PKTC-ES-TAP-MIB DEFINITIONS ::= BEGIN
IMPORTS
Counter32,
Integer32,
MODULE-IDENTITY,
NOTIFICATION-TYPE,
OBJECT-TYPE,
Unsigned32
FROM SNMPv2-SMI
MODULE-COMPLIANCE,
NOTIFICATION-GROUP,
OBJECT-GROUP
FROM SNMPv2-CONF
InetAddress,
InetAddressType,
InetPortNumber
FROM INET-ADDRESS-MIB
DateAndTime,
RowStatus,
TruthValue,
TEXTUAL-CONVENTION
FROM SNMPv2-TC
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
InterfaceIndexOrZero
FROM IF-MIB
pktcESSupportMibs
FROM CLAB-DEF-MIB;
pktcESTapMib MODULE-IDENTITY
LAST-UPDATED "200604060000Z"
ORGANIZATION "PacketCable"
CONTACT-INFO
"Bernie McKibben
Cable Television Laboratories, Inc.
858 Coal Creek Circle,
Louisville, CO 80027, USA
Phone: +1 303-661-3823
Email: mibs@cablelabs.com
Primary Author: Srinivas Dhulipala, Cisco Systems
"
DESCRIPTION
"This module manages intercept feature.
This MIB defines a generic stream table that contains
fields common to all intercept types. Specific
intercept
filters are defined in extension MIBs, e.g., the
IP-TAP-MIB for IP intercepts."
REVISION "200604060000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { pktcESSupportMibs 1 }
pktcESTapMibNotifs OBJECT IDENTIFIER ::= { pktcESTapMib 0 }
pktcESTapMibObjects OBJECT IDENTIFIER ::= { pktcESTapMib 1 }
pktcESTapMibConform OBJECT IDENTIFIER ::= { pktcESTapMib 2 }
pktcEScTapMediationGroup OBJECT IDENTIFIER ::= { pktcESTapMibObjects
1 }
pktcEScTapStreamGroup OBJECT IDENTIFIER ::= { pktcESTapMibObjects
2 }
pktcEScTapDebugGroup OBJECT IDENTIFIER ::= { pktcESTapMibObjects
3 }
--
-- textual convention
--
PktcEScTapDscp ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"An integer that is in the range of the DiffServ codepoint
values."
SYNTAX INTEGER (0..63)
-- pktcEScTapMediationNewIndex is defined to allow a network manager
-- to create a new Mediation Table entry and its corresponding
-- Stream Table entries without necessarily knowing what other
-- entries might exist.
pktcEScTapMediationNewIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains a value which may be used as an index
PKT-SP-ES-INF-I02-061013 PacketCable™ 2.0
38 CableLabs® 10/13/06
value for a new pktcEScTapMediationEntry. Whenever read, the
agent will change the value to a new non-conflicting value.
This is to reduce the probability of errors during creation of
new pktcEScTapMediationTable entries."
::= { pktcEScTapMediationGroup 1 }
-- The Tap Mediation Table lists the applications, by address and
-- port number, to which traffic may be intercepted. These may be
-- on the same or different Mediation Devices.
pktcEScTapMediationTable OBJECT-TYPE
SYNTAX SEQUENCE OF PktcEScTapMediationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the Mediation Devices with which the
intercepting device communicates. These may be on the same or
different Mediation Devices.
This table is written by the Mediation Device, and is always
volatile. This is because intercepts may disappear during a
restart of the intercepting equipment.
Entries are added to this table via pktcEScTapMediationStatus
in
accordance with the RowStatus convention."
::= { pktcEScTapMediationGroup 2 }
pktcEScTapMediationEntry OBJECT-TYPE
SYNTAX PktcEScTapMediationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry describes a single session maintained with an
application on a Mediation Device."
