WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity

commit version 22.12.12447

Browse Source
This commit is contained in:
Chris Hammer
2023-01-01 22:36:12 -05:00
parent af1b03d79f
commit b948283a96
744 changed files with 620715 additions and 27381 deletions
Download Patch File Download Diff File Expand all files Collapse all files

637
mibs/rfc/ADSL-DMT-LINE-MIB Normal file
View File

@ -0,0 +1,637 @@
-- *****************************************************************
-- Descriptions of managed objects for ADSL DMT line interfaces.
--
-- March 1999, Patrick Gili
--
-- Copyright (c) 1999 by cisco Systems, Inc.
-- All rights reserved.
-- *****************************************************************
--
-- This mib was extracted from RFC xxxx
ADSL-DMT-LINE-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
ifIndex FROM IF-MIB
adslLCSMib,
adslLineConfProfileName FROM ADSL-LINE-MIB;
adslLineDmtMIB MODULE-IDENTITY
LAST-UPDATED "9809251000Z"
ORGANIZATION "ADSL Forum"
CONTACT-INFO "Kevin Godfrey
Motorola Inc.
Colvilles Road, East Kilbride,
Glasgow, United Kingdom.
Tel: +44 1355 565597
Fax: +44 1355 261790
E-mail: ttz864@email.sps.mot.com"
DESCRIPTION
"Naming Conventions:
Atuc -- (ATUC) modem at near (Central) end of line
Atur -- (ATUR) modem at Remote end of line
ES -- Errored Second.
LCS -- Line Code Specific
Lof -- Loss of Frame
Lol -- Loss of Link
Los -- Loss of Signal
Lpr -- Loss of Power"
::= { adslLCSMib 2 }
adslLineDmtMIBObjects OBJECT IDENTIFIER ::= { adslLineDmtMIB 1 }
-- ADSL DMT Line Table
adslLineDmtTable OBJECT-TYPE
SYNTAX SEQUENCE OF AdslLineDmtEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table extends the adslLineTable and contains common attributes
describing both ends of ADSL lines supported by the system."
::= { adslLineDmtMIBObjects 1 }
adslLineDmtEntry OBJECT-TYPE
SYNTAX AdslLineDmtEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A set of common attributes describing both ends of an ADSL line
supported by the system. There exist an entry for each ifEntry with
an ifType of adsl(94)."
INDEX { ifIndex }
::= { adslLineDmtTable 1 }
AdslLineDmtEntry ::= SEQUENCE {
adslLineDmtTrellis INTEGER,
adslLineDmtEOC INTEGER
}
adslLineDmtTrellis OBJECT-TYPE
SYNTAX INTEGER {
trellisOn(1),
trellisOff(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports whether the Trellis coding is used on the DMT
line. Use of trellis coding is determined at line
initialization with C-MSGS1 and R-MSGS1 exchanges
and will not change until the line is re-initialized."
::= { adslLineDmtEntry 1 }
adslLineDmtEOC OBJECT-TYPE
SYNTAX INTEGER {
unknown(1), -- eoc mode is unknown yet
transaction(2), -- eoc only operates in original
-- transaction mode
streaming(3) -- eoc supports autonomous data
-- streaming mode and original
-- transaction mode
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports whether the eoc can support autonomous data streaming
mode or only transaction mode. After initialization, unknown
is reported until sufficient autonomous eoc messages have been
transmitted to determine the true capability of both ATUs."
::= { adslLineDmtEntry 2 }
-- ADSL ATU-C DMT Physical-Layer Parameters Table
adslAtucDmtPhysTable OBJECT-TYPE
SYNTAX SEQUENCE OF AdslAtucDmtPhysEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table extends the adslAtucPhysTable and contains specific
physical layer parameters for the ATU-C class devices supported
by the system."
::= { adslLineDmtMIBObjects 2 }
adslAtucDmtPhysEntry OBJECT-TYPE
SYNTAX AdslAtucDmtPhysEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A set of physical-layer parameters for an ATU-C class device
supported by the system. There exists an entry for each ifEntry
with an ifType of adsl(94)."
INDEX { ifIndex }
::= { adslAtucDmtPhysTable 1 }
AdslAtucDmtPhysEntry ::= SEQUENCE {
adslAtucDmtIssue INTEGER,
adslAtucDmtState INTEGER,
adslAtucDmtInterleavePath INTEGER,
adslAtucDmtFastPath INTEGER
}
adslAtucDmtIssue OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- unknown or other
t1413Issue1(2), -- ANSI T1.413 Issue 1
t1413Issue2(3), -- ANSI T1.413 Issue 2
t1413Issue3(4), -- ANSI T1.413 Issue 3
gdmtIssue1(5), -- ITU G.dmt Issue 1
etsiIssue1(6) -- ETSI DMT Issue 1
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports the issue number of the relevant standard that the
DMT ADSL transceiver at the ATU-C is currently operating to.
