WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

initial commit; version 22.5.12042

Browse Source
This commit is contained in:
Chris Hammer
2022-12-12 23:28:25 -05:00
commit af1b03d79f
17653 changed files with 22692970 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

507
mibs/fscom/FS-SECZONE-MIB Normal file
View File

@ -0,0 +1,507 @@
-- *****************************************************************
-- FS-SECZONE-MIB.mib: FS security zone MIB file
--
-- March 2009, rendh
--
-- Copyright (c) 2009 by FS.COM Inc..
-- All rights reserved.
--
-- *****************************************************************
--
FS-SECZONE-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
OBJECT-TYPE,
NOTIFICATION-TYPE,
IpAddress,
Integer32
FROM SNMPv2-SMI
DisplayString,
RowStatus
FROM SNMPv2-TC
MODULE-COMPLIANCE,
OBJECT-GROUP,
NOTIFICATION-GROUP
FROM SNMPv2-CONF
ConfigStatus
FROM FS-TC
fsMgmt
FROM FS-SMI;
fsSecZoneMIB MODULE-IDENTITY
LAST-UPDATED "200908110000Z"
ORGANIZATION "FS.COM Inc.."
CONTACT-INFO
"
Tel: 400-865-2852
E-mail: https://www.fs.com/live_chat_service_mail.html"
DESCRIPTION
"This module defines my Security Zone mibs."
REVISION "200908110000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { fsMgmt 54}
fsSecZoneMIBObjects OBJECT IDENTIFIER ::= { fsSecZoneMIB 1 }
-- *****************************************************************************************
-- define Security Zone chain
-- *****************************************************************************************
fsSecZoneChainTable OBJECT-TYPE
SYNTAX SEQUENCE OF FSSecZoneChainEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of Security Zone Chain entries."
::= { fsSecZoneMIBObjects 1 }
fsSecZoneChainEntry OBJECT-TYPE
SYNTAX FSSecZoneChainEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry contains chain name and level."
INDEX { fsSecZoneChainName }
::= { fsSecZoneChainTable 1 }
FSSecZoneChainEntry ::=
SEQUENCE {
fsSecZoneChainName DisplayString,
fsSecZoneLevel INTEGER,
fsSecZoneAclName DisplayString,
fsSecZoneViolationNotifyThresh INTEGER,
fsSecZoneViolationNotifyAction INTEGER,
fsSecZoneViolationBlockThresh INTEGER,
fsSecZoneViolationBlockAction INTEGER,
fsSecZoneViolationBlockTimeout INTEGER,
fsSecZoneChainEntryStatus RowStatus
}
fsSecZoneChainName OBJECT-TYPE
SYNTAX DisplayString(SIZE (1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"security zone chain name of this entry.This value is unique for every entry
When this string be used as an index,Value of a sub-identifier equal
ASCII value of corresponding character(first sub-identifier corresponds
first character of string). The number of sub-identifiers of this string
must be 32,If length of string is less than 32 the sub-identifier(0x0)
will be filled in tail."
::= { fsSecZoneChainEntry 1 }
fsSecZoneLevel OBJECT-TYPE
SYNTAX INTEGER(0..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Config level of this Seczone"
::= { fsSecZoneChainEntry 2 }
fsSecZoneAclName OBJECT-TYPE
SYNTAX DisplayString(SIZE (1..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Access list name of security zone belong to.
When this string be used as an index,Value of a sub-identifier equal
ASCII value of corresponding character(first sub-identifier corresponds
first character of string). The number of sub-identifiers of this string
must be 32,If length of string is less than 32 the sub-identifier(0x0)
will be filled in tail."
::= { fsSecZoneChainEntry 3 }
fsSecZoneViolationNotifyThresh OBJECT-TYPE
SYNTAX INTEGER(0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Threshold of security zone access violation . value 0 means no notify."
::= {fsSecZoneChainEntry 4 }
fsSecZoneViolationNotifyAction OBJECT-TYPE
SYNTAX INTEGER{
log(1),
trap(2),
logtrap(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Action of security zone access violation Notify:log (1), trap (2) , log and trap(3)."
::= {fsSecZoneChainEntry 5 }
fsSecZoneViolationBlockThresh OBJECT-TYPE
SYNTAX INTEGER(0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Threshold of security zone access violation Blocking. value 0 means no block."
::= {fsSecZoneChainEntry 6 }
fsSecZoneViolationBlockAction OBJECT-TYPE
SYNTAX INTEGER{
globalblock (1),
zoneblock(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Action of security zone access violation Blocking:globalblock(1),zoneblock(2) ."
