Net-SNMP

Table of Contents

• Net-SNMP

  - [Table of Contents](#table-of-contents)
  

  • Overview
  • Module Description
  • Setup
    • What this module affects
    • Beginning with this module
    • Upgrading
      • Deprecation Warning
        • Past module 3.x series
        • Current module 4.x series
        • Future module 5.x series
  • Usage
    • Client
    • Trap Daemon
    • SNMPv3 Users
    • Access Control
      • Multiple Network Restrictions
  • Reference
  • Limitations
    • OS Support:
    • Notes:
    • Issues:
  • Development
    • Authors

Overview

This Puppet module manages the installation and configuration of Net-SNMP client, server, and trap server. It also can create a SNMPv3 user with authentication and privacy passwords.

Module Description

Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network and computer equipment. Net-SNMP implements SNMP v1, SNMP v2c, and SNMP v3 using both IPv4 and IPv6. This Puppet module manages the installation and configuration of the Net-SNMP client, server, and trap server. It also can create a SNMPv3 user with authentication and privacy passwords.

Only platforms that have Net-SNMP available are supported. This module will not work with AIX or Solaris SNMP.

Setup

What this module affects

• Installs the Net-SNMP client package and configuration.
• Installs the Net-SNMP daemon package, service, and configuration.
• Installs the Net-SNMP trap daemon service and configuration.
• Creates a SNMPv3 user with authentication and encryption paswords.

Beginning with this module

This declaration will get you the SNMP daemon listening on the loopback IPv4 and IPv6 addresses with a v1 and v2c read-only community of 'public'.

include snmp

Upgrading

Deprecation Warning

Past module 3.x series

• The classes snmp::server and snmp::trapd have been merged into class snmp. All of their class parameters available in the snmp class.

Current module 4.x series

• The parameter install_client is renamed to manage_client.

• Support for Puppet < 4 is removed.

Future module 5.x series

• The parameters ro_community, rw_community, ro_network, and rw_network will be removed.

• The snmptrapd parameter name will become authcommunity.

Usage

Most interaction with the snmp module can be done through the main snmp class. This means you can simply toggle the parameters in ::snmp to have most functionality of the module. Additional fuctionality can be achieved by only utilizing the ::snmp::client class or the ::snmp::snmpv3_user define.

To install the SNMP service listening on all IPv4 and IPv6 interfaces:

class { 'snmp':
  agentaddress => [ 'udp:161', 'udp6:161' ],
}

To change the SNMP community from the default value and limit the netblocks that can use it:

class { 'snmp':
  agentaddress => [ 'udp:161', ],
  ro_community => 'myPassword',
  ro_network   => '192.168.0.0/16',
}

Or more than one community:

class { 'snmp':
  agentaddress => [ 'udp:161', ],
  ro_community => [ 'myPassword', 'myOtherPassword', ],
}

To set the responsible person and location of the SNMP system:

class { 'snmp':
  contact  => 'root@yourdomain.org',
  location => 'Phoenix, Arizona, U.S.A., Earth, Milky Way',
}

Client

If you just want to install the SNMP client:

include snmp::client

To install the SNMP service and the client:

class { 'snmp':
  manage_client => true,
}

To install the SNMP service but not install the snmptrapd service

class { 'snmp':
  manage_snmptrapd => false,
}

If you want to pass client configuration stanzas to the snmp.conf file:

class { 'snmp':
  snmp_config => [
    'defVersion 2c',
    'defCommunity public',
    'mibdirs +/usr/local/share/snmp/mibs',
  ],
}

Trap Daemon

To only configure and run the snmptrap daemon:

class { 'snmp':
  service_ensure      => 'stopped',
  trap_service_ensure => 'running',
  trap_service_enable => true,
  snmptrapdaddr       => [ 'udp:162', ],
  trap_handlers       => [
    'default /usr/bin/perl /usr/bin/traptoemail me@somewhere.local', # optional
    'TRAP-TEST-MIB::demo-trap /home/user/traptest.sh demo-trap', # optional
  ],
  trap_forwards       => [ 'default udp:55.55.55.55:162' ], # optional
}

SNMPv3 Users

To install a SNMP version 3 user for snmpd:

snmp::snmpv3_user { 'myuser':
  authpass => '1234auth',
  privpass => '5678priv',
}
class { 'snmp':
  snmpd_config => [ 'rouser myuser authPriv' ],
}

To install a SNMP version 3 user for snmptrapd:

snmp::snmpv3_user { 'myuser':
  authpass => 'SeCrEt',
  privpass => 'PhRaSe',
  daemon   => 'snmptrapd',
}

Access Control

With traditional access control, you can give a simple password and (optional) network restriction:

class { 'snmp':
  ro_community => 'myPassword',
  ro_network   => '10.0.0.0/8',
}

and it becomes this in snmpd.conf:

rocommunity myPassword 10.0.0.0/8

This says that any host on network 10.0.0.0/8 can read any SNMP value via SNMP versions 1 and 2c as long as they provide the password 'myPassword'.

