WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/cisco/CIE1000-PSEC-MIB

571 lines
19 KiB
Plaintext
Raw Blame History

-- *****************************************************************
-- PSEC-MIB: Cisco private MIB
-- ****************************************************************
CIE1000-PSEC-MIB DEFINITIONS ::= BEGIN
IMPORTS
NOTIFICATION-GROUP, MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI
TEXTUAL-CONVENTION FROM SNMPv2-TC
cie1000SwitchMgmt FROM CISCO-IE1000-MIB
CIE1000DisplayString FROM CIE1000-TC
CIE1000InterfaceIndex FROM CIE1000-TC
CIE1000Unsigned16 FROM CIE1000-TC
Unsigned32 FROM SNMPv2-SMI
MacAddress FROM SNMPv2-TC
TruthValue FROM SNMPv2-TC
;
cie1000PsecMib MODULE-IDENTITY
LAST-UPDATED "201606020000Z"
ORGANIZATION
"Cisco Systems, Inc."
CONTACT-INFO
"Cisco Systems
Customer Service
Postal: 170 West Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
E-mail: cs-snmp@cisco.com"
DESCRIPTION
"This is a private version of the Port Security MIB"
REVISION "201606020000Z"
DESCRIPTION
"Support SNMP trap"
REVISION "201412100000Z"
DESCRIPTION
"Remove user of DHCP snooping"
REVISION "201412080000Z"
DESCRIPTION
"Add users in status port table"
REVISION "201410130000Z"
DESCRIPTION
"Initial version"
::= { cie1000SwitchMgmt 66 }
CIE1000PsecLimitActionType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This enumeration defines the Action type in psec function."
SYNTAX INTEGER { none(0), trap(1), shutdown(2),
trapShutdown(3) }
CIE1000PsecStateType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"This enumeration defines the state of Psec config."
SYNTAX INTEGER { forwarding(0), blocked(1) }
cie1000PsecMibObjects OBJECT IDENTIFIER
::= { cie1000PsecMib 1 }
cie1000PsecConfig OBJECT IDENTIFIER
::= { cie1000PsecMibObjects 2 }
cie1000PsecConfigGlobals OBJECT IDENTIFIER
::= { cie1000PsecConfig 1 }
cie1000PsecConfigGlobalsEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Globally enable/disable aging of secured entries. This doesn't affect
aging of addresses secured by other modules."
::= { cie1000PsecConfigGlobals 1 }
cie1000PsecConfigGlobalsEnableAging OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If aging is globally enabled, this is the aging period in seconds.
Valid range is [10; 10000000] seconds(max is around 115 days)."
::= { cie1000PsecConfigGlobals 2 }
cie1000PsecConfigGlobalsAgingPeriodSecs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If aging is globally enabled, this is the aging period in seconds.
Valid range is [10; 10000000] seconds(max is around 115 days)."
::= { cie1000PsecConfigGlobals 3 }
cie1000PsecConfigPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF CIE1000PsecConfigPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is a table of port configuration per session"
::= { cie1000PsecConfig 2 }
cie1000PsecConfigPortEntry OBJECT-TYPE
SYNTAX CIE1000PsecConfigPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each session has a set of parameters"
INDEX { cie1000PsecConfigPortIfIndex }
::= { cie1000PsecConfigPortTable 1 }
CIE1000PsecConfigPortEntry ::= SEQUENCE {
cie1000PsecConfigPortIfIndex CIE1000InterfaceIndex,
cie1000PsecConfigPortEnabled TruthValue,
cie1000PsecConfigPortLimit Unsigned32,
cie1000PsecConfigPortAction CIE1000PsecLimitActionType
}
cie1000PsecConfigPortIfIndex OBJECT-TYPE
SYNTAX CIE1000InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Logical interface number of the physical port."
::= { cie1000PsecConfigPortEntry 1 }
cie1000PsecConfigPortEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls whether Port Security Limit Control is enabled for this port."
::= { cie1000PsecConfigPortEntry 2 }
cie1000PsecConfigPortLimit OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Maximum number of MAC addresses allowed on this port.Valid values =
[PSEC_LIMIT_MIN; PSEC_LIMIT_MAX]."
