summaryrefslogtreecommitdiff
path: root/man/snmp.conf.5.def
diff options
context:
space:
mode:
Diffstat (limited to 'man/snmp.conf.5.def')
-rw-r--r--man/snmp.conf.5.def331
1 files changed, 331 insertions, 0 deletions
diff --git a/man/snmp.conf.5.def b/man/snmp.conf.5.def
new file mode 100644
index 0000000..812a56c
--- /dev/null
+++ b/man/snmp.conf.5.def
@@ -0,0 +1,331 @@
+.TH SNMP.CONF 5 "29 Jun 2005" VVERSIONINFO "Net-SNMP"
+.UC 4
+.SH NAME
+snmp.conf - configuration files for the Net-SNMP applications
+.SH DESCRIPTION
+Applications built using the Net-SNMP libraries typically use one or
+more configuration files to control various aspects of their operation.
+These files (\fBsnmp.conf\fR and \fBsnmp.local.conf\fR) can be located
+in one of several locations, as described in the \fIsnmp_config(5)\fR
+manual page.
+.PP
+In particular, \fCSYSCONFDIR/snmp/snmp.conf\fR is a common file,
+containing the settings shared by all users of the system.
+\fC~/.snmp/snmp.conf\fR is a personal file, with the settings
+specific to a particular user.
+.SH IMPORTANT NOTE
+Several of these directives may contain sensitive information
+(such as pass phrases). Configuration files that include such
+settings should only be readable by the user concerned.
+.PP
+As well as application-specific configuration tokens, there are
+several directives that relate to standard library behaviour,
+relevant to most Net-SNMP applications. Many of these correspond
+to standard command-line options, which are described in the
+\fIsnmpcmd(1)\fR manual page.
+.PP
+These directives can be divided into several distinct groups.
+.SH CLIENT BEHAVIOUR
+.IP "defDomain application domain"
+The transport domain that should be used for a certain application type unless
+something else is specified.
+.IP "defTarget application domain target"
+The target that should be used for connections to a certain application if the
+connection should be in a specific domain.
+.IP "defaultPort PORT"
+defines the default UDP port that client SNMP applications will
+attempt to connect to. This can be overridden by explicitly
+including a port number in the \fIAGENT\fR specification.
+See the \fIsnmpcmd(1)\fR manual page for more details.
+.IP
+If not specified, the default value for this token is 161.
+.IP "defVersion (1|2c|3)"
+defines the default version of SNMP to use.
+This can be overridden using the \fB-v\fR option.
+.IP "defCommunity STRING"
+defines the default community to use for SNMPv1 and SNMPv2c requests.
+This can be overridden using the \fB-c\fR option.
+.\".IP "dumpPacket (1|yes|true|0|no|false)"
+.IP "dumpPacket yes"
+defines whether to display a hexadecimal dump of the raw SNMP requests
+sent and received by the application.
+This is equivalent to the \fB-d\fR option.
+.IP "doDebugging (1|0)"
+turns on debugging for all applications run if set to 1.
+.\"
+.\" XXX - why not full boolean values?
+.\" what is the purpose of this directive ??
+.\"
+.IP "debugTokens TOKEN[,TOKEN...]"
+defines the debugging tokens that should be turned on when
+\fIdoDebugging\fR is set.
+This is equivalent to the \fB-D\fR option.
+.\".IP "16bitIDs (1|yes|true|0|no|false)"
+.IP "16bitIDs yes"
+restricts requestIDs, etc to 16-bit values.
+.IP
+The SNMP specifications define these ID fields as 32-bit quantities,
+and the Net-SNMP library typically initialises them to random values
+for security.
+However certain (broken) agents cannot handle ID values greater than
+2^16 - this option allows interoperability with such agents.
+.IP "clientaddr [<transport-specifier>:]<transport-address>"
+specifies the source address to be used by command-line applications
+when sending SNMP requests. See \fIsnmpcmd(1)\fR for more information
+about the format of addresses.
+.IP
+This value is also used by \fBsnmpd\fR when generating notifications.
+.\"
+.\" But not responses to an incoming request?
+.\" What about snmptrapd?
+.\"
+.IP "clientRecvBuf INTEGER"
+specifies the desired size of the buffer to be used when receiving
+responses to SNMP requests.
+If the OS hard limit is lower than the \fIclientRecvBuf\fR value,
+then this will be used instead.
+Some platforms may decide to increase the size of the buffer
+actually used for internal housekeeping.
+.IP
+This directive will be ignored if the platforms does not support
+\fIsetsockopt()\fR.
+.IP "clientSendBuf INTEGER"
+is similar to \fIclientRecvBuf\fR, but applies to the size
+of the buffer used when sending SNMP requests.
+.IP "noRangeCheck yes"
+disables the validation of varbind values against the MIB definition
+for the relevant OID.
+This is equivalent to the \fB-Ir\fR option.
+.IP
+This directive is primarily relevant to the \fBsnmpset\fR command,
+but will also apply to any application that calls \fIsnmp_add_var()\fR
+.\" what else ??
