WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

initial commit; version 22.5.12042

Browse Source
This commit is contained in:
Chris Hammer
2022-12-12 23:28:25 -05:00
commit af1b03d79f
17653 changed files with 22692970 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

517
mibs/bintec/BINTEC-STUNNEL-MIB Normal file
View File

@ -0,0 +1,517 @@
-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00
-- $RCSfile: mib-stunnel,v $
-- $Revision: 1.15 $
-- $Date: 2014-02-07 10:37:50 $
--------------------------------------------------------------------------
BINTEC-STUNNEL-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Integer32, Unsigned32, Counter32, Counter64, IpAddress, TimeTicks,
mib-2, enterprises
FROM SNMPv2-SMI
DisplayString, TimeStamp
FROM SNMPv2-TC
security, Date, BitValue, HexValue
FROM BINTEC-MIB
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF;
sTunnelMIB MODULE-IDENTITY
LAST-UPDATED "2007061100Z"
ORGANIZATION "bintec elmeg GmbH"
CONTACT-INFO
"EMail: info@bintec-elmeg.com
Web: www.bintec-elmeg.com
"
DESCRIPTION
"MIB for STunnel daemon"
REVISION "2007061100Z"
DESCRIPTION
"STunnel MIB."
::= { security 12 }
sTunnel OBJECT IDENTIFIER ::= { sTunnelMIB 1 }
sTunnelAdm OBJECT IDENTIFIER ::= { sTunnel 1 }
sTunnelAdmStatus OBJECT-TYPE
SYNTAX INTEGER { up(1), down(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The AdminStatus of STunnel overall. This means if this Status
is set to 'down' no tunnel will be established. So it doesn't
matter if a single tunnel is set to AdminStatus 'down' or 'up'.
In case of 'up' it depends on the single tunnel whether it is
established or not.
"
DEFVAL { down }
::= { sTunnelAdm 1 }
sTunnelAdmMaxTunnels OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum of RUNNING tunnels in the system.
"
DEFVAL { 10 }
::= { sTunnelAdm 2 }
sTunnelAdmRunningTunnels OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of running tunnels at the moment.
"
DEFVAL { 0 }
::= { sTunnelAdm 3 }
sTunnelAdmKeepAliveRetries OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum number of TCP keepalive retries sent before
the (SSL) TCP connection is closed as it is suggested that
the remote side isn't reachable anymore. The default value is
0 which takes the default number of retries of TCP.
"
DEFVAL { 0 }
::= { sTunnelAdm 4 }
sTunnelAdmKeepAliveTimeout OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The timeout (in seconds) of a TCP keepalive try. If no answer is
received within this time another retry will be sent. The default
value is 0 which takes the default keepalive retry timeout of TCP.
"
DEFVAL { 0 }
::= { sTunnelAdm 5 }
sTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF STunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The StunnelTable holds single Stunnel peers.
"
::= { sTunnel 2 }
sTunnelEntry OBJECT-TYPE
SYNTAX STunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A single Stunnel entry e.g. a Stunnel peer.
"
INDEX { sTunnelIndex }
::= { sTunnelTable 1 }
STunnelEntry ::=
SEQUENCE {
sTunnelIndex INTEGER,
sTunnelAdminStatus INTEGER,
sTunnelDescription DisplayString,
sTunnelExternalIp IpAddress,
sTunnelExternalPort INTEGER,
sTunnelExternalMode INTEGER,
sTunnelInternalIp IpAddress,
sTunnelInternalPort INTEGER,
sTunnelInternalMode INTEGER,
sTunnelPrivateToken OCTET STRING,
sTunnelVerifyPeer INTEGER,
sTunnelCertificateIdx INTEGER,
sTunnelCACertificateIdx INTEGER,
sTunnelRemoteCertSubject DisplayString,
sTunnelRemoteCertSerialNo DisplayString,
sTunnelRemoteCertDns DisplayString,
sTunnelCertificateStatus INTEGER,
sTunnelRetries INTEGER,
sTunnelRetryTime INTEGER,
sTunnelMaxRetries INTEGER,
sTunnelReopenDelay INTEGER,
sTunnelShortHold INTEGER,
sTunnelDebug INTEGER,
sTunnelLastStatusChange TimeTicks,
sTunnelRxBytes Counter32,
sTunnelTxBytes Counter32,
sTunnelTCPConnections INTEGER,
sTunnelStatus INTEGER
}
sTunnelIndex OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The Index gives (should give) an unique ID for the STunnel.