::= { cie1000PsecConfigPortEntry 3 }
cie1000PsecConfigPortAction OBJECT-TYPE
SYNTAX CIE1000PsecLimitActionType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Action to take if number of MAC addresses exceeds the limit. NONE(0) Do
nothing, except disallowing further clients. TRAP(1) Send an SNMP trap
notification. SHUTDOWN(2) Shut-down the port. TRAP_AND_SHUTDOWN(3) Send
an SNMP trap notification and shut-down the port."
::= { cie1000PsecConfigPortEntry 4 }
cie1000PsecStatus OBJECT IDENTIFIER
::= { cie1000PsecMibObjects 3 }
cie1000PsecStatusPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF CIE1000PsecStatusPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is a table of port configuration per session"
::= { cie1000PsecStatus 1 }
cie1000PsecStatusPortEntry OBJECT-TYPE
SYNTAX CIE1000PsecStatusPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each session has a set of parameters"
INDEX { cie1000PsecStatusPortIfIndex }
::= { cie1000PsecStatusPortTable 1 }
CIE1000PsecStatusPortEntry ::= SEQUENCE {
cie1000PsecStatusPortIfIndex CIE1000InterfaceIndex,
cie1000PsecStatusPortUsers Unsigned32,
cie1000PsecStatusPortLimitReached TruthValue,
cie1000PsecStatusPortShutdown TruthValue,
cie1000PsecStatusPortMacCount Unsigned32
}
cie1000PsecStatusPortIfIndex OBJECT-TYPE
SYNTAX CIE1000InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Logical interface number of the physical port."
::= { cie1000PsecStatusPortEntry 1 }
cie1000PsecStatusPortUsers OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Bit masks to indicate what users currently use port security on this
port. Where bit 0 - port security limit, bit 1 - 802.1x, bit 2 - voice
VLAN."
::= { cie1000PsecStatusPortEntry 2 }
cie1000PsecStatusPortLimitReached OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TRUE if the limit is reached on the port, FALSE otherwise."
::= { cie1000PsecStatusPortEntry 3 }
cie1000PsecStatusPortShutdown OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TRUE if the port is shut down, FALSE otherwise."
::= { cie1000PsecStatusPortEntry 4 }
cie1000PsecStatusPortMacCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of MAC addresses currently assigned to this port. The number
does NOT include the number of entries that are held due to a H/W
failure or S/W failure."
::= { cie1000PsecStatusPortEntry 5 }
cie1000PsecStatusPortTrapsTable OBJECT-TYPE
SYNTAX SEQUENCE OF CIE1000PsecStatusPortTrapsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is a table of port configuration per session"
::= { cie1000PsecStatus 2 }
cie1000PsecStatusPortTrapsEntry OBJECT-TYPE
SYNTAX CIE1000PsecStatusPortTrapsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each session has a set of parameters"
INDEX { cie1000PsecStatusPortTrapsIfIndex }
::= { cie1000PsecStatusPortTrapsTable 1 }
CIE1000PsecStatusPortTrapsEntry ::= SEQUENCE {
cie1000PsecStatusPortTrapsIfIndex CIE1000InterfaceIndex,
cie1000PsecStatusPortTrapsUsers Unsigned32,
cie1000PsecStatusPortTrapsLimitReached TruthValue,
cie1000PsecStatusPortTrapsShutdown TruthValue,
cie1000PsecStatusPortTrapsMacCount Unsigned32
}
cie1000PsecStatusPortTrapsIfIndex OBJECT-TYPE
SYNTAX CIE1000InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Logical interface number of the physical port."
::= { cie1000PsecStatusPortTrapsEntry 1 }
cie1000PsecStatusPortTrapsUsers OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Bit masks to indicate what users currently use port security on this
port. Where bit 0 - port security limit, bit 1 - 802.1x, bit 2 - voice
VLAN."
::= { cie1000PsecStatusPortTrapsEntry 2 }
cie1000PsecStatusPortTrapsLimitReached OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TRUE if the limit is reached on the port, FALSE otherwise."
::= { cie1000PsecStatusPortTrapsEntry 3 }
cie1000PsecStatusPortTrapsShutdown OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TRUE if the port is shut down, FALSE otherwise."
::= { cie1000PsecStatusPortTrapsEntry 4 }
cie1000PsecStatusPortTrapsMacCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of MAC addresses currently assigned to this port. The number
does NOT include the number of entries that are held due to a H/W
failure or S/W failure."
