# @(#)88 1.8 src/tcpip/etc/snmpdv3.conf, snmp, tcpip61D, d2007_49A2 10/3/07 15:19:01 # IBM_PROLOG_BEGIN_TAG # This is an automatically generated prolog. # # tcpip61D src/tcpip/etc/snmpdv3.conf 1.8 # # Licensed Materials - Property of IBM # # Restricted Materials of IBM # # COPYRIGHT International Business Machines Corp. 2002,2007 # All Rights Reserved # # US Government Users Restricted Rights - Use, duplication or # disclosure restricted by GSA ADP Schedule Contract with IBM Corp. # # IBM_PROLOG_END_TAG #---------------------------------------------------------------------------------------------------------------------------------------------------------- # General syntax rules about the snmpdv3.conf file: # An entry must be contained on one line (i.e., the newline character will # be treated as the end of an entry) # All of the entry definitions require that all fields on the entry are # specified, either with a specific value or a dash (-) to denote the # default value. # If an error is detected processing an entry and no appropriate default # value can be assumed, the entry will be discarded. # Statements in the file are not order-dependent. However if more than one # DEFAULT_SECURITY statement is found, the last one in the file is the one # that is used. # Comments may be entered in the snmpdv3.conf file, with the following # restrictions: # Comments must begin with the pound sign (#) or asterisk (*). # Comments must begin in column 1; this allows the pound sign and asterisk # to be used in names of users, views, etc. #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # USM_USER entries # Defines a user for the User-based Security Model (USM). # Format is: # userName engineID authProto authKey privProto privKey keyType storageType # #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # VACM_GROUP entries # Defines a security group (made up of users or communities) # for the View-based Access Control Model (VACM). # Format is: # groupName securityModel securityName storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # VACM_VIEW entries # Defines a particular set of MIB data, called a view, for the # View-based Access Control Model. # Format is: # viewName viewSubtree viewMask viewType storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # VACM_ACCESS entries # Identifies the access permitted to different security groups # for the View-based Access Control Model. # Format is: # groupName contextPrefix contextMatch securityLevel securityModel readView writeView notifyView storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # NOTIFY entries # Identifies management targets to receive notifications. # Format is: # notifyName tag type storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # TARGET_ADDRESS # Defines a management application's address and parameters # to be used in sending notifications. # Format is: # targetAddrName tDomain tAddress tagList targetParams timeout retryCount storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # TARGET_PARAMETERS # Defines the message processing and security parameters # to be used in sending notifications to a particular management target. # Format is: # paramsName mpModel securityModel securityName securityLevel storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # COMMUNITY # Defines a community for community-based security. # Format is: # communityName securityName securityLevel netAddr netMask storageType #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # DEFAULT_SECURITY # Identifies the default security posture to be configured for the SNMP agent; # additional security definitions defined by the use of the preceding eight entry # definition types augment any default security configurations defined # as a result of the DEFAULT_SECURITY statement. # Format is: # securityPosture password privacy #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # logging file= enabled|disabled # logging size= level= # # where specifies the complete path and filename of the # log file, enabled turns logging on, disabled turns logging off, # specifies the maximum size in bytes of the specified logfile, and # specifies the logging level of 0, 1, 2, 3, or 4. # The size default is 100000, and the level default is 0. # There can be no white spaces around the "=" in the file, size and level fields. # There are no restrictions on the order in which the fields are entered in the # logging entries. A logging entry can contain single or multiple fields. #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- # smux
# # where is the unique object identifer in dotted # decimal notation of the SMUX peer client. specifies the # password that snmpd requires from the SMUX peer client to authenticate # the SMUX association.
is either the hostname, or an IPv4 address # in dotted notation of the host, or an IPv6 address on which the SMUX peer # client is executing. # specifies the network mask for IPv4 address, or a prefix length for # IPv6 address. If no password is specified, there is no authentication for the # SMUX association. The default address and netmask are 127.0.0.1 and 255.255.255.255. # If neither the address nor netmask are specified, the SMUX association # is limited to the local host. Fields to the right of # are optional, with the limitation that no fields # to the left of a specified field are omitted. #---------------------------------------------------------------------------------------------------------------------------------------------------------- #---------------------------------------------------------------------------------------------------------------------------------------------------------- VACM_GROUP group1 SNMPv1 public - VACM_VIEW defaultView internet - included - VACM_VIEW defaultView 1.3.6.1.4.1.2.2.1.1.1.0 - included - VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191.1.6 - included - # exclude snmpv3 related MIBs from the default view VACM_VIEW defaultView snmpModules - excluded - VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included - VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.3.8.1.2 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.5 - included - # exclude aixmibd managed MIBs from the default view VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.2 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.3 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.5 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.6 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.3.1.4 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.2 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.3 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.4 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.5 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.6 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.7 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.8 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.9 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.2.1.10 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.2 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.4 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.5 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.2 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.5.1.1.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.4.2.1.7 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.1 - included - VACM_VIEW defaultView 1.3.6.1.2.1.25.3.3.1.2 - included - VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView - NOTIFY notify1 traptag trap - TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - - TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 public noAuthNoPriv - COMMUNITY public public noAuthNoPriv 0.0.0.0 0.0.0.0 - DEFAULT_SECURITY no-access - - logging file=/usr/tmp/snmpdv3.log enabled logging size=100000 level=0 smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated VACM_GROUP director_group SNMPv2c public - VACM_ACCESS director_group - - noAuthNoPriv SNMPv2c defaultView - defaultView -