Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net-snmp: remove deprecated port setting and add SNMPv3 options and logging #25178

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

net-snmp: remove deprecated port setting and add SNMPv3 options and logging #25178

wants to merge 4 commits into from

Conversation

Chris1189
Copy link

Maintainer: @stintel
Compile tested: x86_64, Openwrt 23.05
Run tested: x86_64, Openwrt 23.05

Description:
Openssl is needed to implement encryption and authentification for SNMPv3,
therefore the Makefile is modified for that purpose.
Also snmpV3 prerequisites are added to snmpd.init file and the possibility
to log messages to syslog or a log file.

At last the deprecated option to specifiy a port at snmpd_trap_hostname_add()
and snmpd_trap_ip_add() is removed.

@Chris1189 Chris1189 force-pushed the pr/net-snmp branch 2 times, most recently from d8fe882 to 09b46e5 Compare October 23, 2024 09:20
Christian Korber added 4 commits October 25, 2024 07:33
@Chris1189
net-snmp: add openssl dependency to Makefile
edaeb9e 
The addition of openssl dependeny in the Makefile
is needed to support e.g. authentification with SHA and
encryption with AES.

Signed-off-by: Christian Korber <ckorber@tdt.de>
@Chris1189
net-snmp: add SNMPv3 options
c739ff6 
This commit implements SNMPv3 functionality
to snmpd.init.
In particular it adds function snmpd_snmpdv3_add,
which sets the needed options in /var/run/snmpd.conf.

Signed-off-by: Christian Korber <ckorber@tdt.de>
@Chris1189
net-snmp: add logging
a1aa916 
This commit adds logging to syslog and to a logfile.

Signed-off-by: Christian Korber <ckorber@tdt.de>
@Chris1189
net-snmp: remove deprecated trap setting port
e389392 
Stating port is deprecated (see:
http://www.net-snmp.org/docs/man/snmpd.conf.html - Notification
Handling)

Signed-off-by: Christian Korber <ckorber@tdt.de>
@stintel
Copy link
Member

stintel commented Oct 25, 2024

Please make this optional. Enabling this unconditionally would result in my images being too large for my APs with 16MiB flash.

@stintel
Copy link
Member

stintel commented Oct 26, 2024

Also, I would not remove that deprecated setting just like that. Maybe make the init script very verbose about it being deprecated and removed in X time. Both in stdout and using logger. People might be using it, and possibly breaking existing configs without any warning is something I really cannot tolerate.

@Chris1189
Copy link
Author

I will look into your suggestions on Monday.
You mean to make compilation with openssl optional, do you?
I am going to test if snmpv3 is possible then.

I understand your point with the port topic and I can undo that.
net-snmp logs the deprecation (as far as I remember this is how I became aware of it).

Thank you for the review!

@stintel
Copy link
Member

stintel commented Oct 26, 2024

You could have a look at the lldp package for inspiration - it has optional snmp support.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Chris1189 @stintel