-- ***************************************************************** -- FS-SMP-MIB.mib: FS SMP MIB file -- -- Sept 2004, Chenxin -- -- Copyright (c) 2004 by FS.COM Inc.. -- All rights reserved. -- -- ***************************************************************** -- FS-SMP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32, Integer32, Gauge32, IpAddress FROM SNMPv2-SMI RowStatus, DisplayString, MacAddress, TruthValue FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF IfIndex, ConfigStatus FROM FS-TC fsMgmt FROM FS-SMI Community FROM FS-SNMP-AGENT-MIB VlanId FROM Q-BRIDGE-MIB InetAddressType, InetAddress FROM INET-ADDRESS-MIB; fsSMPMIB MODULE-IDENTITY LAST-UPDATED "200409090000Z" ORGANIZATION "FS.COM Inc.." CONTACT-INFO " Tel: 400-865-2852 E-mail: https://www.fs.com/live_chat_service_mail.html" DESCRIPTION "This module defines the MIB security case requires. At present, this MIB could only be accessed by the specified SMP Server." REVISION "200409090000Z" DESCRIPTION "Initial version of this MIB module." ::= { fsMgmt 39} fsSMPMIBObjects OBJECT IDENTIFIER ::= { fsSMPMIB 1 } -- -- user management -- fsSMPServer OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "IP addresses for the SMP Server." ::= { fsSMPMIBObjects 1 } fsSMPServerKey OBJECT-TYPE SYNTAX Community MAX-ACCESS read-write STATUS current DESCRIPTION "Keys for the SMP Server." ::= { fsSMPMIBObjects 2 } fsSMPEventSendSlice OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The minimum interval of sending SU security event. The variable value must be less than the one defined by fsSMPHICheckInterval." ::= { fsSMPMIBObjects 3 } fsSMPPolicyDelete OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This variable value: 0: No action is required; other values:Delete all policy information." ::= { fsSMPMIBObjects 4 } fsSMPPolicyChecksum OBJECT-TYPE SYNTAX OCTET STRING(SIZE(16)) MAX-ACCESS read-only STATUS current DESCRIPTION "The checksum information set on the current SMP policy table." ::= { fsSMPMIBObjects 5 } fsSMPPolicyTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Timeout time of SMP policy." ::= { fsSMPMIBObjects 6 } fsSMPPolicyGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF FSSMPPolicyGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Security policy group." ::= { fsSMPMIBObjects 9} fsSMPPolicyGroupEntry OBJECT-TYPE SYNTAX FSSMPPolicyGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "SMP policy group." INDEX {fsSMPPolicyGroupIndex} ::= { fsSMPPolicyGroupTable 1 } FSSMPPolicyGroupEntry ::= SEQUENCE { fsSMPPolicyGroupIndex Unsigned32, fsSMPPolicyGroupCount Unsigned32, fsSMPPolicyGroupChecksum OCTET STRING(SIZE(16)), fsSMPPolicyGroupStatus RowStatus } fsSMPPolicyGroupIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Policy group index." ::= { fsSMPPolicyGroupEntry 1 } fsSMPPolicyGroupCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Policy count in the policy group." ::= { fsSMPPolicyGroupEntry 2 } fsSMPPolicyGroupChecksum OBJECT-TYPE SYNTAX OCTET STRING(SIZE(16)) MAX-ACCESS read-create STATUS current DESCRIPTION "The sole identification in the policy group." ::= { fsSMPPolicyGroupEntry 3 } fsSMPPolicyGroupStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row." ::= { fsSMPPolicyGroupEntry 4 } fsSMPPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF FSSMPPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Security policy table." ::= { fsSMPMIBObjects 8} fsSMPPolicyEntry OBJECT-TYPE SYNTAX FSSMPPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "SMP policy table." INDEX {fsSMPGroupIndex,fsSMPPolicyIndex} ::= { fsSMPPolicyTable 1 } FSSMPPolicyEntry ::= SEQUENCE { fsSMPGroupIndex Unsigned32, fsSMPPolicyIndex Unsigned32, fsSMPPolicyStatus ConfigStatus, fsSMPPolicyNumber Unsigned32, fsSMPPolicyInstallPort IfIndex, fsSMPPolicyType INTEGER, fsSMPPolicyContent OCTET STRING, fsSMPPolicyMask OCTET STRING, fsSMPPolicyName DisplayString } fsSMPGroupIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of the policy group which the current policy is in." ::= { fsSMPPolicyEntry 1 } fsSMPPolicyIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The policy index." ::= { fsSMPPolicyEntry 2 } fsSMPPolicyStatus OBJECT-TYPE SYNTAX ConfigStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Entry state fields. For the detailed information, pls refer to FS-TC.mib." ::= { fsSMPPolicyEntry 3 } fsSMPPolicyNumber OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The policy sequence number." ::= { fsSMPPolicyEntry 4 } fsSMPPolicyInstallPort OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-write STATUS current DESCRIPTION "The index of port installed the policy." ::= { fsSMPPolicyEntry 5 } fsSMPPolicyType OBJECT-TYPE SYNTAX INTEGER{ hi-isolate(1), isolate(2), blocked(3), addrBind(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "The action of policy template. Hi-isolate application failure can be detected by HI only. isolate: isolation action; blocked: blocking action; addrBind: address-binding action. " ::= { fsSMPPolicyEntry 6 } fsSMPPolicyContent OBJECT-TYPE SYNTAX OCTET STRING(SIZE(80)) MAX-ACCESS read-write STATUS current DESCRIPTION "Content(80 bytes) of policy template." ::= { fsSMPPolicyEntry 7 } fsSMPPolicyMask OBJECT-TYPE SYNTAX OCTET STRING(SIZE(80)) MAX-ACCESS read-write STATUS current DESCRIPTION "Mask information(80 bytes) of policy template." ::= { fsSMPPolicyEntry 8 } fsSMPPolicyName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Policy name fields." ::= { fsSMPPolicyEntry 9 } fsSMPFrameRelayTable OBJECT-TYPE SYNTAX SEQUENCE OF FSSMPFrameRelayEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "SMP message forward table." ::= { fsSMPMIBObjects 7} fsSMPFrameRelayEntry OBJECT-TYPE SYNTAX FSSMPFrameRelayEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "SMP message forward table." INDEX {fsSMPFrameRelayIndex} ::= { fsSMPFrameRelayTable 1 } FSSMPFrameRelayEntry ::= SEQUENCE { fsSMPFrameRelayIndex Unsigned32, fsSMPFrameRelayContent OCTET STRING, fsSMPFrameRelayLength Unsigned32, fsSMPFrameRelayDestPort IfIndex, fsSMPFrameRelayDestVlan VlanId } fsSMPFrameRelayIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "SMP message forward table index." ::= { fsSMPFrameRelayEntry 1 } fsSMPFrameRelayContent OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..1024)) MAX-ACCESS read-write STATUS current DESCRIPTION "SMP message content with maximal 1024 bytes." ::= { fsSMPFrameRelayEntry 2 } fsSMPFrameRelayLength OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "SMP message length." ::= { fsSMPFrameRelayEntry 3 } fsSMPFrameRelayDestPort OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-write STATUS current DESCRIPTION "The index of destination port SMP messages are sent to." ::= { fsSMPFrameRelayEntry 4 } fsSMPFrameRelayDestVlan OBJECT-TYPE SYNTAX VlanId MAX-ACCESS read-write STATUS current DESCRIPTION "The VLAN ID of destination port SMP messages are sent to." ::= { fsSMPFrameRelayEntry 5 } -- EG log fsEGMIBObjects OBJECT IDENTIFIER ::= { fsSMPMIB 2 } -- authenticated user info fsEGUserTable OBJECT-TYPE SYNTAX SEQUENCE OF FSEGUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table that contains generic information about every user that is authenticated." ::= { fsEGMIBObjects 1 } fsEGUserEntry OBJECT-TYPE SYNTAX FSEGUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of authenticated user table." INDEX { fsEGUserIpAddrType,fsEGUserIpAddr } ::= { fsEGUserTable 1 } FSEGUserEntry ::= SEQUENCE { fsEGUserIpAddrType InetAddressType, fsEGUserIpAddr InetAddress, fsEGUserId OCTET STRING, fsEGUserName OCTET STRING, fsEGUserGroupName OCTET STRING, fsEGUserMac MacAddress, fsEGNasIp InetAddress, fsEGNasPort Gauge32, fsEGGatewayIp InetAddress, fsEGVlanId Gauge32, fsEGLoginTime OCTET STRING, fsEGLogoutTime OCTET STRING, fsEGMessageType Gauge32, fsEGUserStatus RowStatus } fsEGUserIpAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address