WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/d-link/PORT-SECURITY-MIB

474 lines
16 KiB
Plaintext
Raw Blame History

-- -----------------------------------------------------------------------------
-- MIB NAME : PORT-SECURITY-MIB
-- FILE NAME: PortSecurity.mib
-- DATE : 2012/10/16
-- VERSION : 1.03
-- PURPOSE : To construct the MIB structure of port security function for
-- proprietary enterprise
-- -----------------------------------------------------------------------------
-- MODIFICTION HISTORY:
-- -----------------------------------------------------------------------------
-- Version, Date, Author
-- Description:
-- [New Object]
-- [Modification]
-- Notes: (Requested by who and which project)
--
-- Version 1.03, 2012/10/16, Lillian Li
-- Description:
-- [New Object]
-- Add the node "swPortSecPortViolationAction" to provide a new action.
-- Version 1.02, 2011/12/30, Lillian Li
-- Description:
-- [Modification]
-- Modify description for setting no limit of swPortSecSysMaxLernAddr.
-- Notes: Requested by Lillian Li for project DES3810 R2.20.
--
-- Version 1.01, 2009/08/18, Oran Tang
-- Description:
-- [New Object]
-- Add swPortSecLogState and swPortSecTrapState to isolate the control of trap
-- and log state.
-- Notes: Requested by Oran Tang for project DES3810.
--
-- Version 1.00, 2008/4/24, Kelvin Tao
-- This is the first formal version for universal MIB definition.
-- -----------------------------------------------------------------------------
PORT-SECURITY-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,OBJECT-TYPE,Unsigned32,Integer32
FROM SNMPv2-SMI
DisplayString,MacAddress FROM SNMPv2-TC
dlink-common-mgmt FROM DLINK-ID-REC-MIB;
swPortSecMIB MODULE-IDENTITY
LAST-UPDATED "1210161030Z"
ORGANIZATION "D-Link Corp."
CONTACT-INFO
"http://support.dlink.com"
DESCRIPTION
"The structure of port security for the proprietary enterprise."
::= { dlink-common-mgmt 63 }
swPortSecCtrl OBJECT IDENTIFIER ::= { swPortSecMIB 1 }
swPortSecInfo OBJECT IDENTIFIER ::= { swPortSecMIB 2 }
swPortSecMgmt OBJECT IDENTIFIER ::= { swPortSecMIB 3 }
-- -----------------------------------------------------------------------------
-- swPortSecCtrl
-- -----------------------------------------------------------------------------
swPortSecTrapLogState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, traps will be sent out
and the relevant information will be logged into the system."
::= { swPortSecCtrl 1 }
swPortSecSysMaxLernAddr OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the maximum number of addresses to be authorized
by port security on the system.
A value of -1 means no-limit. The default value is no-limit.
The max entry range is (1..N). The value N means the max number and is
determined by the project itself."
::= { swPortSecCtrl 2 }
swPortSecTrapState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, trap will be sent out."
::= { swPortSecCtrl 3 }
swPortSecLogState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, the relevant information
will be logged into the system."
::= { swPortSecCtrl 4 }
-- -----------------------------------------------------------------------------
-- swPortSecInfo
-- -----------------------------------------------------------------------------
-- -----------------------------------------------------------------------------
-- swPortSecMgmt
-- -----------------------------------------------------------------------------
swPortSecMgmtByPort OBJECT IDENTIFIER ::= { swPortSecMgmt 1 }
swPortSecPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwPortSecPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A port security feature which controls the address learning capability and
traffic forwarding decisions. Each port can be enabled or disabled for this function.
When it is enabled and a number is given said N, which allows N addresses to be
learned on this port, the first N learned addresses are locked at this port as
static entries. When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this port."
::= { swPortSecMgmtByPort 1 }
swPortSecPortEntry OBJECT-TYPE
SYNTAX SwPortSecPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of information contained in the swPortSecPortTable."
INDEX { swPortSecPortIndex }
::= { swPortSecPortTable 1 }
SwPortSecPortEntry ::=
SEQUENCE {
swPortSecPortIndex
INTEGER,
swPortSecPortMaxLernAddr
INTEGER,
swPortSecPortLockAddrMode
INTEGER,
swPortSecPortAdmState
INTEGER,
swPortSecPortViolationAction
INTEGER,
swPortSecPortClearCtrl
INTEGER
}
swPortSecPortIndex OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indicates the secured port to lock address learning."
::= { swPortSecPortEntry 1 }
swPortSecPortMaxLernAddr OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the allowable number of addresses to be learned on this port.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself."
::= { swPortSecPortEntry 2 }
swPortSecPortLockAddrMode OBJECT-TYPE
SYNTAX INTEGER {
permanent(1),
deleteOnTimeout(2),
deleteOnReset(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the mode of locking address.
In deleteOnTimeout(2) mode, the locked addresses can be aged out after
the aging timer expires. In this mode, when the locked address is aged
out, the number of addresses that can be learned has to be increased by one.
In deleteOnReset (3) mode, locked addresses never age out unless the system
restarts which will prevent port movement or intrusion."
::= { swPortSecPortEntry 3 }
swPortSecPortAdmState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the administration state of the locking address."
::= { swPortSecPortEntry 4 }
swPortSecPortClearCtrl OBJECT-TYPE
SYNTAX INTEGER {
other(1),
start(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to clear port security entries by port.
Setting this value to 'start' will execute the clear action.
Once cleared, the value returns to 'other'."
