562 lines
20 KiB
Plaintext
562 lines
20 KiB
Plaintext
|
LINKSYS-SECURITY-SUITE DEFINITIONS ::= BEGIN
|
||
|
|
||
|
-- Version: 7.42_00
|
||
|
-- Date: 24 JAN 2006
|
||
|
|
||
|
|
||
|
|
||
|
IMPORTS
|
||
|
MODULE-IDENTITY, OBJECT-TYPE,Counter32,
|
||
|
Gauge32, Unsigned32, IpAddress, TimeTicks FROM SNMPv2-SMI
|
||
|
InterfaceIndexOrZero, InterfaceIndex,ifIndex FROM IF-MIB
|
||
|
TEXTUAL-CONVENTION,TruthValue, RowStatus,
|
||
|
RowPointer, DisplayString FROM SNMPv2-TC
|
||
|
Percents,rnd FROM LINKSYS-MIB
|
||
|
PortList FROM Q-BRIDGE-MIB;
|
||
|
|
||
|
|
||
|
rlSecuritySuiteMib MODULE-IDENTITY
|
||
|
LAST-UPDATED "200604080000Z"
|
||
|
ORGANIZATION "Linksys LLC."
|
||
|
CONTACT-INFO
|
||
|
"www.linksys.com/business/support"
|
||
|
DESCRIPTION
|
||
|
"The private MIB module definition for blocking attacks
|
||
|
such as DoS(=Denial Of Service), SYN and well known viruses Attacks
|
||
|
in Linksys devices."
|
||
|
REVISION "200601090000Z"
|
||
|
DESCRIPTION
|
||
|
"Add per port dos attack table suport
|
||
|
rlSecuritySuiteDenyTypesTable ,rlSecuritySuiteDoSSynAttackTable."
|
||
|
::= { rnd 120}
|
||
|
|
||
|
RlsecuritySuiteGlobalEnableType ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the operating modes of the security-suite"
|
||
|
SYNTAX INTEGER {
|
||
|
enable-global-rules-only(1),
|
||
|
enable-all-rules-types(2),
|
||
|
disable(3)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteKnownDosAttackType ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies well-known DoS attack"
|
||
|
SYNTAX INTEGER {
|
||
|
stacheldraht(1),
|
||
|
invasor-Trojan(2),
|
||
|
back-orifice-Trojan(3)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteKnownDosAttackProtocolType ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies protocol type of the well-known DoS attack"
|
||
|
SYNTAX INTEGER {
|
||
|
tcp(1),
|
||
|
upd(2)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteAllMartianEntryType ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies Martian-address origin: pre-defined (reserved) or statically configured"
|
||
|
SYNTAX INTEGER {
|
||
|
reserved(1),
|
||
|
static(2)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteDenyAttackType ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the deny attack types"
|
||
|
SYNTAX INTEGER {
|
||
|
syn(1),
|
||
|
icmp-echo-request(2),
|
||
|
fragmented(3)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteDenySynFinTcp ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the dropping SYN, FIN flags enabled TCP packets status"
|
||
|
SYNTAX INTEGER {
|
||
|
deny(1),
|
||
|
permit(2)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteSynProtectionMode ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the TCP SYN attack protection mode ."
|
||
|
SYNTAX INTEGER {
|
||
|
disabled(1),
|
||
|
report(2),
|
||
|
block(3)
|
||
|
}
|
||
|
|
||
|
RlSecuritySuiteSynProtectionPortMode ::= TEXTUAL-CONVENTION
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the TCP SYN attack protection mode ."
|
||
|
SYNTAX INTEGER {
|
||
|
normal(1),
|
||
|
attacked(2),
|
||
|
blocked(3)
|
||
|
}
|
||
|
|
||
|
rlSecuritySuiteGlobalEnable OBJECT-TYPE
|
||
|
SYNTAX RlsecuritySuiteGlobalEnableType
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally enables/disables the DoS attack Suite. "
|
||
|
::= { rlSecuritySuiteMib 1 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttacksTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteKnownDoSAttacksEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This table enables/disable well-know DoS attacks,
|
||
|
applied globally to all ifIndexes."
|
||
|
::= { rlSecuritySuiteMib 2 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttacksEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteKnownDoSAttacksEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one well known DoS attack address"
|
||
|
INDEX { rlSecuritySuiteKnownDoSAttack}
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksTable 1 }
|
||
|
|
||
|
RlSecuritySuiteKnownDoSAttacksEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteKnownDoSAttack RlSecuritySuiteKnownDosAttackType,
|
||
|
rlSecuritySuiteKnownDoSAttackEnable TruthValue
|
||
|
}
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttack OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteKnownDosAttackType
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"A well-known DoS attack to enable"
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttackEnable OBJECT-TYPE
|
||
|
SYNTAX TruthValue
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Enable/Disable a well-known DoS attack "
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttacksDetailsTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteKnownDoSAttacksDetailsEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This read-only table used to present the detailed attributes
|
||
|
of each well-known DoS attack. Used for presentation propose only."
