Provided by: libsnmp-base_5.4.3~dfsg-2.4ubuntu1_all bug

NAME

       snmp.conf - configuration files for the Net-SNMP applications

DESCRIPTION

       Applications  built  using  the Net-SNMP libraries typically use one or more configuration
       files to  control  various  aspects  of  their  operation.   These  files  (snmp.conf  and
       snmp.local.conf)  can  be  located  in  one  of  several  locations,  as  described in the
       snmp_config(5) manual page.

       In particular, /etc/snmp/snmp.conf is a common file, containing the settings shared by all
       users  of the system.  ~/.snmp/snmp.conf is a personal file, with the settings specific to
       a particular user.

IMPORTANT NOTE

       Several of these directives may contain sensitive  information  (such  as  pass  phrases).
       Configuration  files  that  include  such  settings  should  only  be readable by the user
       concerned.

       As well as application-specific configuration tokens, there are  several  directives  that
       relate  to  standard  library  behaviour, relevant to most Net-SNMP applications.  Many of
       these correspond to standard command-line options, which are described in  the  snmpcmd(1)
       manual page.

       These directives can be divided into several distinct groups.

CLIENT BEHAVIOUR

       defDomain application domain
              The  transport  domain  that  should  be used for a certain application type unless
              something else is specified.

       defTarget application domain target
              The target that should be used for connections to  a  certain  application  if  the
              connection should be in a specific domain.

       defaultPort PORT
              defines  the default UDP port that client SNMP applications will attempt to connect
              to.  This can be overridden by explicitly including a  port  number  in  the  AGENT
              specification.  See the snmpcmd(1) manual page for more details.

              If not specified, the default value for this token is 161.

       defVersion (1|2c|3)
              defines  the  default  version of SNMP to use.  This can be overridden using the -v
              option.

       defCommunity STRING
              defines the default community to use for SNMPv1 and SNMPv2c requests.  This can  be
              overridden using the -c option.

       dumpPacket yes
              defines  whether  to  display  a hexadecimal dump of the raw SNMP requests sent and
              received by the application.  This is equivalent to the -d option.

       doDebugging (1|0)
              turns on debugging for all applications run if set to 1.

       debugTokens TOKEN[,TOKEN...]
              defines the debugging tokens that should be turned  on  when  doDebugging  is  set.
              This is equivalent to the -D option.

       16bitIDs yes
              restricts requestIDs, etc to 16-bit values.

              The  SNMP  specifications define these ID fields as 32-bit quantities, and the Net-
              SNMP library typically initialises them to random  values  for  security.   However
              certain  (broken)  agents  cannot  handle ID values greater than 2^16 - this option
              allows interoperability with such agents.

       clientaddr [<transport-specifier>:]<transport-address>
              specifies the source address to be used by command-line applications  when  sending
              SNMP requests. See snmpcmd(1) for more information about the format of addresses.

              This value is also used by snmpd when generating notifications.

       clientRecvBuf INTEGER
              specifies  the  desired  size  of the buffer to be used when receiving responses to
              SNMP requests.  If the OS hard limit is lower than the  clientRecvBuf  value,  then
              this  will  be used instead.  Some platforms may decide to increase the size of the
              buffer actually used for internal housekeeping.

              This directive will be ignored if the platforms does not support setsockopt().

       clientSendBuf INTEGER
              is similar to clientRecvBuf, but applies to  the  size  of  the  buffer  used  when
              sending SNMP requests.

       noRangeCheck yes
              disables  the  validation  of  varbind  values  against  the MIB definition for the
              relevant OID.  This is equivalent to the -Ir option.

              This directive is primarily relevant to the snmpset command, but will also apply to
              any application that calls snmp_add_var() with a non-NULL value.

       noTokenWarnings
              disables warnings about unknown config file tokens.

       reverseEncodeBER (1|yes|true|0|no|false)
              controls how the encoding of SNMP requests is handled.

