Provided by: libsnmp-base_5.4.1~dfsg-4ubuntu4_all bug

NAME

       snmp.conf - configuration files for the Net-SNMP applications

DESCRIPTION

       Applications  built  using  the Net-SNMP libraries typically use one or
       more configuration files to control various aspects of their operation.
       These  files  (snmp.conf  and snmp.local.conf) can be located in one of
       several locations, as described in the snmp_config(5) manual page.

       In particular, /etc/snmp/snmp.conf is a  common  file,  containing  the
       settings  shared  by  all  users of the system.  ~/.snmp/snmp.conf is a
       personal file, with the settings specific to a particular user.

IMPORTANT NOTE

       Several of these directives may contain sensitive information (such  as
       pass  phrases).   Configuration files that include such settings should
       only be readable by the user concerned.

       As well as application-specific configuration tokens, there are several
       directives  that relate to standard library behaviour, relevant to most
       Net-SNMP applications.  Many of these correspond to  standard  command-
       line options, which are described in the snmpcmd(1) manual page.

       These directives can be divided into several distinct groups.

CLIENT BEHAVIOUR

       defDomain application domain
              The   transport  domain  that  should  be  used  for  a  certain
              application type unless something else is specified.

       defTarget application domain target
              The target that should be used  for  connections  to  a  certain
              application if the connection should be in a specific domain.

       defaultPort PORT
              defines  the default UDP port that client SNMP applications will
              attempt to connect to.  This can  be  overridden  by  explicitly
              including  a  port  number  in the AGENT specification.  See the
              snmpcmd(1) manual page for more details.

              If not specified, the default value for this token is 161.

       defVersion (1|2c|3)
              defines the default  version  of  SNMP  to  use.   This  can  be
              overridden using the -v option.

       defCommunity STRING
              defines  the  default  community  to  use for SNMPv1 and SNMPv2c
              requests.  This can be overridden using the -c option.

       dumpPacket yes
              defines whether to display a hexadecimal dump of  the  raw  SNMP
              requests   sent  and  received  by  the  application.   This  is
              equivalent to the -d option.

       doDebugging (1|0)
              turns on debugging for all applications run if set to 1.

       debugTokens TOKEN[,TOKEN...]
              defines the debugging tokens  that  should  be  turned  on  when
              doDebugging is set.  This is equivalent to the -D option.

       16bitIDs yes
              restricts requestIDs, etc to 16-bit values.

              The  SNMP  specifications  define  these  ID  fields  as  32-bit
              quantities, and the Net-SNMP library typically initialises  them
              to  random values for security.  However certain (broken) agents
              cannot handle ID values greater than 2^16 - this  option  allows
              interoperability with such agents.

       clientaddr [<transport-specifier>:]<transport-address>
              specifies   the  source  address  to  be  used  by  command-line
              applications when sending SNMP requests. See snmpcmd(1) for more
              information about the format of addresses.

              This  value is also used by snmpd when generating notifications.

       clientRecvBuf INTEGER
              specifies the desired  size  of  the  buffer  to  be  used  when
              receiving  responses  to SNMP requests.  If the OS hard limit is
              lower than the clientRecvBuf  value,  then  this  will  be  used
              instead.   Some platforms may decide to increase the size of the
              buffer actually used for internal housekeeping.

              This directive will be ignored if the platforms does not support
              setsockopt().

       clientSendBuf INTEGER
              is  similar  to  clientRecvBuf,  but  applies to the size of the
              buffer used when sending SNMP requests.

       noRangeCheck yes
              disables the  validation  of  varbind  values  against  the  MIB
              definition  for the relevant OID.  This is equivalent to the -Ir
              option.

              This directive is primarily relevant to the snmpset command, but
              will  also  apply  to  any application that calls snmp_add_var()
              with a non-NULL value.

       noTokenWarnings
              disables warnings about unknown config file tokens.

       reverseEncodeBER (1|yes|true|0|no|false)
              controls how the encoding of SNMP requests is handled.

              The default behaviour is to encode packets starting from the end
              of the PDU and working backwards.  This directive can be used to
              disable this behaviour, and build the  encoded  request  in  the
              (more obvious) forward direction.