INDEX { pktcEScTapMediationContentId }
::= { pktcEScTapMediationTable 1 }
PktcEScTapMediationEntry ::= SEQUENCE {
pktcEScTapMediationContentId Integer32,
pktcEScTapMediationDestAddressType InetAddressType,
pktcEScTapMediationDestAddress InetAddress,
pktcEScTapMediationDestPort InetPortNumber,
pktcEScTapMediationSrcInterface InterfaceIndexOrZero,
pktcEScTapMediationDscp PktcEScTapDscp,
pktcEScTapMediationTimeout DateAndTime,
pktcEScTapMediationTransport INTEGER,
pktcEScTapMediationNotificationEnable TruthValue,
pktcEScTapMediationStatus RowStatus
}
pktcEScTapMediationContentId OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"pktcEScTapMediationContentId is a session identifier, from the
intercept application's perspective, and a content identifier
from the Mediation Device's perspective. The Mediation Device
is responsible for making sure these are unique, although the
SNMP RowStatus row creation process will help by not allowing
it to create conflicting entries. Before creating a new entry,
a value for this variable may be obtained by reading
pktcEScTapMediationNewIndex to reduce the probability of a
value
collision."
::= { pktcEScTapMediationEntry 1 }
pktcEScTapMediationDestAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of pktcEScTapMediationDestAddress."
::= { pktcEScTapMediationEntry 2 }
pktcEScTapMediationDestAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP Address of the Mediation Device's network interface
to which to direct intercepted traffic."
::= { pktcEScTapMediationEntry 3 }
pktcEScTapMediationDestPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The port number on the Mediation Device's network interface
to which to direct intercepted traffic."
::= { pktcEScTapMediationEntry 4 }
pktcEScTapMediationSrcInterface OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The interface on the intercepting device from which to
transmit intercepted data. If zero, any interface may be used
according to normal IP practice."
::= { pktcEScTapMediationEntry 5 }

pktcEScTapMediationDscp OBJECT-TYPE
SYNTAX PktcEScTapDscp
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Differentiated Services Code Point the intercepting
device applies to the IP packets encapsulating the
intercepted traffic."
DEFVAL { 34 } -- by default, AF41, code 100010
::= { pktcEScTapMediationEntry 7 }
pktcEScTapMediationTimeout OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The time at which this row and all related Stream Table rows
should be automatically removed, and the intercept function
cease. Since the initiating network manager may be the only
device able to manage a specific intercept or know of its
existence, this acts as a fail-safe for the failure or removal
of the network manager. The object is only effective when the
value of pktcEScTapMediationStatus is 'active'."
::= { pktcEScTapMediationEntry 10 }
pktcEScTapMediationTransport OBJECT-TYPE
SYNTAX INTEGER {
udp(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol used in transferring intercepted data to the
Mediation Device. The following protocols may be supported:
udp: PacketCable udp format"
::= { pktcEScTapMediationEntry 11 }
pktcEScTapMediationNotificationEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable controls the generation of any notifications or
informs by the MIB agent for this table entry."
DEFVAL { true }
::= { pktcEScTapMediationEntry 12 }
pktcEScTapMediationStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row. This object is used to
manage creation, modification and deletion of rows in this
table.
pktcEScTapMediationTimeout may be modified at any time (even
while the row is active). But when the row is active, the other
writable objects may not be modified without setting its value
to 'notInService'.
The entry may not be deleted or deactivated by setting its
value to 'destroy' or 'notInService' if there is any associated
entry in pktcEScTapStreamTable."
::= { pktcEScTapMediationEntry 13 }
--
-- pktcEScTapMediationCapabilities
--
pktcEScTapMediationCapabilities OBJECT-TYPE
SYNTAX BITS {
ipV4SrcInterface(0),
ipV6SrcInterface(1),
udp(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object displays the device capabilities with respect to
certain fields in Mediation Device table. This may be
dependent
on hardware capabilities, software capabilities.
The following values may be supported:
ipV4SrcInterface: SNMP ifIndex Value may be used to
select
the interface (denoted by
pktcEScTapMediationSrcInterface) on the
intercepting device from which to
transmit intercepted data to an IPv4
address Mediation Device.
ipV6SrcInterface: SNMP ifIndex Value may be used to
select
the interface (denoted by
pktcEScTapMediationSrcInterface) on the
intercepting device from which to
transmit intercepted data to an IPv6
address Mediation Device.
PKT-SP-ES-INF-I02-061013 PacketCable™ 2.0
42 CableLabs® 10/13/06
udp: UDP may be used as transport protocol
(denoted by
pktcEScTapMediationTransport) in
transferring intercepted data to the
Mediation Device."
