From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Wang Mingyu Date: Tue, 10 Sep 2019 18:20:14 -0700 Message-ID: <1568164814-124043-2-git-send-email-wangmy@cn.fujitsu.com> In-Reply-To: <1568164814-124043-1-git-send-email-wangmy@cn.fujitsu.com> References: <1568164814-124043-1-git-send-email-wangmy@cn.fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Fuego] [PATCH] net-snmp: Add test cases for Net-SNMP. List-Id: Mailing list for the Fuego test framework List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: fuego@lists.linuxfoundation.org Net-SNMP is a suite of applications used to implement SNMP. This test set is used to check applications of SNMP to monitor the health and welfare of network/computer/device equipment. Signed-off-by: Wang Mingyu --- tests/Functional.net-snmp/data/bind9/hosts | 3 + .../data/net-snmp/snmpd.conf | 480 +++++++++++++++++ .../data/net-snmp/x86_64-snmpd.conf | 482 ++++++++++++++++++ tests/Functional.net-snmp/fuego_test.sh | 29 ++ tests/Functional.net-snmp/net-snmp_test.sh | 7 + tests/Functional.net-snmp/spec.json | 6 + tests/Functional.net-snmp/test.yaml | 25 + tests/Functional.net-snmp/tests/snmpd_ps.sh | 52 ++ .../Functional.net-snmp/tests/snmpd_snmpdf.sh | 48 ++ .../tests/snmpd_snmpget.sh | 43 ++ .../tests/snmpd_snmpgetnext.sh | 43 ++ .../tests/snmpd_snmpset.sh | 43 ++ .../tests/snmpd_snmptranslate.sh | 43 ++ .../tests/snmpd_snmpwalk.sh | 43 ++ .../Functional.net-snmp/tests/snmpd_syslog.sh | 54 ++ .../tests/snmpd_syslog_ip.sh | 67 +++ .../tests/snmptrapd_coldstart.sh | 55 ++ .../Functional.net-snmp/tests/snmptrapd_ps.sh | 53 ++ .../tests/snmptrapd_syslog.sh | 53 ++ .../tests/snmptrapd_warmstart.sh | 55 ++ 20 files changed, 1684 insertions(+) create mode 100644 tests/Functional.net-snmp/data/bind9/hosts create mode 100644 tests/Functional.net-snmp/data/net-snmp/snmpd.conf create mode 100644 tests/Functional.net-snmp/data/net-snmp/x86_64-snmpd.conf create mode 100644 tests/Functional.net-snmp/fuego_test.sh create mode 100755 tests/Functional.net-snmp/net-snmp_test.sh create mode 100644 tests/Functional.net-snmp/spec.json create mode 100644 tests/Functional.net-snmp/test.yaml create mode 100644 tests/Functional.net-snmp/tests/snmpd_ps.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmpdf.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmpget.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmpgetnext.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmpset.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmptranslate.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_snmpwalk.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_syslog.sh create mode 100644 tests/Functional.net-snmp/tests/snmpd_syslog_ip.sh create mode 100644 tests/Functional.net-snmp/tests/snmptrapd_coldstart.sh create mode 100644 tests/Functional.net-snmp/tests/snmptrapd_ps.sh create mode 100644 tests/Functional.net-snmp/tests/snmptrapd_syslog.sh create mode 100644 tests/Functional.net-snmp/tests/snmptrapd_warmstart.sh diff --git a/tests/Functional.net-snmp/data/bind9/hosts b/tests/Functional.net-snmp/data/bind9/hosts new file mode 100644 index 0000000..c7b9f21 --- /dev/null +++ b/tests/Functional.net-snmp/data/bind9/hosts @@ -0,0 +1,3 @@ +# /etc/hosts test +# +127.0.0.1 localhost.localdomain localhost diff --git a/tests/Functional.net-snmp/data/net-snmp/snmpd.conf b/tests/Functional.net-snmp/data/net-snmp/snmpd.conf new file mode 100644 index 0000000..f12fe33 --- /dev/null +++ b/tests/Functional.net-snmp/data/net-snmp/snmpd.conf @@ -0,0 +1,480 @@ +############################################################################### +# +# snmpd.conf: +# An example configuration file for configuring the ucd-snmp snmpd agent. +# +############################################################################### +# +# This file is intended to only be as a starting point. Many more +# configuration directives exist than are mentioned in this file. For +# full details, see the snmpd.conf(5) manual page. +# +# All lines beginning with a '#' are comments and are intended for you +# to read. All other lines are configuration commands for the agent. + +############################################################################### +# Access Control +############################################################################### + +# As shipped, the snmpd demon will only respond to queries on the +# system mib group until this file is replaced or modified for +# security purposes. Examples are shown below about how to increase the +# level of access. + +# By far, the most common question I get about the agent is "why won't +# it work?", when really it should be "how do I configure the agent to +# allow me to access it?" +# +# By default, the agent responds to the "public" community for read +# only access, if run out of the box without any configuration file in +# place. The following examples show you other ways of configuring +# the agent so that you can change the community names, and give +# yourself write access to the mib tree as well. +# +# For more information, read the FAQ as well as the snmpd.conf(5) +# manual page. + +#### +# First, map the community name "public" into a "security name" + +# sec.name source community +#com2sec notConfigUser default public + +# added community +com2sec xfile SRV_IP/32 RWIINCOM +com2sec xfile localhost RWIINCOM +com2sec yfile 192.168.246.0/24 ROIINCOM + +#### +# Second, map the security name into a group name: + +# groupName securityModel securityName +#group notConfigGroup v1 notConfigUser +#group notConfigGroup v2c notConfigUser + +# added +group RWACCESS v1 xfile +group RWACCESS v2c xfile +group RWACCESS usm xfile +group ROACCESS v1 yfile +group ROACCESS v2c yfile +group ROACCESS usm yfile + +#### +# Third, create a view for us to let the group have rights to: + +# Make at least snmpwalk -v 1 localhost -c public system fast again. +# name incl/excl subtree mask(optional) +#view systemview included .1.3.6.1.2.1.1 +#view systemview included .1.3.6.1.2.1.25.1.1 + +# added +view iin_all included .1 80 +view iin_ucdmib included .1.3.6.1.4.1.2021 fe +view iin_mib2 included .1.3.6.1.2.1 fc + +#### +# Finally, grant the group read-only access to the systemview view. + +# group context sec.model sec.level prefix read write notif +#access