Commit | Line | Data |
---|---|---|
9e8e5516 C |
1 | .TH SNMPD 8C "14 Sep 1989" |
2 | .\" $Header: /f/osi/snmp/RCS/snmpd.8c,v 7.20 91/02/22 09:44:13 mrose Interim $ | |
3 | .\" | |
4 | .\" Contributed by NYSERNet Inc. This work was partially supported by the | |
5 | .\" U.S. Defense Advanced Research Projects Agency and the Rome Air Development | |
6 | .\" Center of the U.S. Air Force Systems Command under contract number | |
7 | .\" F30602-88-C-0016. | |
8 | .\" | |
9 | .\" | |
10 | .\" $Log: snmpd.8c,v $ | |
11 | .\" Revision 7.20 91/02/22 09:44:13 mrose | |
12 | .\" Interim 6.8 | |
13 | .\" | |
14 | .\" Revision 7.19 91/01/11 15:35:08 mrose | |
15 | .\" sets | |
16 | .\" | |
17 | .\" Revision 7.18 90/10/18 11:34:05 mrose | |
18 | .\" psi | |
19 | .\" | |
20 | .\" Revision 7.17 90/09/07 11:11:32 mrose | |
21 | .\" update | |
22 | .\" | |
23 | .\" Revision 7.16 90/09/03 12:57:37 mrose | |
24 | .\" update | |
25 | .\" | |
26 | .\" Revision 7.15 90/08/29 15:04:12 mrose | |
27 | .\" doc | |
28 | .\" | |
29 | .\" Revision 7.14 90/06/23 01:33:10 mrose | |
30 | .\" proxy again | |
31 | .\" | |
32 | .\" Revision 7.13 90/06/21 21:27:03 mrose | |
33 | .\" proxy | |
34 | .\" | |
35 | .\" Revision 7.12 90/06/20 23:52:55 mrose | |
36 | .\" again | |
37 | .\" | |
38 | .\" Revision 7.11 90/06/20 21:38:29 mrose | |
39 | .\" update | |
40 | .\" | |
41 | .\" Revision 7.10 90/06/13 17:58:41 mrose | |
42 | .\" defaultView | |
43 | .\" | |
44 | .\" Revision 7.9 90/06/12 05:19:02 mrose | |
45 | .\" again | |
46 | .\" | |
47 | .\" Revision 7.8 90/06/12 02:06:20 mrose | |
48 | .\" views ... | |
49 | .\" | |
50 | .\" Revision 7.7 90/06/12 02:05:32 mrose | |
51 | .\" views ... | |
52 | .\" | |
53 | .\" Revision 7.6 90/05/23 18:08:55 mrose | |
54 | .\" 1158 | |
55 | .\" | |
56 | .\" Revision 7.5 90/05/13 17:54:37 mrose | |
57 | .\" views again | |
58 | .\" | |
59 | .\" Revision 7.4 90/05/13 16:08:10 mrose | |
60 | .\" again | |
61 | .\" | |
62 | .\" Revision 7.3 90/05/13 15:55:55 mrose | |
63 | .\" update | |
64 | .\" | |
65 | .\" Revision 7.2 90/02/19 19:17:01 mrose | |
66 | .\" again | |
67 | .\" | |
68 | .\" Revision 7.1 90/01/11 18:34:30 mrose | |
69 | .\" real-sync | |
70 | .\" | |
71 | .\" Revision 7.0 89/11/23 22:23:25 mrose | |
72 | .\" Release 6.0 | |
73 | .\" | |
74 | .SH NAME | |
75 | snmpd \- SNMP agent for BSD UNIX | |
76 | .SH SYNOPSIS | |
77 | .in +.5i | |
78 | .ti -.5i | |
79 | .B \*(SDsnmpd | |
80 | \%[-b\ size] | |
81 | \%[-d] | |
82 | \%[\-t] \%[\-x] \%[\-z] | |
83 | \%[-p\ portno] | |
84 | \%[\-a\ x121address] \%[\-i\ pid] | |
85 | \%[-r] \%[-s] | |
86 | .in -.5i | |
87 | (under /etc/rc.local) | |
88 | .SH DESCRIPTION | |
89 | The \fIsnmpd\fR server acts as a management agent, | |
90 | implementing the Simple Network Management Protocol for Berkeley UNIX systems. | |
91 | Upon receipt of a message, | |
92 | it \*(lqauthenticates\*(rq the request, | |
93 | attempts the operation, | |
94 | and then returns a response. | |
95 | .PP | |
96 | The managed objects manipulated by \fIsnmpd\fR are defined in the file | |
97 | \fBsnmpd.defs\fR, | |
98 | kept in the system administrator's area. | |
99 | These objects conform to the Internet-standard | |
100 | \fIManagement Information Base\fR (commonly referred to as MIB-I), | |
101 | which is defined in RFC 1156. | |
102 | The rules used for naming and describing objects are taken from the | |
103 | Internet-standard | |