::= { pktcEScTapMediationGroup 3 }
--
-- The stream tables
--
-- This MIB defines a generic stream table containing fields that are
-- common to any kind of filter specification and a type of the
-- filter specification. Filter specifications can be for various type
-- of intercepts (eg. IPv4, IPv6, MAC, VoIP) and each of the filters
-- is defined in extension MIBs.
--
pktcEScTapStreamTable OBJECT-TYPE
SYNTAX SEQUENCE OF PktcEScTapStreamEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Intercept Stream Table lists the traffic streams to be
intercepted. The same data stream may be required by multiple
taps, and one might assume that often the intercepted stream
is a small subset of the traffic that could be intercepted.
The Table consists of generic fields that are independent
of the type of intercept. It contains type of the specific
filter which is defined in an extension MIB and counters to
account for packets intercepted or dropped by the attached
filter specification.
Note that the Mediation Device must make sure there is
only one type of specific filter created with the same
indices as that of a row in this table, otherwise the
later creations will fail. For example, if there is a
row in this table with index 1.2, there can be a
corresponding row with the same index either in
tapStreamTable, c8tapStreamTable or cuctTapStreamTable,
but not all.
The first index indicates which Mediation Device the
intercepted traffic will be diverted to. The second index
permits multiple classifiers to be used together.
Entries are added to this table via pktcEScTapStreamStatus in
accordance with the RowStatus convention."
::= { pktcEScTapStreamGroup 1 }
pktcEScTapStreamEntry OBJECT-TYPE
SYNTAX PktcEScTapStreamEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A stream entry indicates a single data stream to be
intercepted to a Mediation Device. Many selected data
streams may go to the same application interface, and many
application interfaces are supported."
INDEX { pktcEScTapMediationContentId, pktcEScTapStreamIndex }
::= { pktcEScTapStreamTable 1 }
PktcEScTapStreamEntry ::= SEQUENCE {
pktcEScTapStreamIndex Integer32,
pktcEScTapStreamType INTEGER,
pktcEScTapStreamInterceptEnable TruthValue,
pktcEScTapStreamInterceptedPackets Counter32,
pktcEScTapStreamInterceptDrops Counter32,
pktcEScTapStreamStatus RowStatus
}
pktcEScTapStreamIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of the stream itself."
::= { pktcEScTapStreamEntry 1 }
pktcEScTapStreamType OBJECT-TYPE
SYNTAX INTEGER {
ip(1),
mac(2),
userConnection(3),
msPdsn(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Identifies the type of intercept filter associated to this
generic stream. The following type of streams is supported:
ip: The specific filter is an IP filter
with same indices as that of this
table. The exact filter is a row in
tapStreamTable of IP-TAP-MIB."
::= {pktcEScTapStreamEntry 2 }
pktcEScTapStreamInterceptEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If 'true', the tap should intercept matching traffic. The
value for this object should be set to 'true' only after an
additional filter specification has been attached to this
stream."
DEFVAL { false }
::= { pktcEScTapStreamEntry 3 }

pktcEScTapStreamInterceptedPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets matching this data stream specification
that have been intercepted."
::= { pktcEScTapStreamEntry 4 }
pktcEScTapStreamInterceptDrops OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets matching this data stream specification
that, having been intercepted, were dropped in the lawful
intercept process."
::= { pktcEScTapStreamEntry 5 }
pktcEScTapStreamStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row. This object manages
creation, modification, and deletion of rows in this table.
pktcEScTapStreamInterceptEnable may be modified even the
value of this entry rowStatus object is 'active'. When other
rows must be changed, pktcEScTapStreamStatus must be first set
to 'notInService'."
::= { pktcEScTapStreamEntry 6 }
--
-- The debug information
--
pktcEScTapDebugAge OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the duration in minutes for which an
entry in pktcEScTapDebugTable is maintained by the implementing
device after which the entry is deleted. The management
station also has the option of deleting the entry itself
by setting pktcEScTapDebugStatus."
::= { pktcEScTapDebugGroup 1 }
pktcEScTapDebugMaxEntries OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the maximum number of debug messages
maintained by the implementing device at a time. If this
limit is crossed, most recent message will replace the
least recent message."
