|
1 # ---------------------------------------------------------------------- |
|
2 # Template for SNMP Access Control List File |
|
3 # |
|
4 # o Copy this template to snmp.acl |
|
5 # o Set access control for SNMP support |
|
6 # o Change the permission of snmp.acl to be read-only |
|
7 # by the owner. |
|
8 # |
|
9 # See below for the location of snmp.acl file. |
|
10 # ---------------------------------------------------------------------- |
|
11 |
|
12 ############################################################ |
|
13 # SNMP Access Control List File |
|
14 ############################################################ |
|
15 # |
|
16 # Default location of this file is $JRE/lib/management/snmp.acl. |
|
17 # You can specify an alternate location by specifying a property in |
|
18 # the management config file $JRE/lib/management/management.properties |
|
19 # or by specifying a system property (See that file for details). |
|
20 # |
|
21 |
|
22 |
|
23 ############################################################## |
|
24 # File permissions of the snmp.acl file |
|
25 ############################################################## |
|
26 # |
|
27 # Since there are cleartext community strings stored in this file, |
|
28 # this ACL file must be readable by ONLY the owner, |
|
29 # otherwise the program will exit with an error. |
|
30 # |
|
31 ############################################################## |
|
32 # Format of the acl group |
|
33 ############################################################## |
|
34 # |
|
35 # communities: a list of SNMP community strings to which the |
|
36 # access control applies separated by commas. |
|
37 # |
|
38 # access: either "read-only" or "read-write". |
|
39 # |
|
40 # managers: a list of hosts to be granted the access rights. |
|
41 # Each can be expressed as any one of the following: |
|
42 # - hostname: hubble |
|
43 # - ip v4 and v6 addresses: 123.456.789.12 , fe80::a00:20ff:fe9b:ea82 |
|
44 # - ip v4 and v6 netmask prefix notation: 123.456.789.0/24, |
|
45 # fe80::a00:20ff:fe9b:ea82/64 |
|
46 # see RFC 2373 (http://www.ietf.org/rfc/rfc2373.txt) |
|
47 # |
|
48 # An example of two community groups for multiple hosts: |
|
49 # acl = { |
|
50 # { |
|
51 # communities = public, private |
|
52 # access = read-only |
|
53 # managers = hubble, snowbell, nanak |
|
54 # } |
|
55 # { |
|
56 # communities = jerry |
|
57 # access = read-write |
|
58 # managers = hubble, telescope |
|
59 # } |
|
60 # } |
|
61 # |
|
62 ############################################################## |
|
63 # Format of the trap group |
|
64 ############################################################## |
|
65 # |
|
66 # trap-community: a single SNMP community string that will be included |
|
67 # in the traps sent to the hosts. |
|
68 # |
|
69 # hosts: a list of hosts to which the SNMP agent will send traps. |
|
70 # |
|
71 # An example of two trap community definitions for multiple hosts: |
|
72 # trap = { |
|
73 # { |
|
74 # trap-community = public |
|
75 # hosts = hubble, snowbell |
|
76 # } |
|
77 # { |
|
78 # trap-community = private |
|
79 # hosts = telescope |
|
80 # } |
|
81 # } |
|
82 # |
|
83 ############################################################ |
|
84 # |
|
85 # Update the community strings (public and private) below |
|
86 # before copying this template file |
|
87 # |
|
88 # Common SNMP ACL Example |
|
89 # ------------------------ |
|
90 # |
|
91 # o Only localhost can connect, and access rights |
|
92 # are limited to read-only |
|
93 # o Traps are sent to localhost only |
|
94 # |
|
95 # |
|
96 # acl = { |
|
97 # { |
|
98 # communities = public, private |
|
99 # access = read-only |
|
100 # managers = localhost |
|
101 # } |
|
102 # } |
|
103 # |
|
104 # |
|
105 # trap = { |
|
106 # { |
|
107 # trap-community = public |
|
108 # hosts = localhost |
|
109 # } |
|
110 # } |