The issue number will be fixed by the hardware and is
transmitted by the ATU-C in C-MSGS1 during initialization."
::= { adslAtucDmtPhysEntry 1 }
adslAtucDmtState OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- Unknown or other state
powerUp(2), -- DMT transceiver not yet
-- configured
configure(3), -- DMT transceiver being configured
idle(4), -- transceiver is initialized but
-- idle
quiet(5), -- awaiting activation request from
-- ATU-R
tone(6), -- requesting ATU-R to be silent
activating(7), -- activation in progress
training(8), -- transceiver training in progress
analyzing(9), -- channel analysis in progress
exchange(10), -- exchanging final operating
-- parameters
steadyState(11), -- normal operating mode
notResponding(12) -- DMT transceiver not responding
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports current state of the ATU-C DMT transceiver. The
current state can change dynamically. The SNMP agent
reports the state after querying the ATU-C state machine."
::= { adslAtucDmtPhysEntry 2 }
-- Report downstream path for each DMT bearer channel used by
-- ADSL Forum ATM and packet mode specifications. Data rates are
-- reported in the ADSL Line MIB. DMT bearer channel paths are
-- known to the ATU-C by observing the C-RATES1, C-RATES-RA,
-- R-RATES1, R-RATES-RA, R-RATES2 and C-RATES2 exchanges.
adslAtucDmtInterleavePath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- Downstream interleave path is unused
as0(2), -- AS0 channel uses the interleaved path
as1(3) -- AS1 channel uses the interleaved path
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports bearer channel of downstream interleaved path."
::= { adslAtucDmtPhysEntry 3 }
adslAtucDmtFastPath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- Downstream fast path is unused
as0(2), -- AS0 channel uses the fast path
as1(3) -- AS1 channel uses the fast path
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports bearer channel of downstream fast path."
::= { adslAtucDmtPhysEntry 4 }
-- ADSL ATU-R DMT Physical-Layer Parameters Table
adslAturDmtPhysTable OBJECT-TYPE
SYNTAX SEQUENCE OF AdslAturDmtPhysEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table extends the adslAturPhysTable and contains physical
layer parameters for the ATU-R class devices supported by the
system."
::= { adslLineDmtMIBObjects 3 }
adslAturDmtPhysEntry OBJECT-TYPE
SYNTAX AdslAturDmtPhysEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A set of physical-layer parameters for an ATU-R class device
supported by the system. There exists an entry for each ifEntry
with an ifType of adsl(94)."
INDEX { ifIndex }
::= { adslAturDmtPhysTable 1 }
AdslAturDmtPhysEntry ::= SEQUENCE {
adslAturDmtIssue INTEGER,
adslAturDmtState INTEGER,
adslAturDmtInterleavePath INTEGER,
adslAturDmtFastPath INTEGER
}
adslAturDmtIssue OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- unknown or other
t1413Issue1(2), -- ANSI T1.413 Issue 1
t1413Issue2(3), -- ANSI T1.413 Issue 2
t1413Issue3(4), -- ANSI T1.413 Issue 3
gdmtIssue1(5), -- ITU G.dmt Issue 1
etsiIssue1(6) -- ETSI DMT Issue 1
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports the issue number of the relevant standard that
the DMT ADSL transceiver at the ATU-R is currently
operating to. The issue number will be fixed by the
hardware and is transmitted by the ATU-R
in R-MSGS1 during initialization."
::= { adslAturDmtPhysEntry 1 }
adslAturDmtState OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- Unknown or other state
activating(2), -- activation in progress
training(3), -- transceiver training in
-- progress
analyzing(4), -- channel analysis in progress
exchange(5), -- exchanging final operating
-- parameters
steadyState(6) -- normal operating mode
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports current state of the ATU-R DMT transceiver.
The current state can change dynamically. ATU-R state
is reported by the SNMP agent at the ATU-C which infers
the state depending on the ATU-C state. When the inference
cannot be made, unknown state is returned."
::= { adslAturDmtPhysEntry 2 }
-- Report upstream path for each DMT bearer channel used by
-- ADSL Forum ATM and packet mode specifications. Data rates are
-- reported in the ADSL Line MIB. DMT bearer channel paths are
-- known to the ATU-R by observing the C-RATES1, C-RATES-RA,
-- R-RATES1, R-RATES-RA, R-RATES2 and C-RATES2 exchanges.
adslAturDmtInterleavePath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- Upstream interleave path is unused
ls0(2), -- LS0 channel uses the interleaved path
ls1(3) -- LS1 channel uses the interleaved path
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports bearer channel of upstream interleaved path."