With View-based Access Control Model (VACM), you can do this (more complex) configuration instead:

class { 'snmp':
  com2sec  => ['mySecName   10.0.0.0/8 myPassword'],
  groups   => ['myGroupName v1         mySecName',
               'myGroupName v2c        mySecName'],
  views    => ['everyThing  included   .'],
  accesses => ['myGroupName ""      any   noauth  exact  everyThing  none   none'],
}

where the variables have the following meanings:

• "mySecName": A security name you have selected.
• "myPassword": The community (password) for the security name.
• "myGroupName": A group name to which you assign security names.
• "everyThing": A view name (i.e. a list of MIBs that will be ACLed as a unit).

and it becomes this in snmpd.conf:

com2sec mySecName   10.0.0.0/8 myPassword
group   myGroupName v1         mySecName
group   myGroupName v2c        mySecName
view    everyThing  included   .
access  myGroupName ""      any   noauth  exact  everyThing  none   none

This also says that any host on network 10.0.0.0/8 can read any SNMP value via SNMP versions 1 and 2c as long as they provide the password 'myPassword'. But it also gives you the ability to change any of those variables.

Reference: Manpage of snmpd.conf - Access Control

Multiple Network Restrictions

In traditional access control, you can also pass multiple networks for the community string.

class { 'snmp':
  ro_community => 'shibboleth',
  ro_network   => [ '192.168.0.0/16', '1.2.3.4/32', ],
}

and it becomes this in snmpd.conf:

rocommunity shibboleth 192.168.0.0/16
rocommunity shibboleth 1.2.3.4/32

Reference

See in file REFERENCE.md.

Limitations

OS Support:

Net-SNMP module support is available with these operating systems:

• RedHat family - tested on CentOS 7
• SuSE family - tested on SLES 11 SP1
• Debian family - tested on Debian 9, Debian 10, Debian 11, Debian 12, Ubuntu 18.04, Ubuntu 20.04
• FreeBSD family - tested on FreeBSD 12.2 (uses ports/pkgng Net-SNMP, not system bsnmpd)
• Darwin family - tested on Darwin 18 (macOS 10.14 "Mojave"), 19 (macOS 10.15 "Catalina"), and 20 (macOS 11.1 "Big Sur").

Notes:

• By default the SNMP service now listens on BOTH the IPv4 and IPv6 loopback addresses.
• For security reasons, the SNMP daemons are configured to listen on the loopback interfaces (127.0.0.1 and [::1]). Use agentaddress and snmptrapdaddr to change this configuration.
• Not all parts of Traditional Access Control or VACM Configuration are fully supported in this module.

Issues:

• Debian will not support the use of non-numeric OIDs. Something about rabid freedom.
• Figure out how to install the RFC-standard MIBS on Debian so that snmpwalk -v 2c -c public localhost system will function.
• Possibly support USM and VACM?

Development

This module is maintained by Vox Pupuli. Voxpupuli welcomes new contributions to this module. We are happy to provide guidance if necessary.

Please see CONTRIBUTING.md for information on how to contribute.

Authors

• Mike Arnold mike@razorsedge.org
• Vox Pupuli Team
• List of contributors https://github.com/voxpupuli/puppet-snmp/graphs/contributors

Licensed under the Apache License, Version 2.0.

Reference

Table of Contents

Classes

• snmp: Manage the Net-SNMP and Net-SNMP trap daemon package, service, and configuration.
• snmp::client: Manage the Net-SNMP client package and configuration.

Defined types

• snmp::snmpv3_user: Creates a SNMPv3 user with authentication and encryption paswords.

Functions

Private Functions

• snmp::snmpv3_usm_hash: snmpv3_usm_hash.rb --- Calculate SNMPv3 USM hash for a passphrase

Classes

snmp

Manage the Net-SNMP and Net-SNMP trap daemon package, service, and configuration.