              The  default  behaviour  is  to encode packets starting from the end of the PDU and
              working backwards.  This directive can be used to disable this behaviour, and build
              the encoded request in the (more obvious) forward direction.

              It  should  not  normally  be  necessary to change this setting, as the encoding is
              basically the same in either case - but  working  backwards  typically  produces  a
              slightly more efficient encoding, and hence a smaller network datagram.

SNMPv3 SETTINGS

       defSecurityName STRING
              defines  the  default  security  name  to  use  for  SNMPv3  requests.  This can be
              overridden using the -u option.

       defSecurityLevel noAuthNoPriv|authNoPriv|authPriv
              defines the default security level  to  use  for  SNMPv3  requests.   This  can  be
              overridden using the -l option.

              If not specified, the default value for this token is noAuthNoPriv.

              Note:  authPriv  is  only  available  if  the software has been compiled to use the
                     OpenSSL libraries.

       defPassphrase STRING

       defAuthPassphrase STRING

       defPrivPassphrase STRING
              define the default authentication and  privacy  pass  phrases  to  use  for  SNMPv3
              requests.  These can be overridden using the -A and -X options respectively.

              The  defPassphrase  value  will  be used for the authentication and/or privacy pass
              phrases if either of the other directives are not specified.

       defAuthType MD5|SHA

       defPrivType DES|AES
              define the default authentication and privacy protocols to use for SNMPv3 requests.
              These can be overridden using the -a and -x options respectively.

              If  not  specified,  SNMPv3  requests  will  default  to MD5 authentication and DES
              encryption.

              Note:  If the software has not been compiled to use  the  OpenSSL  libraries,  then
                     only  MD5  authentication  is supported.  Neither SHA authentication nor any
                     form of encryption will be available.

       defContext STRING
              defines the default context to use for SNMPv3 requests.   This  can  be  overridden
              using the -n option.

              If not specified, the default value for this token is the default context (i.e. the
              empty string "").

       defSecurityModel STRING
              defines the security model to use for SNMPv3 requests.  The default value is  "usm"
              which is the only widely used security model for SNMPv3.

       defAuthMasterKey 0xHEXSTRING

       defPrivMasterKey 0xHEXSTRING

       defAuthLocalizedKey 0xHEXSTRING

       defPrivLocalizedKey 0xHEXSTRING
              define  the (hexadecimal) keys to be used for SNMPv3 secure communications.  SNMPv3
              keys are frequently derived from a passphrase, as discussed  in  the  defPassphrase
              section  above.  However for improved security a truely random key can be generated
              and used instead (which would normally has better entropy than a password unless it
              is  amazingly  long).  The directives are equivalent to the short-form command line
              options -3m, -3M, -3k, and -3K.

              Localized keys are master keys which have been converted to a unique key  which  is
              only  suitable  for on particular SNMP engine (agent).  The length of the key needs
              to be appropriate for the authentication or encryption type being used (auth  keys:
              MD5=16  bytes,  SHA1=20 bytes; priv keys: DES=16 bytes (8 bytes of which is used as
              an IV and not a key), and AES=16 bytes).

SERVER BEHAVIOUR

       persistentDir DIRECTORY
              defines the directory where snmpd  and  snmptrapd  store  persistent  configuration
              settings.

              If not specified, the persistent directory defaults to /var/lib/snmp

       noPersistentLoad yes

       noPersistentSave yes
              disable the loading and saving of persistent configuration information.

              Note:  This  will  break  SNMPv3  operations  (and  other  behaviour that relies on
                     changes persisting across application restart).  Use With Care.

       tempFilePattern PATTERN
              defines a filename template for creating temporary files, for handling input to and
              output from external shell commands.  Used by the mkstemp() and mktemp() functions.

              If not specified, the default pattern is /tmp/snmpdXXXXXX.

       serverRecvBuf INTEGER
              specifies  the  desired  size of the buffer to be used when receiving incoming SNMP
              requests.  If the OS hard limit is lower than the serverRecvBuf  value,  then  this
              will be used instead.  Some platforms may decide to increase the size of the buffer
              actually used for internal housekeeping.

