1085 lines
30 KiB
Plaintext
1085 lines
30 KiB
Plaintext
-- ==================================================================================
|
|
-- Copyright (C) 2002 by H3C TECHNOLOGIES. All rights reserved.
|
|
--
|
|
-- Description: This file describes the MIB implementation of ndec
|
|
-- Reference:
|
|
-- Version: V1.6
|
|
-- History:
|
|
-- for V1.0
|
|
-- Add MODULE-IDENTITY to mib
|
|
-- V1.1 2004-9-9 lizhiyong
|
|
-- add hipsNDECSAListTable,hikeSATable,hipsIKEPolicyTable,
|
|
-- hipsStaticCryptomapTable,hipsTransformNameSetTable,hipsNDECLeaf,
|
|
-- modify hipsNDECInfoTable,
|
|
-- V1.2 2004-9-14 lizhiyong
|
|
-- delete useless comments
|
|
-- modify the SYNTAX type of hipsInPac,hipsOutPac,hipsInByte,hipsOutByte
|
|
-- and hipsDropPac from Gauge to Counter32.
|
|
-- delete the underscore character "_" which is note compliant with ASN.1
|
|
-- modify the whole file with SMIv2.
|
|
-- V1.3 2004-10-12 updated by gaolong
|
|
-- Remove variable value range from table SEQUENCE definition.
|
|
-- V1.4 2004-10-21 lizhiyong
|
|
-- modify hipsStaticCryptomapMatchAddr range from 1..199 to 1..100000.
|
|
-- update the description of hipsNDECBackup node
|
|
-- V1.5 2004-11-26 updated by gaolong
|
|
-- File description updated
|
|
-- V1.6 2007-1-29 updated by liukan
|
|
-- Add a new value ealgXNsa in hipsEncAlgorithm type.
|
|
-- ===================================================================================
|
|
HUAWEI-NDEC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
IpAddress, Counter32, Gauge32, Integer32 ,Unsigned32 ,NOTIFICATION-TYPE,MODULE-IDENTITY,OBJECT-TYPE
|
|
FROM SNMPv2-SMI
|
|
DisplayString, TruthValue
|
|
FROM SNMPv2-TC
|
|
mlsr
|
|
FROM HUAWEI-3COM-OID-MIB;
|
|
|
|
-- HUAWEI-NDEC-MIB definition
|
|
|
|
|
|
huaweiNDEC MODULE-IDENTITY
|
|
LAST-UPDATED "200409150000Z" -- August 15, 2004 GMT
|
|
ORGANIZATION
|
|
"Hangzhou H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team Hangzhou H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"This MIB contains objects to manage the NDEC device.
|
|
"
|
|
REVISION "200409151052Z" -- August 15, 2004 at 10:52 GMT
|
|
DESCRIPTION
|
|
"The initial version of this MIB module"
|
|
::= { mlsr 2 }
|
|
|
|
--transform Set authentication/encryption method
|
|
|
|
|
|
hipsNDECSAListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HipsNDECSAListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing the list of all
|
|
SA entries configured on NDEC by the operator."
|
|
::= { huaweiNDEC 1 }
|
|
|
|
hipsNDECSAListEntry OBJECT-TYPE
|
|
SYNTAX HipsNDECSAListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the attributes
|
|
associated with a single NDEC'S SA entry."
