-- ZyXEL Communications Corporation -- Private Enterprise MIB definition -- This file describes the ZyXEL Communications Corporation Enterprise MIB. -- It contains ZyXEL products OIDs, and common managed objects. -- $Log: ZYXEL-ARP-INSPECTION-MIB.mib $ -- Revision 1.5 2013/12/06 07:02:15 ccho -- remove uncessary imports -- Revision 1.4 2013/11/06 05:41:03 ccho -- fix mib style -- Revision 1.3 2012/09/19 07:29:17 Kevin -- if it's leaf node, revise the vender name from zyxel to zy -- Revision 1.2 2012/07/05 06:22:05 Kevin -- 1. upgrade from SNMP to SNMPv2 -- 2. clean warning -- Revision 1.1 2012/05/30 07:48:10 Kevin -- Initial revision ZYXEL-ARP-INSPECTION-MIB DEFINITIONS ::= BEGIN IMPORTS OBJECT-TYPE FROM SNMPv2-SMI -- RFC2578 MODULE-IDENTITY FROM SNMPv2-SMI DisplayString FROM SNMPv2-TC DateAndTime, MacAddress FROM SNMPv2-TC -- RFC2579 EnabledStatus FROM P-BRIDGE-MIB dot1dBasePort FROM BRIDGE-MIB IpAddress FROM SNMPv2-SMI Counter32 FROM SNMPv2-SMI esMgmt FROM ZYXEL-ES-SMI; zyxelArpInspection MODULE-IDENTITY LAST-UPDATED "201207010000Z" ORGANIZATION "Enterprise Solution ZyXEL" CONTACT-INFO "" DESCRIPTION "The subtree for arp inspection" ::= { esMgmt 12 } zyxelArpInspectSetup OBJECT IDENTIFIER ::= { zyxelArpInspection 1 } zyxelArpInspectStatus OBJECT IDENTIFIER ::= { zyxelArpInspection 2 } -- -- -- 12. zyxelArpInspection -- -- -- 1.zyxelArpInspectSetup zyArpInspectState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable ARP inspection on the switch." ::= { zyxelArpInspectSetup 1 } zyArpInspectFilterAgingTime OBJECT-TYPE SYNTAX INTEGER (0..2147483647) MAX-ACCESS read-write STATUS current DESCRIPTION "Enter how long (1-2147483647 seconds) the MAC address filter remains in the switch after the switch identifies an unauthorized ARP packet. The switch automatically deletes the MAC address filter afterwards. Type 0 if you want the MAC address filter to be permanent." ::= { zyxelArpInspectSetup 2 } zyxelArpInspectLog OBJECT IDENTIFIER ::= { zyxelArpInspectSetup 3 } zyArpInspectLogEntries OBJECT-TYPE SYNTAX INTEGER (0..1024) MAX-ACCESS read-write STATUS current DESCRIPTION "Enter the maximum number (1-1024) of log messages that were generated by ARP packets and have not been sent to the syslog server yet. Make sure this number is appropriate for the specified syslog rate and Log interval. If the number of log messages in the switch exceeds this number, the switch stops recording log messages and simply starts counting the number of entries that were dropped due to unavailable buffer." ::= { zyxelArpInspectLog 1 } zyArpInspectLogRate OBJECT-TYPE SYNTAX INTEGER (0..1024) MAX-ACCESS read-write STATUS current DESCRIPTION "Enter the maximum number of syslog messages the switch can send to the syslog server in one batch. This number is expressed as a rate because the batch frequency is determined by the Log Interval. You must configure the syslog server to use this. Enter 0 if you do not want the switch to send log messages generated by ARP packets to the syslog server." ::= { zyxelArpInspectLog 2 } zyArpInspectLogInterval OBJECT-TYPE SYNTAX INTEGER (0..2147483647) MAX-ACCESS read-write STATUS current DESCRIPTION "Enter how often (1-86400 seconds) the switch sends a batch of syslog messages to the syslog server. Enter 0 if you want the switch to send syslog messages immediately." ::= { zyxelArpInspectLog 3 } zyxelArpInspectVlanTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelArpInspectVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains ARP inspection VLAN configuration." ::= { zyxelArpInspectSetup 4 } zyxelArpInspectVlanEntry OBJECT-TYPE SYNTAX ZyxelArpInspectVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains ARP inspection VLAN configuration." INDEX { zyArpInspectVlanVid } ::= { zyxelArpInspectVlanTable 1 } ZyxelArpInspectVlanEntry ::= SEQUENCE { zyArpInspectVlanVid INTEGER, zyArpInspectVlanState EnabledStatus, zyArpInspectVlanLog INTEGER } zyArpInspectVlanVid OBJECT-TYPE SYNTAX INTEGER (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID of each VLAN." ::= { zyxelArpInspectVlanEntry 1 } zyArpInspectVlanState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable ARP inspection on the VLAN." ::= { zyxelArpInspectVlanEntry 2 } zyArpInspectVlanLog OBJECT-TYPE SYNTAX INTEGER { all (1), none (2), permit (3), deny (4) } MAX-ACCESS read-write STATUS current DESCRIPTION "Specify when the switch generates log messages for receiving ARP packets from the VLAN. None: The