差異處

這裏顯示兩個版本的差異處。

--- tech:centos_snmp [2018/06/14 02:15] – Jonathan Tsai
+++ tech:centos_snmp [2018/10/29 10:25] (目前版本) – Jonathan Tsai
@@ 行 1: / 行 1: @@
+====== CentOS 7 SNMP 設定 ======
+  * 安裝環境 : CentOS Linux release 7.5.1804 (Core)
+  * getenforce : Disabled
+  * firewall-cmd --list-services : http https ssh **snmp**
+===== 安裝套件 =====
+<code sh>
+yum -y install net-snmp net-snmp-utils
+</code>
+===== 設定 snmp 的定義 =====
+  * 設定 192.168.1. 的網段可以透過 community nms01 讀取
+  * 設定 192.168.0. 的網段可以透過 community nms02 讀取
+<code sh>vi /etc/snmp/snmpd.conf</code><file>
+com2sec notConfigUser  default       public
+com2sec local localhost public
+com2sec mynetwork 192.168.1.0/24 nsm01
+com2sec mytpnetwork 192.168.0.0/24 nms02
+group MyRWGroup v1 local
+group MyRWGroup v2c local
+group MyROGroup v1 mynetwork
+group MyROGroup v2c mynetwork
+group MyROGroup v1 mytpnetwork
+group MyROGroup v2c mytpnetwork
+view    systemview    included   .1.3.6.1.2.1.1
+view    systemview    included   .1.3.6.1.2.1.25.1.1
+access  notConfigGroup ""      any       noauth    exact  systemview none none
+view all    included  .1                               80
+access MyROGroup "" any noauth prefix all none none
+access MyRWGroup "" any noauth prefix all all all
+syslocation New Taipei City, Taiwan
+syscontact InfoTech <[email protected]>
+dontLogTCPWrappersConnects yes
+proc snmpd
+disk / 10%
+</file><code sh>
+systemctl restart snmpd.service
+systemctl enable snmpd.service
+</code>
+===== 驗證與測試 =====
+  * 主機端確認 snmp 服務有啟動<code sh>
+systemctl status snmpd.service
+netstat -auntp | grep snmp
+</code>
+  * 在網管端 Exp. 192.168.1.200 使用 snmpwalk -c nms01 進行檢測<code sh>
+snmpwalk -c public -v 2c 192.168.0.233
+</code>
+<note>
+  * snmpwalk 結果出現 <code>
+No Response from xxx.xxx.xxx.xxx</code>
+  * server log 出現類似 <code>
+snmpd[942]: Connection from UDP: [192.168.xxx.xxx]:45239->[192.168.xxx.xxx]:161 REFUSED</code>
+  * 可能就需要在 /etc/hosts.allow 裡面加入 snmp client 端的 IP Exp.192.168.1.240<code h /etc/hosts.allow>
+#
+# hosts.allow   This file contains access rules which are used to
+#               allow or deny connections to network services that
+#               either use the tcp_wrappers library or that have been
+#               started through a tcp_wrappers-enabled xinetd.
+#
+#               See 'man 5 hosts_options' and 'man 5 hosts_access'
+#               for information on rule syntax.
+#               See 'man tcpd' for information on tcp_wrappers
+#
+sshd:ALL
+snmpd: 192.168.1.240
+</code>
+</note>
+===== 參考網址 =====
+  * http://blog.jangmt.com/2015/09/centos-7-snmpd-centos-7-snmp-install.html
+  * https://www.liquidweb.com/kb/how-to-install-and-configure-snmp-on-centos/
+  * http://blog.secaserver.com/2012/08/snmpd-connection-udp-refused/
+{{tag>NMS snmp}}