david/mibs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
David Leutgeb
2023-12-05 12:25:34 +01:00
commit 98a672123c
4378 changed files with 8817503 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
MIBS/screenos/NETSCREEN-ADDR-MIB Normal file
View File

@ -0,0 +1,142 @@
-- This module defines enterprise MIBs for address book
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-ADDR-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenAddr
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenAddrMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the entries in the Address Book"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenAddr 0 }
NsAddrEntry ::= SEQUENCE
{
nsAddrIndex Integer32,
nsAddrName DisplayString,
nsAddrVsys Integer32,
nsAddrZone Integer32,
nsAddrIpOrDomain DisplayString,
nsAddrNetmask IpAddress,
nsAddrComment DisplayString
}
nsAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The NetScreen ScreenOS classifies the addresses of all other
devices by location and netmask. For example trusted addresses
are located behind the trusted interface. This table collects
all address items that exist in ScreenOS"
::= { netscreenAddr 1 }
nsAddrEntry OBJECT-TYPE
SYNTAX NsAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Address entry collects some attributes of the address item."
INDEX
{ nsAddrIndex }
::= { nsAddrTable 1 }
nsAddrIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each address. Its value ranges between 0
and 65535 and may not be contiguous."
::= { nsAddrEntry 1 }
nsAddrName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Address item name."
::= { nsAddrEntry 2 }
nsAddrVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system name this address belongs to."
::= { nsAddrEntry 3 }
nsAddrZone OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Security zone name this address belongs to."
::= { nsAddrEntry 4 }
nsAddrIpOrDomain OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Address item's ip address or domain name."
::= { nsAddrEntry 5 }
nsAddrNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Subnet mask address use."
::= { nsAddrEntry 6 }
nsAddrComment OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Comments on this address."
::= { nsAddrEntry 7 }
END

784
MIBS/screenos/NETSCREEN-BGP4-MIB Normal file
View File

@ -0,0 +1,784 @@
-- These MIBs were created on 1/2/2003
-- This module defines enterprise MIBs for NS BGP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-BGP4-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
IpAddress, Integer32, Counter32, Gauge32
FROM SNMPv2-SMI
netscreenTrapDesc, netscreenTrapType
FROM NETSCREEN-TRAP-MIB
netscreenVR
FROM NETSCREEN-SMI;
nsBgp MODULE-IDENTITY
LAST-UPDATED "200506032022Z" -- June 20, 2005
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"The MIB module for NS-BGP-4."
::= { netscreenVR 3 }
-- BGP Info table. This table contains, one entry per
-- VR, information about the BGP's Version, LocalAs and Identifier.
nsBgpInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsBgpInfoEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"BGP info table. This table contains,
one entry per VR, information about
the BGP's Version, LocalAs and Identifier."
::= { nsBgp 1 }
nsBgpInfoEntry OBJECT-TYPE
SYNTAX NsBgpInfoEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Entry containing information about the
BGP's Version, LocalAs and Identifier"
INDEX { nsBgpInfoVRID }
::= { nsBgpInfoTable 1 }
NsBgpInfoEntry ::= SEQUENCE {
nsBgpInfoVersion
OCTET STRING,
nsBgpInfoLocalAs
INTEGER,
nsBgpInfoIdentifier
IpAddress,
nsBgpInfoVRID
INTEGER
}
nsBgpInfoVersion OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..255))
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Vector of supported BGP protocol version
numbers. Each peer negotiates the version
from this vector. Versions are identified
via the string of bits contained within this
object. The first octet contains bits 0 to
7, the second octet contains bits 8 to 15,
and so on, with the most significant bit
referring to the lowest bit number in the
octet (e.g., the MSB of the first octet
refers to bit 0). If a bit, i, is present
and set, then the version (i+1) of the BGP
is supported."
::= { nsBgpInfoEntry 1 }
nsBgpInfoLocalAs OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local autonomous system number."
::= { nsBgpInfoEntry 2 }
nsBgpInfoIdentifier OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The BGP Identifier of local system."
::= { nsBgpInfoEntry 3 }
nsBgpInfoVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsBgpInfoEntry 4 }
-- BGP Peer table. This table contains, one entry per
-- BGP peer, information about the BGP peer.
nsBgpPeerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsBgpPeerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"BGP peer table. This table contains,
one entry per BGP peer, information about
the connections with BGP peers."
::= { nsBgp 3 }
nsBgpPeerEntry OBJECT-TYPE
SYNTAX NsBgpPeerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Entry containing information about the
connection with a BGP peer."
INDEX { nsBgpPeerRemoteAddr,
nsBgpPeerVRID }
::= { nsBgpPeerTable 1 }
NsBgpPeerEntry ::= SEQUENCE {
nsBgpPeerIdentifier
IpAddress,
nsBgpPeerState
INTEGER,
nsBgpPeerAdminStatus
INTEGER,
nsBgpPeerNegotiatedVersion
Integer32,
nsBgpPeerLocalAddr
IpAddress,
nsBgpPeerLocalPort
INTEGER,
nsBgpPeerRemoteAddr
IpAddress,
nsBgpPeerRemotePort
INTEGER,
nsBgpPeerRemoteAs
INTEGER,
nsBgpPeerInUpdates
Counter32,
nsBgpPeerOutUpdates
Counter32,
nsBgpPeerInTotalMessages
Counter32,
nsBgpPeerOutTotalMessages
Counter32,
nsBgpPeerLastError
OCTET STRING,
nsBgpPeerFsmEstablishedTransitions
Counter32,
nsBgpPeerFsmEstablishedTime
Gauge32,
nsBgpPeerConnectRetryInterval
INTEGER,
nsBgpPeerHoldTime
INTEGER,
nsBgpPeerKeepAlive
INTEGER,
nsBgpPeerHoldTimeConfigured
INTEGER,
nsBgpPeerKeepAliveConfigured
INTEGER,
nsBgpPeerMinASOriginationInterval
INTEGER,
nsBgpPeerMinRouteAdvertisementInterval
INTEGER,
nsBgpPeerInUpdateElapsedTime
Gauge32,
nsBgpPeerVRID
INTEGER
}
nsBgpPeerIdentifier OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The BGP Identifier of this entry's BGP
peer."
::= { nsBgpPeerEntry 1 }
nsBgpPeerState OBJECT-TYPE
SYNTAX INTEGER {
idle(1),
connect(2),
active(3),
opensent(4),
openconfirm(5),
established(6)
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The BGP peer connection state."
::= { nsBgpPeerEntry 2 }
nsBgpPeerAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
stop(1),
start(2)
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The desired state of the BGP connection.
A transition from 'stop' to 'start' will
cause the BGP Start Event to be generated.
A transition from 'start' to 'stop' will
cause the BGP Stop Event to be generated.
This parameter can be used to restart BGP
peer connections. Care should be used in
providing write access to this object
without adequate authentication."
::= { nsBgpPeerEntry 3 }
nsBgpPeerNegotiatedVersion OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The negotiated version of BGP running
between the two peers."
::= { nsBgpPeerEntry 4 }
nsBgpPeerLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local IP address of this entry's BGP
connection."
::= { nsBgpPeerEntry 5 }
nsBgpPeerLocalPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local port for the TCP connection
between the BGP peers."
::= { nsBgpPeerEntry 6 }
nsBgpPeerRemoteAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote IP address of this entry's BGP
peer."
::= { nsBgpPeerEntry 7 }
nsBgpPeerRemotePort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote port for the TCP connection
between the BGP peers. Note that the
objects nsBgpPeerLocalAddr,
nsBgpPeerLocalPort, nsBgpPeerRemoteAddr and
nsBgpPeerRemotePort provide the appropriate
reference to the standard MIB TCP
connection table."
::= { nsBgpPeerEntry 8 }
nsBgpPeerRemoteAs OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote autonomous system number."
::= { nsBgpPeerEntry 9 }
nsBgpPeerInUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of BGP UPDATE messages
received on this connection. This object
should be initialized to zero (0) when the
connection is established."
::= { nsBgpPeerEntry 10 }
nsBgpPeerOutUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of BGP UPDATE messages
transmitted on this connection. This
object should be initialized to zero (0)
when the connection is established."
::= { nsBgpPeerEntry 11 }
nsBgpPeerInTotalMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of messages received
from the remote peer on this connection.
This object should be initialized to zero
when the connection is established."
::= { nsBgpPeerEntry 12 }
nsBgpPeerOutTotalMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of messages transmitted to
the remote peer on this connection. This
object should be initialized to zero when
the connection is established."
::= { nsBgpPeerEntry 13 }
nsBgpPeerLastError OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (2))
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The last error code and subcode seen by this
peer on this connection. If no error has
occurred, this field is zero. Otherwise, the
first byte of this two byte OCTET STRING
contains the error code, and the second byte
contains the subcode."
::= { nsBgpPeerEntry 14 }
nsBgpPeerFsmEstablishedTransitions OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of times the BGP FSM
transitioned into the established state."
::= { nsBgpPeerEntry 15 }
nsBgpPeerFsmEstablishedTime OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"This timer indicates how long (in
seconds) this peer has been in the
Established state or how long
since this peer was last in the
Established state. It is set to zero when
a new peer is configured or the router is
booted."
::= { nsBgpPeerEntry 16 }
nsBgpPeerConnectRetryInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the
ConnectRetry timer. The suggested value
for this timer is 120 seconds."
::= { nsBgpPeerEntry 17 }
nsBgpPeerHoldTime OBJECT-TYPE
SYNTAX INTEGER ( 0 | 3..65535 )
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the Hold
Timer established with the peer. The
value of this object is calculated by this
BGP speaker by using the smaller of the
value in nsBgpPeerHoldTimeConfigured and the
Hold Time received in the OPEN message.
This value must be at lease three seconds
if it is not zero (0) in which case the
Hold Timer has not been established with
the peer, or, the value of
nsBgpPeerHoldTimeConfigured is zero (0)."
::= { nsBgpPeerEntry 18 }
nsBgpPeerKeepAlive OBJECT-TYPE
SYNTAX INTEGER ( 0 | 1..21845 )
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the KeepAlive
timer established with the peer. The value
of this object is calculated by this BGP
speaker such that, when compared with
nsBgpPeerHoldTime, it has the same
proportion as what
nsBgpPeerKeepAliveConfigured has when
compared with nsBgpPeerHoldTimeConfigured.
If the value of this object is zero (0),
it indicates that the KeepAlive timer has
not been established with the peer, or,
the value of nsBgpPeerKeepAliveConfigured is
zero (0)."
::= { nsBgpPeerEntry 19 }
nsBgpPeerHoldTimeConfigured OBJECT-TYPE
SYNTAX INTEGER ( 0 | 3..65535 )
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the Hold Time
configured for this BGP speaker with this
peer. This value is placed in an OPEN
message sent to this peer by this BGP
speaker, and is compared with the Hold
Time field in an OPEN message received
from the peer when determining the Hold
Time (nsBgpPeerHoldTime) with the peer.
This value must not be less than three
seconds if it is not zero (0) in which
case the Hold Time is NOT to be
established with the peer. The suggested
value for this timer is 90 seconds."
::= { nsBgpPeerEntry 20 }
nsBgpPeerKeepAliveConfigured OBJECT-TYPE
SYNTAX INTEGER ( 0 | 1..21845 )
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the
KeepAlive timer configured for this BGP
speaker with this peer. The value of this
object will only determine the
KEEPALIVE messages' frequency relative to
the value specified in
nsBgpPeerHoldTimeConfigured; the actual
time interval for the KEEPALIVE messages
is indicated by nsBgpPeerKeepAlive. A
reasonable maximum value for this timer
would be configured to be one
third of that of
nsBgpPeerHoldTimeConfigured.
If the value of this object is zero (0),
no periodical KEEPALIVE messages are sent
to the peer after the BGP connection has
been established. The suggested value for
this timer is 30 seconds."
::= { nsBgpPeerEntry 21 }
nsBgpPeerMinASOriginationInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the
MinASOriginationInterval timer.
The suggested value for this timer is 15
seconds."
::= { nsBgpPeerEntry 22 }
nsBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Time interval in seconds for the
MinRouteAdvertisementInterval timer.
The suggested value for this timer is 30
seconds."
::= { nsBgpPeerEntry 23 }
nsBgpPeerInUpdateElapsedTime OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Elapsed time in seconds since the last BGP
UPDATE message was received from the peer.
Each time nsBgpPeerInUpdates is incremented,
the value of this object is set to zero
(0)."
::= { nsBgpPeerEntry 24 }
nsBgpPeerVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsBgpPeerEntry 25 }
-- BGP-4 Received Path Attribute Table. This table
-- contains, one entry per path to a network, path
-- attributes received from all peers running BGP-4.
nsBgp4PathAttrTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsBgp4PathAttrEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"The BGP-4 Received Path Attribute Table
contains information about paths to
destination networks received from all
BGP4 peers."
::= { nsBgp 6 }
nsBgp4PathAttrEntry OBJECT-TYPE
SYNTAX NsBgp4PathAttrEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Information about a path to a network."
INDEX { nsBgp4PathAttrIpAddrPrefix,
nsBgp4PathAttrIpAddrPrefixLen,
nsBgp4PathAttrPeer,
nsBgp4PathAttrVRID }
::= { nsBgp4PathAttrTable 1 }
NsBgp4PathAttrEntry ::= SEQUENCE {
nsBgp4PathAttrPeer
IpAddress,
nsBgp4PathAttrIpAddrPrefixLen
INTEGER,
nsBgp4PathAttrIpAddrPrefix
IpAddress,
nsBgp4PathAttrOrigin
INTEGER,
nsBgp4PathAttrASPathSegment
OCTET STRING,
nsBgp4PathAttrNextHop
IpAddress,
nsBgp4PathAttrMultiExitDisc
INTEGER,
nsBgp4PathAttrLocalPref
INTEGER,
nsBgp4PathAttrAtomicAggregate
INTEGER,
nsBgp4PathAttrAggregatorAS
INTEGER,
nsBgp4PathAttrAggregatorAddr
IpAddress,
nsBgp4PathAttrCalcLocalPref
INTEGER,
nsBgp4PathAttrBest
INTEGER,
nsBgp4PathAttrUnknown
OCTET STRING,
nsBgp4PathAttrVRID
INTEGER
}
nsBgp4PathAttrPeer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The IP address of the peer where the path
information was learned."
::= { nsBgp4PathAttrEntry 1 }
nsBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE
SYNTAX INTEGER (0..32)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Length in bits of the IP address prefix
in the Network Layer Reachability
Information field."
::= { nsBgp4PathAttrEntry 2 }
nsBgp4PathAttrIpAddrPrefix OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"An IP address prefix in the Network Layer
Reachability Information field. This object
is an IP address containing the prefix with
length specified by
nsBgp4PathAttrIpAddrPrefixLen.
Any bits beyond the length specified by
nsBgp4PathAttrIpAddrPrefixLen are zeroed."
::= { nsBgp4PathAttrEntry 3 }
nsBgp4PathAttrOrigin OBJECT-TYPE
SYNTAX INTEGER {
igp(1),-- networks are interior
egp(2),-- networks learned
-- via EGP
incomplete(3) -- undetermined
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The ultimate origin of the path
information."
::= { nsBgp4PathAttrEntry 4 }
nsBgp4PathAttrASPathSegment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (2..255))
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The sequence of AS path segments. Each AS
path segment is represented by a triple
<type, length, value>.
The type is a 1-octet field which has two
possible values:
1 AS_SET: unordered set of ASs a
route in the UPDATE
message has traversed
2 AS_SEQUENCE: ordered set of ASs
a route in the UPDATE
message has traversed.
The length is a 1-octet field containing the
number of ASs in the value field.
The value field contains one or more AS
numbers, each AS is represented in the octet
string as a pair of octets according to the
following algorithm:
first-byte-of-pair = ASNumber / 256;
second-byte-of-pair = ASNumber & 255;"
::= { nsBgp4PathAttrEntry 5 }
nsBgp4PathAttrNextHop OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The address of the border router that
should be used for the destination
network."
::= { nsBgp4PathAttrEntry 6 }
nsBgp4PathAttrMultiExitDisc OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"This metric is used to discriminate
between multiple exit points to an
adjacent autonomous system. A value of -1
indicates the absence of this attribute."
::= { nsBgp4PathAttrEntry 7 }
nsBgp4PathAttrLocalPref OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The originating BGP4 speaker's degree of
preference for an advertised route. A
value of -1 indicates the absence of this
attribute."
::= { nsBgp4PathAttrEntry 8 }
nsBgp4PathAttrAtomicAggregate OBJECT-TYPE
SYNTAX INTEGER {
lessSpecificRrouteNotSelected(1),
lessSpecificRouteSelected(2)
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Whether or not the local system has
selected a less specific route without
selecting a more specific route."
::= { nsBgp4PathAttrEntry 9 }
nsBgp4PathAttrAggregatorAS OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The AS number of the last BGP4 speaker that
performed route aggregation. A value of
zero (0) indicates the absence of this
attribute."
::= { nsBgp4PathAttrEntry 10 }
nsBgp4PathAttrAggregatorAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The IP address of the last BGP4 speaker
that performed route aggregation. A value
of 0.0.0.0 indicates the absence of this
attribute."
::= { nsBgp4PathAttrEntry 11 }
nsBgp4PathAttrCalcLocalPref OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The degree of preference calculated by the
receiving BGP4 speaker for an advertised
route. A value of -1 indicates the
absence of this attribute."
::= { nsBgp4PathAttrEntry 12 }
nsBgp4PathAttrBest OBJECT-TYPE
SYNTAX INTEGER {
false(1),-- not chosen as best route
true(2) -- chosen as best route
}
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"An indication of whether or not this route
was chosen as the best BGP4 route."
::= { nsBgp4PathAttrEntry 13 }
nsBgp4PathAttrUnknown OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"One or more path attributes not understood
by this BGP4 speaker. Size zero (0)
indicates the absence of such
attribute(s). Octets beyond the maximum
size, if any, are not recorded by this
object."
::= { nsBgp4PathAttrEntry 14 }
nsBgp4PathAttrVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsBgp4PathAttrEntry 15 }
-- Traps.
nsBgpTraps OBJECT IDENTIFIER ::= { nsBgp 7 }
nsBgpEstablished NOTIFICATION-TYPE
OBJECTS { netscreenTrapType,
netscreenTrapDesc,
nsBgpPeerIdentifier,
nsBgpPeerVRID,
nsBgpPeerLastError,
nsBgpPeerState }
STATUS deprecated
DESCRIPTION
"The BGP Established event is generated when
the BGP FSM enters the ESTABLISHED state."
::= { nsBgpTraps 1 }
END

217
MIBS/screenos/NETSCREEN-CERTIFICATE-MIB Normal file
View File

@ -0,0 +1,217 @@
-- This module defines enterprise MIBs for VPN certificate
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-CERTIFICATE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenCertificateMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
VPN certificates"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311120000Z" -- November 12, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No comment"
REVISION "200105150000Z" -- May 15, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 7 }
NsVpnCertCfgEntry ::= SEQUENCE
{
nsVpnCertCfgIndex Integer32,
nsVpnCertCfgType INTEGER,
nsVpnCertCfgSubject DisplayString,
nsVpnCertCfgExpire DisplayString,
nsVpnCertCfgIssuer DisplayString,
nsVpnCertCfgVsys Integer32
}
NsVpnCertDefEntry ::= SEQUENCE
{
nsVpnCertDefIndex Integer32,
nsVpnCertDefLdap DisplayString,
nsVpnCertDefCrlUrl DisplayString,
nsVpnCertDefRefresh DisplayString,
nsVpnCertDefX509 INTEGER,
nsVpnCertDefVsys Integer32
}
nsVpnCert OBJECT IDENTIFIER ::= { netscreenVpn 7 }
nsVpnCertDefTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnCertDefEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Certificate default setting table collects the default
certificates used when establish a secure VPN connection in
NetScreen device."
::= { nsVpnCert 1 }
nsVpnCertDefEntry OBJECT-TYPE
SYNTAX NsVpnCertDefEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes of a certificate"
INDEX
{ nsVpnCertDefIndex }
::= { nsVpnCertDefTable 1 }
nsVpnCertDefIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Table index using as primary key when retrieving the table."
::= { nsVpnCertDefEntry 1 }
nsVpnCertDefLdap OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"LDAP server name."
::= { nsVpnCertDefEntry 2 }
nsVpnCertDefCrlUrl OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"URL of CRL."
::= { nsVpnCertDefEntry 3 }
nsVpnCertDefRefresh OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"CRL Refresh Frequency."
::= { nsVpnCertDefEntry 4 }
nsVpnCertDefX509 OBJECT-TYPE
SYNTAX INTEGER {
partial(0),
full(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"X509 Certificate Path Validation Level."
::= { nsVpnCertDefEntry 5 }
nsVpnCertDefVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys the cert setting belongs to."
::= { nsVpnCertDefEntry 6 }
nsVpnCertCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnCertCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table collects detail certificate information."
::= { nsVpnCert 2 }
nsVpnCertCfgEntry OBJECT-TYPE
SYNTAX NsVpnCertCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnCertCfgTable contains a set of
attributes for a certificate"
INDEX
{ nsVpnCertCfgIndex }
::= { nsVpnCertCfgTable 1 }
nsVpnCertCfgIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for certification table. Its value ranges
between 0 and 65535 and may not be contiguous."
::= { nsVpnCertCfgEntry 1 }
nsVpnCertCfgType OBJECT-TYPE
SYNTAX INTEGER {
ca(0),
local(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Certificate type."
::= { nsVpnCertCfgEntry 2 }
nsVpnCertCfgSubject OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Certificate subject."
::= { nsVpnCertCfgEntry 3 }
nsVpnCertCfgExpire OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Certificate expire date."
::= { nsVpnCertCfgEntry 4 }
nsVpnCertCfgIssuer OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Certificate configuration details."
::= { nsVpnCertCfgEntry 5 }
nsVpnCertCfgVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Certificate's vsys."
::= { nsVpnCertCfgEntry 6 }
END

272
MIBS/screenos/NETSCREEN-CHASSIS-MIB Normal file
View File

@ -0,0 +1,272 @@
-- This module defines chassis MIBs for modular ScreenOS platforms
-- Copyright (c) 1999-2007, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-CHASSIS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreen
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenChassis MODULE-IDENTITY
LAST-UPDATED "200705080000Z"
-- May 8, 2007 by mxk
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the objects that are used to monitor
device status such as Battery, Fan, Power and Temperature"
::= { netscreen 21}
NsPowerEntry ::=
SEQUENCE {
nsPowerId Integer32,
nsPowerStatus Integer32,
nsPowerDesc DisplayString
}
nsPowerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsPowerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing installed power supply modules and
their status"
::= { netscreenChassis 1}
nsPowerEntry OBJECT-TYPE
SYNTAX NsPowerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing one power supply module and its status"
INDEX { nsPowerId }
::= { nsPowerTable 1 }
nsPowerId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the power supply
id. For 5400, range is 1~3, For 5200, range is 1~2"
::= { nsPowerEntry 1 }
nsPowerStatus OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the
power supply module's status:
0. Fail
1. Good
2. Not installed"
::= { nsPowerEntry 2 }
nsPowerDesc OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A description for the power supply module"
::= { nsPowerEntry 3 }
NsFanEntry ::=
SEQUENCE {
nsFanId Integer32,
nsFanStatus Integer32,
nsFanDesc DisplayString
}
nsFanTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsFanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing the installed Fan modules and their status"
::= { netscreenChassis 2}
nsFanEntry OBJECT-TYPE
SYNTAX NsFanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing one installed Fan module and its status"
INDEX { nsFanId }
::= { nsFanTable 1 }
nsFanId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the Fan id. At the time of
this writing."
::= { nsFanEntry 1 }
nsFanStatus OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the
Fan module's status:
0. Fail
1. Good
"
::= { nsFanEntry 2 }
nsFanDesc OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A description for the Fan module"
::= { nsFanEntry 3 }
sysBatteryStatus OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Information describing the installed Battery and its status:
1. Good
2. Error
"
::= { netscreenChassis 3 }
NsTemperatureEntry ::=
SEQUENCE {
nsTemperatureId Integer32,
nsTemperatureSlotId Integer32,
nsTemperatureDesc DisplayString,
nsTemperatureCur Integer32,
}
nsTemperatureTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsTemperatureEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing the temperature measured by each module"
::= { netscreenChassis 4}
nsTemperatureEntry OBJECT-TYPE
SYNTAX NsTemperatureEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The temperature measured by a module"
INDEX { nsTemperatureId }
::= { nsTemperatureTable 1 }
nsTemperatureId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying temperature measured on a board or on a component e.g. CPU"
::= { nsTemperatureEntry 1 }
nsTemperatureSlotId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the slot where the temperature is measured. "
::= { nsTemperatureEntry 2 }
nsTemperatureCur OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current temperature measured by the module, unit is Celsius"
::= { nsTemperatureEntry 3 }
nsTemperatureDesc OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A description for the module"
::= { nsTemperatureEntry 4 }
NsSlotEntry ::= SEQUENCE {
nsSlotId Integer32,
nsSlotType DisplayString,
nsSlotStatus Integer32,
nsSlotSN DisplayString,
}
nsSlotTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSlotEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing the installed management and traffic
processing modules and their status, built-in and internal module are also listed here.
"
::= { netscreenChassis 5}
nsSlotEntry OBJECT-TYPE
SYNTAX NsSlotEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information describing one installed module and its status"
INDEX { nsSlotId,
nsSubSlotId }
::= { nsSlotTable 1 }
nsSlotId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A 32-bit integer uniquely identifying the slot id. The range
varies on different platforms "
::= { nsSlotEntry 1 }
nsSlotType OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A description of the installed module"
::= { nsSlotEntry 2 }
nsSlotStatus OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Slot status"
::= { nsSlotEntry 3 }
nsSlotSN OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Serial Number of the module"
::= { nsSlotEntry 4 }
END

