Commit version 24.12.13800

2025-01-06 17:35:06 -05:00
parent b7f6a79c2c
commit 55d9218816
6133 changed files with 4239740 additions and 1374287 deletions
--- a/mibs/hh3c/HH3C-IPSEC-MONITOR-V2-MIB
+++ b/mibs/hh3c/HH3C-IPSEC-MONITOR-V2-MIB
@ -1,14 +1,23 @@
 -- ====================================================================
-- Copyright (c) 2004-2017 New H3C Tech. Co., Ltd.  All rights reserved.
+-- Copyright (c) 2004-2021 New H3C Tech. Co., Ltd.  All rights reserved.
 --
 -- Description: The MIB is designed to get IPsec tunnels' statistic information.
 -- Reference:
-- Version: 1.1
+-- Version: 1.3
 -- History:
 --   V1.0: The initial version created by Wanghaisheng and Weiyanheng.
 --   V1.1: 2017-10-31 Added hh3cIPsecTunnelStatByDescripV2Table,hh3cIPsecConnectionStopV2,
 --         hh3cIPsecConnectionStartV2,hh3cIPsecConnectionStopCntlV2 and
 --         hh3cIPsecConnectionStartCntlV2 by shihaohao
+--   V1.2: 2021-04-23 Added by Yangbaotao. This revision is about the node
+--         Hh3cIPsecEncryptAlgoV2 and Hh3cIPsecAuthAlgoV2.
+--         Deprecated hh3cIPsecTunIKETunLocalIDVal1V2,
+--         hh3cIPsecTunIKETunRemoteIDVal1V2,added hh3cIPsecTunIKETunLocalIDVal3V2
+--         hh3cIPsecTunIKETunRemoteIDVal3V2 by Zhaoming.
+--   V1.3: 2021-07-14 Added by Fanchuanqi. This revision is about the node
+--         Hh3cIPsecEncryptAlgoV2 and Hh3cIPsecAuthAlgoV2.
+--         2021-07-19 Added by Zoumingquan. This revision is about the node
+--         hh3cIPsecTunProfileNameV2.
 -- =====================================================================
 HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN

@ -30,7 +39,7 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            FROM HH3C-OID-MIB;

    hh3cIPsecMonitorV2 MODULE-IDENTITY
-        LAST-UPDATED "201710311650Z"
+        LAST-UPDATED "202107191350Z"
        ORGANIZATION
            "New H3C Tech. Co., Ltd."
        CONTACT-INFO
@ -42,6 +51,19 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            "The MIB is designed to get statistic information of IPsec tunnels.
             With this MIB, we can get information of a certain tunnel or all
             tunnels."
+         REVISION "202107191350Z"
+         DESCRIPTION
+            "This revision is about the node hh3cIPsecTunProfileNameV2."
+         REVISION "202107141530Z"
+         DESCRIPTION
+            "This revision is about the node Hh3cIPsecEncryptAlgoV2
+             and Hh3cIPsecAuthAlgoV2."
+         REVISION "202104231730Z"
+         DESCRIPTION
+            "This revision is about the node Hh3cIPsecEncryptAlgoV2
+             and Hh3cIPsecAuthAlgoV2.Deprecate hh3cIPsecTunIKETunLocalIDVal1V2,
+             hh3cIPsecTunIKETunRemoteIDVal1V2, add hh3cIPsecTunIKETunLocalIDVal3V2
+             and hh3cIPsecTunIKETunRemoteIDVal3V2."
         REVISION "201710311650Z"
         DESCRIPTION
            "Add the objects of hh3cIPsecTunnelStatByDescripV2Table,hh3cIPsecConnectionStopV2,
@ -100,6 +122,22 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            aesCtr(12),
            aesCamelliaCbc(13),
            rc4(14),
+            aesCtr128(15),
+            aesCtr192(16),
+            aesCtr256(17),
+            camelliaCbc128(18),
+            camelliaCbc192(19),
+            camelliaCbc256(20),
+            gmac128(21),
+            gmac192(22),
+            gmac256(23),
+            gcm128(24),
+            gcm192(25),
+            gcm256(26),
+            sm1Cbc128(128),
+            sm1Cbc192(129),
+            sm1Cbc256(130),
+            sm4Cbc(131),
            invalidAlg(2147483647)
        }