Examples

class { 'snmp':
  com2sec       => [ 'notConfigUser default PassW0rd' ],
  manage_client => true,
}

# Only configure and run the snmptrap daemon:
class { 'snmp':
  ro_community        => 'SeCrEt',
  service_ensure      => 'stopped',
  trap_service_ensure => 'running',
  trap_handlers       => [
    'default /usr/bin/perl /usr/bin/traptoemail me@somewhere.local',
    'IF-MIB::linkDown /home/nba/bin/traps down',
  ],
}

Parameters

The following parameters are available in the snmp class:

• agentaddress
• snmptrapdaddr
• ro_community
• ro_community6
• rw_community
• rw_community6
• ro_network
• ro_network6
• rw_network
• rw_network6
• contact
• location
• sysname
• services
• com2sec
• com2sec6
• groups
• views
• accesses
• dlmod
• extends
• pass
• pass_persist
• snmpd_config
• disable_authorization
• do_not_log_traps
• do_not_log_tcpwrappers
• trap_handlers
• trap_forwards
• snmptrapd_config
• manage_client
• manage_snmptrapd
• snmp_config
• ensure
• autoupgrade
• manage_packages
• package_name
• snmptrapd_package_name
• snmpd_options
• sysconfig
• trap_sysconfig
• trap_service_config
• service_config
• service_config_perms
• service_config_dir_path
• service_config_dir_owner
• service_config_dir_group
• service_config_dir_perms
• service_ensure
• service_name
• service_enable
• service_hasstatus
• service_hasrestart
• snmptrapd_options
• trap_service_ensure
• trap_service_name
• trap_service_enable
• trap_service_hasstatus
• trap_service_hasrestart
• openmanage_enable
• master
• agentx_perms
• agentx_ping_interval
• agentx_socket
• agentx_timeout
• agentx_retries
• snmpv2_enable
• var_net_snmp
• varnetsnmp_perms
• varnetsnmp_owner
• varnetsnmp_group

agentaddress

Data type: Array[String[1]]

An array of addresses, on which snmpd will listen for queries.

Default value: ['udp:127.0.0.1:161', 'udp6:[::1]:161']

snmptrapdaddr

Data type: Array[String[1]]

An array of addresses, on which snmptrapd will listen to receive incoming SNMP notifications.

Default value: ['udp:127.0.0.1:162', 'udp6:[::1]:162']

ro_community

Data type: Variant[Undef, String[1], Array[String[1]]]

Read-only (RO) community string or array for agent and snmptrap daemon.

Default value: 'public'

ro_community6

Data type: Variant[Undef, String[1], Array[String[1]]]

Read-only (RO) community string or array for IPv6 agent.

Default value: 'public'

rw_community

Data type: Variant[Undef, String[1], Array[String[1]]]

Read-write (RW) community string or array agent.

Default value: undef

rw_community6

Data type: Variant[Undef, String[1], Array[String[1]]]

Read-write (RW) community string or array for IPv6 agent.

Default value: undef

ro_network

Data type: Variant[Array, Stdlib::IP::Address::V4, Stdlib::IP::Address::V4::CIDR]

Network that is allowed to RO query the daemon. Can be string or array.

Default value: '127.0.0.1'

ro_network6

Data type: Variant[Array, Stdlib::IP::Address::V6, Stdlib::IP::Address::V6::CIDR]

Network that is allowed to RO query the daemon via IPv6. Can be string or array.

Default value: '::1'

rw_network

Data type: Variant[Array, Stdlib::IP::Address::V4, Stdlib::IP::Address::V4::CIDR]

Network that is allowed to RW query the daemon. Can be string or array.

Default value: '127.0.0.1'

rw_network6

Data type: Variant[Array, Stdlib::IP::Address::V6, Stdlib::IP::Address::V6::CIDR]

Network that is allowed to RW query the daemon via IPv6. Can be string or array.

Default value: '::1'

contact

Data type: String[1]

Responsible person for the SNMP system.

Default value: 'Unknown'

location

Data type: String[1]

Location of the SNMP system.

Default value: 'Unknown'

sysname

Data type: String[1]

Name of the system (hostname).

Default value: $facts['networking']['fqdn']

services

Data type: Integer

For a host system, a good value is 72 (application + end-to-end layers).

Default value: 72

com2sec

Data type: Array[String[1]]

An array of VACM com2sec mappings. Must provide SECNAME, SOURCE and COMMUNITY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.

Default value: ['notConfigUser default public']

com2sec6

Data type: Array[String[1]]

An array of VACM com2sec6 mappings. Must provide SECNAME, SOURCE and COMMUNITY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.