104 | \fIStructure of Management Information\fR (SMI), | |
105 | which is defined in RFC 1155. | |
106 | .PP | |
107 | Most objects are realized via reading \fB/dev/kmem\fR. | |
108 | There are some exceptions, | |
109 | which can be set via a configuration file, | |
110 | which is read once, | |
111 | when the daemon starts. | |
112 | .SH TRANSPORTS | |
113 | For a UDP\-based network service, | |
114 | the server listens on port 161 for SNMP messages. | |
115 | The `\-p' option overrides the default UDP port. | |
116 | .PP | |
117 | For an X.25\-based network service, | |
118 | the server implements the transport class 0 protocol, | |
119 | decodes the connection request packet, | |
120 | and execs the appropriate program to enter the protocol and provide the | |
121 | service. | |
122 | The `\-a' switch is used to specify the X.121 address of the local host | |
123 | \(em this overrides the entry in the \fBisotailor\fP file. | |
124 | In addition, | |
125 | the `\-i' switch is used to specify the protocol ID to listen on | |
126 | \(em the default is 03018200. | |
127 | Note that on most X.25 implementations, | |
128 | if the local X.121 address is not present in the \fBisotailor\fR file, | |
129 | then the `-a' switch must be used in order for the server to | |
130 | receive incoming calls. | |
131 | .PP | |
132 | For a TP4\-based transport service, | |
133 | the server simply listens to any incoming connections for selector | |
134 | \*(lqsnmp\*(rq. | |
135 | .PP | |
136 | By default, | |
137 | all network services are enabled | |
138 | (if defined in the configuration). | |
139 | The `\-t' option specifies TCP\-only operation, | |
140 | the `\-x' option specifies X.25\-only operation, | |
141 | and the `\-z' option specifies TP4\-only operation. | |
142 | .SH SMUX | |
143 | The agent supports the SNMP Multiplexing (SMUX) protocol. | |
144 | To disable this, | |
145 | use the `\-s' option. | |
146 | .SH CONFIGURATION | |
147 | The \fBsnmpd.rc\fR file, | |
148 | which is kept in the system administrator's area, | |
149 | contains customization commands. | |
150 | This file must be owned by root unless the `-r' option is given. | |
151 | At present, | |
152 | the directives are: | |
153 | .TP | |
154 | .B community\fR\0name\0address\0access\0view | |
155 | defines an SNMP community called `name' with the indicated level of `access'. | |
156 | The `address' token is either a hostname, an IP-address, or a | |
157 | network address (using Kille's string syntax). | |
158 | If present and a value other than 0.0.0.0 is used, | |
159 | then incoming messages claiming to belong to the named community must | |
160 | come from this address. | |
161 | The `access' token, | |
162 | if present, | |
163 | is one of \*(lqreadOnly\*(rq, \*(lqreadWrite\*(rq, or \*(lqnone\*(rq, | |
164 | and defaults to \*(lqreadOnly\*(rq. | |
165 | The `view' token, | |
166 | if present, | |
167 | is an object identifier, | |
168 | which names the corresponding view of MIB objects that this community | |
169 | may access; | |
170 | otherwise, | |
171 | it defaults to a view containing all variables known to the agent. | |
172 | .TP | |
173 | .B view\fR\0name\0subtree\0... | |
174 | defines a collection of manageable objects | |
175 | with the given object identifier as its name. | |
176 | All variables scoped by the `subtree' tokens, | |
177 | each an object identifier, | |
