Configuration Parameters

The component uses configuration parameters which can be found in the [SNMPD] section of the unified configuration file of Dr.Web for UNIX Mail Servers.

The section contains the following parameters:

Parameter

Description

LogLevel

{logging level}

Logging level of the component.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value: Notice

Log

{log type}

Logging method of the component.

Default value: Auto

ExePath

{path to file}

Path to the executable file of the component.

Default value: <opt_dir>/bin/drweb-snmpd.

For GNU/Linux: /opt/drweb.com/bin/drweb-snmpd.

For FreeBSD: /usr/local/libexec/drweb.com/bin/drweb-snmpd

Start

{Boolean}

Launch/do not launch the component by the Dr.Web ConfigD configuration daemon.

When you specify the Yes value for this parameter, it the configuration daemon will start the component immediately; and when you specify the No value, the configuration daemon will terminate the component immediately.

Default value: No

RunAsUser

{UID | user name}

The user on whose behalf the component should be run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component operation terminates with an error after the startup.

Default value: drweb

ListenAddress

{address}

Address (IP address and port) listened by Dr.Web SNMPD, which is waiting for client connections (SNMP managers).

Note that interaction with snmpd requires a specified port, different from the standard port (161), and snmpd must be configured for proxying.

Default value: 127.0.0.1:161

SnmpVersion

{V2c | V3}

The current version of SNMP protocol (SNMPv2c or SNMPv3).

Default value: V2c

V3EngineId

{string}

Identifier (string) of Engine ID for SNMPv3 (according to RFC 3411).

Default value: 800073FA044452574542

TrapReceiver

{address list}

List of addresses (IP address and port) where Dr.Web SNMPD sends SNMP trap notifications after Dr.Web for UNIX Mail Servers components detected a threat.

You can specify a list as the parameter value. The values in the list must be separated with commas (with each value put in the quotation marks). The parameter can be specified more than once in the section (in this case, all its values are combined into one list).

Example: Add sockets 192.168.0.1:1234 and 10.20.30.45:5678 to the list.

1.Adding of values to the configuration file.

Two values in one string:

Section [SNMPD]
TrapReceiver = "192.168.0.1:1234", "10.20.30.45:5678"

Two strings (one value per a string):

[SNMPD]
TrapReceiver = 192.168.0.1:1234
TrapReceiver = 10.20.30.45:5678

2.Adding values with the drweb-ctl cfset command:

# drweb-ctl cfset SNMPD.TrapReceiver -a 192.168.0.1:1234
# drweb-ctl cfset SNMPD.TrapReceiver -a 10.20.30.45:5678

Default value: (not set)

V2cCommunity

{string}

The string “SNMP read community” for authentication of SNMP managers (SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V2c.

Default value: public

V3UserName

{string}

The user name for authentication of SNMP managers (SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V3.

Default value: noAuthUser

V3Auth

{SHA(<pwd>) | MD5(<pwd>) | None}

Method to authenticate SNMP managers (SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

Allowed values:

SHA(<PWD>)—SHA hash of the password is used (<PWD> strings);

MD5(<PWD>)—MD5 hash of the password is used (<PWD> strings);

None—authentication is disabled.

where <PWD> is a plain text password.

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Auth = MD5(123456)

2.Specifying the same parameter value from the command line with the drweb-ctl cfset command:

drweb-ctl cfset SNMPD.V3Auth MD5\(123456\)

The parameter is used if SnmpVersion = V3.

Default value: None

V3Privacy

{DES(<secret>) | AES128(<secret>) | None}

Encryption method for SNMP messages (SNMPv3 protocol).

Allowed values:

DES(<secret>)—DES encryption algorithm;

AES128(<secret>)—AES128 encryption algorithm;

None—SNMP-messages are not encrypted.

where <secret> is a secret key shared by the manager and the agent (plain text).

When specifying the parameter value from the command line, you can need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Privacy = AES128(supersecret)

2.Specifying the same parameter value from the command line with the drweb-ctl cfset command:

drweb-ctl cfset SNMPD.V3Privacy AES128\(supersecret\)

The parameter is used if SnmpVersion = V3.

Default value: None