WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/supermicro/SUPERMICRO-IPSECV6-MIB

1082 lines
40 KiB
Plaintext
Raw Blame History

-- Copyright (C) 2008-2014 Super Micro Computer Inc. All Rights Reserved
-- $Id: fssecv6.mib,v 1.13 2012/09/07 09:52:06 siva Exp $
SUPERMICRO-IPSECV6-MIB DEFINITIONS ::= BEGIN
IMPORTS
enterprises, MODULE-IDENTITY, OBJECT-TYPE,
Integer32, Counter32
FROM SNMPv2-SMI
RowStatus, DisplayString,TEXTUAL-CONVENTION
FROM SNMPv2-TC;
fsipv6Sec MODULE-IDENTITY
LAST-UPDATED "201209050000Z"
ORGANIZATION "Super Micro Computer Inc."
CONTACT-INFO "support@Supermicro.com"
DESCRIPTION
"The MIB module that describes managed objects of
general use by the IPSEC Protocol."
REVISION "201209050000Z"
DESCRIPTION
"The MIB module that describes managed objects of
general use by the IPSEC Protocol."
::= { enterprises supermicro-computer-inc(10876) super-switch(101) basic(1) 29 }
fsipv6SecScalars OBJECT IDENTIFIER ::= { fsipv6Sec 1 }
fsipv6SecConfig OBJECT IDENTIFIER ::= { fsipv6Sec 2 }
fsipv6SecStats OBJECT IDENTIFIER ::= { fsipv6Sec 3 }
--
-- IPSEC group
--
Ipv6IfIndex ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"A unique value, greater than zero for each
internetwork-layer interface in the managed
system. It is recommended that values are assigned
contiguously starting from 1. The value for each
internetwork-layer interface must remain constant
at least from one re-initialization of the entity's
network management system to the next
re-initialization."
SYNTAX Integer32 (1..2147483647)
-- definition of textual conventions
-- fsipv6SecScalars Scalars BEGIN
fsipv6SecGlobalStatus OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object enables/disables the IPSEC processing
administratively.By Default it is set to disable"
::= { fsipv6SecScalars 1 }
fsipv6SecVersion OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Version number of this IPSEC module running on
the stack."
::= { fsipv6SecScalars 2 }
fsipv6SecGlobalDebug OBJECT-TYPE
SYNTAX INTEGER {
disableall (0),
enableall (1),
initshut (2),
manageMent (3),
dataPath (4),
ctrlPath (5),
pktDump (6),
osresource (7),
allfailure (8),
buffer (9)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" The mask which is used to enable selective debug levels in
IPSec module.
disableall : disable all the traces.
enableall : enable all tarce levels.
management : traces for configuration
datapath : traces for data packets
ctrlplane : all control packet related traces
dump : ppp packet decode
resourceError : trace for os resource failure
genError : unexpected error condition
semTrc : PPP State Event Machine Trace
alarmTrc : enable PPP Alarms
All values except disableall and enableall will add a
particular trace level to the existing trace levels.
If we want to have only a particular trace level
(say 'ctrlplane' do the following:
(i) configure the value as disableall
(ii) configure the particular trace level('ctrlplane')."
::= { fsipv6SecScalars 3 }
fsipv6SecMaxSA OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"Specifies the maximum number of security associations present in
the system. This sizable parameter determines the number of selector,
policy, access list and security association entries in the system"
::= { fsipv6SecScalars 4 }
--fsipv6SecScalars Scalars END
--fsipv6SecConfig Tables BEGIN
-- Selector Table.
fsipv6SecSelectorTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecSelectorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The list of selectors for the interface."
::= { fsipv6SecConfig 1 }
fsIpv6SecSelectorEntry OBJECT-TYPE
SYNTAX FsIpv6SecSelectorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the Selector Table. Each entry
is a set of IP or Upper layer protocol
fields used by security policy database to
map to security association entry or bundle."