178 | given in the directive are placed in the view. | |
179 | If no subtress are listed, | |
180 | the view contains all variables known to the agent. | |
181 | .TP | |
182 | .B proxy\fR\0name\0domain\0address\0community | |
183 | defines an SNMP proxy relationship, | |
184 | in terms of a view called `name'. | |
185 | Management requests for this view will be encapsulated via the access | |
186 | method for `domain' and sent to the named address/community. | |
187 | At present, | |
188 | only the domain `rfc1157' (SNMP over UDP) is supported, | |
189 | and the format of the `address' token is identical to that used by the | |
190 | \fBcommunity\fR directive. | |
191 | .TP | |
192 | .B logging\fR\0ava\0... | |
193 | sets the logging parameters accordingly. | |
194 | The one or more `ava' tokens are of the form \*(lqattribute=value\*(rq. | |
195 | The attributes are: | |
196 | \fIfile\fR, | |
197 | which is the filename for the log, | |
198 | this is interpreted relative to the ISODE logging area, | |
199 | unless the value starts with a slash; | |
200 | \fIsize\fR, | |
201 | which takes an integer value describing the maximum file size | |
202 | (in KBytes) that the log should be allowed to grow; | |
203 | \fIslevel\fR, | |
204 | which takes a string value indicating which events should be logged | |
205 | (one of \fInone\fR, \fIfatal\fR, \fIexceptions\fR, \fInotice\fR, \fItrace\fR, | |
206 | \fIpdus\fR, \fIdebug\fR, or \fIall\fR); | |
207 | \fIdlevel\fR, | |
208 | which says which events should not be logged; | |
209 | \fIsflags\fR, | |
210 | which takes a string value indicating logging options should be enabled | |
211 | (one of \fIclose\fR (to close the log after each entry), | |
212 | \fIcreate\fR (to create the log if it does not already exist), | |
213 | \fIzero\fR (to reset the log if the size is exceeded), | |
214 | and \fItty\fR (to log events to the user's terminal in addition to the file)); | |
215 | and, | |
216 | \fIdflags\fR, | |
217 | which says which logging options should be disabled. | |
218 | .TP | |
219 | .B trap\fR\0name\0address\0view | |
220 | defines a trap sink for the SNMP community called `name', | |
221 | on the indicated address, | |
222 | which is either a hostname, an IP-address, or a | |
223 | network address (using Kille's string syntax). | |
224 | Note that at present, | |
225 | traps sinks must be reachable via UDP | |
226 | (the network address must be an IP-address). | |
227 | By default, | |
228 | a view is not named for the trap sink. | |
229 | .TP | |
230 | .B variable\fR\0name\0value | |
231 | sets the named variable to the indicated value. | |
232 | At present, | |
233 | these variables may be set: | |
234 | \fIsysDescr\fR, | |
235 | which takes a string value describing the management agent; | |
236 | \fIsysObjectID\fR, | |
237 | which takes an OBJECT IDENTIFIER value containing similar information; | |
238 | \fIsysContact\fR, | |
239 | which takes a string value describing the person responsible for the | |
240 | node; | |
241 | \fIsysName\fR, | |
242 | which takes a string value giving an administratively assigned name | |
243 | for the node; | |
244 | \fIsysLocation\fR, | |
245 | which takes a string value describing the location of the node; | |
246 | and, | |
247 | \fIsysServices\fR, | |
248 | which takes an integer describing the services offered by the node. | |
249 | See RFC 1156 for a more thorough explanation of these objects. | |
