david/mibs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
98a672123c
mibs/MIBS/dlink/DLINKSW-DAI-MIB

1058 lines
37 KiB
Plaintext
Raw Normal View History

Initial commit
2023-12-05 12:25:34 +01:00
-- *****************************************************************
-- DLINKSW-DAI-MIB: Dynamic ARP inspection MIB
--
-- Copyright (c) 2013 D-Link Corporation, all rights reserved.
--
-- *****************************************************************
DLINKSW-DAI-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
Gauge32,
Integer32,
Unsigned32,
Counter64,
IpAddress,
OBJECT-TYPE
FROM SNMPv2-SMI
MODULE-COMPLIANCE,
OBJECT-GROUP
FROM SNMPv2-CONF
TruthValue,
MacAddress,
DateAndTime,
RowStatus,
DisplayString,
TEXTUAL-CONVENTION
FROM SNMPv2-TC
ifIndex,
InterfaceIndex
FROM IF-MIB
InetAddressIPv4
FROM INET-ADDRESS-MIB
VlanId,
VlanIdOrNone
FROM Q-BRIDGE-MIB
Dlink2kVlanList
FROM DLINKSW-TC-MIB
dlinkIndustrialCommon
FROM DLINK-ID-REC-MIB;
dlinkSwDynamicArpInspectionMIB MODULE-IDENTITY
LAST-UPDATED "201307180000Z"
ORGANIZATION "D-Link Corp."
CONTACT-INFO
" D-Link Corporation
Postal: No. 289, Sinhu 3rd Rd., Neihu District,
Taipei City 114, Taiwan, R.O.C
Tel: +886-2-66000123
E-mail: tsd@dlink.com.tw
"
DESCRIPTION
"This MIB module defines objects for Dynamic ARP Inspection."
REVISION "201307180000Z"
DESCRIPTION
"This is the first version of the MIB file.
"
::= { dlinkIndustrialCommon 130 }
--
-- Rule Type textual convention
--
DaiRuleType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The action type when the packets match the access profile.
permit(1)- Indicates that packets that match the access profile are
permitted to be forwarded by the switch.
deny(2) - Indicates that packets that match the access profile
are not permitted to be forwarded by the switch and will be filtered.
"
SYNTAX INTEGER {
permit(1),
deny(2)
}
-- -----------------------------------------------------------------------------
dDaiNotifications OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 0 }
dDaiObjects OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 1 }
dDaiConformance OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 2 }
-- -----------------------------------------------------------------------------
dDaiGlobal OBJECT IDENTIFIER ::= { dDaiObjects 1 }
dDaiVlan OBJECT IDENTIFIER ::= { dDaiObjects 2 }
dDaiInterface OBJECT IDENTIFIER ::= { dDaiObjects 3 }
dDaiStatistics OBJECT IDENTIFIER ::= { dDaiObjects 4 }
dDaiAclCfg OBJECT IDENTIFIER ::= { dDaiObjects 5 }
-- -----------------------------------------------------------------------------
dDaiAddressValidate OBJECT-TYPE
SYNTAX BITS {
srcMacAddress(0),
dstMacAddress(1),
ip(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies address validation criteria
used by Dynamic ARP Inspection feature.
'srcMacAddress' - indicates that source MAC address in
ethernet header is checked against the sender MAC address
in ARP packet. When this bit is on, packets with different
MAC addresses are classified as invalid packets and are
dropped. This checking is done for both ARP request and
ARP response packet.
'dstMacAddress' indicates that the destination MAC address
in ethernet header is checked against the target MAC address
in ARP packet. When this bit is on, packets with different
addresses are classified as invalid packets and are dropped.
This checking is done for ARP response packet only.
'ip' indicates that the IP addresses in ARP packet are checked
for invalid or unexpected IP addresses. Addresses such as
0.0.0.0, 255.255.255.255 and all IP multicast addresses are
considered invalid. When this bit is on, both the sender
and target IP addresses in the ARP packet are checked. This
checking is done for both ARP request and response packet.
"
::= { dDaiGlobal 1 }
dDaiLogBufferSize OBJECT-TYPE
SYNTAX Unsigned32
UNITS "entries"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the buffer entry number."
::= { dDaiGlobal 2 }
dDaiClearLogBuffer OBJECT-TYPE
SYNTAX INTEGER {
clear(1),
noOp(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object clears all entries in dDaiLoggingBufferTable
, when set to 'clear'.