880
MIBS/screenos/NETSCREEN-IDS-MIB Normal file
View File

@ -0,0 +1,880 @@
-- This module defines enterprise MIBs DI Setting.
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-IDS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenIDS
FROM NETSCREEN-SMI
Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
;
nsIdsProtect MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs DI Setting."
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200204260000Z" -- April 26, 2002
DESCRIPTION
"Screen option on zone setting, add new screen option (Zhong
Wang)"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200101080000Z" -- January 08, 2001
DESCRIPTION
"Creation Date"
::= { netscreenIDS 1 }
NsIdsAttkMonEntry ::= SEQUENCE
{
nsIdsAttkMonIfIdx Integer32,
nsIdsAttkMonVsys Integer32,
nsIdsAttkMonSynAttk Counter32,
nsIdsAttkMonTearDrop Counter32,
nsIdsAttkMonSrcRoute Counter32,
nsIdsAttkMonPingDeath Counter32,
nsIdsAttkMonAddrSpoof Counter32,
nsIdsAttkMonLand Counter32,
nsIdsAttkMonIcmpFlood Counter32,
nsIdsAttkMonUdpFlood Counter32,
nsIdsAttkMonWinnuke Counter32,
nsIdsAttkMonPortScan Counter32,
nsIdsAttkMonIpSweep Counter32,
nsAttkMonSynFrag Counter32,
nsAttkMonTcpNoFlag Counter32,
nsAttkMonIpUnknownProt Counter32,
nsAttkMonIpOptBad Counter32,
nsAttkMonIpOptRecord Counter32,
nsAttkMonIpOptTimestamp Counter32,
nsAttkMonIpOptSCHT Counter32,
nsAttkMonIpOptLSR Counter32,
nsAttkMonIpOptSSR Counter32,
nsAttkMonIpOptStream Counter32,
nsAttkMonIcmpFrag Counter32,
nsAttkMonIcmpLarge Counter32,
nsAttkMonTcpSynFin Counter32,
nsAttkMonTcpFinNoAck Counter32,
nsAttkMonHttpMalUrl Counter32,
nsAttkMonSessMalNum Counter32,
nsAttkMonSynAckAck Counter32,
nsAttkMonIpFrag Counter32,
nsIdsAttkMonIfInfo Integer32
}
NsIdsProtectSetEntry ::= SEQUENCE
{
nsIdsProtectZoneIdx Integer32,
nsIdsDetectPingOfDeath INTEGER,
nsIdsDetectTearDrop INTEGER,
nsIdsDetectWinNuke INTEGER,
nsIdsFilterIpSrcRoute INTEGER,
nsIdsDetectPortScan INTEGER,
nsIdsDetectAddrSweep INTEGER,
nsIdsDetectLand INTEGER,
nsIdsBlockComponent INTEGER,
nsIdsDetectIpSpoof INTEGER,
nsIdsDetectSyn INTEGER,
nsIdsDetectIcmpFlood INTEGER,
nsIdsDetectUdpFlood INTEGER,
nsIdsDetectSynFrag INTEGER,
nsIdsDetectTcpNoFlag INTEGER,
nsIdsDetectIpUnknownProt INTEGER,
nsIdsDetectIpOptBad INTEGER,
nsIdsDetectIpOptRecord INTEGER,
nsIdsDetectIpOptTimestamp INTEGER,
nsIdsDetectIpOptSCHT INTEGER,
nsIdsDetectIpOptLSR INTEGER,
nsIdsDetectIpOptSSR INTEGER,
nsIdsDetectIpOptStream INTEGER,
nsIdsDetectIcmpFrag INTEGER,
nsIdsDetectIcmpLarge INTEGER,
nsIdsDetectTcpSynFin INTEGER,
nsIdsDetectTcpFinNoAck INTEGER,
nsIdsHttpMalUrl INTEGER,
nsIdsSessMalNum INTEGER,
nsIdsDetectSynAckAck INTEGER,
nsIdsDetectIpFrag INTEGER
}
NsIdsProtectThreshEntry ::= SEQUENCE
{
nsIdsProtectThreshZoneIdx Integer32,
nsIdsSynAttackThresh Integer32,
nsIdsSynAttackTimeout Integer32,
nsIdsSynAttackAlmTh Integer32,
nsIdsSynAttackQueSize Integer32,
nsIdsSynAttackAgeTime Integer32,
nsIdsIcmpFloodThresh Integer32,
nsIdsUdpFloodThresh Integer32,
nsIdsPortScanThresh Integer32,
nsIdsIpSweepThresh Integer32,
nsIdsSynAckAckThres Integer32
}
nsIdsProtectSetTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIdsProtectSetEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen ScreenOS can allow DI protection on each of
NetScreen device's physical interface. This table collects the
DI protection configuration on each physical interface."
::= { nsIdsProtect 1 }
nsIdsProtectSetEntry OBJECT-TYPE
SYNTAX NsIdsProtectSetEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Hold the DI setting attribute."
INDEX
{ nsIdsProtectZoneIdx }
::= { nsIdsProtectSetTable 1 }
nsIdsProtectZoneIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"unique zone id."
::= { nsIdsProtectSetEntry 1 }
nsIdsDetectPingOfDeath OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Ping of Death."
::= { nsIdsProtectSetEntry 2 }
nsIdsDetectTearDrop OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Tear Drop Attack."
::= { nsIdsProtectSetEntry 3 }
nsIdsDetectWinNuke OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Win Nuke Attack."
::= { nsIdsProtectSetEntry 4 }
nsIdsFilterIpSrcRoute OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Filter IP Source Route Option attack."
::= { nsIdsProtectSetEntry 5 }
nsIdsDetectPortScan OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Port Scan Death attack."
::= { nsIdsProtectSetEntry 6 }
nsIdsDetectAddrSweep OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Address Sweep Attack."
::= { nsIdsProtectSetEntry 7 }
nsIdsDetectLand OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Land Attack."
::= { nsIdsProtectSetEntry 8 }
nsIdsBlockComponent OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Block Java/ActiveX/ZIP/EXE Component."
::= { nsIdsProtectSetEntry 9 }
nsIdsDetectIpSpoof OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP Spoofing attack."
::= { nsIdsProtectSetEntry 10 }
nsIdsDetectSyn OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect SYN attack."
::= { nsIdsProtectSetEntry 11 }
nsIdsDetectIcmpFlood OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect ICMP Flood attack."
::= { nsIdsProtectSetEntry 12 }
nsIdsDetectUdpFlood OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect UDP Flood attack."
::= { nsIdsProtectSetEntry 13 }
nsIdsDetectSynFrag OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect SYN fragment"
::= { nsIdsProtectSetEntry 14 }
nsIdsDetectTcpNoFlag OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP without flag set."
::= { nsIdsProtectSetEntry 15 }
nsIdsDetectIpUnknownProt OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Unknown protocol IP packet."
::= { nsIdsProtectSetEntry 16 }
nsIdsDetectIpOptBad OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP bad option."
::= { nsIdsProtectSetEntry 17 }
nsIdsDetectIpOptRecord OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP record option."
::= { nsIdsProtectSetEntry 18 }
nsIdsDetectIpOptTimestamp OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP timestamp option."
::= { nsIdsProtectSetEntry 19 }
nsIdsDetectIpOptSCHT OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP security option."
::= { nsIdsProtectSetEntry 20 }
nsIdsDetectIpOptLSR OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Loose source route."
::= { nsIdsProtectSetEntry 21 }
nsIdsDetectIpOptSSR OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect strict source route."
::= { nsIdsProtectSetEntry 22 }
nsIdsDetectIpOptStream OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP stream option."
::= { nsIdsProtectSetEntry 23 }
nsIdsDetectIcmpFrag OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect ICMP fragment."
::= { nsIdsProtectSetEntry 24 }
nsIdsDetectIcmpLarge OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect large ICMP packet."
::= { nsIdsProtectSetEntry 25 }
nsIdsDetectTcpSynFin OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP syn fin both set."
::= { nsIdsProtectSetEntry 26 }
nsIdsDetectTcpFinNoAck OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP fin set without ack bit set."
::= { nsIdsProtectSetEntry 27 }
nsIdsHttpMalUrl OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect malicious URL."
::= { nsIdsProtectSetEntry 28 }
nsIdsSessMalNum OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect malicious session connection."
::= { nsIdsProtectSetEntry 29 }
nsIdsDetectSynAckAck OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect SYN ACK ACK DoS."
::= { nsIdsProtectSetEntry 30 }
nsIdsDetectIpFrag OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Block IP fragment packet."
::= { nsIdsProtectSetEntry 31 }
nsIdsProtectThreshTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIdsProtectThreshEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen ScreenOS can allow DI protection on each of
NetScreen device's physical interface. This table collects the
DI protection configuration on each physical interface."
::= { nsIdsProtect 2 }
nsIdsProtectThreshEntry OBJECT-TYPE
SYNTAX NsIdsProtectThreshEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Hold the DI setting attribute."
INDEX
{ nsIdsProtectThreshZoneIdx }
::= { nsIdsProtectThreshTable 1 }
nsIdsProtectThreshZoneIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"unique zone id."
::= { nsIdsProtectThreshEntry 1 }
nsIdsSynAttackThresh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN attack threshold."
::= { nsIdsProtectThreshEntry 2 }
nsIdsSynAttackTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN attack timeout."
::= { nsIdsProtectThreshEntry 3 }
nsIdsSynAttackAlmTh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN attack alarm threshold."
::= { nsIdsProtectThreshEntry 4 }
nsIdsSynAttackQueSize OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN attack queue size."
::= { nsIdsProtectThreshEntry 5 }
nsIdsSynAttackAgeTime OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN flood age time."
::= { nsIdsProtectThreshEntry 6 }
nsIdsIcmpFloodThresh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ICMP attack alarm threshold."
::= { nsIdsProtectThreshEntry 7 }
nsIdsUdpFloodThresh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"UDP attack alarm threshold."
::= { nsIdsProtectThreshEntry 8 }
nsIdsPortScanThresh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ICMP attack alarm threshold."
::= { nsIdsProtectThreshEntry 9 }
nsIdsIpSweepThresh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"UDP attack alarm threshold."
::= { nsIdsProtectThreshEntry 10 }
nsIdsSynAckAckThres OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SYN ack ack alarm threshold."
::= { nsIdsProtectThreshEntry 11 }
nsIdsAttkMonTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIdsAttkMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table monitors the intrusion attack attemps amount to
NetScreen Device."
::= { netscreenIDS 2 }
nsIdsAttkMonEntry OBJECT-TYPE
SYNTAX NsIdsAttkMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing intrusion attack couters."
INDEX
{ nsIdsAttkMonIfIdx }
::= { nsIdsAttkMonTable 1 }
nsIdsAttkMonIfIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"unique interface id."
::= { nsIdsAttkMonEntry 1 }
nsIdsAttkMonVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"according NetScreen's concepts. each interface belongs to one
virtual system. This attribute displays the virtual system name
an interface belongs to."
::= { nsIdsAttkMonEntry 2 }
nsIdsAttkMonSynAttk OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"sync attack packet counter."
::= { nsIdsAttkMonEntry 3 }
nsIdsAttkMonTearDrop OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"tear drop attack packet counter."
::= { nsIdsAttkMonEntry 4 }
nsIdsAttkMonSrcRoute OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"source route option attack packet counter."
::= { nsIdsAttkMonEntry 5 }
nsIdsAttkMonPingDeath OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ping of death attack packet counter."
::= { nsIdsAttkMonEntry 6 }
nsIdsAttkMonAddrSpoof OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"address spoofing attack packet counter."
::= { nsIdsAttkMonEntry 7 }
nsIdsAttkMonLand OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"land attack packet counter."
::= { nsIdsAttkMonEntry 8 }
nsIdsAttkMonIcmpFlood OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ICMP flood attack packet counter."
::= { nsIdsAttkMonEntry 9 }
nsIdsAttkMonUdpFlood OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"udp flood attack packet counter."
::= { nsIdsAttkMonEntry 10 }
nsIdsAttkMonWinnuke OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"weired netbios attack packet counter."
::= { nsIdsAttkMonEntry 11 }
nsIdsAttkMonPortScan OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"port scan attempt attack packet counter."
::= { nsIdsAttkMonEntry 12 }
nsIdsAttkMonIpSweep OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"address sweep attemp attack packet counter."
::= { nsIdsAttkMonEntry 13 }
nsAttkMonSynFrag OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect SYN fragment"
::= { nsIdsAttkMonEntry 14 }
nsAttkMonTcpNoFlag OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP without flag set."
::= { nsIdsAttkMonEntry 15 }
nsAttkMonIpUnknownProt OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Unknown protocol IP packet."
::= { nsIdsAttkMonEntry 16 }
nsAttkMonIpOptBad OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP bad option."
::= { nsIdsAttkMonEntry 17 }
nsAttkMonIpOptRecord OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP record option."
::= { nsIdsAttkMonEntry 18 }
nsAttkMonIpOptTimestamp OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP timestamp option."
::= { nsIdsAttkMonEntry 19 }
nsAttkMonIpOptSCHT OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP security option."
::= { nsIdsAttkMonEntry 20 }
nsAttkMonIpOptLSR OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect Loose source route."
::= { nsIdsAttkMonEntry 21 }
nsAttkMonIpOptSSR OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect strict source route."
::= { nsIdsAttkMonEntry 22 }
nsAttkMonIpOptStream OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect IP stream option."
::= { nsIdsAttkMonEntry 23 }
nsAttkMonIcmpFrag OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect ICMP fragment."
::= { nsIdsAttkMonEntry 24 }
nsAttkMonIcmpLarge OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect large ICMP packet."
::= { nsIdsAttkMonEntry 25 }
nsAttkMonTcpSynFin OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP syn fin both set."
::= { nsIdsAttkMonEntry 26 }
nsAttkMonTcpFinNoAck OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect TCP fin set without ack bit set."
::= { nsIdsAttkMonEntry 27 }
nsAttkMonHttpMalUrl OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect malicious URL."
::= { nsIdsAttkMonEntry 28 }
nsAttkMonSessMalNum OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect malicious session connection."
::= { nsIdsAttkMonEntry 29 }
nsAttkMonSynAckAck OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Detect SYN ACK ACK attack."
::= { nsIdsAttkMonEntry 30 }
nsAttkMonIpFrag OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Block IP fragment packet."
::= { nsIdsAttkMonEntry 31 }
nsIdsAttkMonIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsIdsAttkMonEntry 32 }
END

696
MIBS/screenos/NETSCREEN-INTERFACE-MIB Normal file
View File

@ -0,0 +1,696 @@
-- This module defines enterprise MIBs for interface configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-INTERFACE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenInterface
FROM NETSCREEN-SMI
Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString,PhysAddress
FROM SNMPv2-TC
;
netscreenInterfaceMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor NS's
interface configuration"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105110000Z" -- May 11, 2001
DESCRIPTION
"Creation Date"
::= { netscreenInterface 0 }
NsIfEntry ::= SEQUENCE
{
nsIfIndex Integer32,
nsIfName DisplayString,
nsIfVsys Integer32,
nsIfZone Integer32,
nsIfStatus INTEGER,
nsIfIp IpAddress,
nsIfNetmask IpAddress,
nsIfGateway IpAddress,
nsIfMngIp IpAddress,
nsIfMode INTEGER,
nsIfMAC PhysAddress,
nsIfMngTelnet INTEGER,
nsIfMngSCS INTEGER,
nsIfMngWEB INTEGER,
nsIfMngSSL INTEGER,
nsIfMngSNMP INTEGER,
nsIfMngGlobal INTEGER,
nsIfMngGlobalPro INTEGER,
nsIfMngPing INTEGER,
nsIfMngIdentReset INTEGER,
nsIfInfo Integer32,
nsIfDescr DisplayString
}
NsIfFlowEntry ::= SEQUENCE
{
nsIfFlowIfIdx Integer32,
nsIfFlowVsys Integer32,
nsIfFlowInByte Counter32,
nsIfFlowInPacket Counter32,
nsIfFlowOutByte Counter32,
nsIfFlowOutPacket Counter32,
nsIfFlowInVpn Counter32,
nsIfInVlan Counter32,
nsIfOutVlan Counter32,
nsIfFlowIfInfo Integer32
}
NsIfMonEntry ::= SEQUENCE
{
nsIfMonIfIdx Integer32,
nsIfMonVsys Integer32,
nsIfMonPlyDeny Counter32,
nsIfMonAuthFail Counter32,
nsIfMonUrlBlock Counter32,
nsIfMonTrMngQueue Counter32,
nsIfMonTrMngDrop Counter32,
nsIfMonEncFail Counter32,
nsIfMonNoSa Counter32,
nsIfMonNoSaPly Counter32,
nsIfMonSaInactive Counter32,
nsIfMonSaPolicyDeny Counter32,
nsIfMonIfInfo Integer32
}
NsIfSecondaryIpEntry ::= SEQUENCE
{
nsIfSecondaryIpIndex Integer32,
nsIfSecondaryIpIfIdx Integer32,
nsIfSecondaryIpVsys Integer32,
nsIfSecondaryIpZone Integer32,
nsIfSecondaryIpAddress IpAddress,
nsIfSecondaryIpNetmask IpAddress,
nsIfSecondaryIpIfInfo Integer32
}
nsIfTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"All NetScreen devices have a trusted interface and an
untrusted interface. The NetScreen-10 and -100 also have a DMZ
interface. Additionally, on each of the virtual systems
supported by the NetScreen-1000 there can be on or more tursted
subinterfaces linking a particular virtual system to one or
more virtual LANs. Other interfaces-some physical, some
logical, and some virtual-provide exclusive channels for
administrative traffic, or for communication among member in a
redundant group. In this table, it will collect following
interface: tursted interface, untrusted interface, DMZ
interface, Management Interface and Subinterface."
::= { netscreenInterface 1 }
nsIfEntry OBJECT-TYPE
SYNTAX NsIfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"nsIfEntry collects some attributes about NetScreen interface
settings."
INDEX
{ nsIfIndex }
::= { nsIfTable 1 }
nsIfIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Interface number which uniquely identifies an interface."
::= { nsIfEntry 1 }
nsIfName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each interface has a readable name such as 'trust', 'trust/1',
etc."
::= { nsIfEntry 2 }
nsIfVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"According NetScreen's concepts, each interface belongs to one
virtual system. This attribute displays the virtual system name
an interface belongs to. If the device is device which doesn't
support vsys such as NS-100, we can logically think all the
setting belongs to 'root' vsys."
::= { nsIfEntry 3 }
nsIfZone OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each interface belongs to one security zone. This attribute
displays the security zone name an interface belongs to."
::= { nsIfEntry 4 }
nsIfStatus OBJECT-TYPE
SYNTAX INTEGER {
down(0),
up(1),
ready(2),
inactive(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The interface status which indicates interface's operational
status."
::= { nsIfEntry 5 }
nsIfIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each interface must be assigned an IP address."
::= { nsIfEntry 6 }
nsIfNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each interface must belong to a subnet represented by
netmask."
::= { nsIfEntry 7 }
nsIfGateway OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Default gateway ip address."
::= { nsIfEntry 8 }
nsIfMngIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Trusted, untrusted and DMZ interfaces can have two IP address:
an interface IP address that corresponds to the physical port
through which that interface connects to a network, and a
Manage IP address that can be used to receive administrative
traffic"
::= { nsIfEntry 9 }
nsIfMode OBJECT-TYPE
SYNTAX INTEGER {
transparent(0),
nat(1),
route(2),
not-applicable(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetScreen interface can has three operation modes. They are
transparent, nat and route."
::= { nsIfEntry 10 }
nsIfMAC OBJECT-TYPE
SYNTAX PhysAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"MAC address the interface has."
::= { nsIfEntry 11 }
nsIfMngTelnet OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits telnet management."
::= { nsIfEntry 12 }
nsIfMngSCS OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits Secure Command Shell management."
::= { nsIfEntry 13 }
nsIfMngWEB OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits WEB UI management."
::= { nsIfEntry 14 }
nsIfMngSSL OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits SSL management."
::= { nsIfEntry 15 }
nsIfMngSNMP OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits SNMP management."
::= { nsIfEntry 16 }
nsIfMngGlobal OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits NS Global management."
::= { nsIfEntry 17 }
nsIfMngGlobalPro OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits NS Global Pro management."
::= { nsIfEntry 18 }
nsIfMngPing OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits Ping go-through."
::= { nsIfEntry 19 }
nsIfMngIdentReset OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enable(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This attribute is used to indicate whether the interface
permits ident reset."
::= { nsIfEntry 20 }
nsIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsIfEntry 21 }
nsIfDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each interface has a a configurable descriptor string."
::= { nsIfEntry 22 }
nsIfSecondaryIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIfSecondaryIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"In some ScreenOS, it supports multiple IP addresses and
related subnets based on the same interface. This table
collects the multiple IP addresses configuration on an
interface."
::= { netscreenInterface 2 }
nsIfSecondaryIpEntry OBJECT-TYPE
SYNTAX NsIfSecondaryIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"nsIfSecondaryIpEntry collects some attributes about multiple
IP configurations on an interface."
INDEX
{ nsIfSecondaryIpIndex }
::= { nsIfSecondaryIpTable 1 }
nsIfSecondaryIpIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The table index used as primary key when retrieving the
table."
::= { nsIfSecondaryIpEntry 1 }
nsIfSecondaryIpIfIdx OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index value which uniquely identifies an interface the
secodary ip belongs to. The interface identified by a
particular value of this index is the same interface as
identified by the same value of ifIndex."
::= { nsIfSecondaryIpEntry 2 }
nsIfSecondaryIpVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"According NetScreen's concepts, each interface belongs to one
virtual system. This attribute displays the virtual system ID
an interface belongs to. If the device is device which doesn't
support vsys such as NS-100, we can logically think all the
setting belongs to 'root' vsys."
::= { nsIfSecondaryIpEntry 3 }
nsIfSecondaryIpZone OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"each interface belongs to one security zone. this attribute
displays the security zone name an interface belongs to."
::= { nsIfSecondaryIpEntry 4 }
nsIfSecondaryIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Ip Address value."
::= { nsIfSecondaryIpEntry 5 }
nsIfSecondaryIpNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Subnet of a ip belongs to."
::= { nsIfSecondaryIpEntry 6 }
nsIfSecondaryIpIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsIfSecondaryIpEntry 7 }
nsIfFlowTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIfFlowEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"nsIfFlowTable is used to get flow statistical information of
the interface."
::= { netscreenInterface 3 }
nsIfFlowEntry OBJECT-TYPE
SYNTAX NsIfFlowEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table entry collect some attributes about interface flow
counters."
INDEX
{ nsIfFlowIfIdx }
::= { nsIfFlowTable 1 }
nsIfFlowIfIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Unique interface id, also used as table index."
::= { nsIfFlowEntry 1 }
nsIfFlowVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"According NetScreen's concepts. each interface belongs to one
virtual system. This attribute displays the virtual system name
an interface belongs to."
::= { nsIfFlowEntry 2 }
nsIfFlowInByte OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Incoming byte number arriving at the this interface"
::= { nsIfFlowEntry 3 }
nsIfFlowInPacket OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Incoming packet number arriving at the this interface"
::= { nsIfFlowEntry 4 }
nsIfFlowOutByte OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outgoing byte number sending through this interface"
::= { nsIfFlowEntry 5 }
nsIfFlowOutPacket OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outgoing packet number sending through this interface"
::= { nsIfFlowEntry 6 }
nsIfFlowInVpn OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VPN packet go through this interface"
::= { nsIfFlowEntry 7 }
nsIfInVlan OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Incoming vlan packet"
::= { nsIfFlowEntry 8 }
nsIfOutVlan OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outgoing vlan packet"
::= { nsIfFlowEntry 9 }
nsIfFlowIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsIfFlowEntry 10 }
nsIfMonTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIfMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table collects some of dropped packet counters of
interface"
::= { netscreenInterface 4 }
nsIfMonEntry OBJECT-TYPE
SYNTAX NsIfMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing tunnel information"
INDEX
{ nsIfMonIfIdx }
::= { nsIfMonTable 1 }
nsIfMonIfIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Unique interface id, also used as table index."
::= { nsIfMonEntry 1 }
nsIfMonVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"According NetScreen's concepts, each interface belongs to one
virtual system. This attribute displays the virtual system name
an interface belongs to."
::= { nsIfMonEntry 2 }
nsIfMonPlyDeny OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet drop since denied by policy."
::= { nsIfMonEntry 3 }
nsIfMonAuthFail OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet drop due to authentication failed."
::= { nsIfMonEntry 4 }
nsIfMonUrlBlock OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet drop due to URL blocking."
::= { nsIfMonEntry 5 }
nsIfMonTrMngQueue OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"packet queue up due to traffic management"
::= { nsIfMonEntry 6 }
nsIfMonTrMngDrop OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packet drop due to traffic management"
::= { nsIfMonEntry 7 }
nsIfMonEncFail OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IPSec enc failed due to sa not available, no ipak, etc"
::= { nsIfMonEntry 8 }
nsIfMonNoSa OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"packet drop due to no sa found for incomig spi"
::= { nsIfMonEntry 9 }
nsIfMonNoSaPly OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"packet drop due to no policy associated with found sa"
::= { nsIfMonEntry 10 }
nsIfMonSaInactive OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"packet drop due to sa not active"
::= { nsIfMonEntry 11 }
nsIfMonSaPolicyDeny OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"packet drop due to denial by sa policy"
::= { nsIfMonEntry 12 }
nsIfMonIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsIfMonEntry 13 }
END

184
MIBS/screenos/NETSCREEN-IP-ARP-MIB Normal file
View File

@ -0,0 +1,184 @@
-- This module defines enterprise MIBs for ARP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-IP-ARP-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenIp
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString,PhysAddress
FROM SNMPv2-TC
;
nsIpArp MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for ARP"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105020000Z" -- May 02, 2001
DESCRIPTION
"Creation Date"
::= { netscreenIp 1 }
NsIpArpEntry ::= SEQUENCE
{
nsIpArpIndex Integer32,
nsIpArpIp IpAddress,
nsIpArpMac PhysAddress,
nsIpArpVsys Integer32,
nsIpArpIfIdx Integer32,
nsIpArpState INTEGER,
nsIpArpAge Integer32,
nsIpArpRetry Integer32,
nsIpArpPakQue Integer32
}
nsIpArpAOD OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ARP always on destination."
::= { nsIpArp 1 }
nsIpArpCachUpdate OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ARP cache update."
::= { nsIpArp 2 }
nsIpArpTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsIpArpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table collects all the ARP entries existing in NetScreen
device."
::= { nsIpArp 3 }
nsIpArpEntry OBJECT-TYPE
SYNTAX NsIpArpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes of arp info"
INDEX
{ nsIpArpIndex }
::= { nsIpArpTable 1 }
nsIpArpIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for arp table. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsIpArpEntry 1 }
nsIpArpIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP address."
::= { nsIpArpEntry 2 }
nsIpArpMac OBJECT-TYPE
SYNTAX PhysAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"MAC address."
::= { nsIpArpEntry 3 }
nsIpArpVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system id this entry belongs to."
::= { nsIpArpEntry 4 }
nsIpArpIfIdx OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Interface location."
::= { nsIpArpEntry 5 }
nsIpArpState OBJECT-TYPE
SYNTAX INTEGER {
pending(1),
valid(2),
delete(3),
static(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ARP entry state."
::= { nsIpArpEntry 6 }
nsIpArpAge OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ARP entry age."
::= { nsIpArpEntry 7 }
nsIpArpRetry OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ARP entry retry time."
::= { nsIpArpEntry 8 }
nsIpArpPakQue OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ARP entry package queue."
::= { nsIpArpEntry 9 }
END

125
MIBS/screenos/NETSCREEN-IPPOOL-MIB Normal file
View File

@ -0,0 +1,125 @@
-- This module defines enterprise MIBs for VPN IP pool
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-IPPOOL-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenIppoolMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
VPN IP pool"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200008270000Z" -- August 27, 2000
DESCRIPTION
"Creation date"
::= { netscreenVpnMibModule 9 }
NsVpnIpPoolEntry ::= SEQUENCE
{
nsVpnIpPoolIndex Integer32,
nsVpnIpPoolName DisplayString,
nsVpnIpPoolStartIp IpAddress,
nsVpnIpPoolEndIp IpAddress,
nsVpnIpPoolIpUsed Integer32
}
nsVpnIpPool OBJECT IDENTIFIER ::= { netscreenVpn 9 }
nsVpnIpPoolTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnIpPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table collects all ip pool configuration in NetScreen
device."
::= { nsVpnIpPool 1 }
nsVpnIpPoolEntry OBJECT-TYPE
SYNTAX NsVpnIpPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnIpPoolEntry holds a set of
configuration parameters associated with an instance IP pool."
INDEX
{ nsVpnIpPoolIndex }
::= { nsVpnIpPoolTable 1 }
nsVpnIpPoolIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for ip pool. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsVpnIpPoolEntry 1 }
nsVpnIpPoolName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ip pool name"
::= { nsVpnIpPoolEntry 2 }
nsVpnIpPoolStartIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP pool's start ip address."
::= { nsVpnIpPoolEntry 3 }
nsVpnIpPoolEndIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP pool's end ip address."
::= { nsVpnIpPoolEntry 4 }
nsVpnIpPoolIpUsed OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of addresses in use from this pool."
::= { nsVpnIpPoolEntry 5 }
END

536
MIBS/screenos/NETSCREEN-NAT-MIB Normal file
View File

@ -0,0 +1,536 @@
-- This module defines enterprise MIBs for NAT
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-NAT-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenNAT
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenNATMibModule MODULE-IDENTITY
LAST-UPDATED "200503032022Z" -- March 03, 2005
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"Added dip pool utilization attribute"
REVISION "200503030000Z" -- March 03, 2005
DESCRIPTION
"This module defines the managed objects for Netscreen NAT"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200306030000Z" -- June 03, 2003
DESCRIPTION
"Change VIP configuration per physical interface"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenNAT 0 }
NsNatDipEntry ::= SEQUENCE
{
nsNatDipIndex Integer32,
nsNatDipId Integer32,
nsNatDipLow IpAddress,
nsNatDipHigh IpAddress,
nsNatDipIfIp IpAddress,
nsNatDipIfNetmask IpAddress,
nsNatDipPTEnable INTEGER,
nsNatDipVsys Integer32,
nsNatDipUtil Integer32
}
NsNatDipPPortEntry ::= SEQUENCE
{
nsNatDipPPortIndex Integer32,
nsNatDipAllPort Integer32,
nsNatDipAllocatedPort Integer32,
nsNatDipAvailablePort Integer32,
nsNatDipAllocatedPairedPort Integer32,
nsNatDipAvailablePairedPort Integer32,
}
NsNatMipEntry ::= SEQUENCE
{
nsNatMipIndex Integer32,
nsNatMipIp IpAddress,
nsNatMipNetmask IpAddress,
nsNatMipHost IpAddress,
nsNatMipIfIp IpAddress,
nsNatMipIfNetmask IpAddress,
nsNatMipVsys Integer32
}
NsNatVipCfgEntry ::= SEQUENCE
{
nsNatVipCfgIndex Integer32,
nsNatVipCfgIp IpAddress,
nsNatVipCfgPort Integer32,
nsNatVipCfgService DisplayString,
nsNatVipCfgStatus INTEGER,
nsNatVipCfgLoadBalance INTEGER
}
NsNatVipServerEntry ::= SEQUENCE
{
nsNatVipServerIndex Integer32,
nsNatVipServerVIP IpAddress,
nsNatVipServerService Integer32,
nsNatVipServerLoadBalance INTEGER,
nsNatVipServerIp IpAddress,
nsNatVipServerWeight Integer32,
nsNatVipServerStatus INTEGER
}
nsNatMipTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsNatMipEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Mapped IP(MIP) is a direct one-to-one maping of traffic
destined for one IP address ot another IP address. On
NetScreen device, MIP addresses for tunnel and untrusted
interfaces can be created."
::= { netscreenNAT 1 }
nsNatMipEntry OBJECT-TYPE
SYNTAX NsNatMipEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes of a mip address"
INDEX
{ nsNatMipIndex }
::= { nsNatMipTable 1 }
nsNatMipIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each address. Its value ranges between 0
and 65535 and may not be contingous."
::= { nsNatMipEntry 1 }
nsNatMipIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"mip address. A MIP must be in the same subnet as the tunnel
interface to which it is linked to; however, for the untrusted
interface, a MIP does not need to be in the same subnet. In
either case, a MIP must not be the same as the interface
address or be in any DIP pool that might also be on that
subnet."
::= { nsNatMipEntry 2 }
nsNatMipNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Subnet mask for this MIP."
::= { nsNatMipEntry 3 }
nsNatMipHost OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Host ip address mip mapping to."
::= { nsNatMipEntry 4 }
nsNatMipIfIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Interface's ip address that a MIP is linked to."
::= { nsNatMipEntry 5 }
nsNatMipIfNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Interface's netmask that a MIP is linked to."
::= { nsNatMipEntry 6 }
nsNatMipVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this mip belongs to."
::= { nsNatMipEntry 7 }
nsNatDipTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsNatDipEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A DIP(Dynamic IP) pool is a range of IP addresses from which
the NetScreen device can dynamically take addresses to use when
performing NAT on the source IP address of outgoing or incoming
IP packets."
::= { netscreenNAT 2 }
nsNatDipEntry OBJECT-TYPE
SYNTAX NsNatDipEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes of a dynamic address"
INDEX
{ nsNatDipIndex }
::= { nsNatDipTable 1 }
nsNatDipIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each address. Its value ranges between 0
and 65535 and may not be contigous."
::= { nsNatDipEntry 1 }
nsNatDipId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DIP pool id."
::= { nsNatDipEntry 2 }
nsNatDipLow OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Start IP Address Range. The range of addresses in a DIP pool
must be in the same subnet as the interface IP address, but the
DIP pool should not contain the interface IP or any MIP or VIP
address that might on that subnet."
::= { nsNatDipEntry 3 }
nsNatDipHigh OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"End IP Address Range. The range of addresses in a DIP pool
must be in the same subnet as the interface IP address, but the
DIP pool should not contain the interface IP or any MIP or VIP
address that might on that subnet."
::= { nsNatDipEntry 4 }
nsNatDipIfIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Interface's ip address that a DIP is linked to."
::= { nsNatDipEntry 5 }
nsNatDipIfNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"interface's ip address that a DIP is linked to."
::= { nsNatDipEntry 6 }
nsNatDipPTEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Port Translation"
::= { nsNatDipEntry 7 }
nsNatDipVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"virtual system this dip belongs to"
::= { nsNatDipEntry 8 }
nsNatDipUtil OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"dip pool utilzation for this entry. Only applicable to fixed dip. If this is not a fixed dip this will return 0"
::= { nsNatDipEntry 9 }
nsNatDipPPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsNatDipPPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"show pseudo port allocated status of a dynamic address"
::= { netscreenNAT 4 }
nsNatDipPPortEntry OBJECT-TYPE
SYNTAX NsNatDipPPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry show pseudo port allocated status of a dynamic address"
INDEX
{ nsNatDipPPortIndex }
::= { nsNatDipPPortTable 1 }
nsNatDipPPortIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each address. Its value ranges between 0
and 65535 and may not be contigous."
::= { nsNatDipPPortEntry 1 }
nsNatDipAllPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"All port of the dip"
::= { nsNatDipPPortEntry 2 }
nsNatDipAllocatedPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allocated port of the dip"
::= { nsNatDipPPortEntry 3 }
nsNatDipAvailablePort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Available port of the dip"
::= { nsNatDipPPortEntry 4 }
nsNatDipAllocatedPairedPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allocated paired port of the dip"
::= { nsNatDipPPortEntry 5 }
nsNatDipAvailablePairedPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Available paired port of the dip"
::= { nsNatDipPPortEntry 6 }
nsNatVip OBJECT IDENTIFIER ::= { netscreenNAT 3 }
nsNatVipCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsNatVipCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"VIP(Virtual IP) allows you to map routable IP addresses to
internal servers, therby providing transparent connections for
a NAT networks to the Internet. This table collects all VIP
configurations in NetScreen device."
::= { nsNatVip 1 }
nsNatVipCfgEntry OBJECT-TYPE
SYNTAX NsNatVipCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsNatVipCfgTable holds a set of
configuration parameters associated with an instance of VIP."
INDEX
{ nsNatVipCfgIndex }
::= { nsNatVipCfgTable 1 }
nsNatVipCfgIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each vip configuation. Its value ranges
between 1 and 65535 and may not be contingous."
::= { nsNatVipCfgEntry 1 }
nsNatVipCfgIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address for the VIP, which must be in the same subnet
as the untrusted interface and can even be the same address as
the untrusted interface."
::= { nsNatVipCfgEntry 2 }
nsNatVipCfgPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The port number for communication between the trusted server
and the untrusted interfce on the NetScreen device."
::= { nsNatVipCfgEntry 3 }
nsNatVipCfgService OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service for the server on the trusted interface."
::= { nsNatVipCfgEntry 4 }
nsNatVipCfgStatus OBJECT-TYPE
SYNTAX INTEGER {
not-available(0),
available(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the server on the trusted/DMZ interface."
::= { nsNatVipCfgEntry 5 }
nsNatVipCfgLoadBalance OBJECT-TYPE
SYNTAX INTEGER {
null(0),
round-robin(1),
weighted-round-robin(2),
least-conns(3),
weighted-least-conns(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Load balance algorithm for the Virtual IP servers."
::= { nsNatVipCfgEntry 6 }
nsNatVipServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsNatVipServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Ballancing the loads on NetScreen servers allow traffic
intended for a server(one IP address on the untrusted network)
to be mapped to several different IP addresses on the DMZ or
trusted network. There can be up to eight servers in one load
balancing group, which apperas as a single virtual server.This
table collects all the server pool configurations for the
virtual ip server."
::= { nsNatVip 2 }
nsNatVipServerEntry OBJECT-TYPE
SYNTAX NsNatVipServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes of a vip configuration's server
pool."
INDEX
{ nsNatVipServerIndex }
::= { nsNatVipServerTable 1 }
nsNatVipServerIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each vip server configuation. Its value
ranges between 1 and 65535 and may not be contigous."
::= { nsNatVipServerEntry 1 }
nsNatVipServerVIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address for the VIP."
::= { nsNatVipServerEntry 2 }
nsNatVipServerService OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service provideing through the VIP."
::= { nsNatVipServerEntry 3 }
nsNatVipServerLoadBalance OBJECT-TYPE
SYNTAX INTEGER {
null(0),
round-robin(1),
weighted-round-robin(2),
least-conns(3),
weighted-least-conns(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Load balance algorithm for the vitural IP servers."
::= { nsNatVipServerEntry 4 }
nsNatVipServerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual IP server's IP address."
::= { nsNatVipServerEntry 5 }
nsNatVipServerWeight OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Loadbalance algorithm weight."
::= { nsNatVipServerEntry 6 }
nsNatVipServerStatus OBJECT-TYPE
SYNTAX INTEGER {
down(0),
up(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual IP server's status."
::= { nsNatVipServerEntry 7 }
END

