1197 lines
42 KiB
Plaintext
1197 lines
42 KiB
Plaintext
ENTERASYS-ANTI-SPOOF-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- enterasys-anti-spoof-mib.txt
|
|
--
|
|
-- Part Number:
|
|
--
|
|
--
|
|
|
|
-- This module provides authoritative definitions for Enterasys
|
|
-- Networks' Anti-Spoof functionality.
|
|
|
|
-- Enterasys Networks reserves the right to make changes in this
|
|
-- specification and other information contained in this document
|
|
-- without prior notice. The reader should consult Enterasys Networks
|
|
-- to determine whether any such changes have been made.
|
|
--
|
|
-- In no event shall Enterasys Networks be liable for any incidental,
|
|
-- indirect, special, or consequential damages whatsoever (including
|
|
-- but not limited to lost profits) arising out of or related to this
|
|
-- document or the information contained in it, even if Enterasys
|
|
-- Networks has been advised of, known, or should have known, the
|
|
-- possibility of such damages.
|
|
--
|
|
-- Enterasys Networks grants vendors, end-users, and other interested
|
|
-- parties a non-exclusive license to use this Specification in
|
|
-- connection with the management of Enterasys Networks products.
|
|
|
|
-- Copyright January 2013 Enterasys Networks, Inc.
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
Unsigned32, Counter32, Integer32
|
|
FROM SNMPv2-SMI
|
|
TEXTUAL-CONVENTION, TruthValue, MacAddress
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
ifIndex, InterfaceIndexOrZero, InterfaceIndex
|
|
FROM IF-MIB
|
|
InetAddress, InetAddressType
|
|
FROM INET-ADDRESS-MIB
|
|
EnabledStatus
|
|
FROM P-BRIDGE-MIB
|
|
etsysModules
|
|
FROM ENTERASYS-MIB-NAMES;
|
|
|
|
etsysAntiSpoofMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201301151631Z" -- Tue Jan 15 16:31 UTC 2013
|
|
ORGANIZATION "Enterasys Networks, Inc."
|
|
CONTACT-INFO
|
|
"Postal: Enterasys Networks
|
|
50 Minuteman Rd.
|
|
Andover, MA 01810-1008
|
|
USA
|
|
Phone: +1 978 684 1000
|
|
E-mail: support@enterasys.com
|
|
WWW: http://www.enterasys.com"
|
|
|
|
DESCRIPTION
|
|
"This MIB module defines a portion of the SNMP MIB under
|
|
the Enterasys Networks enterprise OID pertaining to
|
|
configuration of the anti-spoofing feature."
|
|
|
|
REVISION "201301151631Z" -- Tue Jan 15 16:31 UTC 2013
|
|
DESCRIPTION "Updated informational front and back text sections."
|
|
|
|
REVISION "201210311355Z" -- Wed Oct 31 1:55 UTC 2012
|
|
DESCRIPTION "Initial version of this MIB module."
|
|
::= { etsysModules 96 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Textual Conventions
|
|
-- -------------------------------------------------------------
|
|
AntiSpoofPortAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The possible actions that the anti-spoofing feature can
|
|
take when a user exceeds the associated threshold limits.
|
|
|
|
generateSyslog(0)
|
|
Generate the appropriate logging message.
|
|
|
|
generateNotification(1)
|
|
Generate the respective SNMP notification.
|
|
|
|
quarantineUser(2)
|
|
Assign user traffic to the quarantine profile
|
|
as determined by the respective profile-index."
|
|
SYNTAX BITS {
|
|
generateSyslog(0),
|
|
generateNotification(1),
|
|
quarantineUser(2)
|
|
}
|
|
|
|
AntiSpoofInspectionType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The possible type of inspection to use on incoming traffic
|
|
on a given port.
|
|
|
|
enabled(1)
|
|
Allows dynamic inspection to occur and will create bindings
|
|
in the binding database based on the inspection.
|
|
|
|
disabled(2)
|
|
Disable both dynamic inspection and the creation of bindings.
|
|
|
|
inspectionOnly(3)
|
|
Allows dynamic inspection of packets to occur but will not
|
|
create any bindings in the binding database."
|
|
|
|
SYNTAX INTEGER {
|
|
enabled(1),
|
|
disabled(2),
|
|
inspectionOnly(3)
|
|
}
|
|
|
|
AntiSpoofThresholdType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mode the threshold entry will operate in.