::= { adslAturDmtPhysEntry 3 }
adslAturDmtFastPath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- Upstream fast path is unused
ls0(2), -- LS0 channel uses the fast path
ls1(3) -- LS1 channel uses the fast path
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Reports bearer channel of upstream fast path."
::= { adslAturDmtPhysEntry 4 }
-- ADSL ATU-C DMT Channel Parameters Table
adslAtucDmtChanTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 4 }
-- ADSL ATU-R DMT Channel Parameters Table
adslAturDmtChanTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 5 }
-- ADSL ATU-C DMT Physical-Layer Statistics Table
adslAtucDmtPerfDataTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 6 }
-- ADSL ATU-R DMT Physical-Layer Statistics Table
adslAturDmtPerfDataTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 7 }
-- ADSL ATU-C DMT Physical-Layer Statistics 15-Minute Interval Table
adslAtucDmtIntervalTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 8 }
-- ADSL ATU-R DMT Physical-Layer Statistics 15-Minute Interval Table
adslAturDmtIntervalTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 9 }
-- ADSL ATU-C DMT Channel Statistics Table
adslAtucDmtChanPerfDataTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 10 }
-- ADSL ATU-R DMT Channel Statistics Table
adslAturDmtChanPerfDataTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 11 }
-- ADSL ATU-C DMT Channel Statistics 15-Minute Interval Table
adslAtucDmtChanIntervalTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 12 }
-- ADSL ATU-R DMT Channel Statistics 15-Minute Interval Table
adslAturDmtChanIntervalTable OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 13 }
-- Configuration Profile Table
adslLineDmtConfProfileIndexNext OBJECT IDENTIFIER ::= { adslLineDmtMIBObjects 14 }
adslLineDmtConfProfileTable OBJECT-TYPE
SYNTAX SEQUENCE OF AdslLineDmtConfProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table extends the adslLineConfProfileTable and contains
ADSL DMT line configuration information."
::= { adslLineDmtMIBObjects 15 }
adslLineDmtConfProfileEntry OBJECT-TYPE
SYNTAX AdslLineDmtConfProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A configuration profile containing ADSL DMT line configuration
information."
INDEX { IMPLIED adslLineConfProfileName }
::= { adslLineDmtConfProfileTable 1 }
AdslLineDmtConfProfileEntry ::= SEQUENCE {
adslAtucDmtConfFreqBins OCTET STRING,
adslAturDmtConfFreqBins OCTET STRING,
adslLineDmtConfMode INTEGER,
adslLineDmtConfTrellis INTEGER,
adslLineDmtConfEOC INTEGER,
adslAtucDmtConfInterleavePath INTEGER,
adslAtucDmtConfFastPath INTEGER,
adslAturDmtConfInterleavePath INTEGER,
adslAturDmtConfFastPath INTEGER
}
-- Configuration profiles define the starting point for line
-- initialization. After initialization is complete, the
-- parameters may have changed due to the negotiation and rate
-- options process. Check the adslAtucDMTPhysTable and
-- adslLineDMTTable for the final settings.
adslAtucDmtConfFreqBins OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A string of 32 bits to enable/disable the incoming DMT
frequency bins that the ATU-C receiver monitors. Each bit
controls one bin with the first bit of the first octet
controlling sub-carrier zero (lowest frequency bin).
A bit set to 1 disables reception of the specified sub-
carrier frequency bin end a 0 enables reception."
DEFVAL { '00000000'H }
::= { adslLineDmtConfProfileEntry 1 }
adslAturDmtConfFreqBins OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A string of 256 bits to enable/disable the incoming DMT frequency
bins that the ATU-R receiver should monitor after the next activation.
The mechanism to pass adslAturDMTConfFreqBins to the ATU-R is vendor
specific. Each bit controls one bin with the first bit of the first
octet controlling sub-carrier zero (lowest frequency bin). A bit set
to 1 disables reception of the specified sub-carrier frequency bin end
a 0 enables reception."
DEFVAL { '0000000000000000000000000000000000000000000000000000000000000000'H }
::= { adslLineDmtConfProfileEntry 2 }
adslLineDmtConfMode OBJECT-TYPE
SYNTAX INTEGER {
echoCancel(1), -- DMT line operates in echo
-- cancellation mode
freqDivMux(2) -- DMT line operates in frequency
-- division multiplex mode
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Defines the operational mode of the DMT ADSL transceiver.
Configured in the C-MSG1 and C-MSG-RA exchanges."
::= { adslLineDmtConfProfileEntry 3 }
adslLineDmtConfTrellis OBJECT-TYPE
SYNTAX INTEGER {
enable(1), -- DMT line operates with
-- Trellis coder enabled
disable(2) -- DMT line operates with
-- Trellis coder disabled
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Enables the Trellis coder of the DMT transceiver. Configured
in the C-MSG1 and C-MSG-RA exchanges."
