mod_snmp
The mod_snmp module implements SNMPv1 and SNMPv2, for monitoring
of proftpd statistics via SNMP.
The mod_snmp does not currently support:
Set requests
The mod_snmp module is contained in the mod_snmp/
directory, is intended for ProFTPD 1.3.4rc3 and later, and is not compiled by
default. Installation instructions are discussed
here.
The most current version of mod_snmp can be found at:
http://www.castaglia.org/proftpd/
Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.
The SNMPAgent directive configures the mod_snmp
module to act as a "master" SNMP agent/entity, or as an AgentX sub-agent.
(Note that the AgentX capability is not currently implemented.)
The ip-address and port parameters configure the address/port
on which mod_snmp will listen for UDP SNMP packets.
Note that the SNMPAgent diretive is required.
The SNMPCommunity directive configures the community
string (effectively a passphrase) used for authenticating SNMPv1 and SNMPv2
messages.
Note that the SNMPCommunity diretive is required.
The SNMPEngine directive controls whether the mod_snmp
will run as an SNMP agent, and handle SNMP messages.
The SNMPLog directive is used to specify a log file for
mod_sNMp's reporting. The file parameter given must be
the full path to the file to use for logging.
Note that this path must not be to a world-writable directory and,
unless AllowLogSymlinks is explicitly set to on
(generally a bad idea), the path must not be a symbolic link.
The SNMPTables directive is used to specify a directory that
mod_snmp will use for storing its database files; these files
are used for tracking the various statistics reported via SNMP.
mod_snmp, go to the third-party module area in
the proftpd source code and unpack the mod_snmp source tarball:
cd proftpd-dir/contrib/ tar zxvf /path/to/mod_snmp-version.tar.gzafter unpacking the latest proftpd-1.3.4 source code. For including
mod_snmp as a staticly linked module:
./configure --enable-openssl --with-modules=mod_sftp ...Alternatively,
mod_snmp can be built as a DSO module:
./configure --enable-dso --enable-openssl --with-shared=mod_snmp ...Then follow the usual steps:
make make install
Access Controls for SNMP Messages
Example:
<Limit SNMP>
Allow from 10.
DenyAll
</Limit>
Example Configuration
Logging
SNMP MIB
Suggested Future Features
When using mod_snmp to handle SNMP requests
Uses a UDP socket, and thus does not require a separate
<IfModule mod_snmp.c>
SNMPEngine on
SNMPLog /etc/proftpd/snmp/snmp.log
# Configure the agent to listen on 1.2.3.4, port 161
SNMPAgent master 1.2.3.4 161
# Configure the SNMP community string
SNMPCommunity MySnmpCommunity
# Configure the directory that mod_snmp will use for its database files
SFTPTables /var/proftpd/snmp
</IfModule>
The mod_snmp module supports different forms of logging. The
main module logging is done via the SNMPLog directive. For
debugging purposes, the module also uses trace logging, via the module-specific "snmp" and
"snmp-db" log channels. Thus for trace logging, to aid in debugging, you
would use the following in your proftpd.conf:
TraceLog /path/to/snmp-trace.log
Trace snmp:20
This trace logging can generate large files; it is intended for debugging
use only, and should be removed from any production configuration.
The MIB provided for proftpd is distributed with the
mod_snmp module source code, and will be installed by default.
It is contained in the "PROFTPD-MIB.txt" file, and uses SMIv2.
The following lists the features I hope to add to mod_snmp,
according to need, demand, inclination, and time:
Author: $Author: tj $
Last Updated: $Date: 2011/10/19 17:03:16 $
© Copyright 2011 TJ Saunders
All Rights Reserved