INDEX { fsipv6SelIfIndex,
fsipv6SelProtoIndex,
fsipv6SelAccessIndex,
fsipv6SelPort,
fsipv6SelPktDirection }
::= { fsipv6SecSelectorTable 1 }
FsIpv6SecSelectorEntry ::= SEQUENCE {
fsipv6SelIfIndex
Integer32,
fsipv6SelProtoIndex
INTEGER,
fsipv6SelAccessIndex
Integer32,
fsipv6SelPort
Integer32,
fsipv6SelPktDirection
INTEGER,
fsipv6SelFilterFlag
INTEGER,
fsipv6SelPolicyIndex
Integer32,
fsipv6SelIfIpAddress
OCTET STRING,
fsipv6SelStatus
RowStatus
}
fsipv6SelIfIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index value which uniquely identifies
the IPv6 interface on which this Selector
Table entry exists. The interface indentified
by a particular value of this index is the same
interface as identified by the value of
ipv6IfIndex."
::= { fsIpv6SecSelectorEntry 1 }
fsipv6SelProtoIndex OBJECT-TYPE
SYNTAX INTEGER {
tcp (6),
udp (17),
icmpv6 (58),
ahproto (51),
espproto (50),
any (9000)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Proto index value which uniquely identifies
the protocol for which this Selector Table entry
exists.In case of no specific protocol any can be
used whose value is assigned as 9000"
::= { fsIpv6SecSelectorEntry 2 }
fsipv6SelAccessIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This value of the object is same as that of the
index of the access table. This index can be used
to get a range of source and destination IPv6 addresses
from the access table for validating the src and destination
addr of the packets."
::= { fsIpv6SecSelectorEntry 3 }
fsipv6SelPort OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Port to Specify the user application for
a given protocol.In case of no specific port
any can be used whose value is assigned to 9000"
::= { fsIpv6SecSelectorEntry 4 }
fsipv6SelPktDirection OBJECT-TYPE
SYNTAX INTEGER {
inbound (1),
outbound (2),
any (3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Decides the Packet Direction"
::= { fsIpv6SecSelectorEntry 5 }
fsipv6SelFilterFlag OBJECT-TYPE
SYNTAX INTEGER {
filter (1),
allow (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Flag to specify the filtering of the packets
based on the protocol field."
::= { fsIpv6SecSelectorEntry 6 }
fsipv6SelPolicyIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object is same as that of
the index of the security policy table. This
object can be configured only when there is a
corresponding entry for the specified value in
the policy table.This object cannot be configured
if for the given value there is an entry in the
policy table which in turn points to the secassoc
entries in transport mode."
::= { fsIpv6SecSelectorEntry 7 }
fsipv6SelIfIpAddress OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A unique non-zero value identifying the local
tunnel termination address. This
object should be set when working with IKE"
::= { fsIpv6SecSelectorEntry 8 }
fsipv6SelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create and delete rows
from the fsipv6SecSelectorTable. It can be set
to the value of createAndGo(4),createAndWait(5),
notInService(2),active(1) and destroy(6).
This object can be configured only when the
ipsec admin status is disable."
::= { fsIpv6SecSelectorEntry 9 }
-- Access Table
fsipv6SecAccessTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecAccessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Range of Ip addresses allowed for a domain"
::= { fsipv6SecConfig 2 }
fsIpv6SecAccessEntry OBJECT-TYPE
SYNTAX FsIpv6SecAccessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the access Table that specifies
the range of address allowed for a domain"
INDEX { fsipv6SecAccessIndex }
::= { fsipv6SecAccessTable 1 }
FsIpv6SecAccessEntry ::=
SEQUENCE {
fsipv6SecAccessIndex
Integer32,
fsipv6SecAccessStatus
RowStatus,
fsipv6SecSrcNet
OCTET STRING,
fsipv6SecSrcAddrPrefixLen
Integer32,
fsipv6SecDestNet
OCTET STRING,
fsipv6SecDestAddrPrefixLen
Integer32
}
fsipv6SecAccessIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This value of the object is used to get a unique
entry in the access table. This index is used
by the selector table to get an entry from the
access table. This index is used to get a
range of source IPv6 addresses from the access
table for validating the src addr and destination
address of the packets"
::= { fsIpv6SecAccessEntry 1 }
fsipv6SecAccessStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create and delete rows
from the fsipv6SecAccessTable. It can be set
to the value of createAndGo(4),createAndWait(5),
notInService(2),active(1) and destroy(6).
