347 lines
13 KiB
Plaintext
347 lines
13 KiB
Plaintext
-- ==================================================================
|
|
-- Copyright (C) 2005 by H3C TECHNOLOGIES. All rights reserved.
|
|
--
|
|
-- Description: IDS Management MIB
|
|
-- Reference:
|
|
-- Version: V1.0
|
|
-- History:
|
|
-- V1.00 2005/08/18 Created by Wang Hanlin
|
|
-- ==================================================================
|
|
H3C-IDS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
h3cCommon
|
|
FROM HUAWEI-3COM-OID-MIB
|
|
Integer32, Unsigned32, OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-IDENTITY
|
|
FROM SNMPv2-SMI
|
|
InetAddressType, InetAddress
|
|
FROM INET-ADDRESS-MIB;
|
|
|
|
h3cIDSMib MODULE-IDENTITY
|
|
LAST-UPDATED "200507141942Z"
|
|
ORGANIZATION
|
|
"Hangzhou H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team Hangzhou H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"This MIB describes IDS private information.
|
|
IDS(Instruction Detecting System) is used to detect intruder activity. "
|
|
::= { h3cIds 1 }
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
h3cIds OBJECT IDENTIFIER ::= { h3cCommon 47 }
|
|
|
|
h3cIDSTrapGroup OBJECT IDENTIFIER ::= { h3cIDSMib 1 }
|
|
|
|
h3cIDSTrapInfo OBJECT IDENTIFIER ::= { h3cIDSTrapGroup 1 }
|
|
|
|
h3cIDSTrapIPFragmentQueueLen OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of IP fragment queue."
|
|
::= { h3cIDSTrapInfo 1 }
|
|
|
|
h3cIDSTrapStatSessionTabLen OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of status session table."
|
|
::= { h3cIDSTrapInfo 2 }
|
|
|
|
h3cIDSTrapIPAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of IP Address."
|
|
::= { h3cIDSTrapInfo 3 }
|
|
|
|
h3cIDSTrapIPAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP Address."
|
|
::= { h3cIDSTrapInfo 4 }
|
|
|
|
h3cIDSTrapUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User name."
|
|
::= { h3cIDSTrapInfo 5 }
|
|
|
|
h3cIDSTrapLoginType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
telnet(1),
|
|
ssh(2),
|
|
web(3)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Login type, including telnet, ssh and web."
|
|
::= { h3cIDSTrapInfo 6 }
|
|
|
|
h3cIDSTrapUpgradeType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
programme(1), -- image file of system
|
|
crb(2), -- custom rule base
|
|
vrb(3) -- vendor rule base
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Upgrade type, including programme(system image),
|
|
crb(custom rule base, one kind of configuration file),
|
|
vrb(vendor rule base, one kind of configuration file)."
|
|
::= { h3cIDSTrapInfo 7 }
|
|
|
|
h3cIDSTrapCRLName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CRL(Certificate Revoke List) name."
|
|
::= { h3cIDSTrapInfo 8 }
|
|
|
|
h3cIDSTrapCertName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..64))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Certificate name."
|
|
::= { h3cIDSTrapInfo 9 }
|
|
|
|
h3cIDSTrapDetectRuleID OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule ID which is a unique identifier for a specified
|
|
detect rule."
|
|
::= { h3cIDSTrapInfo 10 }
|
|
|
|
h3cIDSTrapEngineID OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique number used to identify an interface."
|
|
::= { h3cIDSTrapInfo 11 }
|
|
|
|
h3cIDSTrapFileName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..256))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The file name."
|
|
::= { h3cIDSTrapInfo 12 }
|
|
|
|
h3cIDSTrapCfgLineInFile OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The line number in the configuration file."
|
|
::= { h3cIDSTrapInfo 13 }
|
|
|
|
h3cIDSTrapReasonForError OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..256))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The information of the notification. Although the format and
|
|
content of this object are device specific, they should be
|
|
defined uniformly in the device."
|
|
::= { h3cIDSTrapInfo 14 }
|
|
|
|
h3cIDSTrap OBJECT IDENTIFIER ::= { h3cIDSTrapGroup 2 }
|
|
|
|
h3cIDSTrapPrefix OBJECT IDENTIFIER ::= { h3cIDSTrap 0 }
|
|
|
|
h3cIDSTrapIPFragQueueFull NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapIPFragmentQueueLen,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the IP fragment
|
|
queue is full. The h3cIDSTrapIPFragmentQueueLen describes
|
|
the length of current fragment queue.