+with a non-NULL value.
+.\"
+.\" XXX - including snmpd ??
+.\"
+.IP "noTokenWarnings"
+disables warnings about unknown config file tokens.
+.IP "reverseEncodeBER (1|yes|true|0|no|false)"
+controls how the encoding of SNMP requests is handled.
+.IP
+The default behaviour is to encode packets starting from the end of
+the PDU and working backwards.
+This directive can be used to disable this behaviour, and build
+the encoded request in the (more obvious) forward direction.
+.IP
+It should not normally be necessary to change this setting, as
+the encoding is basically the same in either case - but working
+backwards typically produces a slightly more efficient encoding,
+and hence a smaller network datagram.
+.\"
+.\" XXX - It is probably about time to remove this choice!
+.\"
+.SH SNMPv3 SETTINGS
+.IP "defSecurityName STRING"
+defines the default security name to use for SNMPv3 requests.
+This can be overridden using the \fB-u\fR option.
+.IP "defSecurityLevel noAuthNoPriv|authNoPriv|authPriv"
+defines the default security level to use for SNMPv3 requests.
+This can be overridden using the \fB-l\fR option.
+.IP
+If not specified, the default value for this token is \fInoAuthNoPriv\fR.
+.\"
+.\" XXX - Is this correct ?
+.\"
+.RS
+.IP "Note:
+\fIauthPriv\fR is only available if the software has been compiled
+to use the OpenSSL libraries.
+.RE
+.IP "defPassphrase STRING"
+.IP "defAuthPassphrase STRING"
+.IP "defPrivPassphrase STRING"
+define the default authentication and privacy pass phrases to use
+for SNMPv3 requests.
+These can be overridden using the \fB-A\fR and \fB-X\fR options respectively.
+.IP
+The
+.B defPassphrase
+value will be used for the authentication and/or privacy pass phrases
+if either of the other directives are not specified.
+.IP "defAuthType MD5|SHA"
+.IP "defPrivType DES|AES"
+define the default authentication and privacy protocols to use for
+SNMPv3 requests.
+These can be overridden using the \fB-a\fR and \fB-x\fR options respectively.
+.IP
+If not specified, SNMPv3 requests will default to MD5 authentication
+and DES encryption.
+.RS
+.IP "Note:
+If the software has not been compiled to use the OpenSSL libraries,
+then only MD5 authentication is supported.
+Neither SHA authentication nor any form of encryption will be available.
+.RE
+.IP "defContext STRING"
+defines the default context to use for SNMPv3 requests.
+This can be overridden using the \fB-n\fR option.
+.IP
+If not specified, the default value for this token is the default context
+(i.e. the empty string "").
+.IP "defSecurityModel STRING"
+defines the security model to use for SNMPv3 requests.
+The default value is "usm" which is the only widely
+used security model for SNMPv3.
+.IP "defAuthMasterKey 0xHEXSTRING"
+.IP "defPrivMasterKey 0xHEXSTRING"
+.IP "defAuthLocalizedKey 0xHEXSTRING"
+.IP "defPrivLocalizedKey 0xHEXSTRING"
+define the (hexadecimal) keys to be used for SNMPv3 secure communications.
+SNMPv3 keys are frequently derived from a passphrase, as discussed in
+the \fIdefPassphrase\fR section above. However for improved security a
+truely random key can be generated and used instead (which would
+normally has better entropy than a password unless it is
+amazingly long).
+The directives are equivalent to the short-form
+command line options \fB-3m\fR, \fB-3M\fR, \fB-3k\fR, and \fB-3K\fR.
+.IP
+Localized keys are
+master keys which have been converted to a unique key which is only
+suitable for on particular SNMP engine (agent). The length of the key
+needs to be appropriate for the authentication or encryption type
+being used (auth keys: MD5=16 bytes, SHA1=20 bytes;
+priv keys: DES=16 bytes (8
+bytes of which is used as an IV and not a key), and AES=16 bytes).
+.\"
+.\" XXX - are these lengths still correct ?
+.\"
+.SH SERVER BEHAVIOUR
+.IP "persistentDir DIRECTORY"
+defines the directory where \fBsnmpd\fR and \fBsnmptrapd\fR store
+persistent configuration settings.
+.IP
+If not specified, the persistent directory defaults to
+PERSISTENT_DIRECTORY
+.IP "noPersistentLoad yes"
+.IP "noPersistentSave yes"
+disable the loading and saving of persistent configuration information.
+.RS
+.IP "Note:"
+This will break SNMPv3 operations (and other behaviour that relies
+on changes persisting across application restart). Use With Care.
+.RE
+.IP "tempFilePattern PATTERN"
+defines a filename template for creating temporary files,
+for handling input to and output from external shell commands.
+Used by the \fImkstemp()\fR and \fImktemp()\fR functions.
+.IP
+If not specified, the default pattern is \fC/tmp/snmpdXXXXXX\fR.