|
|
INDEX { hipsPeerIpAddr, hipsProtocol, hipsSPI }
|
|
::= { hipsNDECSAListTable 1 }
|
|
|
|
HipsNDECSAListEntry ::= SEQUENCE {
|
|
hipsPeerIpAddr IpAddress,
|
|
hipsProtocol INTEGER,
|
|
hipsSPI Gauge32,
|
|
hipsEncAlgorithm INTEGER,
|
|
hipsAuthAlgorithm INTEGER,
|
|
hipsLocalIpAddr IpAddress,
|
|
hipsSaLifeKBytes Gauge32,
|
|
hipsSaLifeSecond Gauge32,
|
|
hipsByCard TruthValue,
|
|
hipsNegotiateSaMode INTEGER,
|
|
hipsExpBytes Gauge32,
|
|
hipsSoftBytes Gauge32,
|
|
hipsExpTimeout Gauge32,
|
|
hipsSoftTimeout Gauge32
|
|
}
|
|
|
|
|
|
hipsPeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer IP address of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 1 }
|
|
|
|
hipsProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ipsecEsp(50),
|
|
ipsecAh(51)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Protocol of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 2 }
|
|
|
|
hipsSPI OBJECT-TYPE
|
|
SYNTAX Gauge32(256..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The SPI of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 3 }
|
|
|
|
hipsEncAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ealgNone(1),
|
|
ealgDescbc(2),
|
|
ealg3desCbc(3),
|
|
ealgXBlf(4),
|
|
ealgXCast(5),
|
|
ealgXSkipjack(6),
|
|
ealgXAes(7),
|
|
ealgXQc5(8),
|
|
ealgXNsa(9)
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encrypt algorithm of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 4 }
|
|
|
|
hipsAuthAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication algorithm of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 5 }
|
|
|
|
hipsLocalIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The local IP address of this SA entry.
|
|
"
|
|
::= { hipsNDECSAListEntry 6 }
|
|
|
|
hipsSaLifeKBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lifetime of this SA entry in bytes.
|
|
"
|
|
::= { hipsNDECSAListEntry 7 }
|
|
|
|
hipsSaLifeSecond OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lifetime of this SA entry in seconds.
|
|
"
|
|
::= { hipsNDECSAListEntry 8 }
|
|
|
|
hipsByCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of this SA on NDEC or not.
|
|
"
|
|
::= { hipsNDECSAListEntry 9 }
|
|
|
|
|
|
hipsNegotiateSaMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
isakmp(2),
|
|
manual(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of key used by the IPSec Phase-2 Tunnel.
|
|
"
|
|
::= { hipsNDECSAListEntry 10 }
|
|
|
|
hipsExpBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in bytes
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hipsNDECSAListEntry 11 }
|
|
|
|
hipsSoftBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in bytes
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hipsNDECSAListEntry 12 }
|
|
|
|
hipsExpTimeout OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in seconds
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hipsNDECSAListEntry 13 }
|
|
|
|
hipsSoftTimeout OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in seconds
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hipsNDECSAListEntry 14 }
|
|
|
|
|
|
hikeSATable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HikeSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing IKE SA entities
|
|
configured on NDEC by the operator.
|
|
"
|
|
|
|
::= { huaweiNDEC 2 }
|
|
|
|
hikeSAEntry OBJECT-TYPE
|
|
SYNTAX HikeSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the attributes
|
|
associated with a single IKE SA entity."
|
|
INDEX { hikeConnId }
|
|
::= { hikeSATable 1 }
|
|
|
|
HikeSAEntry ::= SEQUENCE {
|
|
hikeConnId Integer32,
|
|
hikePeerIpAddr IpAddress,
|
|
hikeFlag DisplayString,
|
|
hikePhase INTEGER,
|
|
hikeDoi INTEGER,
|
|
hikeClearSA TruthValue
|
|
}
|
|
|
|
hikeConnId OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of IKE SA connection."
|
|
::= { hikeSAEntry 1 }
|
|
|
|
hikePeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer IP address of this IKE SA.
|
|
"
|
|
::= { hikeSAEntry 2 }
|
|
|
|
hikeFlag OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this IKE SA.
|
|
"
|
|
::= { hikeSAEntry 3 }
|
|
|
|
hikePhase OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
unkown(1),
|
|
phase1(2),
|
|
phase2(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The phase of this IKE SA.
|
|
"
|
|
::= { hikeSAEntry 4 }
|
|
|
|
hikeDoi OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
unkown(1),
|
|
ipsec(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The domain of this IKE SA
|
|
"
|
|
::= { hikeSAEntry 5 }
|
|
|
|
hikeClearSA OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Clear this IKE SA or not.
|
|
"
|
|
::= { hikeSAEntry 6 }
|
|
|
|
|
|
hipsIKEPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HipsIKEPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"List of all ISAKMP policy entries."