@ -115,6 +153,8 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            sha256(3),
            sha384(4),
            sha512(5),
+            aesXcbcMac(6),
+            sm3(128),
            invalidAlg(2147483647)
        }

@ -201,7 +241,7 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
    hh3cIPsecScalarObjectsV2 OBJECT IDENTIFIER ::= { hh3cIPsecObjectsV2 1 }

    hh3cIPsecMIBVersion OBJECT-TYPE
-        SYNTAX DisplayString
+        SYNTAX DisplayString(SIZE(0..255))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
@ -299,8 +339,13 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            hh3cIPsecTunStatusV2
                INTEGER,
            hh3cIPsecTunPolicyDescriptionV2
-                OCTET STRING
-
+                OCTET STRING,
+            hh3cIPsecTunIKETunLocalIDVal3V2
+                OCTET STRING,
+            hh3cIPsecTunIKETunRemoteIDVal3V2
+                OCTET STRING,
+            hh3cIPsecTunProfileNameV2
+                DisplayString
        }

    hh3cIPsecTunIndexV2 OBJECT-TYPE
@ -342,9 +387,9 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
        ::= { hh3cIPsecTunnelV2Entry 4 }

    hh3cIPsecTunIKETunLocalIDVal1V2 OBJECT-TYPE
-        SYNTAX DisplayString
+        SYNTAX DisplayString(SIZE(0..255))
        MAX-ACCESS read-only
-        STATUS current
+        STATUS deprecated
        DESCRIPTION
            "The value of the local peer identity for the associated IPsec
             Phase-1 IKE Tunnel (IKETunLocalValue1 in the IKETunnelTable).
@ -373,11 +418,14 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
             If the local peer type is keyId, this is an opaque byte
             stream which may be used to pass vendor-specific information
             necessary to identify which pre-shared key should be used to
-             authenticate Aggressive mode negotiations."
+             authenticate Aggressive mode negotiations.
+
+             The local peer identity may not exceed 255 characters in length.
+             The complete value will be displayed by hh3cIPsecTunIKETunLocalIDVal3V2"
        ::= { hh3cIPsecTunnelV2Entry 5 }

    hh3cIPsecTunIKETunLocalIDVal2V2 OBJECT-TYPE
-        SYNTAX DisplayString
+        SYNTAX DisplayString(SIZE(0..255))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
@ -404,9 +452,9 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
        ::= { hh3cIPsecTunnelV2Entry 7 }

    hh3cIPsecTunIKETunRemoteIDVal1V2 OBJECT-TYPE
-        SYNTAX DisplayString
+        SYNTAX DisplayString(SIZE(0..255))
        MAX-ACCESS read-only
-        STATUS current
+        STATUS deprecated
        DESCRIPTION
            "The value of the remote peer identity for the associated IPsec
             Phase-1 IKE Tunnel (IKETunRemoteValue1 in the IKETunnelTable).
@ -435,11 +483,14 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
             If the remote peer type is keyId, this is an opaque byte
             stream which may be used to pass vendor-specific information
             necessary to identify which pre-shared key should be used to
-             authenticate Aggressive mode negotiations."
+             authenticate Aggressive mode negotiations.
+
+             The remote peer identity may not exceed 255 characters in length.
+             The complete value will be displayed by hh3cIPsecTunIKETunRemoteIDVal3V2"
        ::= { hh3cIPsecTunnelV2Entry 8 }

    hh3cIPsecTunIKETunRemoteIDVal2V2 OBJECT-TYPE
-        SYNTAX DisplayString
+        SYNTAX DisplayString(SIZE(0..255))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
@ -686,6 +737,83 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
            "IPsec policy description of an IPsec tunne."
        ::= { hh3cIPsecTunnelV2Entry 34 }

