Date: Tue, 14 Feb 2006 11:58:21 +0100 From: Anders Nordby <anders@FreeBSD.org> To: Gleb Smirnoff <glebius@FreeBSD.org>, Harti Brandt <harti@FreeBSD.org>, freebsd-net@FreeBSD.org Cc: demon@FreeBSD.org, kuriyama@FreeBSD.org Subject: Re: bsnmpd (was: 64-bit SNMP counters for FreeBSD && graphing bandwidth usage) Message-ID: <20060214105821.GA47035@totem.fix.no> In-Reply-To: <20060214103901.GB68308@cell.sick.ru> References: <20060206092443.GA61116@totem.fix.no> <20060207141131.GU877@FreeBSD.org> <20060213173008.GA14643@totem.fix.no> <20060214090531.X5083@beagle.kn.op.dlr.de> <20060214083010.GB41864@totem.fix.no> <20060214093513.F5083@beagle.kn.op.dlr.de> <20060214084459.GL86448@cell.sick.ru> <20060214103723.GA45138@totem.fix.no> <20060214103901.GB68308@cell.sick.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Tue, Feb 14, 2006 at 01:39:01PM +0300, Gleb Smirnoff wrote: > A> I should make a list of "what bsnmpd needs" to be more usable, in case > A> Harti is interested. ;-P > Where is such list? Some things popping off my mind: - Ability to run as a different user. I suppose we should add a snmp user to the base system. Running as root is not OK, when it is not necessary (net-snmp snmpd can run as a different user, it has a related -r option to not exit if it has privilege problems). - Ability to chroot itself (yes please, for security). - Ability to execute programs and return values on given OIDs, and also cache their results so that the programs doesn't have to be run for every time. It's necessary to cache values to avoid running resource intensive scripts/programs more than necessary. I am using net-snmp snmpd mostly currently, but consider switching as I now can get my 64-bit counters from bsnmpd. It seems net-snmp snmpd can not give ifHCInOctets/ifHCOutOctets (Counter64) in FreeBSD yet. At least the exec issue above must be resolved for me to switch to bsnmpd. Oh, and a couple of questions. If I only want read access enabled, is commenting "write :=" and "trap :=" out all that is necessary? If not, how do I do it? Normally, I only want to read from my SNMP agents. I would prefer to have trap/write disabled completely. Another thing. The trap support in bsnmpd, it's only for forwarding traps? Does bsnmpd have, or will it ever get an ability to generate traps upon failures in FreeBSD? Cheers, -- Anders.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060214105821.GA47035>