"
DEFVAL { 0 }
::= { sTunnelEntry 1 }
sTunnelAdminStatus OBJECT-TYPE
SYNTAX INTEGER { up(1), down(2), delete(3) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The AdminStatus of one entry declares whether this peer should
be established (up) or not (down). In case of setting the AdminStatus
to 'delete' the entry will be deleted.
"
DEFVAL { up }
::= { sTunnelEntry 2 }
sTunnelDescription OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The description of the Stunnel. Is only for giving each tunnel
a name but has no further meaning e.g. function.
"
::= { sTunnelEntry 3 }
sTunnelExternalIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This field holds the IP to or from which the SSL connection
will be established. If it is set (not 0) in
ExternalMode_server the remote IP (incoming connection) is
checked against ExternalIp. The default value is 0.0.0.0 .
"
DEFVAL { '00000000'H }
::= { sTunnelEntry 4 }
sTunnelExternalPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The port of the external connection. In ExternalMode client
it defines the port it is connected to and in ExternalMode server
it defines the port it is listened on for incoming connections.
"
::= { sTunnelEntry 5 }
sTunnelExternalMode OBJECT-TYPE
SYNTAX INTEGER {
client(1),
server(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ExternalMode declares whether the system is server or client
to the outside e.g. SSL connection.
"
DEFVAL { client }
::= { sTunnelEntry 6 }
sTunnelInternalIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The InternalIp default value is 127.0.0.1 (localhost).
That means that the internal stunnel endpoint is the system
itself and connects to an internal service
(telnet,snmp,syslog). In special cases it is possible to
to tunnel a service from a host on the local subnet. Therefore
it is necessary to define the IP of the local subnet host here.
If the InternalMode is server and InternalIp is set (not 0)
it is checked whether InternalIp matches
the remote IP (incoming connection).
"
DEFVAL { '7f000001'H }
::= { sTunnelEntry 7 }
sTunnelInternalPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The port on which will be connected internally in InternalMode client or
on which will be listened on for an incoming connection.
"
::= { sTunnelEntry 8 }
sTunnelInternalMode OBJECT-TYPE
SYNTAX INTEGER { client(1), server(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The InternalMode declares whether the system is server or client
to the inside connection (NON-SSL connection).
"
DEFVAL { client }
::= { sTunnelEntry 9 }
sTunnelPrivateToken OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The PrivateToken is sent with the first packet as soon as
the connection is established. It is used if the remote side
wants to receive several connections on the same port and therefore
needs a token to associate the connection.
"
::= { sTunnelEntry 10 }
sTunnelVerifyPeer OBJECT-TYPE
SYNTAX INTEGER { none(1), normal(2), high(3),
very-high(4), accept-self-signed(5) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If VerifyPeer is set to 'none'(1) no SSL verification is done.
Setting VerifyPeer to 'normal'(2) a normal SSL verification is done
(certificates are checked). If it is set to 'high'(3) also the
subjectname of the remote side's certificate will be checked and
SSL connection will be cancelled if it doesn't match
to RemoteCertSubject. In case of VerifyPeer is set to 'very_high'
beside the RemoteCertSubject also the SerialNumber of the certificate
is checked to be equal or greater than RemoteCertSerialNo and
the DNS attribute (withing the subject alternative names)
is checked to be equal against RemoteCertDns (if it is configured
else no check against this variable is done).
If VerifyPeer is set to 'accept-self-signed'(5)
a 'normal' verification is done but self signed certificates
will be accepted, too.
"
DEFVAL { normal }
::= { sTunnelEntry 11 }
sTunnelCertificateIdx OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The (row) index of the CertTable holding the wanted peer certificate
for the connection.
"
::= { sTunnelEntry 12 }
sTunnelCACertificateIdx OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The (row) index of the CertTable holding the wanted/needed CA certificate
for the connection.
"
::= { sTunnelEntry 13 }
sTunnelRemoteCertSubject OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..64))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"when VerifyPeer set to 'high' the string in this field is compared
with the subjectname of the remote peer certificate.
"
::= { sTunnelEntry 14 }
sTunnelRemoteCertSerialNo OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"when VerifyPeer set to 'very_high' the string in this field
is compared with the serial number of the remote peer certificate.
