blob: 30806ce8acd1ff90805b3bd8dfb97b2d0b957a82 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
### Autogenerated by snmp.py ###
# non configurable defaults
sysObjectID 1.3.6.1.4.1.44641
sysServices 14
master agentx
agentXPerms 0777 0777
pass .1.3.6.1.2.1.31.1.1.1.18 /opt/vyatta/sbin/if-mib-alias
smuxpeer .1.3.6.1.2.1.83
smuxpeer .1.3.6.1.2.1.157
smuxsocket localhost
# linkUp/Down configure the Event MIB tables to monitor
# the ifTable for network interfaces being taken up or down
# for making internal queries to retrieve any necessary information
iquerySecName {{ vyos_user }}
# Modified from the default linkUpDownNotification
# to include more OIDs and poll more frequently
notificationEvent linkUpTrap linkUp ifIndex ifDescr ifType ifAdminStatus ifOperStatus
notificationEvent linkDownTrap linkDown ifIndex ifDescr ifType ifAdminStatus ifOperStatus
monitor -r 10 -e linkUpTrap "Generate linkUp" ifOperStatus != 2
monitor -r 10 -e linkDownTrap "Generate linkDown" ifOperStatus == 2
# Remove all old ifTable entries with the same ifName as newly appeared
# interface (with different ifIndex) - this is the case on e.g. ppp interfaces
interface_replace_old yes
########################
# configurable section #
########################
# Default system description is VyOS version
sysDescr VyOS {{ version }}
{% if description %}
# Description
SysDescr {{ description }}
{% endif %}
# Listen
agentaddress unix:/run/snmpd.socket{% if listen_on %}{% for li in listen_on %},{{ li }}{% endfor %}{% else %},{{protocol}}:161{% if ipv6_enabled %},{{protocol}}6:161{% endif %}{% endif %}
# SNMP communities
{% for c in communities %}
{% if c.network_v4 %}
{% for network in c.network_v4 %}
{{ c.authorization }}community {{ c.name }} {{ network }}
{% endfor %}
{% elif not c.has_source %}
{{ c.authorization }}community {{ c.name }}
{% endif %}
{% if c.network_v6 %}
{% for network in c.network_v6 %}
{{ c.authorization }}community6 {{ c.name }} {{ network }}
{% endfor %}
{% elif not c.has_source %}
{{ c.authorization }}community6 {{ c.name }}
{% endif %}
{% endfor %}
{% if contact %}
# system contact information
SysContact {{ contact }}
{% endif %}
{% if location %}
# system location information
SysLocation {{ location }}
{% endif %}
{% if smux_peers %}
# additional smux peers
{% for sp in smux_peers %}
smuxpeer {{ sp }}
{% endfor %}
{% endif %}
{% if trap_targets %}
# if there is a problem - tell someone!
{% for trap in trap_targets %}
trap2sink {{ trap.target }}{{ ":" + trap.port if trap.port is defined }} {{ trap.community }}
{% endfor %}
{% endif %}
{% if v3_enabled %}
#
# SNMPv3 stuff goes here
#
# views
{% for view in v3_views %}
{% for oid in view.oids %}
view {{ view.name }} included .{{ oid.oid }}
{% endfor %}
{% endfor %}
# access
# context sec.model sec.level match read write notif
{% for group in v3_groups %}
access {{ group.name }} "" usm {{ group.seclevel }} exact {{ group.view }} {% if group.mode == 'ro' %}none{% else %}{{ group.view }}{% endif %} none
{% endfor %}
# trap-target
{% for t in v3_traps %}
trapsess -v 3 {{ '-Ci' if t.type == 'inform' }} -e {{ v3_engineid }} -u {{ t.secName }} -l {{ t.secLevel }} -a {{ t.authProtocol }} {% if t.authPassword %}-A {{ t.authPassword }}{% elif t.authMasterKey %}-3m {{ t.authMasterKey }}{% endif %} -x {{ t.privProtocol }} {% if t.privPassword %}-X {{ t.privPassword }}{% elif t.privMasterKey %}-3M {{ t.privMasterKey }}{% endif %} {{ t.ipProto }}:{{ t.ipAddr }}:{{ t.ipPort }}
{% endfor %}
# group
{% for u in v3_users %}
group {{ u.group }} usm {{ u.name }}
{% endfor %}
{% endif %}
{% if script_ext %}
# extension scripts
{% for ext in script_ext|sort(attribute='name') %}
extend {{ ext.name }} {{ ext.script }}
{% endfor %}
{% endif %}
|