You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

359 lines
9.5 KiB

  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2008 OpenWrt.org
  3. START=50
  4. USE_PROCD=1
  5. PROG="/usr/sbin/snmpd"
  6. CONFIGFILE="/var/run/snmpd.conf"
  7. snmpd_agent_add() {
  8. local cfg="$1"
  9. config_get agentaddress "$cfg" agentaddress
  10. [ -n "$agentaddress" ] || return 0
  11. echo "agentaddress $agentaddress" >> $CONFIGFILE
  12. }
  13. snmpd_agentx_add() {
  14. local cfg="$1"
  15. echo "master agentx" >> $CONFIGFILE
  16. config_get agentxsocket "$cfg" agentxsocket
  17. [ -n "$agentxsocket" ] && echo "agentXSocket $agentxsocket" >> $CONFIGFILE
  18. }
  19. snmpd_system_add() {
  20. local cfg="$1"
  21. config_get syslocation "$cfg" sysLocation
  22. [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE
  23. config_get syscontact "$cfg" sysContact
  24. [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE
  25. config_get sysname "$cfg" sysName
  26. [ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE
  27. config_get sysservice "$cfg" sysService
  28. [ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE
  29. config_get sysdescr "$cfg" sysDescr
  30. [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE
  31. config_get sysobjectid "$cfg" sysObjectID
  32. [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE
  33. }
  34. snmpd_com2sec_add() {
  35. local cfg="$1"
  36. config_get secname "$cfg" secname
  37. [ -n "$secname" ] || return 0
  38. config_get source "$cfg" source
  39. [ -n "$source" ] || return 0
  40. config_get community "$cfg" community
  41. [ -n "$community" ] || return 0
  42. echo "com2sec $secname $source $community" >> $CONFIGFILE
  43. }
  44. snmpd_com2sec6_add() {
  45. local cfg="$1"
  46. config_get secname "$cfg" secname
  47. [ -n "$secname" ] || return 0
  48. config_get source "$cfg" source
  49. [ -n "$source" ] || return 0
  50. config_get community "$cfg" community
  51. [ -n "$community" ] || return 0
  52. echo "com2sec6 $secname $source $community" >> $CONFIGFILE
  53. }
  54. snmpd_group_add() {
  55. local cfg="$1"
  56. config_get group "$cfg" group
  57. [ -n "$group" ] || return 0
  58. config_get version "$cfg" version
  59. [ -n "$version" ] || return 0
  60. config_get secname "$cfg" secname
  61. [ -n "$secname" ] || return 0
  62. echo "group $group $version $secname" >> $CONFIGFILE
  63. }
  64. snmpd_view_add() {
  65. local cfg="$1"
  66. config_get viewname "$cfg" viewname
  67. [ -n "$viewname" ] || return 0
  68. config_get type "$cfg" type
  69. [ -n "$type" ] || return 0
  70. config_get oid "$cfg" oid
  71. [ -n "$oid" ] || return 0
  72. # optional mask
  73. config_get mask "$cfg" mask
  74. echo "view $viewname $type $oid $mask" >> $CONFIGFILE
  75. }
  76. snmpd_access_add() {
  77. local cfg="$1"
  78. config_get group "$cfg" group
  79. [ -n "$group" ] || return 0
  80. config_get context "$cfg" context
  81. [ -n $context ] || return 0
  82. [ "$context" == "none" ] && context='""'
  83. config_get version "$cfg" version
  84. [ -n "$version" ] || return 0
  85. config_get level "$cfg" level
  86. [ -n "$level" ] || return 0
  87. config_get prefix "$cfg" prefix
  88. [ -n "$prefix" ] || return 0
  89. config_get read "$cfg" read
  90. [ -n "$read" ] || return 0
  91. config_get write "$cfg" write
  92. [ -n "$write" ] || return 0
  93. config_get notify "$cfg" notify
  94. [ -n "$notify" ] || return 0
  95. echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE
  96. }
  97. snmpd_trap_hostname_add() {
  98. local cfg="$1"
  99. config_get hostname "$cfg" HostName
  100. config_get port "$cfg" Port
  101. config_get community "$cfg" Community
  102. config_get type "$cfg" Type
  103. echo "$type $hostname $community $port" >> $CONFIGFILE
  104. }
