| 1 |
# ---------------------------------------------------------------------- |
| 2 |
# Template for SNMP Access Control List File |
| 3 |
# |
| 4 |
# o Copy this template to snmp.acl |
| 5 |
# o Set access control for SNMP support |
| 6 |
# o Change the permission of snmp.acl to be read-only |
| 7 |
# by the owner. |
| 8 |
# |
| 9 |
# See below for the location of snmp.acl file. |
| 10 |
# ---------------------------------------------------------------------- |
| 11 |
|
| 12 |
############################################################ |
| 13 |
# SNMP Access Control List File |
| 14 |
############################################################ |
| 15 |
# |
| 16 |
# Default location of this file is $JRE/lib/management/snmp.acl. |
| 17 |
# You can specify an alternate location by specifying a property in |
| 18 |
# the management config file $JRE/lib/management/management.properties |
| 19 |
# or by specifying a system property (See that file for details). |
| 20 |
# |
| 21 |
|
| 22 |
|
| 23 |
############################################################## |
| 24 |
# File permissions of the snmp.acl file |
| 25 |
############################################################## |
| 26 |
# |
| 27 |
# Since there are cleartext community strings stored in this file, |
| 28 |
# this ACL file must be readable by ONLY the owner, |
| 29 |
# otherwise the program will exit with an error. |
| 30 |
# |
| 31 |
############################################################## |
| 32 |
# Format of the acl group |
| 33 |
############################################################## |
| 34 |
# |
| 35 |
# communities: a list of SNMP community strings to which the |
| 36 |
# access control applies separated by commas. |
| 37 |
# |
| 38 |
# access: either "read-only" or "read-write". |
| 39 |
# |
| 40 |
# managers: a list of hosts to be granted the access rights. |
| 41 |
# Each can be expressed as any one of the following: |
| 42 |
# - hostname: hubble |
| 43 |
# - ip v4 and v6 addresses: 123.456.789.12 , fe80::a00:20ff:fe9b:ea82 |
| 44 |
# - ip v4 and v6 netmask prefix notation: 123.456.789.0/24, |
| 45 |
# fe80::a00:20ff:fe9b:ea82/64 |
| 46 |
# see RFC 2373 (http://www.ietf.org/rfc/rfc2373.txt) |
| 47 |
# |
| 48 |
# An example of two community groups for multiple hosts: |
| 49 |
# acl = { |
| 50 |
# { |
| 51 |
# communities = public, private |
| 52 |
# access = read-only |
| 53 |
# managers = hubble, snowbell, nanak |
| 54 |
# } |
| 55 |
# { |
| 56 |
# communities = jerry |
| 57 |
# access = read-write |
| 58 |
# managers = hubble, telescope |
| 59 |
# } |
| 60 |
# } |
| 61 |
# |
| 62 |
############################################################## |
| 63 |
# Format of the trap group |
| 64 |
############################################################## |
| 65 |
# |
| 66 |
# trap-community: a single SNMP community string that will be included |
| 67 |
# in the traps sent to the hosts. |
| 68 |
# |
| 69 |
# hosts: a list of hosts to which the SNMP agent will send traps. |
| 70 |
# |
| 71 |
# An example of two trap community definitions for multiple hosts: |
| 72 |
# trap = { |
| 73 |
# { |
| 74 |
# trap-community = public |
| 75 |
# hosts = hubble, snowbell |
| 76 |
# } |
| 77 |
# { |
| 78 |
# trap-community = private |
| 79 |
# hosts = telescope |
| 80 |
# } |
| 81 |
# } |
| 82 |
# |
| 83 |
############################################################ |
| 84 |
# |
| 85 |
# Update the community strings (public and private) below |
| 86 |
# before copying this template file |
| 87 |
# |
| 88 |
# Common SNMP ACL Example |
| 89 |
# ------------------------ |
| 90 |
# |
| 91 |
# o Only localhost can connect, and access rights |
| 92 |
# are limited to read-only |
| 93 |
# o Traps are sent to localhost only |
| 94 |
# |
| 95 |
# |
| 96 |
# acl = { |
| 97 |
# { |
| 98 |
# communities = public, private |
| 99 |
# access = read-only |
| 100 |
# managers = localhost |
| 101 |
# } |
| 102 |
# } |
| 103 |
# |
| 104 |
# |
| 105 |
# trap = { |
| 106 |
# { |
| 107 |
# trap-community = public |
| 108 |
# hosts = localhost |
| 109 |
# } |
| 110 |
# } |
