NAME
snmpd - daemon to respond to SNMP request packets.
# 注释 :snmpd 命令是响应 SNMP 请求的守护进程
SYNOPSIS
snmpd [OPTIONS] [LISTENING ADDRESSES]
# 注释 :语法格式是 snmpd 后面加上选项或者监听地址
# 补充 :Redhat 9 默认的启动命令是 :snmpd -s -l /dev/null -P /var/run/snmpd -a
# -)使用 syslog 记录日志
# -)输出信息送到 /dev/null
# -)pid 文件是 /var/run/snmpd
# -)记录 snmp 请求的地址
DESCRIPTION
snmpd is an SNMP agent which binds to a port and awaits requests from
SNMP management software. Upon receiving a request, it processes the
request(s), collects the requested information and/or performs the
requested operation(s) and returns the information to the sender.
# 注释 :snmpd 是一个 SNMP 代理,绑定到某个端口上,并且等待来自 SNMP 管理软件或者工作站的请求。
# 一旦收到请求后,就处理请求,收集相关信息,或者完成某个动作,然后返回信息给发送者
OPTIONS
-a Log the source addresses of incoming requests.
# 注释 :-a 记录 incoming 请求的源地址
-A Append to the log file rather than truncating it.
# 注释 :-A 表示对日志进行追加操作,而不是清空操作
-c FILE Read FILE as a configuration file.
# 注释 :-c <FILE> 表示读取某个文件以作为配置文件
-C Do not read any configuration files except the one optionally
specified by the -c option.
# 注释 :-C 表示不要读取任何配置文件除了 -C 列出的那个
-d Dump (in hexadecimal) the sent and received SNMP packets.
# 注释 :-d 选项表示导出发送和接收的 SNMP packets
-D[TOKEN[,...]]
Turn on debugging output for the given TOKEN(s). Without any
tokens specified, it defaults to printing all the tokens (which
is equivalent to the keyword "ALL"). You might want to try ALL
for extremely verbose output. Note: You can not put a space
between the -D flag and the listed TOKENs.
-f Do not fork() from the calling shell.
# 注释 :-f 选项表示不执行 fork 操作,也就是不以守护进程方式运行,而是在前台运行
-g GID Change to the numerical group ID GID after opening listening
sockets.
# 注释 :-g <GID> 表示在打开监听 socket 后将组id改为指定的 gid
-h, --help
Display a brief usage message and then exit.
# 注释 ;-h 显示帮助信息
-H Display a list of configuration file directives understood by
the agent and then exit.
# 注释 :-H 选项显示所有 snmpd 知道的配置文件指令然后退出
-I [-]INITLIST
This option specifies which modules you do (or do not) want to
be initialized when the agent starts up. If the comma-sepa-
rated INITLIST is preceded with a '-', it is the list of mod-
ules that you do not want to be started. Otherwise, INITLIST
is the list of modules to be started.
# 注释 :-I [-] <list> 是用于指定 snmpd 在启动时加载或者不加载那些模块。
# 如果 <list> 前面是一个减号,则认为是禁止 snmpd 加载指定模块
# <list> 是一个用逗号分隔的列表
To get a list of compiled modules, run the agent with the argu-
ments -Dmib_init -H (assumes you have debugging support com-
piled in).
# 注释 :那么如何知道 snmpd 有那些模块呢?可以执行 snmpd -Dmib_init -H
-l [FILE]
Log all output from the agent (including stdout and stderr) to
FILE. If no filename is given, log to a default file set at
compile time (normally /var/log/snmpd.log).
# 注释 :-l [file] 选项将snmpd 产生的所有输出(包括标准输出和标准错误)都记录到指定的文件中。
# 假如没有给出文件名,记录到默认的文件 /var/log/snmpd.log 中
# 补充 :在 Redhat 9 中,-l 指向的是 /dev/null ,所以不会保存任何信息
-L Do not open a log file; print all messages to stderr instead.
# 注释 :-L 选项表示不记录日志,所有的输出都写到 stderr
-P FILE Save the process ID of the daemon in FILE.
# 注释 :-P <file> 表示 snmpd 的 pid 文件。
# 默认为 /var/run/snmpd
-q Print simpler output for easier automated parsing.
