309 lines
11 KiB
Plaintext
309 lines
11 KiB
Plaintext
--**************************************************************************
|
|
--
|
|
-- Copyright 2007 Broadcom Corporation
|
|
-- All Rights Reserved
|
|
-- No portions of this material may be reproduced in any form without the
|
|
-- written permission of:
|
|
-- Broadcom Corporation
|
|
-- 16251 Laguna Canyon Road
|
|
-- Irvine, California 92618
|
|
-- All information contained in this document is Broadcom Corporation
|
|
-- company private, proprietary, and trade secret.
|
|
--
|
|
--
|
|
--
|
|
--**************************************************************************
|
|
-- Filename: brcm-telnet-mgmt.mib
|
|
-- Author: Kevin O'Neal
|
|
-- Creation Date: 6-march-2003
|
|
--
|
|
--**************************************************************************
|
|
-- Description:
|
|
--
|
|
-- private MIB for runtime (not factory) CM management
|
|
--
|
|
--**************************************************************************
|
|
-- Revision History:
|
|
--
|
|
--**************************************************************************
|
|
|
|
BRCM-TELNET-MGMT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
NOTIFICATION-TYPE,
|
|
Integer32,
|
|
Unsigned32,
|
|
IpAddress,
|
|
TimeTicks
|
|
FROM SNMPv2-SMI
|
|
DisplayString,
|
|
TruthValue
|
|
FROM SNMPv2-TC
|
|
InetAddressType,
|
|
InetAddress
|
|
FROM INET-ADDRESS-MIB
|
|
cableDataMgmtBase
|
|
FROM BRCM-CABLEDATA-MGMT-MIB;
|
|
|
|
telnetMgmt MODULE-IDENTITY
|
|
LAST-UPDATED "200702050000Z"
|
|
ORGANIZATION "Broadcom Corporation"
|
|
CONTACT-INFO
|
|
" BANANA-CABLEDATA
|
|
(cableData branch of the
|
|
Broadcom Assigned Numbers and Naming Authority)
|
|
Broadcom Corporation
|
|
|
|
Postal: 4385 River Green Parkway
|
|
Duluth, GA 30096
|
|
USA
|
|
|
|
Tel: +1 770 232-0018
|
|
|
|
E-mail: banana-cabledata@broadcom.com"
|
|
DESCRIPTION
|
|
"Broadcom proprietary MIB for runtime management and configuration
|
|
of objects related to telnet."
|
|
REVISION "200702050000Z"
|
|
DESCRIPTION
|
|
"Module description was updated.
|
|
Compilability issues were cleaned up:
|
|
- Chronological order of revision history was corrected.
|
|
- Changed access of objects telnetHackerAddressType and
|
|
telnetHackerAddress from not-accessible to accessible-for-notify
|
|
so that they may legally be included in the object list for
|
|
the telnetHackerTrap notification."
|
|
REVISION "200609290000Z"
|
|
DESCRIPTION
|
|
"Added object telnetHackerInactivityTimeout."
|
|
REVISION "200602020000Z"
|
|
DESCRIPTION
|
|
"Added object telnetSessionInactivityTimeout."
|
|
REVISION "200506080000Z"
|
|
DESCRIPTION
|
|
"Deprecated telnetSessionIp in favor of telnetSessionAddressType
|
|
and telnetSessionAddress objects which are IPv6 friendly. Also
|
|
added telnetHackerTable."
|
|
REVISION "200303060000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { cableDataMgmtBase 1 }
|
|
|
|
telnetIpStackInterfaces OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
interface1(0),
|
|
interface2(1),
|
|
interface3(2),
|
|
interface4(3),
|
|
interface5(4),
|
|
interface6(5),
|
|
interface7(6),
|
|
interface8(7)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Controls and reflects the IP stack interfaces on which a telnet server
|
|
is active."
|
|
DEFVAL { '00'h }
|
|
::= { telnetMgmt 1 }
|
|
|
|
telnetUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Controls and reflects the user name which will be allowed telnet
|
|
access."
|
|
DEFVAL { "" }
|
|
::= { telnetMgmt 2 }
|
|
|
|
telnetPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Controls and reflects the password which will be allowed telnet
|
|
access."
|
|
DEFVAL { "" }
|
|
::= { telnetMgmt 3 }
|
|
|
|
telnetServerControl OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
stop(0),
|
|
start(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used to start or stop the telnet server. When read, indicates
|
|
the current state of the server."