notConfigGroup "" any noauth exact systemview none none + +# added +access RWACCESS "" any noauth exact iin_all iin_all none +access ROACCESS "" any noauth exact iin_all none none + +# ----------------------------------------------------------------------------- + +# Here is a commented out example configuration that allows less +# restrictive access. + +# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY +# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO +# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE. + +## sec.name source community +#com2sec local localhost COMMUNITY +#com2sec mynetwork NETWORK/24 COMMUNITY + +## group.name sec.model sec.name +#group MyRWGroup any local +#group MyROGroup any mynetwork +# +#group MyRWGroup any otherv3user +#... + +## incl/excl subtree mask +#view all included .1 80 + +## -or just the mib2 tree- + +#view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc + + +## context sec.model sec.level prefix read write notif +#access MyROGroup "" any noauth 0 all none none +#access MyRWGroup "" any noauth 0 all all all + + +############################################################################### +# Sample configuration to make net-snmpd RFC 1213. +# Unfortunately v1 and v2c don't allow any user based authentification, so +# opening up the default config is not an option from a security point. +# +# WARNING: If you uncomment the following lines you allow write access to your +# snmpd daemon from any source! To avoid this use different names for your +# community or split out the write access to a different community and +# restrict it to your local network. +# Also remember to comment the syslocation and syscontact parameters later as +# otherwise they are still read only (see FAQ for net-snmp). +# + +# First, map the community name "public" into a "security name" +# sec.name source community +#com2sec notConfigUser default public + +# Second, map the security name into a group name: +# groupName securityModel securityName +#group notConfigGroup v1 notConfigUser +#group notConfigGroup v2c notConfigUser + +# Third, create a view for us to let the group have rights to: +# Open up the whole tree for ro, make the RFC 1213 required ones rw. +# name incl/excl subtree mask(optional) +#view roview included .1 +#view rwview included system.sysContact +#view rwview included system.sysName +#view rwview included system.sysLocation +#view rwview included interfaces.ifTable.ifEntry.ifAdminStatus +#view rwview included at.atTable.atEntry.atPhysAddress +#view rwview included at.atTable.atEntry.atNetAddress +#view rwview included ip.ipForwarding +#view rwview included ip.ipDefaultTTL +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5 +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType +#view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState +#view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger +#view rwview included snmp.snmpEnableAuthenTraps + +# Finally, grant the group read-only access to the systemview view. +# group context sec.model sec.level prefix read write notif +#access notConfigGroup "" any noauth exact roview rwview none + + + +############################################################################### +# System contact information +# + +# It is also possible to set the sysContact and sysLocation system +# variables through the snmpd.conf file: + +#syslocation Unknown (edit /etc/snmp/snmpd.conf) +# added +syslocation localhost + +syscontact Root (configure /etc/snmp/snmp.local.conf) + +# Example output of snmpwalk: +# % snmpwalk -v 1 localhost -c public system +# system.sysDescr.0 = "SunOS name sun4c" +# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4 +# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55 +# system.sysContact.0 = "Me " +# system.sysName.0 = "name" +# system.sysLocation.0 = "Right here, right now." +# system.sysServices.0 = 72 + + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Process checks. +# +# The following are examples of how to use the agent to check for +# processes running on the host. The syntax looks something like: +# +# proc NAME [MAX=0] [MIN=0] +# +# NAME: the name of the process to check for. It must match +# exactly (ie, http will not find httpd processes). +# MAX: the maximum number allowed to be running. Defaults to 0. +# MIN: the minimum number to be running. Defaults to 0. + +# +# Examples (commented out by default): +# + +# Make sure mountd is running +#proc mountd + +# Make sure there are no more than 4 ntalkds running, but 0 is ok too. +#proc ntalkd 4 + +# Make sure at least one sendmail, but less than or equal to 10 are running. +#proc sendmail 10 1 + +# A snmpwalk of the process mib tree would look something like this: +# +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2 +# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1 +# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2 +# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3 +# enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd" +# enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd" +# enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail" +# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1 +# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prMax.2 = 4 +# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10 +# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running." +# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = "" +# enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = "" +# enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0 +# +# Note that the errorFlag for mountd is set to 1 because one is not +# running (in this case an rpc.mountd is, but thats not good enough), +# and the ErrMessage tells you what's wrong. The configuration +# imposed in the snmpd.conf file is also shown. +# +# Special Case: When the min and max numbers are both 0, it assumes +# you want a max of infinity and a min of 1. +# + + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Executables/scripts +# + +# +# You can also have programs run by the agent that return a single +# line of output and an exit code. Here are two examples. +# +# exec NAME PROGRAM [ARGS ...] +# +# NAME: A generic name. +# PROGRAM: The program to run. Include the path! +# ARGS: optional arguments to be passed to the program + +# a simple hello world + +#exec echotest /bin/echo hello world + +# Run a shell script containing: +# +# #!