No action is taken if this object is set to 'noOp'.
When read, the value 'noOp' is returned."
::= { dDaiGlobal 3 }
-- -----------------------------------------------------------------------------
dDaiLogBufferTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiLogBufferEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the information of logged ARP flows
for system message generation."
::= { dDaiGlobal 4 }
dDaiLogBufferEntry OBJECT-TYPE
SYNTAX DDaiLogBufferEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry contains logged ARP flow data for system
message generation. Entries in the log are cleared once
system messages are generated on their behalf.
A special entry will be populated for accounting drops of
all flows that result in exceeding the number of entries
of the log buffer. This special entry only contains packets
counter and timestamps information."
INDEX { dDaiLogBufferIndex }
::= { dDaiLogBufferTable 1 }
DDaiLogBufferEntry ::= SEQUENCE {
dDaiLogBufferIndex Unsigned32,
dDaiLogBufferInterface InterfaceIndex,
dDaiLogBufferVlan VlanIdOrNone,
dDaiLogBufferSenderMacAddress MacAddress,
dDaiLogBufferSenderIpAddress InetAddressIPv4,
dDaiLogBufferLastUpdate DateAndTime,
dDaiLogBufferPacketsCount Gauge32
}
dDaiLogBufferIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object uniquely identifies a logged ARP flow in the buffer."
::= { dDaiLogBufferEntry 1 }
dDaiLogBufferInterface OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the interface which sent the logged
ARP flow."
::= { dDaiLogBufferEntry 2 }
dDaiLogBufferVlan OBJECT-TYPE
SYNTAX VlanIdOrNone
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the VLAN ID which the logged
ARP flow belongs to."
::= { dDaiLogBufferEntry 3 }
dDaiLogBufferSenderMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the sender MAC address of the logged
ARP flow. All zeros MAC address value indicates the
special entry."
::= { dDaiLogBufferEntry 4 }
dDaiLogBufferSenderIpAddress OBJECT-TYPE
SYNTAX InetAddressIPv4
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the sender Internet address
of the logged ARP flow. The type of this address is
determined by the value of dDaiLogBufferSenderAddressType
object. All zeros IP address value indicates the
special entry."
::= { dDaiLogBufferEntry 5 }
dDaiLogBufferLastUpdate OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the timestamp when the last packet
of this flow was accounted by the system."
::= { dDaiLogBufferEntry 6 }
dDaiLogBufferPacketsCount OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of packets of this ARP flow
was accounted by the system."
::= { dDaiLogBufferEntry 7 }
-- -----------------------------------------------------------------------------
dDaiVlanCrlFirst2K OBJECT-TYPE
SYNTAX Dlink2kVlanList
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the Dynamic ARP Inspection enabled VLAN in a
string of octets containing one bit per VLAN for VLANs 1 to 2048.
If the bit is set to '1', then the VLAN is enabled for Dynamic ARP
Inspection."
::= { dDaiVlan 1 }
dDaiVlanCrlSecond2K OBJECT-TYPE
SYNTAX Dlink2kVlanList
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies the Dynamic ARP Inspection enabled VLAN in a
string of octets containing one bit per VLAN for VLANs 2049 to 4094.
If the bit is set to '1', then the VLAN is enabled for Dynamic ARP
Inspection."
::= { dDaiVlan 2 }
-- -----------------------------------------------------------------------------
dDaiVlanCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiVlanCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table contains a list of configuration for Dynamic ARP
Inspection per VLAN. "
::= { dDaiVlan 3 }
dDaiVlanCfgEntry OBJECT-TYPE
SYNTAX DDaiVlanCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the Dynamic ARP inspection
configuration for a specific VLAN in the device."
INDEX { dDaiVlanCfgId }
::= { dDaiVlanCfgTable 1 }
DDaiVlanCfgEntry ::= SEQUENCE {
dDaiVlanCfgId VlanId,
dDaiVlanFilterArpAclName DisplayString,
dDaiVlanFilterArpAclStatic TruthValue,
dDaiVlanAclLogging BITS,
dDaiVlanDhcpBindingLogging BITS,
dDaiVlanCfgRowStatus RowStatus
}
dDaiVlanCfgId OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the VLAN ID of the entry."