DEFVAL { disable }
::= { adslLineDmtConfProfileEntry 4 }
adslLineDmtConfEOC OBJECT-TYPE
SYNTAX INTEGER {
byte(1), -- eoc operates in byte
-- transaction mode
streaming(2) -- eoc allows autonomous
-- data streaming mode in
-- addition to byte
-- transaction mode
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Defines the embedded operations channel mode for the DMT
ADSL line."
DEFVAL { byte }
::= { adslLineDmtConfProfileEntry 5 }
-- Configure upstream and downstream paths for each DMT bearer
-- channel used by ADSL Forum ATM and packet mode specifications.
-- DMT bearer channel paths are fixed by the ATU-C in the
-- C-RATES1 and C-RATES-RA rate option exchanges.
adslAtucDmtConfInterleavePath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- No downstream interleave path
as0(2), -- Downstream interleave path operates
-- over the AS0 bearer channel
as1(3) -- Downstream interleave path operates
-- over the AS1 bearer channel
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Target channel for downstream interleave data path."
::= { adslLineDmtConfProfileEntry 6 }
adslAtucDmtConfFastPath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- No downstream fast path
as0(2), -- Downstream fast path operates over
-- the AS0 bearer channel
as1(3) -- Downstream fast path operates over
-- the AS1 bearer channel
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Target channel for downstream fast data path."
::= { adslLineDmtConfProfileEntry 7 }
adslAturDmtConfInterleavePath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- No upstream interleave path
ls0(2), -- Upstream interleave path operates
-- over the LS0 bearer channel
ls1(3) -- Upstream interleave path operates
-- over the LS1 bearer channel
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Target channel for upstream interleave data path."
::= { adslLineDmtConfProfileEntry 8 }
adslAturDmtConfFastPath OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- No upstream fast path
ls0(2), -- Upstream fast path operates over
-- the LS0 bearer channel
ls1(3) -- Upstream fast path operates over
-- the LS1 bearer channel
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Target channel for upstream fast data path."
::= { adslLineDmtConfProfileEntry 9 }
-- Alarm Configuration Profile Table
adslLineDmtAlarmConfProfileIndexNext OBJECT IDENTIFIER ::=
{ adslLineDmtMIBObjects 16 }
adslLineDmtAlarmConfProfileTable OBJECT IDENTIFIER ::=
{ adslLineDmtMIBObjects 17 }
-- MIB Notifications Definitions
adslDmtLineMIBNotificationsPrefix OBJECT IDENTIFIER ::= { adslLineDmtMIB 2 }
adslDmtLineMIBNotifications OBJECT IDENTIFIER ::=
{ adslDmtLineMIBNotificationsPrefix 0 }
-- MIB Conformance Statements
adslLineDmtMIBConformance OBJECT IDENTIFIER ::= { adslLineDmtMIB 3 }
adslLineDmtMIBCompliances OBJECT IDENTIFIER ::= { adslLineDmtMIBConformance 1 }
adslLineDmtMIBGroups OBJECT IDENTIFIER ::= { adslLineDmtMIBConformance 2 }
-- Compliance
adslDMTLineMibCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which have ADSL DMT
interfaces."
MODULE -- this module
MANDATORY-GROUPS {
adslLineDmtGroup,
adslAtucDmtPhysGroup,
adslAturDmtPhysGroup,
adslLineDmtConfProfileGroup
}
::= { adslLineDmtMIBCompliances 1 }
adslLineDmtMIBAturCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which manage ADSL DMT
ATU-R interfaces."
MODULE -- this module
MANDATORY-GROUPS {
adslLineDmtGroup,
adslAturDmtPhysGroup,
adslLineDmtConfProfileGroup
}
::= { adslLineDmtMIBCompliances 2 }
-- Units of Conformance
adslLineDmtGroup OBJECT-GROUP
OBJECTS {
adslLineDmtTrellis,
adslLineDmtEOC
}
STATUS current
DESCRIPTION
"A collection of managed objects defining the attributes of an ADSL
line supportings modems using the DMT line code."
::= { adslLineDmtMIBGroups 1 }
adslAtucDmtPhysGroup OBJECT-GROUP
OBJECTS {
adslAtucDmtIssue,
adslAtucDmtState,
adslAtucDmtInterleavePath,
adslAtucDmtFastPath
}
STATUS current
DESCRIPTION
"A collection of managed objects defining the physical-layer
parameters of an ATU-C using the DMT line code."
::= { adslLineDmtMIBGroups 2 }
adslAturDmtPhysGroup OBJECT-GROUP
OBJECTS {
adslAturDmtIssue,
adslAturDmtState,
adslAturDmtInterleavePath,
adslAturDmtFastPath
}
STATUS current
DESCRIPTION
"A collection of managed objects defining the physical-layer
parameters of an ATU-R using the DMT line code."
