809 lines
24 KiB
Plaintext
809 lines
24 KiB
Plaintext
-- =================================================================
|
|
-- Copyright (c) 2004-2015 New H3C Tech. Co., Ltd. All rights reserved.
|
|
--
|
|
-- Description: FC PSM(Fabric Port Security Management) MIB
|
|
-- Reference:
|
|
-- Version: V1.1
|
|
-- History:
|
|
-- V1.0 Initial version 2013-10-17
|
|
-- V1.1 Modified by Chen Yajun 2014-06-20
|
|
-- 2014-06-20 1.All "learnt" descriptions changed into "learned".
|
|
-- 2.Added the description of the value range for
|
|
-- hh3cFcPsmEnableVsanIndex.
|
|
-- 3.Added the description of read value of hh3cFcPsmClearIntf.
|
|
-- 4.Changed the syntax of hh3cFcPsmLoginTime from
|
|
-- "TimeStamp" into "DateAndTime".
|
|
--=================================================================
|
|
HH3C-FC-PSM-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Unsigned32, Counter32,
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
TEXTUAL-CONVENTION, RowStatus, TruthValue, DateAndTime
|
|
FROM SNMPv2-TC
|
|
InterfaceIndexOrZero, InterfaceIndex, ifDescr
|
|
FROM IF-MIB
|
|
hh3cSan
|
|
FROM HH3C-VSAN-MIB
|
|
Hh3cFcNameIdOrZero
|
|
FROM HH3C-FC-TC-MIB
|
|
;
|
|
|
|
-- ==================================================================
|
|
--
|
|
-- ======================= Definition Begin =========================
|
|
--
|
|
-- ==================================================================
|
|
|
|
hh3cFcPsm MODULE-IDENTITY
|
|
LAST-UPDATED "201310170000Z"
|
|
ORGANIZATION "New H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team New H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085"
|
|
DESCRIPTION
|
|
"This MIB contains the objects for FC port security."
|
|
REVISION "201310170000Z" -- October 17, 2013 at 09:30 GMT
|
|
DESCRIPTION
|
|
"HH3C-FC-PSM-MIB module is for managing the implementation of
|
|
FC port security."
|
|
::= { hh3cSan 8 }
|
|
|
|
|
|
-- =================================================================
|
|
-- Subtrees in the FC PSM MIB
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmNotifications OBJECT IDENTIFIER ::= { hh3cFcPsm 0 }
|
|
hh3cFcPsmObjects OBJECT IDENTIFIER ::= { hh3cFcPsm 1 }
|
|
|
|
hh3cFcPsmScalarObjects OBJECT IDENTIFIER ::= { hh3cFcPsmObjects 1 }
|
|
hh3cFcPsmConfiguration OBJECT IDENTIFIER ::= { hh3cFcPsmObjects 2 }
|
|
hh3cFcPsmStats OBJECT IDENTIFIER ::= { hh3cFcPsmObjects 3 }
|
|
|
|
|
|
-- =================================================================
|
|
-- Type definitions
|
|
-- =================================================================
|
|
|
|
Hh3cFcPsmPortBindDevType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The types of the instance of hh3cFcPsmLoginDev, including
|
|
nWWN(Node World Wide Name), pWWN(Port World Wide Name),
|
|
sWWN(Switch World Wide Name), and wildCard."
|
|
SYNTAX INTEGER
|
|
{
|
|
nWWN(1),
|
|
pWWN(2),
|
|
sWWN(3),
|
|
wildCard(4)
|
|
}
|
|
|
|
|
|
Hh3cFcPsmClearEntryType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object when set to clearStatic, results in port bind static
|
|
entries being cleared on this VSAN(Virtual Storage Area Networks).
|
|
This object when set to clearAutoLearn, results in port bind
|
|
auto-learned entries being cleared on this VSAN. This object when
|
|
set to clearAll, results in all of the port bind entries being
|
|
cleared on this VSAN. No action is taken if this object is set
|
|
to noop.
|
|
The value of this object when read is always noop."
|
|
SYNTAX INTEGER
|
|
{
|
|
clearStatic(1),
|
|
clearAutoLearn(2),
|
|
clearAll(3),
|
|
noop(4)
|
|
}
|
|
|
|
|
|
--
|
|
-- The hh3cFcPsmScalarObjects subtree
|
|
--
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Notification control object
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmNotifyEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether to generate the notification or not depends on the object."
|
|
DEFVAL { false }
|
|
::= { hh3cFcPsmScalarObjects 1 }
|
|
|
|
|
|
--
|
|
-- The hh3cFcPsmConfiguration subtree
|
|
--
|
|
-- Implementation of the hh3cFcPsmConfiguration subtree is for
|
|
-- the operation of FC port security.
|
|
--
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Enable Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmEnableTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable the port security feature on a specified VSAN."
|
|
::= { hh3cFcPsmConfiguration 1 }
|
|
|
|
hh3cFcPsmEnableEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the port security."
|
|
INDEX {
|
|
hh3cFcPsmEnableVsanIndex
|
|
}
|
|
::= { hh3cFcPsmEnableTable 1 }
|
|
|
|
Hh3cFcPsmEnableEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmEnableVsanIndex Unsigned32,
|
|
hh3cFcPsmEnable INTEGER,
|
|
hh3cFcPsmEnableState TruthValue
|
|
}
|
|
|
|
hh3cFcPsmEnableVsanIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4095)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ID of VSAN on this entry."
|
|
::= { hh3cFcPsmEnableEntry 1 }
|
|
|
|
|
|
hh3cFcPsmEnable OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
enableWithAutoLearn(2),
|
|
disable(3),
|
|
noop(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enable, the port security is on, the value of
|
|
hh3cFcPsmEnableState will be true.