::= { dDaiVlanCfgEntry 1 }
dDaiVlanFilterArpAclName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies an ARP ACL name that is used to check
the validity of the bindings information in ARP body.
An empty string indicates that the ARP ACL is not configured
on the VLAN."
DEFVAL { "" }
::= { dDaiVlanCfgEntry 2 }
dDaiVlanFilterArpAclStatic OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates whether drop the packet if the
IP-to-Ethernet MAC binding pair is not permitted by the arp ACL.
This object does not take effect if value of
dDaiVlanFilterArpAclName on the row is an empty string.
'true' indicates the implicit denied packet is dropped and ARP packet
is not compared against DHCP bindings information.
'false' indicates if ARP packet is not explicitly classified by ARP
ACL, it will be compared against DHCP bindings information."
DEFVAL { false }
::= { dDaiVlanCfgEntry 3 }
dDaiVlanAclLogging OBJECT-TYPE
SYNTAX BITS {
permit(0),
deny(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the logging criteria for packets that are
dropped or permitted based on ACL matches.
'permit' - indicates that logging is performed when packets
is permitted by the configured ACL.
'deny' - indicates that logging is performed when packets
is denied by the configured ACL.
"
DEFVAL { {deny} }
::= { dDaiVlanCfgEntry 4 }
dDaiVlanDhcpBindingLogging OBJECT-TYPE
SYNTAX BITS {
permit(0),
deny(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the logging criteria when
ARP packets is compared against DHCP bindings information.
'permit' - indicates that logging is performed for packets that
are permitted as a result of comparing with DHCP bindings
information.
'deny' - indicates that logging is performed for packets that
are denied as a result of comparing with DHCP bindings
information.
"
DEFVAL { { deny } }
::= { dDaiVlanCfgEntry 5 }
dDaiVlanCfgRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row entry. This object
is used to manage creation and deletion of rows in this
table."
::= { dDaiVlanCfgEntry 99 }
-- -----------------------------------------------------------------------------
dDaiIfConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiIfConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the mechanism to configure the trust
state for Dynamic ARP Inspection purpose at each
interface capable of this feature.
"
::= { dDaiInterface 1 }
dDaiIfConfigEntry OBJECT-TYPE
SYNTAX DDaiIfConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the configuration to enable or
disable trust state for Dynamic ARP Inspection at each
interface capable of this feature."
INDEX { ifIndex }
::= { dDaiIfConfigTable 1 }
DDaiIfConfigEntry ::= SEQUENCE {
dDaiIfTrustEnabled TruthValue
}
dDaiIfTrustEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates whether the interface is trusted for
Dynamic ARP Inspection purpose.
If this object is set to 'true', the interface is trusted.
ARP packets coming to this interface will be forwarded
without Dynamic ARP inspection.
If this object is set to 'false', the interface is not
trusted. ARP packets coming to this interface will be
subjected to ARP inspection."
::= { dDaiIfConfigEntry 1 }
-- -----------------------------------------------------------------------------
dDaiIfRateLimitTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiIfRateLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the mechanism to configure the rate limit
for Dynamic ARP Inspection purpose at each interface
capable of this feature."
::= { dDaiInterface 2 }
dDaiIfRateLimitEntry OBJECT-TYPE
SYNTAX DDaiIfRateLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the configuration of rate limit
Dynamic ARP Inspection at each interface capable
of this feature."
INDEX { ifIndex }
::= { dDaiIfRateLimitTable 1 }
DDaiIfRateLimitEntry ::= SEQUENCE {
dDaiIfRateLimit Unsigned32,
dDaiIfBurstInterval Unsigned32
}
dDaiIfRateLimit OBJECT-TYPE
SYNTAX Unsigned32
UNITS "packet per second"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates rate limit value for Dynamic ARP
Inspection purpose. If the incoming rate of ARP packets
exceeds the value of this object, ARP packets will be
dropped. "
::= { dDaiIfRateLimitEntry 1 }
dDaiIfBurstInterval OBJECT-TYPE
SYNTAX Unsigned32
UNITS "second"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the length of the burst duration
of the ARP packets that is allowed.
When the rate of ARP packet per second exceeds the limitation
and the condition sustain for the configured burst duration,
the interface will be put in error disable state.