::= { pktcEScTapDebugGroup 2 }
pktcEScTapDebugTable OBJECT-TYPE
SYNTAX SEQUENCE OF PktcEScTapDebugEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains Lawful Intercept debug messages
generated by the implementing device. This table is used
by pktcESTapMediationDebug and pktcESTapStreamDebug
notifications.
An entry in this table contains a debug message which is
regarding either a Mediation Device or a intercept stream
created by a Mediation Device. The Mediation device is
identified by pktcEScTapDebugMediationId whose value is
that of pktcEScTapMediationContentId of
pktcEScTapMediationEntry.
The stream is identified by pktcEScTapDebugMediationId and
pktcEScTapDebugStreamId whose values are that of
pktcEScTapMediationContentId and pktcEScTapStreamIndex of
the corresponding pktcEScTapStreamEntry.
Note that pktcEScTapDebugStreamId may be zero for an entry,
in which case the debug message is regarding a Mediation
Device.
Entries are added to this table via pktcEScTapDebugStatus in
accordance with the RowStatus convention."
::= { pktcEScTapDebugGroup 3 }
pktcEScTapDebugEntry OBJECT-TYPE
SYNTAX PktcEScTapDebugEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of the debug messages."
INDEX { pktcEScTapDebugIndex }
::= { pktcEScTapDebugTable 1 }
PktcEScTapDebugEntry ::= SEQUENCE {
pktcEScTapDebugIndex Integer32,
pktcEScTapDebugMediationId Unsigned32,
pktcEScTapDebugStreamId Unsigned32,
pktcEScTapDebugMessage SnmpAdminString,
pktcEScTapDebugStatus RowStatus
}
pktcEScTapDebugIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index to the debug table."
::= { pktcEScTapDebugEntry 1 }
pktcEScTapDebugMediationId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is pktcEScTapMediationContentId
identifying an entry in pktcEScTapMediationTable. Note this
object may contain a value for which an entry in
pktcEScTapMediationTable
does not exist. This happens when creation of an entry in
pktcEScTapMediationTable fails and this debug message conveys
more detailed information regarding the failure."
::= { pktcEScTapDebugEntry 2 }
pktcEScTapDebugStreamId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is that of pktcEScTapStreamIndex of
an
entry in pktcEScTapStreamTable. This object along with
pktcEScTapDebugMediationId identifies an entry in
pktcEScTapStreamTable.
The value of this object may be zero, in which this debug
message is regarding a Mediation Device, but not a particular
stream. Note this object may contain a value for which an
entry in pktcEScTapMediationTable does not exist. This happens
when creation of an entry in pktcEScTapStreamTable fails."
::= { pktcEScTapDebugEntry 3 }
pktcEScTapDebugMessage OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A text string contains the debug message."
::= { pktcEScTapDebugEntry 4 }
pktcEScTapDebugStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The status of this conceptual row. A row in this table is
created by the implementing device. A management station cannot
modify any of the objects in this row, except deleting the row
by setting this object to 'destroy'."
::= { pktcEScTapDebugEntry 5 }
-- notifications
pktcESTapMibActive NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This Notification is sent when an intercepting router or
switch is first capable of intercepting a packet corresponding
to a configured data stream. The value of the corresponding
pktcEScTapStreamType which identifies the actual intercept
stream type is included in this notification.
This notification may be generated in conjunction with the
intercept application, which is designed to expect the
notification to be sent as reliably as possible, e.g., through
the use of a finite number of retransmissions until
acknowledged, as and when such mechanisms are available; for
example, with SNMPv3, this would be an InformRequest. Filter
installation can take a long period of time, during which call
progress may be delayed."
::= { pktcESTapMibNotifs 1 }
pktcESTapMediationTimedOut NOTIFICATION-TYPE
OBJECTS { pktcEScTapMediationStatus }
STATUS current
DESCRIPTION
"When an intercept is autonomously removed by an intercepting
device, such as due to the time specified in
pktcEScTapMediationTimeout arriving, the device notifies the
of the action."
::= { pktcESTapMibNotifs 2 }
pktcESTapMediationDebug NOTIFICATION-TYPE
OBJECTS { pktcEScTapDebugMediationId, pktcEScTapDebugMessage }
STATUS current
DESCRIPTION
"When there is intervention needed due to some events related
to entries configured in pktcEScTapMediationTable, the device
notifies the manager of the event.