/bin/sh +# echo hello world +# echo hi there +# exit 35 +# +# Note: this has been specifically commented out to prevent +# accidental security holes due to someone else on your system writing +# a /tmp/shtest before you do. Uncomment to use it. +# +#exec shelltest /bin/sh /tmp/shtest + +# Then, +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.8 +# enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1 +# enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2 +# enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest" +# enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest" +# enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/bin/echo hello world" +# enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/bin/sh /tmp/shtest" +# enterprises.ucdavis.extTable.extEntry.extResult.1 = 0 +# enterprises.ucdavis.extTable.extEntry.extResult.2 = 35 +# enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world." +# enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world." +# enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0 +# enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0 + +# Note that the second line of the /tmp/shtest shell script is cut +# off. Also note that the exit status of 35 was returned. + +# ----------------------------------------------------------------------------- + + +############################################################################### +# disk checks +# + +# The agent can check the amount of available disk space, and make +# sure it is above a set limit. + +# disk PATH [MIN=100000] +# +# PATH: mount path to the disk in question. +# MIN: Disks with space below this value will have the Mib's errorFlag set. +# Default value = 100000. + +# Check the / partition and make sure it contains at least 10 megs. + +#disk / 10000 + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9 +# enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0 +# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F +# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0" +# enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000 +# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130 +# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325 +# enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092 +# enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58 +# enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0 +# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = "" + +# ----------------------------------------------------------------------------- + + +############################################################################### +# load average checks +# + +# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0] +# +# 1MAX: If the 1 minute load average is above this limit at query +# time, the errorFlag will be set. +# 5MAX: Similar, but for 5 min average. +# 15MAX: Similar, but for 15 min average. + +# Check for loads: +#load 12 14 14 + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3 +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1" +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5" +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15" +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "0.49" Hex: 30 2E 34 39 +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "0.31" Hex: 30 2E 33 31 +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.26" Hex: 30 2E 32 36 +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = "" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = "" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = "" + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Extensible sections. +# + +# This alleviates the multiple line output problem found in the +# previous executable mib by placing each mib in its own mib table: + +# Run a shell script containing: +# +# #!/bin/sh +# echo hello world +# echo hi there +# exit 35 +# +# Note: this has been specifically commented out to prevent +# accidental security holes due to someone else on your system writing +# a /tmp/shtest before you do. Uncomment to use it. +# +# exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.50 +# enterprises.ucdavis.50.1.1 = 1 +# enterprises.ucdavis.50.2.1 = "shelltest" +# enterprises.ucdavis.50.3.1 = "/bin/sh /tmp/shtest" +# enterprises.ucdavis.50.100.1 = 35 +# enterprises.ucdavis.50.101.1 = "hello world." +# enterprises.ucdavis.50.101.2 = "hi there." +# enterprises.ucdavis.50.102.1 = 0 + +# Now the Output has grown to two lines, and we can see the 'hi +# there.' output as the second line from our shell script. +# +# Note that you must alter the mib.txt file to be correct if you want +# the .50.* outputs above to change to reasonable text descriptions. + +# Other ideas: +# +# exec .1.3.6.1.4.1.2021.51 ps /bin/ps +# exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top +# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Pass through control. +# + +# Usage: +# pass MIBOID EXEC-COMMAND +# +# This will pass total control of the mib underneath the MIBOID +# portion of the mib to the EXEC-COMMAND. +# +# Note: You'll have to change the path of the passtest script to your +# source directory or install it in the given location. +# +# Example: (see the script for details) +# (commented out here since it requires that you place the +# script in the right location. (its not installed by default)) + +# pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255 +# enterprises.ucdavis.255.1 = "life the universe and everything" +# enterprises.ucdavis.255.2.1 = 42 +# enterprises.ucdavis.255.2.2 = OID: 42.42.42 +# enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42 +# enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1 +# enterprises.ucdavis.255.5 = 42 +# enterprises.ucdavis.255.6 = Gauge: 42 +# +# % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5 +# enterprises.ucdavis.255.5 = 42 +# +# % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s "New string" +# enterprises.ucdavis.255.1 = "New string" +# + +# For specific usage information, see the man/snmpd.conf.5 manual page +# as well as the local/passtest script used in the above example. + +# Added