945 lines
36 KiB
Plaintext
945 lines
36 KiB
Plaintext
-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00
|
|
|
|
|
|
---------------------------------------------------------------------------
|
|
-- (C)opyright 2008-2014 bintec elmeg GmbH
|
|
-- $RCSfile: mib-hacc,v $
|
|
-- $Revision: 1.20 $
|
|
-- $Date: 2014-05-21 14:11:30 $
|
|
---------------------------------------------------------------------------
|
|
|
|
BINTEC-HACC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
|
|
Integer32, Unsigned32, Counter32, Counter64, IpAddress, TimeTicks,
|
|
mib-2, enterprises
|
|
FROM SNMPv2-SMI
|
|
|
|
DisplayString, TimeStamp, PhysAddress, RowStatus
|
|
FROM SNMPv2-TC
|
|
|
|
biboip, Date, BitValue, HexValue
|
|
FROM BINTEC-MIB
|
|
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF;
|
|
|
|
---------------------------------------------------------------------------
|
|
|
|
hacc MODULE-IDENTITY
|
|
LAST-UPDATED "201405210000Z"
|
|
ORGANIZATION "bintec elmeg GmbH"
|
|
CONTACT-INFO
|
|
"EMail: info@bintec-elmeg.com
|
|
Web: www.bintec-elmeg.com"
|
|
DESCRIPTION
|
|
"The MIB module for managing host access authentication."
|
|
REVISION "201212040000Z"
|
|
DESCRIPTION
|
|
""
|
|
::= { biboip 62 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipHostAccessTable
|
|
---------------------------------------------------------------------------
|
|
|
|
ipHostAccessTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpHostAccessEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table listing the interfaces on host
|
|
access authentication is enabled."
|
|
::= { hacc 1 }
|
|
|
|
ipHostAccessEntry OBJECT-TYPE
|
|
SYNTAX IpHostAccessEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) representing an interface on
|
|
which host access authentication is enabled."
|
|
INDEX { ipHostAccessIfIndex }
|
|
|
|
::= { ipHostAccessTable 1 }
|
|
|
|
IpHostAccessEntry ::=
|
|
SEQUENCE {
|
|
ipHostAccessStatus RowStatus,
|
|
ipHostAccessIfIndex INTEGER,
|
|
ipHostAccessDefaultPassword DisplayString,
|
|
ipHostAccessWalledNetwork IpAddress,
|
|
ipHostAccessWalledNetmask IpAddress,
|
|
ipHostAccessWalledURL DisplayString,
|
|
ipHostAccessTermsURL DisplayString,
|
|
ipHostAccessUserDomain DisplayString,
|
|
ipHostAccessReAuthenticatePeriod Unsigned32,
|
|
ipHostAccessDefaultSessionTimeout Unsigned32,
|
|
ipHostAccessDefaultMaxTransfer Counter64,
|
|
ipHostAccessDefaultIdleTimeout Unsigned32,
|
|
ipHostAccessDefaultAcctInterval Unsigned32,
|
|
ipHostAccessSessionTimeReporting INTEGER,
|
|
ipHostAccessWalledStatus INTEGER,
|
|
ipHostAccessDefaultLanguage DisplayString,
|
|
ipHostAccessIndex INTEGER,
|
|
ipHostAccessLoginViaWalledGarden INTEGER,
|
|
ipHostAccessPopupStatus INTEGER,
|
|
ipHostAccessPostLoginURL DisplayString,
|
|
ipHostAccessReAuthenticateTries INTEGER
|
|
}
|
|
|
|
ipHostAccessStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this entry."
|
|
DEFVAL { createAndGo }
|
|
::= { ipHostAccessEntry 1 }
|
|
|
|
ipHostAccessIfIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The corresponding interface for which host access authentication
|
|
should be applied."
|
|
::= { ipHostAccessEntry 2 }
|
|
|
|
ipHostAccessDefaultPassword OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default password used for authentication.
|
|
If defined, only a valid vouchure ID is
|
|
needed for authentication."
|
|
DEFVAL { "" }
|
|
::= { ipHostAccessEntry 3 }
|
|
|
|
ipHostAccessWalledNetwork OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies together with ipHostAccessWalledNetmask
|
|
the network where hosts can communicate without authorization.
|
|
Further walled-garden-entries can be specified by domain-name
|
|
via table ipWalledGardenDomainCfgTable.
|
|
The whole walled-garden-feature can be deactivated via field
|
|
ipHostAccessWalledStatus."