::= { adslLineDmtMIBGroups 3 }
adslLineDmtConfProfileGroup OBJECT-GROUP
OBJECTS {
adslAtucDmtConfFreqBins,
adslAturDmtConfFreqBins,
adslLineDmtConfMode,
adslLineDmtConfTrellis,
adslLineDmtConfEOC,
adslAtucDmtConfInterleavePath,
adslAtucDmtConfFastPath,
adslAturDmtConfInterleavePath,
adslAturDmtConfFastPath
}
STATUS current
DESCRIPTION
"A collection of managed objects defining the line configuration
information associated with one or more ADSL ATU class devices
implementing the DMT line code."
::= { adslLineDmtMIBGroups 4 }
END

702
mibs/rfc/IPSEC-ISAKMP-IKE-DOI-TC Normal file
View File

@ -0,0 +1,702 @@
IPSEC-ISAKMP-IKE-DOI-TC DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, Unsigned32, mib-2 FROM SNMPv2-SMI
TEXTUAL-CONVENTION FROM SNMPv2-TC;
ipsecIsakmpIkeDoiTC MODULE-IDENTITY
LAST-UPDATED "9911232135Z"
ORGANIZATION "Intel"
CONTACT-INFO "John Shriver
Intel Corporation
28 Crosby Drive
Bedford, MA 01730
Phone:
+1-781-687-1329
E-mail:
John.Shriver@intel.com"
DESCRIPTION "The MIB module which defines the textual conventions
used in IPsec MIBs. This includes Internet DOI
numbers defined in RFC 2407, ISAKMP numbers defined
in RFC 2408, and IKE numbers defined in RFC 2409.
These Textual Conventions are defined in a seperate
MIB module since they are protocol numbers managed
by the IANA. Revision control after publication
will be under the authority of the IANA."
REVISION "9902181705Z"
DESCRIPTION "Added IsakmpDOI TEXTUAL-CONVENTION."
REVISION "9903051545Z"
DESCRIPTION "Changed CONTACT-INFO."
REVISION "9907132145Z"
DESCRIPTION "Put in real experimental branch number for module."
REVISION "9910051705Z"
DESCRIPTION "Added exchange types, tracked IKE standard. Split
IkeNotifyMessageType off of IsakmpNotifyMessageType."
REVISION "9910151950Z"
DESCRIPTION "Removed stray comma in IsakmpNotifyMessageType."
REVISION "9911232135Z"
DESCRIPTION "Consistent capitalization of IPsec."
::= { mib-2 700 }
-- The first group of textual conventions are based on definitions
-- in the IPsec DOI, RFC 2407.
IpsecDoiSituation ::= TEXTUAL-CONVENTION
DISPLAY-HINT "x"
STATUS current
DESCRIPTION "The IPsec DOI Situation provides information that
can be used by the responder to make a policy
determination about how to process the incoming
Security Association request.
It is a four (4) octet bitmask, with the following
values:
sitIdentityOnly 0x01
sitSecrecy 0x02
sitIntegrity 0x04
The upper two bits (0x80000000 and 0x40000000) are
reserved for private use amongst cooperating
systems."
REFERENCE "RFC 2407 sections 4.2 and 6.2"
SYNTAX Unsigned32 (0..4294967295)
-- The syntax is not BITS, because we want the representation
-- to be the same here as it is in the ISAKMP/IKE protocols.
IpsecDoiSecProtocolId ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the IPsec DOI values for the Protocol-Id
field in an ISAKMP Proposal Payload, and in all
Notification Payloads.
They are also used as the Protocol-ID In the
Notification Payload and the Delete Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 section 4.4.1"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
protoIsakmp(1), -- message protection
-- required during Phase I
-- of the IKE protocol
protoIpsecAh(2), -- IP packet authentication
-- via Authentication Header
protoIpsecEsp(3), -- IP packet confidentiality
-- via Encapsulating
-- Security Payload
protoIpcomp(4) -- IP payload compression
}
IpsecDoiTransformIdent ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPsec DOI ISAKMP Transform Identifier is an
8-bit value which identifies a key exchange protocol
to be used for the negotiation. It is used in the
Transform-Id field of an IKE Phase I Transform
Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.2 and 6.3"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
keyIke(1) -- the hybrid ISAKMP/Oakley
-- Diffie-Hellman key
-- exchange
}
IpsecDoiAhTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPsec DOI AH Transform Identifier is an 8-bit
value which identifies a particular algorithm to be
used to provide integrity protection for AH. It is
used in the Tranform-ID field of a ISAKMP Transform
Payload for the IPsec DOI, when the Protocol-Id of
the associated Proposal Payload is 2 (AH).