Default value: ['notConfigUser default public']

groups

Data type: Array[String[1]]

An array of VACM group mappings. Must provide GROUP, <v1|v2c|usm|tsm|ksm>, SECNAME. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.

Default value:

[
    'notConfigGroup v1            notConfigUser',
    'notConfigGroup v2c           notConfigUser',
  ]

views

Data type: Array[String[1]]

An array of views that are available to query. Must provide VNAME, TYPE, OID, and [MASK]. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.

Default value:

[
    'systemview    included   .1.3.6.1.2.1.1',
    'systemview    included   .1.3.6.1.2.1.25.1.1',
  ]

accesses

Data type: Array[String[1]]

An array of access controls that are available to query. Must provide GROUP, CONTEXT, <any|v1|v2c|usm|tsm|ksm>, LEVEL, PREFX, READ, WRITE, and NOTIFY. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbAL for details.

Default value:

[
    'notConfigGroup ""      any       noauth    exact  systemview none  none',
  ]

dlmod

Data type: Optional[Array[String[1]]]

Array of dlmod lines to add to the snmpd.conf file. Must provide NAME and PATH (ex. "cmaX /usr/lib64/libcmaX64.so"). See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBD for details.

Default value: undef

extends

Data type: Optional[Array[String[1]]]

Array of extend lines to add to the snmpd.conf file. Must provide NAME, PROG and ARG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBA for details.

Default value: undef

pass

Data type: Optional[Array[String[1]]]

Array of pass lines to add to the snmpd.conf file. Must provide MIBOID and PROG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBB for details.

Default value: undef

pass_persist

Data type: Optional[Array[String[1]]]

Array of pass_persist lines to add to the snmpd.conf file. Must provide MIBOID and PROG. See http://www.net-snmp.org/docs/man/snmpd.conf.html#lbBB for details.

Default value: undef

snmpd_config

Data type: Optional[Array[String[1]]]

Safety valve. Array of lines to add to the snmpd.conf file. See http://www.net-snmp.org/docs/man/snmpd.conf.html for all options.

Default value: undef

disable_authorization

Data type: Enum['yes','no']

Disable all access control checks.

Default value: 'no'

do_not_log_traps

Data type: Enum['yes','no']

Disable the logging of notifications altogether.

Default value: 'no'

do_not_log_tcpwrappers

Data type: Enum['yes','no']

Disable the logging of tcpwrappers messages, e.g. "Connection from UDP: " messages in syslog.

Default value: 'no'

trap_handlers

Data type: Optional[Array[String[1]]]

An array of programs to invoke on receipt of traps. Must provide OID and PROGRAM (ex. "IF-MIB::linkDown /bin/traps down"). See http://www.net-snmp.org/docs/man/snmptrapd.conf.html#lbAI for details.

Default value: undef

trap_forwards

Data type: Optional[Array[String[1]]]

An array of destinations to send to on receipt of traps. Must provide OID and DESTINATION (ex. "IF-MIB::linkUp udp:1.2.3.5:162"). See http://www.net-snmp.org/docs/man/snmptrapd.conf.html#lbAI for details.

Default value: undef

snmptrapd_config

Data type: Optional[Array[String[1]]]

Safety valve. Array of lines to add to the snmptrapd.conf file. See http://www.net-snmp.org/docs/man/snmptrapd.conf.html for all options.

Default value: undef

manage_client

Data type: Boolean

Whether to install the Net-SNMP client package.

Default value: false

manage_snmptrapd

Data type: Boolean

Whether to install the Net-SNMP snmptrapd package. True by default, except on Darwin where there is no service available.

Default value: true

snmp_config

Data type: Optional[Array[String[1]]]

Safety valve. Array of lines to add to the client's global snmp.conf file. See http://www.net-snmp.org/docs/man/snmp.conf.html for all options.

Default value: undef

ensure

Data type: Enum['present','absent']

Ensure if present or absent.

Default value: 'present'

autoupgrade

Data type: Boolean

Upgrade package automatically, if there is a newer version.

Default value: false

manage_packages

Data type: Boolean

Controls whether module attempts to manage the packages for SNMPD. On by default, except on Darwin where it ships with the OS.

Default value: true

package_name

Data type: String[1]

Name of the package. Only set this if your platform is not supported or you know what you are doing.

Default value: 'net-snmp'

snmptrapd_package_name

Data type: Optional[String[1]]

Name of the package provinding snmptrapd. Only set this if your platform is not supported or you know what you are doing.