|
||
|
::= { rlSecuritySuiteMib 3 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttacksDetailsEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteKnownDoSAttacksDetailsEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one well known DoS attack address ,"
|
||
|
INDEX { rlSecuritySuiteKnownDoSAttack}
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksDetailsTable 1 }
|
||
|
|
||
|
RlSecuritySuiteKnownDoSAttacksDetailsEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteKnownDoSAttackProtocl RlSecuritySuiteKnownDosAttackProtocolType,
|
||
|
rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort INTEGER,
|
||
|
rlSecuritySuiteKnownDoSAttackDestTcpUdpPort INTEGER
|
||
|
}
|
||
|
rlSecuritySuiteKnownDoSAttackProtocl OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteKnownDosAttackProtocolType
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the protocol type of the relevant well-known attack"
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksDetailsEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttackSrcTcpUdpPort OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the source tcp/udp port of the relevant well-known attack"
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksDetailsEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteKnownDoSAttackDestTcpUdpPort OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specifies the destination tcp/udp port of the relevant well-known attack"
|
||
|
::= { rlSecuritySuiteKnownDoSAttacksDetailsEntry 3 }
|
||
|
|
||
|
rlSecuritySuiteReservedMartianAddresses OBJECT-TYPE
|
||
|
SYNTAX TruthValue
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally enables/disables discarding of the IP
|
||
|
well-known addresses described below:
|
||
|
-------------------------------------------------------------------------------
|
||
|
| Address block | Present use
|
||
|
|-------------------------------------------------------------------------------
|
||
|
|0.0.0.0/8 | Addresses in this block refer to source hosts
|
||
|
|(except 0.0.0.0/32 | on 'this' network.
|
||
|
| as source address) |
|
||
|
|------------------------------------------------------------------------------
|
||
|
|127.0.0.0/8 | This block is assigned for use as the Internet host loop-back address.
|
||
|
|-----------------------------------------------------------------------------------------------------
|
||
|
|192.0.2.0/24 | This block is assigned as 'TEST-NET'
|
||
|
| | for use in documentation and example code.
|
||
|
|---------------------------------------------------------------------------
|
||
|
|224.0.0.0/4 as source. | This block, formerly known as the Class D address space,
|
||
|
| | is allocated for use in IPv4 multicast address assignments.
|
||
|
|-------------------------------------------------------------------------------------------
|
||
|
|240.0.0.0/4 |
|
||
|
|(except 255.255.255.255/32 | This block, formerly known as the Class E address space, is reserved.
|
||
|
| as destination address) |
|
||
|
|-------------------------------------------------------------------------------------------------------
|
||
|
"
|
||
|
::= { rlSecuritySuiteMib 4 }
|
||
|
|
||
|
rlSecuritySuiteMartianAddrAllTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteMartianAddrAllEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This read-only table specifies all current configured Martian addresses -
|
||
|
both pre-defined (=reserved) and used-configured (=static) addresses"
|
||
|
::= { rlSecuritySuiteMib 5 }
|
||
|
|
||
|
rlSecuritySuiteMartianAddrAllEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteMartianAddrAllEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one Martian address ,
|
||
|
packets with this address as IP source or IP destination, are discarded."
|
||
|
INDEX { rlSecuritySuiteMartianAddr,rlSecuritySuiteMartianAddrNetMask}
|
||
|
::= { rlSecuritySuiteMartianAddrAllTable 1 }
|
||
|
|
||
|
RlSecuritySuiteMartianAddrAllEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteMartianAddr IpAddress,
|
||
|
rlSecuritySuiteMartianAddrNetMask IpAddress,
|
||
|
rlSecuritySuiteAllMartianEntryType RlSecuritySuiteAllMartianEntryType
|
||
|
}
|
||
|
rlSecuritySuiteMartianAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"An IP address to discard all packets with that address as source
|
||
|
or destination"
|
||
|
::= { rlSecuritySuiteMartianAddrAllEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteMartianAddrNetMask OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specify the net mask that comprise the destination IP address prefix."
|
||
|
::= { rlSecuritySuiteMartianAddrAllEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteAllMartianEntryType OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteAllMartianEntryType
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specific the entry origin: pre-defined (reserved) of statically configured."
|
||
|
::= { rlSecuritySuiteMartianAddrAllEntry 3 }
|
||
|
|
||
|
rlSecuritySuiteMartianAddrTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlDoSAttackMartianAddrEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This table specifies the Martian addresses -
|
||
|
the addresses that packets with these IP addressed as source or
|
||
|
destination are discarded."
