--MibName=rcPortsecurity -- ***************************************************************** -- switch-portsecurity-mib.smi: Raisecom port security MIB file -- -- 3 2008, chenweiliang -- -- Copyright (c) 1994-2000, 2001 by Raisecom, Inc. -- All rights reserved. -- -- ***************************************************************** SWITCH-PORTSECURITY-MIB DEFINITIONS ::= BEGIN IMPORTS iscomSwitch FROM RAISECOM-BASE-MIB EnableVar FROM SWITCH-TC RowStatus,MacAddress FROM SNMPv2-TC; rcPortsecurity MODULE-IDENTITY LAST-UPDATED "200412200000Z" ORGANIZATION "Raisecom, Inc." CONTACT-INFO " Raise Systems Postal: Beijing, China Tel: 86-010-82884499 E-mail: chenweiliang@raisecom.com" DESCRIPTION "description of port security mac manage object." ::= { iscomSwitch 49} rcPortSecCfg OBJECT IDENTIFIER ::= { rcPortsecurity 1 } rcPortSecTrapGroup OBJECT IDENTIFIER ::= { rcPortsecurity 4 } -- ------------------------------------------------------------- -- groups in the rcPortsecurity MIB rcPortSecCfg -- ------------------------------------------------------------- rcPortSecMacAgingTime OBJECT-TYPE SYNTAX INTEGER(0..1440) MAX-ACCESS read-write STATUS current DESCRIPTION "The interval in which the interface is secured. After the expiration of the time, the corresponding SecureMacAddress will be removed. If the value of this object is 0, the aging mechanism is disabled." ::= { rcPortSecCfg 1} -- ------------------------------------------------------------- -- groups in the rcPortsecurity MIB rcPortSecTable -- ------------------------------------------------------------- rcPortSecTable OBJECT-TYPE SYNTAX SEQUENCE OF RcPortSecEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of security mac for port and associated properties." ::= { rcPortsecurity 2} rcPortSecEntry OBJECT-TYPE SYNTAX RcPortSecEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table entry for security of port and status information." INDEX { rcPortSecIndx } ::= { rcPortSecTable 1 } RcPortSecEntry ::= SEQUENCE { rcPortSecIndx INTEGER, rcPortSecEnable EnableVar, rcPortSecMaxAllowedMac INTEGER, rcPortSecMacViolationAction INTEGER, rcPortSecShutUp INTEGER, rcPortSecMacStickyEnable EnableVar, rcPortSecTrapEnable EnableVar, rcPortSecMacDel INTEGER, rcPortSecCurMacNum INTEGER, rcPortSecMaxMacs INTEGER, rcPortSecMacViolations INTEGER, rcPortSecViolationStatus INTEGER, rcPortSecLastAccessMacAddress MacAddress, rcPortSecLastAccessMacVlan INTEGER, rcPortSecLastAgingMacAddress MacAddress, rcPortSecLastAgingMacVlan INTEGER, rcPortSecLastDelMacAddress MacAddress, rcPortSecLastDelMacVlan INTEGER, rcPortSecLastDelMacFlag INTEGER } rcPortSecIndx OBJECT-TYPE SYNTAX INTEGER ACCESS not-accessible STATUS current DESCRIPTION "The index port number." ::= { rcPortSecEntry 1 } rcPortSecEnable OBJECT-TYPE SYNTAX EnableVar ACCESS read-write STATUS current DESCRIPTION "The port security status." ::= { rcPortSecEntry 2 } rcPortSecMaxAllowedMac OBJECT-TYPE SYNTAX INTEGER (1..1024) ACCESS read-write STATUS current DESCRIPTION "The maximum number of MAC addresses to be secured on the interface. when configuration value is larger than rcPortSecCurMacNum, the result return wrong,so please check the rcPortSecCurMacNum firstly." ::= { rcPortSecEntry 3 } rcPortSecMacViolationAction OBJECT-TYPE SYNTAX INTEGER (1..3) ACCESS read-write STATUS current DESCRIPTION "Determines the action that the device will take if the traffic matches the port security violation." ::= { rcPortSecEntry 4 } rcPortSecShutUp OBJECT-TYPE SYNTAX INTEGER (0..1) ACCESS read-write STATUS current DESCRIPTION "This object indicates the shut up of security port.." ::= { rcPortSecEntry 5 } rcPortSecMacStickyEnable OBJECT-TYPE SYNTAX EnableVar ACCESS read-write STATUS current DESCRIPTION "Set to 'true' to enable and 'false' to disable Sticky port security