1182
MIBS/screenos/NETSCREEN-NSRP-MIB Normal file
View File

File diff suppressed because it is too large Load Diff

2397
MIBS/screenos/NETSCREEN-OSPF-MIB Normal file
View File

File diff suppressed because it is too large Load Diff

444
MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB Normal file
View File

@ -0,0 +1,444 @@
-- These MIBs were created on 1/7/2003
-- This module defines enterprise MIBs for NS OSPF TRAP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-OSPF-TRAP-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress
FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
netscreenTrapDesc, netscreenTrapType
FROM NETSCREEN-TRAP-MIB
nsOspfRouterId, nsOspfIfIpAddress, nsOspfAddressLessIf, nsOspfIfState,
nsOspfVirtIfAreaId, nsOspfVirtIfNeighbor, nsOspfVirtIfState,
nsOspfNbrIpAddr, nsOspfNbrAddressLessIndex, nsOspfNbrRtrId,
nsOspfNbrState, nsOspfVirtNbrArea, nsOspfVirtNbrRtrId, nsOspfVirtNbrState,
nsOspfLsdbType, nsOspfLsdbLsid, nsOspfLsdbRouterId, nsOspfLsdbAreaId,
nsOspfExtLsdbLimit, nsOspf
FROM NETSCREEN-OSPF-MIB;
nsOspfTrap MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"The MIB module to describe traps for the OSPF
Version 2 Protocol."
::= { nsOspf 16 }
-- Trap Support Objects
-- The following are support objects for the OSPF traps.
nsOspfTrapControl OBJECT IDENTIFIER ::= { nsOspfTrap 1 }
nsOspfTraps OBJECT IDENTIFIER ::= { nsOspfTrap 2 }
nsOspfSetTrap OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(4))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A four-octet string serving as a bit map for
the trap events defined by the OSPF traps. This
object is used to enable and disable specific
OSPF traps where a 1 in the bit field
represents enabled. The right-most bit (least
significant) represents trap 0."
::= { nsOspfTrapControl 1 }
nsOspfConfigErrorType OBJECT-TYPE
SYNTAX INTEGER {
badVersion (1),
areaMismatch (2),
unknownNbmaNbr (3), -- Router is Dr eligible
unknownVirtualNbr (4),
authTypeMismatch(5),
authFailure (6),
netMaskMismatch (7),
helloIntervalMismatch (8),
deadIntervalMismatch (9),
optionMismatch (10) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Potential types of configuration conflicts.
Used by the nsOspfConfigError and nsOspfConfigVir-
tError traps."
::= { nsOspfTrapControl 2 }
nsOspfPacketType OBJECT-TYPE
SYNTAX INTEGER {
hello (1),
dbDescript (2),
lsReq (3),
lsUpdate (4),
lsAck (5) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"OSPF packet types."
::= { nsOspfTrapControl 3 }
nsOspfPacketSrc OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of an inbound packet that can-
not be identified by a neighbor instance."
::= { nsOspfTrapControl 4 }
-- Traps
nsOspfIfStateChange NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfIfIpAddress,
nsOspfAddressLessIf,
nsOspfIfState, -- The new state
nsOspfIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfStateChange trap signifies that there
has been a change in the state of a non-virtual
OSPF interface. This trap should be generated
when the interface state regresses (e.g., goes
from Dr to Down) or progresses to a terminal
state (i.e., Point-to-Point, DR Other, Dr, or
Backup)."
::= { nsOspfTraps 16 }
nsOspfVirtIfStateChange NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtIfAreaId,
nsOspfVirtIfNeighbor,
nsOspfVirtIfState, -- The new state
nsOspfVirtIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfStateChange trap signifies that there
has been a change in the state of an OSPF vir-
tual interface.
This trap should be generated when the inter-
face state regresses (e.g., goes from Point-
to-Point to Down) or progresses to a terminal
state (i.e., Point-to-Point)."
::= { nsOspfTraps 1 }
nsOspfNbrStateChange NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfNbrIpAddr,
nsOspfNbrAddressLessIndex,
nsOspfNbrRtrId,
nsOspfNbrState, -- The new state
nsOspfNbrVRID
}
STATUS current
DESCRIPTION
"An nsOspfNbrStateChange trap signifies that
there has been a change in the state of a non-
virtual OSPF neighbor. This trap should be
generated when the neighbor state regresses
(e.g., goes from Attempt or Full to 1-Way or
Down) or progresses to a terminal state (e.g.,
2-Way or Full). When an neighbor transitions
from or to Full on non-broadcast multi-access
and broadcast networks, the trap should be gen-
erated by the designated router. A designated
router transitioning to Down will be noted by
nsOspfIfStateChange."
::= { nsOspfTraps 2 }
nsOspfVirtNbrStateChange NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtNbrArea,
nsOspfVirtNbrRtrId,
nsOspfVirtNbrState, -- The new state
nsOspfVirtNbrVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfStateChange trap signifies that there
has been a change in the state of an OSPF vir-
tual neighbor. This trap should be generated
when the neighbor state regresses (e.g., goes
from Attempt or Full to 1-Way or Down) or
progresses to a terminal state (e.g., Full)."
::= { nsOspfTraps 3 }
nsOspfIfConfigError NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfIfIpAddress,
nsOspfAddressLessIf,
nsOspfPacketSrc, -- The source IP address
nsOspfConfigErrorType, -- Type of error
nsOspfPacketType,
nsOspfIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfConfigError trap signifies that a
packet has been received on a non-virtual in-
terface from a router whose configuration
parameters conflict with this router's confi-
guration parameters. Note that the event op-
tionMismatch should cause a trap only if it
prevents an adjacency from forming."
::= { nsOspfTraps 4 }
nsOspfVirtIfConfigError NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtIfAreaId,
nsOspfVirtIfNeighbor,
nsOspfConfigErrorType, -- Type of error
nsOspfPacketType,
nsOspfVirtIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfConfigError trap signifies that a pack-
et has been received on a virtual interface
from a router whose configuration parameters
conflict with this router's configuration
parameters. Note that the event optionMismatch
should cause a trap only if it prevents an ad-
jacency from forming."
::= { nsOspfTraps 5 }
nsOspfIfAuthFailure NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfIfIpAddress,
nsOspfAddressLessIf,
nsOspfPacketSrc, -- The source IP address
nsOspfConfigErrorType, -- authTypeMismatch or
-- authFailure
nsOspfPacketType,
nsOspfIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfAuthFailure trap signifies that a
packet has been received on a non-virtual in-
terface from a router whose authentication key
or authentication type conflicts with this
router's authentication key or authentication
type."
::= { nsOspfTraps 6 }
nsOspfVirtIfAuthFailure NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtIfAreaId,
nsOspfVirtIfNeighbor,
nsOspfConfigErrorType, -- authTypeMismatch or
-- authFailure
nsOspfPacketType,
nsOspfVirtIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfVirtIfAuthFailure trap signifies that a
packet has been received on a virtual interface
from a router whose authentication key or au-
thentication type conflicts with this router's
authentication key or authentication type."
::= { nsOspfTraps 7 }
nsOspfIfRxBadPacket NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfIfIpAddress,
nsOspfAddressLessIf,
nsOspfPacketSrc, -- The source IP address
nsOspfPacketType,
nsOspfIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfIfRxBadPacket trap signifies that an
OSPF packet has been received on a non-virtual
interface that cannot be parsed."
::= { nsOspfTraps 8 }
nsOspfVirtIfRxBadPacket NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtIfAreaId,
nsOspfVirtIfNeighbor,
nsOspfPacketType,
nsOspfVirtIfVRID
}
STATUS current
DESCRIPTION
"An nsOspfRxBadPacket trap signifies that an OSPF
packet has been received on a virtual interface
that cannot be parsed."
::= { nsOspfTraps 9 }
nsOspfTxRetransmit NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfIfIpAddress,
nsOspfAddressLessIf,
nsOspfNbrRtrId, -- Destination
nsOspfPacketType,
nsOspfLsdbType,
nsOspfLsdbLsid,
nsOspfLsdbRouterId,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfTxRetransmit trap signifies than an
OSPF packet has been retransmitted on a non-
virtual interface. All packets that may be re-
transmitted are associated with an LSDB entry.
The LS type, LS ID, and Router ID are used to
identify the LSDB entry."
::= { nsOspfTraps 10 }
nsOspfVirtIfTxRetransmit NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfVirtIfAreaId,
nsOspfVirtIfNeighbor,
nsOspfPacketType,
nsOspfLsdbType,
nsOspfLsdbLsid,
nsOspfLsdbRouterId,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfTxRetransmit trap signifies than an
OSPF packet has been retransmitted on a virtual
interface. All packets that may be retransmit-
ted are associated with an LSDB entry. The LS
type, LS ID, and Router ID are used to identify
the LSDB entry."
::= { nsOspfTraps 11 }
nsOspfOriginateLsa NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals
nsOspfLsdbType,
nsOspfLsdbLsid,
nsOspfLsdbRouterId,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfOriginateLsa trap signifies that a new
LSA has been originated by this router. This
trap should not be invoked for simple refreshes
of LSAs (which happesn every 30 minutes), but
instead will only be invoked when an LSA is
(re)originated due to a topology change. Addi-
tionally, this trap does not include LSAs that
are being flushed because they have reached
MaxAge."
::= { nsOspfTraps 12 }
nsOspfMaxAgeLsa NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals
nsOspfLsdbType,
nsOspfLsdbLsid,
nsOspfLsdbRouterId,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfMaxAgeLsa trap signifies that one of
the LSA in the router's link-state database has
aged to MaxAge."
::= { nsOspfTraps 13 }
nsOspfLsdbOverflow NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfExtLsdbLimit,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfLsdbOverflow trap signifies that the
number of LSAs in the router's link-state data-
base has exceeded nsOspfExtLsdbLimit."
::= { nsOspfTraps 14 }
nsOspfLsdbApproachingOverflow NOTIFICATION-TYPE
OBJECTS {
netscreenTrapType,
netscreenTrapDesc,
nsOspfRouterId, -- The originator of the trap
nsOspfExtLsdbLimit,
nsOspfLsdbVRID
}
STATUS current
DESCRIPTION
"An nsOspfLsdbApproachingOverflow trap signifies
that the number of LSAs in the router's link-
state database has exceeded ninety percent of
nsOspfExtLsdbLimit."
::= { nsOspfTraps 15 }
END

583
MIBS/screenos/NETSCREEN-POLICY-MIB Normal file
View File

@ -0,0 +1,583 @@
-- This module defines enterprise MIBs for Policy Monitoring
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-POLICY-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenPolicy
FROM NETSCREEN-SMI
Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenPolicyMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for Policy
Monitoring"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200308130000Z" -- August 13, 2003
DESCRIPTION
"No Comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenPolicy 0 }
NsPlyEntry ::= SEQUENCE
{
nsPlyId Integer32,
nsPlyVsys Integer32,
nsPlySrcZone DisplayString,
nsPlyDstZone DisplayString,
nsPlySrcAddr DisplayString,
nsPlyDstAddr DisplayString,
nsPlyService INTEGER,
nsPlyAction INTEGER,
nsPlyNat INTEGER,
nsPlyFixPort INTEGER,
nsPlyDipId Integer32,
nsPlyVpnTunnel DisplayString,
nsPlyL2tpTunnel DisplayString,
nsPlyAuth INTEGER,
nsPlyLogEnable INTEGER,
nsPlyCountEnable INTEGER,
nsPlyAlarmBPS Integer32,
nsPlyAlarmBPM Integer32,
nsPlySchedule DisplayString,
nsPlyTrafficShapeEnable INTEGER,
nsPlyTrafficPriority INTEGER,
nsPlyDSEnable INTEGER,
nsPlyActiveStatus INTEGER,
nsPlyName DisplayString,
nsPlyServiceName DisplayString
}
NsPlyMonEntry ::= SEQUENCE
{
nsPlyMonId Integer32,
nsPlyMonVsys Integer32,
nsPlyMonPackPerSec Integer32,
nsPlyMonPackPerMin Integer32,
nsPlyMonTotalPacket Counter32,
nsPlyMonBytePerSec Integer32,
nsPlyMonBytePerMin Integer32,
nsPlyMonTotalByte Counter32,
nsPlyMonSessionPerSec Integer32,
nsPlyMonSessionPerMin Integer32,
nsPlyMonTotalSession Counter32
}
nsPlyTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsPlyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A firewall provides a network boundary with a single point of
entry and exit-a choke point.You can screen and direct all that
traffic through the implementation of a set of access policies.
Access policies allow you to permit, deny, encrypt,
authenticate, prioritize, schedule, and monitor the traffic
attemption to cross your firewall. This table collects all the
policy configuration information existing in NetScreen
Device."
::= { netscreenPolicy 1 }
-- applicable only to release before 6.3
--nsPlyEntry OBJECT-TYPE
-- SYNTAX NsPlyEntry
-- MAX-ACCESS not-accessible
-- STATUS current
-- DESCRIPTION
-- "Each entry in the nsPlyTable holds a set of configuration
-- parameters associatied with an instance of policy."
-- INDEX
-- { nsPlyId, nsPlyVsys }
-- ::= { nsPlyTable 1 }
-- applicable since 6.3 release, for pr439626
nsPlyEntry OBJECT-TYPE
SYNTAX NsPlyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsPlyTable holds a set of configuration
parameters associatied with an instance of policy."
INDEX
{ nsPlyVsys, nsPlyId }
::= { nsPlyTable 1 }
nsPlyId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each policy is identified by a unique policy ID."
::= { nsPlyEntry 1 }
nsPlyVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Vitural system's name this polic entry belongs to."
::= { nsPlyEntry 2 }
nsPlySrcZone OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Traffic through a firewall means that traffic flows from one
security zone to another. This object describes the source zone
name traffic flow passes."
::= { nsPlyEntry 3 }
nsPlyDstZone OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Traffic through a firewall means that traffic flows from one
security zone to another. This object describes the destination
zone name traffic flow passes."
::= { nsPlyEntry 4 }
nsPlySrcAddr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Addresses are objects that identify network devices such as
hosts and networks by their location in relation to the
firwall on which security zone.To create an access policy for
specific addresses, you must first create entries for the
relevant hosts and networks in the address book.Source IP
address indicates the address in source zone, 0.0.0.0 means any
address."
::= { nsPlyEntry 5 }
nsPlyDstAddr OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Addresses are objects that identify network devices such as
hosts and networks by their location in relation to the
firwall-on which security zone.To create an access policy for
specific addresses, you must first create entries for the
relevant hosts and networks in the address book.Source IP
address indicates the address in destination zone, 0.0.0.0
means any address."
::= { nsPlyEntry 6 }
nsPlyService OBJECT-TYPE
SYNTAX INTEGER {
any(0),
aol(1),
bgp(2),
dpcp-relay(3),
dns(4),
finger(5),
ftp(6),
ftp-get(7),
ftp-put(8),
gopher(9),
h323(10),
http(11),
https(12),
icmp-info(13),
icmp-timestamp(14),
ike(15),
imap(16),
internet-locator-service(17),
irc(18),
l2tp(19),
ldap(20),
mail(21),
netmeeting(22),
nfs(23),
nntp(24),
ns-global(25),
ns-global-pro(26),
ntp(27),
ospf(28),
pc-anywhere(29),
ping(30),
pop3(31),
pptp(32),
real-media(33),
rip(34),
rlogin(35),
snmp(36),
ssh(37),
syslog(38),
talk(39),
tcp-any(40),
telnet(41),
tftp(42),
traceroute(43),
udp-any(44),
uucp(45),
vdo-live(46),
wais(47),
winframe(48),
x-windows(49),
other(50)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sevices are objects that identify application protocols using
layer 4 information such as standard and accepted TCP and UDP
port numbers for application services like Telnet, FTP, SMTP
and HTTP. This object indicates all the traffic service type
this policy allows. 'Any' means all this policy allows all
service go through. 'Other' could be a configured service or
not in the list. See nsPlyServiceName for service name."
::= { nsPlyEntry 7 }
nsPlyAction OBJECT-TYPE
SYNTAX INTEGER {
deny(0),
permit(1),
tunnel(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Actions objects that describe what the firewall does to the
traffic it receives. Permit allows the packet to pass the
firewall. Deny blocks the packet from traversing the firewall.
Tunnel encapsulates outgoing IP packets and decapsulates
incoming IP packets."
::= { nsPlyEntry 8 }
nsPlyNat OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"You can apply NAT at the interface level or at the policy
level. With policy-based NAT, you can translate the source
address on either incoming or outging network and VPN traffic.
This object indicates if this is a policy-based NAT."
::= { nsPlyEntry 9 }
nsPlyFixPort OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When in policy-based NAT, the new secure address can come from
either a Dynamic IP or from a Mapped IP. This object indicates
if poliy-based NAT uses fix port when working on NAT mode."
::= { nsPlyEntry 10 }
nsPlyDipId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the Dynamic ID chosen for NAT policy."
::= { nsPlyEntry 11 }
nsPlyVpnTunnel OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VPN tunnel this access policy applies to."
::= { nsPlyEntry 12 }
nsPlyL2tpTunnel OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2TP tunnel this access policy applies to."
::= { nsPlyEntry 13 }
nsPlyAuth OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the selecting this option requires the
user at the source address to authenticate his/her identiry by
supplying a user name and password before traffic is allowed to
graverw the firewall or enter the VPN tunnel."
::= { nsPlyEntry 14 }
nsPlyLogEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When you enable logging in an access policy, the NetScreen
device logs all connections to which that paticular access
policy applies."
::= { nsPlyEntry 15 }
nsPlyCountEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When you enable counting in an access plicy, the NetScreen
device counts the total number of bytes of traffic to which
this access policy applies and records the informaiton in
historical graphs."
::= { nsPlyEntry 16 }
nsPlyAlarmBPS OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User can set a threshold that triggers an alarm when the
traffic permitted by the access policy exceeds a specified
number of bytes per second."
::= { nsPlyEntry 17 }
nsPlyAlarmBPM OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User can set a threshold that triggers an alarm when the
traffic permitted by the access policy exceeds a specified
number of bytes per Minute."
::= { nsPlyEntry 18 }
nsPlySchedule OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"By associating a schedule to an access policy, you can
determine when the access policy is in effect."
::= { nsPlyEntry 19 }
nsPlyTrafficShapeEnable OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User can set parameters for the control and shaping of traffic
for each access policy."
::= { nsPlyEntry 20 }
nsPlyTrafficPriority OBJECT-TYPE
SYNTAX INTEGER {
high(0),
priority2nd(1),
priority3rd(2),
priority4th(3),
priority5th(4),
priority6th(5),
priority7th(6),
priorityLow(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Traffic priority for this policy."
::= { nsPlyEntry 21 }
nsPlyDSEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Differentiated Services is a system for tagging traffic at a
position within a hierarchy of priority."
::= { nsPlyEntry 22 }
nsPlyActiveStatus OBJECT-TYPE
SYNTAX INTEGER {
inactive(0),
inuse(1),
hidden(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Show the status of one policy entry."
::= { nsPlyEntry 23 }
nsPlyName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"policy name (optional)"
::= { nsPlyEntry 24 }
nsPlyServiceName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sevices name that identify application protocols using
layer 4 information such as standard and accepted TCP and UDP
port numbers for application services like Telnet, FTP, SMTP
and HTTP. This object indicates all the traffic service type
this policy allows. 'Any' means all this policy allows all
service go through."
::= { nsPlyEntry 25 }
nsPlyMonTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsPlyMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"traffic information for the policy-based traffic."
::= { netscreenPolicy 2 }
nsPlyMonEntry OBJECT-TYPE
SYNTAX NsPlyMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry holds a set of traffic counters of a specific
policy."
INDEX
{ nsPlyMonId, nsPlyMonVsys }
::= { nsPlyMonTable 1 }
nsPlyMonId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Policy Id, also used as index in this table"
::= { nsPlyMonEntry 1 }
nsPlyMonVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this policy belongs to"
::= { nsPlyMonEntry 2 }
nsPlyMonPackPerSec OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packets go through this policy per second"
::= { nsPlyMonEntry 3 }
nsPlyMonPackPerMin OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Packets go through this policy per minute"
::= { nsPlyMonEntry 4 }
nsPlyMonTotalPacket OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"total packets go through this policy"
::= { nsPlyMonEntry 5 }
nsPlyMonBytePerSec OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Bytes go through this policy per second"
::= { nsPlyMonEntry 6 }
nsPlyMonBytePerMin OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Bytes go through this policy per minute"
::= { nsPlyMonEntry 7 }
nsPlyMonTotalByte OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total bytes go through this policy"
::= { nsPlyMonEntry 8 }
nsPlyMonSessionPerSec OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sessions go through this policy per second"
::= { nsPlyMonEntry 9 }
nsPlyMonSessionPerMin OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Sessions go through this policy per minute"
::= { nsPlyMonEntry 10 }
nsPlyMonTotalSession OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total Sessions go through this policy"
::= { nsPlyMonEntry 11 }
END

117
MIBS/screenos/NETSCREEN-PRODUCTS-MIB Normal file
View File

@ -0,0 +1,117 @@
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-PRODUCTS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenProducts
FROM NETSCREEN-SMI
MODULE-IDENTITY
FROM SNMPv2-SMI
;
netscreenProductsMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object identifiers that are assigned
to various hardware platforms, and hence are returned as values
for sysObjectID"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200401200000Z" -- January 20, 2004
DESCRIPTION
"Add netscreenHardwareSecurity Client"
REVISION "200008020000Z" -- August 02, 2000
DESCRIPTION
"Creation Date"
::= { netscreenProducts 0 }
netscreenGeneric OBJECT IDENTIFIER ::= { netscreenProducts 1 }
netscreenNs5 OBJECT IDENTIFIER ::= { netscreenProducts 2 }
netscreenNs10 OBJECT IDENTIFIER ::= { netscreenProducts 3 }
netscreenNs100 OBJECT IDENTIFIER ::= { netscreenProducts 4 }
netscreenNs1000 OBJECT IDENTIFIER ::= { netscreenProducts 5 }
netscreenNs500 OBJECT IDENTIFIER ::= { netscreenProducts 6 }
netscreenNs50 OBJECT IDENTIFIER ::= { netscreenProducts 7 }
netscreenNs25 OBJECT IDENTIFIER ::= { netscreenProducts 8 }
netscreenNs204 OBJECT IDENTIFIER ::= { netscreenProducts 9 }
netscreenNs208 OBJECT IDENTIFIER ::= { netscreenProducts 10 }
netscreenNs5XT OBJECT IDENTIFIER ::= { netscreenProducts 11 }
netscreenNs5XP OBJECT IDENTIFIER ::= { netscreenProducts 12 }
netscreenNs5000 OBJECT IDENTIFIER ::= { netscreenProducts 13 }
netscreenNs5GT OBJECT IDENTIFIER ::= { netscreenProducts 14 }
netscreenHardwareSecurityClient OBJECT IDENTIFIER ::= { netscreenProducts 15 }
netscreenISG2000 OBJECT IDENTIFIER ::= { netscreenProducts 16 }
netscreen-5GT-ADSL-AnnexA OBJECT IDENTIFIER ::= { netscreenProducts 17 }
netscreen-5GT-ADSL-AnnexB OBJECT IDENTIFIER ::= { netscreenProducts 19 }
netscreen-5GT-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 21 }
netscreen-5GT-ADSL-AnnexA-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 23 }
netscreen-5GT-ADSL-AnnexB-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 25 }
netscreenISG1000 OBJECT IDENTIFIER ::= { netscreenProducts 28 }
netscreenSSG5 OBJECT IDENTIFIER ::= { netscreenProducts 29 }
netscreenSSG5-ISDN OBJECT IDENTIFIER ::= { netscreenProducts 30 }
netscreenSSG5-v92 OBJECT IDENTIFIER ::= { netscreenProducts 31 }
netscreenSSG5-Serial-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 32 }
netscreenSSG5-ISDN-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 33 }
netscreenSSG5-v92-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 34 }
netscreenSSG20 OBJECT IDENTIFIER ::= { netscreenProducts 35 }
netscreenSSG20-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 36 }
netscreenSSG520 OBJECT IDENTIFIER ::= { netscreenProducts 50 }
netscreenSSG550 OBJECT IDENTIFIER ::= { netscreenProducts 51 }
netscreenSSG140 OBJECT IDENTIFIER ::= { netscreenProducts 52 }
netscreenSSG320 OBJECT IDENTIFIER ::= { netscreenProducts 54 }
netscreenSSG350 OBJECT IDENTIFIER ::= { netscreenProducts 55 }
END

174
MIBS/screenos/NETSCREEN-QOS-MIB Normal file
View File

@ -0,0 +1,174 @@
-- This module defines enterprise MIBs for QoS
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-QOS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenQos
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
;
netscreenQosMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor QoS"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105150000Z" -- May 15, 2001
DESCRIPTION
"Creation Date"
::= { netscreenQos 0 }
NsQosPlyEntry ::= SEQUENCE
{
nsQosPlyId Integer32,
nsQosPlyVsys Integer32,
nsQosPlyQosEnable INTEGER,
nsQosPlyGanBW Integer32,
nsQosPlyMaxBW Integer32,--,
nsQosPlyTraffPriority Integer32,
nsQosPlyDSEnable INTEGER
}
nsQosUsrShapingMode OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1),
on-off(2),
off-on(3),
auto(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"QoS mode set by user"
::= { netscreenQos 1 }
nsQosSysShapingMode OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1),
on-off(2),
off-on(3),
auto(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"QoS mode currently set by the system"
::= { netscreenQos 2 }
nsQosPly OBJECT IDENTIFIER ::= { netscreenQos 3 }
nsQosPlyTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsQosPlyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"QoS is the allocation of the appropriate amount of
network bandwidth to every user and application on an interface.
This table collects all the QoS configuration
setting on each physical interface."
::= { nsQosPly 1 }
nsQosPlyEntry OBJECT-TYPE
SYNTAX NsQosPlyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry holds a set of attributes for QoS"
INDEX
{ nsQosPlyId }
::= { nsQosPlyTable 1 }
nsQosPlyId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique policy id, also used as table index."
::= { nsQosPlyEntry 1 }
nsQosPlyVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VSYS this policy belongs to."
::= { nsQosPlyEntry 2 }
nsQosPlyQosEnable OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable QoS on this policy."
::= { nsQosPlyEntry 3 }
nsQosPlyGanBW OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Guaranteed Bandwidth (in bytes per second). When Qos Enable
is off, the value has no meaning."
::= { nsQosPlyEntry 4 }
nsQosPlyMaxBW OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Maxium Bandwidth (in bytes per second). When Qos Enable is
off, the value has no meaning. Negative value means it is not
set yet."
::= { nsQosPlyEntry 5 }
nsQosPlyTraffPriority OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Traffic priority for this policy. Zero is the highest
priority and seven is the lowest."
::= { nsQosPlyEntry 6 }
nsQosPlyDSEnable OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable DiffServ codepoint marking on this policy."
::= { nsQosPlyEntry 7 }
END

