### Autogenerated by snmp.py ### # non configurable defaults sysObjectID 1.3.6.1.4.1.44641 sysServices 14 master agentx agentXPerms 0777 0777 pass .1.3.6.1.2.1.31.1.1.1.18 /opt/vyatta/sbin/if-mib-alias smuxpeer .1.3.6.1.2.1.83 smuxpeer .1.3.6.1.2.1.157 smuxsocket localhost # linkUp/Down configure the Event MIB tables to monitor # the ifTable for network interfaces being taken up or down # for making internal queries to retrieve any necessary information iquerySecName {{ vyos_user }} # Modified from the default linkUpDownNotification # to include more OIDs and poll more frequently notificationEvent linkUpTrap linkUp ifIndex ifDescr ifType ifAdminStatus ifOperStatus notificationEvent linkDownTrap linkDown ifIndex ifDescr ifType ifAdminStatus ifOperStatus monitor -r 10 -e linkUpTrap "Generate linkUp" ifOperStatus != 2 monitor -r 10 -e linkDownTrap "Generate linkDown" ifOperStatus == 2 # Remove all old ifTable entries with the same ifName as newly appeared # interface (with different ifIndex) - this is the case on e.g. ppp interfaces interface_replace_old yes ######################## # configurable section # ######################## # Default system description is VyOS version sysDescr VyOS {{ version }} {% if description is defined and description is not none %} # Description SysDescr {{ description }} {% endif %} # Listen {% set options = [] %} {% if listen_address is defined and listen_address is not none %} {% for address, address_options in listen_address.items() %} {% if address | is_ipv6 %} {% set protocol = protocol ~ '6' %} {% endif %} {% set _ = options.append(protocol ~ ':' ~ address | bracketize_ipv6 ~ ':' ~ address_options.port) %} {% endfor %} {% else %} {% set _ = options.append(protocol ~ ':161') %} {% if ipv6_disabled is not defined %} {% set _ = options.append(protocol ~ '6:161') %} {% endif %} {% endif %} agentaddress unix:/run/snmpd.socket{{ ',' ~ options | join(',') if options is defined and options is not none }} # SNMP communities {% if community is defined and community is not none %} {% for comm, comm_config in community.items() %} {% if comm_config.client is defined and comm_config.client is not none %} {% for client in comm_config.client %} {% if client | is_ipv4 %} {{ comm_config.authorization }}community {{ comm }} {{ client }} {% elif client | is_ipv6 %} {{ comm_config.authorization }}community6 {{ comm }} {{ client }} {% endif %} {% endfor %} {% endif %} {% if comm_config.network is defined and comm_config.network is not none %} {% for network in comm_config.network %} {% if network | is_ipv4 %} {{ comm_config.authorization }}community {{ comm }} {{ network }} {% elif client | is_ipv6 %} {{ comm_config.authorization }}community6 {{ comm }} {{ network }} {% endif %} {% endfor %} {% endif %} {% if comm_config.client is not defined and comm_config.network is not defined %} {{ comm_config.authorization }}community {{ comm }} {% endif %} {% endfor %} {% endif %} {% if contact is defined and contact is not none %} # system contact information SysContact {{ contact }} {% endif %} {% if location is defined and location is not none %} # system location information SysLocation {{ location }} {% endif %} {% if smux_peer is defined and smux_peer is not none %} # additional smux peers {% for peer in smux_peer %} smuxpeer {{ peer }} {% endfor %} {% endif %} {% if trap_target is defined and trap_target is not none %} # if there is a problem - tell someone! {% for trap, trap_config in trap_target.items() %} trap2sink {{ trap }}:{{ trap_config.port }} {{ trap_config.community }} {% endfor %} {% endif %} {% if v3 is defined and v3 is not none %} # # SNMPv3 stuff goes here # {% if v3.view is defined and v3.view is not none %} # views {% for view, view_config in v3.view.items() %} {% if view_config.oid is defined and view_config.oid is not none %} {% for oid in view_config.oid %} view {{ view }} included .{{ oid }} {% endfor %} {% endif %} {% endfor %} {% endif %} # access {% if v3.group is defined and v3.group is not none %} # context sec.model sec.level match read write notif {% for group, group_config in v3.group.items() %} access {{ group }} "" usm {{ group_config.seclevel }} exact {{ group_config.view }} {% if group_config.mode == 'ro' %}none{% else %}{{ group_config.view }}{% endif %} none {% endfor %} {% endif %} # trap-target {% if v3.trap_target is defined and v3.trap_target is not none %} {% for trap, trap_config in v3.trap_target.items() %} {% set options = '' %} {% if trap_config.type == 'inform' %} {% set options = options ~ ' -Ci' %} {% endif %} {% if v3.engineid is defined and v3.engineid is not none %} {% set options = options ~ ' -e "' ~ v3.engineid ~ '"' %} {% endif %} {% if trap_config.user is defined and trap_config.user is not none %} {% set options = options ~ ' -u ' ~ trap_config.user %} {% endif %} {% if trap_config.auth is defined and trap_config.auth.plaintext_password is defined or trap_config.auth.encrypted_password is defined %} {% set options = options ~ ' -a ' ~ trap_config.auth.type %} {% if trap_config.auth.plaintext_password is defined and trap_config.auth.plaintext_password is not none %} {% set options = options ~ ' -A ' ~ trap_config.auth.plaintext_password %} {% elif trap_config.auth.encrypted_password is defined and trap_config.auth.encrypted_password is not none %} {% set options = options ~ ' -3m ' ~ trap_config.auth.encrypted_password %} {% endif %} {% if trap_config.privacy is defined and trap_config.privacy.plaintext_password is defined or trap_config.privacy.encrypted_password is defined %} {% set options = options ~ ' -x ' ~ trap_config.privacy.type %} {% if trap_config.privacy.plaintext_password is defined and trap_config.privacy.plaintext_password is not none %} {% set options = options ~ ' -X ' ~ trap_config.privacy.plaintext_password %} {% elif trap_config.privacy.encrypted_password is defined and trap_config.privacy.encrypted_password is not none %} {% set options = options ~ ' -3M ' ~ trap_config.privacy.encrypted_password %} {% endif %} {% set options = options ~ ' -l authPriv' %} {% else %} {% set options = options ~ ' -l authNoPriv' %} {% endif %} {% else %} {% set options = options ~ ' -l noAuthNoPriv' %} {% endif %} trapsess -v 3 {{ options }} {{ trap }}:{{ trap_config.protocol }}:{{ trap_config.port }} {% endfor %} {% endif %} # group {% if v3.user is defined and v3.user is not none %} {% for user, user_config in v3.user.items() %} group {{ user_config.group }} usm {{ user }} {% endfor %} {% endif %} {# SNMPv3 end #} {% endif %} {% if script_extensions is defined and script_extensions.extension_name is defined and script_extensions.extension_name is not none %} # extension scripts {% for script, script_config in script_extensions.extension_name.items() | sort(attribute=script) %} extend {{ script }} {{ script_config.script }} {% endfor %} {% endif %}