Skip to content

mini-snmpd v2.0

Latest

Choose a tag to compare

@github-actions github-actions released this 04 Jul 07:18
v2.0
dba5d0c

Important

This release has quite a few changes, hence the major bump:

  • With no -i, all interfaces are now monitored, loopback first on ifIndex 1. Previously none were monitored unless explicitly listed.
  • The daemon serves IPv4 and IPv6 at the same time by default. Use -4 or -6 to restrict it to one family.
  • SNMPv1 requests now have their community string validated, like SNMPv2c. Previously a v1 request was accepted with any community unless --auth was set.
  • SIGHUP reloads the configuration; it used to stop the daemon.

Changes

  • Add simultaneous dual-stack IPv4/IPv6 support, on by default; restrict to one family with -4 or -6
  • Monitor all interfaces by default, loopback first on ifIndex 1
  • Support interface name wildcards, iptables style: a trailing + is a prefix match (eth+ matches eth0, eth1, ...) and a lone + matches all
  • Track interface and address changes in real time on Linux via netlink; interfaces added or removed after start-up appear and disappear without a restart
  • Add SNMPv2c trap support, -T addr[:port], sending coldStart at start-up, linkUp/linkDown on interface oper status changes, and a rate-limited authenticationFailure on a wrong community string. Sinks may also be set in the .conf trap-table
  • Reload the configuration on SIGHUP: re-read the .conf over the command line and rebuild the MIB, leaving the listening sockets untouched so the daemon can reload after dropping privileges
  • Extend HOST-RESOURCES-MIB with hrSystemDate, hrSystemNumUsers, hrSystemProcesses, hrMemorySize, hrStorageTable, hrProcessorTable (per-CPU load), and matching hrDeviceTable processor rows
  • Add IP-MIB ipAddressTable (RFC 4293), so managers can discover the IPv6 addresses of the dual-stack daemon
  • Add the SNMPv2-MIB snmp group, the agent's own counters, and sysORTable, advertising the implemented MIB modules
  • Add LM-SENSORS-MIB temperature sensors from /sys/class/hwmon (Linux)
  • Serve custom static responses on any OID from custom sections in the .conf file, e.g. to emulate an HP JetDirect print server (issue #29)
  • Add mini-snmpd.conf(5) man page, documenting the .conf settings
  • Reorganize the source tree: code in src/, documentation in doc/
  • sysDescr defaults to PRETTY_NAME from os-release(5) when no description is set with -D or in the .conf file
  • Increase MAX_NR_OIDS from 20 to 70, allowing more variable bindings per request, which helps table walks, by Ilya Ponetayev
  • Log when rejecting a malformed SNMP request, by Ilya Ponetayev
  • Move the bug report and homepage info from -h usage to -v version output
  • Document the supported MIBs and objects in MIBS.md

Fixes

  • Fix #32: build failure with --with-config because ethtool-conf.h was missing from the release tarball
  • Fix possible stack overflow when copying an over-long -i interface name into the ethtool ioctls, found by Coverity Scan
  • Drop privileges correctly with -u: take the primary group from the user's passwd entry instead of a group named after the user, which need not exist (-u nobody would refuse to start), and drop root's supplementary groups with initgroups()
  • Reply to UDP requests from the address they were sent to, so on a multi-homed host the reply comes from the queried address (Linux)
  • Validate the community string for SNMPv1. A request with a wrong community is no longer accepted without --auth, by Ilya Ponetayev
  • Prepend a zero byte when encoding Counter, Gauge, TimeTicks, and Counter64 values with the high bit set, which otherwise decode as negative integers, by Ilya Ponetayev
  • Fix IP-MIB address table OID index on big-endian systems, by Ilya Ponetayev
  • The command line and .conf file now combine instead of the file overriding: list options (-d, -i, -T) append to disk-table, iface-table, and trap-table, and an unset key no longer clears a value given on the command line