openwrt-packages-dist/net/net-snmp/files/snmpd.init

#!/bin/sh /etc/rc.common
# Copyright (C) 2008 OpenWrt.org
START=50

USE_PROCD=1
PROG="/usr/sbin/snmpd"

CONFIGFILE="/var/run/snmpd.conf"

snmpd_agent_add() {
	local cfg="$1"

	config_get agentaddress "$cfg" agentaddress
	[ -n "$agentaddress" ] || return 0
	echo "agentaddress $agentaddress" >> $CONFIGFILE
}

snmpd_agentx_add() {
	local cfg="$1"
	echo "master agentx" >> $CONFIGFILE
	config_get agentxsocket "$cfg" agentxsocket
	[ -n "$agentxsocket" ] && echo "agentXSocket $agentxsocket" >> $CONFIGFILE
}

snmpd_system_add() {
	local cfg="$1"
	config_get syslocation "$cfg" sysLocation
	[ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE
	config_get syscontact "$cfg" sysContact
	[ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE
	config_get sysname "$cfg" sysName
	[ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE
	config_get sysservice "$cfg" sysService
	[ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE
	config_get sysdescr "$cfg" sysDescr
	[ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE
	config_get sysobjectid "$cfg" sysObjectID
	[ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE
}

snmpd_com2sec_add() {
	local cfg="$1"
	config_get secname "$cfg" secname
	[ -n "$secname" ] || return 0
	config_get source "$cfg" source
	[ -n "$source" ] || return 0
	config_get community "$cfg" community
	[ -n "$community" ] || return 0
	echo "com2sec $secname $source $community" >> $CONFIGFILE
}

snmpd_com2sec6_add() {
	local cfg="$1"
	config_get secname "$cfg" secname
	[ -n "$secname" ] || return 0
	config_get source "$cfg" source
	[ -n "$source" ] || return 0
	config_get community "$cfg" community
	[ -n "$community" ] || return 0
	echo "com2sec6 $secname $source $community" >> $CONFIGFILE
}

snmpd_group_add() {
	local cfg="$1"
	config_get group "$cfg" group
	[ -n "$group" ] || return 0
	config_get version "$cfg" version
	[ -n "$version" ] || return 0
	config_get secname "$cfg" secname
	[ -n "$secname" ] || return 0
	echo "group $group $version $secname" >> $CONFIGFILE
}

snmpd_view_add() {
	local cfg="$1"
	config_get viewname "$cfg" viewname
	[ -n "$viewname" ] || return 0
	config_get type "$cfg" type
	[ -n "$type" ] || return 0
	config_get oid "$cfg" oid
	[ -n "$oid" ] || return 0
	# optional mask
	config_get mask "$cfg" mask
	echo "view $viewname $type $oid $mask" >> $CONFIGFILE
}

snmpd_access_add() {
	local cfg="$1"
	config_get group "$cfg" group
	[ -n "$group" ] || return 0
	config_get context "$cfg" context
	[ -n $context ] || return 0
	[ "$context" == "none" ] && context='""'
	config_get version "$cfg" version
	[ -n "$version" ] || return 0
	config_get level "$cfg" level
	[ -n "$level" ] || return 0
	config_get prefix "$cfg" prefix
	[ -n "$prefix" ] || return 0
	config_get read "$cfg" read
	[ -n "$read" ] || return 0
	config_get write "$cfg" write
	[ -n "$write" ] || return 0
	config_get notify "$cfg" notify
	[ -n "$notify" ] || return 0
	echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE
}

snmpd_trap_hostname_add() {
	local cfg="$1"
	config_get hostname "$cfg" HostName
	config_get port "$cfg" Port
	config_get community "$cfg" Community
	config_get type "$cfg" Type
	echo "$type $hostname $community $port" >> $CONFIGFILE
}

snmpd_trap_ip_add() {
	local cfg="$1"
	config_get host_ip "$cfg" HostIP
	config_get port "$cfg" Port
	config_get community "$cfg" Community
	config_get type "$cfg" Type
	echo "$type $host_ip $community $port" >> $CONFIGFILE
}

snmpd_access_default_add() {
	local cfg="$1"
	config_get mode "$cfg" Mode
	config_get community "$cfg" CommunityName
	config_get oidrestrict "$cfg" RestrictOID
	config_get oid "$cfg" RestrictedOID
	echo -n "$mode $community default" >> $CONFIGFILE
	[ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
	[ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
}

snmpd_access_HostName_add() {
	local cfg="$1"
	config_get hostname "$cfg" HostName
	config_get mode "$cfg" Mode
	config_get community "$cfg" CommunityName
	config_get oidrestrict "$cfg" RestrictOID
	config_get oid "$cfg" RestrictedOID
	echo -n "$mode $community $hostname" >> $CONFIGFILE
	[ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
	[ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
}

snmpd_access_HostIP_add() {
	local cfg="$1"
	config_get host_ip "$cfg" HostIP
	config_get ip_mask "$cfg" IPMask
	config_get mode "$cfg" Mode
	config_get community "$cfg" CommunityName
	config_get oidrestrict "$cfg" RestrictOID
	config_get oid "$cfg" RestrictedOID
	echo -n "$mode $community $host_ip/$ip_mask" >> $CONFIGFILE
	[ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
	[ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
}

snmpd_pass_add() {
	local cfg="$1"
	local pass='pass'