299
MIBS/screenos/NETSCREEN-RESOURCE-MIB Normal file
View File

@ -0,0 +1,299 @@
-- This module defines enterprise MIBs for monitoring resources
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-RESOURCE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenResource
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
;
netscreenResourceMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
resource in netscreen box"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200205050000Z" -- May 05, 2002
DESCRIPTION
"Remove active session"
REVISION "200104300000Z" -- April 30, 2001
DESCRIPTION
"Creation Date"
::= { netscreenResource 0 }
nsResCPU OBJECT IDENTIFIER ::= { netscreenResource 1 }
nsResCpuAvg OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Average System CPU utilization in percentage."
::= { nsResCPU 1 }
nsResCpuLast1Min OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Last one minute CPU utilization in percentage."
::= { nsResCPU 2 }
nsResCpuLast5Min OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Last five minutes CPU utilization in percentage."
::= { nsResCPU 3 }
nsResCpuLast15Min OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Last fifteen minutes CPU utilization in percentage."
::= { nsResCPU 4 }
nsResMem OBJECT IDENTIFIER ::= { netscreenResource 2 }
nsResMemAllocate OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Memory allocated."
::= { nsResMem 1 }
nsResMemLeft OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Memory left."
::= { nsResMem 2 }
nsResMemFrag OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Memory fragment."
::= { nsResMem 3 }
nsResSession OBJECT IDENTIFIER ::= { netscreenResource 3 }
nsResSessAllocate OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allocate session number."
::= { nsResSession 2 }
nsResSessMaxium OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Maxium session number system can afford."
::= { nsResSession 3 }
nsResSessFailed OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Failed session allocation counters."
::= { nsResSession 4 }
nsResModTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsResModEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"System status for multiple modules."
::= { netscreenResource 4 }
nsResModEntry OBJECT-TYPE
SYNTAX NsResModEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
"Each entry in the table holds a session status parameters associated
with an instance of security module."
INDEX { nsResModModId, nsResModCpuId}
::= { nsResModTable 1 }
NsResModEntry ::=
SEQUENCE {
nsResModModId
Integer32,
nsResModCpuId
Integer32,
nsResModCpuCurr
Integer32,
nsResModCpuLast1Min
Integer32,
nsResModCpuLast5Min
Integer32,
nsResModCpuLast15Min
Integer32,
nsResModMemAllocated
Integer32,
nsResModMemLeft
Integer32,
nsResModSessAllocated
Integer32,
nsResModSessMaximum
Integer32,
nsResModSessFailed
Integer32,
nsResModThresholdMem
Integer32,
nsResModThresholdCpu
Integer32,
nsResModThresholdSession
Integer32
}
nsResModModId OBJECT-TYPE
SYNTAX Integer32 (1..32)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Module ID for security module. Each ID uniquely identifies a single Security Module."
::= { nsResModEntry 1 }
nsResModCpuId OBJECT-TYPE
SYNTAX Integer32 (1..2)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"CPU Identifier. Each ID uniquely identifies a single CPU residing on a Security Module."
::= { nsResModEntry 2 }
nsResModCpuCurr OBJECT-TYPE
SYNTAX Integer32 (1..100)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Current System CPU utilization in percentage."
::= { nsResModEntry 3 }
nsResModCpuLast1Min OBJECT-TYPE
SYNTAX Integer32 (1..100)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Last one minute CPU utilization in percentage."
::= { nsResModEntry 4 }
nsResModCpuLast5Min OBJECT-TYPE
SYNTAX Integer32 (1..100)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Last five minutes CPU utilization in percentage."
::= { nsResModEntry 5 }
nsResModCpuLast15Min OBJECT-TYPE
SYNTAX Integer32 (1..100)
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Last fifteen minutes CPU utilization in percentage."
::= { nsResModEntry 6 }
nsResModMemAllocated OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Current memory allocated for this cpu"
::= { nsResModEntry 7 }
nsResModMemLeft OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Current free memory for this security module. Since this is shared memory the same value is returned for both the cpus."
::= { nsResModEntry 8 }
nsResModSessAllocated OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Number of sessions currently allocated for this Security Module's cpu."
::= { nsResModEntry 9 }
nsResModSessMaximum OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Maximum number of sessions supported by this Security Module's cpu."
::= { nsResModEntry 10 }
nsResModSessFailed OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Number of sessions failed for this Security Module's cpu."
::= { nsResModEntry 11 }
nsResModThresholdMem OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Memory utilization of the security module exceeds the threshold pre-defined."
::= { nsResModEntry 12 }
nsResModThresholdCpu OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"CPU utilization of the security module exceeds the threshold pre-defined."
::= { nsResModEntry 13 }
nsResModThresholdSession OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Session number of the security module exceeds the threshold pre-defined."
::= { nsResModEntry 14 }
END

567
MIBS/screenos/NETSCREEN-RIPv2-MIB Normal file
View File

@ -0,0 +1,567 @@
-- These MIBs were created on 1/2/2003
-- This module defines enterprise MIBs for NS RIP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
--
-- MODULE-IDENTITY
-- OrgName
-- Juniper Networks, Inc.
-- ContactInfo
-- Customer Support
--
-- 1194 North Mathilda Avenue
-- Sunnyvale, California 94089-1206
-- USA
--
-- Tel: 1-800-638-8296
-- E-mail: customerservice@juniper.net
-- HTTP://www.juniper.net"
--
-- Descr
-- This module defines the object that are used to monitor
-- NS's RIP configuration
--
-- Last modified date: 01/16/2003
-- Last modified date: 11/10/2003
--
NETSCREEN-RIPv2-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32,
TimeTicks, IpAddress FROM SNMPv2-SMI
TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
netscreenVR FROM NETSCREEN-SMI;
-- This MIB module uses the extended OBJECT-TYPE macro as
-- defined in [9].
nsRip2 MODULE-IDENTITY
LAST-UPDATED "200506032022Z" -- June 20, 2005
ORGANIZATION "IETF RIP-II Working Group"
CONTACT-INFO
" Fred Baker
Postal: Cisco Systems
519 Lado Drive
Santa Barbara, California 93111
Tel: +1 805 681 0115
E-Mail: fbaker@cisco.com
Postal: Gary Malkin
Xylogics, Inc.
53 Third Avenue
Burlington, MA 01803
Phone: (617) 272-8140
EMail: gmalkin@Xylogics.COM"
DESCRIPTION
"The MIB module to describe the RIP2 Version 2 Protocol"
::= { netscreenVR 4 }
-- RIP-2 Management Information Base
-- the RouteTag type represents the contents of the
-- Route Domain field in the packet header or route entry.
-- The use of the Route Domain is deprecated.
RouteTag ::= TEXTUAL-CONVENTION
STATUS deprecated
DESCRIPTION
"the RouteTag type represents the contents of the Route Domain
field in the packet header or route entry"
SYNTAX OCTET STRING (SIZE (2))
--4.1 Global Counters
-- The RIP-2 Globals Group.
-- Implementation of this group is mandatory for systems
-- which implement RIP-2.
-- These counters are intended to facilitate debugging quickly
-- changing routes or failing neighbors
-- nsRip2Globals OBJECT IDENTIFIER ::= { nsRip2 1 }
-- nsRip2GlobalRouteChanges OBJECT-TYPE
-- SYNTAX Counter32
-- MAX-ACCESS read-only
-- STATUS deprecated
-- DESCRIPTION
-- "The number of route changes made to the IP Route
-- Database by RIP. This does not include the refresh
-- of a route's age."
-- ::= { nsRip2Globals 1 }
-- nsRip2GlobalQueries OBJECT-TYPE
-- SYNTAX Counter32
-- MAX-ACCESS read-only
-- STATUS deprecated
-- DESCRIPTION
-- "The number of responses sent to RIP queries
-- from other systems."
-- ::= { nsRip2Globals 2 }
nsRip2GlobalsTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsRip2GlobalsEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of RIP2 Globals per VR."
::= { nsRip2 1 }
nsRip2GlobalsEntry OBJECT-TYPE
SYNTAX NsRip2GlobalsEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"One VR's Globals."
INDEX { nsRip2GlobalVRID }
::= { nsRip2GlobalsTable 1 }
NsRip2GlobalsEntry ::=
SEQUENCE {
nsRip2GlobalRouteChanges
Counter32,
nsRip2GlobalQueries
Counter32,
nsRip2GlobalVRID
INTEGER
}
nsRip2GlobalRouteChanges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of route changes made to the IP Route
Database by RIP. This does not include the refresh
of a route's age."
::= { nsRip2GlobalsEntry 1 }
nsRip2GlobalQueries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of responses sent to RIP queries
from other systems."
::= { nsRip2GlobalsEntry 2 }
nsRip2GlobalVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsRip2GlobalsEntry 3 }
--4.2 RIP Interface Tables
-- RIP Interfaces Groups
-- Implementation of these Groups is mandatory for systems
-- which implement RIP-2.
-- The RIP Interface Status Table.
nsRip2IfStatTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsRip2IfStatEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of subnets which require separate
status monitoring in RIP."
::= { nsRip2 2 }
nsRip2IfStatEntry OBJECT-TYPE
SYNTAX NsRip2IfStatEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A Single Routing Domain in a single Subnet."
INDEX { nsRip2IfStatAddress, nsRip2IfStatVRID }
::= { nsRip2IfStatTable 1 }
NsRip2IfStatEntry ::=
SEQUENCE {
nsRip2IfStatAddress
IpAddress,
nsRip2IfStatRcvBadPackets
Counter32,
nsRip2IfStatRcvBadRoutes
Counter32,
nsRip2IfStatSentUpdates
Counter32,
nsRip2IfStatStatus
RowStatus,
nsRip2IfStatVRID
INTEGER
}
nsRip2IfStatAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The IP Address of this system on the indicated
subnet. For unnumbered interfaces, the value 0.0.0.N,
where the least significant 24 bits (N) is the ifIndex
for the IP Interface in network byte order."
::= { nsRip2IfStatEntry 1 }
nsRip2IfStatRcvBadPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of RIP response packets received by
the RIP process which were subsequently discarded
for any reason (e.g. a version 0 packet, or an
unknown command type)."
::= { nsRip2IfStatEntry 2 }
nsRip2IfStatRcvBadRoutes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of routes, in valid RIP packets,
which were ignored for any reason (e.g. unknown
address family, or invalid metric)."
::= { nsRip2IfStatEntry 3 }
nsRip2IfStatSentUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of triggered RIP updates actually
sent on this interface. This explicitly does
NOT include full updates sent containing new
information."
::= { nsRip2IfStatEntry 4 }
nsRip2IfStatStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"Writing invalid has the effect of deleting
this interface."
::= { nsRip2IfStatEntry 5 }
nsRip2IfStatVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsRip2IfStatEntry 6 }
-- The RIP Interface Configuration Table.
nsRip2IfConfTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsRip2IfConfEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of subnets which require separate
configuration in RIP."
::= { nsRip2 3 }
nsRip2IfConfEntry OBJECT-TYPE
SYNTAX NsRip2IfConfEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A Single Routing Domain in a single Subnet."
INDEX { nsRip2IfConfAddress, nsRip2IfConfVRID }
::= { nsRip2IfConfTable 1 }
NsRip2IfConfEntry ::=
SEQUENCE {
nsRip2IfConfAddress
IpAddress,
nsRip2IfConfDomain
RouteTag,
nsRip2IfConfAuthType
INTEGER,
nsRip2IfConfAuthKey
OCTET STRING,
nsRip2IfConfSend
INTEGER,
nsRip2IfConfReceive
INTEGER,
nsRip2IfConfDefaultMetric
INTEGER,
nsRip2IfConfStatus
RowStatus,
nsRip2IfConfSrcAddress
IpAddress,
nsRip2IfConfVRID
INTEGER
}
nsRip2IfConfAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The IP Address of this system on the indicated
subnet. For unnumbered interfaces, the value 0.0.0.N,
where the least significant 24 bits (N) is the ifIndex
for the IP Interface in network byte order."
::= { nsRip2IfConfEntry 1 }
nsRip2IfConfDomain OBJECT-TYPE
SYNTAX RouteTag
MAX-ACCESS read-create
STATUS obsolete
DESCRIPTION
"Value inserted into the Routing Domain field
of all RIP packets sent on this interface."
DEFVAL { '0000'H }
::= { nsRip2IfConfEntry 2 }
nsRip2IfConfAuthType OBJECT-TYPE
SYNTAX INTEGER {
noAuthentication (1),
simplePassword (2),
md5 (3)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The type of Authentication used on this
interface."
DEFVAL { noAuthentication }
::= { nsRip2IfConfEntry 3 }
nsRip2IfConfAuthKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..16))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The value to be used as the Authentication Key
whenever the corresponding instance of
nsRip2IfConfAuthType has a value other than
noAuthentication. A modification of the corresponding
instance of nsRip2IfConfAuthType does not modify
the nsRip2IfConfAuthKey value. If a string shorter
than 16 octets is supplied, it will be left-
justified and padded to 16 octets, on the right,
with nulls (0x00).
Reading this object always results in an OCTET
STRING of length zero; authentication may not
be bypassed by reading the MIB object."
DEFVAL { ''H }
::= { nsRip2IfConfEntry 4 }
nsRip2IfConfSend OBJECT-TYPE
SYNTAX INTEGER {
doNotSend (1),
ripVersion1 (2),
rip1Compatible (3),
ripVersion2 (4),
ripV1Demand (5),
ripV2Demand (6)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"What the router sends on this interface.
ripVersion1 implies sending RIP updates compliant
with RFC 1058. rip1Compatible implies
broadcasting RIP-2 updates using RFC 1058 route
subsumption rules. ripVersion2 implies
multicasting RIP-2 updates. ripV1Demand indicates
the use of Demand RIP on a WAN interface under RIP
Version 1 rules. ripV2Demand indicates the use of
Demand RIP on a WAN interface under Version 2 rules."
DEFVAL { rip1Compatible }
::= { nsRip2IfConfEntry 5 }
nsRip2IfConfReceive OBJECT-TYPE
SYNTAX INTEGER {
rip1 (1),
rip2 (2),
rip1OrRip2 (3),
doNotRecieve (4)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This indicates which version of RIP updates
are to be accepted. Note that rip2 and
rip1OrRip2 implies reception of multicast
packets."
DEFVAL { rip1OrRip2 }
::= { nsRip2IfConfEntry 6 }
nsRip2IfConfDefaultMetric OBJECT-TYPE
SYNTAX INTEGER ( 0..15 )
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"This variable indicates the metric that is to
be used for the default route entry in RIP updates
originated on this interface. A value of zero
indicates that no default route should be
originated; in this case, a default route via
another router may be propagated."
::= { nsRip2IfConfEntry 7 }
nsRip2IfConfStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"Writing invalid has the effect of deleting
this interface."
::= { nsRip2IfConfEntry 8 }
nsRip2IfConfSrcAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The IP Address this system will use as a source
address on this interface. If it is a numbered
interface, this MUST be the same value as
nsRip2IfConfAddress. On unnumbered interfaces,
it must be the value of nsRip2IfConfAddress for
some interface on the system."
::= { nsRip2IfConfEntry 9 }
nsRip2IfConfVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsRip2IfConfEntry 10 }
--4.3 Peer Table
-- Peer Table
-- The RIP Peer Group
-- Implementation of this Group is Optional
-- This group provides information about active peer
-- relationships intended to assist in debugging. An
-- active peer is a router from which a valid RIP
-- updated has been heard in the last 180 seconds.
nsRip2PeerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsRip2PeerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of RIP Peers."
::= { nsRip2 4 }
nsRip2PeerEntry OBJECT-TYPE
SYNTAX NsRip2PeerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Information regarding a single routing peer."
INDEX { nsRip2PeerAddress, nsRip2PeerDomain, nsRip2PeerVRID }
::= { nsRip2PeerTable 1 }
NsRip2PeerEntry ::=
SEQUENCE {
nsRip2PeerAddress
IpAddress,
nsRip2PeerDomain
RouteTag,
nsRip2PeerLastUpdate
TimeTicks,
nsRip2PeerVersion
INTEGER,
nsRip2PeerRcvBadPackets
Counter32,
nsRip2PeerRcvBadRoutes
Counter32,
nsRip2PeerVRID
INTEGER
}
nsRip2PeerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The IP Address that the peer is using as its source
address. Note that on an unnumbered link, this may
not be a member of any subnet on the system."
::= { nsRip2PeerEntry 1 }
nsRip2PeerDomain OBJECT-TYPE
SYNTAX RouteTag
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value in the Routing Domain field in RIP
packets received from the peer. As domain suuport
is deprecated, this must be zero."
::= { nsRip2PeerEntry 2 }
nsRip2PeerLastUpdate OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value of sysUpTime when the most recent
RIP update was received from this system."
::= { nsRip2PeerEntry 3 }
nsRip2PeerVersion OBJECT-TYPE
SYNTAX INTEGER ( 0..255 )
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The RIP version number in the header of the
last RIP packet received."
::= { nsRip2PeerEntry 4 }
nsRip2PeerRcvBadPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of RIP response packets from this
peer discarded as invalid."
::= { nsRip2PeerEntry 5 }
nsRip2PeerRcvBadRoutes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The number of routes from this peer that were
ignored because the entry format was invalid."
::= { nsRip2PeerEntry 6 }
nsRip2PeerVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"Virtual Router ID"
::= { nsRip2PeerEntry 7 }
END

253
MIBS/screenos/NETSCREEN-SCHEDULE-MIB Normal file
View File

@ -0,0 +1,253 @@
-- This module defines enterprise MIBs for Schedule
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SCHEDULE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSchedule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenScheduleMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
scheduled entries"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSchedule 0 }
NsSchOnceEntry ::= SEQUENCE
{
nsSchOnceIndex Integer32,
nsSchOnceName DisplayString,
nsSchOnceStartTime DisplayString,
nsSchOnceStopTime DisplayString,
nsSchOnceComments DisplayString,
nsSchOnceVsys Integer32
}
NsSchRecurEntry ::= SEQUENCE
{
nsSchRecurIndex Integer32,
nsSchRecurName DisplayString,
nsSchRecurWeekday INTEGER,
nsSchRecurStartTime1 DisplayString,
nsSchRecurStopTime1 DisplayString,
nsSchRecurStartTime2 DisplayString,
nsSchRecurStopTime2 DisplayString,
nsSchRecurComments DisplayString,
nsSchRecurVsys Integer32
}
nsSchOnceTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSchOnceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"By associating a schedule to a NetScreen device setting, user
can determine when that setting is in effect. This table
specifies the configuration of schedules as a one-time
event."
::= { netscreenSchedule 1 }
nsSchOnceEntry OBJECT-TYPE
SYNTAX NsSchOnceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsSchOnceTable holds a set of configuration
parameters associated with an instance of one-time schedule."
INDEX
{ nsSchOnceIndex }
::= { nsSchOnceTable 1 }
nsSchOnceIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for schedule. Its value ranges between 1 and
65535 and may not be contiguous. The index has no other
meaning but a pure index"
::= { nsSchOnceEntry 1 }
nsSchOnceName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's name."
::= { nsSchOnceEntry 2 }
nsSchOnceStartTime OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's start time."
::= { nsSchOnceEntry 3 }
nsSchOnceStopTime OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's stop time."
::= { nsSchOnceEntry 4 }
nsSchOnceComments OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Comments for this schedule."
::= { nsSchOnceEntry 5 }
nsSchOnceVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Vsys this entry belongs to"
::= { nsSchOnceEntry 6 }
nsSchRecurTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSchRecurEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"By associating a schedule to a NetScreen device setting, user
can determine when that setting is in effect. This table
specifies the configuration of schedules on a recurring
basis."
::= { netscreenSchedule 2 }
nsSchRecurEntry OBJECT-TYPE
SYNTAX NsSchRecurEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsSchOnceTable holds a set of configuration
parameters associated with an instance of re-occurring
schedule."
INDEX
{ nsSchRecurIndex }
::= { nsSchRecurTable 1 }
nsSchRecurIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for schedule. Its value ranges between 1 and
65535 and may not be contiguous. The index has no other
meaning but a pure index"
::= { nsSchRecurEntry 1 }
nsSchRecurName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's name"
::= { nsSchRecurEntry 2 }
nsSchRecurWeekday OBJECT-TYPE
SYNTAX INTEGER {
sun(0),
mon(1),
tue(2),
wed(3),
thu(4),
fri(5),
sat(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's starts date, using week day to determine."
::= { nsSchRecurEntry 3 }
nsSchRecurStartTime1 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's start time one."
::= { nsSchRecurEntry 4 }
nsSchRecurStopTime1 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule's stop time one."
::= { nsSchRecurEntry 5 }
nsSchRecurStartTime2 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule start time two."
::= { nsSchRecurEntry 6 }
nsSchRecurStopTime2 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"schedule stop time two."
::= { nsSchRecurEntry 7 }
nsSchRecurComments OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"comments for the schedule."
::= { nsSchRecurEntry 8 }
nsSchRecurVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The vsys this entry belongs to"
::= { nsSchRecurEntry 9 }
END

323
MIBS/screenos/NETSCREEN-SERVICE-MIB Normal file
View File

@ -0,0 +1,323 @@
-- This module defines enterprise MIBs for Services
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SERVICE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenService
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenServiceMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
service configuration in NetScreen device."
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenService 0 }
NsServiceEntry ::= SEQUENCE
{
nsServiceIndex Integer32,
nsServiceName DisplayString,
nsServiceCategory INTEGER,
nsServiceTransProto INTEGER,
nsServiceSrcPortLow Integer32,
nsServiceSrcPortHigh Integer32,
nsServiceDstPortLow Integer32,
nsServiceDstPortHigh Integer32,
nsServiceFlag INTEGER,
nsServiceVsys Integer32
}
NsServiceGroupEntry ::= SEQUENCE
{
nsServiceGroupIndex Integer32,
nsServiceGroupName DisplayString,
nsServiceGroupMember Integer32,
nsServiceGroupComment DisplayString,
nsServiceGroupVsys Integer32
}
NsServiceGrpMemberEntry ::= SEQUENCE
{
nsServiceGrpMemberIndex Integer32,
nsServiceGrpName DisplayString,
nsServiceGroupMemberName DisplayString,
nsServiceGroupMemberVsys Integer32
}
nsServiceTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsServiceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Services are types of IP traffic for which protocol standards
exist. This table collects all the service configurations
existing in NetScreen device."
::= { netscreenService 1 }
nsServiceEntry OBJECT-TYPE
SYNTAX NsServiceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each enry in the nsServiceTable holds a set of configuration
parameters associated with an instance of service."
INDEX
{ nsServiceIndex }
::= { nsServiceTable 1 }
nsServiceIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each address. Its value ranges between 0
and 65535 and may not be contiguous."
::= { nsServiceEntry 1 }
nsServiceName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service name."
::= { nsServiceEntry 2 }
nsServiceCategory OBJECT-TYPE
SYNTAX INTEGER {
remote(1),
email(2),
infoseek(3),
security(4),
other(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Category this service belongs to."
::= { nsServiceEntry 3 }
nsServiceTransProto OBJECT-TYPE
SYNTAX INTEGER {
other(0),
icmp(1),
tcp(6),
udp(17),
egp(8),
igp(9),
udp(17),
rsvp(46),
gre(47),
ospf(89)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service trans protocol.
6 means tcp
17 means udp"
::= { nsServiceEntry 4 }
nsServiceSrcPortLow OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The low source port number associated with service."
::= { nsServiceEntry 5 }
nsServiceSrcPortHigh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The high source port number associated with service."
::= { nsServiceEntry 6 }
nsServiceDstPortLow OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The low destination port number associated with service."
::= { nsServiceEntry 7 }
nsServiceDstPortHigh OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The high source port number associated with service."
::= { nsServiceEntry 8 }
nsServiceFlag OBJECT-TYPE
SYNTAX INTEGER {
pre-define(0),
usr-define(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service flag used to indicate if the service is a pre-defined
one or a custom one."
::= { nsServiceEntry 9 }
nsServiceVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this configuration belongs to."
::= { nsServiceEntry 10 }
nsServiceGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsServiceGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Services can be organized into service group for convenience.
This table collects all service group entries in NetScreen
device."
::= { netscreenService 2 }
nsServiceGroupEntry OBJECT-TYPE
SYNTAX NsServiceGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsServiceGroupTable holds a set of
information about service group."
INDEX
{ nsServiceGroupIndex }
::= { nsServiceGroupTable 1 }
nsServiceGroupIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each group. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsServiceGroupEntry 1 }
nsServiceGroupName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service group name."
::= { nsServiceGroupEntry 2 }
nsServiceGroupMember OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Service member number in service group."
::= { nsServiceGroupEntry 3 }
nsServiceGroupComment OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Comments for service group."
::= { nsServiceGroupEntry 4 }
nsServiceGroupVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this group belongs to."
::= { nsServiceGroupEntry 5 }
nsServiceGrpMemberTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsServiceGrpMemberEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Service group membership info table will show detail
information of a service group."
::= { netscreenService 3 }
nsServiceGrpMemberEntry OBJECT-TYPE
SYNTAX NsServiceGrpMemberEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing attributes service group's member info"
INDEX
{ nsServiceGrpMemberIndex }
::= { nsServiceGrpMemberTable 1 }
nsServiceGrpMemberIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each group. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsServiceGrpMemberEntry 1 }
nsServiceGrpName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specific service group name"
::= { nsServiceGrpMemberEntry 2 }
nsServiceGroupMemberName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specific service name in the service group."
::= { nsServiceGrpMemberEntry 3 }
nsServiceGroupMemberVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this configuration belongs to"
::= { nsServiceGrpMemberEntry 4 }
END

202
MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB Normal file
View File

@ -0,0 +1,202 @@
-- This module defines enterprise MIBs for NS admin setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-ADMIN-USR-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetAdminUsrMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor admin
user"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 11 }
NsSetAdminUserClientEntry ::= SEQUENCE
{
nsAdminUserClientIndex Integer32,
nsAdminUserClientIp IpAddress,
nsAdminUserClientNetmask IpAddress,
nsAdminUserVSYS Integer32
}
NsSetAdminUserLocalEntry ::= SEQUENCE
{
nsAdminUserLocalIndex Integer32,
nsAdminUserLocalName DisplayString,
nsAdminUserLocalPriv Integer32,
nsAdminUserLocalRole Integer32
}
nsSetAdminUser OBJECT IDENTIFIER ::= { netscreenSetting 11 }
nsSetAdminUserLocalTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetAdminUserLocalEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table collects all administration user information stored
in local user database."
::= { nsSetAdminUser 1 }
nsSetAdminUserLocalEntry OBJECT-TYPE
SYNTAX NsSetAdminUserLocalEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Local database administration user attributes."
INDEX
{ nsAdminUserLocalIndex }
::= { nsSetAdminUserLocalTable 1 }
nsAdminUserLocalIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for user info table. Its value ranges between
0 and 65535 and may not be contiguous."
::= { nsSetAdminUserLocalEntry 1 }
nsAdminUserLocalName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Administration user name."
::= { nsSetAdminUserLocalEntry 2 }
nsAdminUserLocalPriv OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Administration user's privileges. The smaller the value, the
higher the privileges."
::= { nsSetAdminUserLocalEntry 3 }
nsAdminUserLocalRole OBJECT-TYPE
SYNTAX Integer32 {
not-assigned(0),
crypto(1),
security(2),
audit(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Administration user's role attributes."
::= { nsSetAdminUserLocalEntry 4 }
nsAdminUserRadius OBJECT IDENTIFIER ::= { nsSetAdminUser 2 }
nsAdminUserRadiusEnabled OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable external radius server to authenticate admin user"
::= { nsAdminUserRadius 1 }
nsAdminUserRadiusServer OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"External radius server name"
::= { nsAdminUserRadius 2 }
nsSetAdminUserClientTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetAdminUserClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Management Client IP addresses is used to restrict the
administration ability from one or multiple addresses of a
subnet."
::= { nsSetAdminUser 3 }
nsSetAdminUserClientEntry OBJECT-TYPE
SYNTAX NsSetAdminUserClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing admin client ip information"
INDEX
{ nsAdminUserClientIndex }
::= { nsSetAdminUserClientTable 1 }
nsAdminUserClientIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for client ip table. Its value ranges between
0 and 65535 and may not be contiguous."
::= { nsSetAdminUserClientEntry 1 }
nsAdminUserClientIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Management client ip"
::= { nsSetAdminUserClientEntry 2 }
nsAdminUserClientNetmask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Management client ip netmask"
::= { nsSetAdminUserClientEntry 3 }
nsAdminUserVSYS OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Vsys ID of the admin user"
::= { nsSetAdminUserClientEntry 4 }
END

