WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/d-link/DOS-PREV-MIB

361 lines
12 KiB
Plaintext
Raw Blame History

-- -----------------------------------------------------------------------------
-- MIB NAME : DoS Prevention Common mib
-- FILE NAME: DOSprev.mib
-- DATE : 2011/02/21
-- VERSION : 2.06
-- PURPOSE : To construct the MIB structure for DoS Prevention feature
-- for proprietary enterprise
-- -----------------------------------------------------------------------------
-- MODIFICATION HISTORY:
-- -----------------------------------------------------------------------------
-- Version, Date, Author
-- Description:
-- [New Object]
-- [Modification]
-- Notes: (Requested by who and which project)
-- -----------------------------------------------------------------------------
-- Version 2.06, 2011/02/21, Randy Xie
-- [New Object]
-- Add swDoSFunctionVersion
-- Notes: display the function version
-- -----------------------------------------------------------------------------
-- Version 2.05, 2011/01/24, Randy
-- [New Object]
-- 1. Add swDoSLogState and swDoSTrapState to configure the DoS trap and Log state.
-- [Modification]
-- 1. Add new DoS type in swDoSClearCounters:
-- arp-mac-sa-mismatch(10),
-- fraggle-attack(11),
-- icmp-redirect-attack(12),
-- icmp-unreachable-attack(13),
-- ip-route-record-attac(14),
-- ip-source-route-attack(15),
-- ping-death-attack(16),
-- tcp-flag-synrst(17),
-- tcp-over-mac-mcbc(18),
-- tcp-syn-with-data(19),
-- tcp-tiny-frag-attack(20),
-- tcpudp-port-zero(21),
-- tracert-attack(22),
-- winnuke-attack (23).
-- 2. Add new DoS type in swDoSCtrlType:
-- arp-mac-sa-mismatch(10),
-- fraggle-attack(11),
-- icmp-redirect-attack(12),
-- icmp-unreachable-attack(13),
-- ip-route-record-attac(14),
-- ip-source-route-attack(15),
-- ping-death-attack(16),
-- tcp-flag-synrst(17),
-- tcp-over-mac-mcbc(18),
-- tcp-syn-with-data(19),
-- tcp-tiny-frag-attack(20),
-- tcpudp-port-zero(21),
-- tracert-attack(22),
-- winnuke-attack (23).
-- 3. Modifiy the description of swDoSAttackDetected.
-- -----------------------------------------------------------------------------
-- Version 2.04, 2008/09/18, Marco
-- rename *DOS* to *DoS*
-- modify description for swDOSCtrl* objects
-- -----------------------------------------------------------------------------
-- Version 2.03, 2008/09/05, Marco
-- rename swDOSDOSAttackDetected to swDOSAttackDetected
-- -----------------------------------------------------------------------------
-- Version 2.02, 2008/08/13, Peter Hsieh
-- Remove swDOSNotifyVarMacAddr object for DoS trap
-- Notes: Requested by Customer
-- -----------------------------------------------------------------------------
-- Version 2.01, 2008/03/24, Peter Hsieh
-- Add swDOSNotify swDOSNotifyPrefix swDOSDOSAttackDetected
-- swDOSNotifyVarBindings swDOSNotifyVarIpAddr swDOSNotifyVarMacAddr
-- swDOSNotifyVarPortNumber objects for DoS trap
-- Notes: Requested by Suger for project DES30xxp
-- -----------------------------------------------------------------------------
-- Version 2.00, 2008/02/29, Marco
-- This is the first formal version for universal MIB definition.
-- -----------------------------------------------------------------------------
DOS-PREV-MIB DEFINITIONS ::= BEGIN
IMPORTS
TEXTUAL-CONVENTION FROM SNMPv2-TC
MODULE-IDENTITY,OBJECT-TYPE,
Unsigned32,Integer32,
IpAddress FROM SNMPv2-SMI
DisplayString,RowStatus,
TruthValue,MacAddress FROM SNMPv2-TC
dlink-common-mgmt FROM DLINK-ID-REC-MIB;
swDoSMgmtMIB MODULE-IDENTITY
LAST-UPDATED "201101240000Z"
ORGANIZATION "D-Link Corp."
CONTACT-INFO
"http://support.dlink.com"
DESCRIPTION
"The MIB module for configuring the DoS prevention settings of the device."
::= { dlink-common-mgmt 59 }
--***************************************************************************
-- swDoSCtrl
--***************************************************************************
swDoSCtrl OBJECT IDENTIFIER ::= { swDoSMgmtMIB 1 }
swDoSTrapLog OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2),
other(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the status of the DoS prevention trap log."
::= { swDoSCtrl 1 }
swDoSClearCounters OBJECT-TYPE
SYNTAX INTEGER {
land-attack(1),
blat-attack(2),
smurf-attack(3),
tcp-null-scan(4),
tcp-xmascan(5),
tcp-synfin(6),
tcp-syn-srcport-less-1024(7),
all(8),
other(9),
arp-mac-sa-mismatch(10),
fraggle-attack(11),
icmp-redirect-attack(12),
icmp-unreachable-attack(13),
ip-route-record-attac(14),
ip-source-route-attack(15),
ping-death-attack(16),
tcp-flag-synrst(17),
tcp-over-mac-mcbc(18),
tcp-syn-with-data(19),
tcp-tiny-frag-attack(20),
tcpudp-port-zero(21),
tracert-attack(22),
winnuke-attack (23)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object clears the DoS prevention frame counters."