|
||
|
::= { rlSecuritySuiteMib 6 }
|
||
|
|
||
|
rlSecuritySuiteMartianAddrEntry OBJECT-TYPE
|
||
|
SYNTAX RlDoSAttackMartianAddrEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one Martian address ,
|
||
|
packets with this address as IP source or IP destination, are discarded."
|
||
|
INDEX { rlSecuritySuiteMartianAddr,rlSecuritySuiteMartianAddrNetMask}
|
||
|
::= { rlSecuritySuiteMartianAddrTable 1 }
|
||
|
|
||
|
RlDoSAttackMartianAddrEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteMartianAddrStatus RowStatus
|
||
|
}
|
||
|
|
||
|
rlSecuritySuiteMartianAddrStatus OBJECT-TYPE
|
||
|
SYNTAX RowStatus
|
||
|
MAX-ACCESS read-create
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The status of a table entry.
|
||
|
It is used to delete/Add an entry from this table."
|
||
|
::= { rlSecuritySuiteMartianAddrEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteDoSSynAttackEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This table contains IP address and rate, to limit DoS SYN attacks from
|
||
|
a specific IP address and interface(s)"
|
||
|
::= { rlSecuritySuiteMib 7 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteDoSSynAttackEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one Martian address ,
|
||
|
packets with this address as IP source or IP destination, are discarded."
|
||
|
INDEX { rlSecuritySuiteDoSSynAttackIfIndex,
|
||
|
rlSecuritySuiteDoSSynAttackAddr,
|
||
|
rlSecuritySuiteDoSSynAttackNetMask}
|
||
|
::= { rlSecuritySuiteDoSSynAttackTable 1 }
|
||
|
|
||
|
RlSecuritySuiteDoSSynAttackEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteDoSSynAttackIfIndex InterfaceIndex,
|
||
|
rlSecuritySuiteDoSSynAttackAddr IpAddress,
|
||
|
rlSecuritySuiteDoSSynAttackNetMask IpAddress,
|
||
|
rlSecuritySuiteDoSSynAttackSynRate INTEGER,
|
||
|
rlSecuritySuiteDoSSynAttackStatus RowStatus
|
||
|
}
|
||
|
rlSecuritySuiteDoSSynAttackIfIndex OBJECT-TYPE
|
||
|
SYNTAX InterfaceIndex
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Interface which the attack is applied on"
|
||
|
::= { rlSecuritySuiteDoSSynAttackEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"An IP address to discard all packets with that address as destination"
|
||
|
::= { rlSecuritySuiteDoSSynAttackEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackNetMask OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Relevant when rlSecuritySuiteSynAttackRangeType equals prefix(2).
|
||
|
Specify the number of bits that comprise the destination
|
||
|
IP address prefix."
|
||
|
::= { rlSecuritySuiteDoSSynAttackEntry 3 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackSynRate OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS read-create
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Specify the maximum connections per second allowed from this IP address
|
||
|
and rlSecuritySuiteSynAttackPortList"
|
||
|
::= { rlSecuritySuiteDoSSynAttackEntry 4 }
|
||
|
|
||
|
rlSecuritySuiteDoSSynAttackStatus OBJECT-TYPE
|
||
|
SYNTAX RowStatus
|
||
|
MAX-ACCESS read-create
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The status of a table entry.
|
||
|
It is used to delete/Add an entry from this table."
|
||
|
::= { rlSecuritySuiteDoSSynAttackEntry 6 }
|
||
|
|
||
|
rlSecuritySuiteDenyTypesTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteDenyTypesEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This table specifies the ip address and TCP ports that
|
||
|
TCP SYN packets from them on a specific interfaces are dropped."
|
||
|
::= { rlSecuritySuiteMib 8 }
|
||
|
|
||
|
rlSecuritySuiteDenyTypesEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteDenyTypesEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes one ip address, TCP port and
|
||
|
list of ifIndexes, that packets with these attributes are discarded."
|
||
|
INDEX { rlSecuritySuiteDenyIfIndex,
|
||
|
rlSecuritySuiteDenyAttackType,
|
||
|
rlSecuritySuiteDenyDestAddr,
|
||
|
rlSecuritySuiteDenyNetMask,
|
||
|
rlSecuritySuiteDenyDestPort}
|
||
|
::= { rlSecuritySuiteDenyTypesTable 1 }
|
||
|
|
||
|
RlSecuritySuiteDenyTypesEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteDenyIfIndex InterfaceIndex,
|
||
|
rlSecuritySuiteDenyAttackType RlSecuritySuiteDenyAttackType,
|
||
|
rlSecuritySuiteDenyDestAddr IpAddress,
|
||
|
rlSecuritySuiteDenyNetMask IpAddress,
|
||
|
rlSecuritySuiteDenyDestPort INTEGER,
|
||
|
rlSecuritySuiteDenyStatus RowStatus
|
||
|
}
|
||
|
|
||
|
rlSecuritySuiteDenyIfIndex OBJECT-TYPE
|
||
|
SYNTAX InterfaceIndex
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Interface which the attack is applied on"
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 1 }
|
||
|
|
||
|
rlSecuritySuiteDenyAttackType OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteDenyAttackType
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The specific deny attack type"
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteDenyDestAddr OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"An IP address to discard all packets with that address as destination"
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 3 }
|
||
|
|
||
|
rlSecuritySuiteDenyNetMask OBJECT-TYPE
|
||
|
SYNTAX IpAddress
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Relevant when rlSecuritySuiteDenyTCPRangeType equals mask(1).
