--MibName=rcSnmp SWITCH-SNMP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Integer32 FROM SNMPv2-SMI RowStatus FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB snmpTargetAddrTAddress FROM SNMP-TARGET-MIB iscomSwitch FROM RAISECOM-BASE-MIB; rcSnmp MODULE-IDENTITY LAST-UPDATED "0412200000Z" ORGANIZATION "raisecom Group" CONTACT-INFO " Phone: 01082884499 Email: support@raisecom.com" DESCRIPTION "The MIB module for snmpv2 community2view." REVISION "0412200000Z" DESCRIPTION "" ::= { iscomSwitch 10} ------------------------------------------------------------------------------ -- -- rcCommunityToView - SNMP 'Community-to-View' Mapping -- -- Starting with ROSE 1.1, SNMP access uses the SNMP-VIEW-BASED-ACM-MIB -- (RFC2575) for all SNMP versions (i.e., v1, v2c and v3). Note that SNMP -- v1 and v2c both use the SNMP 'community string' to implement limited -- security and administrative control. Consequently, to support the -- 'View-based Access Control Model' for SNMPv1/v2c requires a mechanism to -- map the 'community string' to a 'view'. This is implemented using the -- 'rcCommunityToViewTable'. This table allows up to 8 unique -- community strings to be mapped to the same or different views as defined -- in the SNMP-VIEW-BASED-ACM-MIB. Each community can have read-only or -- read-write access permission. -- -- For test and development purposes, the factory default setting includes -- a single 'active(1)' entry for index '1' that contains: -- rcCommunity2ViewCommName = "public" -- rcCommunity2ViewViewName = "internet" ==>1.3.6.1 -- rcCommunity2ViewPermission = "readWrite(2)" -- -- These default settings, in conjunction with a corresponding factory -- default entry in the RFC2575 'vacmViewTreeFamilyTable', allow full GET -- and SET access for the entire 'internet' MIB subtree. Although useful -- for test and development, this is not a desirable default for a -- production switch. -- ------------------------------------------------------------------------------ -- -- Top level structure of the MIB rcCommunityToViewTable OBJECT IDENTIFIER ::= { rcSnmp 1 } rcSnmpNotifications OBJECT IDENTIFIER ::= { rcSnmp 2 } -- Notification Definition section rcSnmpDestinationDeleted NOTIFICATION-TYPE OBJECTS { snmpTargetAddrTAddress } STATUS current DESCRIPTION "the destination has been deleted." ::= { rcSnmpNotifications 1 } rcCommunityToViewTable OBJECT-TYPE SYNTAX SEQUENCE OF RcCommunityToViewEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of SNMPv1/v2c community string to view name mappings." ::= { rcSnmp 1 } rcCommunityToViewEntry OBJECT-TYPE SYNTAX RcCommunityToViewEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of community-to-view parameters." INDEX { rcCommunityToViewIndex } ::= { rcCommunityToViewTable 1 } RcCommunityToViewEntry ::= SEQUENCE { rcCommunityToViewIndex Integer32, rcCommunityToViewCommunityName SnmpAdminString, rcCommunityToViewViewName SnmpAdminString, rcCommunityToViewPermission INTEGER, rcCommunityToViewRowStatus RowStatus } rcCommunityToViewIndex OBJECT-TYPE SYNTAX Integer32 (1..8) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A simple index into 'rcCommunityToViewTable'." ::= { rcCommunityToViewEntry 1 } rcCommunityToViewCommunityName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(1..20)) MAX-ACCESS read-create STATUS current DESCRIPTION "DURABLE: { 'public','':all } The SNMPv1/v2c community name string. Duplicate community names are not allowed in this table. Note that a null string is not a valid community name (i.e., a null string forces 'rcCommunityToViewRowStatus' to 'notReady(3)')." ::= { rcCommunityToViewEntry 2 } rcCommunityToViewViewName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "DURABLE: { 'internet':all } At runtime (i.e., not when this object is SET), this view name is compared to the 'vacmViewTreeFamilyViewName' in the 'vacmViewTreeFamilyTable' (see RFC2575). If a match is found and the varbind(s) specify valid object type and instance, the 'rcCommunityToViewPermission' privilege is permitted. Note that a null string is not a valid view name value. Also note that the value of this object does not have to match an existing entry in the 'vacmViewTreeFamilyTable' (if no match, no access is allowed). Note that the factory default value for this object is 'internet', which allows access to the subtree under '1.3.6.1'." ::= { rcCommunityToViewEntry 3 } rcCommunityToViewPermission OBJECT-TYPE SYNTAX INTEGER { readOnly(1), readWrite(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "DURABLE: { readWrite:all } This object specifies the type of access allowed. 'readOnly(1)' allows GET operations (i.e., GET, GET-NEXT, GET-BULK) and 'readWrite(2)' allows both GET and SET operations." DEFVAL {readWrite} ::= { rcCommunityToViewEntry 4 } rcCommunityToViewRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "DURABLE: This object indicates the status of this entry. A row in this table can be created using the 'createAndGo(4)' (i.e., all parameters must be valid - supplied in a single SNMP PDU or have default values) or the 'createAndWait(5)' action states. Until all parameters are valid for a conceptual row, this object is 'notReady(3)'. All parameters must be valid before this object can be set to 'active(1)'. Any object in a conceptual row can be modified independent of the value of this object (e.g., can be changed while 'active(1)')." ::= { rcCommunityToViewEntry 5 } END