From Net-SNMP Wiki

How do I configure access control?

The simplest way is to use the configure directives:

               rocommunity public       (for SNMPv1/2c)
               rwcommunity private

or

               rouser user1             (for SNMPv3)
               rwuser user2

These specify the community names or security names to accept for read-only and read-write access to the whole of the supported MIB tree. (Obviously you should change these names to match your requirements - which is a particularly good idea in the case of 'rwcommunity'!)

Note that you should not specify the same community name for both rocommunity and rwcommunity directives. The rwcommunity setting automatically provides read access, and having both lines (with the same community name) may result in unexpected behaviour. Only use both settings when specifying different community names. The same holds true for rouser and rwuser.

The two community directives can be restricted to only allow requests from particular sources, and all four can can be restricted to particular subtree or (from v5.3) a named view. See 'snmpd.conf(5)' for details.

These directives are effectively wrappers round the core access control mechanism, which uses the four directives 'com2sec', 'group', 'view' and 'access' to provide a more efficient and flexible control over who can access which portions of the tree.

See the next entry for the gory details.

   FAQ:Agent
   

1. What MIBs are supported?
2. What protocols are supported?
3. How do I configure the agent?
4. How do I remove a MIB from the agent?
5. I've installed a new MIB file. Why can't I query it?
6. How do I add a MIB to the agent?
7. What's the difference between 'exec', 'sh' and 'pass'?
8. What's the difference between AgentX, SMUX and proxied SNMP?
9. What about 'dlmod' - what's that about?
10. Which should I use?
11. Can I use AgentX when running under Windows?
12. Can I use AgentX (or an embedded SNMP agent) in a threaded application?
13. How can I run AgentX with a different socket address?
14. How can I turn off SMUX support?
15. How can I combine two copies of the 'mib2' tree from separate subagents?
16. What traps are sent by the agent?
17. Where are these traps sent to?
18. How can I send a particular trap to selected destinations?
19. When I run the agent it runs and then quits without staying around. Why?
20. After a while the agent stops responding, and starts eating CPU time. Why?
21. How can I stop other people getting at my agent?
22. How can I listen on just one particular interface?
23. How do I configure access control?
24. I don't understand the new access control stuff - what does it mean?
25. How do I configure SNMPv3 users?
26. The 'createUser' line disappears when I start the agent. Why?
27. What's the difference between /var/net-snmp and /usr/local/share/snmp?
28. My new agent is ignoring the old snmpd.conf file. Why?
29. Why am I getting "Connection refused"?
30. Why can't I see values in the UCDavis 'extensible' or 'disk' trees?
31. Why can't I see values in the UCDavis 'memory' or 'vmstat' tree?
32. What do the CPU statistics mean - is this the load average?
33. How do I get percentage CPU utilization using ssCpuRawIdle?
34. What about multi-processor systems?
35. The speed/type of my network interfaces is wrong - how can I fix it?
36. The interface statistics for my subinterfaces are all zero - why?
37. Does the agent support the RMON-MIB?
38. What does "klread: bad address" mean?
39. What does "nlist err: wombat not found" (or similar) mean?
40. How about "Can't open /dev/kmem"?
41. The agent is complaining about 'snmpd.conf'. Where is this?
42. The system uptime (sysUpTime) returned is wrong!
43. Can the agent run multi-threaded?