              It  should  not normally be necessary to change this setting, as
              the encoding is basically the same in either case - but  working
              backwards typically produces a slightly more efficient encoding,
              and hence a smaller network datagram.

SNMPv3 SETTINGS

       defSecurityName STRING
              defines the default security name to use  for  SNMPv3  requests.
              This can be overridden using the -u option.

       defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
              defines  the  default security level to use for SNMPv3 requests.
              This can be overridden using the -l option.

              If  not  specified,  the  default  value  for  this   token   is
              noAuthNoPriv.

              Note:  authPriv  is  only  available  if  the  software has been
                     compiled to use the OpenSSL libraries.

       defPassphrase STRING

       defAuthPassphrase STRING

       defPrivPassphrase STRING
              define the default authentication and privacy  pass  phrases  to
              use  for  SNMPv3 requests.  These can be overridden using the -A
              and -X options respectively.

              The defPassphrase value will  be  used  for  the  authentication
              and/or  privacy  pass  phrases if either of the other directives
              are not specified.

       defAuthType MD5|SHA

       defPrivType DES|AES
              define the default authentication and privacy protocols  to  use
              for  SNMPv3  requests.  These can be overridden using the -a and
              -x options respectively.

              If  not  specified,  SNMPv3  requests  will   default   to   MD5
              authentication and DES encryption.

              Note:  If  the software has not been compiled to use the OpenSSL
                     libraries, then only  MD5  authentication  is  supported.
                     Neither  SHA  authentication  nor  any form of encryption
                     will be available.

       defContext STRING
              defines the default context to use for  SNMPv3  requests.   This
              can be overridden using the -n option.

              If  not  specified,  the  default  value  for  this token is the
              default context (i.e. the empty string "").

       defSecurityModel STRING
              defines the security model to  use  for  SNMPv3  requests.   The
              default  value  is  "usm" which is the only widely used security
              model for SNMPv3.

       defAuthMasterKey 0xHEXSTRING

       defPrivMasterKey 0xHEXSTRING

       defAuthLocalizedKey 0xHEXSTRING

       defPrivLocalizedKey 0xHEXSTRING
              define the (hexadecimal) keys  to  be  used  for  SNMPv3  secure
              communications.   SNMPv3  keys  are  frequently  derived  from a
              passphrase, as discussed in  the  defPassphrase  section  above.
              However  for  improved  security  a  truely  random  key  can be
              generated and used instead  (which  would  normally  has  better
              entropy  than  a  password  unless  it  is amazingly long).  The
              directives are equivalent to the short-form command line options
              -3m, -3M, -3k, and -3K.

              Localized  keys  are  master keys which have been converted to a
              unique key which is only suitable for on particular SNMP  engine
              (agent).   The length of the key needs to be appropriate for the
              authentication or encryption type being used (auth keys:  MD5=16
              bytes,  SHA1=20 bytes; priv keys: DES=16 bytes (8 bytes of which
              is used as an IV and not a key), and AES=16 bytes).

SERVER BEHAVIOUR

       persistentDir DIRECTORY
              defines the directory where snmpd and snmptrapd store persistent
              configuration settings.

              If   not   specified,   the  persistent  directory  defaults  to
              /var/lib/snmp

       noPersistentLoad yes

       noPersistentSave yes
              disable the  loading  and  saving  of  persistent  configuration
              information.

              Note:  This  will  break  SNMPv3 operations (and other behaviour
                     that relies  on  changes  persisting  across  application
                     restart).  Use With Care.

       tempFilePattern PATTERN
              defines  a  filename  template for creating temporary files, for
              handling input to and output from external shell commands.  Used
              by the mkstemp() and mktemp() functions.

              If not specified, the default pattern is /tmp/snmpdXXXXXX.

       serverRecvBuf INTEGER
              specifies  the  desired  size  of  the  buffer  to  be used when
              receiving incoming SNMP requests.  If the OS hard limit is lower
              than  the  serverRecvBuf  value, then this will be used instead.
              Some platforms may decide to increase the  size  of  the  buffer
              actually used for internal housekeeping.