              This directive will be ignored if the platforms does not support setsockopt().

       serverSendBuf INTEGER
              is similar to serverRecvBuf, but applies to  the  size  of  the  buffer  used  when
              sending SNMP responses.

MIB HANDLING

       mibdirs DIRLIST
              specifies a list of directories to search for MIB files.  This operates in the same
              way as the -M option - see snmpcmd(1) for details.  Note that  this  value  can  be
              overridden by the MIBDIRS environment variable, and the -M option.

       mibs MIBLIST
              specifies  a  list of MIB modules (not files) that should be loaded.  This operates
              in the same way as the -m option - see snmpcmd(1) for details.  Note that this list
              can be overridden by the MIBS environment variable, and the -m option.

       mibfile FILE
              specifies  a  (single) MIB file to load, in addition to the list read from the mibs
              token (or equivalent configuration).  Note that this value can be overridden by the
              MIBFILES environment variable.

       showMibErrors (1|yes|true|0|no|false)
              whether to display MIB parsing errors.

       strictCommentTerm (1|yes|true|0|no|false)
              whether  MIB  parsing should be strict about comment termination.  Many MIB writers
              assume that ASN.1 comments extend to the end of the text line,  rather  than  being
              terminated by the next "--" token.  This token can be used to accept such (strictly
              incorrect) MIBs.
              Note that this directive is poorly named, since a value of "true" will turn off the
              strict interpretation of MIB comments.

       mibAllowUnderline (1|yes|true|0|no|false)
              whether  to  allow underline characters in MIB object names and enumeration values.
              This token can be used to accept such (strictly incorrect) MIBs.

       mibWarningLevel INTEGER
              the minimum warning level of the warnings printed by the MIB parser.

OUTPUT CONFIGURATION

       logTimestamp (1|yes|true|0|no|false)
              Whether the commands should log timestamps with their error/message logging or not.
              Note that output will not look as pretty with timestamps if the source code that is
              doing the logging does incremental logging of messages that are not  line  buffered
              before  being  passed  to the logging routines.  This option is only used when file
              logging is active.

       printNumericEnums (1|yes|true|0|no|false)
              Equivalent to -Oe.

       printNumericOids (1|yes|true|0|no|false)
              Equivalent to -On.

       dontBreakdownOids (1|yes|true|0|no|false)
              Equivalent to -Ob.

       escapeQuotes (1|yes|true|0|no|false)
              Equivalent to -OE.

       quickPrinting (1|yes|true|0|no|false)
              Equivalent to -Oq.

       printValueOnly (1|yes|true|0|no|false)
              Equivalent to -Ov.

       dontPrintUnits (1|yes|true|0|no|false)
              Equivalent to -OU.

       numericTimeticks (1|yes|true|0|no|false)
              Equivalent to -Ot.

       printHexText (1|yes|true|0|no|false)
              Equivalent to -OT.

       hexOutputLength integer
              Specifies where to break up the output of hexadecimal strings.  Set to 0 to disable
              line breaks.  Defaults to 16.

       suffixPrinting (0|1|2)
              The value 1 is equivalent to -Os and the value 2 is equivalent to -OS.

       oidOutputFormat (1|2|3|4|5|6)
              Maps  -O  options as follow: -Os=1, -OS=2, -Of=3, -On=4, -Ou=5.  The value 6 has no
              matching -O option. It suppresses output.

       extendedIndex (1|yes|true|0|no|false)
              Equivalent to -OX.

       noDisplayHint (1|yes|true|0|no|false)
              Disables the use of DISPLAY-HINT information when parsing  indices  and  values  to
              set. Equivalent to -Ih.

FILES

       /etc/snmp/snmp.conf, /etc/snmp/snmp.local.conf - common configuration settings
       ~/.snmp/snmp.conf - user-specific configuration settings

SEE ALSO

       snmp_config(5), read_config(3), snmpcmd(1).