|
|
|
|
ipv4Change(1)
|
|
The threshold action will occur when a user's IPv4 address
|
|
changes a number of times equal to the threshold value.
|
|
|
|
ipv6Change(2)
|
|
The threshold action will occur when a user's IPv6 address
|
|
changes a number of times equal to the threshold value.
|
|
|
|
portChange(3)
|
|
The threshold action will occur when the port that a user
|
|
resides on changes a number of times equal to the threshold
|
|
value."
|
|
SYNTAX INTEGER {
|
|
ipv4Change(1),
|
|
ipv6Change(2),
|
|
portChange(3)
|
|
}
|
|
|
|
AntiSpoofPortType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The port type mode determines how DHCP traffic is handled.
|
|
|
|
trusted(1)
|
|
When a port is set to trusted mode DHCP server traffic
|
|
is accepted and used to create bindings for the client,
|
|
with no binding verification for connected clients.
|
|
|
|
bypass(2)
|
|
When a port is set to bypass mode DHCP server traffic
|
|
is allowed to pass without any snooping.
|
|
|
|
untrusted(3)
|
|
When a port is set to untrusted mode client bindings
|
|
will be verified for all traffic, depending on
|
|
feature configuration."
|
|
SYNTAX INTEGER {
|
|
trusted(1),
|
|
bypass(2),
|
|
untrusted(3)
|
|
}
|
|
|
|
AntiSpoofBindingType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The method by which a given client binding was created.
|
|
|
|
dhcp(1)
|
|
This indicates that a binding was created by DHCP MAC
|
|
verification.
|
|
|
|
arp(2)
|
|
This indicates that a binding was created by dynamic
|
|
ARP inspection.
|
|
|
|
ip(3)
|
|
This indicates that the binding was created by dynamic
|
|
IP inspection."
|
|
SYNTAX INTEGER {
|
|
dhcp(1),
|
|
arp(2),
|
|
ip(3)
|
|
}
|
|
|
|
EtsysInstanceOID ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A partial OBJECT IDENTIFIER suitable for use as instancing
|
|
for other MIB objects. The definition of an OBJECT IDENTIFIER
|
|
requires that all OIDs start with zero or one, consequently, the
|
|
first two sub-ids of a EtsysInstanceOID will always be {0,0}."
|
|
SYNTAX OBJECT IDENTIFIER
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Branches of the Enterasys Anti Spoofing MIB
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysAntiSpoofObjects
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofMIB 1 }
|
|
|
|
etsysAntiSpoofSystemBranch
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofObjects 1 }
|
|
|
|
etsysAntiSpoofClassBranch
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofObjects 2 }
|
|
|
|
etsysAntiSpoofPortBranch
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofObjects 3 }
|
|
|
|
etsysAntiSpoofBindingBranch
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofObjects 4 }
|
|
|
|
etsysAntiSpoofNotificationBranch
|
|
OBJECT IDENTIFIER ::= { etsysAntiSpoofObjects 0 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Anti Spoofing System Branch
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofSystemState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When enabled(1), all objects in this MIB are fully active.
|
|
When disabled(2), this object overrides all other object
|
|
settings in this MIB without affecting their values. Maintaining
|
|
the value of this object across agent reboots is REQUIRED."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofSystemBranch 1 }
|
|
|
|
etsysAntiSpoofMaxClassIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum number of class indexes available in the system."
|
|
::= { etsysAntiSpoofSystemBranch 2 }
|
|
|
|
etsysAntiSpoofMaxClassThresholdIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum number of threshold indexes able to be associated
|
|
with a particular class."
|
|
::= { etsysAntiSpoofSystemBranch 3 }
|
|
|
|
|
|
etsysAntiSpoofSystemSnmpNotifications OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current state of the SNMP Notification functionality in
|
|
the Anti Spoofing feature.
|
|
|
|
enabled (1) - Anti-Spoofing will generate SNMP Notifications
|
|
for user IP address or port changes that exceed
|
|
the configured limits. The Anti-Spoofing feature
|
|
MUST be enabled for SNMP Notifications to be
|
|
generated.
|
|
|
|
disabled (2) - Anti-Spoofing will not generate SNMP
|
|
Notifications under any conditions.
|
|
|
|
A notification is generated when a value is first detected
|
|
above its respective configured limit. That notification
|
|
SHOULD NOT be generated again until the configured notification
|
|
timeout period has elapsed.
