Archive

Posts Tagged ‘Command-Line’

Install and configure SNMP on Ubuntu

19/04/2011 Leave a comment

This guide describe howto install and configure SNMP on Ubuntu.

In an earlier article I have described howto set it up on RHES or CentOS, it is slightly different in Ubuntu.

1.Installation

root@ibsen:~# sudo apt-get install snmpd
Reading package lists... Done
Building dependency tree      
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libmpich1.0gf libdc1394-22 genisoimage linux-headers-2.6.27-7 libgfortran2 dvd+rw-tools linux-headers-2.6.27-7-generic libcarp-clan-perl libxml-xql-perl libparse-yapp-perl
  rdate python-xml localechooser-data gcc-4.2-base libimage-size-perl libdebconfclient0 libvisual-0.4-0 libmyth-python perlmagick libvisual-0.4-plugins libavdevice52
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  libperl5.10 libsensors3 libsnmp-base libsnmp15
Suggested packages:
  lm-sensors
The following NEW packages will be installed:
  libperl5.10 libsensors3 libsnmp-base libsnmp15 snmpd
0 upgraded, 5 newly installed, 0 to remove and 3 not upgraded.
Need to get 2463kB of archives.
After this operation, 7987kB of additional disk space will be used.
Do you want to continue [Y/n]?

answer y

2. Configuration

Move existing /etc/snmp/snmpd.conf configuration file to /etc/snmp/snmpd.conf.org

mv /etc/snmp/snmpd.conf  /etc/snmp/snmpd.conf.org

Create a new /etc/snmp/snmpd.conf file:

rocommunity  public
syslocation  "PDC, Peters DataCenter"
syscontact  peter@it-slav.net

Make snmpd use the newly created file and make it listen to all interfaces:

Edit /etc/default/snmpd

Change from:

# snmpd options (use syslog, close stdin/out/err).
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

To:

# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'

and restart snmpd

/etc/init.d/snmpd restart

3. Test

Do a snmpwalk from another host against your newly configured host.

[root@op5 ~]# snmpwalk -v 1 -c public -O e ibsen
SNMPv2-MIB::sysDescr.0 = STRING: Linux ibsen 2.6.27-9-generic #1 SMP Thu Nov 20 21:57:00 UTC 2008 i686
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (68869) 0:11:28.69
SNMPv2-MIB::sysContact.0 = STRING: peter@it-slav.net
SNMPv2-MIB::sysName.0 = STRING: ibsen
SNMPv2-MIB::sysLocation.0 = STRING: "PDC, Peters DataCenter"
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.5 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.6 = OID: IP-MIB::ip

Yes it works!!

4. Monitor example

Below is an example of how it looks using op5 Monitor a Nagios based Enterprise Monitor solution.

5. Useful links

  • op5 Statistics, a cacti based graph tool
  • op5 Monitor, an Enterprise Class Monitoring system based on Nagios
  • Net-SNMP, an open source implementation of SNMP
  • Cacti, an open source graph tool
  • Nagios, the number 1 monitor tool
Categories: Command-Line, Linux, Open Source Tags: , , , ,

Ubuntu 8.10: Squid3 with pam_auth revisited

26/12/2008 1 comment

It has been a long time I have not touch the squid configuration and installation. Recently, when I tried to install it again, I found that the howtos in Internet was a little bit confusing and I did not manage to setup. Until I viewed the log file (/var/log/auth.log) then I understood what went wrong and managed to solve the problem.

My  objective is to create a new proxy server with limited access controlled by using PAM authentication. The original howto is from this page.  I modified it to suit my environment which is using Ubuntu 8.10 server installed on my ESX server (Virtualization is awesome!).

The steps i did:

1. Update the APT installer to find the latest packages

$ sudo apt-get update

2. Installed your squid and any dependencies.
In Intrepix Ibex, they use squid3 name instead of just squid. It made me mistakenly edited the wrong files several times.

$ sudo apt-get install squid3

3. Edit the main configuration files
We need to add 2 entry here to enable PAM authentication and force the PAM authentication. edit the squid.conf.

$ sudo vi /etc/squid3/squid.conf.

and add this lines to enable PAM authentication

auth_param basic program /usr/lib/squid3/pam_auth
auth_param basic children 5
auth_param basic realm Squid
auth_param basic credentialsttl 2 hours

And add this to force authentication to every user using it

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
acl pam proxy_auth REQUIRED
http_access allow pam

4. Configure the pam modules for Squid
Create a new file with name squid in /etc/pam.d/ and populate with this entry.

$ sudo vi /etc/pam.d/squid

Add the below lines. This is the alteration i did from the previously mentioned  howto.

auth             required        pam_unix.so
account         required        pam_unix.so

5. Start the squid service

$ sudo /etc/init.d/squid start

The service should starts smoothly if you are using the same distro and packages that i used. Actually configuring squid is quite straightforward but maintaining and managing different distros with different styles and packages versions is the confusing part.

Categories: Command-Line, Open Source, Squid Tags: , , , , , ,
Follow

Get every new post delivered to your Inbox.