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.3 and 6.4"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
reserved1(1), -- reserved
ahMd5(2), -- generic AH transform
-- using MD5
ahSha(3), -- generic AH transform
-- using SHA-1
ahDes(4) -- generic AH transform
-- using DES
}
IpsecDoiEspTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPsec DOI ESP Transform Identifier is an 8-bit
value which identifies a particular algorithm to be
used to provide secrecy protection for ESP. It is
used in the Tranform-ID field of a ISAKMP Transform
Payload for the IPsec DOI, when the Protocol-Id of
the associated Proposal Payload is 2 (AH), 3 (ESP),
and 4 (IPCOMP).
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.4 and 6.5"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
espDesIv64(1), -- DES-CBC transform defined
-- in RFC 1827 and RFC 1829
-- using a 64-bit IV
espDes(2), -- generic DES transform
-- using DES-CBC
esp3Des(3), -- generic triple-DES
-- transform
espRc5(4), -- RC5 transform
espIdea(5), -- IDEA transform
espCast(6), -- CAST transform
espBlowfish(7), -- BLOWFISH transform
esp3Idea(8), -- reserved for triple-IDEA
espDesIv32(9), -- DES-CBC transform defined
-- in RFC 1827 and RFC 1829
-- using a 32-bit IV
espRc4(10), -- reserved for RC4
espNull(11) -- no confidentiality
-- provided by ESP
}
IpsecDoiAuthAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The ESP Authentication Algorithm used in the IPsec
DOI as a SA Attributes definition in the Transform
Payload of Phase II of an IKE negotiation. This
set of values defines the AH authentication
algorithm, when the associated Proposal Payload has
a Protocol-ID of 2 (AH). This set of values
defines the ESP authentication algorithm, when the
associated Proposal Payload has a Protocol-ID
of 3 (ESP).
Values 5-61439 are reserved to IANA.
Values 61440-65535 are for private use.
In a MIB, a value of 0 indicates that ESP
has been negotiated without authentication."
REFERENCE "RFC 2407 section 4.5"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
hmacMd5(1),
hmacSha(2),
desMac(3),
kpdk(4)
}
IpsecDoiIpcompTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPsec DOI IPCOMP Transform Identifier is an
8-bit value which identifies a particular algorithm
to be used to provide IP-level compression before
ESP. It is used in the Tranform-ID field of a ISAKMP
Transform Payload for the IPsec DOI, when the
Protocol-Id of the associated Proposal Payload
is 4 (IPCOMP).
The values 1-47 are reserved for algorithms for which
an RFC has been approved for publication.
The values 48-63 are reserved for private use amongst
cooperating systems.
The values 64-255 are reserved for future expansion."
REFERENCE "RFC 2407 sections 4.4.5 and 6.6"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
ipcompOui(1), -- proprietary compression
-- transform
ipcompDeflate(2), -- "zlib" deflate algorithm
ipcompLzs(3) -- Stac Electronics LZS
}
IpsecDoiEncapsulationMode ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The Encapsulation Mode used as an IPsec DOI
SA Attributes definition in the Transform Payload
of a Phase II IKE negotiation. This set of
values defines encapsulation modes used for AH,
ESP, and IPCOMP when the associated Proposal Payload
has a Protocol-ID of 3 (ESP).
Values 3-61439 are reserved to IANA.
Values 61440-65535 are for private use."
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
tunnel(1),
transport(2)
}
IpsecDoiIdentType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPsec DOI Identification Type is an 8-bit value
which is used in the ID Type field as a discriminant
for interpretation of the variable-length
Identification Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.5, 4.6.2.1, and 6.9"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
idIpv4Addr(1), -- a single four (4) octet
-- IPv4 address
idFqdn(2), -- fully-qualified domain
-- name string
idUserFqdn(3), -- fully-qualified username
-- string
idIpv4AddrSubnet(4),
-- a range of IPv4 addresses,
-- represented by two
-- four (4) octet values,
-- where the first is an
-- address and the second
-- is a mask
idIpv6Addr(5), -- a single sixteen (16)
-- octet IPv6 address
idIpv6AddrSubnet(6),
-- a range of IPv6 addresses,
-- represented by two
-- sixteen (16) octet values,
-- where the first is an
-- address and the second
-- is a mask
idIpv4AddrRange(7), -- a range of IPv4 addresses,
-- represented by two
-- four (4) octet values,
-- where the first is the
-- beginning IPv4 address
-- and the second is the
-- ending IPv4 address
idIpv6AddrRange(8), -- a range of IPv6 addresses,
-- represented by two
-- sixteen (16) octet values,
-- where the first is the
-- beginning IPv6 address
-- and the second is the
-- ending IPv6 address
idDerAsn1Dn(9), -- the binary DER encoding of
-- ASN1 X.500
-- DistinguishedName
idDerAsn1Gn(10), -- the binary DER encoding of
-- ASN1 X.500 GeneralName
idKeyId(11) -- opaque byte stream which
-- may be used to pass
-- vendor-specific
-- information
}
-- The second group of textual conventions are based on defintions
-- the ISAKMP protocol, RFC 2408.