|
|
::= { huaweiNDEC 3 }
|
|
|
|
hipsIKEPolicyEntry OBJECT-TYPE
|
|
SYNTAX HipsIKEPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry includes the properties of a ISAKMP Policy entry."
|
|
INDEX { hipsIsakmpPolPriority }
|
|
::= { hipsIKEPolicyTable 1 }
|
|
|
|
HipsIKEPolicyEntry ::= SEQUENCE {
|
|
hipsIsakmpPolPriority Integer32,
|
|
hipsIsakmpPolEncr INTEGER,
|
|
hipsIsakmpPolHash INTEGER,
|
|
hipsIsakmpPolAuth INTEGER,
|
|
hipsIsakmpPolGroup INTEGER,
|
|
hipsIsakmpPolLifetime Gauge32
|
|
}
|
|
|
|
hipsIsakmpPolPriority OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ISAKMP Policy entry's priority."
|
|
::= { hipsIKEPolicyEntry 1 }
|
|
|
|
hipsIsakmpPolEncr OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeEncryptNone(1),
|
|
ikeEncryptDesCbc(2),
|
|
ikeEncryptIdeaCbc(3),
|
|
ikeEncryptBlowfishcbc(4),
|
|
ikeEncryptRc5R16B64cbc(5),
|
|
ikeEncrypt3DesCbc(6),
|
|
ikeEncryptCastCbc(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified encryption transform. It is used by
|
|
Internet Key Exchange(IKE) tunnels to protect the ISAKMP
|
|
PDUs."
|
|
::= { hipsIKEPolicyEntry 2 }
|
|
|
|
hipsIsakmpPolHash OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeHashNone(1),
|
|
ikeHashMd5(2),
|
|
ikeHashSha(3),
|
|
ikeHashTiger(4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified hash transform. It is used by
|
|
Internet Key Exchange(IKE) tunnels to protect the ISAKMP
|
|
PDUs."
|
|
::= { hipsIKEPolicyEntry 3 }
|
|
|
|
hipsIsakmpPolAuth OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeAuthPreNone(1),
|
|
ikeAuthPreShared(2) ,
|
|
ikeAuthDss(3),
|
|
ikeAuthRsaSig(4),
|
|
ikeAuthRsaEnc(5),
|
|
ikeAuthRsaEncRev(6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified peer authentication method.
|
|
The local entity would authenticate the peer using
|
|
the method specified by this object when this policy
|
|
entity is selected to negotiate with a peer."
|
|
::= { hipsIKEPolicyEntry 4 }
|
|
|
|
hipsIsakmpPolGroup OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
dhGroup1(2),
|
|
dhGroup2(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the Oakley group
|
|
which is used for Diffie Hellman exchange in the
|
|
Main Mode.
|
|
The local entity selects the group specified by
|
|
this object to perform Diffie Hellman exchange with
|
|
the peer when this policy item is chosen to negotiate
|
|
the Main Mode with an IKE peer."
|
|
::= { hipsIKEPolicyEntry 5 }
|
|
|
|
hipsIsakmpPolLifetime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the lifetime of the IKE tunnels in seconds."
|
|
::= { hipsIKEPolicyEntry 6 }
|
|
|
|
|
|
hipsStaticCryptomapTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HipsStaticCryptomapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table includes the list of the member cryptomaps
|
|
of the cryptomap sets which are set on the specific entity."
|
|
::= { huaweiNDEC 4 }
|
|
|
|
hipsStaticCryptomapEntry OBJECT-TYPE
|
|
SYNTAX HipsStaticCryptomapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains properites of a single static cryptomap entry.
|
|
The members of dynamic cryptomap sets, which may be linked with the
|
|
parent static cryptomap set, are not included in this table."