|
|
|
|
Agents are not required to generate SNMP Notifications for
|
|
conditions that exist when this object is set to enabled.
|
|
SNMP Notifications MAY only be generated after additional
|
|
IP address changes are detected that exceed the configured
|
|
limits for the user.
|
|
|
|
Maintaining the value of this object across agent reboots is
|
|
REQUIRED."
|
|
DEFVAL { enabled }
|
|
::= { etsysAntiSpoofSystemBranch 4 }
|
|
|
|
etsysAntiSpoofSystemNotificationInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..86400)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of seconds to wait before generating another
|
|
notification of the same type for the same user.
|
|
This allows notification generation to be throttled in
|
|
the case of a user who continually changes IP addresses.
|
|
A value of zero indicates that the entity SHOULD NOT suppress
|
|
any notifications related to the Anti-Spoofing feature.
|
|
Maintaining the value of this object across agent reboots
|
|
is REQUIRED."
|
|
DEFVAL { 60 }
|
|
::= { etsysAntiSpoofSystemBranch 5 }
|
|
|
|
etsysAntiSpoofDuplicateIpControl OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this is set to enabled(1) any IP changes will be checked
|
|
across the system to ensure that the newly configured IP
|
|
address is not already present. If the IP is present in the system
|
|
then a syslog and or trap will be issued.
|
|
When set to disabled(2) this check will not occur."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofSystemBranch 6 }
|
|
|
|
etsysAntiSpoofSupportedActionTypes OBJECT-TYPE
|
|
SYNTAX AntiSpoofPortAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies that anti-spoofing action types that the
|
|
device supports. A bit will be set for each corresponding
|
|
type that is supported."
|
|
::= { etsysAntiSpoofSystemBranch 7 }
|
|
|
|
etsysAntiSpoofSupportedThresholdTypes OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
ipv4Change(0),
|
|
ipv6Change(1),
|
|
portChange(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies that anti-spoofing threshold types that
|
|
the device supports. A bit will be set for each corresponding
|
|
type that is supported."
|
|
::= { etsysAntiSpoofSystemBranch 8 }
|
|
|
|
etsysAntiSpoofSupportedBindingTypes OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
dhcp(0),
|
|
arp(1),
|
|
ip(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies that anti-spoofing binding types that
|
|
the device supports. A bit will be set for each corresponding
|
|
type that is supported."
|
|
::= { etsysAntiSpoofSystemBranch 9 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Anti-Spoofing Class Configuration Branch
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofClassTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofClassEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides for the configuring of each of the classes present in
|
|
Anti-Spoofing.
|
|
|
|
Maintaining the value of the objects in this table across
|
|
agent reboots is REQUIRED."
|
|
::= { etsysAntiSpoofClassBranch 1 }
|
|
|
|
etsysAntiSpoofClassEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofClassEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per class properties."
|
|
INDEX { etsysAntiSpoofClassIndex }
|
|
::= { etsysAntiSpoofClassTable 1 }
|
|
|
|
EtsysAntiSpoofClassEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofClassIndex
|
|
Unsigned32,
|
|
etsysAntiSpoofClassName
|
|
SnmpAdminString,
|
|
etsysAntiSpoofClassTimeout
|
|
Unsigned32
|
|
}
|
|
etsysAntiSpoofClassIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of class that this row represents. This
|
|
index has a value between one(1) and
|
|
etsysAntiSpoofMaxClassIndex."
|
|
::= { etsysAntiSpoofClassEntry 1 }
|
|
|
|
etsysAntiSpoofClassName OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE(0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Administratively assigned textual description of this class."
|
|
::= { etsysAntiSpoofClassEntry 2 }
|
|
|
|
etsysAntiSpoofClassTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of seconds to wait before administratively
|
|
resetting the counters of the bindings which are based on this
|
|
class associated with this class. A value of zero indicates
|
|
that the counters will not be reset automatically."
|
|
DEFVAL { 600 }
|
|
::= { etsysAntiSpoofClassEntry 3 }
|
|
|
|
etsysAntiSpoofThresholdTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofThresholdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Provides for the configuration of the Anti-Spoofing feature's
|
|
various thresholds.
|
|
|
|
Maintaining the value of the objects in this table across
|
|
agent reboots is REQUIRED."
|
|
::= { etsysAntiSpoofClassBranch 2 }
|
|
|
|
etsysAntiSpoofThresholdEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofThresholdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry providing per class, per threshold configuration."