This notification may be generated in conjunction with the
intercept application, which is designed to expect the
notification to be sent as reliably as possible, e.g., through
the use of a finite number of retransmissions until
acknowledged, as and when such mechanisms are available; for
example, with SNMPv3, this would be an InformRequest."
::= { pktcESTapMibNotifs 3 }
pktcESTapStreamDebug NOTIFICATION-TYPE
OBJECTS { pktcEScTapDebugMediationId, pktcEScTapDebugStreamId,
pktcEScTapDebugMessage }
STATUS current
DESCRIPTION
"When there is intervention needed due to some events related
to entries configured in pktcEScTapStreamTable, the device
notifies the manager of the event.
This notification may be generated in conjunction with the
intercept application, which is designed to expect the
notification to be sent as reliably as possible, e.g., through
the use of a finite number of retransmissions until
acknowledged, as and when such mechanisms are available; for
example, with SNMPv3, this would be an InformRequest."
::= { pktcESTapMibNotifs 4 }
pktcESTapSwitchover NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This notification is sent when there is a redundant (standby)
route processor available on the intercepting device and the
current active processor is going down causing standby to
takeover. Note that this notification may be sent by the
intercepting device only when it had a chance to know before it
goes down.
Mediation device when received this notification should assume
that configured intercepts on the intercepting device no longer
exist, when the standby processor takes control. This means
that
the Mediation device should again configure the intercepts."
::= { pktcESTapMibNotifs 5 }
-- conformance information
pktcESTapMibCompliances OBJECT IDENTIFIER ::= { pktcESTapMibConform 1 }
pktcESTapMibGroups OBJECT IDENTIFIER ::= { pktcESTapMibConform 2 }
-- compliance statement
pktcESTapMibCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which implement the
Intercept MIB"
MODULE -- this module
MANDATORY-GROUPS {
pktcESTapMediationComplianceGroup,
pktcESTapStreamComplianceGroup,
pktcESTapMediationCpbComplianceGroup,
pktcESTapNotificationGroup
}
::= { pktcESTapMibCompliances 1 }
-- units of conformance
pktcESTapMediationComplianceGroup OBJECT-GROUP
OBJECTS {
pktcEScTapMediationNewIndex,
pktcEScTapMediationDestAddressType,
pktcEScTapMediationDestAddress,
pktcEScTapMediationDestPort,
pktcEScTapMediationSrcInterface,
pktcEScTapMediationDscp,
pktcEScTapMediationTimeout,
pktcEScTapMediationTransport,
pktcEScTapMediationNotificationEnable,
pktcEScTapMediationStatus
}
STATUS current
DESCRIPTION
"These objects are necessary for description of the data
streams directed to a Mediation Device."
::= { pktcESTapMibGroups 1 }
pktcESTapStreamComplianceGroup OBJECT-GROUP
OBJECTS {
pktcEScTapStreamType,
pktcEScTapStreamInterceptEnable,
pktcEScTapStreamInterceptedPackets,
pktcEScTapStreamInterceptDrops,
pktcEScTapStreamStatus
}
STATUS current
DESCRIPTION
"These objects are necessary for a description of the packets
to select for interception."
::= { pktcESTapMibGroups 2 }
pktcESTapNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
pktcESTapMibActive,
pktcESTapMediationTimedOut,
pktcESTapMediationDebug,
pktcESTapStreamDebug,
pktcESTapSwitchover
}
STATUS current
DESCRIPTION
"These notifications are used to present status from the
intercepting device to the Mediation Device."
::= { pktcESTapMibGroups 3 }
pktcESTapMediationCpbComplianceGroup OBJECT-GROUP
OBJECTS {
pktcEScTapMediationCapabilities
}
STATUS current
DESCRIPTION
"These objects are necessary for a description of the
mediation device to select for Lawful Intercept."
::= { pktcESTapMibGroups 4 }
pktcESTapDebugComplianceGroup OBJECT-GROUP
OBJECTS {
pktcEScTapDebugAge,
pktcEScTapDebugMaxEntries,
pktcEScTapDebugMediationId,
pktcEScTapDebugStreamId,
pktcEScTapDebugMessage,
pktcEScTapDebugStatus
}
STATUS current
DESCRIPTION
"These objects are necessary for debug information."
::= { pktcESTapMibGroups 5 }
END