|
|
INDEX { hipsStaticCryptomapName,hipsStaticCryptomapSN }
|
|
::= { hipsStaticCryptomapTable 1 }
|
|
|
|
HipsStaticCryptomapEntry ::= SEQUENCE {
|
|
hipsStaticCryptomapName DisplayString,
|
|
hipsStaticCryptomapSN Integer32,
|
|
hipsStaticCryptomapNegMode INTEGER,
|
|
hipsStaticCryptomapMatchAddr INTEGER,
|
|
hipsStaticCryptomapPeerIpAddr IpAddress,
|
|
hipsStaticCryptomapTransforName DisplayString,
|
|
hipsStaticCryptomapLifetime Gauge32,
|
|
hipsStaticCryptomapLifesize Gauge32,
|
|
hipsStaticCryptomapLocalIpAddr IpAddress,
|
|
hipsIfNameUsed DisplayString,
|
|
hipsInAHSPI Gauge32,
|
|
hipsInESPSPI Gauge32,
|
|
hipsOutAHSPI Gauge32,
|
|
hipsOutESPSPI Gauge32,
|
|
hipsInAhHexKeyString DisplayString,
|
|
hipsInEspCipherHexKeyString DisplayString,
|
|
hipsInEspAuthenHexKeyString DisplayString,
|
|
hipsInAhStringKeyString DisplayString,
|
|
hipsInEspStringKeyString DisplayString,
|
|
hipsOutAhHexKeyString DisplayString,
|
|
hipsOutEspCipherHexKeyString DisplayString,
|
|
hipsOutEspAuthenHexKeyString DisplayString,
|
|
hipsOutAhStringKeyString DisplayString,
|
|
hipsOutEspStringKeyString DisplayString
|
|
}
|
|
|
|
|
|
|
|
hipsStaticCryptomapName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the cryptomap entry in the
|
|
cryptomap set. This is the first index
|
|
component of this table."
|
|
::= { hipsStaticCryptomapEntry 1 }
|
|
|
|
hipsStaticCryptomapSN OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sequence number of the cryptomap entry in the
|
|
cryptomap set. This is the second index component
|
|
of this table."
|
|
::= { hipsStaticCryptomapEntry 2 }
|
|
|
|
hipsStaticCryptomapNegMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
isakmp(2),
|
|
manual(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Type of the cryptomap entry. This object may be an ISAKMP
|
|
cryptomap or manual."
|
|
::= { hipsStaticCryptomapEntry 3 }
|
|
|
|
hipsStaticCryptomapMatchAddr OBJECT-TYPE
|
|
SYNTAX INTEGER(1..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The access list number entered by the operatoir
|
|
while creating this cryptomap. "
|
|
::= { hipsStaticCryptomapEntry 4 }
|
|
|
|
hipsStaticCryptomapPeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the current peer. Traffic protected by
|
|
this cryptomap is protected by a tunnel terminating
|
|
at the device whose IP address is the value of this object."
|
|
::= { hipsStaticCryptomapEntry 5 }
|
|
|
|
hipsStaticCryptomapTransforName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The transform associated with this cryptomap entry."
|
|
::= { hipsStaticCryptomapEntry 6 }
|
|
|
|
hipsStaticCryptomapLifetime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the lifetime of the IPSec SA which is
|
|
created using this IPSec policy entry."
|
|
::= { hipsStaticCryptomapEntry 7 }
|
|
|
|
hipsStaticCryptomapLifesize OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the lifesize of the IPSec SAs
|
|
generated using this IPSec policy entry.
|
|
Lifesize means maximum traffic in bytes that may be carried.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 8 }
|
|
|
|
hipsStaticCryptomapLocalIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object is the local IP address of the
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 9 }
|
|
|
|
|
|
hipsIfNameUsed OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the name of the
|
|
interface which uses this IPSec policy entry.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 10 }
|
|
|
|
|
|
hipsInAHSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound AH SPI
|
|
IPSec SAs generated using this IPSec policy entry."