|
|
INDEX { etsysAntiSpoofClassIndex, etsysAntiSpoofThresholdIndex }
|
|
::= { etsysAntiSpoofThresholdTable 1 }
|
|
|
|
EtsysAntiSpoofThresholdEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofThresholdIndex
|
|
Unsigned32,
|
|
etsysAntiSpoofThresholdValue
|
|
Unsigned32,
|
|
etsysAntiSpoofThresholdActionMask
|
|
AntiSpoofPortAction,
|
|
etsysAntiSpoofThresholdActionQuarantineValue
|
|
Integer32,
|
|
etsysAntiSpoofThresholdType
|
|
AntiSpoofThresholdType
|
|
}
|
|
|
|
etsysAntiSpoofThresholdIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the threshold that this row represents. This
|
|
index has a value between one(1) and
|
|
etsysAntiSpoofMaxClassThresholdIndex."
|
|
::= { etsysAntiSpoofThresholdEntry 1 }
|
|
|
|
etsysAntiSpoofThresholdValue OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The threshold at which the action defined by the class is
|
|
taken. A value of zero(0) indicates that the threshold
|
|
actions will never take place."
|
|
::= { etsysAntiSpoofThresholdEntry 2 }
|
|
|
|
etsysAntiSpoofThresholdActionMask OBJECT-TYPE
|
|
SYNTAX AntiSpoofPortAction
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action(s) that will be taken when the threshold in the class
|
|
represented by this row is reached."
|
|
::= { etsysAntiSpoofThresholdEntry 3 }
|
|
|
|
etsysAntiSpoofThresholdActionQuarantineValue OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A value that delineates the policy quarantine index to which the
|
|
user will be assigned. This value is only used if the
|
|
quarantineUser(2) bit is set in the
|
|
etsysAntiSpoofThresholdActionMask."
|
|
::= { etsysAntiSpoofThresholdEntry 4 }
|
|
|
|
etsysAntiSpoofThresholdType OBJECT-TYPE
|
|
SYNTAX AntiSpoofThresholdType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The class type associated with this entry."
|
|
::= { etsysAntiSpoofThresholdEntry 5 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Anti-Spoofing Port Branch
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofPortConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofPortConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of per port information and configuration for
|
|
Anti-Spoofing."
|
|
::= { etsysAntiSpoofPortBranch 1 }
|
|
|
|
etsysAntiSpoofPortConfigEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofPortConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per port Anti-Spoofing data."
|
|
INDEX { ifIndex }
|
|
::= { etsysAntiSpoofPortConfigTable 1 }
|
|
|
|
EtsysAntiSpoofPortConfigEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofDHCPMode
|
|
EnabledStatus,
|
|
etsysAntiSpoofDHCPMacVerify
|
|
EnabledStatus,
|
|
etsysAntiSpoofArpInspection
|
|
AntiSpoofInspectionType,
|
|
etsysAntiSpoofIpInspection
|
|
AntiSpoofInspectionType,
|
|
etsysAntiSpoofPortClassIndex
|
|
Unsigned32,
|
|
etsysAntiSpoofUntrustedTrafficPacketCounter
|
|
Counter32
|
|
}
|
|
|
|
etsysAntiSpoofDHCPMode OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object allows for the enabling or disabling of DHCP
|
|
Snooping functionality on a per-port basis."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofPortConfigEntry 1 }
|
|
|
|
etsysAntiSpoofDHCPMacVerify OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object allows for the enabling or disabling of
|
|
DHCP-Snooping to verify the source address MAC with chaddr in
|
|
DHCP packets on incoming client messages."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofPortConfigEntry 2 }
|
|
|
|
etsysAntiSpoofArpInspection OBJECT-TYPE
|
|
SYNTAX AntiSpoofInspectionType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), dynamic ARP inspection is allowed on this
|
|
port.
|
|
When set to disabled(2), dynamic ARP inspection is not allowed on
|
|
this port.
|
|
When set to inspectionOnly(3), dynamic ARP inspection will occur
|
|
but will not be used to create bindings."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofPortConfigEntry 3 }
|
|
|
|
etsysAntiSpoofIpInspection OBJECT-TYPE
|
|
SYNTAX AntiSpoofInspectionType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), dynamic IP inspection is allowed on this
|
|
port.
|
|
When set to disabled(2), dynamic IP inspection is not allowed on
|
|
this port.