for support of bcm5820 cards. +pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat + +############################################################################### +# Further Information +# +# See the snmpd.conf manual page, and the output of "snmpd -H". diff --git a/tests/Functional.net-snmp/data/net-snmp/x86_64-snmpd.conf b/tests/Functional.net-snmp/data/net-snmp/x86_64-snmpd.conf new file mode 100644 index 0000000..5712628 --- /dev/null +++ b/tests/Functional.net-snmp/data/net-snmp/x86_64-snmpd.conf @@ -0,0 +1,482 @@ +############################################################################### +# +# snmpd.conf: +# An example configuration file for configuring the ucd-snmp snmpd agent. +# +############################################################################### +# +# This file is intended to only be as a starting point. Many more +# configuration directives exist than are mentioned in this file. For +# full details, see the snmpd.conf(5) manual page. +# +# All lines beginning with a '#' are comments and are intended for you +# to read. All other lines are configuration commands for the agent. + +############################################################################### +# Access Control +############################################################################### + +# As shipped, the snmpd demon will only respond to queries on the +# system mib group until this file is replaced or modified for +# security purposes. Examples are shown below about how to increase the +# level of access. + +# By far, the most common question I get about the agent is "why won't +# it work?", when really it should be "how do I configure the agent to +# allow me to access it?" +# +# By default, the agent responds to the "public" community for read +# only access, if run out of the box without any configuration file in +# place. The following examples show you other ways of configuring +# the agent so that you can change the community names, and give +# yourself write access to the mib tree as well. +# +# For more information, read the FAQ as well as the snmpd.conf(5) +# manual page. + +#### +# First, map the community name "public" into a "security name" + +# sec.name source community +#com2sec notConfigUser default public + +# added community +com2sec xfile 192.168.0.1/32 RWIINCOM +com2sec xfile localhost RWIINCOM +com2sec xfile 192.168.246.0/24 RWIINCOM +com2sec yfile 192.168.0.0/24 ROIINCOM +com2sec yfile 192.168.246.0/24 ROIINCOM + +#### +# Second, map the security name into a group name: + +# groupName securityModel securityName +#group notConfigGroup v1 notConfigUser +#group notConfigGroup v2c notConfigUser + +# added +group RWACCESS v1 xfile +group RWACCESS v2c xfile +group RWACCESS usm xfile +group ROACCESS v1 yfile +group ROACCESS v2c yfile +group ROACCESS usm yfile + +#### +# Third, create a view for us to let the group have rights to: + +# Make at least snmpwalk -v 1 localhost -c public system fast again. +# name incl/excl subtree mask(optional) +#view systemview included .1.3.6.1.2.1.1 +#view systemview included .1.3.6.1.2.1.25.1.1 + +# added +view iin_all included .1 80 +view iin_ucdmib included .1.3.6.1.4.1.2021 fe +view iin_mib2 included .1.3.6.1.2.1 fc + +#### +# Finally, grant the group read-only access to the systemview view. + +# group context sec.model sec.level prefix read write notif +#access notConfigGroup "" any noauth exact systemview none none + +# added +access RWACCESS "" any noauth exact iin_all iin_all none +access ROACCESS "" any noauth exact iin_all none none + +# ----------------------------------------------------------------------------- + +# Here is a commented out example configuration that allows less +# restrictive access. + +# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY +# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO +# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE. + +## sec.name source community +#com2sec local localhost COMMUNITY +#com2sec mynetwork NETWORK/24 COMMUNITY + +## group.name sec.model sec.name +#group MyRWGroup any local +#group MyROGroup any mynetwork +# +#group MyRWGroup any otherv3user +#... + +## incl/excl subtree mask +#view all included .1 80 + +## -or just the mib2 tree- + +#view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc + + +## context sec.model sec.level prefix read write notif +#access MyROGroup "" any noauth 0 all none none +#access MyRWGroup "" any noauth 0 all all all + + +############################################################################### +# Sample configuration to make net-snmpd RFC 1213. +# Unfortunately v1 and v2c don't allow any user based authentification, so +# opening up the default config is not an option from a security point. +# +# WARNING: If you uncomment the following lines you allow write access to your +# snmpd daemon from any source! To avoid this use different names for your +# community or split out the write access to a different community and +# restrict it to your local network. +# Also remember to comment the syslocation and syscontact parameters later as +# otherwise they are still read only (see FAQ for net-snmp). +# + +# First, map the community name "public" into a "security name" +# sec.name source community +#com2sec notConfigUser default public + +# Second, map the security name into a group name: +# groupName securityModel securityName +#group notConfigGroup v1 notConfigUser +#group notConfigGroup v2c notConfigUser + +# Third, create a view for us to let the group have rights to: +# Open up the whole tree for ro, make the RFC 1213 required ones rw. +# name incl/excl subtree mask(optional) +#view roview included .1 +#view rwview included system.sysContact +#view rwview included system.sysName +#view rwview included system.sysLocation +#view rwview included interfaces.ifTable.ifEntry.ifAdminStatus +#view rwview included at.atTable.atEntry.atPhysAddress +#view rwview included at.atTable.atEntry.atNetAddress +#view rwview included ip.ipForwarding +#view rwview included ip.ipDefaultTTL +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4 +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask +#view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5 +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress +#view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType +#view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState +#view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger +#view rwview included snmp.snmpEnableAuthenTraps + +# Finally, grant the group read-only access to the systemview view. +# group context sec.model sec.level prefix read write notif +#access notConfigGroup "" any noauth exact roview rwview none + + + +############################################################################### +# System contact information +# + +# It is also possible to set the sysContact and sysLocation system +# variables through the snmpd.conf file: + +#syslocation Unknown (edit /etc/snmp/snmpd.conf) +# added +syslocation localhost + +syscontact Root (configure /etc/snmp/snmp.local.conf) + +# Example output of snmpwalk: +# % snmpwalk -v 1 localhost -c public system +# system.sysDescr.0 = "SunOS name sun4c" +# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4 +# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55 +# system.sysContact.0 = "Me " +# system.sysName.0 = "name" +# system.sysLocation.0 = "Right here, right now." +# system.sysServices.0 = 72 + + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Process checks. +# +# The following are examples of how to use the agent to check for +# processes running on the host. The syntax looks something like: +# +# proc NAME [MAX=0] [MIN=0] +# +# NAME: the name of the process to check for. It must match +# exactly (ie, http will not find httpd processes). +# MAX: the maximum number allowed to be running. Defaults to 0. +# MIN: the minimum number to be running. Defaults to 0. + +# +# Examples (commented out by default): +# + +# Make sure mountd is running +#proc mountd + +# Make sure there are no more than 4 ntalkds running, but 0 is ok too. +#proc ntalkd 4 + +# Make sure at least one sendmail, but less than or equal to 10 are running. +#proc sendmail 10 1 + +# A snmpwalk of the process mib tree would look something like this: +# +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2 +# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1 +# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2 +# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3 +# enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd" +# enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd" +# enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail" +# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1 +# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prMax.2 = 4 +# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10 +# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running." +# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = "" +# enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = "" +# enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0 +# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0 +# +# Note that the errorFlag for mountd is set to 1 because one is not +# running (in this case an rpc.mountd is, but thats not good enough), +# and the ErrMessage tells you what's wrong. The configuration +# imposed in the snmpd.conf file is also shown. +# +# Special Case: When the min and max numbers are both 0, it assumes +# you want a max of infinity and a min of 1. +# + + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Executables/scripts +# + +# +# You can also have programs run by the agent that return a single +# line of output and an exit code. Here are two examples. +# +# exec NAME PROGRAM [ARGS ...] +# +# NAME: A generic name. +# PROGRAM: The program to run. Include the path! +# ARGS: optional arguments to be passed to the program + +# a simple hello world + +#exec echotest /bin/echo hello world + +# Run a shell script containing: +# +# #!/bin/sh +# echo hello world +# echo hi there +# exit 35 +# +# Note: this has been specifically commented out to prevent +# accidental security holes due to someone else on your system writing +# a /tmp/shtest before you do. Uncomment to use it. +# +#exec shelltest /bin/sh /tmp/shtest + +# Then, +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.8 +# enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1 +# enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2 +# enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest" +# enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest" +# enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/bin/echo hello world" +# enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/bin/sh /tmp/shtest" +# enterprises.ucdavis.extTable.extEntry.extResult.1 = 0 +# enterprises.ucdavis.extTable.extEntry.extResult.2 = 35 +# enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world." +# enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world." +# enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0 +# enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0 + +# Note that the second line of the /tmp/shtest shell script is cut +# off. Also note that the exit status of 35 was returned. + +# ----------------------------------------------------------------------------- + + +############################################################################### +# disk checks +# + +# The agent can check the amount of available disk space, and make +# sure it is above a set limit. + +# disk PATH [MIN=100000] +# +# PATH: mount path to the disk in question. +# MIN: Disks with space below this value will have the Mib's errorFlag set. +# Default value = 100000. + +# Check the / partition and make sure it contains at least 10 megs. + +#disk / 10000 + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9 +# enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0 +# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F +# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0" +# enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000 +# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130 +# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325 +# enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092 +# enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58 +# enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0 +# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = "" + +# ----------------------------------------------------------------------------- + + +############################################################################### +# load