::= { swDoSCtrl 2 }
swDoSCtrlTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwDoSCtrlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that holds the DoS prevention settings of the device."
::= { swDoSCtrl 3 }
swDoSCtrlEntry OBJECT-TYPE
SYNTAX SwDoSCtrlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of DoS prevention settings of the device."
INDEX { swDoSCtrlType }
::= { swDoSCtrlTable 1 }
SwDoSCtrlEntry ::=
SEQUENCE {
swDoSCtrlType
INTEGER,
swDoSCtrlState
INTEGER,
swDoSCtrlActionType
INTEGER,
swDoSCtrlMirrorPort
INTEGER,
swDoSCtrlMirrorPriority
INTEGER,
swDoSCtrlMirrorRxRate
INTEGER,
swDoSCtrlFrameCount
INTEGER
}
swDoSCtrlType OBJECT-TYPE
SYNTAX INTEGER {
land-attack(1),
blat-attack(2),
smurf-attack(3),
tcp-null-scan(4),
tcp-xmascan(5),
tcp-synfin(6),
tcp-syn-srcport-less-1024(7),
arp-mac-sa-mismatch(10),
fraggle-attack(11),
icmp-redirect-attack(12),
icmp-unreachable-attack(13),
ip-route-record-attac(14),
ip-source-route-attack(15),
ping-death-attack(16),
tcp-flag-synrst(17),
tcp-over-mac-mcbc(18),
tcp-syn-with-data(19),
tcp-tiny-frag-attack(20),
tcpudp-port-zero(21),
tracert-attack(22),
winnuke-attack (23)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the DoS prevention type."
::= { swDoSCtrlEntry 1 }
swDoSCtrlState OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the status of the DoS prevention type."
::= { swDoSCtrlEntry 2 }
swDoSCtrlActionType OBJECT-TYPE
SYNTAX INTEGER {
drop(1),
mirror(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the action for the DoS prevention type.
If this object is set to 'mirror' and swDoSCtrlState is set to 'enable', the configuration
will not take effect until a valid mirror port is specified. If mirror port is not valid
the behavior will be the same as 'drop'"
::= { swDoSCtrlEntry 3 }
swDoSCtrlMirrorPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the port to which the attack packet will be forwarded.
A value of 0 means that the DoS prevention action type is either not set to 'mirror'.
or the 'mirror' DoS action is not active. When swDoSCtrlActionType is set to 'mirror'
with swDoSCtrlState set to 'enable', setting this value to a valid port number will
activate the 'mirror' DoS action."
::= { swDoSCtrlEntry 4 }
swDoSCtrlMirrorPriority OBJECT-TYPE
SYNTAX INTEGER (0..8)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object configures the priority of the detected packet.
Valid priority values are from 0 to 7. The value 8 indicates that there will be
no change in the priority of the DoS attack packet as it is forwarded to the
mirror port. A valid mirror port must first be specified in order to set this value."
::= { swDoSCtrlEntry 5 }
swDoSCtrlMirrorRxRate OBJECT-TYPE
SYNTAX INTEGER (0..1024000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the rate of reception of DoS attack packets.
The valid values are 64 to 1024000.
A value of 0 indicates that the rate has no limit. The default value is 0.
A valid mirror port must first be specified in order to set this value."
::= { swDoSCtrlEntry 6 }
swDoSCtrlFrameCount OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of frames detected under the DoS prevention type.
A valid mirror port must first be specified in order to set this value."
::= { swDoSCtrlEntry 7 }
swDoSTrapState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the status of the DoS prevention trap."
::= { swDoSCtrl 4 }
swDoSLogState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the status of the DoS prevention log."
::= { swDoSCtrl 5 }
swDoSFunctionVersion OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the function version."
::= { swDoSCtrl 6 }
--***************************************************************************
-- swDoSNotify
--***************************************************************************
swDoSNotify OBJECT IDENTIFIER ::= { swDoSMgmtMIB 4 }
swDoSNotifyPrefix OBJECT IDENTIFIER ::= { swDoSNotify 0 }
swDoSAttackDetected NOTIFICATION-TYPE
OBJECTS {
swDoSCtrlType,
swDoSNotifyVarIpAddr,
swDoSNotifyVarPortNumber
}
STATUS current
DESCRIPTION
"This trap is sent when the specific DoS packet is received and
trap is enabled."
::= { swDoSNotifyPrefix 1 }
swDoSNotifyVarBindings OBJECT IDENTIFIER ::= { swDoSNotify 1 }
swDoSNotifyVarIpAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"If the DoS packet is from the end station, represent
the IP address of attacker; otherwise represent the
router's IP"
::={swDoSNotifyVarBindings 1}
swDoSNotifyVarPortNumber OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"This object indicates the attacked portNum with a string,
For example, if the device is in standalone mode, and the port
number is 23, the string should be 23.
If the device is in stack mode, and the unit ID is 2, and the
port number is 3, the string should be 2:3."
::={swDoSNotifyVarBindings 2}
END
View Git Blame Copy Permalink