|
|
When set to inspectionOnly(3), dynamic IP inspection will occur
|
|
but will not be used to create bindings."
|
|
DEFVAL { disabled }
|
|
::= { etsysAntiSpoofPortConfigEntry 4 }
|
|
|
|
etsysAntiSpoofPortClassIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This value represents the class index to be used for the given
|
|
port. The special case value of zero(0) indicates that no class
|
|
index will be used for this port."
|
|
DEFVAL { 0 }
|
|
::= { etsysAntiSpoofPortConfigEntry 5 }
|
|
|
|
etsysAntiSpoofUntrustedTrafficPacketCounter OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter is used to measure the number of DHCP server
|
|
packets received on this port. This counter will only
|
|
increment when the etsysAntiSpoofPortType is set to
|
|
untrusted(3)."
|
|
::= { etsysAntiSpoofPortConfigEntry 6 }
|
|
|
|
etsysAntiSpoofPortTypeTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofPortTypeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table containing port type information for each
|
|
port in the system that supports anti-spoofing."
|
|
::= { etsysAntiSpoofPortBranch 2 }
|
|
|
|
etsysAntiSpoofPortTypeEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofPortTypeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per port anti-spoofing configuration data."
|
|
INDEX { ifIndex }
|
|
::= { etsysAntiSpoofPortTypeTable 1 }
|
|
|
|
EtsysAntiSpoofPortTypeEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofPortType
|
|
AntiSpoofPortType
|
|
}
|
|
|
|
etsysAntiSpoofPortType OBJECT-TYPE
|
|
SYNTAX AntiSpoofPortType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the port type to be used for this port.
|
|
The port type indicates how DHCP traffic is handled."
|
|
DEFVAL { untrusted }
|
|
::= { etsysAntiSpoofPortTypeEntry 1 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Anti Spoofing Binding Branch
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofStationBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofStationBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table containing information pertaining to the current active
|
|
bindings set up through Anti-Spoofing."
|
|
::= { etsysAntiSpoofBindingBranch 1 }
|
|
|
|
etsysAntiSpoofStationBindingEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofStationBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per binding data."
|
|
INDEX { etsysAntiSpoofStationBindingEntryIndex }
|
|
::= { etsysAntiSpoofStationBindingTable 1 }
|
|
|
|
EtsysAntiSpoofStationBindingEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofStationBindingEntryIndex
|
|
EtsysInstanceOID,
|
|
etsysAntiSpoofStationBindingEntryMacAddr
|
|
MacAddress,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType
|
|
InetAddressType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr
|
|
InetAddress,
|
|
etsysAntiSpoofStationBindingEntryIfIndex
|
|
InterfaceIndex,
|
|
etsysAntiSpoofStationBindingEntryInetCounter
|
|
Counter32,
|
|
etsysAntiSpoofStationBindingEntryClearInetCounter
|
|
TruthValue,
|
|
etsysAntiSpoofStationBindingEntryPortCounter
|
|
Counter32,
|
|
etsysAntiSpoofStationBindingEntryClearPortCounter
|
|
TruthValue,
|
|
etsysAntiSpoofStationBindingEntryClearBinding
|
|
TruthValue,
|
|
etsysAntiSpoofStationBindingEntryBindingType
|
|
AntiSpoofBindingType,
|
|
etsysAntiSpoofStationBindingEntryDurationTime
|
|
Unsigned32,
|
|
etsysAntiSpoofStationBindingEntryExpirationTime
|
|
Unsigned32
|
|
}
|
|
|
|
etsysAntiSpoofStationBindingEntryIndex OBJECT-TYPE
|
|
SYNTAX EtsysInstanceOID
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unique index for this columnar row."
|
|
::= { etsysAntiSpoofStationBindingEntry 1 }
|
|
|
|
etsysAntiSpoofStationBindingEntryMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC address of the binding."
|
|
::= { etsysAntiSpoofStationBindingEntry 2 }
|
|
|
|
etsysAntiSpoofStationBindingEntryInetAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address type of the binding."
|
|
::= { etsysAntiSpoofStationBindingEntry 3 }
|
|
|
|
etsysAntiSpoofStationBindingEntryInetAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the binding."
|
|
::= { etsysAntiSpoofStationBindingEntry 4 }
|
|
|
|
etsysAntiSpoofStationBindingEntryIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The port that this binding currently resides on."
|
|
::= { etsysAntiSpoofStationBindingEntry 5 }
|
|
|
|
etsysAntiSpoofStationBindingEntryInetCounter OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times the IP address has changed for this binding."
|
|
::= { etsysAntiSpoofStationBindingEntry 6 }
|
|
|
|
etsysAntiSpoofStationBindingEntryClearInetCounter OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the IP counter
|
|
associated with this binding.