This object can be configured only when the
ipsec admin status is disable"
::= { fsIpv6SecAccessEntry 2 }
fsipv6SecSrcNet OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A unique non-zero value identifying the source IPv6
network for a given access index."
::= { fsIpv6SecAccessEntry 3 }
fsipv6SecSrcAddrPrefixLen OBJECT-TYPE
SYNTAX Integer32 (1..128)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The length of the prefix (in bits) associated with the
IPv6 source address of this entry."
::= { fsIpv6SecAccessEntry 4 }
fsipv6SecDestNet OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A unique non-zero value identifying the destination IPv6
network for a given access index."
::= { fsIpv6SecAccessEntry 5 }
fsipv6SecDestAddrPrefixLen OBJECT-TYPE
SYNTAX Integer32 (1..128)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The length of the prefix (in bits) associated with the
IPv6 destination address of this entry."
::= { fsIpv6SecAccessEntry 6 }
-- Security Policy Database
fsipv6SecPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"List of policies that determine the disposition
of all IP traffic"
::= { fsipv6SecConfig 3 }
fsIpv6SecPolicyEntry OBJECT-TYPE
SYNTAX FsIpv6SecPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the Security Policy Table that
specifies what services are to be offered to
IP datagrams and in what fashion. "
INDEX { fsipv6SecPolicyIndex }
::= { fsipv6SecPolicyTable 1 }
FsIpv6SecPolicyEntry ::=
SEQUENCE {
fsipv6SecPolicyIndex
Integer32,
fsipv6SecPolicyFlag
INTEGER,
fsipv6SecPolicyMode
INTEGER,
fsipv6SecPolicySaBundle
DisplayString,
fsipv6SecPolicyOptionsIndex
Integer32,
fsipv6SecPolicyStatus
RowStatus
}
fsipv6SecPolicyIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A unique non-zero value identifying the particular
security policy entry.This index is used by the
the selector table to get the policy entry for a
given selector entry"
::= { fsIpv6SecPolicyEntry 1 }
fsipv6SecPolicyFlag OBJECT-TYPE
SYNTAX INTEGER {
apply (3), -- applies IPSEC on the packet
bypass (4) -- bypasses the IPSEC for the packet
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The choices that can be applied on
any outbound/inbound datagrams."
::= { fsIpv6SecPolicyEntry 2 }
fsipv6SecPolicyMode OBJECT-TYPE
SYNTAX INTEGER {
manual (1),
automatic (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The mode of creation of security association
entries."
::= { fsIpv6SecPolicyEntry 3 }
fsipv6SecPolicySaBundle OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to associate Security
association entries with each policy entry.
The Policy entry is mapped to the secassoc
entries by specifying the secassoc indicies
in the format (1.2.3.4) where (1,2,3,4) are
the indicies of the 4 Independent secassoc
entries.If only one secassoc is to be mapped
then the index of that particular secassoc
alone can be specified"
::= { fsIpv6SecPolicyEntry 4 }
fsipv6SecPolicyOptionsIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Refers to the IKE Options."
::= { fsIpv6SecPolicyEntry 5 }
fsipv6SecPolicyStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create and delete rows
from the fsipv6SecPolicyTable. It can be set
to the value of createAndGo(4),createAndWait(5),
notInService(2),active(1) and destroy(6).
This object can be configured only when the ipsec
admin status is disable"
::= { fsIpv6SecPolicyEntry 6 }
-- Security Association Table.
-- The IPv6 Security Association table contains the security
-- association between a source and destination. This table
-- is consulted for authenticating and encrypting incoming
-- and outgoing datagrams. Each entry represents a security
-- mapping between a source and destination and specifies the
-- Authentication algorithm and key, the Security Parameter
-- Index (SPI) value and the direction of the mapping.
-- Entries created/deleted from SNMP.
fsipv6SecAssocTable OBJECT-TYPE
SYNTAX SEQUENCE OF Fsipv6SecAssocEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains the security association
between a source and destination. It is
consulted for authentication and Ciphering of
inbound and outbound datagrams.Datagrams which
are forwarded by this entity are not authenticated."
::= { fsipv6SecConfig 4 }
fsipv6SecAssocEntry OBJECT-TYPE
SYNTAX Fsipv6SecAssocEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the IPv6 Security Association Table.