# 注释 :-q 选项打印简单的输出,以便于其他程序处理日志
-r Do not require root access to run the daemon. Specifically, do
not exit if files only accessible to root (such as /dev/kmem
etc.) cannot be opened.
# 注释 :-r 选项表示不强制以 root 身份启动守护进程。特别是当某些文件只有 root 才能访问的时候不要退出。
-s Use syslog for logging.
# 注释 :-s 选项表示使用 syslog 来记录日志
-S d|0-7
Specifies the syslog facility to use when logging to syslog.
'd' means LOG_DAEMON and 0 through 7 mean LOG_LOCAL0 through
LOG_LOCAL7. LOG_DAEMON is the default.
# 注释 :-S <daemon>|<0-7> 表示使用什么 facility 来记录日志。默认是 LOG_DAEMON 。
# 也就是记录为 snmpd
-u UID Change to the user ID UID (which can be given in numerical or
textual form) after opening listening sockets.
# 注释 :-u <uid> 表示在打开监听 sockets 之后切换 uid 为指定值
# <uid> 部分可以为用户名或者 uid
# 问题 :执行 snmpd -u bob ,看 snmpd 进程是否为 bob 所有
-v, --version
Print version information for the agent and then exit.
# 注释 :-v 选项打印 snmpd 命令的版本并退出
-V Symbolically dump SNMP transactions.
# 注释 :-V 选项“象征性”地导出 SNMP 事务
-x ADDRESS
Listens for AgentX connections on the specified address rather
than the default '/var/agentx/master'. The address can either
be a Unix domain socket path, or the address of a network
interface. The format is the same as the format of listening
addresses described below.
# 注释 :-x <address> 选项表示监听 AgentX 的地址。
# <address> 可以是 socket 文件的路径,也可以是 ip 地址
# 问题 :什么是 AgentX ?
-X Run as an AgentX subagent rather than as an SNMP master agent.
# 注释 :-X 选项表示运行一个 AgentX 子代理,而不是是一个 SNMP 主代理
LISTENING ADDRESSES
By default, snmpd listens for incoming SNMP requests only on UDP port
161. However, it is possible to modify this behaviour by specifying
one or more listening addresses as arguments to snmpd. A listening
address takes the form:
# 注释 :默认情况下,SNMP 的监听地址为 UDP 161 端口。
# 但也可以修改为一个或者多个其他的地址,格式如下 ;
[<transport-specifier>:]<transport-address>
At its simplest, a listening address may consist only of a port number,
in which case snmpd listens on that UDP port on all IPv4 interfaces.
Otherwise, the <transport-address> part of the specification is parsed
according to the following table:
# 注释 :最简单的就是一个端口。这种情况下,snmp 在所有的 ipv4 接口的指定的 udp 端口上监听
# 如果要指定特定的地址,可以按照以下格式
# 注释 :其中的 transport-specifier 是指 tcp 还是 udp
# tranport-address 就是 “主机名:端口” 或者 “ip:端口”的格式了
# 如果是 unix sockets 格式的,则 transport-specific 为 unix ,后面的 transport-address 为 socket 文件的路径
# 注释 :注意,udp或者tcp或者unix后面要接一个 ':' 而后才是 “主机名:端口”或者 “ip:端口”
# 也就是 snmpd [udp|tcp|unix]:[hostname | ip]:[port]
# 各个部分都是可选的,默认就是 0.0.0.0:161 udp,如果某部分忽略不写,则使用默认值
# 例如只在 127.0.0.1 上监听而已,可以执行 snmpd udp:127.0.0.1 或者 snmpd udp:127.0.0.1:161
<transport-specifier> <transport-address> format
udp hostname[:port] or IPv4-address[:port]
tcp hostname[:port] or IPv4-address[:port]
unix pathname
ipx [network]:node[/port]
aal5pvc or pvc [interface.][VPI.]VCI
udp6 or udpv6 or udpipv6 hostname[:port] or IPv6-address[:port]
tcp6 or tcpv6 or tcpipv6 hostname[:port] or IPv6-address[:port]
Note that <transport-specifier> strings are case-insensitive so that,
for example, "tcp" and "TCP" are equivalent. Here are some examples,
along with their interpretation:
# 注释 :要注意,这里的传输协议部分和主机名是不区分大小写的,所以 udp 和 UDP 是相同的
127.0.0.1:161 listen on UDP port 161, but only on the loop-
back interface. This prevents snmpd being
queried remotely (which is a bit pointless).