  105. snmpd_trap_ip_add() {
  106. local cfg="$1"
  107. config_get host_ip "$cfg" HostIP
  108. config_get port "$cfg" Port
  109. config_get community "$cfg" Community
  110. config_get type "$cfg" Type
  111. echo "$type $host_ip $community $port" >> $CONFIGFILE
  112. }
  113. snmpd_access_default_add() {
  114. local cfg="$1"
  115. config_get mode "$cfg" Mode
  116. config_get community "$cfg" CommunityName
  117. config_get oidrestrict "$cfg" RestrictOID
  118. config_get oid "$cfg" RestrictedOID
  119. echo -n "$mode $community default" >> $CONFIGFILE
  120. [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
  121. [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
  122. }
  123. snmpd_access_HostName_add() {
  124. local cfg="$1"
  125. config_get hostname "$cfg" HostName
  126. config_get mode "$cfg" Mode
  127. config_get community "$cfg" CommunityName
  128. config_get oidrestrict "$cfg" RestrictOID
  129. config_get oid "$cfg" RestrictedOID
  130. echo -n "$mode $community $hostname" >> $CONFIGFILE
  131. [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
  132. [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
  133. }
  134. snmpd_access_HostIP_add() {
  135. local cfg="$1"
  136. config_get host_ip "$cfg" HostIP
  137. config_get ip_mask "$cfg" IPMask
  138. config_get mode "$cfg" Mode
  139. config_get community "$cfg" CommunityName
  140. config_get oidrestrict "$cfg" RestrictOID
  141. config_get oid "$cfg" RestrictedOID
  142. echo -n "$mode $community $host_ip/$ip_mask" >> $CONFIGFILE
  143. [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE
  144. [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE
  145. }
  146. snmpd_pass_add() {
  147. local cfg="$1"
  148. local pass='pass'
  149. config_get miboid "$cfg" miboid
  150. [ -n "$miboid" ] || return 0
  151. config_get prog "$cfg" prog
  152. [ -n "$prog" ] || return 0
  153. config_get_bool persist "$cfg" persist 0
  154. [ $persist -ne 0 ] && pass='pass_persist'
  155. config_get priority "$cfg" priority
  156. priority=${priority:+-p $priority}
  157. echo "$pass $priority $miboid $prog" >> $CONFIGFILE
  158. }
  159. snmpd_exec_add() {
  160. local cfg="$1"
  161. config_get name "$cfg" name
  162. [ -n "$name" ] || return 0
  163. config_get prog "$cfg" prog
  164. [ -n "$prog" ] || return 0
  165. config_get args "$cfg" args
  166. config_get miboid "$cfg" miboid
  167. echo "exec $miboid $name $prog $args" >> $CONFIGFILE
  168. }
  169. snmpd_extend_add() {
  170. local cfg="$1"
  171. config_get name "$cfg" name
  172. [ -n "$name" ] || return 0
  173. config_get prog "$cfg" prog
  174. [ -n "$prog" ] || return 0
  175. config_get args "$cfg" args
  176. config_get miboid "$cfg" miboid
  177. echo "extend $miboid $name $prog $args" >> $CONFIGFILE
  178. }
  179. snmpd_disk_add() {
  180. local cfg="$1"
  181. local disk='disk'
  182. config_get partition "$cfg" partition
  183. [ -n "$partition" ] || return 0
  184. config_get size "$cfg" size
  185. [ -n "$size" ] || return 0
  186. echo "$disk $partition $size" >> $CONFIGFILE
  187. }
  188. snmpd_engineid_add() {
  189. local cfg="$1"
  190. config_get engineid "$cfg" engineid
  191. [ -n "$engineid" ] && echo "engineID $engineid" >> $CONFIGFILE
  192. config_get engineidtype "$cfg" engineidtype
  193. [ "$engineidtype" -ge 1 -a "$engineidtype" -le 3 ] && \
  194. echo "engineIDType $engineidtype" >> $CONFIGFILE
  195. config_get engineidnic "$cfg" engineidnic
  196. [ -n "$engineidnic" ] && echo "engineIDNic $engineidnic" >> $CONFIGFILE
  197. }
  198. snmpd_sink_add() {
  199. local cfg="$1"
  200. local section="$2"
  201. local community
  202. local port
  203. local host
  204. config_get host "$cfg" host
  205. [ -n "section" -a -n "$host" ] || return 0
  206. # optional community
