Skip to content

librenms

install and config (linux)

install

apt-get install snmpd snmp

config Edit /etc/snmp/snmpd.conf 

# update the file
agentAddress  udp:161
rocommunity public default
sysLocation server rack

restart service 

systemctl restart snmpd.service

oracle specific firewall setup (iptables)

# edit
nano /etc/iptables/rules.v4

# add line
-A INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
#save

# apply
iptables-restore < /etc/iptables/rules.v4

sudo iptables -F
sudo netfilter-persistent save

test

snmpwalk -v 2c -c public 168.138.12.237:161
nmap -sU -v -p 161 168.138.12.237
sudo tcpdump -nnSX port 161

sudo lsof -iUDP:161

COMMAND  PID        USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
snmpd   2193 Debian-snmp    6u  IPv4  34218      0t0  UDP *:snmp

ps -ef | grep snmp
Debian-+    2193       1  0 10:55 ?        00:00:01 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f
ubuntu      3560    1146  0 11:48 pts/0    00:00:00 grep --color=auto snmp

tailscale

access tailscale connected instances from librenms docker
open port 161 on oracle vm

sudo docker run -d --name=tailscaled -v /var/lib:/var/lib -v /dev/net/tun:/dev/net/tun --network=host --cap-add=NET_ADMIN --restart unless-stopped --cap-add=NET_RAW --env TS_AUTHKEY=tskey-auth-kM23Rd4CNTRL-qSFkKNSNM6akdqkSE6Vo5aGAdBZArzD2  tailscale/tailscale

install and config (windows client)

windows 25 server

Install-WindowsFeature -Name SNMP-Service -IncludeManagementTools

Get-Service -Name SNMP

New-NetFirewallRule -DisplayName "Allow SNMP Inbound" -Direction Inbound -Protocol UDP -LocalPort 
161 -Action Allow

New-NetFirewallRule -DisplayName "Allow SNMP Outbound" -Direction Outbound -Protocol UDP -LocalPort 161 -Action Allow

New-NetFirewallRule -DisplayName "Allow ICMPv4-Inbound" -Protocol ICMPv4 -Direction Inbound -IcmpType 8 -Action Allow

New-NetFirewallRule -DisplayName "Allow ICMPv4-Outbound" -Protocol ICMPv4 -Direction Outbound -IcmpType 8 -Action Allow

Windows 11 with SNMP

Add-WindowsCapability -Online -Name “SNMP.Client~~~~0.0.1.0“

install windows 22 server

Get-WindowsFeature -Name "SNMP-Service"

# install
Install-WindowsFeature -Name "SNMP-Service" -IncludeAllSubFeature -Restart
Install-WindowsFeature -Name "RSAT-SNMP" -IncludeManagementTools
Restart-Service -Name "SNMP"

# verify
Get-WindowsFeature -Name "SNMP-Service"

allow snmp on the firewall

# Allow SNMP inbound on UDP port 161
New-NetFirewallRule -DisplayName "Allow SNMP Inbound" -Direction Inbound -Protocol UDP -LocalPort 161 -Action Allow

# Allow SNMP outbound on UDP port 161
New-NetFirewallRule -DisplayName "Allow SNMP Outbound" -Direction Outbound -Protocol UDP -LocalPort 161 -Action Allow

# Allow SNMP Traps inbound on UDP port 162
New-NetFirewallRule -DisplayName "Allow SNMP Trap Inbound" -Direction Inbound -Protocol UDP -LocalPort 162 -Action Allow

# Allow SNMP Traps outbound on UDP port 162
New-NetFirewallRule -DisplayName "Allow SNMP Trap Outbound" -Direction Outbound -Protocol UDP -LocalPort 162 -Action Allow

# verify
Get-NetFirewallRule -DisplayName "Allow SNMP*"

allow ping on the firewall

# Allow ICMPv4 inbound (Ping)
New-NetFirewallRule -DisplayName "Allow ICMPv4-Inbound" -Protocol ICMPv4 -Direction Inbound -IcmpType 8 -Action Allow

# Allow ICMPv4 outbound (Ping)
New-NetFirewallRule -DisplayName "Allow ICMPv4-Outbound" -Protocol ICMPv4 -Direction Outbound -IcmpType 8 -Action Allow

# Allow ICMPv6 inbound (if you want to enable Ping over IPv6)
New-NetFirewallRule -DisplayName "Allow ICMPv6-Inbound" -Protocol ICMPv6 -Direction Inbound -IcmpType 128 -Action Allow

# Allow ICMPv6 outbound (Ping over IPv6)
New-NetFirewallRule -DisplayName "Allow ICMPv6-Outbound" -Protocol ICMPv6 -Direction Outbound -IcmpType 128 -Action Allow

