-- ***************************************************************** -- QTECH-SECZONE-CONTEXT-MIB.mib: Qtech security zone MIB file for multiple context -- -- December 2009, rendh -- -- Copyright (c) 2009 by Qtech Networks Co.,Ltd. -- All rights reserved. -- -- ***************************************************************** -- QTECH-SECZONE-CONTEXT-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, IpAddress FROM SNMPv2-SMI DisplayString, RowStatus FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ConfigStatus FROM QTECH-TC qtechMgmt FROM QTECH-SMI; qtechSecZoneVCMIB MODULE-IDENTITY LAST-UPDATED "200912060000Z" ORGANIZATION "Qtech Networks Co.,Ltd." CONTACT-INFO " Tel: 4008-111-000 E-mail: service@qtech.com.cn" DESCRIPTION "This module defines my Security Zone mibs for multiple context." REVISION "200912060000Z" DESCRIPTION "Initial version of this MIB module." ::= { qtechMgmt 68 } qtechSecZoneVCMIBObjects OBJECT IDENTIFIER ::= { qtechSecZoneVCMIB 1 } -- ***************************************************************************************** -- define Security Zone chain -- ***************************************************************************************** qtechSecZoneChainVCTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechSecZoneChainVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Security Zone Chain entries." ::= { qtechSecZoneVCMIBObjects 1 } qtechSecZoneChainVCEntry OBJECT-TYPE SYNTAX QtechSecZoneChainVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry contains chain name and level." INDEX {qtechSecZoneContextNameVC,qtechSecZoneChainNameVC } ::= { qtechSecZoneChainVCTable 1 } QtechSecZoneChainVCEntry ::= SEQUENCE { qtechSecZoneContextNameVC DisplayString, qtechSecZoneChainNameVC DisplayString, qtechSecZoneLevelVC INTEGER, qtechSecZoneAclNameVC DisplayString, qtechSecZoneViolationNotifyThreshVC INTEGER, qtechSecZoneViolationNotifyActionVC INTEGER, qtechSecZoneViolationBlockThreshVC INTEGER, qtechSecZoneViolationBlockActionVC INTEGER, qtechSecZoneViolationBlockTimeoutVC INTEGER, qtechSecZoneChainEntryStatusVC RowStatus } qtechSecZoneContextNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "context name of this entry." ::= { qtechSecZoneChainVCEntry 1 } qtechSecZoneChainNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "security zone chain name of this entry." ::= { qtechSecZoneChainVCEntry 2 } qtechSecZoneLevelVC OBJECT-TYPE SYNTAX INTEGER(0..100) MAX-ACCESS read-create STATUS current DESCRIPTION "Config level of this Seczone. value 0 means level is not defined so cannot use for comparing two zones's level " DEFVAL{ 0 } ::= { qtechSecZoneChainVCEntry 3 } qtechSecZoneAclNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Access list name of security zone belong to. " ::= { qtechSecZoneChainVCEntry 4 } qtechSecZoneViolationNotifyThreshVC OBJECT-TYPE SYNTAX INTEGER(0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "Threshold of security zone access violation . value 0 means no notify." DEFVAL{ 0 } ::= {qtechSecZoneChainVCEntry 5 } qtechSecZoneViolationNotifyActionVC OBJECT-TYPE SYNTAX INTEGER{ nologtrap(0), log(1), trap(2), logtrap(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "Action of security zone access violation Notify:nologtrap(0),log (1), trap (2) , log and trap(3)." DEFVAL{ 0 } ::= {qtechSecZoneChainVCEntry 6 } qtechSecZoneViolationBlockThreshVC OBJECT-TYPE SYNTAX INTEGER(0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "Threshold of security zone access violation Blocking. value 0 means no block." DEFVAL{ 0 } ::= {qtechSecZoneChainVCEntry 7 } qtechSecZoneViolationBlockActionVC OBJECT-TYPE SYNTAX INTEGER{ globalblock (1), zoneblock(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Action of security zone access violation Blocking:globalblock(1),zoneblock(2) ." DEFVAL{ 1 } ::= {qtechSecZoneChainVCEntry 8 } qtechSecZoneViolationBlockTimeoutVC OBJECT-TYPE SYNTAX INTEGER (0..3600) MAX-ACCESS read-create STATUS current DESCRIPTION "Timeout(minutes)of security zone access violation Blocking . value 0 means block permanently" DEFVAL{ 1 } ::= {qtechSecZoneChainVCEntry 9 } qtechSecZoneChainEntryStatusVC OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Status of this entry, set its value to invalid will delete this entry. set its value to valid has no effect." ::= { qtechSecZoneChainVCEntry 10 } -- ***************************************************************************************** -- define zone to zone policy for multi context -- ***************************************************************************************** qtechSecZone2ZoneVCTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechSecZone2ZoneVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Two