Default value: undef

snmpd_options

Data type: Optional[String[1]]

Commandline options passed to snmpd via init script.

Default value: undef

sysconfig

Data type: Stdlib::Absolutepath

Path to sysconfig file for snmpd.

Default value: '/etc/sysconfig/snmpd'

trap_sysconfig

Data type: Stdlib::Absolutepath

Path to sysconfig file for snmptrapd.

Default value: '/etc/sysconfig/snmptrapd'

trap_service_config

Data type: Stdlib::Absolutepath

Path to snmptrapd.conf.

Default value: '/etc/snmp/snmptrapd.conf'

service_config

Data type: Stdlib::Absolutepath

Path to snmpd.conf.

Default value: '/etc/snmp/snmpd.conf'

service_config_perms

Data type: Stdlib::Filemode

Set permissions for the service configuration file.

Default value: '0600'

service_config_dir_path

Data type: Stdlib::Absolutepath

Path to services configuration directory.

Default value: '/usr/local/etc/snmp'

service_config_dir_owner

Data type: String[1]

Owner for the service configuration directory.

Default value: 'root'

service_config_dir_group

Data type: String[1]

Set group ownership for the service configuration directory.

Default value: 'root'

service_config_dir_perms

Data type: String[1]

Mode of the service configuration directory.

Default value: '0755'

service_ensure

Data type: Stdlib::Ensure::Service

Ensure if service is running or stopped.

Default value: 'running'

service_name

Data type: String[1]

Name of SNMP service. Only set this if your platform is not supported or you know what you are doing.

Default value: 'snmpd'

service_enable

Data type: Boolean

Start service at boot.

Default value: true

service_hasstatus

Data type: Boolean

Service has status command.

Default value: true

service_hasrestart

Data type: Boolean

Service has restart command.

Default value: true

snmptrapd_options

Data type: Optional[String[1]]

Commandline options passed to snmptrapd via init script.

Default value: undef

trap_service_ensure

Data type: Stdlib::Ensure::Service

Ensure if service is running or stopped.

Default value: 'stopped'

trap_service_name

Data type: String[1]

Name of SNMP service Only set this if your platform is not supported or you know what you are doing.

Default value: 'snmptrapd'

trap_service_enable

Data type: Boolean

Start service at boot.

Default value: false

trap_service_hasstatus

Data type: Boolean

Service has status command.

Default value: true

trap_service_hasrestart

Data type: Boolean

Service has restart command.

Default value: true

openmanage_enable

Data type: Boolean

Adds the smuxpeer directive to the snmpd.conf file to allow net-snmp to talk with Dell's OpenManage

Default value: false

master

Data type: Boolean

Include the master option to enable AgentX registrations.

Default value: false

agentx_perms

Data type: Optional[Stdlib::Filemode]

Defines the permissions and ownership of the AgentX Unix Domain socket.

Default value: undef

agentx_ping_interval

Data type: Optional[Integer]

This will make the subagent try and reconnect every NUM seconds to the master if it ever becomes (or starts) disconnected.

Default value: undef

agentx_socket

Data type: Optional[String[1]]

Defines the address the master agent listens at, or the subagent should connect to.

Default value: undef

agentx_timeout

Data type: Integer[0]

Defines the timeout period (NUM seconds) for an AgentX request.

Default value: 1

agentx_retries

Data type: Integer[0]

Defines the number of retries for an AgentX request.

Default value: 5

snmpv2_enable

Data type: Boolean

Disable com2sec, group, and access in snmpd.conf

Default value: true

var_net_snmp

Data type: Stdlib::Absolutepath

Path to snmp's var directory.

Default value: '/var/lib/net-snmp'

varnetsnmp_perms

Data type: Stdlib::Filemode

Mode of var_net_snmp directory.

Default value: '0755'

varnetsnmp_owner

Data type: String[1]

Owner of var_net_snmp directory.

Default value: 'root'

varnetsnmp_group

Data type: String[1]

Group of var_net_snmp directory.

Default value: 'root'

snmp::client

Manage the Net-SNMP client package and configuration.

Examples

class { 'snmp::client':
  snmp_config => [
    'defVersion 2c',
    'defCommunity public',
  ],
}

Parameters

The following parameters are available in the snmp::client class:

• ensure
• snmp_config
• autoupgrade
• package_name
• client_config

ensure

Data type: Enum['present', 'absent']

Ensure if present or absent.

