From 76aab575ce869f90eb3113ce79115677c77cf43c Mon Sep 17 00:00:00 2001 From: Nick Leffler Date: Wed, 8 Jul 2020 14:04:08 +0000 Subject: [PATCH] started to build script --- howTo.txt | 14 +++++------ install.sh | 69 ++++++++++++++++++++++++++++++++---------------------- 2 files changed, 48 insertions(+), 35 deletions(-) diff --git a/howTo.txt b/howTo.txt index 775dcc7..5ffccff 100644 --- a/howTo.txt +++ b/howTo.txt @@ -72,12 +72,12 @@ systemctl start snmpd nano /etc/firewalld/services/snmp.xml # Paste the below in the file - - - SNMP - SNMP protocol - - + + + SNMP + SNMP protocol + + firewall-cmd --reload @@ -99,4 +99,4 @@ iptables -A INPUT -p udp --dport 161 -j ACCEPT # IF IT'S REMOTE iptables -A INPUT -p udp -s LOCALIP --dport 16161 -j ACCEPT -# Then save the rules however you would do it \ No newline at end of file +# Then save the rules however you would do it diff --git a/install.sh b/install.sh index 775dcc7..c44aab0 100755 --- a/install.sh +++ b/install.sh @@ -1,17 +1,29 @@ +# SNMPD install script + +OSID=$(awk -F= '/^ID=/{print $2}' /etc/os-release | sed 's/"//g') + + ### SNMPWALK HELP #### -snmpwalk -v2c -c rouser987 ip_hostname -snmpwalk -v3 -l authPriv -u rouser987 -a SHA -A "pass1" -x AES -X "pass2" ip_hostname +# Usefull for testing +#snmpwalk -v2c -c rouser987 ip_hostname +#snmpwalk -v3 -l authPriv -u rouser987 -a SHA -A "pass1" -x AES -X "pass2" ip_hostname -# IF USING CENTOS -yum install -y net-snmp +if [[ OSID == "centos" ]]; then + # IF USING CENTOS + yum install -y net-snmp + systemctl start snmpd +elif [[ OSID == "debian" ]]; then + # IF USING DEBIAN + apt install -y snmpd +fi -# IF USING DEBIAN -apt install -y snmpd - -systemctl start snmpd +# Stop snmpd so we can do our config systemctl stop snmpd + +# enable it so it will work on startup systemctl enable snmpd +# Make config changes cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig echo "" > /etc/snmp/snmpd.conf curl -o /etc/snmp/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro @@ -19,6 +31,7 @@ chmod +x /etc/snmp/distro nano /etc/snmp/snmpd.conf +cat < /etc/snmp/snmpd.conf # IF SERVER REMOTE # agentaddress udp:16161 @@ -26,7 +39,7 @@ rouser rouser987 syslocation VMENV | LOCATION syscontact EMAIL -sysname CHANGENAMEHERE +#sysname CHANGENAMEHERE #Distro Detection extend .1.3.6.1.4.1.2021.7890.1 distro /etc/snmp/distro @@ -35,7 +48,9 @@ extend .1.3.6.1.4.1.2021.7890.2 hardware '/bin/cat /sys/devices/virtual/dmi/id/p extend .1.3.6.1.4.1.2021.7890.3 manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor' #extend .1.3.6.1.4.1.2021.7890.4 serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial' # END REMOTE +EOF +cat < /etc/snmp/snmpd.conf # IF SERVER LOCAL # agentaddress udp:161 @@ -43,7 +58,7 @@ rouser rouser987 syslocation VMENV | LOCATION syscontact EMAIL -sysname CHANGENAMEHERE +#sysname CHANGENAMEHERE #Distro Detection extend .1.3.6.1.4.1.2021.7890.1 distro /etc/snmp/distro @@ -52,31 +67,29 @@ extend .1.3.6.1.4.1.2021.7890.2 hardware '/bin/cat /sys/devices/virtual/dmi/id/p extend .1.3.6.1.4.1.2021.7890.3 manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor' #extend .1.3.6.1.4.1.2021.7890.4 serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial' # END LOCAL +OEF +if [[ "${OSID}" == "centos" ]]; then + # IF USING CENTOS This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later # + echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/net-snmp/snmpd.conf +elif [[ "${OSID}" == "debian" ]]; then + # IF USING DEBIAN This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later # + echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/snmp/snmpd.conf +if -# no longer needed, replaced with the below -## nano /var/lib/net-snmp/snmpd.conf - -# no longer needed, replaced with the below -## createUser rouser987 SHA "rd1" AES "password2" - -# IF USING CENTOS This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later # -echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/net-snmp/snmpd.conf - -# IF USING DEBIAN This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later # -echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/snmp/snmpd.conf systemctl start snmpd #### IF THERE'S FIREWALL-CMD #### # IF IT'S A LOCAL SERVER # -nano /etc/firewalld/services/snmp.xml +nano /etc/firewalld/services/snmp.xml # Paste the below in the file - - - SNMP - SNMP protocol - + + + SNMP + SNMP protocol + + firewall-cmd --reload @@ -99,4 +112,4 @@ iptables -A INPUT -p udp --dport 161 -j ACCEPT # IF IT'S REMOTE iptables -A INPUT -p udp -s LOCALIP --dport 16161 -j ACCEPT -# Then save the rules however you would do it \ No newline at end of file +# Then save the rules however you would do it