"
::= { sTunnelEntry 15 }
sTunnelRemoteCertDns OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"when VerifyPeer set to 'very_high' the string in this field
is compared with the DNS attribute within the subject alternative
names of the remote peer certificate. But if this variable is left
blank no comparison is done and it is continued (accepted) without!
"
::= { sTunnelEntry 16 }
sTunnelCertificateStatus OBJECT-TYPE
SYNTAX INTEGER { initial(1),cert-ok(2),
invalid-cert-untrusted(3),
invalid-cert-expired(4),
invalid-cert-wrong-id-or-type(5),
invalid-cert-revoked(6),
no-cert-available(7),
undefined-ssl-error(8)}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The certificatestatus displays if and which error occured during
the certificate validation. If no error occured it is ok(2).
The four possible errors are the cert is untrusted(3),
the cert has expired(4), the cert has a wrong id or type or the
cert has been revoked(5). If no cert is available the status is
no_cert_available(7). In any other (certificate) error situation
the status is set to undefined_ssl_error(8).
"
DEFVAL { initial }
::= { sTunnelEntry 17 }
sTunnelRetries OBJECT-TYPE
SYNTAX INTEGER (0..50)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of retries which were already done during the
actual e.g. last connection.
"
::= { sTunnelEntry 18 }
sTunnelRetryTime OBJECT-TYPE
SYNTAX INTEGER (0..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time in seconds which the system waits for a reconnection
try if the last try failed.
"
DEFVAL { 60 }
::= { sTunnelEntry 19 }
sTunnelMaxRetries OBJECT-TYPE
SYNTAX INTEGER (-1..50)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum number of retries till the system declares
the connection to failed. In case of '-1' infinite retries
will take place.
"
DEFVAL { 3 }
::= { sTunnelEntry 20 }
sTunnelReopenDelay OBJECT-TYPE
SYNTAX INTEGER (-1..31536000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time till the connection will be reopened.
"
DEFVAL { 0 }
::= { sTunnelEntry 21 }
sTunnelShortHold OBJECT-TYPE
SYNTAX INTEGER (-1 .. 3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ShortHold is the number of seconds after which an inactive
connection is closed. Is the ShortHold set to -1 it is never
closed for the reason of inactivity.
"
DEFVAL { -1 }
::= { sTunnelEntry 22 }
sTunnelDebug OBJECT-TYPE
SYNTAX INTEGER { disabled(1), enabled(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"enables(2) or disables(1) debug messages for this peer.
"
DEFVAL { disabled }
::= { sTunnelEntry 23 }
sTunnelLastStatusChange OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This value shows the time since the last sTunnelStatus change.
"
::= { sTunnelEntry 24 }
sTunnelRxBytes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The amount of received (data) bytes from the external connection.
Only the real data bytes
(without any header or encryption/hash are counted).
"
DEFVAL { 0 }
::= { sTunnelEntry 25 }
sTunnelTxBytes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The amount of transmitted bytes towards the external connection.
Only the real data bytes
(without any header or encryption/hash are counted).
"
DEFVAL { 0 }
::= { sTunnelEntry 26 }
sTunnelTCPConnections OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the SSL-TCP-Connections of this tunnel.
"
::= { sTunnelEntry 27 }
sTunnelStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2),
wait-for-retry(3),
wait-for-connection(4),
failed(5),
wait-for-reopen(6),
external-up(7),
finished(8)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The (operational) status of the connection. 'up'(1) means the
connection is fully established.
'down'(2) means the connection is (finally) down.
'wait-for-retry'(3) means the system waits RetryTime
seconds before the next connection try will be performed.
'wait-for-connection'(4) means that the peer waits for a connect
(if it is in server mode) or for accepting its own connection
try (if it is in client mode). Only if both internal and
external connection are established the status changes to 'up'.
'failed'(5) means that the connection finally failed, so no more
retries will take place (in this case the peer's AdminStatus
hast to be reset to retry to establish the connection).
'wait-for_reopen'(6) is indicating that the timer for a reopen
is running and on expire a reopen is performed.
'external_up'(7) means the external connection is
established the internal not yet.
'finished'(8) means the last TCP connection got quit
and tunnel is temporalily down.
"
DEFVAL { down }
::= { sTunnelEntry 28 }
END