From 77a25e95da48549f2791b677f4ba187e547b1c6a Mon Sep 17 00:00:00 2001 From: Nataliia Solomko Date: Thu, 7 Mar 2024 15:45:37 +0200 Subject: snmp: T2998: SNMP v3 oid "exclude" option fix --- data/templates/snmp/etc.snmpd.conf.j2 | 7 ++++++- interface-definitions/service_snmp.xml.in | 1 + smoketest/scripts/cli/test_service_snmp.py | 17 +++++++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/data/templates/snmp/etc.snmpd.conf.j2 b/data/templates/snmp/etc.snmpd.conf.j2 index b1ceb0451..9d91192fc 100644 --- a/data/templates/snmp/etc.snmpd.conf.j2 +++ b/data/templates/snmp/etc.snmpd.conf.j2 @@ -141,8 +141,13 @@ trap2sink {{ trap }}:{{ trap_config.port }} {{ trap_config.community }} # views {% for view, view_config in v3.view.items() %} {% if view_config.oid is vyos_defined %} -{% for oid in view_config.oid %} +{% for oid, oid_config in view_config.oid.items() %} view {{ view }} included .{{ oid }} +{% if oid_config.exclude is vyos_defined %} +{% for excluded in oid_config.exclude %} +view {{ view }} excluded .{{ excluded }} +{% endfor %} +{% endif %} {% endfor %} {% endif %} {% endfor %} diff --git a/interface-definitions/service_snmp.xml.in b/interface-definitions/service_snmp.xml.in index e16e9daa1..f23151ef9 100644 --- a/interface-definitions/service_snmp.xml.in +++ b/interface-definitions/service_snmp.xml.in @@ -543,6 +543,7 @@ Exclude is an optional argument + diff --git a/smoketest/scripts/cli/test_service_snmp.py b/smoketest/scripts/cli/test_service_snmp.py index 52a72ec4f..b3daa90d0 100755 --- a/smoketest/scripts/cli/test_service_snmp.py +++ b/smoketest/scripts/cli/test_service_snmp.py @@ -229,5 +229,22 @@ class TestSNMPService(VyOSUnitTestSHIM.TestCase): tmp = call(f'snmpwalk -v 3 -u {snmpv3_user} -a MD5 -A {snmpv3_auth_pw} -x DES -X {snmpv3_priv_pw} -l authPriv 127.0.0.1', stdout=DEVNULL) self.assertEqual(tmp, 0) + def test_snmpv3_view_exclude(self): + snmpv3_view_oid_exclude = ['1.3.6.1.2.1.4.21', '1.3.6.1.2.1.4.24'] + + self.cli_set(base_path + ['v3', 'group', snmpv3_group, 'view', snmpv3_view]) + self.cli_set(base_path + ['v3', 'view', snmpv3_view, 'oid', snmpv3_view_oid]) + + for excluded in snmpv3_view_oid_exclude: + self.cli_set(base_path + ['v3', 'view', snmpv3_view, 'oid', snmpv3_view_oid, 'exclude', excluded]) + + self.cli_commit() + + tmp = read_file(SNMPD_CONF) + # views + self.assertIn(f'view {snmpv3_view} included .{snmpv3_view_oid}', tmp) + for excluded in snmpv3_view_oid_exclude: + self.assertIn(f'view {snmpv3_view} excluded .{excluded}', tmp) + if __name__ == '__main__': unittest.main(verbosity=2) -- cgit v1.2.3