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofStationBindingEntry 7 }
|
|
|
|
etsysAntiSpoofStationBindingEntryPortCounter OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times the port has changed for this
|
|
binding."
|
|
::= { etsysAntiSpoofStationBindingEntry 8 }
|
|
|
|
etsysAntiSpoofStationBindingEntryClearPortCounter OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the port counter
|
|
associated with this binding.
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofStationBindingEntry 9 }
|
|
|
|
etsysAntiSpoofStationBindingEntryClearBinding OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the current binding.
|
|
Allowing a new binding to be created with the same MAC/IP
|
|
address and clearing all counter information.
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofStationBindingEntry 10 }
|
|
|
|
etsysAntiSpoofStationBindingEntryBindingType OBJECT-TYPE
|
|
SYNTAX AntiSpoofBindingType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates which binding type (DHCP, ARP, or IP inspection)
|
|
was used to create the entry."
|
|
::= { etsysAntiSpoofStationBindingEntry 11 }
|
|
|
|
etsysAntiSpoofStationBindingEntryDurationTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The amount of time, in seconds, that this binding has been
|
|
operational for."
|
|
::= { etsysAntiSpoofStationBindingEntry 12 }
|
|
|
|
etsysAntiSpoofStationBindingEntryExpirationTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The amount of time, in seconds, from its creation, that
|
|
this binding will be operational for before being destroyed.
|
|
A value of zero(0) indicates that this binding will
|
|
not expire."
|
|
::= { etsysAntiSpoofStationBindingEntry 13 }
|
|
|
|
|
|
etsysAntiSpoofMacBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofMacBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table indicating whether a given binding is accessible.
|
|
This table is indexed first by MAC, then by IP, and finally
|
|
by port. In this way a user may quickly determine which
|
|
bindings are active for a given station address and look up
|
|
those entries in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofBindingBranch 2 }
|
|
|
|
etsysAntiSpoofMacBindingEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofMacBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per binding data."
|
|
INDEX { etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr,
|
|
etsysAntiSpoofStationBindingInterface
|
|
}
|
|
::= { etsysAntiSpoofMacBindingTable 1 }
|
|
|
|
EtsysAntiSpoofMacBindingEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofStationBindingInterface
|
|
InterfaceIndexOrZero,
|
|
etsysAntiSpoofMacStationBindingIndex
|
|
EtsysInstanceOID,
|
|
etsysAntiSpoofMacBindingClearBinding
|
|
TruthValue
|
|
}
|
|
|
|
etsysAntiSpoofStationBindingInterface OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current interface index that the IP/MAC binding resides on."
|
|
::= { etsysAntiSpoofMacBindingEntry 1 }
|
|
|
|
etsysAntiSpoofMacStationBindingIndex OBJECT-TYPE
|
|
SYNTAX EtsysInstanceOID
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique identifier for this entry to be used as indexing
|
|
in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofMacBindingEntry 2 }
|
|
|
|
etsysAntiSpoofMacBindingClearBinding OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the current binding,
|
|
allowing a new binding to be created with the same MAC/IP
|
|
address and clearing all counter information. If the
|
|
etsysAntiSpoofStationBindingInterface index specified in the
|
|
SET operation is zero (0) it will remove the MAC/IP
|
|
binding regardless of the current port it is associated with.
|
|
Specifying an etsysAntiSpoofStationBindingInterface index value
|
|
between 1..2147483647 will only remove the binding if it
|
|
currently resides on that specific interface.
|
|
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofMacBindingEntry 3 }
|
|
|
|
etsysAntiSpoofIpBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofIpBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table indicating whether a given binding is accessible.
|
|
This table is indexed first by IP, then by MAC, and finally
|
|
by port. In this way a user may quickly determine which
|
|
bindings are active for a given station address and look up
|
|
those entries in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofBindingBranch 3 }
|
|
|
|
etsysAntiSpoofIpBindingEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofIpBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per binding data."
