将SNMP陷阱从v1转换为v3

时间:2014-12-02 12:15:20

标签: snmp net-snmp

我正在尝试将snmp v1陷阱转换为v3。我跟着this进行了讨论,但这很模糊。 我也看了here但没有成功。

更清楚一点:我有一个Centos 6站,上面有net-snmp 5.5。我需要生成v1陷阱,接收它们,将它们转换为v3,然后转发它们。

关于第一个指南,这是我到目前为止所做的:

站长:

snmpd  -Lo --master=agentx --agentXSocket=tcp:192.168.58.64:42000 udp:1161

听:

snmpwalk -v3 -u snmpv3user -A snmpv3pass -a MD5 -l authnoPriv 192.168.58.64:1161

稍后编辑:

我取得了一些进展,我能够将snmpd作为master运行,将snmptrapd作为代理连接到它,然后使v1陷阱机制正常运行。

我做了以下事情:

    In order to get snmptrapd connected as a subagent to snmpd you need to do the following:

###1  EDIT /etc/hosts.allow and add

snmpd: $(your_ip)
smptrapd: $(your_ip)

this is important because snmptrapd fails silently if rejected
by tcp wrap.

###2 EDIT /etc/snmp/snmpd.conf and add at the bottom of the other
com2sec directives.

com2sec infwnet  $(your_ip)  YOUR-COMMUNITY



add these lines 

group MyROGroup v1         infwnet
group MyROGroup v2c        infwnet
group MyROGroup usm        infwnet

under 

"# Second, map the security names into group names:"

add this view at the bottom of the other views
view all    included  .1                               80  

add this group acces at the bottom of other group access directives

access MyROGroup  ""      any       noauth    exact  all    none   none


add  this line as well:

master agentx

###3 TEST it with this: 

snmpwalk -v1 -c YOUR_COMMUNITY $(your_ip) .


###4 CREATE THE FOLLOWING TRAP TEST EXAMPLE:


touch /usr/share/snmp/mibs/UCD-TRAP-TEST-MIB.txt


###5 COPY PASTE THE TEXT BELOW INTO IT:


 UCD-TRAP-TEST-MIB DEFINITIONS ::= BEGIN
       IMPORTS ucdExperimental FROM UCD-SNMP-MIB;

 demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 }

 demoTrap TRAP-TYPE
       ENTERPRISE demotraps
       VARIABLES { sysLocation }
       DESCRIPTION "An example of an SMIv1 trap"
       ::= 17

 END


###6 EDIT /etc/sysconfig/snmptrapd (not /etc/default/snmptrapd !!)

replace OPTIONS with this:  

OPTIONS="-Lsd -m ALL -M /usr/share/snmp/mibs  -p /var/run/snmptrapd.pid"

###7 TEST IT WITH


snmptrap -v 1 -c public $(your_ip) UCD-TRAP-TEST-MIB::demotraps "" 6 17 "" SNMPv2-MIB::sysLocation.0 s "Just here"

现在我只需要找到一种方法将它们转换为v3并从远程snmpd读取/接收它们

0 个答案:

没有答案