::= {fsSecZoneChainEntry 7 }
fsSecZoneViolationBlockTimeout OBJECT-TYPE
SYNTAX INTEGER (0..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Timeout of security zone access violation Blocking . value 0 means block permanently"
::= {fsSecZoneChainEntry 8 }
fsSecZoneChainEntryStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Status of this entry, set its value to invalid will delete this entry.
set its value to valid has no effect."
::= { fsSecZoneChainEntry 9 }
-- *****************************************************************************************
-- define zone to zone policy
-- *****************************************************************************************
fsSecZone2ZoneTable OBJECT-TYPE
SYNTAX SEQUENCE OF FSSecZone2ZoneEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of Two Security Zone entries."
::= { fsSecZoneMIBObjects 2 }
fsSecZone2ZoneEntry OBJECT-TYPE
SYNTAX FSSecZone2ZoneEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry contains policy from one Zone to another Zone ."
INDEX { fsZoneFirstName ,fsZoneSecondName,fsZone2ZoneAclName }
::= { fsSecZone2ZoneTable 1 }
FSSecZone2ZoneEntry ::=
SEQUENCE {
fsZoneFirstName DisplayString,
fsZoneSecondName DisplayString,
fsZone2ZoneAclName DisplayString,
fsZone2ZoneEntryStauts RowStatus
}
fsZoneFirstName OBJECT-TYPE
SYNTAX DisplayString(SIZE (1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First zone name of this entry.This value is unique for every entry
When this string be used as an index,Value of a sub-identifier equal
ASCII value of corresponding character(first sub-identifier corresponds
first character of string). The number of sub-identifiers of this string
must be 32,If length of string is less than 32 the sub-identifier(0x0)
will be filled in tail."
::= { fsSecZone2ZoneEntry 1 }
fsZoneSecondName OBJECT-TYPE
SYNTAX DisplayString(SIZE (1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second zone name of this entry.This value is unique for every entry
When this string be used as an index,Value of a sub-identifier equal
ASCII value of corresponding character(first sub-identifier corresponds
first character of string). The number of sub-identifiers of this string
must be 32,If length of string is less than 32 the sub-identifier(0x0)
will be filled in tail."
::= { fsSecZone2ZoneEntry 2 }
fsZone2ZoneAclName OBJECT-TYPE
SYNTAX DisplayString(SIZE (1..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Key chain name of this entry.This value is unique for every entry
When this string be used as an index,Value of a sub-identifier equal
ASCII value of corresponding character(first sub-identifier corresponds
first character of string). The number of sub-identifiers of this string
must be 32,If length of string is less than 32 the sub-identifier(0x0)
will be filled in tail."
::= { fsSecZone2ZoneEntry 3 }
fsZone2ZoneEntryStauts OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"entry status for this list."
::= { fsSecZone2ZoneEntry 4 }
-- *****************************************************************************************
-- blocking ip table
-- *****************************************************************************************
fsSecZoneBlockingTable OBJECT-TYPE
SYNTAX SEQUENCE OF FSSecZoneBlockingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of IP blocking entries."
::= { fsSecZoneMIBObjects 3 }
fsSecZoneBlockingEntry OBJECT-TYPE
SYNTAX FSSecZoneBlockingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry contains blocking IP .value 0 mean all block IP for deleting all blocking IP"
INDEX { fsBockingIP }
::= { fsSecZoneBlockingTable 1 }
FSSecZoneBlockingEntry ::=
SEQUENCE {
fsBockingIP IpAddress ,
fsBockingCurrentStatus INTEGER ,
fsBockingTryAccessZoneName DisplayString,
fsBockingEntryStatus ConfigStatus
}
fsBockingIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ip address of Blocking table. "
::= { fsSecZoneBlockingEntry 1 }
fsBockingCurrentStatus OBJECT-TYPE
SYNTAX INTEGER{
globalblock (1),
zoneblock(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"status of security zone access violation Blocking:globalblock(1),zoneblock(2)."
::= { fsSecZoneBlockingEntry 2 }
fsBockingTryAccessZoneName OBJECT-TYPE
SYNTAX DisplayString(SIZE (0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Try access Zone name of blocking IP.It indicate that
this doesn't match any Zone if this string is null"
::= { fsSecZoneBlockingEntry 3 }
fsBockingEntryStatus OBJECT-TYPE
SYNTAX ConfigStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Status of this entry, set its value to invalid (2)will delete this entry.
set its value to valid(1)has no effect."
::= { fsSecZoneBlockingEntry 4 }
-- *****************************************************************************************
-- define Global Violation policy parameter
-- *****************************************************************************************
fsGlobalViolationNotifyThresh OBJECT-TYPE
SYNTAX INTEGER(0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Threshold of Global parameter access violation . value 0 means no notify."