250 | (The last four are defined in MIB-II, RFC 1158, | |
251 | the follow-on to RFC 1156.) | |
252 | .TP | |
253 | .B variable\0snmpEnableAuthTraps\fR\0[ enabled | disabled ] | |
254 | enables (or disables) the generation of authenticationFailure traps. | |
255 | .TP | |
256 | .B variable\0interface\fR\0name\0ava\0... | |
257 | sets attributes for the named interface. | |
258 | The `name' token is an interface name as reported by \*(lqnetstat\0-i\*(rq. | |
259 | The one or more `ava' tokens are of the form \*(lqattribute=value\*(rq. | |
260 | At present, | |
261 | only three attributes may be set for each interface: | |
262 | \fIifType\fR, | |
263 | which takes an integer value describing the kind of interface; | |
264 | \fIifSpeed\fR, | |
265 | which takes an integer value describing the speed of the interface; | |
266 | and, | |
267 | \fIifAdminStatus\fR, | |
268 | which takes an integer value describing the adminstrative state of the | |
269 | interface. | |
270 | See RFC 1156 for a more thorough explanation of these objects. | |
271 | .SH "DEBUG OPERATION" | |
272 | If \fIsnmpd\fR is started interactively, | |
273 | or if the `\-d' switch is given, | |
274 | then debug mode is entered. | |
275 | In this case, | |
276 | all logging activity is displayed on the user's terminal. | |
277 | In addition, | |
278 | the logging information is more verbose. | |
279 | .PP | |
280 | The `-b' switch can be used to specify the maximum message size | |
281 | supported by the daemon. | |
282 | (This is useful for testing how management stations recover from | |
283 | tooBig errors.) | |
284 | .SH FILES | |
285 | .nf | |
286 | .ta \w'\*(LDsnmpd.log 'u | |
287 | \*(EDsnmpd.defs MIB definitions | |
288 | \*(EDsnmpd.rc configuration file | |
289 | \*(LDsnmpd.log log file | |
290 | /etc/snmpd.pid daemon PID file | |
291 | .re | |
292 | .fi | |
293 | .SH "NOTE WELL" | |
294 | The names of the objects in \fBsnmpd.defs\fR are case sensitive. | |
295 | This was necessary to improve the efficiency of the hashing algorithm | |
296 | used for object lookup. | |
297 | .SH "SEE ALSO" | |
298 | RFCs 1155, 1156, and 1157. | |
299 | .PP | |
300 | S.E.\0Kille, | |
301 | \fIA string encoding of Presentation Address\fR, | |
302 | Research Note RN/89/14, | |
303 | Department of Computer Science, | |
304 | University College London, | |
305 | (February, 1989). | |
306 | .SH AUTHOR | |
307 | Marshall T. Rose, | |
308 | Performance Systems International | |
309 | .PP | |
310 | This work was partially supported by the | |
311 | U.S. Defense Advanced Research Projects Agency and the Rome Air Development | |
312 | Center of the U.S. Air Force Systems Command under contract number | |
313 | F30602-88-C-0016. | |
314 | .PP | |
315 | Although this package is distributed with the ISODE, | |
316 | it is not an OSI program, per se. | |
317 | Inasmuch as the continued survival of the Internet hinges on all nodes | |
318 | becoming network manageable, | |
319 | this package was developed using the ISODE and is being freely | |
320 | distributed with releases of Berkeley UNIX. | |
321 | .PP | |
322 | It must be stressed that this package is not a complete network management | |
323 | system. | |
324 | In particular, | |
325 | whilst \fIsnmpd\fR provides a minimal agent functionality, | |
326 | there are no Network Operation Center (NOC) tools--\fIsnmpi\fR is a | |
327 | debugging aid only. |