average checks +# + +# load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0] +# +# 1MAX: If the 1 minute load average is above this limit at query +# time, the errorFlag will be set. +# 5MAX: Similar, but for 5 min average. +# 15MAX: Similar, but for 15 min average. + +# Check for loads: +#load 12 14 14 + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2 +# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3 +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1" +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5" +# enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15" +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "0.49" Hex: 30 2E 34 39 +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "0.31" Hex: 30 2E 33 31 +# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.26" Hex: 30 2E 32 36 +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14.00" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0 +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = "" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = "" +# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = "" + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Extensible sections. +# + +# This alleviates the multiple line output problem found in the +# previous executable mib by placing each mib in its own mib table: + +# Run a shell script containing: +# +# #!/bin/sh +# echo hello world +# echo hi there +# exit 35 +# +# Note: this has been specifically commented out to prevent +# accidental security holes due to someone else on your system writing +# a /tmp/shtest before you do. Uncomment to use it. +# +# exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.50 +# enterprises.ucdavis.50.1.1 = 1 +# enterprises.ucdavis.50.2.1 = "shelltest" +# enterprises.ucdavis.50.3.1 = "/bin/sh /tmp/shtest" +# enterprises.ucdavis.50.100.1 = 35 +# enterprises.ucdavis.50.101.1 = "hello world." +# enterprises.ucdavis.50.101.2 = "hi there." +# enterprises.ucdavis.50.102.1 = 0 + +# Now the Output has grown to two lines, and we can see the 'hi +# there.' output as the second line from our shell script. +# +# Note that you must alter the mib.txt file to be correct if you want +# the .50.* outputs above to change to reasonable text descriptions. + +# Other ideas: +# +# exec .1.3.6.1.4.1.2021.51 ps /bin/ps +# exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top +# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq + +# ----------------------------------------------------------------------------- + + +############################################################################### +# Pass through control. +# + +# Usage: +# pass MIBOID EXEC-COMMAND +# +# This will pass total control of the mib underneath the MIBOID +# portion of the mib to the EXEC-COMMAND. +# +# Note: You'll have to change the path of the passtest script to your +# source directory or install it in the given location. +# +# Example: (see the script for details) +# (commented out here since it requires that you place the +# script in the right location. (its not installed by default)) + +# pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest + +# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255 +# enterprises.ucdavis.255.1 = "life the universe and everything" +# enterprises.ucdavis.255.2.1 = 42 +# enterprises.ucdavis.255.2.2 = OID: 42.42.42 +# enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42 +# enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1 +# enterprises.ucdavis.255.5 = 42 +# enterprises.ucdavis.255.6 = Gauge: 42 +# +# % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5 +# enterprises.ucdavis.255.5 = 42 +# +# % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s "New string" +# enterprises.ucdavis.255.1 = "New string" +# + +# For specific usage information, see the man/snmpd.conf.5 manual page +# as well as the local/passtest script used in the above example. + +# Added for support of bcm5820 cards. +pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat + +############################################################################### +# Further Information +# +# See the snmpd.conf manual page, and the output of "snmpd -H". diff --git a/tests/Functional.net-snmp/fuego_test.sh b/tests/Functional.net-snmp/fuego_test.sh new file mode 100644 index 0000000..6de391d --- /dev/null +++ b/tests/Functional.net-snmp/fuego_test.sh @@ -0,0 +1,29 @@ +function test_pre_check { + assert_has_program snmpget + assert_has_program snmpgetnext + assert_has_program snmpset + assert_has_program snmpwalk + assert_has_program snmptrap + assert_has_program snmptranslate +} + +function test_deploy { + put $TEST_HOME/net-snmp_test.sh $BOARD_TESTDIR/fuego.$TESTDIR/ + put $FUEGO_CORE/scripts/fuego_board_function_lib.sh $BOARD_TESTDIR/fuego.$TESTDIR + put -r $TEST_HOME/tests $BOARD_TESTDIR/fuego.$TESTDIR/ + put -r $TEST_HOME/data $BOARD_TESTDIR/fuego.$TESTDIR/ +} + +function test_run { + report "cd $BOARD_TESTDIR/fuego.$TESTDIR;\ + cd data/net-snmp; cp -f snmpd.conf snmpd.conf_bak; sed -i 's/SRV_IP/$SRV_IP/g' snmpd.conf; cd ../../;\ + cd data/net-snmp; cp -f x86_64-snmpd.conf x86_64-snmpd.conf_bak; sed -i 's/SRV_IP/$SRV_IP/g' x86_64-snmpd.conf; cd ../../;\ + export remotehost=$IPADDR;\ + ./net-snmp_test.sh;\ + mv data/net-snmp/snmpd.conf_bak data/net-snmp/snmpd.conf;\ + mv data/net-snmp/x86_64-snmpd.conf_bak data/net-snmp/x86_64-snmpd.conf" +} + +function test_processing { + log_compare "$TESTDIR" "0" "TEST-FAIL" "n" +} diff --git a/tests/Functional.net-snmp/net-snmp_test.sh b/tests/Functional.net-snmp/net-snmp_test.sh new file mode 100755 index 0000000..95c34db --- /dev/null +++ b/tests/Functional.net-snmp/net-snmp_test.sh @@ -0,0 +1,7 @@ +#!