|
|
::= { ipHostAccessEntry 4 }
|
|
|
|
ipHostAccessWalledNetmask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The netmask which corresponds to ipHostAccessWalledNetwork.
|
|
The whole walled-garden-feature can be deactivated via field
|
|
ipHostAccessWalledStatus."
|
|
::= { ipHostAccessEntry 5 }
|
|
|
|
ipHostAccessWalledURL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If not empty, meaning depends on value of field
|
|
ipHostAccessLoginViaWalledGarden:
|
|
- false: Two frames are used. During login, left frame shows
|
|
internal login-page, and right frame shows specified
|
|
walled-garden-page, e.g. 'http://www.thecompany.com/'.
|
|
After successful login, if ipHostAccessPostLoginURL is empty,
|
|
right frame is kept. Otherwise, right frame is replaced by
|
|
related external post-login-page.
|
|
- true: Single frame is used. URL specifies external login-page
|
|
to be used instead of internal one. External server must make
|
|
sure that client sends its account-data to Hotspot-gateway
|
|
for access-control afterwards. After successful login,
|
|
if ipHostAccessPostLoginURL is empty, frame is replaced by
|
|
internal status-page. Otherwise, frame is replaced by related
|
|
external post-login-page.
|
|
This field can be deactivated via empty string or via field
|
|
ipHostAccessWalledStatus. In this case, the following
|
|
default-scenario applies: Single frame and internal login-page
|
|
is used. After successful login, if ipHostAccessPostLoginURL is
|
|
empty, frame is replaced by internal status-page. Otherwise,
|
|
is replaced by related external post-login-page."
|
|
DEFVAL { "" }
|
|
::= { ipHostAccessEntry 6 }
|
|
|
|
ipHostAccessTermsURL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The URL of the Terms & Conditions link shown in the internal
|
|
login-page, e.g. 'http://www.thecompany.com/'.
|
|
This field can be deactivated via empty string or via field
|
|
ipHostAccessWalledStatus or indirectly (together with internal
|
|
login-page) via field ipHostAccessLoginViaWalledGarden."
|
|
DEFVAL { "" }
|
|
::= { ipHostAccessEntry 7 }
|
|
|
|
ipHostAccessUserDomain OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The domain name which automatically will be appended
|
|
to the username during authentication."
|
|
DEFVAL { "" }
|
|
::= { ipHostAccessEntry 8 }
|
|
|
|
ipHostAccessReAuthenticatePeriod OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The re-authentication-period in seconds.
|
|
A value of 0 is interpreted as NO re-authentications."
|
|
DEFVAL { 300 }
|
|
::= { ipHostAccessEntry 9 }
|
|
|
|
ipHostAccessDefaultSessionTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default session-timeout-period in seconds that is used if the
|
|
Radius-server does not specify it. In deviation from RFC 2865,
|
|
section 5.27, a value of 0 is interpreted as NO session-timeout."
|
|
DEFVAL { 0 }
|
|
::= { ipHostAccessEntry 10 }
|
|
|
|
ipHostAccessDefaultMaxTransfer OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default maximum number of received plus sent bytes if the
|
|
Radius-server does not specify it. 0 means NO limit. Radius
|
|
standard does not specify any attribute for this maximum."
|
|
DEFVAL { 0 }
|
|
::= { ipHostAccessEntry 11 }
|
|
|
|
ipHostAccessDefaultIdleTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default idle-timeout-period in seconds that is used if the
|
|
Radius-server does not specify it. In deviation from RFC 2865,
|
|
section 5.28, a value of 0 is interpreted as NO idle-timeout."
|
|
DEFVAL { 600 }
|
|
::= { ipHostAccessEntry 12 }
|
|
|
|
ipHostAccessDefaultAcctInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default accounting-interim-interval in seconds that is used
|
|
if the Radius-server does not specify it. In deviation from
|
|
RFC 2869, section 5.16, a value of 0 means NO interim-updates."
|
|
DEFVAL { 60 }
|
|
::= { ipHostAccessEntry 13 }
|
|
|
|
ipHostAccessSessionTimeReporting OBJECT-TYPE
|
|
SYNTAX INTEGER { with-idle-time(1), without-idle-time(2) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Toggles calculation of session-time (RFC 2866, section 5.7).
|
|
For with-idle-time(1), the session-start is subtracted from the
|
|
current time. For without-idle-time(2), it is subtracted from
|
|
time of the latest sent/received accounting-relevant data."
