added install.sh

2020-07-08 13:21:41 +00:00 · 2020-07-08 13:21:41 +00:00 · 07d37e04e6
parent b9be9c380e
commit 07d37e04e6
1 changed files with 102 additions and 0 deletions
--- a/install.sh
+++ b/install.sh
@ -0,0 +1,102 @@
+### SNMPWALK HELP ####
+snmpwalk -v2c -c rouser987 ip_hostname
+snmpwalk -v3  -l authPriv -u rouser987 -a SHA -A "pass1"  -x AES -X "pass2" ip_hostname
+
+# IF USING CENTOS
+yum install -y net-snmp
+
+# IF USING DEBIAN
+apt install -y snmpd
+
+systemctl start snmpd
+systemctl stop snmpd
+systemctl enable snmpd
+
+cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
+echo "" > /etc/snmp/snmpd.conf
+curl -o /etc/snmp/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
+chmod +x /etc/snmp/distro
+nano /etc/snmp/snmpd.conf
+
+
+# IF SERVER REMOTE #
+agentaddress udp:16161
+
+rouser rouser987
+
+syslocation VMENV | LOCATION
+syscontact EMAIL
+sysname CHANGENAMEHERE
+
+#Distro Detection
+extend .1.3.6.1.4.1.2021.7890.1 distro /etc/snmp/distro
+#Hardware Detection (uncomment to enable)
+extend .1.3.6.1.4.1.2021.7890.2 hardware '/bin/cat /sys/devices/virtual/dmi/id/product_name'
+extend .1.3.6.1.4.1.2021.7890.3 manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor'
+#extend .1.3.6.1.4.1.2021.7890.4 serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial'
+# END REMOTE
+
+# IF SERVER LOCAL #
+agentaddress udp:161
+
+rouser rouser987
+
+syslocation VMENV | LOCATION
+syscontact EMAIL
+sysname CHANGENAMEHERE
+
+#Distro Detection
+extend .1.3.6.1.4.1.2021.7890.1 distro /etc/snmp/distro
+#Hardware Detection (uncomment to enable)
+extend .1.3.6.1.4.1.2021.7890.2 hardware '/bin/cat /sys/devices/virtual/dmi/id/product_name'
+extend .1.3.6.1.4.1.2021.7890.3 manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor'
+#extend .1.3.6.1.4.1.2021.7890.4 serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial'
+# END LOCAL
+
+
+# no longer needed, replaced with the below
+## nano /var/lib/net-snmp/snmpd.conf
+
+# no longer needed, replaced with the below
+## createUser rouser987 SHA "rd1" AES "password2"
+
+# IF USING CENTOS This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later #
+echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/net-snmp/snmpd.conf
+
+# IF USING DEBIAN This creates a random password1 and password 2. I like to log the output somewhere that way I have the info if I need it later #
+echo "createUser rouser987 SHA \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\" AES \""$(tr -cd '[:alnum:]' < /dev/urandom | fold -w50 | head -n1)"\"" | tee -a /var/lib/snmp/snmpd.conf
+systemctl start snmpd
+
+#### IF THERE'S FIREWALL-CMD ####
+# IF IT'S A LOCAL SERVER #
+nano /etc/firewalld/services/snmp.xml 
+
+# Paste the below in the file
+
+
+  SNMP
+  SNMP protocol
+  
+
+
+firewall-cmd --reload
+
+firewall-cmd --zone=public --add-service snmp --permanent
+
+# IF IT'S A REMOTE SERVER #
+firewall-cmd --permanent --zone=public --add-rich-rule='
+  rule family="ipv4"
+  source address="LOCALIP"
+  port protocol="udp" port="16161" accept'
+
+# ON LOCAL AND REMOTE #
+firewall-cmd --reload
+
+#### IF THERE'S IPTABLES ####
+# IF IT'S LOCAL
+iptables -A INPUT -p udp --dport 161 -j ACCEPT
+# Then save the rules however you would do it
+
+# IF IT'S REMOTE
+iptables -A INPUT -p udp -s LOCALIP --dport 16161 -j ACCEPT
+# Then save the rules however you would do it