From 4d9e51a00545278a3390938b9c20eef3e5133862 Mon Sep 17 00:00:00 2001
From: hagbard <vyosdev@derith.de>
Date: Mon, 15 Jul 2019 11:25:12 -0700
Subject: [T1299] - SNMP extension with custom scripts

(cherry picked from commit 334677572aef752b0bf2c893bd14bdf6f801bb4b)
---
 src/conf_mode/snmp.py | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py
index f5470cd14..f796e9978 100755
--- a/src/conf_mode/snmp.py
+++ b/src/conf_mode/snmp.py
@@ -197,6 +197,13 @@ trapsess -v 3 {{ '-Ci' if t.type == 'inform' }} -e {{ v3_engineid }} -u {{ t.sec
 group {{ u.group }} usm {{ u.name }}
 {% endfor %}
 {%- endif %}
+
+{% if script_ext %}
+# extension scripts
+{%- for ext in script_ext|sort %}
+extend\t{{ext}}\t{{script_ext[ext]}}
+{%- endfor %}
+{% endif %}
 """
 
 # SNMP template (/etc/default/snmpd) - be careful if you edit the template.
@@ -229,7 +236,8 @@ default_config_data = {
     'v3_groups': [],
     'v3_traps': [],
     'v3_users': [],
-    'v3_views': []
+    'v3_views': [],
+    'script_ext': {}
 }
 
 def rmfile(file):
@@ -334,6 +342,14 @@ def get_config():
 
             snmp['trap_targets'].append(trap_tgt)
 
+    #
+    # 'set service snmp script-extensions'
+    #
+    if conf.exists('script-extensions'):
+      for extname in conf.list_nodes('script-extensions extension-name'):
+        snmp['script_ext'][extname] = '/config/user-data/' + conf.return_value('script-extensions extension-name ' + extname + ' script')
+
+
     #########################################################################
     #                ____  _   _ __  __ ____          _____                 #
     #               / ___|| \ | |  \/  |  _ \  __   _|___ /                 #
@@ -525,6 +541,14 @@ def verify(snmp):
     if snmp is None:
         return None
 
+    ### check if the configured script actually exist under /config/user-data
+    if snmp['script_ext']:
+        for ext in snmp['script_ext']:
+            if not os.path.isfile(snmp['script_ext'][ext]):
+                print ("WARNING: script: " + snmp['script_ext'][ext] + " doesn\'t exist")
+            else:
+                os.chmod(snmp['script_ext'][ext], 0o555)
+
     for listen in snmp['listen_address']:
         addr = listen[0]
         port = listen[1]
@@ -569,7 +593,6 @@ def verify(snmp):
             if not 'seclevel' in group.keys():
                 raise ConfigError('"seclevel" must be specified')
 
-
     if 'v3_traps' in snmp.keys():
         for trap in snmp['v3_traps']:
             if trap['authPassword'] and trap['authMasterKey']:
-- 
cgit v1.2.3