type of the user." ::= { fsEGUserEntry 1 } fsEGUserIpAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the user." ::= { fsEGUserEntry 2 } fsEGUserId OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..256)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Id of User." ::= { fsEGUserEntry 3 } fsEGUserName OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..256)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Truename of User." ::= { fsEGUserEntry 4 } fsEGUserGroupName OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..256)) MAX-ACCESS read-create STATUS current DESCRIPTION "The group name of User." ::= { fsEGUserEntry 5 } fsEGUserMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The MAC Address of User." ::= { fsEGUserEntry 6 } fsEGNasIp OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The Ip Address of 1x Nas." ::= { fsEGUserEntry 7 } fsEGNasPort OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-create STATUS current DESCRIPTION "The user port of 1x Nas." ::= { fsEGUserEntry 8 } fsEGGatewayIp OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The ip address of gateway." ::= { fsEGUserEntry 9 } fsEGVlanId OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-create STATUS current DESCRIPTION "The vlan id of user." ::= { fsEGUserEntry 10 } fsEGLoginTime OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The login time of user. for example: 2010-07-12 12:35:56" ::= { fsEGUserEntry 11 } fsEGLogoutTime OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The logout time of user. for example: 2010-07-12 12:35:56" ::= { fsEGUserEntry 12 } fsEGMessageType OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-create STATUS current DESCRIPTION "The online(1)/offline(2) message type of the user." ::= { fsEGUserEntry 13 } fsEGUserStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { fsEGUserEntry 14 } fsEGUserDelete OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This variable value: 0: No action is required; other values:Delete all fsEGUser information." ::= { fsEGMIBObjects 2 } -- As the given port in SMP Server, this node will not be present in MIB. fsSMPTraps OBJECT IDENTIFIER ::= { fsSMPMIB 65535} fsSMPSwitchIP OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "IP addresses for the switch sending the Trap." ::= { fsSMPTraps 1 } fsSMPSwitchInterfaceID OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The interface receiving the messages to be forwarded." ::= { fsSMPTraps 2 } fsSMPSwitchInterfaceVLANID OBJECT-TYPE SYNTAX VlanId MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The VLAN ID of the switch interface receiving the messages to be forwarded." ::= { fsSMPTraps 3 } fsSMPFrameContentLength OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The encapsulated message length, which can not exceed 1024." ::= { fsSMPTraps 4 } fsSMPFrameContent OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..1024)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The encapsulated message whose length can not exceed 1024." ::= { fsSMPTraps 5 } fsSMPFrameRelayTrap NOTIFICATION-TYPE OBJECTS {fsSMPSwitchIP,fsSMPSwitchInterfaceID,fsSMPSwitchInterfaceVLANID, fsSMPFrameContentLength,fsSMPFrameContent} STATUS current DESCRIPTION "Trap message includes: IP address for the specified received message, port receiving the message, message length and message content." ::= { fsSMPTraps 6 } fsSMPArpAttackSubnetIP OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..40)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "IP addresses for all subnets of SVI where the attack source locates." ::= { fsSMPTraps 7 } fsSMPArpAttackSubnetIPNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Subnet IP address number." ::= { fsSMPTraps 8 } fsSMPArpAttackInterfaceSlot OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The slot number for the device connecting the attack source." ::= { fsSMPTraps 9 } fsSMPArpAttackInterfacePort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The interface number for the device connecting the attack source." ::= { fsSMPTraps 10} fsSMPArpAttackInterfaceVlanID OBJECT-TYPE SYNTAX VlanId MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The VLAN ID of VLAN where the attack source locates." ::= { fsSMPTraps 11 } fsSMPArpAttackFrameContent OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..64)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The ARP messages sent from the attack source." ::= { fsSMPTraps 12 } fsSMPArpAttackStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Show whether the device is attacked by the attack source or not. true: attack occurred; false: attack has been removed." ::= { fsSMPTraps 13 } fsSMPArpAttackCriticalStatus OBJECT-TYPE SYNTAX INTEGER{ critical(1), -- Slight ARP attack, infulencing normal operation of the network -- and advertising the SMP Server. emergencies(2) -- Severe ARP attack, leading to network crash. System blocks this -- attack automatically and advertise the SMP Server. } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The severity level of device attack by attack source: critical(1), -- Slight ARP attack, infulencing normal operation of the network and advertising the SMP Server. emergencies(2) -- Severe ARP attack, leading to network crash. System blocks this attack automatically and advertise the SMP Server. " ::= { fsSMPTraps 14 } fsSMPArpAttackMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "MAC address for the device connecting the attack source." ::= { fsSMPTraps 15 } fsSMPArpAttackInterfaceIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The interface index for the device connecting the attack source." ::= { fsSMPTraps 16 } fsSMPArpAttackTrap NOTIFICATION-TYPE OBJECTS {fsSMPArpAttackSubnetIP, fsSMPArpAttackSubnetIPNum, fsSMPArpAttackInterfaceSlot, fsSMPArpAttackInterfacePort, fsSMPArpAttackInterfaceVlanID, fsSMPArpAttackFrameContent, fsSMPArpAttackStatus, fsSMPArpAttackCriticalStatus, fsSMPArpAttackMac, fsSMPArpAttackInterfaceIndex} STATUS current DESCRIPTION "Trap message includes: IP addresses for all subnets of SVI where the attack source locates, Subnet IP address number, Slot number the attack source attacks, Port number the attack source attacks, VLAN ID of the VLAN the attack source belongs to, ARP message(64 bytes), Advertisement of attack occurrance and removal, MAC address for the device connecting the attack source, Interface index for the device connecting the attack source." ::= { fsSMPTraps 17 } fsSMPMIBConformance OBJECT IDENTIFIER ::= { fsSMPMIB 3 } fsSMPMIBCompliances OBJECT IDENTIFIER ::= { fsSMPMIBConformance 1 } fsSMPMIBGroups OBJECT IDENTIFIER ::= { fsSMPMIBConformance 2 } -- compliance statements fsDeviceMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the FS SMP MIB" MODULE -- this module MANDATORY-GROUPS { fsSMPServerMibGroup, fsSMPClientMibGroup, fsSMPPolicyMibGroup, fsSMPFrameRelayMibGroup} ::= { fsSMPMIBCompliances 1 } fsSMPServerMibGroup OBJECT-GROUP OBJECTS { fsSMPServer, fsSMPServerKey } STATUS current DESCRIPTION "Collection of SMP Server information." ::= { fsSMPMIBGroups 1 } fsSMPClientMibGroup OBJECT-GROUP OBJECTS { fsSMPEventSendSlice } STATUS current DESCRIPTION "Collection of restricted information of SMP Client management." ::= { fsSMPMIBGroups 2 } fsSMPPolicyMibGroup OBJECT-GROUP OBJECTS { fsSMPPolicyDelete, fsSMPPolicyChecksum, fsSMPPolicyIndex, fsSMPPolicyStatus, fsSMPPolicyInstallPort, fsSMPPolicyType, fsSMPPolicyContent, fsSMPPolicyMask, fsSMPPolicyName } STATUS current DESCRIPTION "Policy information collection." ::= { fsSMPMIBGroups 3 } fsSMPFrameRelayMibGroup OBJECT-GROUP OBJECTS { fsSMPFrameRelayIndex, fsSMPFrameRelayContent, fsSMPFrameRelayLength, fsSMPFrameRelayDestPort, fsSMPFrameRelayDestVlan } STATUS current DESCRIPTION "Information collection of message forward table." ::= { fsSMPMIBGroups 4 } END