"
::= { dDaiIfRateLimitEntry 2 }
-- -----------------------------------------------------------------------------
dDaiVlanStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiVlanStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table lists the Dynamic Arp Inspection statistics per VLAN."
::= { dDaiStatistics 1 }
dDaiVlanStatsEntry OBJECT-TYPE
SYNTAX DDaiVlanStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains Dynamic ARP Inspection statistics
information for each VLAN."
INDEX { dDaiVlanStatsIndex }
::= { dDaiVlanStatsTable 1 }
DDaiVlanStatsEntry ::= SEQUENCE {
dDaiVlanStatsIndex VlanId,
dDaiVlanForwarded Counter64,
dDaiVlanDropped Counter64,
dDaiVlanAclPermitted Counter64,
dDaiVlanDhcpBindingsPermitted Counter64,
dDaiVlanAclDenied Counter64,
dDaiVlanDhcpBindingDenied Counter64,
dDaiVlanSrcMacValidationFailures Counter64,
dDaiVlanDstMacValidationFailures Counter64,
dDaiVlanIpValidationFailures Counter64,
dDaiVlanStatsClear INTEGER
}
dDaiVlanStatsIndex OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the VLAN ID of the entry."
::= { dDaiVlanStatsEntry 1 }
dDaiVlanForwarded OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets forwarded by
Dynamic Arp Inspection feature."
::= { dDaiVlanStatsEntry 2 }
dDaiVlanDropped OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets dropped by
Dynamic ARP Inspection feature."
::= { dDaiVlanStatsEntry 3 }
dDaiVlanAclPermitted OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets permitted by
the configured ACL."
::= { dDaiVlanStatsEntry 4 }
dDaiVlanDhcpBindingsPermitted OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets that are permitted
by DHCP snooping binding database."
::= { dDaiVlanStatsEntry 5 }
dDaiVlanAclDenied OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets denied by the
associating ACL."
::= { dDaiVlanStatsEntry 6 }
dDaiVlanDhcpBindingDenied OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets that are dropped by
DHCP snooping binding database."
::= { dDaiVlanStatsEntry 7 }
dDaiVlanSrcMacValidationFailures OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets that fail
source MAC address validation."
::= { dDaiVlanStatsEntry 8 }
dDaiVlanDstMacValidationFailures OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets that fail
destination MAC address validation."
::= { dDaiVlanStatsEntry 9 }
dDaiVlanIpValidationFailures OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of ARP packets that fail
IP validation."
::= { dDaiVlanStatsEntry 10 }
dDaiVlanStatsClear OBJECT-TYPE
SYNTAX INTEGER {
clear(1),
noOp(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object clears the counters in the same row when set to
'clear'.
No action is taken if this object is set to 'noOp'.
When read, the value 'noOp' is returned."
::= { dDaiVlanStatsEntry 99 }
dDaiVlanStatsClearAll OBJECT-TYPE
SYNTAX INTEGER {
clear(1),
noOp(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object clears the counters of all entries in
dDaiVlanStatsTable, when set to 'clear'.
No action is taken if this object is set to 'noOp'.
When read, the value 'noOp' is returned."
::= { dDaiStatistics 2 }
-- -----------------------------------------------------------------------------
dDaiArpAccessListNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of entries present in the ARP
access list table."
::= { dDaiAclCfg 1 }
dDaiArpAccessListTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiArpAccessListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table contains information about ARP access list."
::= { dDaiAclCfg 2 }
dDaiArpAccessListEntry OBJECT-TYPE
SYNTAX DDaiArpAccessListEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry defined in dDaiArpAccessListTable. An entry is
created/removed when an ARP access list is created/deleted."
INDEX { dDaiArpAccessListName }
::= { dDaiArpAccessListTable 1 }
DDaiArpAccessListEntry ::= SEQUENCE {
dDaiArpAccessListName DisplayString,
dDaiArpAccessListRowStatus RowStatus
}
dDaiArpAccessListName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The name of the ARP access list."
::= { dDaiArpAccessListEntry 1 }
dDaiArpAccessListRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object allows the dynamic creation and deletion of an ARP
access list."
::= { dDaiArpAccessListEntry 99 }
-- -----------------------------------------------------------------------------
dDaiArpAccessRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF DDaiArpAccessRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table consists of a list of rules for the ARP access list."