|
|
DEFVAL { with-idle-time }
|
|
::= { ipHostAccessEntry 14 }
|
|
|
|
ipHostAccessWalledStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Toggles activation of walled-garden-feature and of dependent
|
|
fields ipHostAccessWalledNetwork, ipHostAccessWalledNetmask,
|
|
ipHostAccessWalledURL, ipHostAccessTermsURL,
|
|
ipHostAccessLoginViaWalledGarden, and of dependent table
|
|
ipWalledGardenDomainCfgTable."
|
|
DEFVAL { enabled }
|
|
::= { ipHostAccessEntry 15 }
|
|
|
|
ipHostAccessDefaultLanguage OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(3))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Default-language used for Web-interface."
|
|
DEFVAL { "eng" }
|
|
::= { ipHostAccessEntry 16 }
|
|
|
|
ipHostAccessIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique index of this entry."
|
|
::= { ipHostAccessEntry 17 }
|
|
|
|
ipHostAccessLoginViaWalledGarden OBJECT-TYPE
|
|
SYNTAX INTEGER { false(1), true(2) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Toggles between internal and external/customised login-page.
|
|
- false: Internal login-page is used.
|
|
- true: External login-page is used.
|
|
More details on possible scenarios are described with field
|
|
ipHostAccessWalledURL."
|
|
DEFVAL { false }
|
|
::= { ipHostAccessEntry 18 }
|
|
|
|
ipHostAccessPopupStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Toggles whether browser is requested to open popup-window with
|
|
status-info after successful login."
|
|
DEFVAL { enabled }
|
|
::= { ipHostAccessEntry 19 }
|
|
|
|
ipHostAccessPostLoginURL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The URL of the external page to be shown after successful login.
|
|
This field can be deactivated via empty string.
|
|
More details on possible scenarios are described with field
|
|
ipHostAccessWalledURL."
|
|
DEFVAL { "" }
|
|
::= { ipHostAccessEntry 20 }
|
|
|
|
ipHostAccessReAuthenticateTries OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of subsequent re-authentication-attempts before related
|
|
client-session is aborted when RADIUS-replies are missing.
|
|
Sets balance between tight synchronisation with RADIUS-server
|
|
and robustness against temporary wide-area-network-losses.
|
|
A value of 1 means that sessions are aborted immediately after
|
|
1st missing reply. With higher values, subsequent attempts are
|
|
done with regular re-authentication-period. Negative replies are
|
|
still processed immediately and not affected by this setting."
|
|
DEFVAL { 20 }
|
|
::= { ipHostAccessEntry 21 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipHostAccessClientTable
|
|
---------------------------------------------------------------------------
|
|
|
|
ipHostAccessClientTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpHostAccessClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"List of known clients which requested host
|
|
access authentication."
|
|
::= { hacc 2 }
|
|
|
|
ipHostAccessClientEntry OBJECT-TYPE
|
|
SYNTAX IpHostAccessClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry representing a client on a particular interface which
|
|
has requested host access authentication."
|
|
INDEX { ipHostAccessClientIfIndex, ipHostAccessClientAddr }
|
|
|
|
::= { ipHostAccessClientTable 1 }
|
|
|
|
IpHostAccessClientEntry ::=
|
|
SEQUENCE {
|
|
ipHostAccessClientIfIndex INTEGER,
|
|
ipHostAccessClientUser DisplayString,
|
|
ipHostAccessClientPassword DisplayString,
|
|
ipHostAccessClientAddr IpAddress,
|
|
ipHostAccessClientPhysAddr PhysAddress,
|
|
ipHostAccessClientLogon Date,
|
|
ipHostAccessClientExpires Date,
|
|
ipHostAccessClientAdminStatus INTEGER,
|
|
ipHostAccessClientMaxTransfer Counter64,
|
|
ipHostAccessClientInPkts Counter64,
|
|
ipHostAccessClientOutPkts Counter64,
|
|
ipHostAccessClientInOctets Counter64,
|
|
ipHostAccessClientOutOctets Counter64,
|
|
ipHostAccessClientLastAccountedRx Date,
|
|
ipHostAccessClientLastAccountedTx Date,
|
|
ipHostAccessClientLastWGardenRx Date,
|
|
ipHostAccessClientLastWGardenTx Date,
|
|
ipHostAccessClientLastLocalRx Date,
|
|
ipHostAccessClientLastLocalTx Date,
|
|
ipHostAccessClientLastAuthenticate Date,
|
|
ipHostAccessClientLastAccounting Date,
|
|
ipHostAccessClientReportedInOctets Counter64,
|
|
ipHostAccessClientReportedOutOctets Counter64,
|
|
ipHostAccessClientReportedSessionTime Unsigned32,
|
|
ipHostAccessClientIdleTimeout Unsigned32,
|
|
ipHostAccessClientAcctInterval Unsigned32,
|
|
ipHostAccessClientSessionTimeReporting INTEGER,
|
|
ipHostAccessClientTerminateCause Unsigned32,
|
|
ipHostAccessClientNoReplyCounter Unsigned32
|
|
}
|
|
|
|
ipHostAccessClientIfIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface index where the client is coming from."