# verify
Get-NetFirewallRule -DisplayName "Allow ICMPv*"
Click to expand - details >git 
git add . ; git commit -m "update" ; git push origin ; git push gitlab ; git push github ; git status
> librenms [![title](librenms_list.png =1600x)](/librenms_list.png) [![title](librenms2.png =1600x)](/librenms2.png) [![title](/librenms/librenms.png =1600x)](/librenms/librenms.png) [docker-compose.yml](https://github.com/jdedev/homelab_host_nas/blob/main/librenms/docker-compose.yml) 
version: '3'

services:
  db:
    image: mariadb:10.5
    container_name: librenms_db
    command:
      - "mysqld"
      - "--innodb-file-per-table=1"
      - "--lower-case-table-names=0"
      - "--character-set-server=utf8mb4"
      - "--collation-server=utf8mb4_unicode_ci"
    volumes:
      - "./db:/var/lib/mysql"
    environment:
      - "TZ=${TZ}"
      - "MYSQL_ALLOW_EMPTY_PASSWORD=yes"
      - "MYSQL_DATABASE=${MYSQL_DATABASE}"
      - "MYSQL_USER=${MYSQL_USER}"
      - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
    restart: always

  redis:
    image: redis:5.0-alpine
    container_name: librenms_redis
    environment:
      - "TZ=${TZ}"
    restart: always
    volumes:
      - "./redis/data:/data"


  msmtpd:
    image: crazymax/msmtpd:latest
    container_name: librenms_msmtpd
    env_file:
      - "./msmtpd.env"
    restart: always

  librenms:
    image: librenms/librenms:latest
    container_name: librenms
    hostname: librenms
    cap_add:
      - NET_ADMIN
      - NET_RAW
    ports:
      - target: 8000
        published: 8100
        protocol: tcp
    depends_on:
      - db
      - redis
      - msmtpd
    volumes:
      - "./librenms:/data"
    env_file:
      - "./librenms.env"
    environment:
      - "TZ=${TZ}"
      - "PUID=${PUID}"
      - "PGID=${PGID}"
      - "DB_HOST=db"
      - "DB_NAME=${MYSQL_DATABASE}"
      - "DB_USER=${MYSQL_USER}"
      - "DB_PASSWORD=${MYSQL_PASSWORD}"
      - "DB_TIMEOUT=60"
    restart: always

  dispatcher:
    image: librenms/librenms:latest
    container_name: librenms_dispatcher
    hostname: librenms-dispatcher
    cap_add:
      - NET_ADMIN
      - NET_RAW
    depends_on:
      - librenms
      - redis
    volumes:
      - "./librenms:/data"
    env_file:
      - "./librenms.env"
    environment:
      - "TZ=${TZ}"
      - "PUID=${PUID}"
      - "PGID=${PGID}"
      - "DB_HOST=db"
      - "DB_NAME=${MYSQL_DATABASE}"
      - "DB_USER=${MYSQL_USER}"
      - "DB_PASSWORD=${MYSQL_PASSWORD}"
      - "DB_TIMEOUT=60"
      - "DISPATCHER_NODE_ID=dispatcher1"
      - "SIDECAR_DISPATCHER=1"
    restart: always

  syslogng:
    image: librenms/librenms:latest
    container_name: librenms_syslogng
    hostname: librenms-syslogng
    cap_add:
      - NET_ADMIN
      - NET_RAW
    depends_on:
      - librenms
      - redis
    ports:
      - target: 514
        published: 1514
        protocol: tcp
      - target: 514
        published: 1514
        protocol: udp
    volumes:
      - "./librenms:/data"
    env_file:
      - "./librenms.env"
    environment:
      - "TZ=${TZ}"
      - "PUID=${PUID}"
      - "PGID=${PGID}"
      - "DB_HOST=db"
      - "DB_NAME=${MYSQL_DATABASE}"
      - "DB_USER=${MYSQL_USER}"
      - "DB_PASSWORD=${MYSQL_PASSWORD}"
      - "DB_TIMEOUT=60"
      - "SIDECAR_SYSLOGNG=1"
    restart: always

  snmptrapd:
    image: librenms/librenms:latest
    container_name: librenms_snmptrapd
    hostname: librenms-snmptrapd
    cap_add:
      - NET_ADMIN
      - NET_RAW
    depends_on:
      - librenms
      - redis
    ports:
      - target: 162
        published: 162
        protocol: tcp
      - target: 162
        published: 162
        protocol: udp
    volumes:
      - "./librenms:/data"
    env_file:
      - "./librenms.env"
    environment:
      - "TZ=${TZ}"
      - "PUID=${PUID}"
      - "PGID=${PGID}"
      - "DB_HOST=db"
      - "DB_NAME=${MYSQL_DATABASE}"
      - "DB_USER=${MYSQL_USER}"
      - "DB_PASSWORD=${MYSQL_PASSWORD}"
      - "DB_TIMEOUT=60"
      - "SIDECAR_SNMPTRAPD=1"
    restart: always