Default value: 'present'

snmp_config

Data type: Optional[Array[String[1]]]

Array of lines to add to the client's global snmp.conf file. See http://www.net-snmp.org/docs/man/snmp.conf.html for all options.

Default value: undef

autoupgrade

Data type: Boolean

Upgrade package automatically, if there is a newer version.

Default value: false

package_name

Data type: Optional[String[1]]

Name of the package. Only set this if your platform is not supported or you know what you are doing.

Default value: undef

client_config

Data type: Stdlib::Absolutepath

Path to snmp.conf.

Default value: '/etc/snmp/snmp.conf'

Defined types

snmp::snmpv3_user

Creates a SNMPv3 user with authentication and encryption paswords.

Examples

snmp::snmpv3_user { 'myuser':
  authtype => 'MD5',
  authpass => '1234auth',
  privpass => '5678priv',
}

Parameters

The following parameters are available in the snmp::snmpv3_user defined type:

• authpass
• authtype
• privpass
• privtype
• daemon

authpass

Data type: String[8]

Authentication password for the user.

authtype

Data type: Enum['SHA','MD5']

Authentication type for the user. SHA or MD5

Default value: 'SHA'

privpass

Data type: Optional[String[8]]

Encryption password for the user.

Default value: undef

privtype

Data type: Enum['AES','DES']

Encryption type for the user. AES or DES

Default value: 'AES'

daemon

Data type: Enum['snmpd','snmptrapd']

Which daemon file in which to write the user. snmpd or snmptrapd

Default value: 'snmpd'

Changelog

All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.

v7.2.0 (2024-10-01)

Full Changelog

Breaking changes:

• Drop ubuntu 18.04 support #302 (bastelfreak)
• Drop FreeBSD 12 support #301 (bastelfreak)
• Drop EoL Debian 10 #298 (bastelfreak)
• Drop EoL CentOS 8 #297 (bastelfreak)
• Drop EL7 support #296 (bastelfreak)

Implemented enhancements:

• Add support for Rocky and AlmaLinux #303 (silug)
• Add FreeBSD 14 support #300 (bastelfreak)
• Add Ubuntu 24.04 support #299 (bastelfreak)
• Add OracleLinux 8 / 9 support #295 (bastelfreak)

Merged pull requests:

• update puppet-systemd upper bound to 8.0.0 #289 (TheMeier)

v7.1.0 (2024-01-24)

Full Changelog

Merged pull requests:

• Support puppet-systemd 5.x and 6.x #283 (silug)

v7.0.0 (2024-01-12)

Full Changelog

Breaking changes:

• Drop Debian 9 support #272 (traylenator)
• Drop Puppet 6 support #270 (bastelfreak)

Implemented enhancements:

• add support for systemd on Ubuntu and improve it on Debian #281 (hbog)
• Add Debian 12 (bookworm) support. #279 (hbog)
• Add Puppet 8 support #274 (bastelfreak)
• puppetlabs/stdlib: Allow 9.x #273 (bastelfreak)
• Add Ubuntu 22.04 support #268 (skylar2-uw)
• bump puppet/systemd to \< 5.0.0 #266 (jhoblitt)
• Support CentOS 9 and RHEL 9 #260 (kajinamit)
• Support Debian 11 Bullseye #259 (antondollmaier)
• Support CentOS 8 and RHEL 8 #258 (kajinamit)

Closed issues:

• snmpd_options and/or snmptrapd_options are ignored on Ubuntu and Debian due to lack of systemd support #280
• Support for Ubuntu 22.04 #263
• snmpd starts on each puppet run #252
• systemd daemon-reload restarts snmpd #244
• Support Debian Bullseye 11 (to be released in may or june) #243
• FreeBSD Support #238
• To support CentOS 8 #217

Merged pull requests:

• Set 'var-net-snmp' ensure to absent when removing snmp #267 (AlexandarY)
• Cleanup Debian Hieradata #257 (ardichoke)
• Support FreeBSD and Darwin #239 (geoffdavis)

v6.0.0 (2021-08-26)

Full Changelog

Breaking changes:

• Support Ubuntu 20.04; Drop EoL Debian 8, Ubuntu 16.04 #247 (kenyon)
• Drop Puppet 5 support; enable Puppet 7 support #242 (bastelfreak)
• Drop EoL CentOS 6 #237 (bastelfreak)

Implemented enhancements:

• puppetlabs/stdlib: Allow 7.x #241 (bastelfreak)
• camptocamp/systemd: allow 3.x #240 (bastelfreak)
• Support management of snmptrapd #234 (elmobp)
• Add parameters pass and pass_persist. #233 (olifre)

