If snmpd fails to open files, like /dev/kmem or /dev/mem, it exits.
Avoid this by adding the -r argument.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Firewall needs to be reloaded in the following cases:
- on service start when snmpd.general.enabled=1
- when snmpd daemon is stopped
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Commit ae5ee6ba6c added support for inbound
firewall rule support but some corner cases were not covered.
In case net-snmp is started and the network interface is already up
the procd firewall rule is created but not applied by fw3 as
service_started calling procd_set_config_changed firewall was missing.
When stopping net-snmp clean up the net-snmp inbound firewall rules in
iptables by calling procd_set_config_changed firewall in stop_service
which will trigger fw3 to remove the inbound firewall rules.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
It seems that UCI can't handle duplicate section names in a single
config file, even if they use different types. After the previous
commit, running `uci export` results in the following error:
uci: Parse error (section of different type overwrites prior section with same name) at line 17, byte 23
Append a 6 to the com2sec6 section names to solve this.
Fixes: 0e1c8b4ccc ("net-snmp: snmpd: listen on IPv6 by default")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Add enabled config option in the global uci section; it allows to put into
place the snmpd config but not yet start the netsnmp daemon.
If config option is unset; netsnmp daemon will be started as before.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Add config support which allow snmpd to take a more active role by sending
traps.
Following config options are supported which map directly on snmpd directives:
-trapcommunity
-trapsink
-trap2sink
-informsink
-authtrapenable
-v1trapaddress
-trapsess
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Add UCI section general which holds the uci parameter network defining on
which interface(s) the snmp agent is reachable for inbound snmp requests
in case the firewall zone does not allow INPUT traffic by default.
For the different zones to which the different interfaces belong firewall
procd input rules are created making the snmp agent reachable on udp port
161.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
According to the snmpd.conf man page, the engineID of an snmp agent
should be consistent through time. However, it seems that the engineID
changes every reboot. Add options to configure how the engineID is
generated. The default setting generates it based on the MAC address of
the eth0 interface.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
When applying wireless configuration changes, the ifindex of the
wireless interface(s) change. While snmpd picks up the new interfaces
with the correct index, it does not remove the old ones:
IF-MIB::ifName.23 = STRING: wlan0
IF-MIB::ifName.24 = STRING: wlan1
IF-MIB::ifName.25 = STRING: wlan0
IF-MIB::ifName.26 = STRING: wlan1
This causes problems for monitoring tools that use ifName (or ifDesc) as
interface reference. Add a trigger that reloads snmpd on interface
up/down events so that it will no longer have the old interfaces.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
When an ifindex for an interface changes, some monitoring tools can no
longer find the interface and send alerts. Monitor all network
interfaces via the procd netdev parameter, so that
/etc/init.d/snmpd reload will restart snmpd if any ifindex changed.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refactor RUN_C into CONFIGFILE, as used in dnsmasq and igmpproxy init
scripts.
- Add a newline after each function definition.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
add support for "disk <partition> <size>" option
example for /etc/config/snmpd
===========
config disk
option partition '/'
option size '500'
===========