From owner-freebsd-net@FreeBSD.ORG Tue Feb 14 10:58:23 2006 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D7D6716A420; Tue, 14 Feb 2006 10:58:23 +0000 (GMT) (envelope-from anders@FreeBSD.org) Received: from totem.fix.no (totem.fix.no [80.91.36.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F02D43D55; Tue, 14 Feb 2006 10:58:23 +0000 (GMT) (envelope-from anders@FreeBSD.org) Received: by totem.fix.no (Postfix, from userid 1000) id 7BD528DB148; Tue, 14 Feb 2006 11:58:21 +0100 (CET) Date: Tue, 14 Feb 2006 11:58:21 +0100 From: Anders Nordby To: Gleb Smirnoff , Harti Brandt , freebsd-net@FreeBSD.org Message-ID: <20060214105821.GA47035@totem.fix.no> References: <20060206092443.GA61116@totem.fix.no> <20060207141131.GU877@FreeBSD.org> <20060213173008.GA14643@totem.fix.no> <20060214090531.X5083@beagle.kn.op.dlr.de> <20060214083010.GB41864@totem.fix.no> <20060214093513.F5083@beagle.kn.op.dlr.de> <20060214084459.GL86448@cell.sick.ru> <20060214103723.GA45138@totem.fix.no> <20060214103901.GB68308@cell.sick.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060214103901.GB68308@cell.sick.ru> X-PGP-Key: http://anders.fix.no/pgp/ X-PGP-Key-FingerPrint: 1E0F C53C D8DF 6A8F EAAD 19C5 D12A BC9F 0083 5956 User-Agent: Mutt/1.5.11 Cc: demon@FreeBSD.org, kuriyama@FreeBSD.org Subject: Re: bsnmpd (was: 64-bit SNMP counters for FreeBSD && graphing bandwidth usage) X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Feb 2006 10:58:24 -0000 Hi, On Tue, Feb 14, 2006 at 01:39:01PM +0300, Gleb Smirnoff wrote: > A> I should make a list of "what bsnmpd needs" to be more usable, in case > A> Harti is interested. ;-P > Where is such list? Some things popping off my mind: - Ability to run as a different user. I suppose we should add a snmp user to the base system. Running as root is not OK, when it is not necessary (net-snmp snmpd can run as a different user, it has a related -r option to not exit if it has privilege problems). - Ability to chroot itself (yes please, for security). - Ability to execute programs and return values on given OIDs, and also cache their results so that the programs doesn't have to be run for every time. It's necessary to cache values to avoid running resource intensive scripts/programs more than necessary. I am using net-snmp snmpd mostly currently, but consider switching as I now can get my 64-bit counters from bsnmpd. It seems net-snmp snmpd can not give ifHCInOctets/ifHCOutOctets (Counter64) in FreeBSD yet. At least the exec issue above must be resolved for me to switch to bsnmpd. Oh, and a couple of questions. If I only want read access enabled, is commenting "write :=" and "trap :=" out all that is necessary? If not, how do I do it? Normally, I only want to read from my SNMP agents. I would prefer to have trap/write disabled completely. Another thing. The trap support in bsnmpd, it's only for forwarding traps? Does bsnmpd have, or will it ever get an ability to generate traps upon failures in FreeBSD? Cheers, -- Anders.