              This directive will be ignored if the platforms does not support
              setsockopt().

       serverSendBuf INTEGER
              is similar to serverRecvBuf, but applies  to  the  size  of  the
              buffer used when sending SNMP responses.

MIB HANDLING

       mibdirs DIRLIST
              specifies  a  list of directories to search for MIB files.  This
              operates in the same way as the -M option - see  snmpcmd(1)  for
              details.   Note that this value can be overridden by the MIBDIRS
              environment variable, and the -M option.

       mibs MIBLIST
              specifies a list of MIB  modules  (not  files)  that  should  be
              loaded.   This  operates  in the same way as the -m option - see
              snmpcmd(1) for details.  Note that this list can  be  overridden
              by the MIBS environment variable, and the -m option.

       mibfile FILE
              specifies  a  (single) MIB file to load, in addition to the list
              read from the mibs token (or  equivalent  configuration).   Note
              that  this  value  can be overridden by the MIBFILES environment
              variable.

       showMibErrors (1|yes|true|0|no|false)
              whether to display MIB parsing errors.

       strictCommentTerm (1|yes|true|0|no|false)
              whether MIB parsing should be strict about comment  termination.
              Many MIB writers assume that ASN.1 comments extend to the end of
              the text line, rather than being terminated  by  the  next  "--"
              token.   This  token  can  be  used  to  accept  such  (strictly
              incorrect) MIBs.
              Note that this directive is  poorly  named,  since  a  value  of
              "true"  will turn off the strict interpretation of MIB comments.

       mibAllowUnderline (1|yes|true|0|no|false)
              whether to allow underline characters in MIB  object  names  and
              enumeration  values.   This  token  can  be  used to accept such
              (strictly incorrect) MIBs.

       mibWarningLevel INTEGER
              the minimum warning level of the warnings  printed  by  the  MIB
              parser.

OUTPUT CONFIGURATION

       logTimestamp (1|yes|true|0|no|false)
              Whether   the   commands   should   log  timestamps  with  their
              error/message logging or not.  Note that output will not look as
              pretty  with  timestamps  if  the  source code that is doing the
              logging does incremental logging of messages that are  not  line
              buffered  before  being  passed  to  the logging routines.  This
              option is only used when file logging is active.

       printNumericEnums (1|yes|true|0|no|false)
              Equivalent to -Oe.

       printNumericOids (1|yes|true|0|no|false)
              Equivalent to -On.

       dontBreakdownOids (1|yes|true|0|no|false)
              Equivalent to -Ob.

       escapeQuotes (1|yes|true|0|no|false)
              Equivalent to -OE.

       quickPrinting (1|yes|true|0|no|false)
              Equivalent to -Oq.

       printValueOnly (1|yes|true|0|no|false)
              Equivalent to -Ov.

       dontPrintUnits (1|yes|true|0|no|false)
              Equivalent to -OU.

       numericTimeticks (1|yes|true|0|no|false)
              Equivalent to -Ot.

       printHexText (1|yes|true|0|no|false)
              Equivalent to -OT.

       hexOutputLength integer
              Specifies where to break up the output of  hexadecimal  strings.
              Set to 0 to disable line breaks.  Defaults to 16.

       suffixPrinting (0|1|2)
              The  value  1 is equivalent to -Os and the value 2 is equivalent
              to -OS.

       oidOutputFormat (1|2|3|4|5|6)
              Maps -O options as follow: -Os=1, -OS=2,  -Of=3,  -On=4,  -Ou=5.
              The value 6 has no matching -O option. It suppresses output.

       extendedIndex (1|yes|true|0|no|false)
              Equivalent to -OX.

       noDisplayHint (1|yes|true|0|no|false)
              Disables  the  use  of  DISPLAY-HINT  information  when  parsing
              indices and values to set. Equivalent to -Ih.

FILES

       /etc/snmp/snmp.conf, /etc/snmp/snmp.local.conf -  common  configuration
       settings
       ~/.snmp/snmp.conf - user-specific configuration settings

SEE ALSO

       snmp_config(5), read_config(3), snmpcmd(1).