Configuration Parameters

Top  Previous  Next

The component uses configuration parameters which are specified in the [SNMPD] section of the integrated configuration file of Dr.Web for UNIX Internet Gateways.

The section contains the following parameters:

LogLevel

{logging level}

Logging level of the component.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value: Notice

Log

{log type}

Logging method

ExePath

{path to file}

Path to the executable file of the component.

Default value: <opt_dir>/bin/drweb-snmpd

For Linux, Solaris: /opt/drweb.com/bin/drweb-snmpd

For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-snmpd

Start

{Boolean}

The component must be launched by the Dr.Web ConfigD configuration daemon.

When you specify the Yes value for this parameter, it instructs the configuration daemon to start the component immediately; and when you specify the No value, it instructs the configuration daemon to terminate the component immediately.

Default value: No

RunAsUser

{UID | user name}

The parameter determines under which user name the component should be run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component operation terminates with an error after the startup.

Default value: drweb

ListenAddress

{address}

Address (IP address and port) listened by Dr.Web SNMPD, which is waiting for client connections (SNMP managers).

Note that interaction with snmpd requires a specified port, different from the standard port (161), and snmpd must be configured for proxying.

Default value: 127.0.0.1:161

SnmpVersion

{V2c | V3}

The used SNMP protocol version (SNMPv2c or SNMPv3).

Default value: V2c

V3EngineId

{string}

Identifier (string) of Engine ID for SNMPv3 (according to RFC 3411).

Default value: 800073FA044452574542

TrapReceiver

{address list}

List of addresses (IP address and port) where Dr.Web SNMPD sends SNMP trap notifications after Dr.Web for UNIX Internet Gateways components detected a threat.

You can specify a list as the parameter value. The values in the list must be separated with commas (each value in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

Example: Add sockets 192.168.0.1:1234 and 10.20.30.45:5678 to the list.

1.Adding of values to the configuration file.

Two values in one string

[SNMPD]
TrapReceiver = "192.168.0.1:1234", "10.20.30.45:5678"

Two strings (one value per a string)

[SNMPD]
TrapReceiver = 192.168.0.1:1234
TrapReceiver = 10.20.30.45:5678

2.Adding values via the command drweb-ctl cfset.

# drweb-ctl cfset SNMPD.TrapReceiver -a 192.168.0.1:1234
# drweb-ctl cfset SNMPD.TrapReceiver -a 10.20.30.45:5678

Default value: (not set)

V2cCommunity

{string}

The string “SNMP read community” for authentication of SNMP managers ( SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V2c.

Default value: public

V3UserName

{string}

The user name for authentication of SNMP managers ( SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V3.

Default value: noAuthUser

V3Auth

{SHA(<pwd>) | MD5(<pwd>) | None}

Method to authenticate SNMP managers ( SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

Allowed values:

SHA(<PWD>)—SHA hash of the password is used (<PWD> strings).

MD5(<PWD>)—MD5 hash of the password is used (<PWD> strings).

None—authentication is disabled.

where <PWD> is a plain text password.

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Auth = MD5(123456)

2.Specifying the same parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Auth MD5\(123456\)

The parameter is used if SnmpVersion = V3.

Default value: None

V3Privacy

{DES(<secret>) | AES128(<secret>) | None}

Method to encrypt SNMP messages ( SNMPv3 protocol).

Allowed values:

DES(<secret>)—DES encryption algorithm is used.

AES128(<secret>)—AES128 encryption algorithm is used.

None—SNMP-messages are not encrypted.

where <secret> is a secret key shared by the manager and the agent (plain text).

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Privacy = AES128(supersecret)

2.Specifying the same parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Privacy AES128\(supersecret\)

The parameter is used if SnmpVersion = V3.

Default value: None