mrczntt
November 19, 2020, 7:48pm
1
Hello,
I'd like to enable SNMP on my openwrt router to have it monitored.
However since I'm stuck on a old version of openwrt I can't install mini-snmpd (which seems to be the go-to snmp daemon) therefore I have to resort to snmpd; How do I configure it? I've checked the wiki but it doesn't contain much information.
Thanks!
It pretty much runs out-of-the-box.
What problems are you having?
Are you trying to push (traps) or pull (queries)?
Mini is actually larger [now] and doesn't do 64-bit counters.
mrczntt
November 19, 2020, 8:20pm
3
I'm trying to add my router to my NMS (LibreNMS) but it errors out reporting "Could not connect to 192.168.1.1, please check the snmp details and snmp reachability"
mrczntt
November 19, 2020, 8:53pm
5
It is enabled under System > Startup but it doesn't show up under Status > Processes (even after i did service snmpd start
)
netstat -lup | grep 'snmpd'
doesn't return anything
mrczntt
November 19, 2020, 9:20pm
7
This is my config
config agent
option agentaddress 'UDP:161'
config com2sec 'public'
option secname 'ro'
option source 'default'
option community 'public'
config com2sec 'private'
option secname 'rw'
option source 'localhost'
option community 'private'
config group 'public_v1'
option group 'public'
option version 'v1'
option secname 'ro'
config group 'public_v2c'
option group 'public'
option version 'v2c'
option secname 'ro'
config group 'public_usm'
option group 'public'
option version 'usm'
option secname 'ro'
config group 'private_v1'
option group 'private'
option version 'v1'
option secname 'rw'
config group 'private_v2c'
option group 'private'
option version 'v2c'
option secname 'rw'
config group 'private_usm'
option group 'private'
option version 'usm'
option secname 'rw'
config view 'all'
option viewname 'all'
option type 'included'
option oid '.1'
config access 'public_access'
option group 'public'
option context 'none'
option version 'any'
option level 'noauth'
option prefix 'exact'
option read 'all'
option write 'none'
option notify 'none'
config access 'private_access'
option group 'private'
option context 'none'
option version 'any'
option level 'noauth'
option prefix 'exact'
option read 'all'
option write 'all'
option notify 'all'
config system
option sysLocation 'office'
option sysContact 'bofh@example.com'
option sysName 'HeartOfGold'
config exec
option name 'filedescriptors'
option prog '/bin/cat'
option args '/proc/sys/fs/file-nr'
config bridgename
option bridge 'br-lan'
config snmpd 'general'
option enable '0'
list network 'wan'
config com2sec 'lte'
option secname 'rw'
option source 'default'
option community 'private'
config group 'lte_v2c'
option group 'lte'
option version 'v2c'
option secname 'rw'
config access 'lte_access'
option group 'lte'
option context 'none'
option version 'any'
option level 'noauth'
option prefix 'exact'
option read 'all'
option write 'all'
option notify 'all'
logread | grep 'snmpd'
doesn't return anything
mrczntt
November 19, 2020, 11:40pm
9
Ops, didn't see that
Now I have snmpd running, but I still can't connect with LibreNMS
Netstat:
udp 0 0 0.0.0.0:snmp 0.0.0.0:* 7846/snmpd
Well, as you can see, snmpd is running now...
lleachii:
Do you allow inbound
Did you alter the firewall?
1 Like
mrczntt
November 20, 2020, 5:51pm
11
I did not alter the firewall; However after reflashing the firmware I now have snmpd running and working
One last thing, is this the way to change the community string?
config group 'public_v2c'
option group 'new_string_goes_here'
option version 'v2c'
option secname 'ro'
Did you change and restart work (I'd have to test by doing the same)?
mrczntt
November 20, 2020, 7:42pm
13
You mean the community string? No I haven't changed it, I just wanted to know how I would change it
I mean whatever you asked.
I hope the best.
mrczntt
November 21, 2020, 4:23pm
15
In short: I had trouble getting snmpd to work but now it does; I still need to figure out how to change the community string but whatever
I'd have to test it on the bench or edit a system in production. If you're using "public" - I surmise you change and restart. I'm simply saying I haven't tried.
mrczntt:
but whatever
?
Is there a reason you cannot test - I'll be happy to at an appropriate time if so.
EDIT: I should note I've edited snmpd on other Linux systems. It is exctly the same. I just have never changed the /etc/config file on an OpenWrt system. It's the same software, so yes.
trendy
November 21, 2020, 5:46pm
17
Nope, that is the way:
config com2sec 'public'
option secname 'ro'
option source 'default'
option community 'your_new_community'
1 Like
mrczntt
November 21, 2020, 7:37pm
18
I wasn't sure which section of the config needed to be modified; But @trendy came through so problem solved
snmpd config file on openwrt has a unique structure, quite cryptic IMO
trendy
November 21, 2020, 7:39pm
19
Not really, it tries to follow the standard uci format.
mrczntt
November 21, 2020, 8:00pm
20
Unique compared to the snmpd config file on other linux distros