switch does not generate any log messages when it receives an ARP packet from the VLAN. Deny: The switch generates log messages when it discards an ARP packet from the VLAN. Permit: The switch generates log messages when it forwards an ARP packet from the VLAN. All: The switch generates log messages every time it receives an ARP packet from the VLAN." ::= { zyxelArpInspectVlanEntry 3 } zyxelArpInspectPortTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelArpInspectPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains ARP inspection port configuration." ::= { zyxelArpInspectSetup 5 } zyxelArpInspectPortEntry OBJECT-TYPE SYNTAX ZyxelArpInspectPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains ARP inspection port configuration. " INDEX { dot1dBasePort } ::= { zyxelArpInspectPortTable 1 } ZyxelArpInspectPortEntry ::= SEQUENCE { zyArpInspectPortTrustState EnabledStatus, zyArpInspectPortRate INTEGER, zyArpInspectPortInterval INTEGER } zyArpInspectPortTrustState OBJECT-TYPE SYNTAX EnabledStatus { trusted(1), untrusted(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable this port to be a trusted port (enable) or an untrusted port (disable). The switch does not discard ARP packets on trusted ports for any reason." ::= { zyxelArpInspectPortEntry 1 } zyArpInspectPortRate OBJECT-TYPE SYNTAX INTEGER (0..2048) MAX-ACCESS read-write STATUS current DESCRIPTION "Specify the maximum rate (1-2048 packets per second) at which the switch receives ARP packets from each port. The switch discards any additional ARP packets. Enter 0 to disable this limit." ::= { zyxelArpInspectPortEntry 2 } zyArpInspectPortInterval OBJECT-TYPE SYNTAX INTEGER (1..15) MAX-ACCESS read-write STATUS current DESCRIPTION "Enter the length (1-15 seconds) of the burst interval. The burst interval is the length of time over which the rate of ARP packets is monitored for each port. For example, if the Rate is 15 pps and the burst interval is 1 second, then the switch accepts a maximum of 15 ARP packets in every one-second interval. If the burst interval is 5 seconds, then the switch accepts a maximum of 75 ARP packets in every five-second interval." ::= { zyxelArpInspectPortEntry 3 } -- 2.zyxelArpInspectStatus zyArpInspectFilterClearAll OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Delete all ARP inspection filters from the switch." ::= { zyxelArpInspectStatus 1 } zyArpInspectLogClear OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Delete all ARP inspection log from the switch." ::= { zyxelArpInspectStatus 2 } zyxelArpInspectFilterTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelArpInspectFilterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains ARP inspection filter information." ::= { zyxelArpInspectStatus 3 } zyxelArpInspectFilterEntry OBJECT-TYPE SYNTAX ZyxelArpInspectFilterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains ARP inspection filter information." INDEX { zyArpInspectFilterMacAddress, zyArpInspectFilterVid } ::= { zyxelArpInspectFilterTable 1 } ZyxelArpInspectFilterEntry ::= SEQUENCE { zyArpInspectFilterMacAddress MacAddress, zyArpInspectFilterVid INTEGER, zyArpInspectFilterPort INTEGER, zyArpInspectFilterExpiry INTEGER, zyArpInspectFilterClear EnabledStatus } zyArpInspectFilterMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source MAC address in ARP inspection filter." ::= { zyxelArpInspectFilterEntry 1 } zyArpInspectFilterVid OBJECT-TYPE SYNTAX INTEGER (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source VLAN ID in ARP inspection filter." ::= { zyxelArpInspectFilterEntry 2 } zyArpInspectFilterPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the source port of the discarded ARP packet." ::= { zyxelArpInspectFilterEntry 3 } zyArpInspectFilterExpiry OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays how long (in seconds) the ARP inspection filter remains in the switch." ::= { zyxelArpInspectFilterEntry 4 } zyArpInspectFilterClear OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allow entry to be deleted an ARP inspect filter entry." ::= { zyxelArpInspectFilterEntry 6 } zyxelArpInspectLogTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelArpInspectLogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains ARP inspection log information." ::= { zyxelArpInspectStatus 4 } zyxelArpInspectLogEntry OBJECT-TYPE SYNTAX ZyxelArpInspectLogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains ARP inspection log information. " INDEX { zyArpInspectLogMacAdderss, zyArpInspectLogVid, zyArpInspectLogPort, zyArpInspectLogIpAddress, zyArpInspectLogReasonType } ::= { zyxelArpInspectLogTable 1 } ZyxelArpInspectLogEntry ::= SEQUENCE { zyArpInspectLogMacAdderss MacAddress, zyArpInspectLogVid INTEGER, zyArpInspectLogPort INTEGER, zyArpInspectLogIpAddress IpAddress, zyArpInspectLogNumberPacket INTEGER, zyArpInspectLogReasonType INTEGER, zyArpInspectLogTime DisplayString } zyArpInspectLogMacAdderss OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source MAC address of the ARP packet." ::= { zyxelArpInspectLogEntry 1 } zyArpInspectLogVid OBJECT-TYPE SYNTAX INTEGER (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source VLAN ID of the ARP packet." ::= { zyxelArpInspectLogEntry 2 } zyArpInspectLogPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source port of the ARP packet." ::= { zyxelArpInspectLogEntry 3 } zyArpInspectLogIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the source IP address of the ARP packet." ::= { zyxelArpInspectLogEntry 4 } zyArpInspectLogNumberPacket OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the number of ARP packets that were consolidated into this log message. The switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message." ::= { zyxelArpInspectLogEntry 5 } zyArpInspectLogReasonType OBJECT-TYPE SYNTAX INTEGER { deny (1), denyStatic (2), denyDHCP (3), permitStatic (4), permitDHCP (5) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "This field displays the reason the log message was generated. dhcp deny: An ARP packet was discarded because it violated a dynamic binding with the same MAC address and VLAN ID. static deny: An ARP packet was discarded because it violated a static binding with the same MAC address and VLAN ID. deny: An ARP packet was discarded because there were no bindings with the same MAC address and VLAN ID. dhcp permit: An ARP packet was forwarded because it matched a dynamic binding. static permit: An ARP packet was forwarded because it matched a static binding." ::= { zyxelArpInspectLogEntry 6 } zyArpInspectLogTime OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays when the log message was generated." ::= { zyxelArpInspectLogEntry 7 } zyxelArpInspectStatisticsTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelArpInspectStatisticsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains ARP inspection statistics information." ::= { zyxelArpInspectStatus 5 } zyxelArpInspectStatisticsEntry OBJECT-TYPE SYNTAX ZyxelArpInspectStatisticsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains ARP inspection statistics information. " INDEX { zyArpInspectStatisticsVid } ::= { zyxelArpInspectStatisticsTable 1 } ZyxelArpInspectStatisticsEntry ::= SEQUENCE { zyArpInspectStatisticsVid INTEGER, zyArpInspectStatisticsReceived Counter32, zyArpInspectStatisticsRequest Counter32, zyArpInspectStatisticsReply Counter32, zyArpInspectStatisticsForward Counter32, zyArpInspectStatisticsDrop Counter32, zyArpInspectStatisticsClear EnabledStatus } zyArpInspectStatisticsVid OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID of each VLAN." ::= { zyxelArpInspectStatisticsEntry 1 } zyArpInspectStatisticsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the total number of ARP packets received from the VLAN since the switch last restarted." ::= { zyxelArpInspectStatisticsEntry 2 } zyArpInspectStatisticsRequest OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the total number of ARP Request packets received from the VLAN since the switch last restarted." ::= { zyxelArpInspectStatisticsEntry 3 } zyArpInspectStatisticsReply OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the total number of ARP Reply packets received from the VLAN since the switch last restarted." ::= { zyxelArpInspectStatisticsEntry 4 } zyArpInspectStatisticsForward OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the total number of ARP packets the switch forwarded for the VLAN since the switch last restarted." ::= { zyxelArpInspectStatisticsEntry 5 } zyArpInspectStatisticsDrop OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This field displays the total number of ARP packets the switch discarded for the VLAN since the switch last restarted." ::= { zyxelArpInspectStatisticsEntry 6 } zyArpInspectStatisticsClear OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Removes ARP inspection statistics for the specified VLAN." ::= { zyxelArpInspectStatisticsEntry 7 } END