404
MIBS/screenos/NETSCREEN-SET-AUTH-MIB Normal file
View File

@ -0,0 +1,404 @@
-- This module defines enterprise MIBs for Authentication
-- Configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-AUTH-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetAuthMibModule MODULE-IDENTITY
LAST-UPDATED "200411102022Z" -- Nov 10, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the configuration info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Added nsSetAuthCfgEntry attributes"
REVISION "200411102022Z" -- Nov 10, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200204270000Z" -- April 27, 2002
DESCRIPTION
"More than one auth setting allowed in one system"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 2 }
NsSetAuthCfgEntry ::= SEQUENCE
{
nsSetAuthCfgIdx Integer32,
nsSetAuthCfgVsys Integer32,
nsSetAuthCfgName DisplayString,
nsSetAuthCfgPrimary DisplayString,
nsSetAuthCfgBackup1 DisplayString,
nsSetAuthCfgBackup2 DisplayString,
nsSetAuthCfgConnIdleTimeout Integer32,
nsSetAuthCfgAuthAccount INTEGER,
nsSetAuthCfgIkeAccount INTEGER,
nsSetAuthCfgL2tpAccount INTEGER,
nsSetAuthCfgAdminAccount INTEGER,
nsSetAuthCfgXauthAccount INTEGER,
nsSetAuthCfgMethod INTEGER,
nsSetAuthCfgPort Integer32,
nsSetAuthCfgSecCliRetry Integer32,
nsSetAuthCfgSecCliTimeout Integer32,
nsSetAuthCfgSecEncType INTEGER,
nsSetAuthCfgSecUseDuress INTEGER,
nsSetAuthCfgLDAPCni DisplayString,
nsSetAuthCfgLDAPDn DisplayString,
nsSetAuthCfgSepChar DisplayString,
nsSetAuthCfgSepNumber Integer32,
nsSetAuthCfgRevInterval Integer32,
nsSetAuthCfgRadRetries Integer32,
nsSetAuthCfgEnableStnID INTEGER,
nsSetAuthCfgDomainName DisplayString,
nsSetAuthCfgAcctSessIdLen Integer32,
nsSetAuthCfgRFC2138Compatibility INTEGER,
nsSetAuthCfgSourceIfName DisplayString,
nsSetAuthCfgAcctPort Integer32,
nsSetAuthCfgAcctListActn INTEGER,
nsSetAuthCfgSourceIfInfo Integer32
}
nsSetAuth OBJECT IDENTIFIER ::= { netscreenSetting 2 }
nsSetAuthCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetAuthCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The authentication configuration of NetScreen device."
::= { nsSetAuth 1 }
nsSetAuthCfgEntry OBJECT-TYPE
SYNTAX NsSetAuthCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen admin user authentication setting table."
INDEX
{ nsSetAuthCfgIdx }
::= { nsSetAuthCfgTable 1 }
nsSetAuthCfgIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Authentication server config index."
::= { nsSetAuthCfgEntry 1 }
nsSetAuthCfgVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtural system the setting belongs to."
::= { nsSetAuthCfgEntry 2 }
nsSetAuthCfgName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Authentication server setting entry name."
::= { nsSetAuthCfgEntry 3 }
nsSetAuthCfgPrimary OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Primary authentication server IP or domain name."
::= { nsSetAuthCfgEntry 4 }
nsSetAuthCfgBackup1 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First backup authentication server IP or domain name.It's
optional."
::= { nsSetAuthCfgEntry 5 }
nsSetAuthCfgBackup2 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secondary backup authentication server IP or domain name.It's
optional."
::= { nsSetAuthCfgEntry 6 }
nsSetAuthCfgConnIdleTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"connection timeout threshold setting. 0 means no timeout
setting."
::= { nsSetAuthCfgEntry 7 }
nsSetAuthCfgAuthAccount OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allow authentication account."
::= { nsSetAuthCfgEntry 8 }
nsSetAuthCfgIkeAccount OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allow IKE account."
::= { nsSetAuthCfgEntry 9 }
nsSetAuthCfgL2tpAccount OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allow L2tp account."
::= { nsSetAuthCfgEntry 10 }
nsSetAuthCfgAdminAccount OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allow administration account."
::= { nsSetAuthCfgEntry 11 }
nsSetAuthCfgXauthAccount OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Allow Xauth account."
::= { nsSetAuthCfgEntry 12 }
nsSetAuthCfgMethod OBJECT-TYPE
SYNTAX INTEGER {
build-in-user-db(0),
radius-server(1),
secureId-server(2),
ldap-server(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetScreen device admin user authentication method."
::= { nsSetAuthCfgEntry 13 }
nsSetAuthCfgPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Server listening port number."
::= { nsSetAuthCfgEntry 14 }
nsSetAuthCfgSecCliRetry OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SecureID client client retry times"
::= { nsSetAuthCfgEntry 15 }
nsSetAuthCfgSecCliTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SecureID client timeout threshold."
::= { nsSetAuthCfgEntry 16 }
nsSetAuthCfgSecEncType OBJECT-TYPE
SYNTAX INTEGER {
sdi(0),
des(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SecureID traffic encryption type."
::= { nsSetAuthCfgEntry 17 }
nsSetAuthCfgSecUseDuress OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Use duress in SecureID authentication."
::= { nsSetAuthCfgEntry 18 }
nsSetAuthCfgLDAPCni OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..2))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"LDAP server common name identifier"
::= { nsSetAuthCfgEntry 19 }
nsSetAuthCfgLDAPDn OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"LDAP server distinguished name"
::= { nsSetAuthCfgEntry 20 }
nsSetAuthCfgSepChar OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..2))
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Seperator character for this entry"
::= { nsSetAuthCfgEntry 21 }
nsSetAuthCfgSepNumber OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Seperator number for this entry"
::= { nsSetAuthCfgEntry 22 }
nsSetAuthCfgRevInterval OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Revert interval for this entry"
::= { nsSetAuthCfgEntry 23 }
nsSetAuthCfgRadRetries OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Radius retries for this entries"
::= { nsSetAuthCfgEntry 24 }
nsSetAuthCfgEnableStnID OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Enable/Disable call station ID for this entry."
::= { nsSetAuthCfgEntry 25 }
nsSetAuthCfgDomainName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Domain name for this entry"
::= { nsSetAuthCfgEntry 26 }
nsSetAuthCfgAcctSessIdLen OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Acct session identifier length for this entry"
::= { nsSetAuthCfgEntry 27 }
nsSetAuthCfgRFC2138Compatibility OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Is RFC2138 compatible for this entry"
::= { nsSetAuthCfgEntry 28 }
nsSetAuthCfgSourceIfName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Source interface name for this entry"
::= { nsSetAuthCfgEntry 29 }
nsSetAuthCfgAcctPort OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Radius accounting port for this entry"
::= { nsSetAuthCfgEntry 30 }
nsSetAuthCfgAcctListActn OBJECT-TYPE
SYNTAX INTEGER {
none(0),
cleanup-sess(1)
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Radius accounting action for this entry"
::= { nsSetAuthCfgEntry 31 }
nsSetAuthCfgSourceIfInfo OBJECT-TYPE
SYNTAX Integer32
ACCESS read-only
STATUS mandatory
DESCRIPTION
"Source interface info for this entry. Returns -1 if no interface is selected"
::= { nsSetAuthCfgEntry 32 }
END

134
MIBS/screenos/NETSCREEN-SET-DHCP-MIB Normal file
View File

@ -0,0 +1,134 @@
-- This module defines enterprise MIBs for DHCP Configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-DHCP-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetDhcpMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the configuration info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct wrong title"
REVISION "200112120000Z" -- December 12, 2001
DESCRIPTION
"change dhcp configuration per physical interface"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 5 }
NsSetDhcpEntry ::= SEQUENCE
{
nsSetDhcpIfIdx Integer32,
nsSetDHCPService INTEGER,
nsSetDHCPRelayServer DisplayString,
nsSetDHCPVpnEncryp INTEGER,
nsSetDhcpIfInfo Integer32
}
nsSetDHCP OBJECT IDENTIFIER ::= { netscreenSetting 5 }
nsSetDhcpTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetDhcpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen ScreenOS can allow dhcp service on each of NetScreen
device's physical interface. This table collects the dhcp
configuration on each physical interface."
::= { nsSetDHCP 1 }
nsSetDhcpEntry OBJECT-TYPE
SYNTAX NsSetDhcpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Hold the firewall setting attribute."
INDEX
{ nsSetDhcpIfIdx }
::= { nsSetDhcpTable 1 }
nsSetDhcpIfIdx OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"unique interface id."
::= { nsSetDhcpEntry 1 }
nsSetDHCPService OBJECT-TYPE
SYNTAX INTEGER {
none(0),
dhcp-relay-agent(1),
dhcp-server(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DHCP service type for trusted network."
::= { nsSetDhcpEntry 2 }
nsSetDHCPRelayServer OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DHCP relay agent server name."
::= { nsSetDhcpEntry 3 }
nsSetDHCPVpnEncryp OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure DHCP relay agent traffic via VPN encryption."
::= { nsSetDhcpEntry 4 }
nsSetDhcpIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsSetDhcpEntry 5 }
END

90
MIBS/screenos/NETSCREEN-SET-DNS-MIB Normal file
View File

@ -0,0 +1,90 @@
-- This module defines enterprise MIBs for DNS Configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-DNS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetDnsMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the configuration info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct wrong title"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 3 }
nsSetDNS OBJECT IDENTIFIER ::= { netscreenSetting 3 }
nsConfigDnsPriSer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Primary DNS server ip address"
::= { nsSetDNS 1 }
nsConfigDnsSecSer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secondary DNS server ip address"
::= { nsSetDNS 2 }
nsConfigDnsRefEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable refresh DNS every day."
::= { nsSetDNS 3 }
nsConfigDnsRefTime OBJECT-TYPE
SYNTAX DisplayString (SIZE(6))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DNS refresh time."
::= { nsSetDNS 4 }
END

102
MIBS/screenos/NETSCREEN-SET-EMAIL-MIB Normal file
View File

@ -0,0 +1,102 @@
-- This module defines enterprise MIBs for email notification
-- setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-EMAIL-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetEmailMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
the email notification setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct wrong title"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 7 }
nsSetEmail OBJECT IDENTIFIER ::= { netscreenSetting 7 }
nsSetEmailEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable E-mail Notification for Alarms"
::= { nsSetEmail 1 }
nsSetEmailSMTP OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SMTP server name"
::= { nsSetEmail 2 }
nsSetEmailLog OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Include Traffic Log in email"
::= { nsSetEmail 3 }
nsSetEmailAddr1 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"E-mail receiver address one"
::= { nsSetEmail 4 }
nsSetEmailAddr2 OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"E-mail receiver address two"
::= { nsSetEmail 5 }
END

130
MIBS/screenos/NETSCREEN-SET-GEN-MIB Normal file
View File

@ -0,0 +1,130 @@
-- This module defines enterprise MIBs for Configuration monitoring
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-GEN-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetGenMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"obsolete nsSetGenSysIp"
REVISION "200508120000Z" -- Aug 12, 2005
DESCRIPTION
"This module defines the object that are used to monitor all
the configuration info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 1 }
nsSetGeneral OBJECT IDENTIFIER ::= { netscreenSetting 1 }
nsSetGenSysIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"System Ip address"
::= { nsSetGeneral 1 }
nsSetGenHostName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Host name of NetScreen device."
::= { nsSetGeneral 2 }
nsSetGenDomain OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Domain name of NetScreen device."
::= { nsSetGeneral 3 }
nsSetGenOpMode OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetScreen device can work in one of the tree mode:
transparent, NAT and route. This attribute indicates which
operation mode it use."
::= { nsSetGeneral 4 }
nsSetGenSwVer OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetSceen OS version."
::= { nsSetGeneral 5 }
nsSetGenLicInfo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetScreen OS license information."
::= { nsSetGeneral 6 }
nsSetGenSCSAdminEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"enable Command Security Shell"
::= { nsSetGeneral 7 }
nsSetGenDropSelfLogPac OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Log Packets to Self that are dropped"
::= { nsSetGeneral 8 }
END

272
MIBS/screenos/NETSCREEN-SET-GLB-MIB Normal file
View File

@ -0,0 +1,272 @@
-- This module defines enterprise MIBs for Global, Global-Pro and NSM setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-GLB-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetGlbMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
Global, Global-Pro and NSM setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 10 }
nsSetGlbMng OBJECT IDENTIFIER ::= { netscreenSetting 10 }
nsSetGlbMngVPNEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure NS Global Manager/PRO traffic via VPN encryption."
::= { nsSetGlbMng 1 }
nsSetGlbMngEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Global Manager service on NetScreen device."
::= { nsSetGlbMng 2 }
nsSetGlbProEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Global Pro Management service on NetScreen device."
::= { nsSetGlbMng 3 }
nsSetGlbManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 4 }
nsSetGlbMngSerName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Server Name of Global Manager service."
::= { nsSetGlbManagerSetting 1 }
nsSetGlbMngSerTCP OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TCP port number of Global Manager service."
::= { nsSetGlbManagerSetting 2 }
nsSetGlbMngSerUDP OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"UDP port number of Global Manager service."
::= { nsSetGlbManagerSetting 3 }
nsSetGlbMngLocal OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Global Manager service listening port number(NS device
side)."
::= { nsSetGlbManagerSetting 4 }
nsSetGlbProManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 5 }
nsSetGlbProPriSer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Primary IP Address of Global PRO Server."
::= { nsSetGlbProManagerSetting 1 }
nsSetGlbProSecSer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secondary IP Address of Global PRO Server"
::= { nsSetGlbProManagerSetting 2 }
nsSetGlbMngSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 6 }
nsSetGlbMngProtDist OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Protocol Distribution in global management service."
::= { nsSetGlbMngSetting 1 }
nsSetGlbMngEthStatis OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Ethernet Statistics in global management service."
::= { nsSetGlbMngSetting 2 }
nsSetGlbMngAttStatis OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Attack Statistics in global management service."
::= { nsSetGlbMngSetting 3 }
nsSetGlbMngPlyStatis OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Policy Statistics in global management service."
::= { nsSetGlbMngSetting 4 }
nsSetGlbMngFlowStatis OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Flow Statistics in global management service."
::= { nsSetGlbMngSetting 5 }
nsSetGlbMngTrafAlm OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Traffic Alarms in global management service."
::= { nsSetGlbMngSetting 6 }
nsSetGlbMngAttAlm OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Attack Alarms in global management service."
::= { nsSetGlbMngSetting 7 }
nsSetGlbMngEvtAlm OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Event Alarms in global management service."
::= { nsSetGlbMngSetting 8 }
nsSetGlbMngCfgLog OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Configuration Logs in global management service."
::= { nsSetGlbMngSetting 9 }
nsSetGlbMngTrafLog OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Traffic Logs in global management service."
::= { nsSetGlbMngSetting 10 }
nsSetGlbMngInfoLog OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Information Logs in global management service."
::= { nsSetGlbMngSetting 11 }
nsSetGlbMngSelfLog OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Self Logs in global management service."
::= { nsSetGlbMngSetting 12 }
END

197
MIBS/screenos/NETSCREEN-SET-LOG-MIB Normal file
View File

@ -0,0 +1,197 @@
-- This module defines enterprise MIBs for syslog setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-LOG-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetLogMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
syslog setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 8 }
nsSetLog OBJECT IDENTIFIER ::= { netscreenSetting 8 }
nsSetLogEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Syslog messages"
::= { nsSetLog 1 }
nsSetLogVPNEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure syslog message traffic using VPN encryption"
::= { nsSetLog 2 }
nsSetLogTraffic OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Including traffic log when recording administration log"
::= { nsSetLog 3 }
nsSetLogHostName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"syslog server name or ip address"
::= { nsSetLog 4 }
nsSetLogPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"syslog server port number"
::= { nsSetLog 5 }
nsSetLogSecFacility OBJECT-TYPE
SYNTAX INTEGER {
local0(16),
local1(17),
local2(18),
local3(19),
local4(20),
local5(21),
local6(22),
local7(23),
auth-sec(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Security Facility of syslog server"
::= { nsSetLog 6 }
nsSetLogFacility OBJECT-TYPE
SYNTAX INTEGER {
local0(16),
local1(17),
local2(18),
local3(19),
local4(20),
lcoal5(21),
local6(22),
loca7(23),
auth-sec(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Facility of syslog server"
::= { nsSetLog 7 }
nsSetLogLevel OBJECT-TYPE
SYNTAX INTEGER {
emergency(0),
aleart(1),
critical(2),
error(3),
warning(4),
notice(5),
info(6),
debug(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Only log messages with a priority level of
EMERGENCY/ALERT/CRITICAL/ERROR/WARNING/NOTICE/INFO/DEBUG or
higher"
::= { nsSetLog 8 }
nsSetLogWebTrendsEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable WebTrends Firewall syslog report."
::= { nsSetLog 9 }
nsSetLogWebTrendsVPNEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure WebTrends message via VPN encryption"
::= { nsSetLog 10 }
nsSetLogWebTrendsHostName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"WebTrends Host Name"
::= { nsSetLog 11 }
nsSetLogWebTrendsPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"WebTrends Host Port"
::= { nsSetLog 12 }
END

176
MIBS/screenos/NETSCREEN-SET-SNMP-MIB Normal file
View File

@ -0,0 +1,176 @@
-- This module defines enterprise MIBs for SNMP setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-SNMP-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetSnmpMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
SNMP setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311100000Z" -- November 10, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 9 }
NsSetSnmpCommHostEntry ::= SEQUENCE
{
nsSetSnmpCommHostIndex Integer32,
nsSetSnmpCommunity DisplayString,
nsSetSnmpHostInComm IpAddress,
nsSetSnmpWritePermit INTEGER,
nsSetSnmpTrapPermit INTEGER,
nsSetSnmpTrafficAlarmPermit INTEGER
}
nsSetSNMP OBJECT IDENTIFIER ::= { netscreenSetting 9 }
nsSetSnmpSysName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SNMP agent's sysname."
::= { nsSetSNMP 1 }
nsSetSnmpContact OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"contact name."
::= { nsSetSNMP 2 }
nsSetSnmpLocation OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SNMP agent Location."
::= { nsSetSNMP 3 }
nsSetSnmpVPNEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure SNMP traffic via VPN encryption"
::= { nsSetSNMP 4 }
nsSetSnmpCommHostTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetSnmpCommHostEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The snmp community and host table"
::= { nsSetSNMP 5 }
nsSetSnmpCommHostEntry OBJECT-TYPE
SYNTAX NsSetSnmpCommHostEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing community and hosts information"
INDEX
{ nsSetSnmpCommHostIndex }
::= { nsSetSnmpCommHostTable 1 }
nsSetSnmpCommHostIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for snmp community & host table. Its value
ranges between 0 and 65535 and may not be contiguous."
::= { nsSetSnmpCommHostEntry 1 }
nsSetSnmpCommunity OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SNMP community name."
::= { nsSetSnmpCommHostEntry 2 }
nsSetSnmpHostInComm OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SNMP host ip address."
::= { nsSetSnmpCommHostEntry 3 }
nsSetSnmpWritePermit OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Permission to write."
::= { nsSetSnmpCommHostEntry 4 }
nsSetSnmpTrapPermit OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Permission to receive trap."
::= { nsSetSnmpCommHostEntry 5 }
nsSetSnmpTrafficAlarmPermit OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Permission of including traffic alarm in trap."
::= { nsSetSnmpCommHostEntry 6 }
END

102
MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB Normal file
View File

@ -0,0 +1,102 @@
-- This module defines enterprise MIBs for time and NTP setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-SYSTIME-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
;
netscreenSetSystimeMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
NTP setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311120000Z" -- November 12, 2003
DESCRIPTION
"Correct wrong title"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 6 }
nsSetSysTime OBJECT IDENTIFIER ::= { netscreenSetting 6 }
nsSetSysTimeGmtOffset OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"GMT time offset of system time"
::= { nsSetSysTime 1 }
nsSetSysTimeDaySaving OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"enable daylight time saving method."
::= { nsSetSysTime 2 }
nsSetSysTimeNTP OBJECT IDENTIFIER ::= { nsSetSysTime 3 }
nsSetNtpEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Network Time Protocol"
::= { nsSetSysTimeNTP 1 }
nsSetNtpServer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Network Time Server ip"
::= { nsSetSysTimeNTP 2 }
nsSetNtpUpdateInterval OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If NetScreen device use NTP to get system time. This object
indicate the update system clock time interval."
::= { nsSetSysTimeNTP 3 }
END

133
MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB Normal file
View File

@ -0,0 +1,133 @@
-- This module defines enterprise MIBs for URL filtering
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-URL-FILTER-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetUrlFilterMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the configuration info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311120000Z" -- November 12, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No Comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 4 }
nsSetURLFilter OBJECT IDENTIFIER ::= { netscreenSetting 4 }
nsSetUrlFilterViaWebsense OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable URL Filtering via Websense Server."
::= { nsSetURLFilter 1 }
nsSetUrlServerName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Websense Server Name."
::= { nsSetURLFilter 2 }
nsSetUrlServerPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Websense Server Port."
::= { nsSetURLFilter 3 }
nsSetUrlCommTimeout OBJECT-TYPE
SYNTAX INTEGER (0..240)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Communication timeout threshold of url filtering."
::= { nsSetURLFilter 4 }
nsSetUrlServerStatus OBJECT-TYPE
SYNTAX INTEGER {
not-applicable(0),
running(1),
down(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Current server status."
::= { nsSetURLFilter 5 }
nsSetUrlSerLostHdlWay OBJECT-TYPE
SYNTAX INTEGER {
block-all(0),
permit-all(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If connectivity to the Websense server is lost, the way of
handling HTTP requests."
::= { nsSetURLFilter 6 }
nsSetUrlBlockMsgType OBJECT-TYPE
SYNTAX INTEGER {
websense(0),
netscreen(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"URL filter block message type."
::= { nsSetURLFilter 7 }
nsSetUrlNsBlockMsg OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..220))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"NetScreen device block message."
::= { nsSetURLFilter 8 }
END

150
MIBS/screenos/NETSCREEN-SET-WEB-MIB Normal file
View File

@ -0,0 +1,150 @@
-- This module defines enterprise MIBs for NS web setting
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SET-WEB-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenSetting, netscreenSettingMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenSetWebMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
NS web setting"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311120000Z" -- November 12, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No comment"
REVISION "200105270000Z" -- May 27, 2001
DESCRIPTION
"Creation Date"
::= { netscreenSettingMibModule 12 }
NsSetWebUICfgEntry ::= SEQUENCE
{
nsSetWebVsys Integer32,
nsSetWebIdleTimeout INTEGER,
nsSetWebTimeout Integer32,
nsSetWebPort Integer32,
nsSetWebSSLPort Integer32,
nsSetWebSSLCertificate DisplayString,
nsSetWebSSLCipher INTEGER
}
nsSetWebUI OBJECT IDENTIFIER ::= { netscreenSetting 12 }
nsSetWebUICfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsSetWebUICfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen devices provide WebUI for easy administration. This
table collects admin settings relating to WebUI."
::= { nsSetWebUI 1 }
nsSetWebUICfgEntry OBJECT-TYPE
SYNTAX NsSetWebUICfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing WebUI admin configuration."
INDEX
{ nsSetWebVsys }
::= { nsSetWebUICfgTable 1 }
nsSetWebVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system name the configuration belongs to. Also used as
table index."
::= { nsSetWebUICfgEntry 1 }
nsSetWebIdleTimeout OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Web Management Idle Timeout"
::= { nsSetWebUICfgEntry 2 }
nsSetWebTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Web Management Idle Timeout Setting"
::= { nsSetWebUICfgEntry 3 }
nsSetWebPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Web Management Http port number setting."
::= { nsSetWebUICfgEntry 4 }
nsSetWebSSLPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Web Management http ssl port number setting."
::= { nsSetWebUICfgEntry 5 }
nsSetWebSSLCertificate OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SSL certificate web management."
::= { nsSetWebUICfgEntry 6 }
nsSetWebSSLCipher OBJECT-TYPE
SYNTAX INTEGER {
rc4-md5(0),
rc4-40-md5(1),
des-sha(2),
triple-des-sha(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Web Management via SSL cipher algorithm"
::= { nsSetWebUICfgEntry 7 }
END

97
MIBS/screenos/NETSCREEN-SMI Normal file
View File

@ -0,0 +1,97 @@
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-SMI DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, enterprises
FROM SNMPv2-SMI
;
-- netscreenSmiMibModule MODULE-IDENTITY
netscreen MODULE-IDENTITY
LAST-UPDATED "200408310000Z" -- Aug 31, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"Modified SMI Mib Module"
REVISION "200408310000Z" -- Aug 31, 2004
DESCRIPTION
"SMI Mib"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No comment"
REVISION "200008020000Z" -- August 02, 2000
DESCRIPTION
"Creation Date"
-- ::= { netscreen 50 }
::= { enterprises 3224 }
-- netscreen OBJECT IDENTIFIER ::= { enterprises 3224 }
netscreenTrap OBJECT IDENTIFIER ::= { netscreen 0 }
netscreenProducts OBJECT IDENTIFIER ::= { netscreen 1 }
netscreenTrapInfo OBJECT IDENTIFIER ::= { netscreen 2 }
netscreenIDS OBJECT IDENTIFIER ::= { netscreen 3 }
netscreenVpn OBJECT IDENTIFIER ::= { netscreen 4 }
netscreenQos OBJECT IDENTIFIER ::= { netscreen 5 }
netscreenNsrp OBJECT IDENTIFIER ::= { netscreen 6 }
netscreenSetting OBJECT IDENTIFIER ::= { netscreen 7 }
netscreenZone OBJECT IDENTIFIER ::= { netscreen 8 }
netscreenInterface OBJECT IDENTIFIER ::= { netscreen 9 }
netscreenPolicy OBJECT IDENTIFIER ::= { netscreen 10 }
netscreenNAT OBJECT IDENTIFIER ::= { netscreen 11 }
netscreenAddr OBJECT IDENTIFIER ::= { netscreen 12 }
netscreenService OBJECT IDENTIFIER ::= { netscreen 13 }
netscreenSchedule OBJECT IDENTIFIER ::= { netscreen 14 }
netscreenVsys OBJECT IDENTIFIER ::= { netscreen 15 }
netscreenResource OBJECT IDENTIFIER ::= { netscreen 16 }
netscreenIp OBJECT IDENTIFIER ::= { netscreen 17 }
netscreenVR OBJECT IDENTIFIER ::= { netscreen 18 }
netscreenChassis OBJECT IDENTIFIER ::= { netscreen 21 }
netscreenUAC OBJECT IDENTIFIER ::= { netscreen 22 }
netscreenSettingMibModule OBJECT IDENTIFIER ::= { netscreenSetting 0 }
netscreenVpnMibModule OBJECT IDENTIFIER ::= { netscreenVpn 0 }
END