+    hh3cIPsecTunIKETunLocalIDVal3V2 OBJECT-TYPE
+        SYNTAX OCTET STRING (SIZE(0..2047))
+        MAX-ACCESS read-only
+        STATUS current
+        DESCRIPTION
+            "The value of the local peer identity for the associated IPsec
+             Phase-1 IKE Tunnel (IKETunLocalValue1 in the IKETunnelTable).
+
+             If the local peer type is ipv4Addr/ipv6Addr, this is the IP address
+             used to identify the local peer.
+
+             If the local peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
+             the subnet address.
+
+             If the local peer type is ipv4AddrRange/ipv6AddrRange, this is
+             the beginning IP address of the range.
+
+             If the local peer type is fqdn/userFqdn, this is the host name
+             used to identify the local peer.
+
+             If the local peer type is derAsn1Dn, this is the binary DER
+             encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
+             principal whose certificates are being exchanged to establish
+             the SA.
+
+             If the local peer type is derAsn1Gn, this is the binary DER
+             encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
+             whose certificates are being exchanged to establish the SA.
+
+             If the local peer type is keyId, this is an opaque byte
+             stream which may be used to pass vendor-specific information
+             necessary to identify which pre-shared key should be used to
+             authenticate Aggressive mode negotiations."
+        ::= { hh3cIPsecTunnelV2Entry 35 }
+
+    hh3cIPsecTunIKETunRemoteIDVal3V2 OBJECT-TYPE
+        SYNTAX OCTET STRING (SIZE(0..2047))
+        MAX-ACCESS read-only
+        STATUS current
+        DESCRIPTION
+            "The value of the remote peer identity for the associated IPsec
+             Phase-1 IKE Tunnel (IKETunRemoteValue1 in the IKETunnelTable).
+
+             If the remote peer type is ipv4Addr/ipv6Addr, this is the IP address
+             used to identify the remote peer.
+
+             If the remote peer type is ipv4AddrSubnet/ipv6AddrSubnet, this is
+             the subnet address.
+
+             If the remote peer type is ipv4AddrRange/ipv6AddrRange, this is
+             the beginning IP address of the range.
+
+             If the remote peer type is fqdn/userFqdn, this is the host name
+             used to identify the remote peer.
+
+             If the remote peer type is derAsn1Dn, this is the binary DER
+             encoding of an ASN.1 X.500 Distinguished Name [X.501] of the
+             principal whose certificates are being exchanged to establish
+             the SA.
+
+             If the remote peer type is derAsn1Gn, this is the binary DER
+             encoding of an ASN.1 X.500 GeneralName [X.509] of the principal
+             whose certificates are being exchanged to establish the SA.
+
+             If the remote peer type is keyId, this is an opaque byte
+             stream which may be used to pass vendor-specific information
+             necessary to identify which pre-shared key should be used to
+             authenticate Aggressive mode negotiations."
+        ::= { hh3cIPsecTunnelV2Entry 36 }
+
+    hh3cIPsecTunProfileNameV2 OBJECT-TYPE
+        SYNTAX DisplayString(SIZE(0..255))
+        MAX-ACCESS read-only
+        STATUS current
+        DESCRIPTION
+            "The profile name used by this IPsec tunnel."
+        ::= { hh3cIPsecTunnelV2Entry 37 }

 -- ===============================================
 -- Begin the table of hh3cIPsecTunnelStatV2Table.
@ -2105,7 +2233,10 @@ HH3C-IPSEC-MONITOR-V2-MIB DEFINITIONS ::= BEGIN
                    hh3cIPsecTunPolicyNameV2,
                    hh3cIPsecTunPolicyNumV2,
                    hh3cIPsecTunStatusV2,
-                    hh3cIPsecTunPolicyDescriptionV2
+                    hh3cIPsecTunPolicyDescriptionV2,
+                    hh3cIPsecTunIKETunLocalIDVal3V2,
+                    hh3cIPsecTunIKETunRemoteIDVal3V2,
+                    hh3cIPsecTunProfileNameV2
                }
        STATUS current
        DESCRIPTION