|
36 | 36 | LOG_FILE = os.environ.get("SNMPTRAPD_LOG_FILE") |
37 | 37 | LOG_LEVEL = os.environ.get("SNMPTRAPD_LOG_LEVEL", "INFO").upper() |
38 | 38 | V3_USERS_RAW = os.environ.get("SNMPTRAPD_V3_USERS", "").strip() |
| 39 | +VACM_SUBTREE = (1, 3, 6) |
39 | 40 |
|
40 | 41 | AUTH_PROTOCOLS = { |
41 | 42 | "NONE": usmNoAuthProtocol, |
@@ -130,6 +131,20 @@ def _configure_v3_users(snmp_engine: engine.SnmpEngine) -> None: |
130 | 131 | continue |
131 | 132 |
|
132 | 133 | config.addV3User(snmp_engine, username, auth_protocol, auth_key, priv_protocol, priv_key) |
| 134 | + security_level = "noAuthNoPriv" |
| 135 | + if auth_protocol is not usmNoAuthProtocol and priv_protocol is usmNoPrivProtocol: |
| 136 | + security_level = "authNoPriv" |
| 137 | + elif auth_protocol is not usmNoAuthProtocol and priv_protocol is not usmNoPrivProtocol: |
| 138 | + security_level = "authPriv" |
| 139 | + config.addVacmUser( |
| 140 | + snmp_engine, |
| 141 | + 3, |
| 142 | + username, |
| 143 | + security_level, |
| 144 | + VACM_SUBTREE, |
| 145 | + VACM_SUBTREE, |
| 146 | + VACM_SUBTREE, |
| 147 | + ) |
133 | 148 | logging.info( |
134 | 149 | "Configured SNMPv3 user '%s' (auth=%s, priv=%s)", |
135 | 150 | username, |
@@ -165,6 +180,8 @@ def main() -> None: |
165 | 180 | ) |
166 | 181 |
|
167 | 182 | config.addV1System(snmp_engine, "trap-area", COMMUNITY) |
| 183 | + config.addVacmUser(snmp_engine, 1, "trap-area", "noAuthNoPriv", VACM_SUBTREE, VACM_SUBTREE, VACM_SUBTREE) |
| 184 | + config.addVacmUser(snmp_engine, 2, "trap-area", "noAuthNoPriv", VACM_SUBTREE, VACM_SUBTREE, VACM_SUBTREE) |
168 | 185 | _configure_v3_users(snmp_engine) |
169 | 186 |
|
170 | 187 | def cb_fun(snmp_engine, state_reference, context_engine_id, context_name, var_binds, cb_ctx): |
|
0 commit comments