::= { swPortSecPortEntry 5 }
swPortSecPortViolationAction OBJECT-TYPE
SYNTAX INTEGER {
drop(1),
shutdown(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to indicates the action when violation occurs. When the number of
secure MAC address reaches the maximum learning number on the port,
for drop action, new entry will be dropped and for shutdown action,
the port will be shut down and enter error-disabled state immediately."
::= { swPortSecPortEntry 6 }
-- -----------------------------------------------------------------------------
swPortSecMgmtByVLAN OBJECT IDENTIFIER ::= { swPortSecMgmt 2 }
swPortSecVLANTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwPortSecVLANEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A port security feature which controls the address leaning capability.
When number is given said N, which allows N addresses to be learned on this VLAN,
the first N learned addresses are locked at this VLAN as static entries.
When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this VLAN."
::= { swPortSecMgmtByVLAN 1 }
swPortSecVLANEntry OBJECT-TYPE
SYNTAX SwPortSecVLANEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of information contained in the swPortSecVLANTable."
INDEX { swPortSecVLANID }
::= { swPortSecVLANTable 1 }
SwPortSecVLANEntry ::=
SEQUENCE {
swPortSecVLANID
INTEGER,
swPortSecVLANMaxLernAddr
INTEGER,
swPortSecVLANClearCtrl
INTEGER
}
swPortSecVLANID OBJECT-TYPE
SYNTAX INTEGER (1..4094)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indicates the secured VLAN to lock address learning."
::= { swPortSecVLANEntry 1 }
swPortSecVLANMaxLernAddr OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates allowable number of addresses to be learned on this VLAN.
A value of -1 means no-limit. The default value is no-limit.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself."
::= { swPortSecVLANEntry 2 }
swPortSecVLANClearCtrl OBJECT-TYPE
SYNTAX INTEGER {
other(1),
start(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to clear port security entries by VLAN.
Setting this value to 'start' will execute the clear action.
Once cleared, the value returns to 'other'.
"
::= { swPortSecVLANEntry 3 }
-- -----------------------------------------------------------------------------
swPortSecMgmtByVLANOnPort OBJECT IDENTIFIER ::= { swPortSecMgmt 3 }
swPortSecVLANOnPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwPortSecVLANOnPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A port security feature which controls the address learning capability.
When number is given said N, which allows N addresses to be learned
on this VLAN from the special port, the first N learned addresses are locked
at this VLAN from the special port as static entries.
When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this VLAN from the special port."
::= { swPortSecMgmtByVLANOnPort 1 }
swPortSecVLANOnPortEntry OBJECT-TYPE
SYNTAX SwPortSecVLANOnPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of information contained in the swPortSecVLANOnPortTable."
INDEX { swPortSecPortIndex,swPortSecVLANID }
::= { swPortSecVLANOnPortTable 1 }
SwPortSecVLANOnPortEntry ::=
SEQUENCE {
swPortSecVLANOnPortMaxLernAddr
INTEGER,
swPortSecVLANOnPortAddCtrl
INTEGER
}
swPortSecVLANOnPortMaxLernAddr OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates allowable number of addresses to be learned on this VLAN
from the special port.
A value of -1 means no-limit. The default value is no-limit.
Only VLANs with limitations will be displayed in this table.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself."
::= { swPortSecVLANOnPortEntry 1 }
swPortSecVLANOnPortAddCtrl OBJECT-TYPE
SYNTAX INTEGER {
other(1),
add(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"other (1):
When user gets this object, it always returns other(1).
add (2):
Used to configure the VLAN limit from the special port.
If 'add' is selected, swPortSecVLANOnPortMaxLernAddr must be set to a valid value except -1.
"
::= { swPortSecVLANOnPortEntry 2 }
-- -----------------------------------------------------------------------------
swPortSecMgmtByVLANOnPortClearCtrl OBJECT IDENTIFIER ::= { swPortSecMgmtByVLANOnPort 2 }
swPortSecMgmtByVLANOnPortClearPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the port."
::= { swPortSecMgmtByVLANOnPortClearCtrl 1 }
swPortSecMgmtByVLANOnPortClearVID OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the VID."
::= { swPortSecMgmtByVLANOnPortClearCtrl 2 }
swPortSecMgmtByVLANOnPortClearAction OBJECT-TYPE
SYNTAX INTEGER {
other(1),
start(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"other(1):
When user gets this object, it always returns other(1).
start(2):
Used to clear port security entries by VLAN on the special port."
::= { swPortSecMgmtByVLANOnPortClearCtrl 3 }
-- -----------------------------------------------------------------------------
swPortSecEntriesTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwPortSecEntriesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to show port security entries."
::= { swPortSecMgmt 4 }
swPortSecEntriesEntry OBJECT-TYPE
SYNTAX SwPortSecEntriesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of information contained in the swPortSecEntriesTable."
INDEX { swPortSecMac,swPortSecVID }
::= { swPortSecEntriesTable 1 }
SwPortSecEntriesEntry ::=
SEQUENCE {
swPortSecMac
MacAddress,
swPortSecVID
INTEGER,
swPortSecPort
INTEGER,
swPortSecDelCtrl
INTEGER
}
swPortSecMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies a MAC address."
::= { swPortSecEntriesEntry 1 }
swPortSecVID OBJECT-TYPE
SYNTAX INTEGER (1..4094)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the VLAN ID."
::= { swPortSecEntriesEntry 2 }
swPortSecPort OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the port."
::= { swPortSecEntriesEntry 3 }
swPortSecDelCtrl OBJECT-TYPE
SYNTAX INTEGER {
other(1),
start(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Used to delete this port security entry.
Setting this value to 'start' will execute the delete action.
Once deleted, the value returns to 'other'."
::= { swPortSecEntriesEntry 4 }
END
View Git Blame Copy Permalink