/bin/sh +. ./fuego_board_function_lib.sh +set_init_manager + +for i in tests/*.sh; do + source $i +done diff --git a/tests/Functional.net-snmp/spec.json b/tests/Functional.net-snmp/spec.json new file mode 100644 index 0000000..ad97ce9 --- /dev/null +++ b/tests/Functional.net-snmp/spec.json @@ -0,0 +1,6 @@ +{ + "testName": "Functional.net-snmp", + "specs": { + "default": {} + } +} diff --git a/tests/Functional.net-snmp/test.yaml b/tests/Functional.net-snmp/test.yaml new file mode 100644 index 0000000..762ab54 --- /dev/null +++ b/tests/Functional.net-snmp/test.yaml @@ -0,0 +1,25 @@ +fuego_package_version: 1 +name: Functional.net-snmp +description: | + Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (eg. routers), + computer equipment and even devices like UPSs. + This is a simple test to check the service and SNMP-capable device. +license: BSD-3-Clause +author: Wang Mingyu +maintainer: Wang Mingyu +version: 1.00 +fuego_release: 1 +type: Functional +tags: ['net-snmp'] +params: + IPADDR: + description: the IP address of your target board - Defined in board file + SRV_IP: + description: the IP address of your host - Defined in board file +data_files: + - net-snmp_test.sh + - fuego_test.sh + - spec.json + - test.yaml + - data + - tests diff --git a/tests/Functional.net-snmp/tests/snmpd_ps.sh b/tests/Functional.net-snmp/tests/snmpd_ps.sh new file mode 100644 index 0000000..3ffbfb2 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_ps.sh @@ -0,0 +1,52 @@ +#!/bin/sh + +# In the target start snmpd, and confirm the process condition by command ps. +# check the keyword "snmpd". + +test="snmpd_ps" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + exit +fi + +if ps aux | grep "[/]usr/sbin/snmpd" +then + echo " -> get the pid of snmpd." +else + echo " -> can't get the pid of snmpd." + echo " -> $test: TEST-FAIL" + if [ "$snmpd_status" = "inactive" ] + then + exec_service_on_target snmpd stop + fi + exit +fi + +if exec_service_on_target snmpd stop +then + echo " -> stop of snmpd succeeded." +else + echo " -> stop of snmpd failed." + echo " -> $test: TEST-FAIL" + exit +fi + +if ps aux | grep "[/]usr/sbin/snmpd" +then + echo " -> $test: TEST-FAIL" +else + echo " -> $test: TEST-PASS" +fi +if [ "$snmpd_status" = "active" -o "$snmpd_status" = "unknown" ] +then + exec_service_on_target snmpd start +fi diff --git a/tests/Functional.net-snmp/tests/snmpd_snmpdf.sh b/tests/Functional.net-snmp/tests/snmpd_snmpdf.sh new file mode 100644 index 0000000..cdaf698 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmpdf.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +# In the target start service snmpd. +# Run command snmpdf and check the keyword "Memory Buffers". + +test="snmpdf" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +if [ -d /usr/lib64 ] +then + cp data/net-snmp/x86_64-snmpd.conf /etc/snmp/snmpd.conf +else + cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf +fi + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmpdf -v1 -c ROIINCOM $remotehost | grep "Physical memory" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_snmpget.sh b/tests/Functional.net-snmp/tests/snmpd_snmpget.sh new file mode 100644 index 0000000..6ead310 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmpget.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the keyword "Linux". + +test="snmpget" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmpget -v1 -c RWIINCOM -M /usr/share/snmp/mibs localhost system.sysDescr.0 | grep "Linux" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_snmpgetnext.sh b/tests/Functional.net-snmp/tests/snmpd_snmpgetnext.sh new file mode 100644 index 0000000..81c8aae --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmpgetnext.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the keyword "sysDescr". + +test="snmpgetnext" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmpgetnext -v1 -c RWIINCOM -M /usr/share/snmp/mibs localhost system | grep "sysDescr" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_snmpset.sh b/tests/Functional.net-snmp/tests/snmpd_snmpset.sh new file mode 100644 index 0000000..fef07b9 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmpset.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the keyword "INTEGER: 1". + +test="snmpset" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmpset -v1 -c RWIINCOM -M /usr/share/snmp/mibs localhost versionUpdateConfig.0 i 1 | grep "INTEGER: 1" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_snmptranslate.sh b/tests/Functional.net-snmp/tests/snmpd_snmptranslate.sh new file mode 100644 index 0000000..f2f56cb --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmptranslate.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# In the target start snmpd. +# Translate MIB OID names between numeric and textual forms. + +test="snmptranslate" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmptranslate -On -IR sysDescr +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_snmpwalk.sh b/tests/Functional.net-snmp/tests/snmpd_snmpwalk.sh new file mode 100644 index 0000000..be1c8b5 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_snmpwalk.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the IP address of host. + +test="snmpwalk" + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf +} + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +if snmpwalk -v1 -c RWIINCOM -M /usr/share/snmp/mibs localhost ip | grep "$remotehost" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_syslog.sh b/tests/Functional.net-snmp/tests/snmpd_syslog.sh new file mode 100644 index 0000000..f763bc9 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_syslog.sh @@ -0,0 +1,54 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the log of snmpd. + +test="snmpd_syslog" + +logger_service=$(detect_logger_service) + +snmpd_status=$(get_service_status snmpd) + +exec_service_on_target snmpd stop +exec_service_on_target $logger_service stop + +if [ -f /var/log/syslog ] +then + mv /var/log/syslog /var/log/syslog_bak +fi + +restore_target() { + if [ -f /var/log/syslog_bak ] + then + mv /var/log/syslog_bak /var/log/syslog + fi +} + +exec_service_on_target $logger_service restart + +sleep 2 + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +sleep 3 + +if cat /var/log/syslog | grep "snmpd" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmpd_syslog_ip.sh b/tests/Functional.net-snmp/tests/snmpd_syslog_ip.sh new file mode 100644 index 0000000..da87c05 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmpd_syslog_ip.sh @@ -0,0 +1,67 @@ +#!