freeBSD与openBSD下SNMP服务的安装与配置
一、freeBSD安装SNMP服务
1、检查主机是否已经安装SNMP服务
使用命令: pkg info |grep snmp
检查是否安装net-snmp*
2、安装配置SNMP服务
2.1 安装SNMP服务
方法一:在线安装
freeBSD与openBSD默认不安装rpm工具,可以通过freeBSD的ports方式在线安装rpm工具,然后安装公司提供的snmp agent的rpm包,但是在线安装rpm工具时需要提供多个系统库文件,编译失败率比较高,因此不采用该方式
第一步:通过ports方式安装snmp
切换至root用户,执行 :
#cd /usr/ports/net-mgmt/net-snmp/
#make install clean
根据系统提示完成在线安装
方法二:snmp源代码编译安装
#scp root@192.168.0.174:源代码文件绝对路径 . //“.”代表当前目录
#tar xvzf net-snmp-5.5.2.1.tar.gz
#cd net-snmp-5.5.2.1
#./configure
#make
#make install
方法三:
#pkg add net-snmp
2.2 配置SNMP服务
编辑/etc/rc.conf文件,完成snmp自启动环境
添加如下内容:
snmpd_enable="YES"
snmpd_flags="-a /var/run/snmpd.pid"
snmptrapd_enable="YES"
snmptrapd_flags="-a -p /var/run/snmptrapd.pid
2.3生成snmp.conf配置文件
先删除snmp原始配置文件,执行以下命令生成符合监控要求的snmpd.conf
# snmpconf -g basic_setup
运行后会出现一个询问菜单,按如下步骤进行回答:
code:[copy to clipboard]do you want to configure the information returned in the system mib group (contact info, etc)? (default = y): y the location of the system: shenzhen, china the contact information: master@emerson.com
do you want to properly set the value of the sysservices.0 oid (if you don't know, just say no)? (default = y): y does this host offer physical services (eg, like a repeater) [answer 0 or 1]: 1 does this host offer datalink/subnetwork services (eg, like a bridge): 0 does this host offer internet services (eg, supports ip): 1 does this host offer end-to-end services (eg, supports tcp): 1 does this host offer application services (eg, supports smtp): 1 do you want to configure the agent's access control? (default = y): y do you want to allow snmpv3 read-write user based access (default = y): n do you want to allow snmpv3 read-only user based access (default = y): n do you want to allow snmpv1/v2c read-write community access (default = y): n do you want to allow snmpv1/v2c read-only community access (default = y): y the community name to add read-only access for: public the hostname or network address to accept this community name from [return for all]: (return) the oid that this community should be restricted to [return for no-restriction]: (return) do you want to configure where and if the agent will send traps? (default = y): n do you want to configure the agent's ability to monitor various aspects of your system? (default = y): y do you want to configure the agents ability to monitor processes? (default = y): y name of the process you want to check on: sshd(需要监控的进程) maximum number of processes named ' sshd' that should be running [default = 0]: 1 minimum number of processes named ' sshd' that should be running [default = 0]: 0 do another proc line? (default = y): n do you want to configure the agents ability to monitor disk space? (default = y): y enter the mount point for the disk partion to be checked on: / enter the minimum amount of space that should be available on /var: %100 do another disk line? (default = y): y enter the mount point for the disk partion to be checked on: /var enter the minimum amount of space that should be available on /var: %100 do another disk line? (default = y): y enter the mount point for the disk partion to be checked on: /usr enter the minimum amount of space that should be available on /usr: %100 do another disk line? (default = y): y enter the mount point for the disk partion to be checked on: /home enter the minimum amount of space that should be available on /home: %100 do another disk line? (default = y): n do you want to configure the agents ability to monitor load average? (default = y): y enter the maximum allowable value for the 1 minute load average: 12 enter the maximum allowable value for the 5 minute load average: 12 enter the maximum allowable value for the 15 minute load average: 12 do another load line? (default = y): n do you want to configure the agents ability to monitor file sizes? (default = y): n(如果想监控文件的大小,可以选y)
上述命令执行完成后会在/usr/local/share/snmp目录下生成snmp.conf
3、启动SNMP服务
安装SNMP服务成功后,使用命令:/usr/local/etc/rc.d/snmpd start
提示:Startingsnmpd ,则启动snmp服务成功。
4、验证SNMP服务
(1)使用snmptranslate命令,查看snmp工具是否可以使用:
如上,查出了部分oid,则表示snmp工具可以正常使用。
(2)本地通过localhost测试
5、远程主机测试
使用命令: snmpwalk-v 2c -c public 192.168.0.175 | head
得到如下所示的结果:
6、关于配置文件的说明
freeBSD与openBSD为UNIX衍生版本,其snmp服务配置文件与linux衍生系统的snmp服务配置的定义方式有区别,若有兴趣可以对两配置文件进行比对
7、查看防火墙状态
APEXNetManager中管理安装装有freeBSD操作系统的设备时,需要关闭防火墙,以下是对防火墙的一些操作。
FreeBSD与openBSD默认未启用防火墙,需要在/etc/rc.conf文件中添加
1、配置FreeBSD防火墙
ee /etc/rc.conf #编辑,在最后添加
firewall_enable="yes" #开启防火墙
net.inet.ip.fw.verbose=1 #启用防火墙日志功能
net.inet.ip.fw.verbose_limit=5 #启用防火墙日志功能
natd_enable="YES" # 开启防火墙NAT功能
natd_interface="rl0"
natd_flags="-dynamic -m"
firewall_script="/etc/ipfw.rules" #自定义防火墙规则路径
按esc,回车,再按a保存配置
然后启用防火墙
/etc/rc.d/ipfwstart
关闭防火墙
/etc/rc.d/ipfwstop
二、 openBSD安装snmp服务
1、检查是否安装snmp服务
#pkg_info |grepsnmp
2、安装配置snmp服务
1. 安装snmp服务
#export PKG_PATH= ftp://ftp.openbsd.com/pub/OpenBSD/5.3/packages/i386/
#pkg_add net-snmp
2. 配置snmp服务
(1)#vi /etc/rc.conf
(2)将snmpd_flags=“no”改为 snmpd_flags=“”;将pf=YES改为pf=NO
(3)运行snmpconf -g basic_setup生成snmp配置 //与freeBSD配置snmp一样
(4)将生成在/usr/local/share/snmp目录下的snmpd.conf文件替换到/etc/snmp/目录下
(5) #/etc/rc.d/netsnmpd start //启动snmp服务
3.snmp服务验证与freeBSD的snmp验证一样