feature on this interface. Enabling this feature allows the device to secure learned MAC addresses on this interface permanently. In order to remove the sticky addresses on this interface, user has to manually delete the sticky MAC address(es) or disable the sticky feature itself." ::= { rcPortSecEntry 6 } rcPortSecTrapEnable OBJECT-TYPE SYNTAX EnableVar ACCESS read-write STATUS current DESCRIPTION "This object indicates the VLAN where the last MAC address that is seen on this interface. This object is also used as a variable in the cpsIfVlanSecureMacAddrViolation notification to contain the value of the VLAN received the mac address which caused the violation." ::= { rcPortSecEntry 7 } rcPortSecMacDel OBJECT-TYPE SYNTAX INTEGER(1..4) ACCESS read-write STATUS current DESCRIPTION "It indicates that it can delete security mac address. 1 indicates configuration security mac, 2 indicates dynamic security mac, 3 indicates sticky security mac. 4 indicates all security mac," ::= { rcPortSecEntry 8 } rcPortSecCurMacNum OBJECT-TYPE SYNTAX INTEGER (1..1024) ACCESS read-only STATUS current DESCRIPTION "The current number of MAC addresses secured on this interface." ::= { rcPortSecEntry 9 } rcPortSecMaxMacs OBJECT-TYPE SYNTAX INTEGER (1..1024) ACCESS read-only STATUS current DESCRIPTION "The history mac max of MAC addresses secured on this interface." ::= { rcPortSecEntry 10 } rcPortSecMacViolations OBJECT-TYPE SYNTAX INTEGER (1..65535) ACCESS read-only STATUS current DESCRIPTION "This object indicates the number of violations occurred on a secure interface. The counter will be initialized to zero when the port security feature is enabled on an interface." ::= { rcPortSecEntry 11 } rcPortSecViolationStatus OBJECT-TYPE SYNTAX INTEGER (1..2) ACCESS read-only STATUS current DESCRIPTION "This object represents the operational status of the port security feature on an interface. secureup(1) - This indicates port security is operational. shutdown(2) - This indicates that the port is shutdown due to port security violation when the object rcPortSecMacViolationAction is of type 'shutdown'." ::= { rcPortSecEntry 12 } rcPortSecLastAccessMacAddress OBJECT-TYPE SYNTAX MacAddress ACCESS read-only STATUS current DESCRIPTION "This object indicates the last MAC address that is seen on this interface. This object is also used as a variable to contain the value of the MAC address which caused the violation." ::= { rcPortSecEntry 13 } rcPortSecLastAccessMacVlan OBJECT-TYPE SYNTAX INTEGER (1..4094) ACCESS read-only STATUS current DESCRIPTION "This object indicates the VLAN where the last MAC address that is seen on this interface. This object is also used as a variable in the cpsIfVlanSecureMacAddrViolation notification to contain the value of the VLAN received the mac address which caused the violation." ::= { rcPortSecEntry 14 } rcPortSecLastAgingMacAddress OBJECT-TYPE SYNTAX MacAddress ACCESS read-only STATUS current DESCRIPTION "This object indicates the last aging MAC address that is seen on this interface. This object is also used as a variable in the rcPortSecAgingTrap notification to contain the value of the MAC address which caused the aging trap. " ::= { rcPortSecEntry 15 } rcPortSecLastAgingMacVlan OBJECT-TYPE SYNTAX INTEGER (1..4094) ACCESS read-only STATUS current DESCRIPTION "This object indicates the VLAN where the last aging MAC address that is seen on this interface. This object is also used as a variable in the rcPortSecAgingTrap notification to contain the value of the VLAN related to the mac address which caused the aging." ::= { rcPortSecEntry 16 } rcPortSecLastDelMacAddress OBJECT-TYPE SYNTAX MacAddress ACCESS read-only STATUS current DESCRIPTION "This object indicates the last deleted MAC address that is seen on this interface. This object is