Re: Allow any community
This is a discussion on Re: Allow any community within the SNMP Coders forums, part of the Networking and Network Related category; 2008/5/28 Pachiappan D <dpachiappan@gmail.com>: > Can any one let me know the configuration to ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-28-2008
|
|||
|
|||
Re: Allow any community
2008/5/28 Pachiappan D <dpachiappan@gmail.com>:
> Can any one let me know the configuration to allow any community > requests in SNMP V2 agent ? I don't believe that this is possible. You have to configure the community strings that should have access to the agent. There is no support for wildcards. Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders 
|
|
05-29-2008
|
|||
|
|||
|
Re: Allow any community
[ First - *please* don't mail me privately, without copying
any responses to the mailing list. I don't have the time or inclination to offer private, unpaid, SNMP consultancy. Keep discussions to the list, where others can both learn and offer advice. Thanks. ] 2008/5/28 Pachiappan D <dpachiappan@gmail.com>: > I have tried like this in my snmpd.conf, > rocommunity read default .1.3.6.1.2.1.1.3 .1.3.6.1.2.1.1.1 > > Agent takes only the first one ( .1.3.6.1.2.1.1.3 ) not the remaining. > Is it possible to achieve more no of objects in row ? > > Please suggest me. Try defining a view to cover these two objects: view simpleView included .1.3.6.1.2.1.1.3 view simpleView included .1.3.6.1.2.1.1.1 and then grant access to this view: rocommunity read default -V simpleView Otherwise you're looking at the full com2sec/group/view/access setup - see snmpd.conf(5) or the FAQ for details. Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders
|
|
05-29-2008
|
|||
|
|||
|
Re: Allow any community
2008/5/29 Pachiappan D <dpachiappan@gmail.com>:
> --------------------------------------------------------------------------- > view simpleView included .1.3.6.1.2.1.1.3 > view simpleView included .1.3.6.1.2.1.1.1 > > rocommunity read default -V simpleView > --------------------------------------------------------------------------- > > Is the above allowed in SNMPV1/V2C ? Yes. "rocommunity" is *only* used in SNMPv1/2c Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders
|
|
05-29-2008
|
|||
|
|||
|
Re: Allow any community
2008/5/29 Pachiappan D <dpachiappan@gmail.com>:
> How can i provide the access to more than one subtree with rocommunity ? By defining a view containing these subtrees. That is exactly what the previous suggestion does. Whether the view contains two adjacent MIB objects, or two completely separate subtrees is not important. You can define a view containing as many or as few elements as you like. Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders
|
|
06-02-2008
|
|||
|
|||
|
Re: Allow any community
2008/6/2 Pachiappan D <dpachiappan@gmail.com>:
> View directive comes under SNMPV3. No. The view-based access control model was introduced as part of the SNMPv3 framework, but can be (and is) applied to all versions of the protocol. > With alone SNMPv1/v2c , rocommunity directive is the only > choice to restrict access for a subtree as below, No - it is not. That is the simplest approach, but it is also possible to use more complex views - either using "rocommunity ... -v {view}" or the full com2sec/group/view/access approach. > In SNMPv1/v2c , I want to achieve like > rocommunity cname default <subtree1> <subtree2>.. And I have told you how to do that. > ( without using view directive ) Then you're stuffed. The *only* way you can do what you are asking for is to use views. > Is the above possible ? Yes. > If yes , please pave me a way to do this. I have already given you a way to do this. If you're not prepared to follow my advice, then that is not my problem. Have you actually *tried* what I suggested? If not, why not? Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/...et-snmp-coders
|
Linear Mode
