دفتر یادداشت دیجیتال برای هر چیز مفید!
yum install net-snmp-utils snmp snmpd
/etc/snmp/snmpd.conf
rocommunity publicString
com2sec local localhost 192.168.192.202
com2sec network_l 192.168.192.0/24
group MyROGroup_1 v2c local
group MyROGroup_1 v2c network_1
view all-mibs included .1 80
access MyROGroup_1 .. v1 noauth exact all-mibs none none
access MyROGroup_2 .. v2c noauth exact all-mibs none none
/etc/init.d/snmpd start
chkconfig snmpd on
snmpwalk -v 1 -c publicString -O e 127.0.0.1
for host in list_of_hosts:
user = 'admin'.encode('ascii')
password = ''.encode('ascii')
try:
END = b'\r\n'
tn = telnetlib.Telnet(host, port=23)
tn.read_until(b'Login: ')
tn.write(user + END)
tn.read_until(b'Password: ')
tn.write(password + END)
tn.read_until(b'>')
tn.write(b'password new-password="newPass" confirm-new-password="newPass" old-password="oldPass"' + END)
tn.write(b'/snmp community' + END)
tn.write(b'add name=comm_str addresses=741.852.963.147,123.456.789.123 read-access=yes write-access=no' + END)
tn.write(b'..' + END)
tn.write(b'set trap-community=comm_str' + END)
tn.write(b'set trap-version=2' + END)
tn.write(b'set enabled=yes' + END)
tn.write(b'..' + END)
tn.write(b'quit' + END)
tn.read_all()
print('Done for ' + host)
except:
print('Not exists ' + host)
nano /etc/firewalld/services/snmp.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>SNMP</short>
<description>SNMP protocol</description>
<port protocol="udp" port="161"/>
</service>
firewall-cmd --reload
firewall-cmd --new-zone=special --permanent
firewall-cmd --reload
firewall-cmd --zone=special --add-source=xyz.xyz.xyz.xyz/32
firewall-cmd --zone=special --add-service snmp --permanent
firewall-cmd --reload
snmp.set --communities COMMUNITY_STR
snmp.set --targets IP_ADDRESS@PORT/COMMUNITY_STR,IP_ADDRESS@PORT/COMMUNITY_STR
snmp.set --loglevel warning
snmp.enable
snmp.get
esxcli system snmp set --communities COMMUNITY_STRING
esxcli network firewall ruleset set --ruleset-id snmp --allowed-all false
esxcli network firewall ruleset allowedip add --ruleset-id snmp --ip-address ADDRESS_OF_COLLECTOR
esxcli network firewall ruleset set --ruleset-id snmp --enabled true
/etc/init.d/snmpd restart
esxcli system snmp set --enable true
import telnetlib
for i in range(1,256):
host = 'xyz.xyz.xyz.' + str(i)
user = 'user'.encode('ascii')
password = 'pass'.encode('ascii')
try:
tn = telnetlib.Telnet(host, port=23)
tn.read_until(b'Username: ')
tn.write(user + b'\n')
tn.read_until(b'Password: ')
tn.write(password + b'\n')
tn.write(b'conf t' + b'\n')
tn.write(b'access-list zz permit xyz.xyz.xyz.xyz' + b'\n')
tn.write(b'exit' + b'\n')
tn.write(b'write memory' +b'\n')
tn.write(b'exit' + b'\n')
tn.read_all()
print('Done for ' + host)
except:
print('Not exists ' + host)