IsakmpDOI ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the domain of interpretation values for
the ISAKMP Protocol. They are a 32-bit value
used in the Domain of Interpretation field of the
Security Association Payload.
Values 2-4294967295 are reserved to the IANA."
REFERENCE "RFC 2048 section 3.4."
SYNTAX INTEGER {
isakmp(0), -- generic ISAKMP SA in
-- Phase 1, which can be
-- used for any protocol
-- in Phase 2
ipsecDOI(1) -- the IPsec DOI as
-- specified in RFC 2407
}
IsakmpCertificateEncoding ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of
certificate-related information contained in the
Certificate Data field of a Certificate Payload.
They are used in the Cert Encoding field of the
Certificate Payload.
Values 11-255 are reserved."
REFERENCE "RFC 2408 section 3.9"
SYNTAX INTEGER {
pkcs7(1), -- PKCS #7 wrapped
-- X.509 certificate
pgp(2), -- PGP Certificate
dnsSignedKey(3), -- DNS Signed Key
x509Signature(4), -- X.509 Certificate:
-- Signature
x509KeyExchange(5), -- X.509 Certificate:
-- Key Exchange
kerberosTokens(6), -- Kerberos Tokens
crl(7), -- Certificate Revocation
-- List (CRL)
arl(8), -- Authority Revocation
-- List (ARL)
spki(9), -- SPKI Certificate
x509Attribute(10) -- X.509 Certificate:
-- Attribute
}
IsakmpExchangeType ::= TEXTUAL-CONVENTION
--
-- When revising IsakmpExchangeType, consider revising
-- IkeExchangeType as well.
--
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values used for the exchange types in
the ISAKMP header.
Values up to 31 are reserved for future
DOI-independent assignment for ISAKMP.
The values 240-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2408 section 3.1"
SYNTAX INTEGER {
reserved(0),
base(1), -- base mode
identityProtect(2), -- identity protection
authOnly(3), -- authentication only
aggressive(4), -- aggressive mode
informational(5) -- informational
}
IsakmpNotifyMessageType ::= TEXTUAL-CONVENTION
--
-- If you change this, you probably want to
-- change IkeNotifyMessageType.
--
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of notification
messages. They are used as the Notify Message Type
field in the Notification Payload.
This textual convention merges the types
for error types (in the range 1-16386) and for
notification types (in the range 16384-65535).
The values 16001-16383 are reserved for private use
as error types amongst cooperating systems.
The values 24576-32767 are reserved for use in
each DOI. Each DOI should have a clone of this
textual convention adding local values.
The values 32768-40958 are reserved for private use
as notification types amongst cooperating systems."
REFERENCE "RFC 2408 section 3.14.1"
SYNTAX INTEGER {
-- Values defined for errors in ISAKMP
--
reserved(0), -- reserved in DOI
invalidPayloadType(1),
doiNotSupported(2),
situationNotSupported(3),
invalidCookie(4),
invalidMajorVersion(5),
invalidMinorVersion(6),
invalidExchangeType(7),
invalidFlags(8),
invalidMessageId(9),
invalidProtocolId(10),
invalidSpi(11),
invalidTransformId(12),
attributesNotSupported(13),
noProposalChosen(14),
badProposalSyntax(15),
payloadMalformed(16),
invalidKeyInformation(17),
invalidIdInformation(18),
invalidCertEncoding(19),
invalidCertificate(20),
certTypeUnsupported(21),
invalidCertAuthority(22),
invalidHashInformation(23),
authenticationFailed(24),
invalidSignature(25),
addressNotification(26),
notifySaLifetime(27),
certificateUnavailable(28),
unsupportedExchangeType(29),
unequalPayloadLengths(30)
-- values defined for errors in IPsec DOI
-- (none)
-- values defined for notification in ISAKMP
-- (none)
-- values defined for notification in
-- each DOI (clone this TC)
}
-- The third group of textual conventions are based on defintions
-- the IKE key exchange protocol, RFC 2409.
IkeExchangeType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values used for the exchange types in
the ISAKMP header.
The values 32-239 are DOI-specific, these values are
for the IPsec DOI used by IKE.
The values 240-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2409 Appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0),
base(1), -- base mode
mainMode(2), -- main mode
authOnly(3), -- authentication only
aggressive(4), -- aggressive mode
informational(5), -- informational
quickMode(32), -- quick mode
newGroupMode(33), -- new group mode
acknowledgedInfo(34)
-- acknowledged informational
}
IkeEncryptionAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for encryption algorithms negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Encryption
Algorithm (1).
