Home Server SNMP

Index.

• Introduction.
• Install net-snmp.
• Configure the Trap Daemon.
• Configure the SNMP Daemon.
• System init.
• Download.

16-Nov-2011: initial release.
25-Dec-2012: adjusted for Slackware.

 

Introduction.

According to the WIKI: Simple Network Management Protocol (SNMP) is an “Internet-standard protocol for managing devices on IP networks”. Using SNMP on our Home Server is useful if you want to be able to keep track of your server hardware usage (disks, network etc), and issue alerts when something is wrong. With the aid of a collection tool like cacti you can make nice graphs.

Configuring SNMP is just not that simple. All the documentation and man pages are full of references to other documents so you are constantly hopping around and before you know it you are lost. I should have used SNMPv3 to secure the setup, but I decided to use SNMPv1. This is really insecure, but since it runs on a Home Network isolated from the rest of the world I could live with that. Besides, external devices you might want to query for SNMP data (like xDSL modems), often only support SNMPv1.

 

Install net-snmp.

Install net-snmp for the standard Slackware distribution, you can find it in the n series.

 

Configure the Trap Daemon.

On the Home Server we will configure and run the SNMP trap daemon. This daemon collects all alerts and information messages from all other servers including the Home Server itself. We configure the alert messages to send email messages so that we are notified if something is wrong. Here is an example trap message:

Host: <UNKNOWN> (UDP: [10.126.160.253]:38813->[10.126.160.253]:162)
   sysUpTimeInstance  0:0:00:00.59
       snmpTrapOID.0  mteTriggerFired
     mteHotTrigger.0  process table
  mteHotTargetName.0  
 mteHotContextName.0  
         mteHotOID.0  prErrorFlag.17
       mteHotValue.0  1
          prNames.17  smartd
     prErrMessage.17  No smartd process running
   snmpTrapAddress.0  10.126.161.2
 snmpTrapCommunity.0  "wpllan"
snmpTrapEnterprise.0  dismanEventMIBNotificationPrefix

 

Create the directory /etc/snmp and create the file /etc/snmp/snmptrapd.conf:

###########################################################################
#
# snmptrapd.conf at homsrv.wpl.ym

authCommunity   log,execute,net wpllan

snmpTrapdAddr 10.126.160.253,10.126.161.2

disableAuthorization yes

format1 "%02.2h:%02.2j TRAP %W.%q from %A"
format2 "%02.2h:%02.2j TRAP %W.%q from %A"

outputOption s

traphandle default /usr/bin/traptoemail -s localhost -f snmp@wpl.uk admin@wpl.uk

 

Here we have defined what to do with the messages that the trap daemon receives. To add a little bit of security, we only listen on the IPv4 addresses of the users LAN and internal gateway network.

Because there is no rc.d script for snmptrapd you have to write that yourself. Create /etc/rc.d/snmptrapd:

#!/bin/bash

PID=`pidof -o %PPID /usr/sbin/snmptrapd`
case "$1" in
  start)
    echo -n "Starting SNMP Trap Daemon "
    [ -z "$PID" ] && /usr/sbin/snmptrapd -Lsd -C -c /etc/snmp/snmptrapd.conf -p
/var/run/snmptrapd.pid
    if [ $? -gt 0 ]; then
      echo "failed."
    else
      echo "done."
    fi
    ;;
  stop)
    echo -n "Stopping SNMP Trap Daemon "
    [ ! -z "$PID" ]  && kill $PID &> /dev/null
    if [ $? -gt 0 ]; then
      echo "failed."
    else
      rm /var/run/snmptrapd.pid
      echo "done."
    fi
    ;;
  restart)
    $0 stop
    sleep 2
    $0 start
    ;;
  *)
    echo "usage: $0 {start|stop|restart}"  
esac
exit 0

 

Now start the trap daemon:

root@homsrv:~# chmod 755 /etc/rc.d/rc.snmptrapd
root@homsrv:~# /etc/rc.d/rc.snmptrapd start
Starting SNMP Trap Daemon done.
root@homsrv:~#

 

Configure the SNMP Daemon.

Now we need to configure the SNMP daemon.  We will use SNMPv1 with the community name public which everyone uses. Therefore, don’t allow SNMP from the Internet, and if you use the example firewall it is already closed by default. Create /etc/snmp/snmpd.conf. Only important lines are shown, the file in the download archive is a lot longer.

###########################################################################
#
# snmpd.conf at homsrv.wpl.ym
#
###########################################################################
# SECTION: Access Control Setup, IPv4 and IPv6
rocommunity  public
rocommunity6 public
agentaddress 10.126.160.253,10.126.161.2
###########################################################################
# SECTION: Trap Destinations
#
#   Here we define who the agent will send traps to.
#
trapcommunity  wpllan
trapsink  10.126.161.2:162
agentSecName internal
rouser internal
defaultMonitors yes

###########################################################################
# SECTION: Interfaces
#
Interface br0           6 1000000000
Interface eth0          6 0
Interface tap0          6 0
Interface eth1          6 0
Interface vboxnet0      6 1000000000
Interface vboxnet1      6 1000000000

###########################################################################
# SECTION: Monitor Various Aspects of the Running Host
#
#   The following check up on various aspects of a host.
proc  nginx             3       2
proc  crond             1       1
proc  syslogd           1       1
proc  master            2       2
proc  clamd             5       1
proc  clamav-milter     5       1
proc  smbd              10      2

disk  /                 10%
disk  /mnt/vserver      10%
disk  /home             10%
disk  /mnt/users        10%
disk  /mnt/media        10%
disk  /mnt/amanda       10%

load  20 15 12

###########################################################################
# SECTION: System Information Setup
#
syslocation     "Server room 2"
syscontact      Administrator <admin@wpl.uk>
sysservices     79
sysName         "homsrv.wpl.ym"
sysDescr        "Home Server for wpl.ym"

#############################################################################
#
# Section experimental

# Squid proxy
#
#proxy -v 1 -c public localhost:3401 .1.3.6.1.4.1.3495.1

 

If you have squid configured like in our example setup, then the last line will work and make some data from the squid web proxy available.

Next, modify /etc/rc.d/rc.snmpd, somewhere at the top is the OPTIONS variable:

OPTIONS="-LS3d -p /var/run/snmpd

 

Now start snmpd:

root@homsrv:~# chmod 755 /etc/rc.d/rc.snmpd
root@homsrv:~# /etc/rc.d/rc.snmpd start
Starting snmpd /usr/sbin/snmpd -LS3d -p /var/run/snmpd -c /etc/snmp/snmpd.conf
root@homsrv:~#

 

You should install the snmp daemon on the virtual machines too.

 

System init.

On the Home Server itself we have to start snmptrapd and snmpd. Slackware doesn’t support a rc.snmptrapd script it the init scripts, so you need to add it yourself to the scripts /etc/rc.d/rc.6 and /etc/rc.d/rc.M. Add the start lines right after the lines that start rc.inet1 so that the trap daemon is started as soon as possible, just after the network is configured.

if [ -x /etc/rc.d/rc.snmptrapd ]; then
  /etc/rc.d/rc.snmptrapd start
fi

 

On the other side, we must start snmpd at the last moment because it watches other system daemons which must be started before snmpd. So, disable the lines in /etc/rc.d/rc.M that start snmpd, and copy these lines into /etc/rc.d/rc.local. Now, snmptrapd is started early and snmpd as late as possible.

 

 

Download.

See the download page for the script and configuration files.