|
|
::= { ipHostAccessClientEntry 1 }
|
|
|
|
ipHostAccessClientUser OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client's user name in upper/lower-case-writing as entered by
|
|
the user. Please note that only one entry per user is allowed.
|
|
The internal check for double-entries is done case-insensitively
|
|
because many people use upper/lower-cases inconsistently. This
|
|
must be considered also by the Radius-server-operator."
|
|
::= { ipHostAccessClientEntry 2 }
|
|
|
|
ipHostAccessClientPassword OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client password."
|
|
::= { ipHostAccessClientEntry 3 }
|
|
|
|
ipHostAccessClientAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client's IP address."
|
|
::= { ipHostAccessClientEntry 4 }
|
|
|
|
ipHostAccessClientPhysAddr OBJECT-TYPE
|
|
SYNTAX PhysAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client's hardware address."
|
|
::= { ipHostAccessClientEntry 5 }
|
|
|
|
ipHostAccessClientLogon OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the client has successfully authenticated.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 6 }
|
|
|
|
ipHostAccessClientExpires OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time when the client expires. 0 means NO expiry.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 7 }
|
|
|
|
ipHostAccessClientAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { active(1), delete(2), pending(3) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The client-status is initialised to <pending>. After successful
|
|
(initial) authentication, it is updated to <active>. Setting it
|
|
to <delete> kills the related client-entry and triggers the final
|
|
Radius-account-request. In case that a specific terminate-cause
|
|
shall be reported, ipHostAccessClientTerminateCause must be set
|
|
accordingly before triggering the <delete>."
|
|
DEFVAL { pending }
|
|
::= { ipHostAccessClientEntry 8 }
|
|
|
|
ipHostAccessClientMaxTransfer OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Max. number of bytes this client can transfer. 0 means NO limit.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 9 }
|
|
|
|
ipHostAccessClientInPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Current number of incoming packets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 10 }
|
|
|
|
ipHostAccessClientOutPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Current number of outgoing packets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 11 }
|
|
|
|
ipHostAccessClientInOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Current number of incoming octets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 12 }
|
|
|
|
ipHostAccessClientOutOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Current number of outgoing octets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 13 }
|
|
|
|
ipHostAccessClientLastAccountedRx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest in-packet: accounted-remote->client
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 14 }
|
|
|
|
ipHostAccessClientLastAccountedTx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest out-packet: client->accounted-remote
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 15 }
|
|
|
|
ipHostAccessClientLastWGardenRx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest in-packet: walled-garden->client
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 16 }
|
|
|
|
ipHostAccessClientLastWGardenTx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest out-packet: client->walled-garden
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 17 }
|
|
|
|
ipHostAccessClientLastLocalRx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest in-packet: router->client
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 18 }
|
|
|
|
ipHostAccessClientLastLocalTx OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest out-packet: client->router
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 19 }
|
|
|
|
ipHostAccessClientLastAuthenticate OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest access-request."
|
|
::= { ipHostAccessClientEntry 20 }
|
|
|
|
ipHostAccessClientLastAccounting OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Timestamp of latest accounting-request.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 21 }
|
|
|
|
ipHostAccessClientReportedInOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Latest reported number of incoming octets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 22 }
|
|
|
|
ipHostAccessClientReportedOutOctets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Latest reported number of outgoing octets for this client.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 23 }
|
|
|
|
ipHostAccessClientReportedSessionTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Latest reported session-time in seconds.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 24 }
|
|
|
|
ipHostAccessClientIdleTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The idle-timeout-period in seconds that is used for the client
|
|
(coming from Radius-server or from default-value).
|
|
In deviation from RFC 2865, section 5.28, a value of 0 is
|
|
interpreted as NO idle-timeout.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 25 }
|
|
|
|
ipHostAccessClientAcctInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "s"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The accounting-interim-interval in seconds that is used for the
|
|
client (coming from Radius-server or from default-value).