548
MIBS/screenos/NETSCREEN-TRAP-MIB Normal file
View File

@ -0,0 +1,548 @@
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-TRAP-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenTrap, netscreenTrapInfo
FROM NETSCREEN-SMI
MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenTrapMibModule MODULE-IDENTITY
LAST-UPDATED "200503032022Z" -- March 03, 2005
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"Added trap types 15, it is still in use"
REVISION "200803170000Z" -- Mar 17, 2008
DESCRIPTION
"Added 5 new trap types - 800-804. Removed 1000."
REVISION "200510170000Z" -- Oct 17, 2005
DESCRIPTION
"Added 4 new trap types - ipv6 ip conflicts(101), dip util raise(102) and clear(103),
ids-icmp-ping-id-zero(441)."
REVISION "200503030000Z" -- March 03, 2005
DESCRIPTION
"Trap MIB"
REVISION "200409100000Z" -- Sep 10, 2004
DESCRIPTION
"Removed nsTrapType 3, 15,18,19 and 1000"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200401230000Z" -- January 23, 2004
DESCRIPTION
"Add new traps (430~434)"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"Add global-report manager specific trap"
REVISION "200008020000Z" -- August 02, 2000
DESCRIPTION
"Creation Date"
::= { netscreenTrapInfo 0 }
netscreenTrapHw NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that some kind of hardware problem has
occured."
::= { netscreenTrap 100 }
netscreenTrapFw NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that some kind of firewall functions has
been triggered."
::= { netscreenTrap 200 }
netscreenTrapSw NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that some kind of software problem has
occured."
::= { netscreenTrap 300 }
netscreenTrapTrf NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that some kind of traffic conditions has
been triggered."
::= { netscreenTrap 400 }
netscreenTrapVpn NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that VPN tunnel status has occured."
::= { netscreenTrap 500 }
netscreenTrapNsrp NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that NSRP status has occured."
::= { netscreenTrap 600 }
netscreenTrapGPRO NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that some kind of Global PRO problems has
occurred."
::= { netscreenTrap 700 }
netscreenTrapDrp NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that Drp status has occured."
::= { netscreenTrap 800 }
netscreenTrapIFFailover NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that interface fail over status has
occured."
::= { netscreenTrap 900 }
netscreenTrapIDPAttack NOTIFICATION-TYPE
OBJECTS
{ netscreenTrapType, netscreenTrapDesc }
STATUS current
DESCRIPTION
"This trap indicates that IDP attack status has occured."
::= { netscreenTrap 1000 }
netscreenTrapType OBJECT-TYPE
SYNTAX INTEGER {
-- Traffic per-second threshold
traffic-sec(1),
-- Traffic per-minute threshold
traffic-min(2),
-- Multiple user auth fail alarm type
multi-auth-fail(3),
-- Winnuke pak
winnuke(4),
-- Syn attack
syn-attack(5),
-- tear-drop attack
tear-drop(6),
-- Ping of Death attack
ping-death(7),
-- IP spoofing attack
ip-spoofing(8),
-- IP source routing attack
ip-src-route(9),
-- land attack
land(10),
-- ICMP flooding attack
icmp-flood(11),
-- UDP flooding attack
udp-flood(12),
-- Illegal server IP to connect to CMS port
illegal-cms-svr(13),
-- URL blocking server connection alarm
url-block-srv(14),
-- high availability
high-availability(15),
-- Port Scan attack
port-scan(16),
-- address sweep attack
addr-sweep(17),
-- deny by policy attack
deny-policy(18),
-- device is dead
device-dead(19)
-- memory low
low-memory(20),
-- DNS server unreachable
dns-srv-down(21),
-- Fan, Power Supply failure
generic-HW-fail(22),
-- Load balance server unreachable
lb-srv-down(23),
-- log buffer overflow
log-full(24),
-- X509 related
x509(25),
-- VPN and IKE related
vpn-ike(26),
-- admin realted
admin(27),
-- Illegal src ip to connect to sme port
sme(28),
-- DHCP related
dhcp(29),
-- CPU usage is high
cpu-usage-high(30),
-- Interface IP conflict
ip-conflict(31),
-- Microsoft IIS server vulnerability
attact-malicious-url(32),
-- session threshold is exceeded
session-threshold(33),
-- SSH related alarms
ssh-alarm(34),
-- Audit storage related alarms
audit-storage(35),
-- memory normal
memory-normal(36),
-- cpu usage normal
cpu-usage-normal(37)
-- driver's rx bd shortage
rxbd-low-alarm(39),
-- VPN tunnel from down to up
vpn-tunnel-up(40),
-- VPN tunnel from up to down
vpn-tunnel-down(41),
-- VPN replay detected
vpn-replay-attack(42),
-- VPN tunnel removed
vpn-l2tp-tunnel-remove(43),
-- VPN tunnel removed and error detected
vpn-l2tp-tunnel-remove-err(44),
-- VPN call removed
vpn-l2tp-call-remove(45),
-- VPN call removed and error detected
vpn-l2tp-call-remove-err(46),
-- Number of IAS exceeds configured maximum
vpn-ias-too-many(47),
-- Number of IAS crossed configured upper threshold
vpn-ias-over-threshold(48),
-- Number of IAS crossed configured lower threshold
vpn-ias-under-threshold(49),
-- IKE error occured for the IAS session
vpn-ias-ike-error(50),
-- allocated session exceed threshold
allocated-session-threshold(51),
-- av-csp related alarm
av-csp-alarm(52),
-- av related alarm
av-alarm(53),
-- apppry related alarm
apppry-alarm(54),
-- NSRP rto self unit status change from up to down
nsrp-rto-up(60),
-- NSRP rto self unit status change from down to up
nsrp-rto-down(61),
-- NSRP track ip successed
nsrp-trackip-success(62),
-- NSRP track ip failed
nsrp-trackip-failed(63),
-- NSRP track ip fail over
nsrp-trackip-failover(64),
-- NSRP inconsistent configuration between master and backup
nsrp-inconsistent-configuration(65),
-- track ip status related alarm
trackip-status(66),
-- NSRP vsd group status change to elect
nsrp-vsd-init(70),
-- NSRP vsd group status change to master
nsrp-vsd-master(71),
-- NSRP vsd group status change to primary backup
nsrp-vsd-pbackup(72),
-- NSRP vsd group status change to backup
nsrp-vsd-backup(73),
-- NSRP vsd group status change to ineligible
nsrp-vsd-ineligible(74),
-- NSRP VSD group status change to inoperable
nsrp-vsd-inoperable(75),
-- NSRP VSD request heartbeat from 2nd HA path
nsrp-vsd-req-hearbeat-2nd(76),
-- NSRP VSD reply to 2nd path request
nsrp-vsd-reply-2nd(77),
-- NSRP duplicated RTO group found
nsrp-rto-duplicated(78),
-- NSRP duplicated VSD group master
ip-dup-master(79),
-- MEM cannot find usable memory for current pool
di-heap-create-fail(80),
-- MEM cannot find usable in any pool
mem-alloc-fail(81),
-- VRRP status related alarm
vrrp-status-alarm(82),
-- SCCP related alarm
sccp-alarm(83),
-- MGCP related alarm
mgcp-reinit(84),
-- MLFR related alarm
mlfr-alarm(85),
-- FR related alarm
fr-alarm(86),
-- CISCO HDLC related alarm
cisco-hdlc-alarm(87),
-- PPPOW related alarm
pppow-alarm(88),
-- H323 related alarm
h323-alarm(89),
-- ISDN related alarm
isdn-alarm(90),
-- interface backup
interface-backup(91),
-- Card function is abnormal
wan-card-function(92),
-- A USB key is plug/unplug from USB port
usb-device-operation(93),
-- interface failure
interface-failure(94),
-- No ppp IP pool configured
ppp-no-ip-cfg(95),
-- IP pool exhausted. No ip to assign
ppp-no-ip-in-pool(96),
-- Any change to interface IP address can use the type
ip-addr-event(101),
-- DIP utilization reaches raised threshold limit
dip-util-raise(102),
-- DIP utilization reaches clear threshold limit
dip-util-clear(103),
-- DOT1X related alarm
dot1x-alarm(105),
-- VPN IAS radius error
vpn-ias-radius-error(110),
-- VPN IKEID enum attack
vpn-ikeid-enum-attack(111),
-- VPN soft limit reached
vpn-softlimit-reached(112),
-- VPN IKE dos attack
vpn-ikedos-attack(113),
-- VPN acvpn profile error
vpn-acvpn-profile-error(114),
-- exceed maximum routing entry allowed for the system
route-sys-entry-ex(200),
-- exceed maximum routing entry allowed for a vr
route-vr-entry-ex(201),
-- exceed the hello packet threshold per hello interval
route-ospf-hello-flood(202),
-- exceed the lsa packet threshold per lsa threshold
route-ospf-lsa-flood(203),
-- exceed the update4 packet threshold per update time in rip
route-rip-update-flood(204),
-- Errors in route module (exceed limit, malloc failure, add-perfix failure etc)
route-alarm(205),
-- LSA/Hello packets flood in OSPF, route redistribution exceed limit,
ospf-flood(206),
-- Update packet floods in RIP
rip-flood(207),
-- Peer forms adjacency completely
bgp-established(208),
-- Peer's adjacency is torn down, goes to Idle state
bgp-backwardtransition(209),
-- change in virtual link's state (down, point-to-point etc)
ospf-virtifstatechange(210),
-- change in neighbor's state on regular interface (down, 2way, full etc)
ospf-nbrstatechange(211),
-- change in neighbor's state on virtual link (down, full etc)
ospf-virtnbrstatechange(212),
-- authentication mismatch/area mismatch etc on regular interface
ospf-ifconfigerror(213),
-- authentication mismatch/area mismatch etc on virtual link
ospf-virtifconfigerror(214),
-- Authentication eror on regular interface
ospf-ifauthfailure(215),
-- Authentication eror on virtual link
ospf-virtifauthfailure(216),
-- lsa received with invalid lsa-type on regular interface
ospf-ifrxbadpacket(217),
-- lsa received with invalid lsa-type on virtual link
ospf-virtifrxbadpacket(218),
-- retransmission to neighbor on regular interface
ospf-txretransmit(219),
-- retransmission to neighbor on virtual link
ospf-virtiftxretransmit(220),
-- new LSA generated by local router
ospf-originatelsa(221),
-- LSA aged out
ospf-maxagelsa(222),
-- when total LSAs in database exceed predefined limit
ospf-lsdboverflow(223),
-- when total LSAs in database approach predefined limit
ospf-lsdbapproachingoverflow(224),
-- change in regular interface state (up/down, dr/bdr etc)
ospf-ifstatechange(225),
-- BGP related alarm
bgp-alarm(226),
-- packet floods in RIPng
ripng-flood(227),
-- exceed the update4 packet threshold per update time in ripng
route-ripng-update-flood(228),
-- PBR related alarm
pbr-alarm(229),
-- NHRP related alarm
nhrp-alarm(230),
-- OSPFV3 related alarm
ospfv3-alarm(231),
-- block java/active-x component
ids-component(400),
-- icmp flood attack
ids-icmp-flood(401),
-- udp flood attack
ids-udp-flood(402),
-- winnuke attack
ids-winnuke(403),
-- port scan attack
ids-port-scan(404),
-- address sweep attack
ids-addr-sweep(405),
-- tear drop attack
ids-tear-drop(406),
-- syn flood attack
ids-syn(407),
-- ip spoofing attack
ids-ip-spoofing(408),
-- ping of death attack
ids-ping-death(409),
-- filter ip packet with source route option
ids-ip-source-route(410),
-- land attack
ids-land(411),
-- screen syn fragment attack
syn-frag-attack(412),
-- screen tcp packet without flag attack
tcp-without-flag(413),
-- screen unknown ip packet
unknow-ip-packet(414),
-- screen bad ip option
bad-ip-option(415),
-- screen ip option record
ip-option-record(416),
-- screen ip option timestamp
ip-option-timestamp(417),
-- screen ip option scht
ip-option-scht(418),
-- screen ip option lsr
ip-option-lsr(419),
-- screen ip option ssr
ip-option-ssr(420),
-- screen ip option stream
ip-option-stream(421),
-- screen icmp fragment packet
icmp-fragment(422),
-- screen too large icmp packet
too-large-icmp(423),
-- screen tcp flag syn-fin set
tcp-syn-fin(424),
-- screen tcp fin without ack
tcp-fin-no-ack(425),
-- screen mal url
tcp-mal-url(426),
-- screen sess mal num
tcp-sess-mal-num(427),
-- avoid replying to syns after excessive 3 way TCP handshakes from
-- same src ip but not proceeding with user auth. (not replying to
-- username/password)..
ids-tcp-syn-ack-ack(428),
-- ip fragment
ids-ip-block-frag(429),
-- Dst IP-based session limiting
dst-ip-session-limit(430),
-- HTTP component blocking for .zip files
ids-block-zip(431),
-- HTTP component blocking for Java applets
ids-block-jar(432),
-- HTTP component blocking for .exe files
ids-block-exe(433),
-- HTTP component blocking for ActiveX controls
ids-block-activex(434),
-- screenos tcp syn mac
tcp-syn-mac(435),
-- screenos nac attack
ids-nac-attack(436),
-- icmp ping id 0
ids-icmp-ping-id-zero(441),
-- tcp sweep
tcp-sweep(442),
-- udp sweep
udp-sweep(443),
-- AV Scan Manager Alarm, sofeware trap
av-scan-mgr(554),
-- starting value for multicast alarm
mcast-base(600),
-- mcore related alarm
mcore-alarm(601),
-- spim related alarm
spim-alarm(602),
-- starting value for Security Module alarm
sm-base(700),
-- Security Module down detected
sm-down(701),
-- Security Module packet droped detected
sm-packet-drop(702),
-- Security Module memory, CPU and session detected
sm-overload(703),
-- Security Module CPU unresponsive detected
sm-cpu-unresponsive(704),
-- Security Module Engine unresponisve
sm-cpu-unresponsive(705),
-- Secruity Module Policy Abnormal
sm-policy-abnormal(706),
-- switch alarm
switch(751),
-- sfp alarm
sfp(752),
--Shared to fair transition forced
cpu-limit-s2f-forced(800),
--Shared to fair transition auto
cpu-limit-s2f-auto(801),
--Fair to shared transition forced
cpu-limit-f2s-forced(802),
--Fair to shared transition because of timeout
cpu-limit-f2s-timeout(803),
--Fair to shared transition auto
cpu-limit-f2s-auto(804),
--Flow potential violation
sec-potential-voilation(805),
--Flow session cache alarm
flow-sess-cache(806),
--vsys session limit alarm
vsys-session-limit(850)
}
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The integer value of the raised alarm type. Note that the type
should be interpreted within a specific trap"
::= { netscreenTrapInfo 1 }
netscreenTrapDesc OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The textual description of the alarm"
::= { netscreenTrapInfo 3 }
END

124
MIBS/screenos/NETSCREEN-UAC-MIB Normal file
View File

@ -0,0 +1,124 @@
-- This module defines enterprise MIBs for UACs
--
-- Copyright (c) 1999-2010, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-UAC-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenUAC
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenUACMibModule MODULE-IDENTITY
LAST-UPDATED "201004140000Z" -- Apr 14, 2010
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
UAC"
REVISION "201004140000Z" -- Apr 14, 2010
DESCRIPTION
"Creation Date"
::= { netscreenUAC 0 }
nsUACActiveUsers OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Active users on this box, base on auth entry from UAC controler"
::= { netscreenUAC 1 }
NsUACControlerStatusEntry ::= SEQUENCE
{
nsUACControlerId Integer32,
nsUACControlerName DisplayString,
nsUACControlerHost DisplayString,
nsUACConnectionStatus Integer32
}
nsUACControlerStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsUACControlerStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen UAC controler status table"
::= { netscreenUAC 2}
nsUACControlerStatusEntry OBJECT-TYPE
SYNTAX NsUACControlerStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the table holds a set of configuration
parameters associated with an instance of secure UAC."
INDEX
{ nsUACControlerID}
::= { nsUACControlerStatusTable 1 }
nsUACControlerId OBJECT-TYPE
SYNTAX Integer32 (1..8)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for UAC table. Its value ranges between 1 and
65535 and may not be contiguous. the index has no other
meaning but a pure index"
::= { nsUACControlerStatusEntry 1 }
nsUACControlerName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure UAC name."
::= { nsUACControlerStatusEntry 2 }
nsUACControlerHost OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure UAC name."
::= { nsUACControlerStatusEntry 3 }
nsUACConnectionStatus OBJECT-TYPE
SYNTAX Integer32 {
disconnected(0),
connected(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"UAC controler status table"
::= { nsUACControlerStatusEntry 4 }
nsUACGlobalStatus OBJECT-TYPE
SYNTAX Integer32 {
disconnected(0),
connected(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"To indicate whether there is at least one heathy IC-IE connection"
::= { netscreenUAC 3 }
END

240
MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB Normal file
View File

@ -0,0 +1,240 @@
-- This module defines enterprise MIBs for Gateway VPN
-- configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-GATEWAY-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnGatewayMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for Gateway VPN
configuration"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation date"
::= { netscreenVpnMibModule 4 }
NsVpnGwEntry ::= SEQUENCE
{
nsVpnGwIndex Integer32,
nsVpnGwName DisplayString,
nsVpnGwRemoteType INTEGER,
nsVpnGwRemoteStaticIp IpAddress,
nsVpnGwRemotePeerId DisplayString,
nsVpnGwDialup DisplayString,
nsVpnGwInitMode INTEGER,
nsVpnGwPhOnePropOne DisplayString,
nsVpnGwPhOnePropTwo DisplayString,
nsVpnGwPhOnePropThree DisplayString,
nsVpnGwPhOnePropFour DisplayString,
nsVpnGwCertLocal DisplayString,
nsVpnGwPeerCa DisplayString,
nsVpnGwPeerType INTEGER,
nsVpnGwVsys Integer32
}
nsVpnGateway OBJECT IDENTIFIER ::= { netscreenVpn 4 }
nsVpnGwTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnGwEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Remote tunnel gateway table collects tunnel gateway
configurations."
::= { nsVpnGateway 1 }
nsVpnGwEntry OBJECT-TYPE
SYNTAX NsVpnGwEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnGwTable holds a set of configuration
parameters associated with an instance of tunnel gateway."
INDEX
{ nsVpnGwIndex }
::= { nsVpnGwTable 1 }
nsVpnGwIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for ike gateway table. Its value ranges
between 0 and 65535 and may not be contiguous."
::= { nsVpnGwEntry 1 }
nsVpnGwName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Tunnel gateway name."
::= { nsVpnGwEntry 2 }
nsVpnGwRemoteType OBJECT-TYPE
SYNTAX INTEGER {
static-ip(0),
dynamic-ip(1),
dialup-user(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote tunnel gateway type.It shows whether the gateway use
static ip, dynamic ip or dialup user."
::= { nsVpnGwEntry 3 }
nsVpnGwRemoteStaticIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ip address of static-ip gateway."
::= { nsVpnGwEntry 4 }
nsVpnGwRemotePeerId OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote gateway peer id, which can be used for static-ip and
dynamic ip gateway. This is optional for the static-ip
gateway."
::= { nsVpnGwEntry 5 }
nsVpnGwDialup OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote gateway dialup user or group"
::= { nsVpnGwEntry 6 }
nsVpnGwInitMode OBJECT-TYPE
SYNTAX INTEGER {
main(0),
aggressive(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 1 can take place in either Main mode or Aggressive
mode."
::= { nsVpnGwEntry 7 }
nsVpnGwPhOnePropOne OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 1 Proposal one."
::= { nsVpnGwEntry 8 }
nsVpnGwPhOnePropTwo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 1 Proposal two."
::= { nsVpnGwEntry 9 }
nsVpnGwPhOnePropThree OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 1 Proposal three."
::= { nsVpnGwEntry 10 }
nsVpnGwPhOnePropFour OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 1 Proposal four."
::= { nsVpnGwEntry 11 }
nsVpnGwCertLocal OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Local Certificate configuration for preferred
certification.(optional)"
::= { nsVpnGwEntry 12 }
nsVpnGwPeerCa OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Preferred Peer CA(optional)"
::= { nsVpnGwEntry 13 }
nsVpnGwPeerType OBJECT-TYPE
SYNTAX INTEGER {
none(0),
pkcs7(1),
pgp(2),
dns(3),
x509-sig(4),
x509-ke(5),
keerberos(6),
crl(7),
arl(8),
spki(9),
x509-att(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Peer Type(optional)"
::= { nsVpnGwEntry 14 }
nsVpnGwVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this gateway configuration belongs to."
::= { nsVpnGwEntry 15 }
END

190
MIBS/screenos/NETSCREEN-VPN-IKE-MIB Normal file
View File

@ -0,0 +1,190 @@
-- This module defines enterprise MIBs for VPN IKE info
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-IKE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnIkeMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor
VPN IKE info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"No comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 3 }
NsVpnIkeEntry ::= SEQUENCE
{
nsVpnIkeIndex Integer32,
nsVpnIkeName DisplayString,
nsVpnIkeReplayProc INTEGER,
nsVpnIkeGWTun DisplayString,
nsVpnIkePh2ProOne DisplayString,
nsVpnIkePh2ProTwo DisplayString,
nsVpnIkePh2ProThree DisplayString,
nsVpnIkePh2ProFour DisplayString,
nsVpnIkeMonitorEnable INTEGER,
nsVpnIkeTransMode INTEGER,
nsVpnIkeVsys Integer32
}
nsVpnIke OBJECT IDENTIFIER ::= { netscreenVpn 3 }
nsVpnIkeTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnIkeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IPSec supports the automated generation and negotiation of
keys and security associations using the Internet Key
Exchange(IKE) protocol. This table collects the IKE
configuration in NetScreen device."
::= { nsVpnIke 1 }
nsVpnIkeEntry OBJECT-TYPE
SYNTAX NsVpnIkeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnIkeTable holds a set of configuration
parameters associated with an IKE."
INDEX
{ nsVpnIkeIndex }
::= { nsVpnIkeTable 1 }
nsVpnIkeIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for ike table. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsVpnIkeEntry 1 }
nsVpnIkeName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Each IKE configuration can have a readable name."
::= { nsVpnIkeEntry 2 }
nsVpnIkeReplayProc OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable Replay Protection"
::= { nsVpnIkeEntry 3 }
nsVpnIkeGWTun OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote Gateway Tunnel Name"
::= { nsVpnIkeEntry 4 }
nsVpnIkePh2ProOne OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 2 Proposal one"
::= { nsVpnIkeEntry 5 }
nsVpnIkePh2ProTwo OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 2 Proposal two"
::= { nsVpnIkeEntry 6 }
nsVpnIkePh2ProThree OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 2 Proposal three"
::= { nsVpnIkeEntry 7 }
nsVpnIkePh2ProFour OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase 2 Proposal four"
::= { nsVpnIkeEntry 8 }
nsVpnIkeMonitorEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable to monitor VPN tunnel's link status."
::= { nsVpnIkeEntry 9 }
nsVpnIkeTransMode OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Transport Mode Enable (For L2TP-over-IPSec only)"
::= { nsVpnIkeEntry 10 }
nsVpnIkeVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys the configuration belongs to."
::= { nsVpnIkeEntry 11 }
END

494
MIBS/screenos/NETSCREEN-VPN-L2TP-MIB Normal file
View File

@ -0,0 +1,494 @@
-- This module defines enterprise MIBs for L2tp configuration.
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-L2TP-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnL2tpMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for L2tp
configuration."
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200008270000Z" -- August 27, 2000
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 8 }
NsVpnL2tpDefEntry ::= SEQUENCE
{
nsVpnL2tpDefVsys Integer32,
nsVpnL2tpDefPool DisplayString,
nsVpnL2tpDefAuthDb INTEGER,
nsVpnL2tpDefPPPAuth INTEGER,
nsVpnL2tpDefRadServer DisplayString,
nsVpnL2tpDefPriDns IpAddress,
nsVpnL2tpDefSecDns IpAddress,
nsVpnL2tpDefPriWins IpAddress,
nsVpnL2tpDefSecWins IpAddress
}
NsVpnL2tpTunnelEntry ::= SEQUENCE
{
nsVpnL2tpTunIndex Integer32,
nsVpnL2tpTunId Integer32,
nsVpnL2tpTunName DisplayString,
nsVpnL2tpTunUsrOrGroup DisplayString,
nsVpnL2tpTunPeerIp IpAddress,
nsVpnL2tpTunHost DisplayString,
nsVpnL2tpTunKeepAlive Integer32,
nsVpnL2tpTunVsys Integer32
}
nsVpnL2TP OBJECT IDENTIFIER ::= { netscreenVpn 8 }
nsVpnL2tpDefTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnL2tpDefEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the configuration attributes for
NetScreen L2TP tunnel."
::= { nsVpnL2TP 1 }
nsVpnL2tpDefEntry OBJECT-TYPE
SYNTAX NsVpnL2tpDefEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnL2tpDefEntry holds a set of
configuration parameters associated with an instance of L2TP
configuration."
INDEX
{ nsVpnL2tpDefVsys }
::= { nsVpnL2tpDefTable 1 }
nsVpnL2tpDefVsys OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"virtual system id"
::= { nsVpnL2tpDefEntry 1 }
nsVpnL2tpDefPool OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP pool used by the default L2TP setting."
::= { nsVpnL2tpDefEntry 2 }
nsVpnL2tpDefAuthDb OBJECT-TYPE
SYNTAX INTEGER {
local(0),
radius(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"l2tp authentication database."
::= { nsVpnL2tpDefEntry 3 }
nsVpnL2tpDefPPPAuth OBJECT-TYPE
SYNTAX INTEGER {
pap(1),
chap(2),
any(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"l2tp PPP authentication algorithm."
::= { nsVpnL2tpDefEntry 4 }
nsVpnL2tpDefRadServer OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"l2tp RADIUS Server's IP address or name."
::= { nsVpnL2tpDefEntry 5 }
nsVpnL2tpDefPriDns OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DNS Primary Server's IP address."
::= { nsVpnL2tpDefEntry 6 }
nsVpnL2tpDefSecDns OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DNS Secondary Server's IP address."
::= { nsVpnL2tpDefEntry 7 }
nsVpnL2tpDefPriWins OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"WINS Primary Server's IP address."
::= { nsVpnL2tpDefEntry 8 }
nsVpnL2tpDefSecWins OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"WINS Secondary Server's IP address."
::= { nsVpnL2tpDefEntry 9 }
nsVpnL2tpTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnL2tpTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the configuration attributes for
NetScreen L2TP tunnel."
::= { nsVpnL2TP 2 }
nsVpnL2tpTunnelEntry OBJECT-TYPE
SYNTAX NsVpnL2tpTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnL2tpTunnelTable holds a set of
configuration parameters associated with an instance of L2TP
tunnel."
INDEX
{ nsVpnL2tpTunIndex }
::= { nsVpnL2tpTunnelTable 1 }
nsVpnL2tpTunIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for l2tp tunnel table. Its value ranges
between 0 and 65535 and may not be contigous."
::= { nsVpnL2tpTunnelEntry 1 }
nsVpnL2tpTunId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"l2tp tunnel id."
::= { nsVpnL2tpTunnelEntry 2 }
nsVpnL2tpTunName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"l2tp tunnel name."
::= { nsVpnL2tpTunnelEntry 3 }
nsVpnL2tpTunUsrOrGroup OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Dialup user or group using this l2tp tunnel."
::= { nsVpnL2tpTunnelEntry 4 }
nsVpnL2tpTunPeerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel peer's IP address."
::= { nsVpnL2tpTunnelEntry 5 }
nsVpnL2tpTunHost OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel's host name."
::= { nsVpnL2tpTunnelEntry 6 }
nsVpnL2tpTunKeepAlive OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Keep alive time threshold for a l2tp tunnel."
::= { nsVpnL2tpTunnelEntry 7 }
nsVpnL2tpTunVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this tunnel belongs to"
::= { nsVpnL2tpTunnelEntry 8 }
-- VPN L2tp Monitoring Tunnel Table
nsVpnL2tpMonTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnL2tpMonTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the monitoring attributes for NetScreen
L2TP tunnel."
::= { nsVpnL2TP 3 }
nsVpnL2tpMonTunnelEntry OBJECT-TYPE
SYNTAX NsVpnL2tpMonTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnL2tpMonTunnelTable holds a set of monitoring
parameters associated with an instance of L2TP tunnel."
INDEX
{ nsVpnL2tpMonTunId }
::= { nsVpnL2tpMonTunnelTable 1 }
NsVpnL2tpMonTunnelEntry ::= SEQUENCE
{
nsVpnL2tpMonTunId Integer32,
nsVpnL2tpMonTunPeerId Integer32,
nsVpnL2tpMonTunName DisplayString,
nsVpnL2tpMonTunPeerIp IpAddress,
nsVpnL2tpMonTunPort Integer32,
nsVpnL2tpMonTunPeerHost DisplayString,
nsVpnL2tpMonTunCalls Integer32,
nsVpnL2tpMonTunState INTEGER,
nsVpnL2tpMonTunVsys Integer32
}
nsVpnL2tpMonTunId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel id. Its value ranges between 1 and 65535 and may
not be contigous."
::= { nsVpnL2tpMonTunnelEntry 1 }
nsVpnL2tpMonTunPeerId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel peer id."
::= { nsVpnL2tpMonTunnelEntry 2 }
nsVpnL2tpMonTunName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel name."
::= { nsVpnL2tpMonTunnelEntry 3 }
nsVpnL2tpMonTunPeerIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel peer's IP address."
::= { nsVpnL2tpMonTunnelEntry 4 }
nsVpnL2tpMonTunPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel port number."
::= { nsVpnL2tpMonTunnelEntry 5 }
nsVpnL2tpMonTunPeerHost OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel peer's host name."
::= { nsVpnL2tpMonTunnelEntry 6 }
nsVpnL2tpMonTunCalls OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total calls for this tunnel."
::= { nsVpnL2tpMonTunnelEntry 7 }
nsVpnL2tpMonTunState OBJECT-TYPE
SYNTAX INTEGER {
idle(1),
wait-reply(2),
wait-conn(3),
establish(4),
dead(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel state."
::= { nsVpnL2tpMonTunnelEntry 8 }
nsVpnL2tpMonTunVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this tunnel belongs to"
::= { nsVpnL2tpMonTunnelEntry 9 }
-- VPN L2tp Monitoring Call Table
nsVpnL2tpMonCallTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnL2tpMonCallEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the monitoring attributes for NetScreen
L2TP calls."
::= { nsVpnL2TP 4 }
nsVpnL2tpMonCallEntry OBJECT-TYPE
SYNTAX NsVpnL2tpMonCallEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnL2tpMonCallTable holds a set of monitoring
parameters associated with an instance of L2TP tunnel and call id."
INDEX
{ nsVpnL2tpMonCallTunId, nsVpnL2tpMonCallId }
::= { nsVpnL2tpMonCallTable 1 }
NsVpnL2tpMonCallEntry ::= SEQUENCE
{
nsVpnL2tpMonCallTunId Integer32,
nsVpnL2tpMonCallId Integer32,
nsVpnL2tpMonCallPeerId Integer32,
nsVpnL2tpMonCallIp IpAddress,
nsVpnL2tpMonCallUser DisplayString,
nsVpnL2tpMonCallType INTEGER,
nsVpnL2tpMonCallState INTEGER,
nsVpnL2tpMonCallEstTime TimeTicks,
nsVpnL2tpMonCallVsys Integer32
}
nsVpnL2tpMonCallTunId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp tunnel id. Its value ranges between 1 and 65535 and may not
be contigous."
::= { nsVpnL2tpMonCallEntry 1 }
nsVpnL2tpMonCallId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call id."
::= { nsVpnL2tpMonCallEntry 2 }
nsVpnL2tpMonCallPeerId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call peer id."
::= { nsVpnL2tpMonCallEntry 3 }
nsVpnL2tpMonCallIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call assigned IP address."
::= { nsVpnL2tpMonCallEntry 4 }
nsVpnL2tpMonCallUser OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call user name."
::= { nsVpnL2tpMonCallEntry 5 }
nsVpnL2tpMonCallType OBJECT-TYPE
SYNTAX INTEGER {
none(1),
incoming(2),
outgoing(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Call type."
::= { nsVpnL2tpMonCallEntry 6 }
nsVpnL2tpMonCallState OBJECT-TYPE
SYNTAX INTEGER {
idle(1),
wait-conn(2),
establish(3),
wait-tunnel(4),
wait-reply(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call state."
::= { nsVpnL2tpMonCallEntry 7 }
nsVpnL2tpMonCallEstTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2tp call establish time. This is the sysUptime when
the call was established"
::= { nsVpnL2tpMonCallEntry 8 }
nsVpnL2tpMonCallVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual system this tunnel belongs to"
::= { nsVpnL2tpMonCallEntry 9 }
END

219
MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB Normal file
View File

@ -0,0 +1,219 @@
-- This module defines enterprise MIBs for VPN Manual Key
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-MANUAL-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnManualMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for VPN Manual
Key"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200205210000Z" -- May 21, 2002
DESCRIPTION
"Zwang add sha-256 in nsVpnManualKeyEspAuthAlg"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 2 }
NsVpnManualKeyEntry ::= SEQUENCE
{
nsVpnManualKeyIndex Integer32,
nsVpnManualKeyTunName DisplayString,
nsVpnManualKeyGW IpAddress,
nsVpnManualKeySILocal Integer32,
nsVpnManualKeySIRemote Integer32,
nsVpnManualKeyTunnelType INTEGER,
nsVpnManualKeyEspEncAlg INTEGER,
nsVpnManualKeyEspAuthAlg INTEGER,
nsVpnManualKeyAhHash INTEGER,
nsVpnManualKeyMonitorEnable INTEGER,
nsVpnManualKeyTunToTrust INTEGER,
nsVpnManualKeyVsys Integer32
}
nsVpnManualKey OBJECT IDENTIFIER ::= { netscreenVpn 2 }
nsVpnManualKeyTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnManualKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the configuration attributes for
NetScreen device's manual key setting."
::= { nsVpnManualKey 1 }
nsVpnManualKeyEntry OBJECT-TYPE
SYNTAX NsVpnManualKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnManualKeyTable holds a set of
configuration parameters associated with an instance of manual
key."
INDEX
{ nsVpnManualKeyIndex }
::= { nsVpnManualKeyTable 1 }
nsVpnManualKeyIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for manual key table. Its value ranges between
0 and 65535 and may not be contiguous."
::= { nsVpnManualKeyEntry 1 }
nsVpnManualKeyTunName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VPN tunnel name that uses this manual key configuration."
::= { nsVpnManualKeyEntry 2 }
nsVpnManualKeyGW OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VPN tunnel peer gateway IP address."
::= { nsVpnManualKeyEntry 3 }
nsVpnManualKeySILocal OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Local Security Index."
::= { nsVpnManualKeyEntry 4 }
nsVpnManualKeySIRemote OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote Security Index."
::= { nsVpnManualKeyEntry 5 }
nsVpnManualKeyTunnelType OBJECT-TYPE
SYNTAX INTEGER {
esp(0),
ah(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VPN tunnel type."
::= { nsVpnManualKeyEntry 6 }
nsVpnManualKeyEspEncAlg OBJECT-TYPE
SYNTAX INTEGER {
null(0),
des-cbc(1),
tripple-des-cbc(2),
aes-cbc(3),
aes-192(4),
aes-256(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ESP Encryption Algorithm when manual key vpn tunnel type is
ESP."
::= { nsVpnManualKeyEntry 7 }
nsVpnManualKeyEspAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2),
sha256(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ESP Authentication Algorithm when manual key vpn tunnel type
is ESP."
::= { nsVpnManualKeyEntry 8 }
nsVpnManualKeyAhHash OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AH Hash Algorithm when manual key vpn tunnel type is AH."
::= { nsVpnManualKeyEntry 9 }
nsVpnManualKeyMonitorEnable OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable monitor vpn tunnel's link status."
::= { nsVpnManualKeyEntry 10 }
nsVpnManualKeyTunToTrust OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Tunnel to Trusted Interface"
::= { nsVpnManualKeyEntry 11 }
nsVpnManualKeyVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this vpn manual key setting belongs to."
::= { nsVpnManualKeyEntry 12 }
END

