
This directory contains some sample SNMP agents. This is experimental
work, but it might give you some examples how to do your own little
agent with scotty.

Note, the SNMP agent stuff in this directory is not meant to replace
your standard MIB-2 SNMP agent. Instead, you should run this stuff as
an additional SNMP agent using a different port number or as a native
proxy (if supported by your standard SNMP agent).

The main agent is in snmpd. It includes extensions which should be
defined in separate files. The files currently available are:

	tubs.tcl	- implements some experimental extensions
			  we use for debugging etc.

	mlm.tcl		- some experimentation with a variation of
		  	  the mlm MIB as defined in an internet draft 
			  (see draft-levi-snmp-mid-level-mgr-00.txt)

	mlm_scripts.tcl	- Some static (non-volatile) scripts loaded
			  into the mlm MIB agent.

	www.tcl		- A simple http server interface which provides
			  http access to the running agent.

	http.tcl	- A sample script the reads HTTP server log files
			  in CERN's common format and provides access to
			  some basic statistics via SNMP.

*** WARNING !!! ***

Implementing MIBS can be quite dangerous to your system security! For
example, the tubs.tcl code contains a simple tclEvalTable which can
store arbitrary tcl commands which are executed by the agent. This can
be used by everyone allowed to perform sets on your agent! So choose
good community strings, or better use MD5 authentication (which is not
very well tested) or even better do not evaluate arbitrary commands!

We recommend to configure scotty with the --with-stcl option to make
use of the safe Tcl extension available as part of this distribution.
Here is how you create a safe SNMP agent using safe Tcl:

	set s [snmp session -port 8888 -community $cryptic]
	$s agent [interp create -safe]

The good thing is that you get name spaces for free. So it is possible
to have multiple snmp agents in one process where each agent maintains
its own system group etc.

A simple programming error while exporting an alias to a safe Tcl
interpreter can again introduce security problems. Thats why we still
recommend to run the agent on an account that can't do harm to your
system.

*** YOU HAVE BEEN WARNED !!! ***

							Juergen
