diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-01-19 08:06:54 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-19 08:06:54 +0100 |
| commit | 56074c22eb7420bdaa12b41e42b61ef1d9583cd3 (patch) | |
| tree | ea788f5e51533996e0b9eca4730719ddcb40e507 /src | |
| parent | 1f34027a1cb85c289da0f3b2b74263a80118bee7 (diff) | |
| parent | 67fa5f55ac79838768b4b0a5f6d2c4b3b4c8e762 (diff) | |
| download | vyos-1x-56074c22eb7420bdaa12b41e42b61ef1d9583cd3.tar.gz vyos-1x-56074c22eb7420bdaa12b41e42b61ef1d9583cd3.zip | |
Merge pull request #1697 from nicolas-fort/snmp_rework
T4857: SNMP: Implement FRR SNMP Recomendations
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/snmp.py | 4 | ||||
| -rwxr-xr-x | src/migration-scripts/snmp/2-to-3 | 57 |
2 files changed, 61 insertions, 0 deletions
diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 914ec245c..ab2ccf99e 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -166,6 +166,10 @@ def verify(snmp): if 'community' not in trap_config: raise ConfigError(f'Trap target "{trap}" requires a community to be set!') + if 'oid_enable' in snmp: + Warning(f'Custom OIDs are enabled and may lead to system instability and high resource consumption') + + verify_vrf(snmp) # bail out early if SNMP v3 is not configured diff --git a/src/migration-scripts/snmp/2-to-3 b/src/migration-scripts/snmp/2-to-3 new file mode 100755 index 000000000..5f8d9c88d --- /dev/null +++ b/src/migration-scripts/snmp/2-to-3 @@ -0,0 +1,57 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2022 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# T4857: Implement FRR SNMP recomendations +# cli changes from: +# set service snmp oid-enable route-table +# To +# set service snmp oid-enable ip-forward + +import re + +from sys import argv +from sys import exit + +from vyos.configtree import ConfigTree +from vyos.ifconfig import Section + +if (len(argv) < 1): + print("Must specify file name!") + exit(1) + +file_name = argv[1] + +with open(file_name, 'r') as f: + config_file = f.read() + +base = ['service snmp'] +config = ConfigTree(config_file) + +if not config.exists(base): + # Nothing to do + exit(0) + +if config.exists(base + ['oid-enable']): + config.delete(base + ['oid-enable']) + config.set(base + ['oid-enable'], 'ip-forward') + + +try: + with open(file_name, 'w') as f: + f.write(config.to_string()) +except OSError as e: + print("Failed to save the modified config: {}".format(e)) + exit(1) |