当前位置: 首页 > 工具软件 > Net-snmp > 使用案例 >

net-snmp私有mib动态加载到snmpd

卢出野
2023-12-01

前面的开发步骤我就不描述了,在我的其他博文中有说,一个是写mib文件,一个是将mib文件转化为.c和.h文件。

这里说下如何通过动态加载的方式将.c和.h编译为lib库然后添加到snmpd上,令其可以被访问到

1. makefile文件

CC=aarch64-linux-gnu-gcc
CFLAGS := -I ../include/ -I ../../include
LDFLAGS := -L ../lib -L ../../lib

lib:
	$(CC) $(CFLAGS) $(LDFLAGS) -I.'net-snmp-config --cflags' -fpic -shared -o libNetTable.so NetTable.c -I.'net-snmp-config --libs' -lhiredis -lzlog -lpthread 

all:lib 
.PHONY : clean
clean :
	rm -f *.so *.o

这里要注意的是netsnmp编译的时候会产生net-snmp-config这个软件,这个软件会作为lib编译的一部分。NetTable.c是编译的c文件,libNetTable.so是产生的so文件。

2. 修改snmpd.conf

rwcommunity public

#            sec.name        souce            community
com2sec        secname            default                public

group        secgroup            v2c                    secname

view          all        included      .1
view          all        included      .1.3.6.1.4.1

access  secgroup    ""            any        noauth        exact     all    all    none

上诉的添加内容是添加了一个用来访问的public,另外需要注意注释掉其他的和上诉配置相关的内容比如下面这条:

#rocommunity public  default    -V systemonly

然后snmp.conf配置好之后还要添加snmp的lib库的申明到配置文件,如下:

dlmod NetTable /lib/libNetTable.so

我的snmpd.conf修改完成后是这样的:

###############################################################################
#
# EXAMPLE.conf:
#   An example configuration file for configuring the Net-SNMP agent ('snmpd')
#   See the 'snmpd.conf(5)' man page for details
#
#  Some entries are deliberately commented out, and will need to be explicitly activated
#
###############################################################################
#
#  AGENT BEHAVIOUR
#

#  Listen for connections from the local system only
agentAddress  udp:127.0.0.1:161
#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161

###############################################################################
#
#  SNMPv3 AUTHENTICATION
#
#  Note that these particular settings don't actually belong here.
#  They should be copied to the file /var/net-snmp/snmpd.conf
#     and the passwords changed, before being uncommented in that file *only*.
#  Then restart the agent

#  createUser authOnlyUser  MD5 "remember to change this password"
#  createUser authPrivUser  SHA "remember to change this one too"  DES
#  createUser internalUser  MD5 "this is only ever used internally, but still change the password"

#  If you also change the usernames (which might be sensible),
#  then remember to update the other occurances in this example config file to match.

###############################################################################
#
#  ACCESS CONTROL
#
                                                 #  system + hrSystem groups only
#view   systemonly  included   .1.3.6.1.2.1.1
#view   systemonly  included   .1.3.6.1.2.1.25.1

                                                 #  Full access from the local host
#rocommunity public  localhost
                                                 #  Default access to basic system info

#rocommunity public  default    -V systemonly


                                                 #  Full access from an example network
                                                 #     Adjust this network address to match your local
                                                 #     settings, change the community string,
                                                 #     and check the 'agentAddress' setting above
#rocommunity secret  10.0.0.0/16

                                                 #  Full read-only access for SNMPv3
 rouser   authOnlyUser
                                                 #  Full write access for encrypted requests
                                                 #     Remember to activate the 'createUser' lines above
#rwuser   authPrivUser   priv

#  It's no longer typically necessary to use the full 'com2sec/group/access' configuration
#  r[ou]user and r[ow]community, together with suitable views, should cover most requirements

###############################################################################
#
#  SYSTEM INFORMATION
#

#  Note that setting these values here, results in the corresponding MIB objects being 'read-only'
#  See snmpd.conf(5) for more details
sysLocation    Sitting on the Dock of the Bay
sysContact     Me <me@example.org>
                                                 # Application + End-to-End layers
sysServices    72

#
#  Process Monitoring
#
                               # At least one  'mountd' process
proc  mountd
                               # No more than 4 'ntalkd' processes - 0 is OK
proc  ntalkd    4
                               # At least one 'sendmail' process, but no more than 10
proc  sendmail 10 1

#  Walk the UCD-SNMP-MIB::prTable to see the resulting output
#  Note that this table will be empty if there are no "proc" entries in the snmpd.conf file

#
#  Disk Monitoring
#
                               # 10MBs required on root disk, 5% free on /var, 10% free on all other disks
disk       /     10000
disk       /var  5%
includeAllDisks  10%