Security Zone entries." ::= { qtechSecZoneVCMIBObjects 2 } qtechSecZone2ZoneVCEntry OBJECT-TYPE SYNTAX QtechSecZone2ZoneVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry contains policy from one Zone to another Zone ." INDEX { qtechZone2ZoneContextNameVC, qtechZoneFirstNameVC ,qtechZoneSecondNameVC,qtechZone2ZoneAclNameVC } ::= { qtechSecZone2ZoneVCTable 1 } QtechSecZone2ZoneVCEntry ::= SEQUENCE { qtechZone2ZoneContextNameVC DisplayString, qtechZoneFirstNameVC DisplayString, qtechZoneSecondNameVC DisplayString, qtechZone2ZoneAclNameVC DisplayString, qtechZone2ZoneEntryStautsVC RowStatus } qtechZone2ZoneContextNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "context name of this entry." ::= { qtechSecZone2ZoneVCEntry 1 } qtechZoneFirstNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "First zone name of this entry." ::= { qtechSecZone2ZoneVCEntry 2 } qtechZoneSecondNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Second zone name of this entry." ::= { qtechSecZone2ZoneVCEntry 3 } qtechZone2ZoneAclNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Key chain name of this entry." ::= { qtechSecZone2ZoneVCEntry 4 } qtechZone2ZoneEntryStautsVC OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "entry status for this list." ::= { qtechSecZone2ZoneVCEntry 5 } -- ***************************************************************************************** -- blocking ip table for multi context -- ***************************************************************************************** qtechSecZoneBlockingVCTable OBJECT-TYPE SYNTAX SEQUENCE OF QtechSecZoneBlockingVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of IP blocking entries." ::= { qtechSecZoneVCMIBObjects 3 } qtechSecZoneBlockingVCEntry OBJECT-TYPE SYNTAX QtechSecZoneBlockingVCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry contains blocking IPs ." INDEX { qtechBockingContextNameVC , qtechBockingIPVC } ::= { qtechSecZoneBlockingVCTable 1 } QtechSecZoneBlockingVCEntry ::= SEQUENCE {qtechBockingContextNameVC DisplayString, qtechBockingIPVC IpAddress, qtechBockingCurrentStatusVC INTEGER, qtechBockingTryAccessZoneNameVC DisplayString, qtechBockingEntryStatusVC ConfigStatus } qtechBockingContextNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (1..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "context name of this entry." ::= { qtechSecZoneBlockingVCEntry 1 } qtechBockingIPVC OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "ip address of Blocking table.To clear all blocking IP use 0.0.0.0 " ::= { qtechSecZoneBlockingVCEntry 2 } qtechBockingCurrentStatusVC OBJECT-TYPE SYNTAX INTEGER{ globalblock (1), zoneblock(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "status of security zone access violation Blocking:globalblock(1),zoneblock(2)." ::= { qtechSecZoneBlockingVCEntry 3 } qtechBockingTryAccessZoneNameVC OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Try access Zone name of blocking IP.It indicate that this doesn't match any Zone if this string is null" ::= { qtechSecZoneBlockingVCEntry 4 } qtechBockingEntryStatusVC OBJECT-TYPE SYNTAX ConfigStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Status of this entry, set its value to invalid (2)will delete this entry. set its value to valid(1)has no effect." ::= { qtechSecZoneBlockingVCEntry 5 } -- compliance statements qtechSecZoneVCMIBConformance OBJECT IDENTIFIER ::= { qtechSecZoneVCMIB 3 } qtechSecZoneVCMIBCompliances OBJECT IDENTIFIER ::= { qtechSecZoneVCMIBConformance 1 } qtechSecZoneVCMIBGroups OBJECT IDENTIFIER ::= { qtechSecZoneVCMIBConformance 2 } qtechSecZoneVCMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the security zone MIB for multiple context" MODULE -- this module MANDATORY-GROUPS { qtechSecZoneVCMIBGroup } ::= { qtechSecZoneVCMIBCompliances 1 } -- units of conformance qtechSecZoneVCMIBGroup OBJECT-GROUP OBJECTS { qtechSecZoneContextNameVC, qtechSecZoneChainNameVC, qtechSecZoneLevelVC, qtechSecZoneAclNameVC, qtechSecZoneViolationNotifyThreshVC, qtechSecZoneViolationNotifyActionVC, qtechSecZoneViolationBlockThreshVC, qtechSecZoneViolationBlockActionVC, qtechSecZoneViolationBlockTimeoutVC, qtechSecZoneChainEntryStatusVC, qtechZone2ZoneContextNameVC, qtechZoneFirstNameVC, qtechZoneSecondNameVC, qtechZone2ZoneAclNameVC, qtechZone2ZoneEntryStautsVC, qtechBockingContextNameVC , qtechBockingIPVC, qtechBockingCurrentStatusVC, qtechBockingTryAccessZoneNameVC, qtechBockingEntryStatusVC } STATUS current DESCRIPTION "A collection of objects providing Security Zone management and opertion to a My agent." ::= { qtechSecZoneVCMIBGroups 1 } -- END