also used as a variable in the rcPortSecDelTrap notification to contain the value of the MAC address which caused the deletion trap. " ::= { rcPortSecEntry 17 } rcPortSecLastDelMacVlan OBJECT-TYPE SYNTAX INTEGER (1..4094) ACCESS read-only STATUS current DESCRIPTION "This object indicates the VLAN where the last deleted MAC address that is seen on this interface. This object is also used as a variable in the rcPortSecDelTrap notification to contain the value of the VLAN related to the mac address which caused the deletion." ::= { rcPortSecEntry 18 } rcPortSecLastDelMacFlag OBJECT-TYPE SYNTAX INTEGER { static(1), dynamic(2), sticky(3) } ACCESS read-only STATUS current DESCRIPTION "This object indicates if the last deleted secure MAC address is a configured 'static' or learned 'dynamic' or learned and retained across reboots 'sticky'." ::= { rcPortSecEntry 19 } -- ------------------------------------------------------------- -- groups in the rcPortsecurity MIB rcPortSecMacTable -- ------------------------------------------------------------- rcPortSecMacTable OBJECT-TYPE SYNTAX SEQUENCE OF RcPortSecMacEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of security mac for mac and vlan." ::= { rcPortsecurity 3} rcPortSecMacEntry OBJECT-TYPE SYNTAX RcPortSecMacEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table entry for security mac information." INDEX {rcPortSecVlan , rcPortSecMac} ::= { rcPortSecMacTable 1 } RcPortSecMacEntry ::= SEQUENCE { rcPortSecVlan INTEGER, rcPortSecMac MacAddress, rcPortSecPort INTEGER, rcPortSecFlag INTEGER, rcPortSecAgingTm INTEGER, rcPortSecRowStatus RowStatus } rcPortSecVlan OBJECT-TYPE SYNTAX INTEGER (1..4094) ACCESS read-only STATUS current DESCRIPTION "This object indicates the vlan configured on an interface." ::= { rcPortSecMacEntry 1 } rcPortSecMac OBJECT-TYPE SYNTAX MacAddress ACCESS read-only STATUS current DESCRIPTION "This object indicates the mac configured on an interface." ::= { rcPortSecMacEntry 2 } rcPortSecPort OBJECT-TYPE SYNTAX INTEGER ACCESS read-create STATUS current DESCRIPTION "This object indicates on which port a secure MAC address configured or learned." ::= { rcPortSecMacEntry 3 } rcPortSecFlag OBJECT-TYPE SYNTAX INTEGER { static(1), dynamic(2), sticky(3) } ACCESS read-create STATUS current DESCRIPTION "This object indicates if the secure MAC address is a configured 'static' or learned 'dynamic' or learned and retained across reboots 'sticky'." ::= { rcPortSecMacEntry 4 } rcPortSecAgingTm OBJECT-TYPE SYNTAX INTEGER (0..1440) ACCESS read-only STATUS current DESCRIPTION "This object indicates that this MAC should be delate after 'rcPortSecAgingTm' vaule." ::= { rcPortSecMacEntry 5 } rcPortSecRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-create STATUS current DESCRIPTION "The status of this entry." ::= { rcPortSecMacEntry 6 } -- ------------------------------------------------------------- -- groups in the rcPortsecurity MIB rcPortSecTrapGroup -- ------------------------------------------------------------- rcPortSecLearningTrap NOTIFICATION-TYPE OBJECTS { rcPortSecVlan,rcPortSecMac,rcPortSecPort,rcPortSecFlag } STATUS current DESCRIPTION "Port security learning trap." ::= { rcPortSecTrapGroup 1 } rcPortSecViolationTrap NOTIFICATION-TYPE OBJECTS { rcPortSecLastAccessMacAddress,rcPortSecLastAccessMacVlan } STATUS current DESCRIPTION "Security mac violation trap." ::= { rcPortSecTrapGroup 2 } rcPortSecAgingTrap NOTIFICATION-TYPE OBJECTS { rcPortSecLastAgingMacAddress,rcPortSecLastAgingMacVlan } STATUS current DESCRIPTION "Mac aging happens." ::= { rcPortSecTrapGroup 3 } rcPortSecDelTrap NOTIFICATION-TYPE OBJECTS { rcPortSecLastDelMacAddress,rcPortSecLastDelMacVlan,rcPortSecLastDelMacFlag } STATUS current DESCRIPTION "Mac deletion happens." ::= { rcPortSecTrapGroup 4 } END