  207. config_get community "$cfg" community
  208. # optional port
  209. config_get port "$cfg" port
  210. port=${port:+:$port}
  211. echo "$section $host$port $community" >> $CONFIGFILE
  212. }
  213. append_parm() {
  214. local section="$1"
  215. local option="$2"
  216. local switch="$3"
  217. local _loctmp
  218. config_get _loctmp "$section" "$option"
  219. [ -z "$_loctmp" ] && return 0
  220. echo "$switch $_loctmp" >> $CONFIGFILE
  221. }
  222. append_authtrapenable() {
  223. local section="$1"
  224. local option="$2"
  225. local switch="$3"
  226. local _loctmp
  227. config_get_bool _loctmp "$section" "$option"
  228. [ -z "$_loctmp" ] && return 0
  229. [ "$_loctmp" -gt 0 ] && echo "$switch $_loctmp" >> $CONFIGFILE
  230. }
  231. snmpd_setup_fw_rules() {
  232. local net="$1"
  233. local zone
  234. zone=$(fw3 -q network "$net" 2>/dev/null)
  235. local handled_zone
  236. for handled_zone in $HANDLED_SNMP_ZONES; do
  237. [ "$handled_zone" = "$zone" ] && return
  238. done
  239. json_add_object ""
  240. json_add_string type rule
  241. json_add_string src "$zone"
  242. json_add_string proto udp
  243. json_add_string dest_port 161
  244. json_add_string target ACCEPT
  245. json_close_object
  246. HANDLED_SNMP_ZONES="$HANDLED_SNMP_ZONES $zone"
  247. }
  248. start_service() {
  249. [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE"
  250. config_load snmpd
  251. config_get_bool snmp_enabled general enabled 1
  252. [ "$snmp_enabled" -eq 0 ] && return
  253. procd_open_instance
  254. config_foreach snmpd_agent_add agent
  255. config_foreach snmpd_agentx_add agentx
  256. config_foreach snmpd_system_add system
  257. config_foreach snmpd_com2sec_add com2sec
  258. config_foreach snmpd_com2sec6_add com2sec6
  259. config_foreach snmpd_group_add group
  260. config_foreach snmpd_view_add view
  261. config_foreach snmpd_access_add access
  262. config_foreach snmpd_trap_hostname_add trap_HostName
  263. config_foreach snmpd_trap_ip_add trap_HostIP
  264. config_foreach snmpd_access_default_add access_default
  265. config_foreach snmpd_access_HostName_add access_HostName
  266. config_foreach snmpd_access_HostIP_add access_HostIP
  267. config_foreach snmpd_pass_add pass
  268. config_foreach snmpd_exec_add exec
  269. config_foreach snmpd_extend_add extend
  270. config_foreach snmpd_disk_add disk
  271. config_foreach snmpd_engineid_add engineid
  272. append_parm trapcommunity community trapcommunity
  273. config_foreach snmpd_sink_add trapsink trapsink
  274. config_foreach snmpd_sink_add trap2sink trap2sink
  275. config_foreach snmpd_sink_add informsink informsink
  276. append_authtrapenable authtrapenable enable authtrapenable
  277. append_parm v1trapaddress host v1trapaddress
  278. append_parm trapsess trapsess trapsess
  279. procd_set_param command $PROG -Lf /dev/null -f -r
  280. procd_set_param file $CONFIGFILE
  281. procd_set_param respawn
  282. for iface in $(ls /sys/class/net 2>/dev/null); do
  283. procd_append_param netdev "$iface"
  284. done
  285. procd_open_data
  286. json_add_array firewall
  287. config_list_foreach general network snmpd_setup_fw_rules
  288. json_close_array
  289. procd_close_data
  290. procd_close_instance
  291. }
  292. stop_service() {
  293. [ -f "$CONFIGFILE" ] || return
  294. rm -f "$CONFIGFILE"
  295. procd_set_config_changed firewall
  296. }
  297. service_triggers(){
  298. local script=$(readlink "$initscript")
  299. local name=$(basename ${script:-$initscript})
  300. procd_open_trigger
  301. procd_add_raw_trigger "interface.*" 2000 /etc/init.d/$name reload
  302. procd_close_trigger
  303. procd_add_reload_trigger 'snmpd'
  304. }
  305. service_started() {
  306. [ "$snmp_enabled" -eq 0 ] && return
  307. procd_set_config_changed firewall
  308. }