|
|
The h3cIDSTrapReasonForError describes reason for error."
|
|
::= { h3cIDSTrapPrefix 1 }
|
|
|
|
h3cIDSTrapStatSessTabFull NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapStatSessionTabLen,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the status session
|
|
table is full. The h3cIDSTrapStatSessionTabLen describes the
|
|
length of current status session table.
|
|
The h3cIDSTrapReasonForError describes reason for error."
|
|
::= { h3cIDSTrapPrefix 2 }
|
|
|
|
h3cIDSTrapDetectRuleParseFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapDetectRuleID,
|
|
h3cIDSTrapEngineID,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when failing to parse
|
|
the rules for detecting. The h3cIDSTrapDetectRuleID object describes
|
|
rule ID. The h3cIDSTrapEngineID object identifies an interface
|
|
the rule applies to. The h3cIDSTrapReasonForError object
|
|
describes reason for error."
|
|
::= { h3cIDSTrapPrefix 3 }
|
|
|
|
h3cIDSTrapDBConnLost NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapIPAddressType,
|
|
h3cIDSTrapIPAddress,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when connecting with
|
|
database server fails. The h3cIDSTrapIPAddressType object describes
|
|
the IP address type of database server. The h3cIDSTrapIPAddress
|
|
object describes the IP address of database server. The
|
|
h3cIDSTrapReasonForError describes reason of connecting failure."
|
|
::= { h3cIDSTrapPrefix 4 }
|
|
|
|
h3cIDSTrapCRLNeedUpdate NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapCRLName,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when IDS device detects
|
|
that CRL is out of date. The h3cIDSTrapCRLName object
|
|
describes the CRL(Certificate Revoke List) name.
|
|
The h3cIDSTrapReasonForError object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 5 }
|
|
|
|
h3cIDSTrapCertOverdue NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapCertName,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when IDS device detects
|
|
that certificate is overdue. The h3cIDSTrapCertName object
|
|
describes the certificate name. The h3cIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 6 }
|
|
|
|
h3cIDSTrapTooManyLoginFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapUserName,
|
|
h3cIDSTrapIPAddressType,
|
|
h3cIDSTrapIPAddress,
|
|
h3cIDSTrapLoginType,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when the login
|
|
failure times of a user over a certain number.
|
|
The h3cIDSTrapUserName object describes the user name
|
|
when logging in. The h3cIDSTrapIPAddressType object
|
|
describes the IP address type of client. The
|
|
h3cIDSTrapIPAddress object describes the IP address of
|
|
client. The h3cIDSTrapLoginType object describes
|
|
login type, including: telnet, ssh, web.
|
|
The h3cIDSTrapReasonForError object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 7 }
|
|
|
|
h3cIDSTrapUpgradeError NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapUpgradeType,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when upgrading fails.
|
|
The h3cIDSTrapUpgradeType object describes upgrade type,
|
|
including: programme, vrb. The h3cIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 8 }
|
|
|
|
h3cIDSTrapFileAccessError NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapFileName,
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when accessing file
|
|
fails. The h3cIDSTrapFileName object describes the name
|
|
of file accessed. The h3cIDSTrapReasonForError object describes
|
|
reason for error."
|
|
::= { h3cIDSTrapPrefix 9 }
|
|
|
|
h3cIDSTrapConsArithMemLow NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when memory used by
|
|
constructing the arithmetic to seek content is lacking.
|
|
The h3cIDSTrapReasonForError object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 10 }
|
|
|
|
h3cIDSTrapSSRAMOperFail NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when reading or
|
|
writing SSRAM of CIE card fails. The h3cIDSTrapReasonForError
|
|
object describes reason for error."
|
|
::= { h3cIDSTrapPrefix 11 }
|
|
|
|
h3cIDSTrapPacketProcessDisorder NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
h3cIDSTrapReasonForError
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification will be generated when packets processed
|
|
is in disorder. The h3cIDSTrapReasonForError object describes
|
|
reason for error."
|
|
::= { h3cIDSTrapPrefix 12 }
|
|
|
|
h3cIDSTrapCfgFileFormatError NOTIFICATION-TYPE
|
|
OBJECTS { h3cIDSTrapFileName, h3cIDSTrapCfgLineInFile }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When devices startup and load the configuration file,
|
|
if format error is found, this notification will be generated.
|
|
The h3cIDSTrapFileName object describes the name of
|
|
configuration file. The h3cIDSTrapCfgLineInFile object
|
|
describes the line number in the file."
|
|
::= { h3cIDSTrapPrefix 13 }
|
|
|
|
END
|