537
MIBS/screenos/NETSCREEN-VPN-MON-MIB Normal file
View File

@ -0,0 +1,537 @@
-- This module defines enterprise MIBs for VPN tunnel monitoring
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-MON-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE,
TimeTicks
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnMonMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor VPN
tunnels"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200008270000Z" -- August 27, 2000
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 1 }
NsVpnMonEntry ::= SEQUENCE
{
nsVpnMonIndex Integer32,
nsVpnMonInPlyId Integer32,
nsVpnMonOutPlyId Integer32,
nsVpnMonVpnName DisplayString,
nsVpnMonVsysName DisplayString,
nsVpnMonTunnelType INTEGER,
nsVpnMonEspEncAlg INTEGER,
nsVpnMonEspAuthAlg INTEGER,
nsVpnMonAhAlg INTEGER,
nsVpnMonKeyType INTEGER,
nsVpnMonP1Auth INTEGER,
nsVpnMonVpnType INTEGER,
nsVpnMonRmtGwIp IpAddress,
nsVpnMonRmtGwId DisplayString,
nsVpnMonMyGwIp IpAddress,
nsVpnMonMyGwId DisplayString,
nsVpnMonOutSpi Integer32,
nsVpnMonInSpi Integer32,
nsVpnMonMonState INTEGER,
nsVpnMonTunnelState INTEGER,
nsVpnMonP1State INTEGER,
nsVpnMonP1LifeTime Integer32,
nsVpnMonP2State INTEGER,
nsVpnMonP2LifeTime Integer32,
nsVpnMonP2LifeBytes Integer32,
nsVpnMonDelayAvg Integer32,
nsVpnMonDelayLast Integer32,
nsVpnMonAvail Integer32,
nsVpnMonSaId Integer32,
nsVpnMonGroupId Integer32,
nsVpnMonUsrId Integer32,
nsVpnMonStartSessRequestTime TimeTicks,
nsVpnMonStartSessEstTime TimeTicks,
nsVpnMonEndSessTime TimeTicks,
nsVpnMonBytesIn Counter32,
nsVpnMonBytesOut Counter32,
nsVpnMonPacketsIn Counter32,
nsVpnMonPacketsOut Counter32,
nsVpnMonIfIndex Integer32,
nsVpnMonUpdateTime TimeTicks,
nsVpnMonDN DisplayString,
nsVpnMonIfInfo Integer32
}
netscreenVpnMon OBJECT IDENTIFIER ::= { netscreenVpn 1 }
nsVpnMonTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of active VPN tunnel entries."
::= { netscreenVpnMon 1 }
nsVpnMonEntry OBJECT-TYPE
SYNTAX NsVpnMonEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A VPN tunnel entry containing attributes for both IKE Phase 1
and Phase 2 as well as associated policy"
INDEX
{ nsVpnMonIndex }
::= { nsVpnMonTable 1 }
nsVpnMonIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for each active VPN tunnel. Its value ranges
between 1 and 65535 and may not be contiguous. Due to the
dynamic nature of active VPN tunnels, the index has no other
meaning but a pure index"
::= { nsVpnMonEntry 1 }
nsVpnMonInPlyId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The incoming policy ID for which this tunnel is created for.
-1 means no policy associates with this SA."
::= { nsVpnMonEntry 2 }
nsVpnMonOutPlyId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The outgoing policy ID for which this tunnel is created for.
-1 means no policy associates with this SA."
::= { nsVpnMonEntry 3 }
nsVpnMonVpnName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string contains information about the VPN entity
from which this tunnel was derived."
::= { nsVpnMonEntry 4 }
nsVpnMonVsysName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual string contains the Virtual system to which this
tunnel belongs."
::= { nsVpnMonEntry 5 }
nsVpnMonTunnelType OBJECT-TYPE
SYNTAX INTEGER {
reserved(0),
proto-isakmp(1),
proto-ipsec-ah(2),
proto-ipsec-esp(3),
proto-ipcomp(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Protocol type used for the tunnel"
::= { nsVpnMonEntry 6 }
nsVpnMonEspEncAlg OBJECT-TYPE
SYNTAX INTEGER {
reserved(0),
esp-des-iv64(1),
esp-des(2),
esp-3des(3),
esp-rc5(4),
esp-idea(5),
esp-cast(6),
esp-blowfish(7),
esp-3idea(8),
esp-des-iv32(9),
esp-rc4(10),
esp-null(11),
esp-aes(12),
esp-aes192(20),
esp-aes256(21)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"a value which identifies a particular algorithm to be used to
provide secrecy protection for ESP."
::= { nsVpnMonEntry 7 }
nsVpnMonEspAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
reserved(0),
hmac-md5(1),
hmac-sha(2),
des-mac(3),
ipdk(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The ESP Authentication Algorithm used in the IPsec."
::= { nsVpnMonEntry 8 }
nsVpnMonAhAlg OBJECT-TYPE
SYNTAX INTEGER {
reserved(0),
ah-md5(2),
ah-sha(3),
ah-des(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"a value which identifies a particular algorithm to be used to
provide integrity protection for AH."
::= { nsVpnMonEntry 9 }
nsVpnMonKeyType OBJECT-TYPE
SYNTAX INTEGER {
manual(0),
auto-ike(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"a value which identifies a key exchange protocol to be used
for the negotiation"
::= { nsVpnMonEntry 10 }
nsVpnMonP1Auth OBJECT-TYPE
SYNTAX INTEGER {
unused(0),
preshared-key(1),
dss-Signature(2),
rsa-Signature(3),
rsa-Encryption1(4),
rsa-Encryption2(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"a value which identifies Phase 1 authentication method"
::= { nsVpnMonEntry 11 }
nsVpnMonVpnType OBJECT-TYPE
SYNTAX INTEGER {
reserved(0),
dialup(1),
site-to-site(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of this VPN tunnel, either a dialup or site-to-site"
::= { nsVpnMonEntry 12 }
nsVpnMonRmtGwIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The peer Gateway's IP address"
::= { nsVpnMonEntry 13 }
nsVpnMonRmtGwId OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The peer Gateway's ID"
::= { nsVpnMonEntry 14 }
nsVpnMonMyGwIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local Gateway's IP address"
::= { nsVpnMonEntry 15 }
nsVpnMonMyGwId OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local Gateway's ID"
::= { nsVpnMonEntry 16 }
nsVpnMonOutSpi OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The SPI for outgoing packets"
::= { nsVpnMonEntry 17 }
nsVpnMonInSpi OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The SPI for incoming packets"
::= { nsVpnMonEntry 18 }
nsVpnMonMonState OBJECT-TYPE
SYNTAX INTEGER {
off(0),
on(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The monitoring status, if it is on, an icmp ping will be sent
over the tunnel periodically to test the connectivity and
latency"
::= { nsVpnMonEntry 19 }
nsVpnMonTunnelState OBJECT-TYPE
SYNTAX INTEGER {
down(0),
up(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current tunnel status determined by the icmp ping if The
monitoring status is on."
::= { nsVpnMonEntry 20 }
nsVpnMonP1State OBJECT-TYPE
SYNTAX INTEGER {
inactive(0),
active(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IKE's Phase 1 status"
::= { nsVpnMonEntry 21 }
nsVpnMonP1LifeTime OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"an active Phase 1 sa's time left before re-key. -1 means
unlimited lifetime."
::= { nsVpnMonEntry 22 }
nsVpnMonP2State OBJECT-TYPE
SYNTAX INTEGER {
inactive(0),
active(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IKE's Phase 2 status"
::= { nsVpnMonEntry 23 }
nsVpnMonP2LifeTime OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"an active Phase 2 sa's time left before re-key. -1 means
unlimited life time."
::= { nsVpnMonEntry 24 }
nsVpnMonP2LifeBytes OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"an active Phase 2 sa's bytes left before re-key. -1 means
unlimited life bytes."
::= { nsVpnMonEntry 25 }
nsVpnMonDelayAvg OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"a kind of rolling average of latency, in milliseconds. -1 has
no meaning here, which means nsVpnMonDelayAvg has not been
calculated yet."
::= { nsVpnMonEntry 26 }
nsVpnMonDelayLast OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"latency in last sample, in milliseconds.
-1 means either vpn tunnel is inactive or vpn tunnel monitor is
not turned on."
::= { nsVpnMonEntry 27 }
nsVpnMonAvail OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"percentage over 30 samples"
::= { nsVpnMonEntry 28 }
nsVpnMonSaId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"SA identifier, also used as table index"
::= { nsVpnMonEntry 29 }
nsVpnMonGroupId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Group Identifier"
::= { nsVpnMonEntry 30 }
nsVpnMonUsrId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User Identifier"
::= { nsVpnMonEntry 31 }
nsVpnMonStartSessRequestTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Start Session request timestamp"
::= { nsVpnMonEntry 32 }
nsVpnMonStartSessEstTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Start Session establish timestamp"
::= { nsVpnMonEntry 33 }
nsVpnMonEndSessTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"End Session timestamp [when session terminates]"
::= { nsVpnMonEntry 34 }
nsVpnMonBytesIn OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Incoming bytes through this sa."
::= { nsVpnMonEntry 35 }
nsVpnMonBytesOut OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outgoing bytes through this sa."
::= { nsVpnMonEntry 36 }
nsVpnMonPacketsIn OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Incoming packets through this sa."
::= { nsVpnMonEntry 37 }
nsVpnMonPacketsOut OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Outgoing packets through this sa."
::= { nsVpnMonEntry 38 }
nsVpnMonIfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"interface index."
::= { nsVpnMonEntry 39 }
nsVpnMonUpdateTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Timestamp [Whenever any member of the row gets updated, the
timestamp is updated]"
::= { nsVpnMonEntry 40 }
nsVpnMonDN OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"DN name"
::= { nsVpnMonEntry 41 }
nsVpnMonIfInfo OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Internal id assigned to this interface. Stays persistent across resets."
::= { nsVpnMonEntry 42 }
END

186
MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB Normal file
View File

@ -0,0 +1,186 @@
-- This module defines enterprise MIBs for VPN Phase 1
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-PHASEONE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnPhaseoneMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for VPN Phase 1"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 5 }
NsVpnPhOneEntry ::= SEQUENCE
{
nsVpnPhOneIndex Integer32,
nsVpnPhOneName DisplayString,
nsVpnPhOneAuthMethod INTEGER,
nsVpnPhOneDhGroup Integer32,
nsVpnPhOneEncryp INTEGER,
nsVpnPhOneHash INTEGER,
nsVpnPhOneLifetime Integer32,
nsVpnPhOneLifetimeMeasure INTEGER,
nsVpnPhOneVsys Integer32
}
nsVpnPhaseOneCfg OBJECT IDENTIFIER ::= { netscreenVpn 5 }
nsVpnPhOneTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnPhOneEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"To establish an IKE IPSec tunnel, two phases of negotiation
are required. This table specifies the configuration attributes
for Phase One negotiation. In Phase 1, the participants
establish a secure channel in which to negotiate the IPSec
SAs."
::= { nsVpnPhaseOneCfg 1 }
nsVpnPhOneEntry OBJECT-TYPE
SYNTAX NsVpnPhOneEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnPhOneTable holds a set of configuration
parameters associated with an instance of Phase 1 setting."
INDEX
{ nsVpnPhOneIndex }
::= { nsVpnPhOneTable 1 }
nsVpnPhOneIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for phase one table. Its value ranges between
1 and 65535 and may not be contiguous. The index has no other
meaning but a pure index"
::= { nsVpnPhOneEntry 1 }
nsVpnPhOneName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase one proposal name."
::= { nsVpnPhOneEntry 2 }
nsVpnPhOneAuthMethod OBJECT-TYPE
SYNTAX INTEGER {
preshare(0),
rsa-sig(1),
dsa-sig(2),
rsa-enc(3),
rsa-rev(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase one proposal authentication method."
::= { nsVpnPhOneEntry 3 }
nsVpnPhOneDhGroup OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase one proposal Diffie-Hellman exchange group id."
::= { nsVpnPhOneEntry 4 }
nsVpnPhOneEncryp OBJECT-TYPE
SYNTAX INTEGER {
null(0),
des(1),
des3(2),
aes(3),
aes-192(4),
aes-256(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase one proposal encryption exchange id."
::= { nsVpnPhOneEntry 5 }
nsVpnPhOneHash OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase one proposal hash algorithm."
::= { nsVpnPhOneEntry 6 }
nsVpnPhOneLifetime OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Lifetime of this phase one setting."
::= { nsVpnPhOneEntry 7 }
nsVpnPhOneLifetimeMeasure OBJECT-TYPE
SYNTAX INTEGER {
second(0),
minute(1),
hours(2),
days(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"life time measurement."
::= { nsVpnPhOneEntry 8 }
nsVpnPhOneVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this phase one proposal configuration belongs to."
::= { nsVpnPhOneEntry 9 }
END

208
MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB Normal file
View File

@ -0,0 +1,208 @@
-- This module defines enterprise MIBs for VPN Phase two
-- negotiation.
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-PHASETWO-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVpnPhasetwoMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for VPN Phase two
negotiation."
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 6 }
NsVpnPhTwoEntry ::= SEQUENCE
{
nsVpnPhTwoIndex Integer32,
nsVpnPhTwoName DisplayString,
nsVpnPhTwoPFS Integer32,
nsVpnPhTwoEncapMethod INTEGER,
nsVpnPhTwoESPEncryp INTEGER,
nsVpnPhTwoESPAuth INTEGER,
nsVpnPhTwoAhAuth INTEGER,
nsVpnPhTwoLifetime Integer32,
nsVpnPhTwoLifetimeMeasure INTEGER,
nsVpnPhTwoLifetimeKb Integer32,
nsVpnPhTwoVsys Integer32
}
nsVpnPhaseTwoCfg OBJECT IDENTIFIER ::= { netscreenVpn 6 }
nsVpnPhTwoTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnPhTwoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"To establish an IKE IPSec tunnel, two phases of negotiation
are required. This table specifies the configuration attributes
for Phase Two negotiation. In Phase 2, the participants
negotiate the IPSec SAs for encrypting and authenticating the
ensuing exchanges of user data."
::= { nsVpnPhaseTwoCfg 1 }
nsVpnPhTwoEntry OBJECT-TYPE
SYNTAX NsVpnPhTwoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnPhTwoTable holds a set of configuration
parameters associated with an instance of Phase 2 setting."
INDEX
{ nsVpnPhTwoIndex }
::= { nsVpnPhTwoTable 1 }
nsVpnPhTwoIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for phase Two table. Its value ranges between
1 and 65535 and may not be contiguous. The index has no other
meaning but a pure index"
::= { nsVpnPhTwoEntry 1 }
nsVpnPhTwoName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase two proposal name."
::= { nsVpnPhTwoEntry 2 }
nsVpnPhTwoPFS OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Perfect Forward Secrecy - Diffie-Hellman exchange group."
::= { nsVpnPhTwoEntry 3 }
nsVpnPhTwoEncapMethod OBJECT-TYPE
SYNTAX INTEGER {
ah(0),
esp(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase two proposal encapsulation method."
::= { nsVpnPhTwoEntry 4 }
nsVpnPhTwoESPEncryp OBJECT-TYPE
SYNTAX INTEGER {
null(0),
des(1),
triple-des(2),
aes(3),
aes-192(4),
aes-256(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase two proposal ESP encryption algorithm."
::= { nsVpnPhTwoEntry 5 }
nsVpnPhTwoESPAuth OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2),
sha-256(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase two proposal ESP authentication Algorithm."
::= { nsVpnPhTwoEntry 6 }
nsVpnPhTwoAhAuth OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Phase two proposal AH authentication Algorithm."
::= { nsVpnPhTwoEntry 7 }
nsVpnPhTwoLifetime OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Lifetime in time"
::= { nsVpnPhTwoEntry 8 }
nsVpnPhTwoLifetimeMeasure OBJECT-TYPE
SYNTAX INTEGER {
second(0),
minute(1),
hours(2),
days(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"life time measurement."
::= { nsVpnPhTwoEntry 9 }
nsVpnPhTwoLifetimeKb OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Lifetime in KBytes"
::= { nsVpnPhTwoEntry 10 }
nsVpnPhTwoVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this proposal configuration belongs to."
::= { nsVpnPhTwoEntry 11 }
END

466
MIBS/screenos/NETSCREEN-VPN-USER-MIB Normal file
View File

@ -0,0 +1,466 @@
-- This module defines enterprise MIBs for VPN User
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VPN-USER-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVpn, netscreenVpnMibModule
FROM NETSCREEN-SMI
Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenUserMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines NetScreen private MIBs for VPN User"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200205050000Z" -- May 05, 2002
DESCRIPTION
"Add dial-up group type"
REVISION "200105140000Z" -- May 14, 2001
DESCRIPTION
"Creation Date"
::= { netscreenVpnMibModule 10 }
NsVpnAILUsrEntry ::= SEQUENCE
{
nsVpnAILUsrIndex Integer32,
nsVpnAILUsrName DisplayString,
nsVpnAILUsrGrp DisplayString,
nsVpnAILUsrStatus INTEGER,
nsVpnAILUsrIKE INTEGER,
nsVpnAILUsrIKEIdType INTEGER,
nsVpnAILUsrIKEId DisplayString,
nsVpnAILUsrAuth INTEGER,
nsVpnAILUsrL2TP INTEGER,
nsVpnAILUsrL2tpRemoteIp IpAddress,
nsVpnAILUsrL2tpIpPool DisplayString,
nsVpnAILUsrL2tpIp IpAddress,
nsVpnAILUsrL2tpPriDnsIp IpAddress,
nsVpnAILUsrL2tpSecDnsIp IpAddress,
nsVpnAILUsrL2tpPriWinsIp IpAddress,
nsVpnAILUsrL2tpSecWinsIp IpAddress,
nsVpnAILUsrVsys Integer32
}
NsVpnManualKeyUsrEntry ::= SEQUENCE
{
nsVpnManualKeyUsrIndex Integer32,
nsVpnManualKeyUsrName DisplayString,
nsVpnManualKeyUsrGrp DisplayString,
nsVpnManualKeyUsrSILocal Integer32,
nsVpnManualKeyUsrSIRemote Integer32,
nsVpnManualKeyUsrTunnelType INTEGER,
nsVpnManualKeyUsrEspEncAlg INTEGER,
nsVpnManualKeyUsrEspAuthAlg INTEGER,
nsVpnManualKeyUsrAhHash INTEGER,
nsVpnManualKeyUsrVsys Integer32
}
NsVpnUsrDialupGrpEntry ::= SEQUENCE
{
nsVpnUsrDialupGrpIndex Integer32,
nsVpnUsrDialupGrpName DisplayString,
nsVpnUsrDialupGrpType INTEGER,
nsVpnUsrDialupGrpVsys Integer32
}
nsVpnUser OBJECT IDENTIFIER ::= { netscreenVpn 10 }
nsVpnUsrDialupGrpTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnUsrDialupGrpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen supports using dialup group to organize vpn
user.This table collects the information of dialup group in
NetScreen device."
::= { nsVpnUser 1 }
nsVpnUsrDialupGrpEntry OBJECT-TYPE
SYNTAX NsVpnUsrDialupGrpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table holds a set of configuration
information about dialup group."
INDEX
{ nsVpnUsrDialupGrpIndex }
::= { nsVpnUsrDialupGrpTable 1 }
nsVpnUsrDialupGrpIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for schedule. Its value ranges between 0 and
65535 and may not be contiguous."
::= { nsVpnUsrDialupGrpEntry 1 }
nsVpnUsrDialupGrpName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"dialup user group name."
::= { nsVpnUsrDialupGrpEntry 2 }
nsVpnUsrDialupGrpType OBJECT-TYPE
SYNTAX INTEGER {
undefined(0),
manual(1),
ike(2),
l2tp(3),
xauth(4),
auth(5),
external(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"dial up group type."
::= { nsVpnUsrDialupGrpEntry 3 }
nsVpnUsrDialupGrpVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this group belongs to."
::= { nsVpnUsrDialupGrpEntry 4 }
nsVpnManualKeyUsrTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnManualKeyUsrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the configuration attributes for manual
key user."
::= { nsVpnUser 2 }
nsVpnManualKeyUsrEntry OBJECT-TYPE
SYNTAX NsVpnManualKeyUsrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnManualkeyUsrTable holds a set of
configuration parameters associated with an instance of manual
key user."
INDEX
{ nsVpnManualKeyUsrIndex }
::= { nsVpnManualKeyUsrTable 1 }
nsVpnManualKeyUsrIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for manual key user table. Its value ranges
between 0 and 65535 and may not be contiguous."
::= { nsVpnManualKeyUsrEntry 1 }
nsVpnManualKeyUsrName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User name."
::= { nsVpnManualKeyUsrEntry 2 }
nsVpnManualKeyUsrGrp OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"group this user belongs to."
::= { nsVpnManualKeyUsrEntry 3 }
nsVpnManualKeyUsrSILocal OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Local Security Index"
::= { nsVpnManualKeyUsrEntry 4 }
nsVpnManualKeyUsrSIRemote OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote Security Index"
::= { nsVpnManualKeyUsrEntry 5 }
nsVpnManualKeyUsrTunnelType OBJECT-TYPE
SYNTAX INTEGER {
esp(0),
ah(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vpn tunnel type."
::= { nsVpnManualKeyUsrEntry 6 }
nsVpnManualKeyUsrEspEncAlg OBJECT-TYPE
SYNTAX INTEGER {
null(0),
des-cbc(1),
triple-des-cbc(2),
aes(3),
aes-192(4),
aes-256(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ESP Encryption Algorithm."
::= { nsVpnManualKeyUsrEntry 7 }
nsVpnManualKeyUsrEspAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ESP Authentication Algorithm."
::= { nsVpnManualKeyUsrEntry 8 }
nsVpnManualKeyUsrAhHash OBJECT-TYPE
SYNTAX INTEGER {
null(0),
md5(1),
sha(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"AH Hash Algorithm."
::= { nsVpnManualKeyUsrEntry 9 }
nsVpnManualKeyUsrVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this user belongs to."
::= { nsVpnManualKeyUsrEntry 10 }
nsVpnAILUsrTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVpnAILUsrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the configuration attributes for
AUTH/IKE/L2TP user."
::= { nsVpnUser 3 }
nsVpnAILUsrEntry OBJECT-TYPE
SYNTAX NsVpnAILUsrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the nsVpnManualkeyUsrTable holds a set of
configuration parameters associated with an instance of
AUTH/IKE/L2TP user."
INDEX
{ nsVpnAILUsrIndex }
::= { nsVpnAILUsrTable 1 }
nsVpnAILUsrIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for Auth/Ike/l2tp user table. Its value ranges
between 1 and 65535 and may not be contiguous."
::= { nsVpnAILUsrEntry 1 }
nsVpnAILUsrName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User name."
::= { nsVpnAILUsrEntry 2 }
nsVpnAILUsrGrp OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"group this user belongs to."
::= { nsVpnAILUsrEntry 3 }
nsVpnAILUsrStatus OBJECT-TYPE
SYNTAX INTEGER {
disable(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"User status"
::= { nsVpnAILUsrEntry 4 }
nsVpnAILUsrIKE OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Since Authentication, IKE L2TP can be combined together. This
attribute is used to indicate if this user is an IKE user."
::= { nsVpnAILUsrEntry 5 }
nsVpnAILUsrIKEIdType OBJECT-TYPE
SYNTAX INTEGER {
not-set(0),
ipv4-addr(1),
fqdn(2),
usr-fqdn(3),
ipv4-addr-subnet(4),
ipv6-addr(5),
ipv6-addr-subnet(6),
ipv4-addr-addr-range(7),
ipv6-addr-addr-range(8),
der-asn1-dn(9),
der-asn1-gn(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IKE user type 1 means auto, other values are undefined."
::= { nsVpnAILUsrEntry 6 }
nsVpnAILUsrIKEId OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IKE id."
::= { nsVpnAILUsrEntry 7 }
nsVpnAILUsrAuth OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Since Authentication, IKE L2TP can be combined together. This
attribute is used to indicate if this user is an Authentication
user."
::= { nsVpnAILUsrEntry 8 }
nsVpnAILUsrL2TP OBJECT-TYPE
SYNTAX INTEGER {
no(0),
yes(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Since Authentication, IKE L2TP can be combined together. This
attribute is used to indicate if this user is a L2TP user. The
NetScreen-1000 does not support L2TP."
::= { nsVpnAILUsrEntry 9 }
nsVpnAILUsrL2tpRemoteIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2TP remote peer ip address."
::= { nsVpnAILUsrEntry 10 }
nsVpnAILUsrL2tpIpPool OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"ip pool entity name."
::= { nsVpnAILUsrEntry 11 }
nsVpnAILUsrL2tpIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"L2TP local ip address."
::= { nsVpnAILUsrEntry 12 }
nsVpnAILUsrL2tpPriDnsIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"primary DNS server IP address for L2TP user."
::= { nsVpnAILUsrEntry 13 }
nsVpnAILUsrL2tpSecDnsIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"secondary DNS server IP address for L2TP user."
::= { nsVpnAILUsrEntry 14 }
nsVpnAILUsrL2tpPriWinsIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"primary WINS server IP address for L2TP user."
::= { nsVpnAILUsrEntry 15 }
nsVpnAILUsrL2tpSecWinsIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"secondary WINS server IP address for L2TP user."
::= { nsVpnAILUsrEntry 16 }
nsVpnAILUsrVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"vsys this user belongs to."
::= { nsVpnAILUsrEntry 17 }
END