Each entry specifies the mapping between a
particular source and destination address. The
entry specifies the authentication algorithm and
key to use, the direction of authentication
(inbound or outbound) and a Security Parameter Index (SPI)."
INDEX { fsipv6SecAssocIndex }
::= { fsipv6SecAssocTable 1 }
Fsipv6SecAssocEntry ::=
SEQUENCE {
fsipv6SecAssocIndex
Integer32,
fsipv6SecAssocDstAddr
OCTET STRING,
fsipv6SecAssocProtocol
INTEGER,
fsipv6SecAssocSpi
Integer32,
fsipv6SecAssocMode
INTEGER,
fsipv6SecAssocAhAlgo
INTEGER,
fsipv6SecAssocAhKey
OCTET STRING,
fsipv6SecAssocEspAlgo
INTEGER,
fsipv6SecAssocEspKey
OCTET STRING,
fsipv6SecAssocEspKey2
OCTET STRING,
fsipv6SecAssocEspKey3
OCTET STRING,
fsipv6SecAssocLifetimeInBytes
INTEGER,
fsipv6SecAssocLifetime
Integer32,
fsipv6SecAssocAntiReplay
INTEGER,
fsipv6SecAssocStatus
RowStatus
}
fsipv6SecAssocIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A unique non-zero value identifying the
particular Security Association.
This index value is used by the object
fsipv6SecPolicySaBundle of the policy
table to associate the policy entries to
the secassoc entries"
::= { fsipv6SecAssocEntry 1 }
fsipv6SecAssocDstAddr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This destination address is matched with the
destination address in the packet during
authentication of inbound and outbound datagrams."
::= { fsipv6SecAssocEntry 2 }
fsipv6SecAssocProtocol OBJECT-TYPE
SYNTAX INTEGER {
espproto(50),
ahproto(51)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Security header used for either authentication
(AH) or encryption (ESP)."
::= { fsipv6SecAssocEntry 3 }
fsipv6SecAssocSpi OBJECT-TYPE
SYNTAX Integer32 (256..2147483647)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is an arbitrary 32-bit value identifying
the security association for this datagram. The
Security Parameter Index value 0 is reserved to
Indicate that 'no security association exists'.
The set of Security Parameters Index values
In the range 1 through 255 are reserved to
the IANA for future use. Any SPI value greater
than 255 can be configured."
::= { fsipv6SecAssocEntry 4 }
fsipv6SecAssocMode OBJECT-TYPE
SYNTAX INTEGER {
tunnel (1), -- tunnel mode
transport (2) -- transport mode
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The supporting security association mode.
The secassoc mode is configured as Transport or Tunnel
when the router is acting as a host. A Security gateway
can be configured only in tunnel mode"
::= { fsipv6SecAssocEntry 5 }
fsipv6SecAssocAhAlgo OBJECT-TYPE
SYNTAX INTEGER {
null (0),
hmacmd5 (1),
hmacsha1 (2),
keyedmd5 (3),
md5 (4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The authentication algorithm configured for
the particular security association entry.
This object is not mandatory for creation
of an entry.Setting the algorithm to keyed-md5(2)
or hmac-md5 (3),hmacsha1(4) requires a key for
authentication."
::= { fsipv6SecAssocEntry 6 }
fsipv6SecAssocAhKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..20))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is the key used for authentication
when the algorithm configured is either
keyed-md5 or hmac-md5 or hmach-sha1 .
This object is not mandatory for creation
of an entry. If the algorithm is md5,
no key needs to be specified.For KeyedMd5
and HmacMd5 the key size must be 16 bytes and
for HmacSha1 the key size must be 20 bytes "
::= { fsipv6SecAssocEntry 7 }
fsipv6SecAssocEspAlgo OBJECT-TYPE
SYNTAX INTEGER {
descbc (2),
threedescbc (3),
null (11),
aes (12)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The type of algorithm used for Encapsulation
Security Palyload (ESP) Header.This object is to
be configured only if the Security protocol to be
used is ESP"
::= { fsipv6SecAssocEntry 8 }
fsipv6SecAssocEspKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..8))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"ESP authentication key.This must be of
8 Bytes only "
::= { fsipv6SecAssocEntry 9 }
fsipv6SecAssocEspKey2 OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..8))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used for configuring the second key
of 3des-cbc.This key must be 8 Bytes only "
::= { fsipv6SecAssocEntry 10 }
fsipv6SecAssocEspKey3 OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..8))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used for configuring the third key
of 3des-cbc.This key must be 8 Bytes only"
::= { fsipv6SecAssocEntry 11 }
fsipv6SecAssocLifetimeInBytes OBJECT-TYPE
SYNTAX INTEGER(0 .. 2147483647)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The timer interval interms of number of bytes.
IPSEC counts the number of bytes to which the
IPSEC algorithm is applied. This object specifies the
allowed maximum number of bytes. If the value is 0,
it signifies that the lifetime is infinity.
By default it is set to infinity."
::= { fsipv6SecAssocEntry 12 }
fsipv6SecAssocLifetime OBJECT-TYPE
SYNTAX Integer32 (0|300 .. 2592000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This specifies the duration in seconds for which
this Security Association remains active. After this
time interval, the entry becomes inactive and has to
be manually made active again. If the value is 0,
it signifies that the lifetime is infinity. By default
it is set to infinity. Valid values are in the
range 300 to 2592000."
::= { fsipv6SecAssocEntry 13 }
fsipv6SecAssocAntiReplay OBJECT-TYPE
SYNTAX INTEGER {
enable (1),
disable (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object is used for activating the anti
repaly functionality of the security protocols"
::= { fsipv6SecAssocEntry 14 }
fsipv6SecAssocStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create and delete rows
from the fsipv6SecAssocTable. It can be set
to the value of createAndGo(4),createAndWait(5),
notInService(2),active(1) and destroy(6).
This object can be configured only when the ipsec
admin status is disable"
::= { fsipv6SecAssocEntry 15 }
--fsipv6SecConfig Tables END
-- fsipv6SecStats Tables BEGIN
-- Interface Specific IPSEC Statistics table
fsipv6SecIfStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecIfStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IPSEC statistics table based on per interface."
::= { fsipv6SecStats 1 }
fsIpv6SecIfStatsEntry OBJECT-TYPE
SYNTAX FsIpv6SecIfStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the Interface Statistics table."
INDEX { fsipv6SecIfIndex }
::= { fsipv6SecIfStatsTable 1 }
FsIpv6SecIfStatsEntry ::=
SEQUENCE {
fsipv6SecIfIndex
Integer32,
fsipv6SecIfInPkts
Counter32,
fsipv6SecIfOutPkts
Counter32,
fsipv6SecIfPktsApply
Counter32,
fsipv6SecIfPktsDiscard
Counter32,
fsipv6SecIfPktsBypass
Counter32
}
fsipv6SecIfIndex OBJECT-TYPE
SYNTAX Integer32 (1..100)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index value which uniquely identifies
the IPv6 interface on which this interface
statistics table entry exists. The interface
identified by a particular value of this index is
the same interface as identified by the same value of
ipv6IfIndex."
::= { fsIpv6SecIfStatsEntry 1 }
fsipv6SecIfInPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets recieved on the specified
interface."
::= { fsIpv6SecIfStatsEntry 2 }
fsipv6SecIfOutPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets sent on the specified
interface."
::= { fsIpv6SecIfStatsEntry 3 }
fsipv6SecIfPktsApply OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets for which security is
applied which are of either inbound or
outbound."
::= { fsIpv6SecIfStatsEntry 4 }
fsipv6SecIfPktsDiscard OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets dropped either of
inbound or outbound."
::= { fsIpv6SecIfStatsEntry 5 }
fsipv6SecIfPktsBypass OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets for which IPSEC is not
applied which are of either inbound
or outbound."
::= { fsIpv6SecIfStatsEntry 6 }
-- AH/ESP Specific IPSEC Statistics table
fsipv6SecAhEspStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecAhEspStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"AH/ESP related statistics table."
::= { fsipv6SecStats 2 }
fsIpv6SecAhEspStatsEntry OBJECT-TYPE
SYNTAX FsIpv6SecAhEspStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the AH/ESP statistics Table. "
INDEX { fsipv6SecAhEspIfIndex }
::= { fsipv6SecAhEspStatsTable 1 }
FsIpv6SecAhEspStatsEntry ::=
SEQUENCE {
fsipv6SecAhEspIfIndex
INTEGER,
fsipv6SecInAhPkts
Counter32,
fsipv6SecOutAhPkts
Counter32,
fsipv6SecAhPktsAllow
Counter32,
fsipv6SecAhPktsDiscard
Counter32,
fsipv6SecInEspPkts
Counter32,
fsipv6SecOutEspPkts
Counter32,
fsipv6SecEspPktsAllow
Counter32,
fsipv6SecEspPktsDiscard
Counter32
}
fsipv6SecAhEspIfIndex OBJECT-TYPE
SYNTAX INTEGER (1..100)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index value which uniquely identifies
the IPv6 interface on which this statistics
table entry exists. The interface identified by a
particular value of this index is the same
interface as identified by the same value of ipv6IfIndex."
::= { fsIpv6SecAhEspStatsEntry 1 }
fsipv6SecInAhPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of AH packets recieved."
::= { fsIpv6SecAhEspStatsEntry 2 }
fsipv6SecOutAhPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of AH packets sent."
::= { fsIpv6SecAhEspStatsEntry 3 }
fsipv6SecAhPktsAllow OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of AH packets allowed."
::= { fsIpv6SecAhEspStatsEntry 4 }
fsipv6SecAhPktsDiscard OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of AH packets discarded."
::= { fsIpv6SecAhEspStatsEntry 5 }
fsipv6SecInEspPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of ESP packets received."
::= { fsIpv6SecAhEspStatsEntry 6 }
fsipv6SecOutEspPkts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of ESP packets sent."
::= { fsIpv6SecAhEspStatsEntry 7 }
fsipv6SecEspPktsAllow OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of ESP packets allowed."
::= { fsIpv6SecAhEspStatsEntry 8 }
fsipv6SecEspPktsDiscard OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of ESP packets discarded."
::= { fsIpv6SecAhEspStatsEntry 9 }
-- AH/ESP Specific IPSEC Intru table
fsipv6SecAhEspIntruTable OBJECT-TYPE
SYNTAX SEQUENCE OF FsIpv6SecAhEspIntruEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"AH/ESP related Intru table."
::= { fsipv6SecStats 3}
fsIpv6SecAhEspIntruEntry OBJECT-TYPE
SYNTAX FsIpv6SecAhEspIntruEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the AH/ESP intruder Table. "
INDEX { fsipv6SecAhEspIntruIndex }
::= { fsipv6SecAhEspIntruTable 1 }
FsIpv6SecAhEspIntruEntry ::=
SEQUENCE {
fsipv6SecAhEspIntruIndex
Integer32,
fsipv6SecAhEspIntruIfIndex
Integer32,
fsipv6SecAhEspIntruSrcAddr
OCTET STRING,
fsipv6SecAhEspIntruDestAddr
OCTET STRING,
fsipv6SecAhEspIntruProto
INTEGER,
fsipv6SecAhEspIntruTime
Counter32
}
fsipv6SecAhEspIntruIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the index of the entry in the table."
::= { fsIpv6SecAhEspIntruEntry 1 }
fsipv6SecAhEspIntruIfIndex OBJECT-TYPE
SYNTAX Integer32 (1..100)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index value which uniquely identifies
the IPv6 interface on which this statistics
table entry exists. The interface identified
by a particular value of this index is the same
interface as identified by the same value of
ipv6IfIndex."
::= { fsIpv6SecAhEspIntruEntry 2 }
fsipv6SecAhEspIntruSrcAddr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Intru's source address."
::= { fsIpv6SecAhEspIntruEntry 3 }
fsipv6SecAhEspIntruDestAddr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Intru's destination address."
::= { fsIpv6SecAhEspIntruEntry 4 }
fsipv6SecAhEspIntruProto OBJECT-TYPE
SYNTAX INTEGER {
ahproto (51),
espproto (50)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Intru's Protocol."
::= { fsIpv6SecAhEspIntruEntry 5 }
fsipv6SecAhEspIntruTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time of intruders attack."
::= { fsIpv6SecAhEspIntruEntry 6 }
-- fsipv6SecStats Tables END
END
View Git Blame Copy Permalink