|
|
In deviation from RFC 2869, section 5.16, a value of 0 is
|
|
interpreted as NO interim-updates.
|
|
Valid only if ipHostAccessClientAdminStatus is NOT pending."
|
|
::= { ipHostAccessClientEntry 26 }
|
|
|
|
ipHostAccessClientSessionTimeReporting OBJECT-TYPE
|
|
SYNTAX INTEGER { with-idle-time(1), without-idle-time(2) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Copied from related ipHostAccessSessionTimeReporting entry.
|
|
This avoids complications when this field is toggled."
|
|
DEFVAL { with-idle-time }
|
|
::= { ipHostAccessClientEntry 27 }
|
|
|
|
ipHostAccessClientTerminateCause OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The accounting-terminate-cause as described in RFC 2866,
|
|
section 5.10. See ipHostAccessClientAdminStatus for more details.
|
|
If not set explicitly, <Lost Service> is used as default-value."
|
|
DEFVAL { 0 }
|
|
::= { ipHostAccessClientEntry 28 }
|
|
|
|
ipHostAccessClientNoReplyCounter OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter is initialised to 0 and increased whenever
|
|
re-authentication fails because of no reply (e.g. because WAN
|
|
down or server too slow). It is reset whenever re-authentication
|
|
succeeds. When the counter reaches the limit that is specified
|
|
by ipHostAccessReAuthenticateTries, the client is removed."
|
|
DEFVAL { 0 }
|
|
::= { ipHostAccessClientEntry 29 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipHostAccessStat
|
|
---------------------------------------------------------------------------
|
|
|
|
ipHostAccessStat OBJECT IDENTIFIER
|
|
::= { hacc 3 }
|
|
|
|
ipHostAccessStatLoginCnt OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of client-login-attempts since system-start.
|
|
Any write-access causes reset to 0."
|
|
::= { ipHostAccessStat 1 }
|
|
|
|
ipHostAccessStatLoginTime OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Last time when ipHostAccessStatLoginCnt was set."
|
|
::= { ipHostAccessStat 2 }
|
|
|
|
ipHostAccessStatCurClientsCnt OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current number of authenticated or pending clients.
|
|
Further login-attempts are rejected if this value already reached
|
|
ipHostAccessStatMaxClientsLimit."
|
|
::= { ipHostAccessStat 3 }
|
|
|
|
ipHostAccessStatMaxClientsCnt OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum observed value of ipHostAccessStatCurClientsCnt since
|
|
system-start. Any write-access causes initialisation to current
|
|
value of ipHostAccessStatCurClientsCnt."
|
|
::= { ipHostAccessStat 4 }
|
|
|
|
ipHostAccessStatMaxClientsTime OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Last time when ipHostAccessStatMaxClientsCnt was set."
|
|
::= { ipHostAccessStat 5 }
|
|
|
|
ipHostAccessStatRedirectCnt OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of redirects to local HTTP-server since system-start.
|
|
Any write-access causes reset to 0."
|
|
::= { ipHostAccessStat 6 }
|
|
|
|
ipHostAccessStatRedirectTime OBJECT-TYPE
|
|
SYNTAX Date
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Last time when ipHostAccessStatRedirectCnt was set."
|
|
::= { ipHostAccessStat 7 }
|
|
|
|
ipHostAccessStatMaxClientsLimit OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Maximum allowed value for ipHostAccessStatCurClientsCnt.
|
|
Any login-attempts beyond this limit are rejected."
|
|
::= { ipHostAccessStat 8 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipWalledGardenDomainCfgTable
|
|
---------------------------------------------------------------------------
|
|
|
|
ipWalledGardenDomainCfgTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpWalledGardenDomainCfgEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of allowed domains for ipHostAccess"
|
|
::= { hacc 4 }
|
|
|
|
ipWalledGardenDomainCfgEntry OBJECT-TYPE
|
|
SYNTAX IpWalledGardenDomainCfgEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
INDEX { ipWalledGardenDomainCfgIndex }
|
|
::= { ipWalledGardenDomainCfgTable 1 }
|
|
|
|
IpWalledGardenDomainCfgEntry ::=
|
|
SEQUENCE {
|
|
ipWalledGardenDomainCfgIndex INTEGER,
|
|
ipWalledGardenDomainCfgAdminStatus INTEGER,
|
|
ipWalledGardenDomainCfgHaccIndex INTEGER,
|
|
ipWalledGardenDomainCfgName DisplayString
|
|
}
|
|
|
|
ipWalledGardenDomainCfgIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique index of this entry."