+.IP "serverRecvBuf INTEGER"
+specifies the desired size of the buffer to be used when receiving
+incoming SNMP requests.
+If the OS hard limit is lower than the \fIserverRecvBuf\fR value,
+then this will be used instead.
+Some platforms may decide to increase the size of the buffer
+actually used for internal housekeeping.
+.IP
+This directive will be ignored if the platforms does not support
+\fIsetsockopt()\fR.
+.IP "serverSendBuf INTEGER"
+is similar to \fIserverRecvBuf\fR, but applies to the size
+of the buffer used when sending SNMP responses.
+.SH MIB HANDLING
+.IP "mibdirs DIRLIST"
+specifies a list of directories to search for MIB files.
+This operates in the same way as the \fB-M\fR option -
+see \fIsnmpcmd(1)\fR for details.
+Note that this value can be overridden by the
+.B MIBDIRS
+environment variable, and the \fB-M\fR option.
+.IP "mibs MIBLIST"
+specifies a list of MIB modules (not files) that should be loaded.
+This operates in the same way as the \fB-m\fR option -
+see \fIsnmpcmd(1)\fR for details.
+Note that this list can be overridden by the
+.B MIBS
+environment variable, and the \fB-m\fR option.
+.IP "mibfile FILE"
+specifies a (single) MIB file to load, in addition to the
+list read from the \fImibs\fR token (or equivalent configuration).
+Note that this value can be overridden by the
+.B MIBFILES
+environment variable.
+.IP "showMibErrors (1|yes|true|0|no|false)"
+whether to display MIB parsing errors.
+.IP "strictCommentTerm (1|yes|true|0|no|false)"
+whether MIB parsing should be strict about comment termination.
+Many MIB writers assume that ASN.1 comments extend to the end of
+the text line, rather than being terminated by the next "--" token.
+This token can be used to accept such (strictly incorrect) MIBs.
+.br
+Note that this directive is poorly named, since a value of "true"
+will turn \fIoff\fP the strict interpretation of MIB comments.
+.IP "mibAllowUnderline (1|yes|true|0|no|false)"
+whether to allow underline characters in MIB object names and
+enumeration values.
+This token can be used to accept such (strictly incorrect) MIBs.
+.IP "mibWarningLevel INTEGER"
+the minimum warning level of the warnings printed by the MIB parser.
+.SH OUTPUT CONFIGURATION
+.IP "logTimestamp (1|yes|true|0|no|false)"
+Whether the commands should log timestamps with their error/message
+logging or not. Note that output will not look as pretty with
+timestamps if the source code that is doing the logging does
+incremental logging of messages that are not line buffered before
+being passed to the logging routines. This option is only used when file logging is active.
+.IP "printNumericEnums (1|yes|true|0|no|false)"
+Equivalent to
+.BR -Oe .
+.IP "printNumericOids (1|yes|true|0|no|false)"
+Equivalent to
+.BR -On .
+.IP "dontBreakdownOids (1|yes|true|0|no|false)"
+Equivalent to
+.BR -Ob .
+.IP "escapeQuotes (1|yes|true|0|no|false)"
+Equivalent to
+.BR -OE .
+.IP "quickPrinting (1|yes|true|0|no|false)"
+Equivalent to
+.BR -Oq .
+.IP "printValueOnly (1|yes|true|0|no|false)"
+Equivalent to
+.BR -Ov .
+.IP "dontPrintUnits (1|yes|true|0|no|false)"
+Equivalent to
+.BR -OU .
+.IP "numericTimeticks (1|yes|true|0|no|false)"
+Equivalent to
+.BR -Ot .
+.IP "printHexText (1|yes|true|0|no|false)"
+Equivalent to
+.BR -OT .
+.IP "hexOutputLength integer"
+Specifies where to break up the output of hexadecimal strings.
+Set to 0 to disable line breaks. Defaults to 16.
+.IP "suffixPrinting (0|1|2)"
+The value 1 is equivalent to
+.B -Os
+and the value 2 is equivalent to
+.BR -OS .
+.IP "oidOutputFormat (1|2|3|4|5|6)"
+Maps -O options as follow: -Os=1, -OS=2, -Of=3, -On=4, -Ou=5.
+The value 6 has no matching -O option. It suppresses output.
+.IP "extendedIndex (1|yes|true|0|no|false)"
+Equivalent to
+.BR -OX .
+.IP "noDisplayHint (1|yes|true|0|no|false)"
+Disables the use of DISPLAY-HINT information when parsing indices and
+values to set. Equivalent to
+.BR -Ih .
+.SH FILES
+SYSCONFDIR/snmp/snmp.conf,
+SYSCONFDIR/snmp/snmp.local.conf - common configuration settings
+.br
+~/.snmp/snmp.conf - user-specific configuration settings
+.SH "SEE ALSO"
+snmp_config(5), read_config(3), snmpcmd(1).
+.\" Local Variables:
+.\" mode: nroff
+.\" End:
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-17 23:00:57 +0000