|
||
|
Specify the number of bits that comprise the destination
|
||
|
IP address prefix."
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 4 }
|
||
|
|
||
|
rlSecuritySuiteDenyDestPort OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Destination TCP port.
|
||
|
Use 65553 to specify all ports.
|
||
|
This key-field is relevant in specific attack types (not all)
|
||
|
Use 0 when not relevant."
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 5 }
|
||
|
|
||
|
rlSecuritySuiteDenyStatus OBJECT-TYPE
|
||
|
SYNTAX RowStatus
|
||
|
MAX-ACCESS read-create
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The status of a table entry.
|
||
|
It is used to delete/Add an entry from this table."
|
||
|
::= { rlSecuritySuiteDenyTypesEntry 6 }
|
||
|
|
||
|
|
||
|
rlSecuritySuiteDenySynFinTcp OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteDenySynFinTcp
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally enable or disable dropping of tcp packets with both SYN and FIN flags enabled. "
|
||
|
::= { rlSecuritySuiteMib 9 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionMode OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteSynProtectionMode
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally set protection mode on TCP SYN traffic.
|
||
|
Disabled - the system doesn't support protection against TCP SYN attack.
|
||
|
Report - the system doesn't support protection against TCP SYN attack,but reports about it.
|
||
|
Block - the systems supports protection against TCP SYN attack by blocking this traffic on the port. "
|
||
|
::= { rlSecuritySuiteMib 10 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionTreshold OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally set protection mode treshold value in packet per second
|
||
|
on TCP SYN traffic."
|
||
|
::= { rlSecuritySuiteMib 11 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionRecoveryTimeout OBJECT-TYPE
|
||
|
SYNTAX INTEGER
|
||
|
MAX-ACCESS read-write
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This scalar globally set protection reovery time out in secounds."
|
||
|
::= { rlSecuritySuiteMib 12 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionPortTable OBJECT-TYPE
|
||
|
SYNTAX SEQUENCE OF RlSecuritySuiteSynProtectionPortEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"This table keeps SYN protection status per port."
|
||
|
::= { rlSecuritySuiteMib 13 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionPortEntry OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteSynProtectionPortEntry
|
||
|
MAX-ACCESS not-accessible
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"Each entry in this table describes TCP SYN protection status for one port."
|
||
|
INDEX { ifIndex}
|
||
|
::= { rlSecuritySuiteSynProtectionPortTable 1 }
|
||
|
|
||
|
RlSecuritySuiteSynProtectionPortEntry::= SEQUENCE {
|
||
|
rlSecuritySuiteSynProtectionPortMode RlSecuritySuiteSynProtectionPortMode,
|
||
|
rlSecuritySuiteSynProtectionPortModeLastTimeAttack RlSecuritySuiteSynProtectionPortMode,
|
||
|
rlSecuritySuiteSynProtectionPortLastTimeAttack DisplayString
|
||
|
}
|
||
|
|
||
|
rlSecuritySuiteSynProtectionPortMode OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteSynProtectionPortMode
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The port's TCP SYN protection mode."
|
||
|
::= { rlSecuritySuiteSynProtectionPortEntry 1 }
|
||
|
|
||
|
|
||
|
rlSecuritySuiteSynProtectionPortModeLastTimeAttack OBJECT-TYPE
|
||
|
SYNTAX RlSecuritySuiteSynProtectionPortMode
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The port's TCP SYN protection last attack time mode."
|
||
|
::= { rlSecuritySuiteSynProtectionPortEntry 2 }
|
||
|
|
||
|
rlSecuritySuiteSynProtectionPortLastTimeAttack OBJECT-TYPE
|
||
|
SYNTAX DisplayString
|
||
|
MAX-ACCESS read-only
|
||
|
STATUS current
|
||
|
DESCRIPTION
|
||
|
"The port's TCP SYN protection last attack time."
|
||
|
::= { rlSecuritySuiteSynProtectionPortEntry 3 }
|
||
|
|
||
|
|
||
|
|
||
|
END
|
||
|
|