Values 7-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
desCbc(1), -- RFC 2405
ideaCbc(2),
blowfishCbc(3),
rc5R16B64Cbc(4), -- RC5 R16 B64 CBC
tripleDesCbc(5), -- 3DES CBC
castCbc(6)
}
IkeHashAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for hash algorithms negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Hash Algorithm (2).
Values 4-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
md5(1), -- RFC 1321
sha(2), -- FIPS 180-1
tiger(3)
}
IkeAuthMethod ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for authentication methods negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Authentication
Method (3).
Values 6-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
preSharedKey(1),
dssSignatures(2),
rsaSignatures(3),
encryptionWithRsa(4),
revisedEncryptionWithRsa(5),
encryptionWithElGamal(6),
revisedEncryptionWithElGamal(7)
}
IkeGroupDescription ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Oakley key computation groups for
Diffie-Hellman exchange negotiated for the ISAKMP
SA by IKE in Phase I. They are also used in Phase II
when perfect forward secrecy is in use. These are
values for SA Attrbute type Group Description (4)."
REFERENCE "RFC 2409 appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
modp768(1), -- default 768-bit MODP group
modp1024(2), -- alternate 1024-bit MODP
-- group
ec2nGalois2P155(3), -- EC2N group on Galois
-- Field GF[2^155]
ec2nGalois2P185(4), -- EC2N group on Galois
-- Field GF[2^185]
modp1536(5) -- alternate 1536-bit MODP
-- group
}
IkeGroupType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Oakley key computation group types
negotiated for the ISAKMP SA by IKE in Phase I.
They are also used in Phase II when perfect forward
secrecy is in use. These are values for SA Attribute
type Group Type (5)."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
modp(1), -- modular eponentiation
-- group
ecp(2), -- elliptic curve group over
-- Galois Field GF[P]
ec2n(3) -- elliptic curve group over
-- Galois Field GF[2^N]
}
IkePrf ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Pseudo-Random Functions used with
with the hash algorithm negotiated for the ISAKMP SA
by IKE in Phase I. There are currently no
pseudo-random functions defined, the default HMAC is
always used. These are values for SA Attribute type
PRF (13).
Values 1-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX Unsigned32 (0..65535)
IkeNotifyMessageType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of notification
messages. They are used as the Notify Message Type
field in the Notification Payload.
This textual convention merges the types
for error types (in the range 1-16386) and for
notification types (in the range 16384-65535).
This textual convention is a merge of values
defined by ISAKMP with the additional values
defined in the IPsec DOI.
The values 16001-16383 are reserved for private use
as error types amongst cooperating systems.
The values 32001-32767 are reserved for private use
as notification types amongst cooperating systems."
REFERENCE "RFC 2408 section 3.14.1 and RFC 2407 sections 4.6.3
and 6.10"
SYNTAX INTEGER {
-- Values defined for errors in ISAKMP
--
reserved(0), -- reserved in DOI
invalidPayloadType(1),
doiNotSupported(2),
situationNotSupported(3),
invalidCookie(4),
invalidMajorVersion(5),
invalidMinorVersion(6),
invalidExchangeType(7),
invalidFlags(8),
invalidMessageId(9),
invalidProtocolId(10),
invalidSpi(11),
invalidTransformId(12),
attributesNotSupported(13),
noProposalChosen(14),
badProposalSyntax(15),
payloadMalformed(16),
invalidKeyInformation(17),
invalidIdInformation(18),
invalidCertEncoding(19),
invalidCertificate(20),
certTypeUnsupported(21),
invalidCertAuthority(22),
invalidHashInformation(23),
authenticationFailed(24),
invalidSignature(25),
addressNotification(26),
notifySaLifetime(27),
certificateUnavailable(28),
unsupportedExchangeType(29),
unequalPayloadLengths(30),
-- values defined for errors in IPsec DOI
-- (none)
-- values defined for notification in ISAKMP
-- (none)
-- values defined for notification in IPsec
-- DOI
responderLifetime(24576),
-- used to communicate IPsec
-- SA lifetime chosen by the
-- responder
replayStatus(24577),
-- used for positive
-- confirmation of the
-- responder's election on
-- whether or not he is to
-- perform anti-replay
-- detection
initialContact(24578)
-- used when one side wishes
-- to inform the other that
-- this is the first SA being
-- established with the
-- remote system
}
END

6449
mibs/rfc/IPSEC-POLICY-MIB Normal file
View File

File diff suppressed because it is too large Load Diff

2720
mibs/rfc/IPSEC-SA-MON-MIB Normal file
View File

File diff suppressed because it is too large Load Diff