	config_get miboid "$cfg" miboid
	[ -n "$miboid" ] || return 0
	config_get prog "$cfg" prog
	[ -n "$prog" ] || return 0
	config_get_bool persist "$cfg" persist 0
	[ $persist -ne 0 ] && pass='pass_persist'
	config_get priority "$cfg" priority
	priority=${priority:+-p $priority}
	echo "$pass $priority $miboid $prog" >> $CONFIGFILE
}

snmpd_exec_add() {
	local cfg="$1"

	config_get name "$cfg" name
	[ -n "$name" ] || return 0
	config_get prog "$cfg" prog
	[ -n "$prog" ] || return 0
	config_get args "$cfg" args
	config_get miboid "$cfg" miboid
	echo "exec $miboid $name $prog $args" >> $CONFIGFILE
}

snmpd_disk_add() {
        local cfg="$1"
        local disk='disk'

        config_get partition "$cfg" partition
        [ -n "$partition" ] || return 0
        config_get size "$cfg" size
        [ -n "$size" ] || return 0
        echo "$disk $partition $size" >> $CONFIGFILE
}

snmpd_engineid_add() {
	local cfg="$1"

	config_get engineid "$cfg" engineid
	[ -n "$engineid" ] && echo "engineID $engineid" >> $CONFIGFILE
	config_get engineidtype "$cfg" engineidtype
	[ "$engineidtype" -ge 1 -a "$engineidtype" -le 3 ] && \
		echo "engineIDType $engineidtype" >> $CONFIGFILE
	config_get engineidnic "$cfg" engineidnic
	[ -n "$engineidnic" ] && echo "engineIDNic $engineidnic" >> $CONFIGFILE
}

snmpd_sink_add() {
	local cfg="$1"
	local section="$2"
	local community
	local port
	local host

	config_get host "$cfg" host
	[ -n "section" -a -n "$host" ] || return 0
	# optional community
	config_get community "$cfg" community
	# optional port
	config_get port "$cfg" port
	port=${port:+:$port}
	echo "$section $host$port $community" >> $CONFIGFILE
}

append_parm() {
	local section="$1"
	local option="$2"
	local switch="$3"
	local _loctmp
	config_get _loctmp "$section" "$option"
	[ -z "$_loctmp" ] && return 0
	echo "$switch $_loctmp" >> $CONFIGFILE
}

append_authtrapenable() {
	local section="$1"
	local option="$2"
	local switch="$3"
	local _loctmp
	config_get_bool _loctmp "$section" "$option"
	[ -z "$_loctmp" ] && return 0
	[ "$_loctmp" -gt 0 ] && echo "$switch $_loctmp" >> $CONFIGFILE
}

snmpd_setup_fw_rules() {
	local net="$1"
	local zone

	zone=$(fw3 -q network "$net" 2>/dev/null)

	local handled_zone
	for handled_zone in $HANDLED_SNMP_ZONES; do
		[ "$handled_zone" = "$zone" ] && return
	done

	json_add_object ""
	json_add_string type rule
	json_add_string src "$zone"
	json_add_string proto udp
	json_add_string dest_port 161
	json_add_string target ACCEPT
	json_close_object

	HANDLED_SNMP_ZONES="$HANDLED_SNMP_ZONES $zone"
}

start_service() {
	[ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"

	config_load snmpd

	config_get_bool snmp_enabled general enabled 1
	[ "$snmp_enabled" -eq 0 ] && return

	procd_open_instance

	config_foreach snmpd_agent_add agent
	config_foreach snmpd_agentx_add agentx
	config_foreach snmpd_system_add system
	config_foreach snmpd_com2sec_add com2sec
	config_foreach snmpd_com2sec6_add com2sec6
	config_foreach snmpd_group_add group
	config_foreach snmpd_view_add view
	config_foreach snmpd_access_add access
	config_foreach snmpd_trap_hostname_add trap_HostName
	config_foreach snmpd_trap_ip_add trap_HostIP
	config_foreach snmpd_access_default_add access_default
	config_foreach snmpd_access_HostName_add access_HostName
	config_foreach snmpd_access_HostIP_add access_HostIP
	config_foreach snmpd_pass_add pass
	config_foreach snmpd_exec_add exec
	config_foreach snmpd_disk_add disk
	config_foreach snmpd_engineid_add engineid
	append_parm trapcommunity community trapcommunity
	config_foreach snmpd_sink_add trapsink trapsink
	config_foreach snmpd_sink_add trap2sink trap2sink
	config_foreach snmpd_sink_add informsink informsink
	append_authtrapenable authtrapenable enable authtrapenable
	append_parm v1trapaddress host v1trapaddress
	append_parm trapsess trapsess trapsess

	procd_set_param command $PROG -Lf /dev/null -f
	procd_set_param file $CONFIGFILE
	procd_set_param respawn

	for iface in $(ls /sys/class/net 2>/dev/null); do
		procd_append_param netdev "$iface"
	done

	procd_open_data

	json_add_array firewall
	config_list_foreach general network snmpd_setup_fw_rules
	json_close_array

	procd_close_data

	procd_close_instance
}

stop_service() {
	[ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
}

service_triggers(){
	local script=$(readlink "$initscript")
	local name=$(basename ${script:-$initscript})

	procd_open_trigger
	procd_add_raw_trigger "interface.*" 2000 /etc/init.d/$name reload
	procd_close_trigger

	procd_add_reload_trigger 'snmpd'
}