CentOS 7 SNMP 設定
- 安裝環境 : CentOS Linux release 7.5.1804 (Core)
- getenforce : Disabled
- firewall-cmd –list-services : http https ssh snmp
安裝套件
yum -y install net-snmp net-snmp-utils
設定 snmp 的定義
- 設定 192.168.1. 的網段可以透過 community nms01 讀取
- 設定 192.168.0. 的網段可以透過 community nms02 讀取
vi /etc/snmp/snmpd.conf
com2sec notConfigUser default public com2sec local localhost public com2sec mynetwork 192.168.1.0/24 nsm01 com2sec mytpnetwork 192.168.0.0/24 nms02 group MyRWGroup v1 local group MyRWGroup v2c local group MyROGroup v1 mynetwork group MyROGroup v2c mynetwork group MyROGroup v1 mytpnetwork group MyROGroup v2c mytpnetwork view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 access notConfigGroup "" any noauth exact systemview none none view all included .1 80 access MyROGroup "" any noauth prefix all none none access MyRWGroup "" any noauth prefix all all all syslocation New Taipei City, Taiwan syscontact InfoTech <[email protected]> dontLogTCPWrappersConnects yes proc snmpd disk / 10%
systemctl restart snmpd.service systemctl enable snmpd.service
驗證與測試
- 主機端確認 snmp 服務有啟動
systemctl status snmpd.service netstat -auntp | grep snmp
- 在網管端 Exp. 192.168.1.200 使用 snmpwalk -c nms01 進行檢測
snmpwalk -c public -v 2c 192.168.0.233
- snmpwalk 結果出現
No Response from xxx.xxx.xxx.xxx
- server log 出現類似
snmpd[942]: Connection from UDP: [192.168.xxx.xxx]:45239->[192.168.xxx.xxx]:161 REFUSED
- 可能就需要在 /etc/hosts.allow 裡面加入 snmp client 端的 IP Exp.192.168.1.240
- /etc/hosts.allow
# # hosts.allow This file contains access rules which are used to # allow or deny connections to network services that # either use the tcp_wrappers library or that have been # started through a tcp_wrappers-enabled xinetd. # # See 'man 5 hosts_options' and 'man 5 hosts_access' # for information on rule syntax. # See 'man tcpd' for information on tcp_wrappers # sshd:ALL snmpd: 192.168.1.240