|
|
::= { hipsStaticCryptomapEntry 11 }
|
|
|
|
hipsInESPSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 12 }
|
|
|
|
hipsOutAHSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 13 }
|
|
|
|
hipsOutESPSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 14 }
|
|
|
|
hipsInAhHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The AH authentication key is in hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 15 }
|
|
|
|
hipsInEspCipherHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The ESP authentication key is hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 16 }
|
|
|
|
hipsInEspAuthenHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The ESP authentication key is hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 17 }
|
|
|
|
|
|
hipsInAhStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 18 }
|
|
hipsInEspStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 19 }
|
|
hipsOutAhHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 20 }
|
|
hipsOutEspCipherHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 21 }
|
|
hipsOutEspAuthenHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 22 }
|
|
hipsOutAhStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 23 }
|
|
|
|
hipsOutEspStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hipsStaticCryptomapEntry 24 }
|
|
|
|
|
|
hipsTransformNameSetTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HipsTransformNameSetEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Transform set table."
|
|
::= { huaweiNDEC 5 }
|
|
|
|
hipsTransformNameSetEntry OBJECT-TYPE
|
|
SYNTAX HipsTransformNameSetEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry refers to properties of a transform."
|
|
INDEX { hipsTransformName }
|
|
::= { hipsTransformNameSetTable 1 }
|
|
|
|
HipsTransformNameSetEntry ::= SEQUENCE {
|
|
hipsTransformName DisplayString,
|
|
hipsTransformMode INTEGER,
|
|
hipsTransformProtocol INTEGER,
|
|
hipsAH INTEGER,
|
|
hipsEespEn INTEGER,
|
|
hipsEspAu INTEGER,
|
|
hipsIsCardTransform TruthValue
|
|
}
|
|
|
|
|
|
hipsTransformName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of the transform entry."
|
|
::= { hipsTransformNameSetEntry 1 }
|
|
|
|
hipsTransformMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
tunnel(1),
|
|
transport(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mode of the transform entry."
|
|
::= { hipsTransformNameSetEntry 2 }
|
|
|
|
hipsTransformProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ipsecNone(1),
|
|
ipsecAhNew(2),
|
|
ipsecAhEspNew(3),
|
|
ipsecAhEspOld(4),
|
|
ipsecAhOld(5),
|
|
ipsecEspNew(6),
|
|
ipsecEspAhNew(7),
|
|
ipsecEspAhOld(8),
|
|
ipsecEspOld(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Transform protocol."
|
|
::= { hipsTransformNameSetEntry 3 }
|
|
|
|
hipsAH OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Algorithm of AH protocol."
|
|
::= { hipsTransformNameSetEntry 4 }
|
|
|
|
|
|
hipsEespEn OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ealgNone(1),
|
|
ealgDescbc(2),
|
|
ealg3desCbc(3),
|
|
ealgXBlf(4),
|
|
ealgXCast(5),
|
|
ealgXSkipjack(6),
|
|
ealgXAes(7),
|
|
ealgXQc5(8)
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Encryption algorithm of ESP protocol."
|
|
::= { hipsTransformNameSetEntry 5 }
|
|
|
|
hipsEspAu OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Authentication algorithm of ESP protocol."
|
|
::= { hipsTransformNameSetEntry 6 }
|
|
|
|
|
|
hipsIsCardTransform OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the flag of the NDEC is used for
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hipsTransformNameSetEntry 7 }
|
|
|
|
|
|
hipsNDECInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HipsNDECInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of NDEC set."
|
|
::= { huaweiNDEC 6 }
|
|
|
|
hipsNDECInfoEntry OBJECT-TYPE
|
|
SYNTAX HipsNDECInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Properties of each NDEC.
|
|
"
|
|
INDEX { hipsCardSlot }
|
|
::= { hipsNDECInfoTable 1 }
|
|
|
|
HipsNDECInfoEntry ::= SEQUENCE {
|
|
hipsCardSlot INTEGER,
|
|
hipsInPac Counter32,
|
|
hipsOutPac Counter32,
|
|
hipsInByte Counter32,
|
|
hipsOutByte Counter32,
|
|
hipsDropPac Counter32,
|
|
hipsCardStatus INTEGER,
|
|
hipsCardHardVer DisplayString,
|
|
hipsCardSoftVer DisplayString,
|
|
hipsCardCPLDVer DisplayString,
|
|
hipsCardOperate INTEGER,
|
|
hipsDropPacInUnitTime Gauge32
|
|
}
|
|
|
|
|
|
hipsCardSlot OBJECT-TYPE
|
|
SYNTAX INTEGER(0..7)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Slot number of NDEC ."
|
|
::= { hipsNDECInfoEntry 1 }
|
|
|
|
hipsInPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC recieved."
|
|
::= { hipsNDECInfoEntry 2 }
|
|
|
|
hipsOutPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC sent."
|
|
::= { hipsNDECInfoEntry 3 }
|
|
|
|
hipsInByte OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total bytes of the NDEC sent."
|
|
::= { hipsNDECInfoEntry 4 }
|
|
|
|
hipsOutByte OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total bytes of the NDEC sent."
|
|
::= { hipsNDECInfoEntry 5 }
|
|
|
|
hipsDropPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC dropped ."
|
|
::= { hipsNDECInfoEntry 6 }
|
|
|
|
hipsCardStatus OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
ecStateInvalid(1), -- status exeception
|
|
ecStateReady(2), -- status normal
|
|
ecStateResetting(3) , -- card is reseting
|
|
ecStateProgramUpdating(4), --card is loading
|
|
ecStateDisable(5) -- card is forbidden
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"State of the NDEC."
|
|
::= { hipsNDECInfoEntry 7 }
|
|
|
|
hipsCardHardVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hardware version of the NDEC."
|
|
::= { hipsNDECInfoEntry 8 }
|
|
|
|
hipsCardSoftVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Software version of the NDEC."
|
|
::= { hipsNDECInfoEntry 9 }
|
|
|
|
hipsCardCPLDVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CPLD version of the NDEC."
|
|
::= { hipsNDECInfoEntry 10 }
|
|
|
|
hipsCardOperate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
cardClearStatic(1),
|
|
cardReset(2),
|
|
cardSynTime(3),
|
|
cardSysLogOn(4),
|
|
cardSysLogOff(5),
|
|
cardSysLogClear(6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The version of the NDEC's CPLD.
|
|
cardClearStatic(1): clear the statistics of the card
|
|
cardReset(2): rest the card
|
|
cardSynTime(3): synchoronize the clock of the card
|
|
cardSysLogOn(4):turn on the log of the card
|
|
cardSysLogOff(5):turn off the log of the card
|
|
cardSysLogClear(6):clear the log of the card"
|
|
::= { hipsNDECInfoEntry 11 }
|
|
|
|
hipsDropPacInUnitTime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dropped packets in unit interval."
|
|
::= { hipsNDECInfoEntry 12 }
|
|
|
|
|
|
hipsNDECLeaf OBJECT IDENTIFIER ::= { huaweiNDEC 7 }
|
|
|
|
hipsNDECConnections OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total connections of the system at this time."
|
|
::= { hipsNDECLeaf 1 }
|
|
|
|
hipsNDECBackup OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag that NDEC using backup. The value 1 represents using backup
|
|
The value 0 represents not using backup"
|
|
::= { hipsNDECLeaf 2 }
|
|
|
|
|
|
hipsTraps OBJECT IDENTIFIER ::= { huaweiNDEC 8 }
|
|
|
|
hipsNDECNormalResetTrap NOTIFICATION-TYPE
|
|
OBJECTS { hipsCardSlot,hipsCardHardVer,
|
|
hipsCardSoftVer,hipsCardCPLDVer }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when the NDEC card is reset."
|
|
::= { hipsTraps 1 }
|
|
|
|
hipsNDECStateChangeTrap NOTIFICATION-TYPE
|
|
OBJECTS { hipsCardSlot,hipsCardStatus }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when the NDEC card's state changes."
|
|
::= { hipsTraps 2 }
|
|
|
|
hipsNDECFlowTrap NOTIFICATION-TYPE
|
|
OBJECTS { hipsCardSlot,hipsDropPacInUnitTime }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when a NDEC card is overloaded."
|
|
::= { hipsTraps 3 }
|
|
|
|
END
|