|
|
INDEX { etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr,
|
|
etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingInterface
|
|
}
|
|
::= { etsysAntiSpoofIpBindingTable 1 }
|
|
|
|
EtsysAntiSpoofIpBindingEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofIpStationBindingIndex
|
|
EtsysInstanceOID,
|
|
etsysAntiSpoofIpBindingClearBinding
|
|
TruthValue
|
|
}
|
|
|
|
etsysAntiSpoofIpStationBindingIndex OBJECT-TYPE
|
|
SYNTAX EtsysInstanceOID
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique identifier for this entry to be used as indexing
|
|
in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofIpBindingEntry 1 }
|
|
|
|
etsysAntiSpoofIpBindingClearBinding OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the current binding,
|
|
allowing a new binding to be created with the same MAC/IP
|
|
address and clearing all counter information. If the
|
|
etsysAntiSpoofStationBindingInterface index specified in the
|
|
SET operation is zero (0) it will remove the MAC/IP
|
|
binding regardless of the current port it is associated with.
|
|
Specifying an etsysAntiSpoofStationBindingInterface index value
|
|
between 1..2147483647 will only remove the binding if it
|
|
currently resides on that specific interface.
|
|
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofIpBindingEntry 2 }
|
|
|
|
etsysAntiSpoofPortBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysAntiSpoofPortBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table indicating whether a given binding is accessible.
|
|
This table is indexed first by port, then by MAC, and finally
|
|
by IP. In this way a user may quickly determine which
|
|
bindings are active for a given station address and look up
|
|
those entries in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofBindingBranch 4 }
|
|
|
|
etsysAntiSpoofPortBindingEntry OBJECT-TYPE
|
|
SYNTAX EtsysAntiSpoofPortBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing per binding data."
|
|
INDEX { etsysAntiSpoofStationBindingInterface,
|
|
etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr
|
|
}
|
|
::= { etsysAntiSpoofPortBindingTable 1 }
|
|
|
|
EtsysAntiSpoofPortBindingEntry ::=
|
|
SEQUENCE {
|
|
etsysAntiSpoofPortStationBindingIndex
|
|
EtsysInstanceOID,
|
|
etsysAntiSpoofPortBindingClearBinding
|
|
TruthValue
|
|
}
|
|
|
|
etsysAntiSpoofPortStationBindingIndex OBJECT-TYPE
|
|
SYNTAX EtsysInstanceOID
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique identifier for this entry to be used as indexing
|
|
in the etsysAntiSpoofStationBindingTable."
|
|
::= { etsysAntiSpoofPortBindingEntry 1 }
|
|
|
|
etsysAntiSpoofPortBindingClearBinding OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), this object will clear the current binding,
|
|
allowing a new binding to be created with the same MAC/IP
|
|
address and clearing all counter information. If the
|
|
etsysAntiSpoofStationBindingInterface index specified in the
|
|
SET operation is zero (0) it will remove the MAC/IP
|
|
binding regardless of the current port it is associated with.
|
|
Specifying an etsysAntiSpoofStationBindingInterface index value
|
|
between 1..2147483647 will only remove the binding if it
|
|
currently resides on that specific interface.
|
|
|
|
Setting this object to a value of false(2) has no effect. This
|
|
object MUST always return a value of false(2)."
|
|
::= { etsysAntiSpoofPortBindingEntry 2 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Anti Spoofing Notification Branch
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofClassNotification NOTIFICATION-TYPE
|
|
OBJECTS { etsysAntiSpoofThresholdValue,
|
|
etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr,
|
|
etsysAntiSpoofStationBindingEntryIfIndex }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification indicates that a Anti Spoof class has reached a
|
|
threshold limit."
|
|
::= { etsysAntiSpoofNotificationBranch 1 }
|
|
|
|
etsysAntiSpoofDuplicateIpNotification NOTIFICATION-TYPE
|
|
OBJECTS { etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingEntryIfIndex,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification indicates that a duplicate IP condition has
|
|
occurred."