|
|
::= { ipWalledGardenDomainCfgEntry 1 }
|
|
|
|
ipWalledGardenDomainCfgAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2), delete(3) }
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The administrative status of this entry."
|
|
DEFVAL { enabled }
|
|
::= { ipWalledGardenDomainCfgEntry 2 }
|
|
|
|
ipWalledGardenDomainCfgHaccIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The parent index in ipHostAccessTable (ipHostAccessIndex)"
|
|
::= { ipWalledGardenDomainCfgEntry 3 }
|
|
|
|
ipWalledGardenDomainCfgName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The domain name or IP address in dotted format."
|
|
DEFVAL { "" }
|
|
::= { ipWalledGardenDomainCfgEntry 4 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipWalledGardenDomainOperTable
|
|
---------------------------------------------------------------------------
|
|
|
|
ipWalledGardenDomainOperTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpWalledGardenDomainOperEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Oper table of allowed domains for ipHostAccess"
|
|
::= { hacc 5 }
|
|
|
|
ipWalledGardenDomainOperEntry OBJECT-TYPE
|
|
SYNTAX IpWalledGardenDomainOperEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
INDEX { ipWalledGardenDomainOperIndex }
|
|
::= { ipWalledGardenDomainOperTable 1 }
|
|
|
|
IpWalledGardenDomainOperEntry ::=
|
|
SEQUENCE {
|
|
ipWalledGardenDomainOperIndex INTEGER,
|
|
ipWalledGardenDomainOperCfgIndex INTEGER,
|
|
ipWalledGardenDomainOperHaccIndex INTEGER,
|
|
ipWalledGardenDomainOperName DisplayString,
|
|
ipWalledGardenDomainOperTtl INTEGER
|
|
}
|
|
|
|
ipWalledGardenDomainOperIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique index of this entry."
|
|
::= { ipWalledGardenDomainOperEntry 1 }
|
|
|
|
ipWalledGardenDomainOperCfgIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The parent index in ipWalledGardenDomainCfgTable
|
|
(ipWalledGardenDomainCfgIndex). This might be 0 if no relation to
|
|
any ipWalledGardenDomainCfgTable exists."
|
|
::= { ipWalledGardenDomainOperEntry 2 }
|
|
|
|
ipWalledGardenDomainOperHaccIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The parent index in ipHostAccessTable (ipHostAccessIndex)"
|
|
::= { ipWalledGardenDomainOperEntry 3 }
|
|
|
|
ipWalledGardenDomainOperName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The domain name or IP address in dotted format."
|
|
DEFVAL { "" }
|
|
::= { ipWalledGardenDomainOperEntry 4 }
|
|
|
|
ipWalledGardenDomainOperTtl OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time to live until next DNS query has to be initiated."
|
|
::= { ipWalledGardenDomainOperEntry 5 }
|
|
|
|
---------------------------------------------------------------------------
|
|
-- ipWalledGardenAddressTable
|
|
---------------------------------------------------------------------------
|
|
|
|
ipWalledGardenAddressTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IpWalledGardenAddressEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of allowed addresses for ipHostAccess"
|
|
::= { hacc 6 }
|
|
|
|
ipWalledGardenAddressEntry OBJECT-TYPE
|
|
SYNTAX IpWalledGardenAddressEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry representing an IP address for which
|
|
host access authentication is enabled."
|
|
INDEX { ipWalledGardenAddressDomainOperIndex, ipWalledGardenAddressNetwork }
|
|
::= { ipWalledGardenAddressTable 1 }
|
|
|
|
IpWalledGardenAddressEntry ::=
|
|
SEQUENCE {
|
|
ipWalledGardenAddressDomainOperIndex INTEGER,
|
|
ipWalledGardenAddressNetwork IpAddress
|
|
}
|
|
|
|
ipWalledGardenAddressDomainOperIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The parent index in ipWalledGardenDomainOperTable with same
|
|
value for ipWalledGardenDomainOperIndex."
|
|
::= { ipWalledGardenAddressEntry 1 }
|
|
|
|
ipWalledGardenAddressNetwork OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies together with ipWalledGardenAddressNetmask
|
|
the network where hosts can communicate without authorization."
|
|
::= { ipWalledGardenAddressEntry 2 }
|
|
|
|
END
|