#!/bin/sh /etc/rc.common # Copyright (C) 2008 OpenWrt.org START=99 USE_PROCD=1 PROG="/usr/sbin/snmpd" CONFIGFILE="/var/run/snmpd.conf" snmpd_agent_add() { local cfg="$1" config_get agentaddress "$cfg" agentaddress [ -n "$agentaddress" ] || return 0 echo "agentaddress $agentaddress" >> $CONFIGFILE } snmpd_agentx_add() { local cfg="$1" echo "master agentx" >> $CONFIGFILE config_get agentxsocket "$cfg" agentxsocket [ -n "$agentxsocket" ] && echo "agentXSocket $agentxsocket" >> $CONFIGFILE } snmpd_system_add() { local cfg="$1" config_get syslocation "$cfg" sysLocation [ -n "$syslocation" ] && echo "sysLocation $syslocation" >> $CONFIGFILE config_get syscontact "$cfg" sysContact [ -n "$syscontact" ] && echo "sysContact $syscontact" >> $CONFIGFILE config_get sysname "$cfg" sysName [ -n "$sysname" ] && echo "sysName $sysname" >> $CONFIGFILE config_get sysservice "$cfg" sysService [ -n "$sysservice" ] && echo "sysService $sysservice" >> $CONFIGFILE config_get sysdescr "$cfg" sysDescr [ -n "$sysdescr" ] && echo "sysDescr $sysdescr" >> $CONFIGFILE config_get sysobjectid "$cfg" sysObjectID [ -n "$sysobjectid" ] && echo "sysObjectID $sysobjectid" >> $CONFIGFILE } snmpd_com2sec_add() { local cfg="$1" config_get secname "$cfg" secname [ -n "$secname" ] || return 0 config_get source "$cfg" source [ -n "$source" ] || return 0 config_get community "$cfg" community [ -n "$community" ] || return 0 echo "com2sec $secname $source $community" >> $CONFIGFILE } snmpd_com2sec6_add() { local cfg="$1" config_get secname "$cfg" secname [ -n "$secname" ] || return 0 config_get source "$cfg" source [ -n "$source" ] || return 0 config_get community "$cfg" community [ -n "$community" ] || return 0 echo "com2sec6 $secname $source $community" >> $CONFIGFILE } snmpd_group_add() { local cfg="$1" config_get group "$cfg" group [ -n "$group" ] || return 0 config_get version "$cfg" version [ -n "$version" ] || return 0 config_get secname "$cfg" secname [ -n "$secname" ] || return 0 echo "group $group $version $secname" >> $CONFIGFILE } snmpd_view_add() { local cfg="$1" config_get viewname "$cfg" viewname [ -n "$viewname" ] || return 0 config_get type "$cfg" type [ -n "$type" ] || return 0 config_get oid "$cfg" oid [ -n "$oid" ] || return 0 # optional mask config_get mask "$cfg" mask echo "view $viewname $type $oid $mask" >> $CONFIGFILE } snmpd_access_add() { local cfg="$1" config_get group "$cfg" group [ -n "$group" ] || return 0 config_get context "$cfg" context [ -n $context ] || return 0 [ "$context" == "none" ] && context='""' config_get version "$cfg" version [ -n "$version" ] || return 0 config_get level "$cfg" level [ -n "$level" ] || return 0 config_get prefix "$cfg" prefix [ -n "$prefix" ] || return 0 config_get read "$cfg" read [ -n "$read" ] || return 0 config_get write "$cfg" write [ -n "$write" ] || return 0 config_get notify "$cfg" notify [ -n "$notify" ] || return 0 echo "access $group $context $version $level $prefix $read $write $notify" >> $CONFIGFILE } snmpd_trap_hostname_add() { local cfg="$1" config_get hostname "$cfg" HostName config_get port "$cfg" Port config_get community "$cfg" Community config_get type "$cfg" Type echo "$type $hostname $community $port" >> $CONFIGFILE } snmpd_trap_ip_add() { local cfg="$1" config_get host_ip "$cfg" HostIP config_get port "$cfg" Port config_get community "$cfg" Community config_get type "$cfg" Type echo "$type $host_ip $community $port" >> $CONFIGFILE } snmpd_access_default_add() { local cfg="$1" config_get mode "$cfg" Mode config_get community "$cfg" CommunityName config_get oidrestrict "$cfg" RestrictOID config_get oid "$cfg" RestrictedOID echo -n "$mode $community default" >> $CONFIGFILE [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE } snmpd_access_HostName_add() { local cfg="$1" config_get hostname "$cfg" HostName config_get mode "$cfg" Mode config_get community "$cfg" CommunityName config_get oidrestrict "$cfg" RestrictOID config_get oid "$cfg" RestrictedOID echo -n "$mode $community $hostname" >> $CONFIGFILE [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE } snmpd_access_HostIP_add() { local cfg="$1" config_get host_ip "$cfg" HostIP config_get ip_mask "$cfg" IPMask config_get mode "$cfg" Mode config_get community "$cfg" CommunityName config_get oidrestrict "$cfg" RestrictOID config_get oid "$cfg" RestrictedOID echo -n "$mode $community $host_ip/$ip_mask" >> $CONFIGFILE [ "$oidrestrict" == "yes" ] && echo " $oid" >> $CONFIGFILE [ "$oidrestrict" == "no" ] && echo "" >> $CONFIGFILE } snmpd_pass_add() { local cfg="$1" local pass='pass' config_get miboid "$cfg" miboid [ -n "$miboid" ] || return 0 config_get prog "$cfg" prog [ -n "$prog" ] || return 0 config_get_bool persist "$cfg" persist 0 [ $persist -ne 0 ] && pass='pass_persist' config_get priority "$cfg" priority priority=${priority:+-p $priority} echo "$pass $priority $miboid $prog" >> $CONFIGFILE } snmpd_exec_add() { local cfg="$1" config_get name "$cfg" name [ -n "$name" ] || return 0 config_get prog "$cfg" prog [ -n "$prog" ] || return 0 config_get args "$cfg" args config_get miboid "$cfg" miboid echo "exec $miboid $name $prog $args" >> $CONFIGFILE } snmpd_extend_add() { local cfg="$1" config_get name "$cfg" name [ -n "$name" ] || return 0 config_get prog "$cfg" prog [ -n "$prog" ] || return 0 config_get args "$cfg" args config_get miboid "$cfg" miboid echo "extend $miboid $name $prog $args" >> $CONFIGFILE } snmpd_disk_add() { local cfg="$1" local disk='disk' config_get partition "$cfg" partition [ -n "$partition" ] || return 0 config_get size "$cfg" size [ -n "$size" ] || return 0 echo "$disk $partition $size" >> $CONFIGFILE } snmpd_engineid_add() { local cfg="$1" config_get engineid "$cfg" engineid [ -n "$engineid" ] && echo "engineID $engineid" >> $CONFIGFILE config_get engineidtype "$cfg" engineidtype [ "$engineidtype" -ge 1 -a "$engineidtype" -le 3 ] && \ echo "engineIDType $engineidtype" >> $CONFIGFILE config_get engineidnic "$cfg" engineidnic [ -n "$engineidnic" ] && echo "engineIDNic $engineidnic" >> $CONFIGFILE } snmpd_sink_add() { local cfg="$1" local section="$2" local community local port local host config_get host "$cfg" host [ -n "section" -a -n "$host" ] || return 0 # optional community config_get community "$cfg" community # optional port config_get port "$cfg" port port=${port:+:$port} echo "$section $host$port $community" >> $CONFIGFILE } append_parm() { local section="$1" local option="$2" local switch="$3" local _loctmp config_get _loctmp "$section" "$option" [ -z "$_loctmp" ] && return 0 echo "$switch $_loctmp" >> $CONFIGFILE } append_authtrapenable() { local section="$1" local option="$2" local switch="$3" local _loctmp config_get_bool _loctmp "$section" "$option" [ -z "$_loctmp" ] && return 0 [ "$_loctmp" -gt 0 ] && echo "$switch $_loctmp" >> $CONFIGFILE } snmpd_setup_fw_rules() { local net="$1" local zone zone=$(fw3 -q network "$net" 2>/dev/null) local handled_zone for handled_zone in $HANDLED_SNMP_ZONES; do [ "$handled_zone" = "$zone" ] && return done json_add_object "" json_add_string type rule json_add_string src "$zone" json_add_string proto udp json_add_string dest_port 161 json_add_string target ACCEPT json_close_object HANDLED_SNMP_ZONES="$HANDLED_SNMP_ZONES $zone" } start_service() { [ -f "$CONFIGFILE" ] && rm -f "$CONFIGFILE" config_load snmpd config_get_bool snmp_enabled general enabled 1 [ "$snmp_enabled" -eq 0 ] && return procd_open_instance config_foreach snmpd_agent_add agent config_foreach snmpd_agentx_add agentx config_foreach snmpd_system_add system config_foreach snmpd_com2sec_add com2sec config_foreach snmpd_com2sec6_add com2sec6 config_foreach snmpd_group_add group config_foreach snmpd_view_add view config_foreach snmpd_access_add access config_foreach snmpd_trap_hostname_add trap_HostName config_foreach snmpd_trap_ip_add trap_HostIP config_foreach snmpd_access_default_add access_default config_foreach snmpd_access_HostName_add access_HostName config_foreach snmpd_access_HostIP_add access_HostIP config_foreach snmpd_pass_add pass config_foreach snmpd_exec_add exec config_foreach snmpd_extend_add extend config_foreach snmpd_disk_add disk config_foreach snmpd_engineid_add engineid append_parm trapcommunity community trapcommunity config_foreach snmpd_sink_add trapsink trapsink config_foreach snmpd_sink_add trap2sink trap2sink config_foreach snmpd_sink_add informsink informsink append_authtrapenable authtrapenable enable authtrapenable append_parm v1trapaddress host v1trapaddress append_parm trapsess trapsess trapsess procd_set_param command $PROG -Lf /dev/null -f -r procd_set_param file $CONFIGFILE procd_set_param respawn for iface in $(ls /sys/class/net 2>/dev/null); do procd_append_param netdev "$iface" done procd_open_data json_add_array firewall config_list_foreach general network snmpd_setup_fw_rules json_close_array procd_close_data procd_close_instance } service_stopped() { [ -f "$CONFIGFILE" ] || return rm -f "$CONFIGFILE" procd_set_config_changed firewall } service_triggers(){ local script=$(readlink "$initscript") local name=$(basename ${script:-$initscript}) procd_open_trigger procd_add_raw_trigger "interface.*" 2000 /etc/init.d/$name reload procd_close_trigger procd_add_reload_trigger 'snmpd' } service_started() { [ "$snmp_enabled" -eq 0 ] && return procd_set_config_changed firewall }