-- **************************************************************************** -- **************************************************************************** -- Copyright(c) 2004 Mediatrix Telecom, Inc. -- NOTICE: -- This document contains information that is confidential and proprietary -- to Mediatrix Telecom, Inc. -- Mediatrix Telecom, Inc. reserves all rights to this document as well as -- to the Intellectual Property of the document and the technology and -- know-how that it includes and represents. -- This publication cannot be reproduced, neither in whole nor in part in -- any form whatsoever without written prior approval by -- Mediatrix Telecom, Inc. -- Mediatrix Telecom, Inc. reserves the right to revise this publication -- and make changes at any time and without the obligation to notify any -- person and/or entity of such revisions and/or changes. -- **************************************************************************** -- **************************************************************************** MX-FPU-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Integer32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF MxEnableState, MxActivationState, MxIpHostName, MxIpAddress, MxIpPort, MxAdvancedIpPort, MxIpSubnetMask, MxDigitMap FROM MX-TC MxUInt64, MxFloat32, MxIpHostNamePort, MxIpAddr, MxIpAddrPort, MxIpAddrMask, MxUri, MxUrl FROM MX-TC2 mediatrixServices FROM MX-SMI2; fpuMIB MODULE-IDENTITY LAST-UPDATED "1910210000Z" ORGANIZATION " Mediatrix Telecom, Inc. " CONTACT-INFO " Mediatrix Telecom, Inc. 4229, Garlock Street Sherbrooke (Quebec) Canada Phone: (819) 829-8749 " DESCRIPTION " Firmware Pack Updater The Firmware Pack Updater (FPU) service manages firmware upgrade, downgrade and rollback operations. " ::= { mediatrixServices 1300 } fpuMIBObjects OBJECT IDENTIFIER ::= { fpuMIB 1 } -- ***************************************************************************** -- Table:Installed MFPs -- ***************************************************************************** mfpInstalledInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF MfpInstalledInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Installed MFPs List of Firmware Packs that are currently installed on the unit. " ::= { fpuMIBObjects 100 } mfpInstalledInfoEntry OBJECT-TYPE SYNTAX MfpInstalledInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " A row in table Installed MFPs. " INDEX { mfpInstalledInfoIndex } ::= { mfpInstalledInfoTable 1 } MfpInstalledInfoEntry ::= SEQUENCE { mfpInstalledInfoIndex Unsigned32, mfpInstalledInfoMfpName OCTET STRING, mfpInstalledInfoMfpVersion OCTET STRING, mfpInstalledInfoMfpBank INTEGER, mfpInstalledInfoMfpProfileName OCTET STRING } -- Columnar:Name mfpInstalledInfoMfpName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Name Name of the MFP. " ::= { mfpInstalledInfoEntry 100 } -- Columnar:Version mfpInstalledInfoMfpVersion OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION " Version Version of the MFP installed. " ::= { mfpInstalledInfoEntry 200 } -- Columnar:Bank mfpInstalledInfoMfpBank OBJECT-TYPE SYNTAX INTEGER { none(100) , main(200) , recovery(300) , mainInUse (400) , recoveryInUse(500) } MAX-ACCESS read-only STATUS current DESCRIPTION " Bank Bank where the MFP is installed. " ::= { mfpInstalledInfoEntry 300 } -- Columnar:Profile Name mfpInstalledInfoMfpProfileName OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-only STATUS current DESCRIPTION " Profile Name Name of the profile. " ::= { mfpInstalledInfoEntry 400 } -- Index:MFPs Installed Info Index mfpInstalledInfoIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION " MFPs Installed Info Index Index of the currently installed MFPs. " ::= { mfpInstalledInfoEntry 50 } -- End of table:Installed MFPs -- Scalar:Status status OBJECT-TYPE SYNTAX INTEGER { waitingSystemReady(100) , idle(200) , updating(300) , waitingManualRestart(400) , rollbacking(500) , waitingForGracefulRestart(600) } MAX-ACCESS read-only STATUS current DESCRIPTION " Status Indicates the current status of the Firmware Pack Updater. * WaitingSystemReady: Waiting for the system restart to complete. * Idle: Ready to process a command. * Updating: Currently downloading and installing a firmware. * WaitingManualRestart: Waiting for a manual restart to complete a firmware update. * WaitingForGracefulRestart: Waiting for graceful shutdown of services before completing a firmware update. " ::= { fpuMIBObjects 110 } -- Scalar:Last Result mfpLastInstallationResult OBJECT-TYPE SYNTAX INTEGER { none(100) , success(200) , fail(300) } MAX-ACCESS read-only STATUS current DESCRIPTION " Last Result Result of the last Install command. * None: No installation result available. * Success: The last installation succeeded. * Fail: The last installation failed. " ::= { fpuMIBObjects 125 } -- Scalar:Firmware Installation Date and Time mfpLastInstallationDateTime OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..255) ) MAX-ACCESS read-only STATUS current DESCRIPTION " Firmware Installation Date and Time Date and time when the firmware