::= { fsSecZoneMIBObjects 4 }
fsGlobalViolationNotifyAction OBJECT-TYPE
SYNTAX INTEGER{
log(1),
trap(2),
logtrap(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Action of Global parameter access violation Notify:log (1), trap (2) , log and trap(3)."
::= { fsSecZoneMIBObjects 5 }
fsGlobalViolationBlockThresh OBJECT-TYPE
SYNTAX INTEGER(0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Threshold of Global parameter access violation Blocking. value 0 means no block."
::= {fsSecZoneMIBObjects 6 }
fsGlobalViolationBlockAction OBJECT-TYPE
SYNTAX INTEGER{
globalblock (1),
zoneblock(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Action of Global parameter access violation Blocking:globalblock(1),zoneblock(2) ."
::= {fsSecZoneMIBObjects 7 }
fsGlobalViolationBlockTimeout OBJECT-TYPE
SYNTAX INTEGER (0..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Timeout of Global parameter access violation Blocking . value 0 means block permanently"
::= {fsSecZoneMIBObjects 8 }
-- *****************************************************************************************
-- trap define
-- *****************************************************************************************
fsSecZoneMIBTraps OBJECT IDENTIFIER ::= { fsSecZoneMIB 2 }
violationTime OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The time of packet violation. Used by trap."
::= { fsSecZoneMIBObjects 9 }
violationSrcIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The source IP address of packet violation. Used by trap."
::= { fsSecZoneMIBObjects 10 }
violationDestIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The dest IP address of packet violation. Used by trap."
::= { fsSecZoneMIBObjects 11 }
violationProtocol OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The protocol of packet violation. Used by trap."
::= { fsSecZoneMIBObjects 12 }
violationL4Key OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The tcp/udp port or icmp type&code of packet violation. Used by trap."
::= { fsSecZoneMIBObjects 13 }
fsSecZoneViolationTrap NOTIFICATION-TYPE
OBJECTS { violationTime,
violationSrcIP,
violationDestIP,
violationProtocol,
violationL4Key,
fsZoneFirstName,
fsZoneSecondName
}
STATUS current
DESCRIPTION
"Security zone access Violation trap."
::= { fsSecZoneMIBTraps 1 }
-- *****************************************************************************************
fsSecZoneMIBConformance OBJECT IDENTIFIER ::= { fsSecZoneMIB 3 }
fsSecZoneMIBCompliances OBJECT IDENTIFIER ::= { fsSecZoneMIBConformance 1 }
fsSecZoneMIBGroups OBJECT IDENTIFIER ::= { fsSecZoneMIBConformance 2 }
-- compliance statements
fsSecZoneMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which implement
the FS SecZone MIB"
MODULE -- this module
MANDATORY-GROUPS {
fsSecZoneMIBGroup,
fsSecZoneNotifObjectsGroup,
fsSecZoneNotificationsGroup
}
::= { fsSecZoneMIBCompliances 1 }
-- units of conformance
fsSecZoneMIBGroup OBJECT-GROUP
OBJECTS {
fsSecZoneChainName,
fsSecZoneLevel,
fsSecZoneAclName,
fsSecZoneViolationNotifyThresh,
fsSecZoneViolationNotifyAction,
fsSecZoneViolationBlockThresh,
fsSecZoneViolationBlockAction,
fsSecZoneViolationBlockTimeout,
fsSecZoneChainEntryStatus,
fsZoneFirstName,
fsZoneSecondName,
fsZone2ZoneAclName,
fsZone2ZoneEntryStauts,
fsBockingIP,
fsBockingCurrentStatus,
fsBockingTryAccessZoneName,
fsBockingEntryStatus,
fsGlobalViolationNotifyThresh,
fsGlobalViolationNotifyAction,
fsGlobalViolationBlockThresh,
fsGlobalViolationBlockAction,
fsGlobalViolationBlockTimeout
}
STATUS current
DESCRIPTION
"A collection of objects providing seczone managment."
::= { fsSecZoneMIBGroups 1 }
fsSecZoneNotifObjectsGroup OBJECT-GROUP
OBJECTS {
violationTime,
violationSrcIP,
violationDestIP,
violationProtocol,
violationL4Key
}
STATUS current
DESCRIPTION
"A collection of objects that specify information for
TRIP notifications."
::= { fsSecZoneMIBGroups 2 }
fsSecZoneNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
fsSecZoneViolationTrap
}
STATUS current
DESCRIPTION
"A collection of security zone access Violation traps."
::= { fsSecZoneMIBGroups 3 }
END