| 1 | # ---------------------------------------------------------------------- | 
|---|
| 2 | #           Template for SNMP Access Control List File | 
|---|
| 3 | # | 
|---|
| 4 | # o Copy this template to snmp.acl | 
|---|
| 5 | # o Set access control for SNMP support | 
|---|
| 6 | # o Change the permission of snmp.acl to be read-only | 
|---|
| 7 | #   by the owner. | 
|---|
| 8 | # | 
|---|
| 9 | # See below for the location of snmp.acl file. | 
|---|
| 10 | # ---------------------------------------------------------------------- | 
|---|
| 11 |  | 
|---|
| 12 | ############################################################ | 
|---|
| 13 | #            SNMP Access Control List File | 
|---|
| 14 | ############################################################ | 
|---|
| 15 | # | 
|---|
| 16 | # Default location of this file is $JRE/lib/management/snmp.acl. | 
|---|
| 17 | # You can specify an alternate location by specifying a property in | 
|---|
| 18 | # the management config file $JRE/lib/management/management.properties | 
|---|
| 19 | # or by specifying a system property (See that file for details). | 
|---|
| 20 | # | 
|---|
| 21 |  | 
|---|
| 22 |  | 
|---|
| 23 | ############################################################## | 
|---|
| 24 | #        File permissions of the snmp.acl file | 
|---|
| 25 | ############################################################## | 
|---|
| 26 | # | 
|---|
| 27 | #      Since there are cleartext community strings stored in this file, | 
|---|
| 28 | #      this ACL file must be readable by ONLY the owner, | 
|---|
| 29 | #      otherwise the program will exit with an error. | 
|---|
| 30 | # | 
|---|
| 31 | ############################################################## | 
|---|
| 32 | #               Format of the acl group | 
|---|
| 33 | ############################################################## | 
|---|
| 34 | # | 
|---|
| 35 | # communities: a list of SNMP community strings to which the | 
|---|
| 36 | #              access control applies separated by commas. | 
|---|
| 37 | # | 
|---|
| 38 | # access: either "read-only" or "read-write". | 
|---|
| 39 | # | 
|---|
| 40 | # managers: a list of hosts to be granted the access rights. | 
|---|
| 41 | #    Each can be expressed as any one of the following: | 
|---|
| 42 | #    - hostname: hubble | 
|---|
| 43 | #    - ip v4 and v6 addresses: 123.456.789.12 , fe80::a00:20ff:fe9b:ea82 | 
|---|
| 44 | #    - ip v4 and v6 netmask prefix notation: 123.456.789.0/24, | 
|---|
| 45 | #         fe80::a00:20ff:fe9b:ea82/64 | 
|---|
| 46 | #      see RFC 2373 (http://www.ietf.org/rfc/rfc2373.txt) | 
|---|
| 47 | # | 
|---|
| 48 | # An example of two community groups for multiple hosts: | 
|---|
| 49 | #    acl = { | 
|---|
| 50 | #     { | 
|---|
| 51 | #       communities = public, private | 
|---|
| 52 | #       access = read-only | 
|---|
| 53 | #       managers = hubble, snowbell, nanak | 
|---|
| 54 | #     } | 
|---|
| 55 | #     { | 
|---|
| 56 | #       communities = jerry | 
|---|
| 57 | #       access = read-write | 
|---|
| 58 | #       managers = hubble, telescope | 
|---|
| 59 | #     } | 
|---|
| 60 | #    } | 
|---|
| 61 | # | 
|---|
| 62 | ############################################################## | 
|---|
| 63 | #                   Format of the trap group | 
|---|
| 64 | ############################################################## | 
|---|
| 65 | # | 
|---|
| 66 | # trap-community: a single SNMP community string that will be included | 
|---|
| 67 | #                 in  the traps sent to the hosts. | 
|---|
| 68 | # | 
|---|
| 69 | # hosts: a list of hosts to which the SNMP agent will send traps. | 
|---|
| 70 | # | 
|---|
| 71 | # An example of two trap community definitions for multiple hosts: | 
|---|
| 72 | #    trap = { | 
|---|
| 73 | #      { | 
|---|
| 74 | #        trap-community = public | 
|---|
| 75 | #        hosts = hubble, snowbell | 
|---|
| 76 | #      } | 
|---|
| 77 | #      { | 
|---|
| 78 | #        trap-community = private | 
|---|
| 79 | #        hosts = telescope | 
|---|
| 80 | #      } | 
|---|
| 81 | #    } | 
|---|
| 82 | # | 
|---|
| 83 | ############################################################ | 
|---|
| 84 | # | 
|---|
| 85 | #  Update the community strings (public and private) below | 
|---|
| 86 | #  before copying this template file | 
|---|
| 87 | # | 
|---|
| 88 | # Common SNMP ACL Example | 
|---|
| 89 | # ------------------------ | 
|---|
| 90 | # | 
|---|
| 91 | # o Only localhost can connect, and access rights | 
|---|
| 92 | #   are limited to read-only | 
|---|
| 93 | # o Traps are sent to localhost only | 
|---|
| 94 | # | 
|---|
| 95 | # | 
|---|
| 96 | # acl = { | 
|---|
| 97 | #  { | 
|---|
| 98 | #    communities = public, private | 
|---|
| 99 | #    access = read-only | 
|---|
| 100 | #    managers = localhost | 
|---|
| 101 | #  } | 
|---|
| 102 | # } | 
|---|
| 103 | # | 
|---|
| 104 | # | 
|---|
| 105 | # trap = { | 
|---|
| 106 | #   { | 
|---|
| 107 | #     trap-community = public | 
|---|
| 108 | #     hosts = localhost | 
|---|
| 109 | #   } | 
|---|
| 110 | # } | 
|---|