::= { cie1000PsecStatusPortTrapsEntry 5 }
cie1000PsecControl OBJECT IDENTIFIER
::= { cie1000PsecMibObjects 4 }
cie1000PsecControlPortReopenTable OBJECT-TYPE
SYNTAX SEQUENCE OF CIE1000PsecControlPortReopenEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is a table to re-open port and move it to ready state, if it was
being disabled after limit was reached."
::= { cie1000PsecControl 1 }
cie1000PsecControlPortReopenEntry OBJECT-TYPE
SYNTAX CIE1000PsecControlPortReopenEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each session has a set of parameters"
INDEX { cie1000PsecControlPortReopenIfIndex }
::= { cie1000PsecControlPortReopenTable 1 }
CIE1000PsecControlPortReopenEntry ::= SEQUENCE {
cie1000PsecControlPortReopenIfIndex CIE1000InterfaceIndex,
cie1000PsecControlPortReopenPortReOpen TruthValue
}
cie1000PsecControlPortReopenIfIndex OBJECT-TYPE
SYNTAX CIE1000InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Logical interface number of the physical port."
::= { cie1000PsecControlPortReopenEntry 1 }
cie1000PsecControlPortReopenPortReOpen OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set to true to reopen after it is shutdown"
::= { cie1000PsecControlPortReopenEntry 2 }
cie1000PsecStatistics OBJECT IDENTIFIER
::= { cie1000PsecMibObjects 5 }
cie1000PsecStatisticsPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF CIE1000PsecStatisticsPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is a table of port statistics per session"
::= { cie1000PsecStatistics 1 }
cie1000PsecStatisticsPortEntry OBJECT-TYPE
SYNTAX CIE1000PsecStatisticsPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each session has a set of parameters"
INDEX { cie1000PsecStatisticsPortIfIndex }
::= { cie1000PsecStatisticsPortTable 1 }
CIE1000PsecStatisticsPortEntry ::= SEQUENCE {
cie1000PsecStatisticsPortIfIndex CIE1000InterfaceIndex,
cie1000PsecStatisticsPortAgeOrHold CIE1000DisplayString,
cie1000PsecStatisticsPortCreationTime CIE1000DisplayString,
cie1000PsecStatisticsPortState CIE1000PsecStateType,
cie1000PsecStatisticsPortMacId MacAddress,
cie1000PsecStatisticsPortVlanId CIE1000Unsigned16
}
cie1000PsecStatisticsPortIfIndex OBJECT-TYPE
SYNTAX CIE1000InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Logical interface number of the physical port."
::= { cie1000PsecStatisticsPortEntry 1 }
cie1000PsecStatisticsPortAgeOrHold OBJECT-TYPE
SYNTAX CIE1000DisplayString (SIZE(0..14))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Down-counter used in block and ageing process."
::= { cie1000PsecStatisticsPortEntry 5 }
cie1000PsecStatisticsPortCreationTime OBJECT-TYPE
SYNTAX CIE1000DisplayString (SIZE(0..24))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time when this entry was orignally added."
::= { cie1000PsecStatisticsPortEntry 6 }
cie1000PsecStatisticsPortState OBJECT-TYPE
SYNTAX CIE1000PsecStateType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Current State of a entry, expected state can be either FORWARDING or
BLOCKED."
::= { cie1000PsecStatisticsPortEntry 7 }
cie1000PsecStatisticsPortMacId OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The MAC address that this is all about."
::= { cie1000PsecStatisticsPortEntry 8 }
cie1000PsecStatisticsPortVlanId OBJECT-TYPE
SYNTAX CIE1000Unsigned16
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The VID that this is all about."
::= { cie1000PsecStatisticsPortEntry 9 }
cie1000PsecTrap OBJECT IDENTIFIER
::= { cie1000PsecMibObjects 6 }
cie1000PsecTrapLimitExceeded NOTIFICATION-TYPE
OBJECTS { cie1000PsecStatusPortTrapsIfIndex,
cie1000PsecStatusPortTrapsUsers,
cie1000PsecStatusPortTrapsLimitReached,
cie1000PsecStatusPortTrapsShutdown,
cie1000PsecStatusPortTrapsMacCount }
STATUS current
DESCRIPTION
"This trap signals that a row has been added. The index(es) and value(s)
of the row is included in the trap."