|
|
::= { etsysAntiSpoofNotificationBranch 2 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Conformance Information
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysAntiSpoofConformance OBJECT IDENTIFIER ::= { etsysAntiSpoofMIB 2 }
|
|
|
|
etsysAntiSpoofGroups OBJECT IDENTIFIER ::= { etsysAntiSpoofConformance 1 }
|
|
etsysAntiSpoofCompliances OBJECT IDENTIFIER ::= { etsysAntiSpoofConformance 2 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Units of conformance
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysAntiSpoofSystemGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofSystemState,
|
|
etsysAntiSpoofMaxClassIndex,
|
|
etsysAntiSpoofMaxClassThresholdIndex,
|
|
etsysAntiSpoofSystemSnmpNotifications,
|
|
etsysAntiSpoofSystemNotificationInterval,
|
|
etsysAntiSpoofDuplicateIpControl,
|
|
etsysAntiSpoofSupportedActionTypes,
|
|
etsysAntiSpoofSupportedThresholdTypes,
|
|
etsysAntiSpoofSupportedBindingTypes
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The scalar group for all devices supporting Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 1 }
|
|
|
|
etsysAntiSpoofClassGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofClassName,
|
|
etsysAntiSpoofClassTimeout
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The base level class group for all devices supporting
|
|
Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 2 }
|
|
|
|
etsysAntiSpoofThresholdGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofThresholdValue,
|
|
etsysAntiSpoofThresholdActionMask,
|
|
etsysAntiSpoofThresholdActionQuarantineValue,
|
|
etsysAntiSpoofThresholdType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The base level threshold group for all devices supporting
|
|
Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 3 }
|
|
|
|
etsysAntiSpoofPortGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofDHCPMode,
|
|
etsysAntiSpoofDHCPMacVerify,
|
|
etsysAntiSpoofArpInspection,
|
|
etsysAntiSpoofIpInspection,
|
|
etsysAntiSpoofPortClassIndex,
|
|
etsysAntiSpoofUntrustedTrafficPacketCounter,
|
|
etsysAntiSpoofPortType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This group of objects for all devices supporting per interface
|
|
Anti-Spoofing settings."
|
|
::= { etsysAntiSpoofGroups 4 }
|
|
|
|
etsysAntiSpoofStationBindingGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofStationBindingEntryMacAddr,
|
|
etsysAntiSpoofStationBindingEntryInetAddrType,
|
|
etsysAntiSpoofStationBindingEntryInetAddr,
|
|
etsysAntiSpoofStationBindingEntryInetCounter,
|
|
etsysAntiSpoofStationBindingEntryClearInetCounter,
|
|
etsysAntiSpoofStationBindingEntryIfIndex,
|
|
etsysAntiSpoofStationBindingEntryPortCounter,
|
|
etsysAntiSpoofStationBindingEntryClearPortCounter,
|
|
etsysAntiSpoofStationBindingEntryClearBinding,
|
|
etsysAntiSpoofStationBindingEntryBindingType,
|
|
etsysAntiSpoofStationBindingEntryDurationTime,
|
|
etsysAntiSpoofStationBindingEntryExpirationTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group for all devices which support bindings
|
|
for Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 5 }
|
|
|
|
etsysAntiSpoofMacBindingGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofMacStationBindingIndex,
|
|
etsysAntiSpoofMacBindingClearBinding
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group for all devices which support MAC bindings
|
|
for Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 6 }
|
|
|
|
|
|
etsysAntiSpoofIpBindingGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofIpStationBindingIndex,
|
|
etsysAntiSpoofIpBindingClearBinding
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group for all devices which support IP bindings
|
|
for Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 7 }
|
|
|
|
etsysAntiSpoofPortBindingGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysAntiSpoofPortStationBindingIndex,
|
|
etsysAntiSpoofPortBindingClearBinding
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group for all devices which support IP bindings
|
|
for Anti-Spoofing."
|
|
::= { etsysAntiSpoofGroups 8 }
|
|
|
|
etsysAntiSpoofNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
etsysAntiSpoofClassNotification,
|
|
etsysAntiSpoofDuplicateIpNotification
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of class notifications for Anti-Spoof."
|
|
::= { etsysAntiSpoofGroups 9 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Compliance statements
|
|
-- -------------------------------------------------------------
|
|
etsysAntiSpoofCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for devices that support Anti-Spoof."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
etsysAntiSpoofSystemGroup,
|
|
etsysAntiSpoofClassGroup,
|
|
etsysAntiSpoofThresholdGroup,
|
|
etsysAntiSpoofPortGroup,
|
|
etsysAntiSpoofStationBindingGroup,
|
|
etsysAntiSpoofMacBindingGroup,
|
|
etsysAntiSpoofPortBindingGroup,
|
|
etsysAntiSpoofIpBindingGroup,
|
|
etsysAntiSpoofNotificationGroup
|
|
}
|
|
|
|
::= { etsysAntiSpoofCompliances 1 }
|
|
END
|