::= { dDaiAclCfg 3 }
dDaiArpAccessRuleEntry OBJECT-TYPE
SYNTAX DDaiArpAccessRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry is defined dDaiArpAccessRuleTable.
The first instance identifier index value identifies the
dDaiArpAccessListEntry that a ARP access rule (dDaiArpAccessRuleEntry)
belongs to. An entry is removed from this table when its
corresponding dDaiArpAccessListEntry is deleted."
INDEX {
dDaiArpAccessListName,
dDaiArpAccessRuleSn
}
::= { dDaiArpAccessRuleTable 1 }
DDaiArpAccessRuleEntry ::= SEQUENCE {
dDaiArpAccessRuleSn Integer32,
dDaiArpAccessRuleRowStatus RowStatus,
dDaiArpAccessRuleAction DaiRuleType,
dDaiArpAccessRuleSenderMacAddr MacAddress,
dDaiArpAccessRuleSenderMacMask MacAddress,
dDaiArpAccessRuleSenderAddr IpAddress,
dDaiArpAccessRuleSenderAddrMask IpAddress
}
dDaiArpAccessRuleSn OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the sequence number of the rule. A lower number represents
a higher priority.
The special value of 0 means the priority will be automatically determined
by the agent."
::= { dDaiArpAccessRuleEntry 1 }
dDaiArpAccessRuleRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The row status variable, used according to installation
and removal conventions for conceptual rows."
::= { dDaiArpAccessRuleEntry 2 }
dDaiArpAccessRuleAction OBJECT-TYPE
SYNTAX DaiRuleType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the result of the packet examination is to permit or deny.
"
::= { dDaiArpAccessRuleEntry 3 }
dDaiArpAccessRuleSenderMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the ARP sender MAC address of the entry."
::= { dDaiArpAccessRuleEntry 4 }
dDaiArpAccessRuleSenderMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is a mask bitmap to specify a group of source
MAC addresses. The bit value 1 indicates the corresponding bit will
be checked. The bit value 0 indicates the corresponding bit will be
ignored. In other words, when the value of all '00'Hs indicates any ARP
sender MAC address is specified. When the value of all 'ff'Hs indicates
host ARP sender MAC address is specified."
::= { dDaiArpAccessRuleEntry 5 }
dDaiArpAccessRuleSenderAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the ARP sender IP address of the entry."
::= { dDaiArpAccessRuleEntry 6 }
dDaiArpAccessRuleSenderAddrMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is a mask bitmap to specify a group of source IP
addresses. The bit value 1 indicates the corresponding bit will
be checked. The bit value 0 indicates the corresponding bit will be
ignored. In other words, when the value of all '00'Hs indicates any
ARP sender address is specified. When the value of all 'ff'Hs indicates
host ARP sender address is specified."
::= { dDaiArpAccessRuleEntry 7 }
-- Conformance
dDaiMIBCompliances
OBJECT IDENTIFIER ::= { dDaiConformance 1 }
dDaiMIBGroups
OBJECT IDENTIFIER ::= { dDaiConformance 2 }
dDaiMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for DLINKSW-DAI-MIB"
MODULE
MANDATORY-GROUPS {
dDaiIfConfigGroup
}
GROUP dDaiVlanCtrlGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
enabling Dynamic ARP Inspection per VLAN."
GROUP dDaiVlanCfgGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
enabling Dynamic ARP Inspection per VLAN."
GROUP dDaiLoggingConfigGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
enabling Dynamic ARP Inspection logging at the device level."
GROUP dDaiIfRateLimitGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
Dynamic ARP Inspection rate limit per interface."
GROUP dDaiAddressValidationGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
address validation configuration."
GROUP dDaiLogBufferGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
log buffer information for Dynamic ARP Inspection feature."
GROUP dDaiVlanStatisticsGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
Dynamic ARP Inspection statistics per VLAN."
GROUP dDaiAclGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
static ARP inspection configuration."
GROUP dDaiClearStatsGroup
DESCRIPTION
"This group is mandatory only for the platform which supports
clear ARP inspection statistics."
OBJECT dDaiVlanFilterArpAclName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dDaiVlanFilterArpAclStatic
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dDaiVlanCfgRowStatus
SYNTAX INTEGER {
active(1)
}
WRITE-SYNTAX INTEGER {
createAndGo(4),
destroy(6)
}
MIN-ACCESS read-only
DESCRIPTION
"Read-create access is not required."
