snmpd — format of snmpd component configuration


General syntax rules of Kernun Firewall configuration files are described in configuration(7). This man page describes types, sections and items specific for the snmpd component configuration.

Repeatable sections/items are marked by the '*' before section/item name.


Configuration directives have attributes of several value-types. For the basic types description, see configuration(7).

Enumeration is a list of words (names) representing integer values. Some enumerations accept both names and direct integer values; in this case, enumeration description contains values for every name (in parenthesis next to name). For other enumerations, using of names is obligatory.

The following enumerations are used in snmpd configuration directives:

ip-version (see common(5))

osi4-proto (see common(5))

listen-on-sock (see listen-on(5))

snmpd-disk-mode (name-usage obligatory)

SNMP disk monitoring setting type.

space, percent

snmpd-source-mode (name-usage obligatory)

SNMP source definition type.

default, host, net

snmpd-view-type (name-usage obligatory)

SNMP view type.

none, all

snmpd-security-level (name-usage obligatory)

SNMP security level.

noauth, auth, priv

snmpd-auth-hash (name-usage obligatory)

SNMP authentication hash function.

md5, sha

snmpd-encr-alg (name-usage obligatory)

SNMP encryption algorithm.

des, aes


Configuration of snmpd library component consists of following prototypes:

  snmpd { ... }


snmpd {

  phase ... ;
* tag ... ;
  listen-on { ... }
* user ... ;
  location ... ;
* group name { ... }
* proc ... ;
* exec ... ;
* disk ... ;
  load ... ;
  swap ... ;
* raw ... ;


SNMP Daemon configuration.


Addresses to listen on must be specified.

SNMP group name must be at most 32 characters long.

Items & subsections:

phase [number];

Application Startup Phase.

number (type: uint8, optional, default: 40)

Phase number; the lower one, the earlier start.

tag value;

Configuration factorization tag.

This feature allows admin to create groups of Kernun applications (specially proxies and servers) according to various aspects (belonging to one customer, applications of particular network traffic etc.).

Each application can have several tag attributes and the KAT tool can run some commands (like 'ps', 'start' atc.) for applications with or without given tag.

value (type: str)


Tag must contain letters, digits, hyphens and dots, only.

listen-on {

* socket ... ;


The listen-on section is derived from listen-on section prototype. For detail description of it, see listen-on(5).

Changes to the listen-on section:

Item non-transparent used as socket.

Item transparent is not valid.

At least one address to listen on must be specified.

Item socket (see listen-on(5))

Element port is optional, default: 161.

Element proto is optional, default: tcp-udp.

user name [hash hash] passwd [alg alg] [privacy-passwd privacy-passwd] [readonly];

SNMPv3 user.

name (type: str)

hash hash (type: snmpd-auth-hash, optional, default: sha)

passwd (type: str)

alg alg (type: snmpd-encr-alg, optional, default: aes)

privacy-passwd privacy-passwd (type: str, optional, default: <NULL>)

Data encryption password; if omitted, data is sent in cleartext.

readonly (type: key, optional)


SNMP user password must be at least 8 characters long.

SNMP privacy password must be at least 8 characters long.

location [text];

System location.

text (type: str, optional, default: "MyLocation")

group name {

  community ... ;
  access ... ;


SNMP group definition.

Items & subsections:

community name [default];

community name host host;

community name net net;

Group members by source address and community.

name (type: str)

Community name

<branching element> (type: snmpd-source-mode, optional, default: default)

host (type: host)

Client address or hostname

net (type: net)

Client address with mask/prefix

access level [prefix] [context [read [write [notify]]]];

SNMP views accessibility definition.

level (type: snmpd-security-level)

prefix (type: key, optional)

context (type: str, optional, default: "")

read (type: snmpd-view-type, optional, default: none)

write (type: snmpd-view-type, optional, default: none)

notify (type: snmpd-view-type, optional, default: none)

[End of section description.]

proc name min min [max max];

Process monitoring.

name (type: str)

Process name

min min (type: uint16)

Minimum number of processes

max max (type: uint16, optional, default: 0)

Maximum number of processes; 0 means infinity


Either min or max must be nonzero.

exec name text;

Arbitrary command extension.

name (type: str)

Command name

text (type: str)

Command text

disk path space [space];

disk path percent percent;

Disk usage monitoring.

path (type: str)

Disk pathname

<branching element> (type: snmpd-disk-mode)

percent (type: uint8)

Minimum percentage value

space (type: uint64, optional, default: 102400)

Minimum space value

load max1 max5 max15;

System load monitoring.

max1 (type: uint8)

max5 (type: uint8)

max15 (type: uint8)

swap min;

Swap space monitoring.

min (type: uint64)

raw line;

Raw line to configuration file.

line (type: str)

[End of section snmpd description.]


configuration(7), common(5), listen-on(5), snmpd.conf(5)