/bin/sh + +# In the target start snmpd. +# Check the log of IP address. + +test="snmpd_syslog_ip" + +logger_service=$(detect_logger_service) + +snmpd_status=$(get_service_status snmpd) +exec_service_on_target snmpd stop +exec_service_on_target $logger_service stop + +if [ -f /var/log/syslog ] +then + mv /var/log/syslog /var/log/messages_bak +fi + +if [ -f /var/log/snmpd.log ] +then + mv /var/log/snmpd.log /var/log/snmpd.log_bak +fi + +mv /etc/hosts /etc/hosts_bak +cp data/bind9/hosts /etc/hosts +mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak +cp data/net-snmp/snmpd.conf /etc/snmp/snmpd.conf + +restore_target() { + mv /etc/hosts_bak /etc/hosts + mv /etc/snmp/snmpd.conf_bak /etc/snmp/snmpd.conf + if [ -f /var/log/syslog_bak ] + then + mv /var/log/message_bak /var/log/syslog + fi +} + +exec_service_on_target $logger_service restart + +sleep 2 + +if exec_service_on_target snmpd start +then + echo " -> start of snmpd succeeded." +else + echo " -> start of snmpd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +snmpget -v1 -c RWIINCOM -M /usr/share/snmp/mibs localhost system.sysDescr.0 + +sleep 3 + +if cat /var/log/syslog | grep "127.0.0.1" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmpd_status" = "inactive" ] +then + exec_service_on_target snmpd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmptrapd_coldstart.sh b/tests/Functional.net-snmp/tests/snmptrapd_coldstart.sh new file mode 100644 index 0000000..b8e5c1b --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmptrapd_coldstart.sh @@ -0,0 +1,55 @@ +#!/bin/sh + +# In the target start snmptrapd, and check the syslog. +# check the keyword "SNMPv2-MIB::coldStart". + +test="snmptrapd_coldstart.sh" + +snmptrapd_status=$(get_service_status snmptrapd) +logger_service=$(detect_logger_service) + +exec_service_on_target snmptrapd stop +exec_service_on_target $logger_service stop + +if [ -f /var/log/syslog ] +then + mv /var/log/syslog /var/log/syslog_bak +fi + +restore_target() { + if [ -f /var/log/syslog_bak ] + then + mv /var/log/syslog_bak /var/log/syslog + fi +} + +exec_service_on_target $logger_service restart + +sleep 2 + +if exec_service_on_target snmptrapd start +then + echo " -> start of snmptrapd succeeded." +else + echo " -> start of snmptrapd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +snmptrap -v2c -c "" -M /usr/share/snmp/mibs localhost "" SNMPv2-MIB::coldStart + +sleep 3 + +if cat /var/log/syslog | grep "SNMPv2-MIB::coldStart" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmptrapd_status" = "inactive" ] +then + exec_service_on_target snmptrapd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmptrapd_ps.sh b/tests/Functional.net-snmp/tests/snmptrapd_ps.sh new file mode 100644 index 0000000..8f85b32 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmptrapd_ps.sh @@ -0,0 +1,53 @@ +#!/bin/sh + +# In the target start snmptrapd, and confirm the process condition by command ps. +# check the keyword "snmptrapd". + +test="snmptrapd_ps" + +snmptrapd_status=$(get_service_status snmptrapd) +exec_service_on_target snmptrapd stop + +if exec_service_on_target snmptrapd start +then + echo " -> start of snmptrapd succeeded." +else + echo " -> start of snmptrapd failed." + echo " -> $test: TEST-FAIL" + exit +fi + +if ps aux | grep "[/]usr/sbin/snmptrapd" +then + echo " -> get the pid of snmptrapd." +else + echo " -> can't get the pid of snmptrapd." + echo " -> $test: TEST-FAIL" + + if [ "$snmptrapd_status" = "inactive" ] + then + exec_service_on_target snmptrapd stop + fi + exit +fi + +if exec_service_on_target snmptrapd stop +then + echo " -> stop of snmptrapd succeeded." +else + echo " -> stop of snmptrapd failed." + echo " -> $test: TEST-FAIL" + exit +fi + +if ps aux | grep "[/]usr/sbin/snmptrapd" +then + echo " -> $test: TEST-FAIL" +else + echo " -> $test: TEST-PASS" +fi + +if [ "$snmptrapd_status" = "active" -o "$snmptrapd_status" = "unknown" ] +then + exec_service_on_target snmptrapd start +fi diff --git a/tests/Functional.net-snmp/tests/snmptrapd_syslog.sh b/tests/Functional.net-snmp/tests/snmptrapd_syslog.sh new file mode 100644 index 0000000..2cf9ff7 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmptrapd_syslog.sh @@ -0,0 +1,53 @@ +#!/bin/sh + +# In the target start snmptrapd, and check if the /var/log/syslog +# check the keyword "snmptrapd". + +test="snmptrapd_syslog" + +logger_service=$(detect_logger_service) + +snmptrapd_status=$(get_service_status snmptrapd) +exec_service_on_target snmptrapd stop +exec_service_on_target $logger_service stop + +if [ -f /var/log/syslog ] +then + mv /var/log/syslog /var/log/messages_bak +fi + +restore_target() { + if [ -f /var/log/syslog_bak ] + then + mv /var/log/syslog_bak /var/log/messages + fi +} + +exec_service_on_target $logger_service restart + +sleep 3 + +if exec_service_on_target snmptrapd start +then + echo " -> start of snmptrapd succeeded." +else + echo " -> start of snmptrapd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +sleep 3 + +if cat /var/log/syslog | grep "snmptrapd" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmptrapd_status" = "inactive" ] +then + exec_service_on_target snmptrapd stop +fi +restore_target diff --git a/tests/Functional.net-snmp/tests/snmptrapd_warmstart.sh b/tests/Functional.net-snmp/tests/snmptrapd_warmstart.sh new file mode 100644 index 0000000..70c73c7 --- /dev/null +++ b/tests/Functional.net-snmp/tests/snmptrapd_warmstart.sh @@ -0,0 +1,55 @@ +#!/bin/sh + +# In the target start snmptrapd, and check the syslog. +# check the keyword "SNMPv2-MIB::warmStart". + +test="snmptrapd_warmstart" + +snmptrapd_status=$(get_service_status snmptrapd) +logger_service=$(detect_logger_service) + +exec_service_on_target snmptrapd stop +exec_service_on_target $logger_service stop + +if [ -f /var/log/syslog ] +then + mv /var/log/syslog /var/log/syslog_bak +fi + +restore_target() { + if [ -f /var/log/syslog_bak ] + then + mv /var/log/syslog_bak /var/log/syslog + fi +} + +exec_service_on_target $logger_service restart + +sleep 2 + +if exec_service_on_target snmptrapd start +then + echo " -> start of snmptrapd succeeded." +else + echo " -> start of snmptrapd failed." + echo " -> $test: TEST-FAIL" + restore_target + exit +fi + +snmptrap -v2c -c "" -M /usr/share/snmp/mibs localhost "" SNMPv2-MIB::warmStart + +sleep 3 + +if cat /var/log/syslog | grep "SNMPv2-MIB::warmStart" +then + echo " -> $test: TEST-PASS" +else + echo " -> $test: TEST-FAIL" +fi + +if [ "$snmptrapd_status" = "inactive" ] +then + exec_service_on_target snmptrapd stop +fi +restore_target -- 2.17.1