OBJECT dDaiIfTrustEnabled
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dDaiLogBufferSize
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dDaiAddressValidate
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dDaiClearLogBuffer
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { dDaiMIBCompliances 1 }
-- Units of Conformance
-- dDaiGlobalGroup
dDaiVlanCtrlGroup OBJECT-GROUP
OBJECTS {
dDaiVlanCrlFirst2K,
dDaiVlanCrlSecond2K
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration regarding the Dynamic
ARP Inspection feature per VLAN."
::= { dDaiMIBGroups 1 }
dDaiIfConfigGroup OBJECT-GROUP
OBJECTS {
dDaiIfTrustEnabled
}
STATUS current
DESCRIPTION
"A collection of objects which are used to configure as
well as show information regarding the interface trust
state for Dynamic ARP Inspection purpose."
::= { dDaiMIBGroups 2 }
dDaiIfRateLimitGroup OBJECT-GROUP
OBJECTS {
dDaiIfRateLimit,
dDaiIfBurstInterval
}
STATUS current
DESCRIPTION
"A collection of objects which are used to configure as
well as show information regarding the rate limit per
interface for Dynamic ARP Inspection purpose."
::= { dDaiMIBGroups 3 }
dDaiLoggingConfigGroup OBJECT-GROUP
OBJECTS {
dDaiLogBufferSize
}
STATUS current
DESCRIPTION
"A collection of objects providing logging configuration
for Dynamic ARP Inspection feature."
::= { dDaiMIBGroups 4 }
dDaiAddressValidationGroup OBJECT-GROUP
OBJECTS {
dDaiAddressValidate
}
STATUS current
DESCRIPTION
"A collection of objects providing address validation
configuration for Dynamic ARP Inspection feature."
::= { dDaiMIBGroups 5 }
dDaiVlanCfgGroup OBJECT-GROUP
OBJECTS {
dDaiVlanFilterArpAclName,
dDaiVlanFilterArpAclStatic,
dDaiVlanAclLogging,
dDaiVlanDhcpBindingLogging,
dDaiVlanCfgRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing additional VLAN
configuration for Dynamic ARP Inspection feature."
::= { dDaiMIBGroups 6 }
dDaiVlanStatisticsGroup OBJECT-GROUP
OBJECTS {
dDaiVlanForwarded,
dDaiVlanDropped,
dDaiVlanAclPermitted,
dDaiVlanDhcpBindingsPermitted,
dDaiVlanAclDenied,
dDaiVlanDhcpBindingDenied,
dDaiVlanSrcMacValidationFailures,
dDaiVlanDstMacValidationFailures,
dDaiVlanIpValidationFailures
}
STATUS current
DESCRIPTION
"A collection of objects providing Dynamic ARP Inspection
statistics per VLAN."
::= { dDaiMIBGroups 7 }
dDaiLogBufferGroup OBJECT-GROUP
OBJECTS {
dDaiClearLogBuffer,
dDaiLogBufferInterface,
dDaiLogBufferVlan,
dDaiLogBufferSenderMacAddress,
dDaiLogBufferSenderIpAddress,
dDaiLogBufferLastUpdate,
dDaiLogBufferPacketsCount
}
STATUS current
DESCRIPTION
"A collection of objects providing logging information or control
for Dynamic ARP Inspection feature."
::= { dDaiMIBGroups 8 }
dDaiAclGroup OBJECT-GROUP
OBJECTS {
dDaiArpAccessListNumber,
dDaiArpAccessListRowStatus,
dDaiArpAccessRuleRowStatus,
dDaiArpAccessRuleAction,
dDaiArpAccessRuleSenderMacAddr,
dDaiArpAccessRuleSenderMacMask,
dDaiArpAccessRuleSenderAddr,
dDaiArpAccessRuleSenderAddrMask
}
STATUS current
DESCRIPTION
"A collection of objects providing ARP access-list configuration."
::= { dDaiMIBGroups 9 }
dDaiClearStatsGroup OBJECT-GROUP
OBJECTS {
dDaiVlanStatsClear,
dDaiVlanStatsClearAll
}
STATUS current
DESCRIPTION
"A collection of objects providing clear the Dynamic Arp Inspection statistics."
::= { dDaiMIBGroups 10 }
END
Reference in New Issue Copy Permalink