787
MIBS/screenos/NETSCREEN-VR-BGP4-MIB Normal file
View File

@ -0,0 +1,787 @@
-- These MIBs were created on 1/2/2003
-- This module defines enterprise MIBs for NS BGP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VR-BGP4-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
IpAddress, Integer32, Counter32, Gauge32
FROM SNMPv2-SMI
netscreenTrapDesc, netscreenTrapType
FROM NETSCREEN-TRAP-MIB
netscreenVR
FROM NETSCREEN-SMI;
nsVrBgp MODULE-IDENTITY
LAST-UPDATED "200506202022Z" -- June 20, 2005
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"The MIB module for NS-BGP-4."
::= { netscreenVR 6 }
-- BGP Info table. This table contains, one entry per
-- VR, information about the BGP's Version, LocalAs and Identifier.
nsVrBgpInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrBgpInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"BGP info table. This table contains,
one entry per VR, information about
the BGP's Version, LocalAs and Identifier."
::= { nsVrBgp 1 }
nsVrBgpInfoEntry OBJECT-TYPE
SYNTAX NsVrBgpInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry containing information about the
BGP's Version, LocalAs and Identifier"
INDEX { nsVrBgpInfoVRID }
::= { nsVrBgpInfoTable 1 }
NsVrBgpInfoEntry ::= SEQUENCE {
nsVrBgpInfoVersion
OCTET STRING,
nsVrBgpInfoLocalAs
INTEGER,
nsVrBgpInfoIdentifier
IpAddress,
nsVrBgpInfoVRID
INTEGER
}
nsVrBgpInfoVersion OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Vector of supported BGP protocol version
numbers. Each peer negotiates the version
from this vector. Versions are identified
via the string of bits contained within this
object. The first octet contains bits 0 to
7, the second octet contains bits 8 to 15,
and so on, with the most significant bit
referring to the lowest bit number in the
octet (e.g., the MSB of the first octet
refers to bit 0). If a bit, i, is present
and set, then the version (i+1) of the BGP
is supported."
::= { nsVrBgpInfoEntry 1 }
nsVrBgpInfoLocalAs OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local autonomous system number."
::= { nsVrBgpInfoEntry 2 }
nsVrBgpInfoIdentifier OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The BGP Identifier of local system."
::= { nsVrBgpInfoEntry 3 }
nsVrBgpInfoVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrBgpInfoEntry 4 }
-- BGP Peer table. This table contains, one entry per
-- BGP peer, information about the BGP peer.
nsVrBgpPeerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrBgpPeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"BGP peer table. This table contains,
one entry per BGP peer, information about
the connections with BGP peers."
::= { nsVrBgp 3 }
nsVrBgpPeerEntry OBJECT-TYPE
SYNTAX NsVrBgpPeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry containing information about the
connection with a BGP peer."
INDEX { nsVrBgpPeerVRID,
nsVrBgpPeerRemoteAddr }
::= { nsVrBgpPeerTable 1 }
NsVrBgpPeerEntry ::= SEQUENCE {
nsVrBgpPeerIdentifier
IpAddress,
nsVrBgpPeerState
INTEGER,
nsVrBgpPeerAdminStatus
INTEGER,
nsVrBgpPeerNegotiatedVersion
Integer32,
nsVrBgpPeerLocalAddr
IpAddress,
nsVrBgpPeerLocalPort
INTEGER,
nsVrBgpPeerRemoteAddr
IpAddress,
nsVrBgpPeerRemotePort
INTEGER,
nsVrBgpPeerRemoteAs
INTEGER,
nsVrBgpPeerInUpdates
Counter32,
nsVrBgpPeerOutUpdates
Counter32,
nsVrBgpPeerInTotalMessages
Counter32,
nsVrBgpPeerOutTotalMessages
Counter32,
nsVrBgpPeerLastError
OCTET STRING,
nsVrBgpPeerFsmEstablishedTransitions
Counter32,
nsVrBgpPeerFsmEstablishedTime
Gauge32,
nsVrBgpPeerConnectRetryInterval
INTEGER,
nsVrBgpPeerHoldTime
INTEGER,
nsVrBgpPeerKeepAlive
INTEGER,
nsVrBgpPeerHoldTimeConfigured
INTEGER,
nsVrBgpPeerKeepAliveConfigured
INTEGER,
nsVrBgpPeerMinASOriginationInterval
INTEGER,
nsVrBgpPeerMinRouteAdvertisementInterval
INTEGER,
nsVrBgpPeerInUpdateElapsedTime
Gauge32,
nsVrBgpPeerVRID
INTEGER
}
nsVrBgpPeerIdentifier OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The BGP Identifier of this entry's BGP
peer."
::= { nsVrBgpPeerEntry 1 }
nsVrBgpPeerState OBJECT-TYPE
SYNTAX INTEGER {
idle(1),
connect(2),
active(3),
opensent(4),
openconfirm(5),
established(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The BGP peer connection state."
::= { nsVrBgpPeerEntry 2 }
nsVrBgpPeerAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
stop(1),
start(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The desired state of the BGP connection.
A transition from 'stop' to 'start' will
cause the BGP Start Event to be generated.
A transition from 'start' to 'stop' will
cause the BGP Stop Event to be generated.
This parameter can be used to restart BGP
peer connections. Care should be used in
providing write access to this object
without adequate authentication."
::= { nsVrBgpPeerEntry 3 }
nsVrBgpPeerNegotiatedVersion OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The negotiated version of BGP running
between the two peers."
::= { nsVrBgpPeerEntry 4 }
nsVrBgpPeerLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local IP address of this entry's BGP
connection."
::= { nsVrBgpPeerEntry 5 }
nsVrBgpPeerLocalPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local port for the TCP connection
between the BGP peers."
::= { nsVrBgpPeerEntry 6 }
nsVrBgpPeerRemoteAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote IP address of this entry's BGP
peer."
::= { nsVrBgpPeerEntry 7 }
nsVrBgpPeerRemotePort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote port for the TCP connection
between the BGP peers. Note that the
objects nsVrBgpPeerLocalAddr,
nsVrBgpPeerLocalPort, nsVrBgpPeerRemoteAddr and
nsVrBgpPeerRemotePort provide the appropriate
reference to the standard MIB TCP
connection table."
::= { nsVrBgpPeerEntry 8 }
nsVrBgpPeerRemoteAs OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote autonomous system number."
::= { nsVrBgpPeerEntry 9 }
nsVrBgpPeerInUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of BGP UPDATE messages
received on this connection. This object
should be initialized to zero (0) when the
connection is established."
::= { nsVrBgpPeerEntry 10 }
nsVrBgpPeerOutUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of BGP UPDATE messages
transmitted on this connection. This
object should be initialized to zero (0)
when the connection is established."
::= { nsVrBgpPeerEntry 11 }
nsVrBgpPeerInTotalMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of messages received
from the remote peer on this connection.
This object should be initialized to zero
when the connection is established."
::= { nsVrBgpPeerEntry 12 }
nsVrBgpPeerOutTotalMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of messages transmitted to
the remote peer on this connection. This
object should be initialized to zero when
the connection is established."
::= { nsVrBgpPeerEntry 13 }
nsVrBgpPeerLastError OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (2))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The last error code and subcode seen by this
peer on this connection. If no error has
occurred, this field is zero. Otherwise, the
first byte of this two byte OCTET STRING
contains the error code, and the second byte
contains the subcode."
::= { nsVrBgpPeerEntry 14 }
nsVrBgpPeerFsmEstablishedTransitions OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of times the BGP FSM
transitioned into the established state."
::= { nsVrBgpPeerEntry 15 }
nsVrBgpPeerFsmEstablishedTime OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This timer indicates how long (in
seconds) this peer has been in the
Established state or how long
since this peer was last in the
Established state. It is set to zero when
a new peer is configured or the router is
booted."
::= { nsVrBgpPeerEntry 16 }
nsVrBgpPeerConnectRetryInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the
ConnectRetry timer. The suggested value
for this timer is 120 seconds."
::= { nsVrBgpPeerEntry 17 }
nsVrBgpPeerHoldTime OBJECT-TYPE
SYNTAX INTEGER ( 0 | 3..65535 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the Hold
Timer established with the peer. The
value of this object is calculated by this
BGP speaker by using the smaller of the
value in nsVrBgpPeerHoldTimeConfigured and the
Hold Time received in the OPEN message.
This value must be at lease three seconds
if it is not zero (0) in which case the
Hold Timer has not been established with
the peer, or, the value of
nsVrBgpPeerHoldTimeConfigured is zero (0)."
::= { nsVrBgpPeerEntry 18 }
nsVrBgpPeerKeepAlive OBJECT-TYPE
SYNTAX INTEGER ( 0 | 1..21845 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the KeepAlive
timer established with the peer. The value
of this object is calculated by this BGP
speaker such that, when compared with
nsVrBgpPeerHoldTime, it has the same
proportion as what
nsVrBgpPeerKeepAliveConfigured has when
compared with nsVrBgpPeerHoldTimeConfigured.
If the value of this object is zero (0),
it indicates that the KeepAlive timer has
not been established with the peer, or,
the value of nsVrBgpPeerKeepAliveConfigured is
zero (0)."
::= { nsVrBgpPeerEntry 19 }
nsVrBgpPeerHoldTimeConfigured OBJECT-TYPE
SYNTAX INTEGER ( 0 | 3..65535 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the Hold Time
configured for this BGP speaker with this
peer. This value is placed in an OPEN
message sent to this peer by this BGP
speaker, and is compared with the Hold
Time field in an OPEN message received
from the peer when determining the Hold
Time (nsVrBgpPeerHoldTime) with the peer.
This value must not be less than three
seconds if it is not zero (0) in which
case the Hold Time is NOT to be
established with the peer. The suggested
value for this timer is 90 seconds."
::= { nsVrBgpPeerEntry 20 }
nsVrBgpPeerKeepAliveConfigured OBJECT-TYPE
SYNTAX INTEGER ( 0 | 1..21845 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the
KeepAlive timer configured for this BGP
speaker with this peer. The value of this
object will only determine the
KEEPALIVE messages' frequency relative to
the value specified in
nsVrBgpPeerHoldTimeConfigured; the actual
time interval for the KEEPALIVE messages
is indicated by nsVrBgpPeerKeepAlive. A
reasonable maximum value for this timer
would be configured to be one
third of that of
nsVrBgpPeerHoldTimeConfigured.
If the value of this object is zero (0),
no periodical KEEPALIVE messages are sent
to the peer after the BGP connection has
been established. The suggested value for
this timer is 30 seconds."
::= { nsVrBgpPeerEntry 21 }
nsVrBgpPeerMinASOriginationInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the
MinASOriginationInterval timer.
The suggested value for this timer is 15
seconds."
::= { nsVrBgpPeerEntry 22 }
nsVrBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Time interval in seconds for the
MinRouteAdvertisementInterval timer.
The suggested value for this timer is 30
seconds."
::= { nsVrBgpPeerEntry 23 }
nsVrBgpPeerInUpdateElapsedTime OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Elapsed time in seconds since the last BGP
UPDATE message was received from the peer.
Each time nsVrBgpPeerInUpdates is incremented,
the value of this object is set to zero
(0)."
::= { nsVrBgpPeerEntry 24 }
nsVrBgpPeerVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrBgpPeerEntry 25 }
-- BGP-4 Received Path Attribute Table. This table
-- contains, one entry per path to a network, path
-- attributes received from all peers running BGP-4.
nsVrBgp4PathAttrTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrBgp4PathAttrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The BGP-4 Received Path Attribute Table
contains information about paths to
destination networks received from all
BGP4 peers."
::= { nsVrBgp 6 }
nsVrBgp4PathAttrEntry OBJECT-TYPE
SYNTAX NsVrBgp4PathAttrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a path to a network."
INDEX { nsVrBgp4PathAttrVRID,
nsVrBgp4PathAttrIpAddrPrefix,
nsVrBgp4PathAttrIpAddrPrefixLen,
nsVrBgp4PathAttrPeer }
::= { nsVrBgp4PathAttrTable 1 }
NsVrBgp4PathAttrEntry ::= SEQUENCE {
nsVrBgp4PathAttrPeer
IpAddress,
nsVrBgp4PathAttrIpAddrPrefixLen
INTEGER,
nsVrBgp4PathAttrIpAddrPrefix
IpAddress,
nsVrBgp4PathAttrOrigin
INTEGER,
nsVrBgp4PathAttrASPathSegment
OCTET STRING,
nsVrBgp4PathAttrNextHop
IpAddress,
nsVrBgp4PathAttrMultiExitDisc
INTEGER,
nsVrBgp4PathAttrLocalPref
INTEGER,
nsVrBgp4PathAttrAtomicAggregate
INTEGER,
nsVrBgp4PathAttrAggregatorAS
INTEGER,
nsVrBgp4PathAttrAggregatorAddr
IpAddress,
nsVrBgp4PathAttrCalcLocalPref
INTEGER,
nsVrBgp4PathAttrBest
INTEGER,
nsVrBgp4PathAttrUnknown
OCTET STRING,
nsVrBgp4PathAttrVRID
INTEGER
}
nsVrBgp4PathAttrPeer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the peer where the path
information was learned."
::= { nsVrBgp4PathAttrEntry 1 }
nsVrBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE
SYNTAX INTEGER (0..32)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Length in bits of the IP address prefix
in the Network Layer Reachability
Information field."
::= { nsVrBgp4PathAttrEntry 2 }
nsVrBgp4PathAttrIpAddrPrefix OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An IP address prefix in the Network Layer
Reachability Information field. This object
is an IP address containing the prefix with
length specified by
nsVrBgp4PathAttrIpAddrPrefixLen.
Any bits beyond the length specified by
nsVrBgp4PathAttrIpAddrPrefixLen are zeroed."
::= { nsVrBgp4PathAttrEntry 3 }
nsVrBgp4PathAttrOrigin OBJECT-TYPE
SYNTAX INTEGER {
igp(1),-- networks are interior
egp(2),-- networks learned
-- via EGP
incomplete(3) -- undetermined
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The ultimate origin of the path
information."
::= { nsVrBgp4PathAttrEntry 4 }
nsVrBgp4PathAttrASPathSegment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (2..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sequence of AS path segments. Each AS
path segment is represented by a triple
<type, length, value>.
The type is a 1-octet field which has two
possible values:
1 AS_SET: unordered set of ASs a
route in the UPDATE
message has traversed
2 AS_SEQUENCE: ordered set of ASs
a route in the UPDATE
message has traversed.
The length is a 1-octet field containing the
number of ASs in the value field.
The value field contains one or more AS
numbers, each AS is represented in the octet
string as a pair of octets according to the
following algorithm:
first-byte-of-pair = ASNumber / 256;
second-byte-of-pair = ASNumber & 255;"
::= { nsVrBgp4PathAttrEntry 5 }
nsVrBgp4PathAttrNextHop OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The address of the border router that
should be used for the destination
network."
::= { nsVrBgp4PathAttrEntry 6 }
nsVrBgp4PathAttrMultiExitDisc OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This metric is used to discriminate
between multiple exit points to an
adjacent autonomous system. A value of -1
indicates the absence of this attribute."
::= { nsVrBgp4PathAttrEntry 7 }
nsVrBgp4PathAttrLocalPref OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The originating BGP4 speaker's degree of
preference for an advertised route. A
value of -1 indicates the absence of this
attribute."
::= { nsVrBgp4PathAttrEntry 8 }
nsVrBgp4PathAttrAtomicAggregate OBJECT-TYPE
SYNTAX INTEGER {
lessSpecificRrouteNotSelected(1),
lessSpecificRouteSelected(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Whether or not the local system has
selected a less specific route without
selecting a more specific route."
::= { nsVrBgp4PathAttrEntry 9 }
nsVrBgp4PathAttrAggregatorAS OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The AS number of the last BGP4 speaker that
performed route aggregation. A value of
zero (0) indicates the absence of this
attribute."
::= { nsVrBgp4PathAttrEntry 10 }
nsVrBgp4PathAttrAggregatorAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the last BGP4 speaker
that performed route aggregation. A value
of 0.0.0.0 indicates the absence of this
attribute."
::= { nsVrBgp4PathAttrEntry 11 }
nsVrBgp4PathAttrCalcLocalPref OBJECT-TYPE
SYNTAX INTEGER (-1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The degree of preference calculated by the
receiving BGP4 speaker for an advertised
route. A value of -1 indicates the
absence of this attribute."
::= { nsVrBgp4PathAttrEntry 12 }
nsVrBgp4PathAttrBest OBJECT-TYPE
SYNTAX INTEGER {
false(1),-- not chosen as best route
true(2) -- chosen as best route
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An indication of whether or not this route
was chosen as the best BGP4 route."
::= { nsVrBgp4PathAttrEntry 13 }
nsVrBgp4PathAttrUnknown OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"One or more path attributes not understood
by this BGP4 speaker. Size zero (0)
indicates the absence of such
attribute(s). Octets beyond the maximum
size, if any, are not recorded by this
object."
::= { nsVrBgp4PathAttrEntry 14 }
nsVrBgp4PathAttrVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrBgp4PathAttrEntry 15 }
-- Traps.
nsVrBgpTraps OBJECT IDENTIFIER ::= { nsVrBgp 7 }
nsVrBgpEstablished NOTIFICATION-TYPE
OBJECTS { nsVrBgp4PathAttrVRID,
netscreenTrapType,
netscreenTrapDesc,
nsVrBgpPeerIdentifier,
nsVrBgpPeerLastError,
nsVrBgpPeerState }
STATUS current
DESCRIPTION
"The BGP Established event is generated when
the BGP FSM enters the ESTABLISHED state."
::= { nsVrBgpTraps 1 }
END

157
MIBS/screenos/NETSCREEN-VR-MIB Normal file
View File

@ -0,0 +1,157 @@
-- These MIBs were created on 1/9/2003
-- This module defines enterprise MIBs for virtual router
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VR-MIB DEFINITIONS ::= BEGIN
IMPORTS
OBJECT-TYPE
FROM SNMPv2-SMI
netscreenVR
FROM NETSCREEN-SMI;
netscreenVRMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor VR
info"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200109010000Z" -- September 1, 2003
DESCRIPTION
"Creation Date"
::= { netscreenVR 0 }
vrTable OBJECT-TYPE
SYNTAX SEQUENCE OF VrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"VR table. This table contains VR info."
::= { netscreenVR 1 }
vrEntry OBJECT-TYPE
SYNTAX VrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry containing information about the
BGP's Version, LocalAs and Identifier"
INDEX { vrId }
::= { vrTable 1 }
VrEntry ::= SEQUENCE {
vrName
OCTET STRING,
vrId
INTEGER,
vrVsysName
OCTET STRING,
vrRouteId
INTEGER,
vrMaxRoutes
INTEGER,
vrNumRoutes
INTEGER,
vrSharable
INTEGER,
vrOspfRipBgpEnabled
INTEGER,
vrTrapPrivate
INTEGER
}
vrName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Name of the VR."
::= { vrEntry 1 }
vrId OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Id for the VR. It will be used in all other
private MIBs so that cross reference can be made."
::= { vrEntry 2 }
vrVsysName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Id of the vsys which owns this VR."
::= { vrEntry 3 }
vrRouteId OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Router id, used by OSFP and BGP."
::= { vrEntry 4 }
vrMaxRoutes OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Maximum routes allowed for this VR."
::= { vrEntry 5 }
vrNumRoutes OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of routes currently the VR has."
::= { vrEntry 6 }
vrSharable OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The VR is sharable or not."
::= { vrEntry 7 }
vrOspfRipBgpEnabled OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Enable OSPF, RIP, BGP."
::= { vrEntry 8 }
vrTrapPrivate OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"0 private, 1 public. This only applies to
root system' default VR. If private trap is
enabled, a private trap is sent, otherwise,
the standard trap is sent. For other VRs, By
default, the public trap is supported."
::= { vrEntry 9 }
END

2410
MIBS/screenos/NETSCREEN-VR-OSPF-MIB Normal file
View File

File diff suppressed because it is too large Load Diff

567
MIBS/screenos/NETSCREEN-VR-RIPv2-MIB Normal file
View File

@ -0,0 +1,567 @@
-- These MIBs were created on 1/2/2003
-- This module defines enterprise MIBs for NS RIP
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
--
-- MODULE-IDENTITY
-- OrgName
-- Juniper Networks, Inc.
-- ContactInfo
-- Customer Support
--
-- 1194 North Mathilda Avenue
-- Sunnyvale, California 94089-1206
-- USA
--
-- Tel: 1-800-638-8296
-- E-mail: customerservice@juniper.net
-- HTTP://www.juniper.net"
--
-- Descr
-- This module defines the object that are used to monitor
-- NS's RIP configuration
--
-- Last modified date: 06/20/2005
-- Created from NS-RIP.MIB with modified VR table index
--
NETSCREEN-VR-RIPv2-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32,
TimeTicks, IpAddress FROM SNMPv2-SMI
TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
netscreenVR FROM NETSCREEN-SMI;
-- This MIB module uses the extended OBJECT-TYPE macro as
-- defined in [9].
nsVrRip2 MODULE-IDENTITY
LAST-UPDATED "200506202022Z" -- June 20, 2005
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"The MIB module to describe the RIP2 Version 2 Protocol"
::= { netscreenVR 7 }
-- RIP-2 Management Information Base
-- the RouteTag type represents the contents of the
-- Route Domain field in the packet header or route entry.
-- The use of the Route Domain is deprecated.
RouteTag ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"the RouteTag type represents the contents of the Route Domain
field in the packet header or route entry"
SYNTAX OCTET STRING (SIZE (2))
--4.1 Global Counters
-- The RIP-2 Globals Group.
-- Implementation of this group is mandatory for systems
-- which implement RIP-2.
-- These counters are intended to facilitate debugging quickly
-- changing routes or failing neighbors
-- nsVrRip2Globals OBJECT IDENTIFIER ::= { nsVrRip2 1 }
-- nsVrRip2GlobalRouteChanges OBJECT-TYPE
-- SYNTAX Counter32
-- MAX-ACCESS read-only
-- STATUS current
-- DESCRIPTION
-- "The number of route changes made to the IP Route
-- Database by RIP. This does not include the refresh
-- of a route's age."
-- ::= { nsVrRip2Globals 1 }
-- nsVrRip2GlobalQueries OBJECT-TYPE
-- SYNTAX Counter32
-- MAX-ACCESS read-only
-- STATUS current
-- DESCRIPTION
-- "The number of responses sent to RIP queries
-- from other systems."
-- ::= { nsVrRip2Globals 2 }
nsVrRip2GlobalsTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrRip2GlobalsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of RIP2 Globals per VR."
::= { nsVrRip2 1 }
nsVrRip2GlobalsEntry OBJECT-TYPE
SYNTAX NsVrRip2GlobalsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"One VR's Globals."
INDEX { nsVrRip2GlobalVRID }
::= { nsVrRip2GlobalsTable 1 }
NsVrRip2GlobalsEntry ::=
SEQUENCE {
nsVrRip2GlobalRouteChanges
Counter32,
nsVrRip2GlobalQueries
Counter32,
nsVrRip2GlobalVRID
INTEGER
}
nsVrRip2GlobalRouteChanges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of route changes made to the IP Route
Database by RIP. This does not include the refresh
of a route's age."
::= { nsVrRip2GlobalsEntry 1 }
nsVrRip2GlobalQueries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of responses sent to RIP queries
from other systems."
::= { nsVrRip2GlobalsEntry 2 }
nsVrRip2GlobalVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrRip2GlobalsEntry 3 }
--4.2 RIP Interface Tables
-- RIP Interfaces Groups
-- Implementation of these Groups is mandatory for systems
-- which implement RIP-2.
-- The RIP Interface Status Table.
nsVrRip2IfStatTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrRip2IfStatEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of subnets which require separate
status monitoring in RIP."
::= { nsVrRip2 2 }
nsVrRip2IfStatEntry OBJECT-TYPE
SYNTAX NsVrRip2IfStatEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A Single Routing Domain in a single Subnet."
INDEX { nsVrRip2IfStatVRID, nsVrRip2IfStatAddress }
::= { nsVrRip2IfStatTable 1 }
NsVrRip2IfStatEntry ::=
SEQUENCE {
nsVrRip2IfStatAddress
IpAddress,
nsVrRip2IfStatRcvBadPackets
Counter32,
nsVrRip2IfStatRcvBadRoutes
Counter32,
nsVrRip2IfStatSentUpdates
Counter32,
nsVrRip2IfStatStatus
RowStatus,
nsVrRip2IfStatVRID
INTEGER
}
nsVrRip2IfStatAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP Address of this system on the indicated
subnet. For unnumbered interfaces, the value 0.0.0.N,
where the least significant 24 bits (N) is the ifIndex
for the IP Interface in network byte order."
::= { nsVrRip2IfStatEntry 1 }
nsVrRip2IfStatRcvBadPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RIP response packets received by
the RIP process which were subsequently discarded
for any reason (e.g. a version 0 packet, or an
unknown command type)."
::= { nsVrRip2IfStatEntry 2 }
nsVrRip2IfStatRcvBadRoutes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of routes, in valid RIP packets,
which were ignored for any reason (e.g. unknown
address family, or invalid metric)."
::= { nsVrRip2IfStatEntry 3 }
nsVrRip2IfStatSentUpdates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of triggered RIP updates actually
sent on this interface. This explicitly does
NOT include full updates sent containing new
information."
::= { nsVrRip2IfStatEntry 4 }
nsVrRip2IfStatStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Writing invalid has the effect of deleting
this interface."
::= { nsVrRip2IfStatEntry 5 }
nsVrRip2IfStatVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrRip2IfStatEntry 6 }
-- The RIP Interface Configuration Table.
nsVrRip2IfConfTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrRip2IfConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of subnets which require separate
configuration in RIP."
::= { nsVrRip2 3 }
nsVrRip2IfConfEntry OBJECT-TYPE
SYNTAX NsVrRip2IfConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A Single Routing Domain in a single Subnet."
INDEX { nsVrRip2IfConfVRID, nsVrRip2IfConfAddress }
::= { nsVrRip2IfConfTable 1 }
NsVrRip2IfConfEntry ::=
SEQUENCE {
nsVrRip2IfConfAddress
IpAddress,
nsVrRip2IfConfDomain
RouteTag,
nsVrRip2IfConfAuthType
INTEGER,
nsVrRip2IfConfAuthKey
OCTET STRING,
nsVrRip2IfConfSend
INTEGER,
nsVrRip2IfConfReceive
INTEGER,
nsVrRip2IfConfDefaultMetric
INTEGER,
nsVrRip2IfConfStatus
RowStatus,
nsVrRip2IfConfSrcAddress
IpAddress,
nsVrRip2IfConfVRID
INTEGER
}
nsVrRip2IfConfAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP Address of this system on the indicated
subnet. For unnumbered interfaces, the value 0.0.0.N,
where the least significant 24 bits (N) is the ifIndex
for the IP Interface in network byte order."
::= { nsVrRip2IfConfEntry 1 }
nsVrRip2IfConfDomain OBJECT-TYPE
SYNTAX RouteTag
MAX-ACCESS read-create
STATUS obsolete
DESCRIPTION
"Value inserted into the Routing Domain field
of all RIP packets sent on this interface."
DEFVAL { '0000'H }
::= { nsVrRip2IfConfEntry 2 }
nsVrRip2IfConfAuthType OBJECT-TYPE
SYNTAX INTEGER {
noAuthentication (1),
simplePassword (2),
md5 (3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of Authentication used on this
interface."
DEFVAL { noAuthentication }
::= { nsVrRip2IfConfEntry 3 }
nsVrRip2IfConfAuthKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..16))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value to be used as the Authentication Key
whenever the corresponding instance of
nsVrRip2IfConfAuthType has a value other than
noAuthentication. A modification of the corresponding
instance of nsVrRip2IfConfAuthType does not modify
the nsVrRip2IfConfAuthKey value. If a string shorter
than 16 octets is supplied, it will be left-
justified and padded to 16 octets, on the right,
with nulls (0x00).
Reading this object always results in an OCTET
STRING of length zero; authentication may not
be bypassed by reading the MIB object."
DEFVAL { ''H }
::= { nsVrRip2IfConfEntry 4 }
nsVrRip2IfConfSend OBJECT-TYPE
SYNTAX INTEGER {
doNotSend (1),
ripVersion1 (2),
rip1Compatible (3),
ripVersion2 (4),
ripV1Demand (5),
ripV2Demand (6)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"What the router sends on this interface.
ripVersion1 implies sending RIP updates compliant
with RFC 1058. rip1Compatible implies
broadcasting RIP-2 updates using RFC 1058 route
subsumption rules. ripVersion2 implies
multicasting RIP-2 updates. ripV1Demand indicates
the use of Demand RIP on a WAN interface under RIP
Version 1 rules. ripV2Demand indicates the use of
Demand RIP on a WAN interface under Version 2 rules."
DEFVAL { rip1Compatible }
::= { nsVrRip2IfConfEntry 5 }
nsVrRip2IfConfReceive OBJECT-TYPE
SYNTAX INTEGER {
rip1 (1),
rip2 (2),
rip1OrRip2 (3),
doNotRecieve (4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This indicates which version of RIP updates
are to be accepted. Note that rip2 and
rip1OrRip2 implies reception of multicast
packets."
DEFVAL { rip1OrRip2 }
::= { nsVrRip2IfConfEntry 6 }
nsVrRip2IfConfDefaultMetric OBJECT-TYPE
SYNTAX INTEGER ( 0..15 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the metric that is to
be used for the default route entry in RIP updates
originated on this interface. A value of zero
indicates that no default route should be
originated; in this case, a default route via
another router may be propagated."
::= { nsVrRip2IfConfEntry 7 }
nsVrRip2IfConfStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Writing invalid has the effect of deleting
this interface."
::= { nsVrRip2IfConfEntry 8 }
nsVrRip2IfConfSrcAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP Address this system will use as a source
address on this interface. If it is a numbered
interface, this MUST be the same value as
nsVrRip2IfConfAddress. On unnumbered interfaces,
it must be the value of nsVrRip2IfConfAddress for
some interface on the system."
::= { nsVrRip2IfConfEntry 9 }
nsVrRip2IfConfVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrRip2IfConfEntry 10 }
--4.3 Peer Table
-- Peer Table
-- The RIP Peer Group
-- Implementation of this Group is Optional
-- This group provides information about active peer
-- relationships intended to assist in debugging. An
-- active peer is a router from which a valid RIP
-- updated has been heard in the last 180 seconds.
nsVrRip2PeerTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVrRip2PeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of RIP Peers."
::= { nsVrRip2 4 }
nsVrRip2PeerEntry OBJECT-TYPE
SYNTAX NsVrRip2PeerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information regarding a single routing peer."
INDEX { nsVrRip2PeerVRID, nsVrRip2PeerAddress, nsVrRip2PeerDomain }
::= { nsVrRip2PeerTable 1 }
NsVrRip2PeerEntry ::=
SEQUENCE {
nsVrRip2PeerAddress
IpAddress,
nsVrRip2PeerDomain
RouteTag,
nsVrRip2PeerLastUpdate
TimeTicks,
nsVrRip2PeerVersion
INTEGER,
nsVrRip2PeerRcvBadPackets
Counter32,
nsVrRip2PeerRcvBadRoutes
Counter32,
nsVrRip2PeerVRID
INTEGER
}
nsVrRip2PeerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP Address that the peer is using as its source
address. Note that on an unnumbered link, this may
not be a member of any subnet on the system."
::= { nsVrRip2PeerEntry 1 }
nsVrRip2PeerDomain OBJECT-TYPE
SYNTAX RouteTag
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value in the Routing Domain field in RIP
packets received from the peer. As domain suuport
is deprecated, this must be zero."
::= { nsVrRip2PeerEntry 2 }
nsVrRip2PeerLastUpdate OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the most recent
RIP update was received from this system."
::= { nsVrRip2PeerEntry 3 }
nsVrRip2PeerVersion OBJECT-TYPE
SYNTAX INTEGER ( 0..255 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The RIP version number in the header of the
last RIP packet received."
::= { nsVrRip2PeerEntry 4 }
nsVrRip2PeerRcvBadPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RIP response packets from this
peer discarded as invalid."
::= { nsVrRip2PeerEntry 5 }
nsVrRip2PeerRcvBadRoutes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of routes from this peer that were
ignored because the entry format was invalid."
::= { nsVrRip2PeerEntry 6 }
nsVrRip2PeerVRID OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Virtual Router ID. VRID range for system created
VRs: [1-1024] and for user created VRs: [1025-2048]"
::= { nsVrRip2PeerEntry 7 }
END

98
MIBS/screenos/NETSCREEN-VSYS-MIB Normal file
View File

@ -0,0 +1,98 @@
-- This module defines enterprise MIBs for Virtual Systems
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-VSYS-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenVsys
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenVsysMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are use to monitor all the
virtual systems"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200005080000Z" -- May 08, 2000
DESCRIPTION
"Creation Date"
::= { netscreenVsys 0 }
NsVsysCfgEntry ::= SEQUENCE
{
nsVsysCfgId Integer32,
nsVsysCfgName DisplayString
}
nsVsysCfg OBJECT IDENTIFIER ::= { netscreenVsys 1 }
nsVsysCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsVsysCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen-500, NetScreen-1000 and above series support virtual
system. This table collects the vsys configuration in NetScreen
device."
::= { nsVsysCfg 1 }
nsVsysCfgEntry OBJECT-TYPE
SYNTAX NsVsysCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the table holds a set of configuration
parameters associated with an instance of virtual system."
INDEX
{ nsVsysCfgId }
::= { nsVsysCfgTable 1 }
nsVsysCfgId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique ID for each virtual system."
::= { nsVsysCfgEntry 1 }
nsVsysCfgName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"virtual system name."
::= { nsVsysCfgEntry 2 }
END

122
MIBS/screenos/NETSCREEN-ZONE-MIB Normal file
View File

@ -0,0 +1,122 @@
-- This module defines enterprise MIBs for security zones
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
NETSCREEN-ZONE-MIB DEFINITIONS ::= BEGIN
IMPORTS
netscreenZone
FROM NETSCREEN-SMI
Integer32, MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
DisplayString
FROM SNMPv2-TC
;
netscreenZoneMibModule MODULE-IDENTITY
LAST-UPDATED "200405032022Z" -- May 03, 2004
ORGANIZATION
"Juniper Networks, Inc."
CONTACT-INFO
"Customer Support
1194 North Mathilda Avenue
Sunnyvale, California 94089-1206
USA
Tel: 1-800-638-8296
E-mail: customerservice@juniper.net
HTTP://www.juniper.net"
DESCRIPTION
"This module defines the object that are used to monitor all
the security zones"
REVISION "200405030000Z" -- May 03, 2004
DESCRIPTION
"Modified copyright and contact information"
REVISION "200403030000Z" -- March 03, 2004
DESCRIPTION
"Converted to SMIv2 by Longview Software"
REVISION "200311130000Z" -- November 13, 2003
DESCRIPTION
"Correct spelling mistake"
REVISION "200109280000Z" -- September 28, 2001
DESCRIPTION
"no comment"
REVISION "200005080000Z" -- May 08, 2000
DESCRIPTION
"Creation Date"
::= { netscreenZone 0 }
NsZoneCfgEntry ::= SEQUENCE
{
nsZoneCfgId Integer32,
nsZoneCfgName DisplayString,
nsZoneCfgType INTEGER,
nsZoneCfgVsys Integer32
}
nsZoneCfg OBJECT IDENTIFIER ::= { netscreenZone 1 }
nsZoneCfgTable OBJECT-TYPE
SYNTAX SEQUENCE OF NsZoneCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"NetScreen device can have lots of secure zone. This table
collects the zones exiting in NetScreen device."
::= { nsZoneCfg 1 }
nsZoneCfgEntry OBJECT-TYPE
SYNTAX NsZoneCfgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in the table holds a set of configuration
parameters associated with an instance of secure zone."
INDEX
{ nsZoneCfgId }
::= { nsZoneCfgTable 1 }
nsZoneCfgId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique value for zone table. Its value ranges between 1 and
65535 and may not be contiguous. the index has no other
meaning but a pure index"
::= { nsZoneCfgEntry 1 }
nsZoneCfgName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure zone name."
::= { nsZoneCfgEntry 2 }
nsZoneCfgType OBJECT-TYPE
SYNTAX INTEGER {
regular(0),
layer2(1),
tunnel(2),
null(3),
func(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Secure zone type. Regular is sec(L3) and layer2 is sec(L2) type"
::= { nsZoneCfgEntry 3 }
nsZoneCfgVsys OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"VSYS this security zone belongs to."
::= { nsZoneCfgEntry 4 }
END