|
|
::= { telnetMgmt 4 }
|
|
|
|
telnetSessionIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS deprecated -- in favor of telnetSessionAddressType and telnetSessionAddress
|
|
DESCRIPTION
|
|
"This object gives the IP address of the most recently connected device.
|
|
If no session has taken place since the last reboot, this object will
|
|
read 0.0.0.0."
|
|
::= { telnetMgmt 5 }
|
|
|
|
telnetSessionInProgress OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates whether or not a telnet session is currently in progress."
|
|
::= { telnetMgmt 6 }
|
|
|
|
telnetForceUserLogout OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If a telnet session is currently in progress, setting this object
|
|
to true(1) will terminate the session. Setting to false(2) has
|
|
no effect. Always returns false(2) when read."
|
|
::= { telnetMgmt 7 }
|
|
|
|
telnetSessionAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of internet address used for telnetSessionAddress."
|
|
::= { telnetMgmt 8 }
|
|
|
|
telnetSessionAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object gives the address of the most recently connected device.
|
|
If no session has taken place since the last reboot, this object will
|
|
report an empty string."
|
|
::= { telnetMgmt 9 }
|
|
|
|
telnetHackerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TelnetHackerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of internet addresses which have been blacklisted from telnet
|
|
access on this station. Blacklisting occurs when a login attempt
|
|
fails a number of times from the given address."
|
|
::= { telnetMgmt 10 }
|
|
|
|
telnetHackerEntry OBJECT-TYPE
|
|
SYNTAX TelnetHackerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry representing a single blacklisted address."
|
|
INDEX { telnetHackerAddressType, telnetHackerAddress }
|
|
::= { telnetHackerTable 1 }
|
|
|
|
TelnetHackerEntry ::=
|
|
SEQUENCE {
|
|
telnetHackerAddressType InetAddressType,
|
|
telnetHackerAddress InetAddress,
|
|
telnetHackerNumAttempts Unsigned32,
|
|
telnetHackerLastTime TimeTicks
|
|
}
|
|
|
|
telnetHackerAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of internet address used for telnetHackerAddress."
|
|
::= { telnetHackerEntry 1 }
|
|
|
|
telnetHackerAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of an device which has unsuccessfully attempted to log in
|
|
to this station enough times to be blacklisted as a hacker."
|
|
::= { telnetHackerEntry 2 }
|
|
|
|
telnetHackerNumAttempts OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times that the device represented by this entry has
|
|
attempted to log in to this station."
|
|
::= { telnetHackerEntry 3 }
|
|
|
|
telnetHackerLastTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of sysUpTime when this row was created, or when the value
|
|
of telnetHackerNumAttempts was last incremented."
|
|
::= { telnetHackerEntry 4 }
|
|
|
|
telnetSessionInactivityTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (0..86400)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls the length of time after which a telnet session
|
|
will be terminated if there is no activity. Note that if this object
|
|
is set to zero, the session will never be terminated due to
|
|
inactivity."
|
|
DEFVAL { 0 }
|
|
::= { telnetMgmt 11 }
|
|
|
|
telnetHackerInactivityTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (-1..86400)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls the length of time after which an entry in the
|
|
telnetHackerTable will be removed if there are no further attempts to
|
|
access the system from the corresponding telnetHackerAddress. Note
|
|
that if this object is set to zero, the telnetHackerTable will be
|
|
effectively disabled and no IP addresses will be blacklisted for
|
|
unauthorized access. If set to -1, entries in the telnetHackerTable
|
|
will never be aged out and once blacklisted, only a system reboot
|
|
will allow another attempted login from the blacklisted address."
|
|
DEFVAL { -1 }
|
|
::= { telnetMgmt 12 }
|
|
|
|
|
|
--
|
|
-- Notifications, aka traps.
|
|
--
|
|
-- Note that this MIB is rather poorly designed in that all the objects
|
|
-- reside immediately under the MODULE-IDENTITY node, so there's no really
|
|
-- good node to reserve for traps. So we'll just pick 99 which allows
|
|
-- some room to add objects if needed.
|
|
--
|
|
|
|
telnetTraps OBJECT IDENTIFIER ::= { telnetMgmt 99 }
|
|
|
|
telnetHackerTrap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
telnetHackerAddressType,
|
|
telnetHackerAddress,
|
|
telnetHackerNumAttempts,
|
|
telnetHackerLastTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry has been added to the telnetHackerTable, indicating repeated
|
|
unauthorized login attempts by the device indicated."
|
|
::= { telnetTraps 1 }
|
|
|
|
END
|