1, -1 } @nodes;
+}
+
+sub returnValue {
+ my $path = shift;
+ my $value = `cli-shell-api returnActiveValue service snmp v3 $path`;
+ return $value;
+}
+
+sub isExists {
+ my $path = shift;
+ system("cli-shell-api existsActive service snmp v3 $path");
+ return !$?;
+}
+
+my $all;
+my $view;
+my $group;
+my $user;
+my $trap;
+
+GetOptions(
+ "all!" => \$all,
+ "view!" => \$view,
+ "group!" => \$group,
+ "user!" => \$user,
+ "trap!" => \$trap,
+);
+
+show_all() if ($all);
+show_view() if ($view);
+show_group() if ($group);
+show_user() if ($user);
+show_trap() if ($trap);
diff --git a/scripts/vyatta-show-snmp.pl b/scripts/vyatta-show-snmp.pl
index 2346a6c..634b3cc 100755
--- a/scripts/vyatta-show-snmp.pl
+++ b/scripts/vyatta-show-snmp.pl
@@ -27,11 +27,14 @@ use NetAddr::IP;
my $SNMPDCFG = '/etc/snmp/snmpd.conf';
my $SNMPSTATUS = '/usr/bin/snmpstatus';
+my $password_file = '/config/snmp/superuser_pass';
# generate list of communities in configuration file
sub read_config {
my %community;
+ die "Service SNMP does not configured.\n" if (! -e $SNMPDCFG);
+
open( my $cfg, '<', $SNMPDCFG )
or die "Can't open $SNMPDCFG : $!\n";
@@ -65,14 +68,29 @@ sub status_any {
my %community = %{$cref};
my $localhost = new NetAddr::IP('localhost');
- die "No SNMP community's configured\n"
- unless scalar(%community);
-
- foreach my $c ( keys %community ) {
+ if (scalar(%community)) {
+ foreach my $c ( keys %community ) {
my $addr = $community{$c};
status( $c, $localhost->addr() ) if ( $addr->contains($localhost) );
+ }
+ }
+ status_v3();
+
+}
+
+sub status_v3 {
+ open (my $file, '<' , $password_file) or die "Couldn't open $password_file - $!";
+ my $superuser_pass = do { local $/; <$file> };
+ close $file;
+ open ($file, '<', $SNMPDCFG) or die "Couldn't open $SNMPDCFG - $!";
+ my $superuser_login = '';
+ while (my $line = <$file>) {
+ if ($line =~ /^iquerySecName (.*)$/) {
+ $superuser_login = $1;
+ }
}
- die "No SNMP community's accessible from ", $localhost->addr(), "\n";
+ close $file;
+ exec $SNMPSTATUS, '-v3', '-l', 'authNoPriv', '-u', $superuser_login, '-A', $superuser_pass, 'localhost';
}
# check status of one community