Install SNMP for FreeBSD
FreeBSD (as well as NetBSD and OpenBSD) have arguably one of the best package management systems available today. The simplicity and flexibility are something a few other package management systems could do well to learn from. We will take full advantage of this when installing our software to save us time and effort:
- # cd /usr/ports/net-mgmt/net-snmp && make install clean
- # cd /usr/ports/net/rrdtool && make install clean
These two commands should install Net-SNMP, and RRDTool. If you have problems at this stage, seek your local BSD guru.
The net-snmp package comes with the snmpconf utility which should help you configure snmpd. We will walk through the steps for it, as it can be somewhat harrowing for those new to snmp:
# snmpconf -i I can create the following types of configuration files for you. Select the file type you wish to create: (you can create more than one as you run this program) 1: snmp.conf 2: snmptrapd.conf 3: snmpd.conf
snmp.conf (snmp.conf(5)) dictates how Net-SNMP applications should operate, snmptrapd.conf (snmptrapd.conf(5)) configures the snmptrapd daemon which is used for on going monitoring via SNMP, and finally snmpd.conf (snmpd.conf(5)) defines how the snmp daemon which we will be using, is configured. Choose option ‘3’.
- The main menu:
1: System Information Setup 2: Access Control Setup 3: Trap Destinations 4: Monitor Various Aspects of the Running Host 5: Extending the Agent 6: Agent Operating Mode
Choose option ‘1’, and at the ‘System Information Setup’ menu, choose ‘1’ again. You will be asked to enter the location of your system. This can be the country, locality, your street name, site name, or any other data you would use to describe the location of the system. After you enter this, you will be returned to the ‘System Information Setup’ menu.
Choose option ‘2’ and enter the contact information for the administrator of the machine.
Finally, when you choose option ‘3’, you will be asked a number of Yes/No questions to determine what the proper value for the sysServices object. This is used to determine what services your machine offers. Reply with a ‘1’ for yes, or ‘0’ for no.
When you are done with the ‘System Information Setup’ menu, type ‘finished’ to return to the main menu.
- From the main menu, choose option ‘2’ for ‘Access Control Setup’
1: a SNMPv3 read-write user 2: a SNMPv3 read-only user 3: a SNMPv1/SNMPv2c read-only access community name 4: a SNMPv1/SNMPv2c read-write access community name
For the purpose of simplicity, we will set up a read-only SNMPv1 server which listens only on localhost. SNMPv2 and v3 provide some added security in the form of usernames and passwords, and for anyone wishing to have their snmpd listen on the network, I would very seriously recommend they look in to using these.
To continue, choose option ‘3’. You will be asked to enter a community name for read-only access. This can be any one-word string you wish, and is simply used as a weak method of authentication to restrict access to the service.
Then choose ‘localhost’ as the hostname from which to accept that community string, and press RETURN for no-restrictions on what the user of that community string can read.
- Next we will confirm where the daemon should be listening. From the main menu, choose option ‘6’ for ‘Agent Operating Mode’
1: Should the agent operate as a master agent or not. 2: The system user that the agent runs as. 3: The system group that the agent runs as. 4: The IP address and port number that the agent will listen on.
Choose option ‘4’, and enter 127.0.0.1 as the address at which snmpd will listen. Return to the main menu, and choose ‘finished’ again. You will be shown to the original menu asking which file you would like to edit. choose to ‘quit’.
- Finally, edit the /etc/rc.conf startup file, and at the end of the file put a new line as:
You can now start snmpd with /usr/local/etc/rc.d/snmpd.sh start. It will also start with your system when you reboot.