was installed. " ::= { fpuMIBObjects 150 } -- Scalar:Rollback Available mfpRollbackAvailable OBJECT-TYPE SYNTAX INTEGER { no(0) , yes(100) } MAX-ACCESS read-only STATUS current DESCRIPTION " Rollback Available Indicates whether or not a MFP rollback operation is available. " ::= { fpuMIBObjects 175 } -- **************************************************************************** -- Group:MFP Repository -- Configuration relative to the remote update tree, i.e., where to get update -- files. -- **************************************************************************** mfpRepositoryGroup OBJECT IDENTIFIER ::= { fpuMIBObjects 400 } -- *************************************************************************** -- Group:File Transfer -- *************************************************************************** mfpTransferGroup OBJECT IDENTIFIER ::= { mfpRepositoryGroup 200 } -- Scalar:User Name mfpTransferUsername OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " User Name User name used for transfer authentication, if required. " DEFVAL { "" } ::= { mfpTransferGroup 200 } -- Scalar:Password mfpTransferPassword OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..63) ) MAX-ACCESS read-write STATUS current DESCRIPTION " Password Password used for transfer authentication, if required. " DEFVAL { "" } ::= { mfpTransferGroup 300 } -- Scalar:Level of security for HTTPS certificate validation. mfpTransferCertificateValidation OBJECT-TYPE SYNTAX INTEGER { noValidation(100) , hostName(200) } MAX-ACCESS read-write STATUS current DESCRIPTION " Level of security for HTTPS certificate validation. When downloading a MFP from an HTTPS server, this parameter defines the level of security to use when validating the server's certificate. * NoValidation: Allow a connection to the server without validating its certificate. The only condition is to receive a certificate from the server. This option provides partial security and should be selected with care. * HostName: Allow a connection to the server by validating its certificate is trusted and valid. The validations performed on the certificate include the expiration date and that the Subject Alternate Name (SAN) or Common Name (CN) matches the FQDN or IP address of the server. " DEFVAL { hostName } ::= { mfpTransferGroup 500 } -- Scalar:Certificate Trust Level for HTTPS connections mfpTransferCertificateTrustLevel OBJECT-TYPE SYNTAX INTEGER { locallyTrusted(100) , ocspOptional(200) , ocspMandatory(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Certificate Trust Level for HTTPS connections Define how a peer certificate is considered trusted for a HTTPS connection. * LocallyTrusted: A certificate is considered trusted when the certificate authority (CA) that signed the peer certificate is present in the Cert.OthersCertificatesInfo table. The certificate revocation status is not verified. * OcspOptional: A certificate is considered trusted when it is locally trusted and is not revoked by its certificate authority (CA). The certificate revocation status is queried using the Online Certificate Status Protocol (OCSP). If the OCSP server is not available or the verification status is unknown, the certificate is considered trusted. * OcspMandatory: A certificate is considered trusted when it is locally trusted and is not revoked by its certificate authority (CA). The certificate revocation status is queried using the Online Certificate Status Protocol (OCSP). If the OCSP server is not available or the verification status is unknown, the certificate is considered not trusted. " DEFVAL { locallyTrusted } ::= { mfpTransferGroup 600 } -- Scalar:Mfp Transfer Cipher Suite mfpTransferCipherSuite OBJECT-TYPE SYNTAX INTEGER { cS1(100) , cS2(200) , cS3(300) } MAX-ACCESS read-write STATUS current DESCRIPTION " Mfp Transfer Cipher Suite Defines the allowed cipher suites for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the cipher suite according to its configuration. * CS1: + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_DSS_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA + TLS_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_DSS_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_RC4_128_SHA + TLS_RSA_WITH_RC4_128_MD5 * CS2: + TLS_RSA_WITH_AES_128_CBC_SHA + TLS_RSA_WITH_AES_256_CBC_SHA + TLS_RSA_WITH_3DES_EDE_CBC_SHA + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA * CS3: + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + TLS_RSA_WITH_AES_256_GCM_SHA384 + TLS_RSA_WITH_AES_256_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_128_CBC_SHA256 " DEFVAL { cS1 } ::= { mfpTransferGroup 700 } -- Scalar:TLS Version mfpTransferTlsVersion OBJECT-TYPE SYNTAX INTEGER { sSLv3(100) , tLSv1(200) , tLSv1-1(300) , tLSv1-2 (400) } MAX-ACCESS read-write STATUS current DESCRIPTION " TLS Version Defines the allowed TLS versions for the network security settings when using the HTTPS transfer protocol. When the device initiates an HTTPS connection to a server it will negotiate the TLS version according to its configuration. * SSLv3: Allow SSL version 3 and all TLS versions. * TLSv1: Allow TLS versions 1 and up. * TLSv1_1: Allow TLS versions 1.1 and up. * TLSv1_2: Allow TLS versions 1.2 and up. The device will always send its highest supported TLS version in the ClientHello message. The server will select the highest supported TLS version it supports from the ClientHello message. The device will then validate that the selected version is allowed. If the version is not allowed the device will close the connection. " DEFVAL { tLSv1 } ::= { mfpTransferGroup 800 } -- End of group:File Transfer -- End of group:MFP Repository -- Scalar:MFP URL mfpUrl OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION " MFP URL URL of the MFP 'single file' to install. The supported transfer protocols are: * HTTP * HTTPS * TFTP * FTP Examples of valid URLs: * http://www.myserver.com/myfile.bin * tftp://myserver.com:69/myfolder/myfile.bin When the port is not included in the URL, the default port for the chosen protocol is used. For authentication, it is recommended to use the Fpu.MfpTransferUsername and Fpu.MfpTransferPassword parameters. The credentials may also be provisioned directly in the URL using the syntax protocol://[username[:password]@]hostname [:port]/[path/]filename with the following constraints: * No '/', ':' and '@' characters should be present in username or password. * No percent escaping. * The password will appear in clear in the URL field in the Web page. If a username/password is specified both in the URL and in the provisioning parameters, values specified in the URL will have precedence over the ones specified in the parameters. This parameter may contain some macros that are substituted by the actual value at the moment of fetching the MFP file. The supported macros are: * %mac% - the MAC address of the unit. * %product% - the product name of the unit. * %productseries% - the product series name of the unit. * %serial% - the serial number of the unit. " DEFVAL { "" } ::= { fpuMIBObjects 450 } -- Scalar:Automatic Restart automaticRestartEnable OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " Automatic Restart Enables the firmware pack updater to automatically restart the system when needed for completing a firmware update operation. Also see the AutomaticRestartGraceDelay parameter. " DEFVAL { disable } ::= { fpuMIBObjects 500 } -- Scalar:Automatic Restart Grace Delay automaticRestartGraceDelay OBJECT-TYPE SYNTAX Unsigned32 ( 0..10080 ) MAX-ACCESS read-write STATUS current DESCRIPTION " Automatic Restart Grace Delay Configures the grace delay in minutes that the unit waits for all telephony calls to be terminated before the automatic restart can occur. This value is expressed in minutes. The maximum value is set to 10080 minutes (7 days). Also see the AutomaticRestartEnable parameter. " DEFVAL { 0 } ::= { fpuMIBObjects 600 } -- Scalar:Default Settings On Firmware Installation. defaultSettingsOnInstall OBJECT-TYPE SYNTAX MxEnableState MAX-ACCESS read-write STATUS current DESCRIPTION " Default Settings On Firmware Installation. When set to 'Enable', the unit automatically executes a factory reset upon completion of a firmware installation. " DEFVAL { disable } ::= { fpuMIBObjects 700 } -- **************************************************************************** -- Group:Notification Messages Configuration -- **************************************************************************** notificationsGroup OBJECT IDENTIFIER ::= { fpuMIBObjects 60010 } -- Scalar:Minimal Severity of Notification minSeverity OBJECT-TYPE SYNTAX INTEGER { disable(0) , debug(100) , info(200) , warning(300) , error(400) , critical (500) } MAX-ACCESS read-write STATUS current DESCRIPTION " Minimal Severity of Notification Sets the minimal severity to issue a notification message incoming from this service. * Disable: No notification is issued. * Debug: All notification messages are issued. * Info: Notification messages with a 'Informational' and higher severity are issued. * Warning: Notification messages with a 'Warning' and higher severity are issued. * Error: Notification messages with an 'Error' and higher severity are issued. * Critical: Notification messages with a 'Critical' severity are issued. " DEFVAL { warning } ::= { notificationsGroup 100 } -- End of group:Notification Messages Configuration -- **************************************************************************** -- Group:Configuration Settings -- **************************************************************************** configurationGroup OBJECT IDENTIFIER ::= { fpuMIBObjects 60020 } -- Scalar:Need Restart needRestartInfo OBJECT-TYPE SYNTAX INTEGER { no(0) , yes(100) } MAX-ACCESS read-only STATUS current DESCRIPTION " Need Restart Indicates if the service needs to be restarted for the configuration to fully take effect. * Yes: Service needs to be restarted. * No: Service does not need to be restarted. Services can be restarted by using the Scm.ServiceCommands.Restart command. " ::= { configurationGroup 100 } -- End of group:Configuration Settings END