#  Walk the UCD-SNMP-MIB::dskTable to see the resulting output
#  Note that this table will be empty if there are no "disk" entries in the snmpd.conf file

#
#  System Load
#
                               # Unacceptable 1-, 5-, and 15-minute load averages
load   12 10 5

#  Walk the UCD-SNMP-MIB::laTable to see the resulting output
#  Note that this table *will* be populated, even without a "load" entry in the snmpd.conf file

###############################################################################
#
#  ACTIVE MONITORING
#

                                    #   send SNMPv1  traps
 trapsink     localhost public
                                    #   send SNMPv2c traps
#trap2sink    localhost public
                                    #   send SNMPv2c INFORMs
#informsink   localhost public

#  Note that you typically only want *one* of these three lines
#  Uncommenting two (or all three) will result in multiple copies of each notification.

#
#  Event MIB - automatically generate alerts
#
                                   # Remember to activate the 'createUser' lines above
iquerySecName   internalUser       
rouser          internalUser
                                   # generate traps on UCD error conditions
#defaultMonitors          yes
                                   # generate traps on linkUp/Down
linkUpDownNotifications  yes

###############################################################################
#
#  EXTENDING THE AGENT
#

#
#  Arbitrary extension commands
#
 extend    test1   /bin/echo  Hello, world!
 extend-sh test2   echo Hello, world! ; echo Hi there ; exit 35
#extend-sh test3   /bin/sh /tmp/shtest

#  Note that this last entry requires the script '/tmp/shtest' to be created first,
#    containing the same three shell commands, before the line is uncommented

#  Walk the NET-SNMP-EXTEND-MIB tables (nsExtendConfigTable, nsExtendOutput1Table
#     and nsExtendOutput2Table) to see the resulting output

#  Note that the "extend" directive supercedes the previous "exec" and "sh" directives
#  However, walking the UCD-SNMP-MIB::extTable should still returns the same output,
#     as well as the fuller results in the above tables.

#
#  "Pass-through" MIB extension command
#
#pass .1.3.6.1.4.1.8072.2.255  /bin/sh       PREFIX/local/passtest
#pass .1.3.6.1.4.1.8072.2.255  /usr/bin/perl PREFIX/local/passtest.pl

# Note that this requires one of the two 'passtest' scripts to be installed first,
#    before the appropriate line is uncommented.
# These scripts can be found in the 'local' directory of the source distribution,
#     and are not installed automatically.

#  Walk the NET-SNMP-PASS-MIB::netSnmpPassExamples subtree to see the resulting output

#
#  AgentX Sub-agents
#
                                           #  Run as an AgentX master agent
 master          agentx
                                           #  Listen for network connections (from localhost)
                                           #    rather than the default named socket /var/agentx/master
#agentXSocket    tcp:localhost:705
#
#

rwcommunity public

#            sec.name        souce            community
com2sec        secname            default                public

group        secgroup            v2c                    secname

view          all        included      .1
view          all        included      .1.3.6.1.4.1

access  secgroup    ""            any        noauth        exact     all    all    none

trap2sink    localhost public
informsink   localhost public

dlmod NetTable /lib/libNetTable.so

3. 启动snmpd

snmpd -f -Lo: -Dagentx,dlmod  -c /etc/snmpd.conf  -M /share/snmp/mibs &

这里要注意dlmod其实只是调试开关,用来启动的时候查看lib是否挂载正确的,agentx也是打开的snmpd调试相关的开关。-c指向配置文件,-M指向的是mib文件的保存路径,让snmpd能够看到mib文件在什么地方。

snmpd如果正常启动结果如下:

root@node1:/media/cyf/net-snmp# snmpd -f -Lo: -Dagentx,dlmod  -c /etc/snmpd.conf  -M /share/snmp/mibs &
[1] 1151
root@node1:/media/net-snmp# registered debug token agentx, 1
registered debug token dlmod, 1
agentx_register_app_config_handler: registering .conf token for "agentxsocket"
agentx_register_app_config_handler: registering .conf token for "agentxRetries"
agentx_register_app_config_handler: registering .conf token for "agentxTimeout"
agentx_register_app_config_handler: registering .conf token for "agentxperms"
dlmod: register mib
dlmod: dlmod_path: /media/build/setup/lib/snmp/dlmod
Turning on AgentX master support.
dlmod: dlmod_create_module
dlmod: dlmod_load_module NetTable: /lib/libNetTable.so
agentx/master: initializing...
agentx/master: initializing...   DONE
NET-SNMP version 5.9.1

这样就是没有错误的启动,如果有其他failed或者error那么就要查看下对应的错误内容并修正。

 类似资料: