504 lines
18 KiB
Plaintext
504 lines
18 KiB
Plaintext
-- ZyXEL Communications Corporation
|
|
-- Private Enterprise MIB definition
|
|
|
|
-- This file describes the ZyXEL Communications Corporation Enterprise MIB.
|
|
-- It contains ZyXEL products OIDs, and common managed objects.
|
|
|
|
-- $Log: ZYXEL-ARP-INSPECTION-MIB.mib $
|
|
-- Revision 1.5 2013/12/06 07:02:15 ccho
|
|
-- remove uncessary imports
|
|
-- Revision 1.4 2013/11/06 05:41:03 ccho
|
|
-- fix mib style
|
|
-- Revision 1.3 2012/09/19 07:29:17 Kevin
|
|
-- if it's leaf node, revise the vender name from zyxel to zy
|
|
-- Revision 1.2 2012/07/05 06:22:05 Kevin
|
|
-- 1. upgrade from SNMP to SNMPv2
|
|
-- 2. clean warning
|
|
-- Revision 1.1 2012/05/30 07:48:10 Kevin
|
|
-- Initial revision
|
|
|
|
ZYXEL-ARP-INSPECTION-MIB DEFINITIONS ::= BEGIN
|
|
IMPORTS
|
|
OBJECT-TYPE
|
|
FROM SNMPv2-SMI -- RFC2578
|
|
|
|
MODULE-IDENTITY
|
|
FROM SNMPv2-SMI
|
|
|
|
DisplayString
|
|
FROM SNMPv2-TC
|
|
|
|
DateAndTime, MacAddress
|
|
FROM SNMPv2-TC -- RFC2579
|
|
|
|
EnabledStatus
|
|
FROM P-BRIDGE-MIB
|
|
|
|
dot1dBasePort
|
|
FROM BRIDGE-MIB
|
|
|
|
IpAddress
|
|
FROM SNMPv2-SMI
|
|
|
|
Counter32
|
|
FROM SNMPv2-SMI
|
|
|
|
esMgmt
|
|
FROM ZYXEL-ES-SMI;
|
|
|
|
zyxelArpInspection MODULE-IDENTITY
|
|
LAST-UPDATED "201207010000Z"
|
|
ORGANIZATION "Enterprise Solution ZyXEL"
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"The subtree for arp inspection"
|
|
::= { esMgmt 12 }
|
|
|
|
zyxelArpInspectSetup OBJECT IDENTIFIER ::= { zyxelArpInspection 1 }
|
|
zyxelArpInspectStatus OBJECT IDENTIFIER ::= { zyxelArpInspection 2 }
|
|
|
|
|
|
--
|
|
--
|
|
-- 12. zyxelArpInspection
|
|
--
|
|
--
|
|
|
|
-- 1.zyxelArpInspectSetup
|
|
|
|
zyArpInspectState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable ARP inspection on the switch."
|
|
::= { zyxelArpInspectSetup 1 }
|
|
|
|
zyArpInspectFilterAgingTime OBJECT-TYPE
|
|
SYNTAX INTEGER (0..2147483647)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter how long (1-2147483647 seconds) the MAC address filter remains in the switch after
|
|
the switch identifies an unauthorized ARP packet. The switch automatically deletes the
|
|
MAC address filter afterwards. Type 0 if you want the MAC address filter to be permanent."
|
|
::= { zyxelArpInspectSetup 2 }
|
|
|
|
zyxelArpInspectLog OBJECT IDENTIFIER ::= { zyxelArpInspectSetup 3 }
|
|
|
|
zyArpInspectLogEntries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..1024)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter the maximum number (1-1024) of log messages that were generated by ARP packets and
|
|
have not been sent to the syslog server yet. Make sure this number is appropriate for
|
|
the specified syslog rate and Log interval. If the number of log messages in the switch
|
|
exceeds this number, the switch stops recording log messages and simply starts counting
|
|
the number of entries that were dropped due to unavailable buffer."
|
|
::= { zyxelArpInspectLog 1 }
|
|
|
|
zyArpInspectLogRate OBJECT-TYPE
|
|
SYNTAX INTEGER (0..1024)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter the maximum number of syslog messages the switch can send to the syslog server in one batch.
|
|
This number is expressed as a rate because the batch frequency is determined by the Log Interval.
|
|
You must configure the syslog server to use this. Enter 0 if you do not want the switch to send
|
|
log messages generated by ARP packets to the syslog server."
|
|
::= { zyxelArpInspectLog 2 }
|
|
|
|
zyArpInspectLogInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (0..2147483647)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter how often (1-86400 seconds) the switch sends a batch of syslog messages to the syslog server.
|
|
Enter 0 if you want the switch to send syslog messages immediately."
|
|
::= { zyxelArpInspectLog 3 }
|
|
|
|
zyxelArpInspectVlanTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelArpInspectVlanEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains ARP inspection VLAN configuration."
|
|
::= { zyxelArpInspectSetup 4 }
|
|
|
|
zyxelArpInspectVlanEntry OBJECT-TYPE
|
|
SYNTAX ZyxelArpInspectVlanEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains ARP inspection VLAN configuration."
|
|
INDEX { zyArpInspectVlanVid }
|
|
::= { zyxelArpInspectVlanTable 1 }
|
|
|
|
ZyxelArpInspectVlanEntry ::=
|
|
SEQUENCE {
|
|
zyArpInspectVlanVid INTEGER,
|
|
zyArpInspectVlanState EnabledStatus,
|
|
zyArpInspectVlanLog INTEGER
|
|
}
|
|
|
|
zyArpInspectVlanVid OBJECT-TYPE
|
|
SYNTAX INTEGER (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN ID of each VLAN."
|
|
::= { zyxelArpInspectVlanEntry 1 }
|
|
|
|
zyArpInspectVlanState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable ARP inspection on the VLAN."
|
|
::= { zyxelArpInspectVlanEntry 2 }
|
|
|
|
zyArpInspectVlanLog OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
all (1),
|
|
none (2),
|
|
permit (3),
|
|
deny (4)
|
|
}
|
|
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify when the switch generates log messages for receiving ARP packets from the VLAN.
|
|
None: The switch does not generate any log messages when it receives an ARP packet from the VLAN.
|
|
Deny: The switch generates log messages when it discards an ARP packet from the VLAN.
|
|
Permit: The switch generates log messages when it forwards an ARP packet from the VLAN.
|
|
All: The switch generates log messages every time it receives an ARP packet from the VLAN."
|
|
::= { zyxelArpInspectVlanEntry 3 }
|
|
|
|
zyxelArpInspectPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelArpInspectPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains ARP inspection port configuration."
|
|
::= { zyxelArpInspectSetup 5 }
|
|
|
|
zyxelArpInspectPortEntry OBJECT-TYPE
|
|
SYNTAX ZyxelArpInspectPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains ARP inspection port configuration. "
|
|
INDEX { dot1dBasePort }
|
|
::= { zyxelArpInspectPortTable 1 }
|
|
|
|
ZyxelArpInspectPortEntry ::=
|
|
SEQUENCE {
|
|
zyArpInspectPortTrustState EnabledStatus,
|
|
zyArpInspectPortRate INTEGER,
|
|
zyArpInspectPortInterval INTEGER
|
|
}
|
|
|
|
zyArpInspectPortTrustState OBJECT-TYPE
|
|
SYNTAX EnabledStatus {
|
|
trusted(1),
|
|
untrusted(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable this port to be a trusted port (enable) or an untrusted port (disable).
|
|
The switch does not discard ARP packets on trusted ports for any reason."
|
|
::= { zyxelArpInspectPortEntry 1 }
|
|
|
|
zyArpInspectPortRate OBJECT-TYPE
|
|
SYNTAX INTEGER (0..2048)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the maximum rate (1-2048 packets per second) at which the switch receives ARP packets
|
|
from each port. The switch discards any additional ARP packets. Enter 0 to disable this limit."
|
|
::= { zyxelArpInspectPortEntry 2 }
|
|
|
|
zyArpInspectPortInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (1..15)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter the length (1-15 seconds) of the burst interval. The burst interval is the length of time
|
|
over which the rate of ARP packets is monitored for each port. For example, if the Rate is 15 pps
|
|
and the burst interval is 1 second, then the switch accepts a maximum of 15 ARP packets in every
|
|
one-second interval. If the burst interval is 5 seconds, then the switch accepts a maximum of
|
|
75 ARP packets in every five-second interval."
|
|
::= { zyxelArpInspectPortEntry 3 }
|
|
|
|
-- 2.zyxelArpInspectStatus
|
|
|
|
zyArpInspectFilterClearAll OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Delete all ARP inspection filters from the switch."
|
|
::= { zyxelArpInspectStatus 1 }
|
|
|
|
zyArpInspectLogClear OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Delete all ARP inspection log from the switch."
|
|
::= { zyxelArpInspectStatus 2 }
|
|
|
|
zyxelArpInspectFilterTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelArpInspectFilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains ARP inspection filter information."
|
|
::= { zyxelArpInspectStatus 3 }
|
|
|
|
zyxelArpInspectFilterEntry OBJECT-TYPE
|
|
SYNTAX ZyxelArpInspectFilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains ARP inspection filter information."
|
|
INDEX { zyArpInspectFilterMacAddress, zyArpInspectFilterVid }
|
|
::= { zyxelArpInspectFilterTable 1 }
|
|
|
|
ZyxelArpInspectFilterEntry ::=
|
|
SEQUENCE {
|
|
zyArpInspectFilterMacAddress MacAddress,
|
|
zyArpInspectFilterVid INTEGER,
|
|
zyArpInspectFilterPort INTEGER,
|
|
zyArpInspectFilterExpiry INTEGER,
|
|
zyArpInspectFilterClear EnabledStatus
|
|
}
|
|
|
|
zyArpInspectFilterMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source MAC address in ARP inspection filter."
|
|
::= { zyxelArpInspectFilterEntry 1 }
|
|
|
|
zyArpInspectFilterVid OBJECT-TYPE
|
|
SYNTAX INTEGER (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source VLAN ID in ARP inspection filter."
|
|
::= { zyxelArpInspectFilterEntry 2 }
|
|
|
|
zyArpInspectFilterPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source port of the discarded ARP packet."
|
|
::= { zyxelArpInspectFilterEntry 3 }
|
|
|
|
zyArpInspectFilterExpiry OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays how long (in seconds) the ARP inspection filter remains in the switch."
|
|
::= { zyxelArpInspectFilterEntry 4 }
|
|
|
|
zyArpInspectFilterClear OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object allow entry to be deleted an ARP inspect filter entry."
|
|
::= { zyxelArpInspectFilterEntry 6 }
|
|
|
|
zyxelArpInspectLogTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelArpInspectLogEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains ARP inspection log information."
|
|
::= { zyxelArpInspectStatus 4 }
|
|
|
|
zyxelArpInspectLogEntry OBJECT-TYPE
|
|
SYNTAX ZyxelArpInspectLogEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains ARP inspection log information. "
|
|
INDEX { zyArpInspectLogMacAdderss, zyArpInspectLogVid, zyArpInspectLogPort, zyArpInspectLogIpAddress, zyArpInspectLogReasonType }
|
|
::= { zyxelArpInspectLogTable 1 }
|
|
|
|
ZyxelArpInspectLogEntry ::=
|
|
SEQUENCE {
|
|
zyArpInspectLogMacAdderss MacAddress,
|
|
zyArpInspectLogVid INTEGER,
|
|
zyArpInspectLogPort INTEGER,
|
|
zyArpInspectLogIpAddress IpAddress,
|
|
zyArpInspectLogNumberPacket INTEGER,
|
|
zyArpInspectLogReasonType INTEGER,
|
|
zyArpInspectLogTime DisplayString
|
|
}
|
|
|
|
zyArpInspectLogMacAdderss OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source MAC address of the ARP packet."
|
|
::= { zyxelArpInspectLogEntry 1 }
|
|
|
|
zyArpInspectLogVid OBJECT-TYPE
|
|
SYNTAX INTEGER (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source VLAN ID of the ARP packet."
|
|
::= { zyxelArpInspectLogEntry 2 }
|
|
|
|
zyArpInspectLogPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source port of the ARP packet."
|
|
::= { zyxelArpInspectLogEntry 3 }
|
|
|
|
zyArpInspectLogIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the source IP address of the ARP packet."
|
|
::= { zyxelArpInspectLogEntry 4 }
|
|
|
|
zyArpInspectLogNumberPacket OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the number of ARP packets that were consolidated into this log message.
|
|
The switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message."
|
|
::= { zyxelArpInspectLogEntry 5 }
|
|
|
|
zyArpInspectLogReasonType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
deny (1),
|
|
denyStatic (2),
|
|
denyDHCP (3),
|
|
permitStatic (4),
|
|
permitDHCP (5)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the reason the log message was generated.
|
|
dhcp deny: An ARP packet was discarded because it violated a dynamic binding with the same MAC address and VLAN ID.
|
|
static deny: An ARP packet was discarded because it violated a static binding with the same MAC address and VLAN ID.
|
|
deny: An ARP packet was discarded because there were no bindings with the same MAC address and VLAN ID.
|
|
dhcp permit: An ARP packet was forwarded because it matched a dynamic binding.
|
|
static permit: An ARP packet was forwarded because it matched a static binding."
|
|
::= { zyxelArpInspectLogEntry 6 }
|
|
|
|
zyArpInspectLogTime OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays when the log message was generated."
|
|
::= { zyxelArpInspectLogEntry 7 }
|
|
|
|
zyxelArpInspectStatisticsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelArpInspectStatisticsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains ARP inspection statistics information."
|
|
::= { zyxelArpInspectStatus 5 }
|
|
|
|
zyxelArpInspectStatisticsEntry OBJECT-TYPE
|
|
SYNTAX ZyxelArpInspectStatisticsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains ARP inspection statistics information. "
|
|
INDEX { zyArpInspectStatisticsVid }
|
|
::= { zyxelArpInspectStatisticsTable 1 }
|
|
|
|
ZyxelArpInspectStatisticsEntry ::=
|
|
SEQUENCE {
|
|
zyArpInspectStatisticsVid INTEGER,
|
|
zyArpInspectStatisticsReceived Counter32,
|
|
zyArpInspectStatisticsRequest Counter32,
|
|
zyArpInspectStatisticsReply Counter32,
|
|
zyArpInspectStatisticsForward Counter32,
|
|
zyArpInspectStatisticsDrop Counter32,
|
|
zyArpInspectStatisticsClear EnabledStatus
|
|
}
|
|
|
|
zyArpInspectStatisticsVid OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN ID of each VLAN."
|
|
::= { zyxelArpInspectStatisticsEntry 1 }
|
|
|
|
zyArpInspectStatisticsReceived OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the total number of ARP packets received from the VLAN since the switch last restarted."
|
|
::= { zyxelArpInspectStatisticsEntry 2 }
|
|
|
|
zyArpInspectStatisticsRequest OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the total number of ARP Request packets received from the VLAN since the switch last restarted."
|
|
::= { zyxelArpInspectStatisticsEntry 3 }
|
|
|
|
zyArpInspectStatisticsReply OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the total number of ARP Reply packets received from the VLAN since the switch last restarted."
|
|
::= { zyxelArpInspectStatisticsEntry 4 }
|
|
|
|
zyArpInspectStatisticsForward OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the total number of ARP packets the switch forwarded for the VLAN since the switch last restarted."
|
|
::= { zyxelArpInspectStatisticsEntry 5 }
|
|
|
|
zyArpInspectStatisticsDrop OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This field displays the total number of ARP packets the switch discarded for the VLAN since the switch last restarted."
|
|
::= { zyxelArpInspectStatisticsEntry 6 }
|
|
|
|
zyArpInspectStatisticsClear OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Removes ARP inspection statistics for the specified VLAN."
|
|
::= { zyxelArpInspectStatisticsEntry 7 }
|
|
|
|
|
|
END
|
|
|