How to disable/remove part of a MIB

Fri, 24 Feb 2006 12:29:10 -0800 

We have an enterprise MIB that is divided into a public section where
you can get information about our devices and a "private" or
"experimental" section which we use for testing.  There are entries in
the testing section that could make the device less secure than I would
wish so I'm trying to figure out how to painlessly remove or disable
them for production builds.

My first problem is that I need to give users MIB files so that they can
parse the public section.  That is, I want them to be able to use
snmpget/set/walk with symbolic names of our entities.  But I don't want
to give them the schema of our private entities.  Right now I have
everything in one file which makes using mib2c easy but means I have to
manually remove our experimental entities before I ship.  I'd really
rather something a lot more automatic.  Is there a way I can use
something like #include our private stuff in the file I ship then ship
an empty include file or just sed the #include out?  How else can I
structure these files to make them easy to maintain?

Second, I want to disable the private entries in the production
code.  One option would be to put #ifdef's around the implementation --
and I may do that -- but can't I use something like "-I <entity>" on the
snmpd command line to have it exclude part of the MIB tree?  That'd work
well for me because I have an embedded system and I can control the
command line fairly easily and securely and I'd retain the ability to
activate (unhide) that section of the MIB for field diagnostics if needed.

Any thoughts on techniques and best practices welcome.  Thanks.

                                         Chris







-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to