The ":161" is redundant here since that is the
default SNMP port in any case.
TCP:1161 listen on TCP port 1161 on all IPv4 interfaces.
ipx:/40000 listen on IPX port 40000 on all IPX interfaces.
unix:/tmp/local-agent listen on the Unix domain socket /tmp/local-
agent.
/tmp/local-agent identical to the previous specification, since
the Unix domain is the default transport iff
the first character of the <transport-address>
is a '/'.
PVC:161 listen on the AAL5 permanent virtual circuit
with VPI=0 and VCI=161 (decimal) on the first
ATM adapter in the machine.
udp6:10161 listen on port 10161 on all IPv6 interfaces.
Note that not all the transport domains listed above will always be
available; for instance, hosts with no IPv6 support will not be able to
use udp6 transport addresses, and attempts to do so will result in the
error "Error opening specified endpoint". Likewise, since AAL5 PVC
support is only currently available on Linux, it will fail with the
same error on other platforms.
CONFIGURATION FILES
snmpd checks for the existence of and parses the following files:
/snmp/snmp.conf
Common configuration for the agent and applications. See
snmp.conf(5) for details.
# 注释 :/etc/snmp/snmp.conf 是 Agent 和 应用程序的公用配置
/snmp/snmpd.conf
/snmp/snmpd.local.conf
Agent-specific configuration. See snmpd.conf(5) for details.
These files are optional and may be used to configure access con-
trol, trap generation, subagent protocols and much else besides.
# 注释 :/etc/snmpd.conf 和 /etc/snmpd.local.conf 是配置 snmpd 的文件。
# 可以用于配置访问控制,trap 消息的产生,子代理等等
In addition to these two configuration files in /snmp, the agent
will read any files with the names snmpd.conf and
snmpd.local.conf in a colon separated path specified in the SNMP-
CONFPATH environment variable.
# 注释 :除此之外,snmpd 还会通过 $SNMP-CONFPATH 变量读取所有名称为 snmpd.conf 或者 snmpd.local.conf 的文件
/usr/share/snmp/mibs/
The agent will also load all files in this directory as MIBs. It
will not, however, load any file that begins with a '.' or
descend into subdirectories.
# 注释 :/usr/share/snmp/mibs 是 snmp 存放 MIBs 文件的位置。
# 不过 snmpd 不会加在那些以 '.' 开头的文件,也不会读取子目录下的文件
SEE ALSO
(in recommended reading order)
snmp.conf(5), snmpd.conf(5)
4th Berkeley Distribution 7 Feb 2002 SNMPD(8)
@鸡鸡哥
之所以要+x是因为CentOS里面这个文件是个BASH脚本 /etc/init.d/snmpd执行这个脚本获得里面定义的变量 所以需要+x 但让不加也是可以的 因为source调用脚本的方法不需要对方一定有可执行权限。
你说的第二个问题 看起来是打开了你的NET-SNMP 的IPV6支持 如果你没有这方面的需求 就关掉它把。
@ihipop
nano /etc/sysconfig/snmpd.options #加入如下参数 OPTIONS="-LS3d -Lf /dev/null -p /var/run/snmpd.pid -a"chmod +x /etc/sysconfig/snmpd.options #为什么加x,自己cat /etc/init.d/snmpd看看就明白了
这里没看明白,还有,我配置了snmpd的日志独立出来,不放入messages,修改了snmpd.options的配置如下OPTIONS="-Lf /var/log/snmpd.log",但是貌似出错,不知何故,贴日志出来
[root@xxxx log]# head -n 50 snmpd.log
could not open /proc/net/if_inet6
mibII/mta_sendmail.c:open_sendmailst: could not guess version of statistics file "/var/log/mail/statistics"
cannot open /proc/net/snmp6 ...
error finding row index in _ifXTable_container_row_restore
NET-SNMP version 5.3.2.2
为何?谢谢指教
@鸡鸡哥
你说什么?我也没听明白?
小顾兄,为何要+x呢,没看明白