Closed issues:

• Doesn't work on ubuntu focal 20.04 #229
• remove hardcoded group 'root' #206

Merged pull requests:

• Allow stdlib 8.0.0 #248 (smortex)
• switch from camptocamp/systemd to voxpupuli/systemd #245 (bastelfreak)
• modulesync 3.0.0 & puppet-lint updates #230 (bastelfreak)

v5.1.1 (2020-06-30)

Full Changelog

Fixed bugs:

• Dependency on stdlib versions incorrect for version 5.1.0 ; types/ip/address/v6/cidr.pp and type Stdlib::IP::Address::V6::CIDR does not exist in 4.25.0 #224

v5.1.0 (2020-04-18)

Full Changelog

Implemented enhancements:

• use systemd for debian 9 snmpd options #216 (hdep)
• Support Debian 10 #214 (antondollmaier)

Fixed bugs:

• snmpd_options parameter does not work with Debian 9 #110

Merged pull requests:

• Use voxpupuli-acceptance #221 (ekohl)

v5.0.0 (2020-01-22)

Full Changelog

After consulting with the community, it was decided not to remove traditional access control. The feature had been marked as deprecated for a long time, (before Vox Pupuli took over maintenance). We have committed to keeping this feature (but still recommend using VACM instead).

Breaking changes:

• drop Ubuntu 14.04 support #208 (bastelfreak)
• drop EOL FreeBSD and OpenBSD #200 (Dan33l)
• modulesync 2.5.1 and drop Puppet 4 #177 (bastelfreak)

Implemented enhancements:

• Provide a higher-level interface to snmpd #54
• "Debian will not support the use of non-numeric OIDs" #16
• Convert from params to data in module #181 (ghoneycutt)

Fixed bugs:

• Dependancy listings are out of date #178
• Failure to set authpass/privpass containing a dollar sign #173
• rouser in snmpd.conf missing for v3 auth #9
• Set snmpd stop command based on the node's default service provider #204 (blackknight36)
• Updated stdlib to 4.22.0 #179 (thaylin)
• Rewrite user creation to prevent quoting bug (fixes #173) #176 (smoeding)

Closed issues:

• unit tests are failing #199
• Clean up function puppet-strings docs #185
• Deprecate razorsedge/snmp #163

Merged pull requests:

• Remove duplicate CONTRIBUTING.md file #209 (dhoppe)
• Install client only when required to avoid potential duplicate resource. #203 (pillarsdotnet)
• Allow puppetlabs/stdlib 6.x #202 (pillarsdotnet)
• remove BSD from hiera data #201 (Dan33l)
• Mark snmp::snmpv3_usm_hash as private #186 (alexjfisher)

v4.1.0 (2018-11-23)

Full Changelog

Implemented enhancements:

• Implement snmpv3_user fact and snmp::snmpv3_usm_hash function #157 (smoeding)

Fixed bugs:

• fix snmptrapd on ubuntu and debian #168 (amateo)

Merged pull requests:

• use puppet strings format for reference #167 (Dan33l)
• add acceptance tests with beaker #166 (Dan33l)

v4.0.0 (2018-11-08)

Full Changelog

Breaking changes:

• Remove the use of global variables #145 (ekohl)
• Remove validate_numeric and validate_string #144 (alexjfisher)
• Remove deprecated install_client parameter #143 (alexjfisher)
• Migrate stuff to Vox Pupuli; Drop Puppet 2/3 support; require stdlib 4.13.1 or newer #135 (bastelfreak)

Implemented enhancements:

• Debian Stretch (new stable) use a different user for snmpd #108
• Add $snmpv2_enable parameter #136 (hdep)
• Add ubuntu 18.04 support #130 (cliff-wakefield)

Fixed bugs:

• validate_numeric() and friends are deprecated in stdlib #111
• Unknown variable: 'snmp_agentaddress' error #65
• Fix typo in snmp::params: s/extemds/extends/ #133 (chundaoc)

Closed issues:

• Prepare for release 4.0.0 #153
• Needs to be updated to support Ubuntu 18 #151
• Release the current version on the forge #138
• Test cases are broken #132
• cannot disable VACM #129
• extemds variable typo #123

Merged pull requests:

