GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  SDIG.CONF (5)

NAME

sdig.conf - Configuration for the Switch Digger

CONTENTS

Description
Security Warning
Directives
See Also
Authors

DESCRIPTION

sdig(8) uses this file to learn about your network’s configuration. It is essential to proper operation.

SECURITY WARNING

This file will obviously contain a great deal of information about your organization’s network, including SNMP community strings. For that reason, you should use appropriate permissions so that only authorized users may access it.

I recommend creating a new group, then make the file readable by that group, and place specific users into that group.

This file should not be world-readable.

DIRECTIVES

ROUTER network addr community description rtr_ip

List a router for the network network (CIDR or a.b.c.d/x.x.x.x format) at IP address addr using SNMP community community. The description provides some details when generating the output. Remember to wrap the description in "quotes" if it contains any sort of whitespace (spaces, tabs, etc).

        ROUTER 192.168.3.0/24 192.168.3.1 mycommunity "Company core router"

Optional rtr_ip can be used to provide an explicit IP address of the routing interface in the target network. Otherwise the same addr used for SNMP queries is used as the routing interface address, which may be wrong. For example, firewall rules may allow SNMP access to only one IP of the router, but ARP lookups usually require specific interfaces within the target’s subnet.

For example, to query the router (rtr_ip) 192.168.2.1 of the network 192.168.2.0/24 via SNMP interface (addr) 192.168.3.254 configure a line like this:

        ROUTER 192.168.2.0/24 192.168.3.254 mycommunity "Company core router" 192.168.2.1

Textual Hostnames can be used for rtr_ip and addr, subject to be resolved by system (via /etc/hosts or DNS Resolver).

NOTE: Some switches, namely Cisco Catalyst (IOS), require SNMP queries for different VLANs to use different community strings. For example, to look up mycommunity in VLAN123 you’ll need to write mycommunity@123.

SWITCH network addr community description

Like ROUTER, but for a switch instead. Note there’s no equivalent of rtr_ip.

        SWITCH 192.168.3.0/24 192.168.3.2 mycommunity "Upstairs data room"

        SWITCH 192.168.3.0/24 192.168.3.3 mycommunity "Downstairs data room"

Textual Hostnames can be used for addr, resolved by system (/etc/hosts or DNS Resolver).

NOTE: Some switches, namely Cisco Catalyst (IOS), require SNMP queries for different VLANs to use different community strings. For example, to look up mycommunity in VLAN123 you’ll need to write mycommunity@123.

LINKINFO addr port num description

Describe a connection between switches so it won’t show up on the normal sdig display. This limits your findings in normal mode to port(s) that probably lead to the target host. Use verbose mode to display all of them, even the ones that just go to other switches.

        LINKINFO 192.168.3.2 24 "link to downstairs switch"

        LINKINFO 192.168.3.3 24 "link to upstairs switch"

PORTDESC addr port num description

Describe a port in a switch. Usually used for details like patch panel numbers and other things that can’t be inferred by asking the equipment directly.

Also useful for downlink ports to either "dumb" active equipment (i.e. hubs with no SNMP capabilities) or to another network’s equipment to which you have no SNMP-query access (unknown community name).

        PORTDESC 192.168.3.2 1 "Upstairs patch panel #10"

        PORTDESC 192.168.3.3 25 "Fiber to remote site"

        PORTDESC 192.168.3.3 48 "UPLINK to Campus ISP"

WINS addr

Tell nmblookup to use the WINS server at addr for name lookups. Only used when NMBLOOKUP is defined and DNS lookups fail.

        WINS 192.168.100.1

NMBLOOKUP path

Specify the path to Samba’s nmblookup binary. This might be /usr/local/samba/bin/nmblookup if you do a stock install from source. This program is optional, and is provided to augment DNS lookups in environments laden with Windows machines.

        NMBLOOKUP /usr/local/bin/nmblookup

MACTABLE path

Specify the location of the MAC table file. This is another item that is used to provide a few more bits of information when tracking down a system. You might use it to find rogue NICs that are not the company-approved brand.

This file is rather large and rarely changes, so it’s not included in the source distribution. You can get it on the main sdig web site - http://www.exploits.org/sdig/

        MACTABLE /usr/local/etc/mactable

HOSTINFO path

Give the location of a script or program that will be called shortly after displaying the Query: data. It will receive the IP address of the target host as an argument.

If you want to display things like the system’s NetBIOS name, this is a good place to put a call to Samba’s nmblookup.

SEE ALSO

sdig(8)

AUTHORS

Russell Kroll <rkroll@exploits.org> up till sdig-0.40 Russell A. Jackson <raj@csub.edu> sdig-0.41 .. sdig-0.44 Jim Klimov <jimklimov@gmail.com> sdig-0.45

Search for    or go to Top of page |  Section 5 |  Main Index


SDIG.CONF (5) Mon Mar 24 2003

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.