::= { cie1000PsecTrap 1 }
cie1000PsecTrapMod NOTIFICATION-TYPE
OBJECTS { cie1000PsecStatusPortTrapsIfIndex,
cie1000PsecStatusPortTrapsUsers,
cie1000PsecStatusPortTrapsLimitReached,
cie1000PsecStatusPortTrapsShutdown,
cie1000PsecStatusPortTrapsMacCount }
STATUS current
DESCRIPTION
"This trap signals that one or more of the objects included in the trap
has been updated."
::= { cie1000PsecTrap 2 }
cie1000PsecTrapLimitRecovered NOTIFICATION-TYPE
OBJECTS { cie1000PsecStatusPortTrapsIfIndex }
STATUS current
DESCRIPTION
"This trap signals that a row has been deleted. The index(es) of the
row is included in the trap."
::= { cie1000PsecTrap 3 }
cie1000PsecMibConformance OBJECT IDENTIFIER
::= { cie1000PsecMib 2 }
cie1000PsecMibCompliances OBJECT IDENTIFIER
::= { cie1000PsecMibConformance 1 }
cie1000PsecMibGroups OBJECT IDENTIFIER
::= { cie1000PsecMibConformance 2 }
cie1000PsecConfigGlobalsInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecConfigGlobalsEnabled,
cie1000PsecConfigGlobalsEnableAging,
cie1000PsecConfigGlobalsAgingPeriodSecs }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 1 }
cie1000PsecConfigPortTableInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecConfigPortIfIndex,
cie1000PsecConfigPortEnabled,
cie1000PsecConfigPortLimit,
cie1000PsecConfigPortAction }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 2 }
cie1000PsecStatusPortTableInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecStatusPortIfIndex,
cie1000PsecStatusPortUsers,
cie1000PsecStatusPortLimitReached,
cie1000PsecStatusPortShutdown,
cie1000PsecStatusPortMacCount }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 3 }
cie1000PsecStatusPortTrapsInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecStatusPortTrapsIfIndex,
cie1000PsecStatusPortTrapsUsers,
cie1000PsecStatusPortTrapsLimitReached,
cie1000PsecStatusPortTrapsShutdown,
cie1000PsecStatusPortTrapsMacCount }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 4 }
cie1000PsecControlPortReopenTableInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecControlPortReopenIfIndex,
cie1000PsecControlPortReopenPortReOpen }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 5 }
cie1000PsecStatisticsPortTableInfoGroup OBJECT-GROUP
OBJECTS { cie1000PsecStatisticsPortIfIndex,
cie1000PsecStatisticsPortAgeOrHold,
cie1000PsecStatisticsPortCreationTime,
cie1000PsecStatisticsPortState,
cie1000PsecStatisticsPortMacId,
cie1000PsecStatisticsPortVlanId }
STATUS current
DESCRIPTION
"A collection of objects."
::= { cie1000PsecMibGroups 6 }
cie1000PsecTrapLimitExceededInfoGroup NOTIFICATION-GROUP
NOTIFICATIONS { cie1000PsecTrapLimitExceeded }
STATUS current
DESCRIPTION
"Information group containing a trap."
::= { cie1000PsecMibGroups 7 }
cie1000PsecTrapModInfoGroup NOTIFICATION-GROUP
NOTIFICATIONS { cie1000PsecTrapMod }
STATUS current
DESCRIPTION
"Information group containing a trap."
::= { cie1000PsecMibGroups 8 }
cie1000PsecTrapLimitRecoveredInfoGroup NOTIFICATION-GROUP
NOTIFICATIONS { cie1000PsecTrapLimitRecovered }
STATUS current
DESCRIPTION
"Information group containing a trap."
::= { cie1000PsecMibGroups 9 }
cie1000PsecMibCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for the implementation."
MODULE -- this module
MANDATORY-GROUPS { cie1000PsecConfigGlobalsInfoGroup,
cie1000PsecConfigPortTableInfoGroup,
cie1000PsecStatusPortTableInfoGroup,
cie1000PsecStatusPortTrapsInfoGroup,
cie1000PsecControlPortReopenTableInfoGroup,
cie1000PsecStatisticsPortTableInfoGroup,
cie1000PsecTrapLimitExceededInfoGroup,
cie1000PsecTrapModInfoGroup,
cie1000PsecTrapLimitRecoveredInfoGroup }
::= { cie1000PsecMibCompliances 1 }
END
View Git Blame Copy Permalink