• update deprecation notice #161 (Dan33l)
• update CONTRIBUTING.md copied from .github/CONTRIBUTING.md #160 (Dan33l)
• cleanup about OSes in README #159 (Dan33l)
• move copyright notice from manifests to updated Development section in README #158 (Dan33l)
• Use rspec-puppet-facts #155 (Dan33l)
• use structured facts #154 (Dan33l)
• modulesync 2.2.0 and allow puppet 6.x #150 (bastelfreak)
• Various refactoring to improve code readability #149 (alexjfisher)
• Replace validation logic for *service_ensure. #148 (vStone)
• Replace validate_array with proper data types #147 (vStone)
• Replace instances of validate_re with Enum type #146 (alexjfisher)
• Replace validate_bool with Boolean data type #142 (alexjfisher)
• Unpin stdlib in fixtures.yml #141 (alexjfisher)
• Include full Apache 2.0 license text and add badge #140 (alexjfisher)

3.9.0 (2018-01-07)

Full Changelog

Implemented enhancements:

• adding possibility to configure extend-slines in snmpd.conf #118 (tjungbauer)
• Added extra logic to handle Debian 9 (Stretch) #113 (Pavulon007)

Fixed bugs:

• Using an array for ro_community breaks snmptrapd #106

3.8.1 (2017-06-15)

Full Changelog

Fixed bugs:

• Problem with puppet v4 #103
• Fix snmptrapd community string configuration #107 (djschaap)

3.8.0 (2017-05-28)

Full Changelog

Implemented enhancements:

• Add master options to snmpd.conf #104 (coreone)
• Fix strict variables #102 (coreone)

Fixed bugs:

• Change - Update requirements for the snmp::client class #98 (blackknight36)

Merged pull requests:

• Update requirements for the snmp client class #105 (blackknight36)

3.7.0 (2017-04-23)

Full Changelog

Implemented enhancements:

• Support service_config_dir_group class parameter #93 (adepretis)
• Add Dell OpenManage StorageServices smux OID #90 (vide)
• Add OpenBSD to the supported operating systems, similar to FreeBSD #74 (buzzdeee)
• Create Parameters for template files. #73 (aschaber1)

Fixed bugs:

• CI failing, Module sync out of date. #75

Closed issues:

• File permissions do not match the ones of the net-snmp #81

3.6.0 (2015-12-20)

Full Changelog

Implemented enhancements:

• Multiple rocommunity,rwcommunity #57
• Conglomerate of PRs with tests #62 (jrwesolo)

Fixed bugs:

• creating snmpv3 users fails with passphrases containing spaces #33

3.5.0 (2015-10-15)

Full Changelog

Implemented enhancements:

• Add the ability pass multiple networks for the community string #55 (rdrgmnzs)

Fixed bugs:

• quote snmpv3 passphrases to cope with weird characters and spaces #42 (Seegras)

3.4.0 (2015-07-07)

Full Changelog

Implemented enhancements:

• Creating snmpv3 users on loaded system fails #46
• snmpd_options and other /etc/defaults/snmpd options is not in docs #30
• rocommunity commented out #10

Fixed bugs:

• ro_community cannot be set to 'undef' to remove from ERB template #36
• skip zero length strings in ERB template output #41 (bdellegrazie)

Closed issues:

• Not possible to not start snmptrapd service #52
• No support for syslocation/syscontact #45
• CentOS 7.1 breaks params.rb #44

3.3.1 (2015-01-03)

Full Changelog

3.3.0 (2014-12-29)

Full Changelog

Implemented enhancements:

• ensure => absent fails on el5/el6 if net-snmp-utils is installed #20
• Add support for Dell's OpenManage #28 (erinn)
• Disable logging from tcpwrappers in snmpd.conf #27 (erinn)
• IPv6 support round 2 #26 (erinn)

3.2.0 (2014-10-07)

Full Changelog

Implemented enhancements:

• dynamic sysname? #14

Fixed bugs:

• Future parser and puppet-snmp #23

Merged pull requests:

• Lowercase variable names #22 (invliD)

3.1.0 (2014-05-25)

Full Changelog

Closed issues:

• The documentation for init.pp incorrectly suggests that the snmp class takes a 'services' parameter #11

3.0.0 (2013-07-13)

Full Changelog

Implemented enhancements:

• Trapd extended #7 (ghost)

2.0.0 (2013-06-23)

Full Changelog

Merged pull requests:

• modified templates to dereference class parameters #2 (hakamadare)

1.0.1 (2012-05-26)

Full Changelog

1.0.0 (2012-05-07)

Full Changelog

* This Changelog was automatically generated by github_changelog_generator