|
|
When set to enableWithAutoLearn, the port security is on
|
|
with auto-learning, the value of hh3cFcPsmEnableState will
|
|
be true.
|
|
When set to disable, the port security is off, the value of
|
|
hh3cFcPsmEnableState will be false.
|
|
The noop means no action.
|
|
The value of this object when read is always noop."
|
|
DEFVAL { noop }
|
|
::= { hh3cFcPsmEnableEntry 2 }
|
|
|
|
|
|
hh3cFcPsmEnableState OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The state of the port security. When the value is true, it
|
|
means the port security is on, while the false means the port
|
|
security is off."
|
|
DEFVAL { false }
|
|
::= { hh3cFcPsmEnableEntry 3 }
|
|
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Config Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table that contains the configured entries."
|
|
::= { hh3cFcPsmConfiguration 2 }
|
|
|
|
|
|
hh3cFcPsmConfigEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about each configuration."
|
|
INDEX {
|
|
hh3cFcPsmEnableVsanIndex,
|
|
hh3cFcPsmIndex
|
|
}
|
|
::= { hh3cFcPsmConfigTable 1 }
|
|
|
|
|
|
Hh3cFcPsmConfigEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmIndex
|
|
Unsigned32,
|
|
hh3cFcPsmLoginDevType
|
|
Hh3cFcPsmPortBindDevType,
|
|
hh3cFcPsmLoginDev
|
|
Hh3cFcNameIdOrZero,
|
|
hh3cFcPsmLoginPoint
|
|
InterfaceIndexOrZero,
|
|
hh3cFcPsmRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
|
|
hh3cFcPsmIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..32768)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of this entry."
|
|
::= { hh3cFcPsmConfigEntry 1 }
|
|
|
|
|
|
hh3cFcPsmLoginDevType OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmPortBindDevType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This represents the type of the instance of hh3cFcPsmLoginDev,
|
|
which includes nWWN, pWWN, sWWN, and wildCard."
|
|
::= { hh3cFcPsmConfigEntry 2 }
|
|
|
|
|
|
hh3cFcPsmLoginDev OBJECT-TYPE
|
|
SYNTAX Hh3cFcNameIdOrZero
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The logging-in device name, which is decided by the
|
|
hh3cFcPsmLoginDevType object. It represents node
|
|
WWN when the value of hh3cFcPsmLoginDevType is nWWN.
|
|
It represents port WWN when the value of hh3cFcPsmLoginDevType
|
|
is pWWN. It represents switch WWN when the value of
|
|
hh3cFcPsmLoginDevType is sWWN. It represents any device
|
|
when the value of hh3cFcPsmLoginDevType is wildCard, and
|
|
the value of the instance of this object should be
|
|
zero-length string.
|
|
The value of this object should not be invalid when
|
|
hh3cFcPsmRowStatus is set to createAndGo or active."
|
|
::= { hh3cFcPsmConfigEntry 3 }
|
|
|
|
hh3cFcPsmLoginPoint OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the port on the local switch through which
|
|
the instance of hh3cFcPsmLoginDev can log in. It represents
|
|
ifindex when the value is not zero. It represents any port
|
|
when the value is zero."
|
|
::= { hh3cFcPsmConfigEntry 4 }
|
|
|
|
|
|
hh3cFcPsmRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Entry status. When creating a new instance of this table,
|
|
the following objects should be set simultaneously:
|
|
hh3cFcPsmLoginDevType, hh3cFcPsmLoginDev, hh3cFcPsmLoginPoint,
|
|
hh3cFcPsmRowStatus. If hh3cFcPsmLoginDevType is set to wildCard,
|
|
the value of the instance of hh3cFcPsmLoginDev should be
|
|
zero-length string. The value of hh3cFcPsmLoginDevType and
|
|
hh3cFcPsmLoginPoint cannot be set to wildCard and zero at
|
|
the same time."
|
|
::= { hh3cFcPsmConfigEntry 5 }
|
|
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Enforced Table
|
|
-- =================================================================
|
|
hh3cFcPsmEnfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmEnfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The FC port security enforced table. It contains not only the
|
|
configured policies, but also the learning ones learned by the
|
|
switch itself."
|
|
::= { hh3cFcPsmConfiguration 3 }
|
|
|
|
|
|
|
|
hh3cFcPsmEnfEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmEnfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the FC port security enforced policy."
|
|
INDEX {
|
|
hh3cFcPsmEnableVsanIndex,
|
|
hh3cFcPsmEnfIndex
|
|
}
|
|
::= { hh3cFcPsmEnfTable 1 }
|
|
|
|
|
|
Hh3cFcPsmEnfEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmEnfIndex
|
|
Unsigned32,
|
|
hh3cFcPsmEnfLoginDevType
|
|
Hh3cFcPsmPortBindDevType,
|
|
hh3cFcPsmEnfLoginDev
|
|
Hh3cFcNameIdOrZero,
|
|
hh3cFcPsmEnfLoginPoint
|
|
InterfaceIndexOrZero,
|
|
hh3cFcPsmEnfEntryType
|
|
INTEGER
|
|
}
|
|
|
|
|
|
hh3cFcPsmEnfIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..32768)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of this entry."
|
|
::= { hh3cFcPsmEnfEntry 1 }
|
|
|
|
|
|
hh3cFcPsmEnfLoginDevType OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmPortBindDevType
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This represents the type of the instance of hh3cFcPsmEnfLoginDev,
|
|
which includes nWWN, pWWN, sWWN, and wildCard."
|
|
::= { hh3cFcPsmEnfEntry 2 }
|
|
|
|
|
|
hh3cFcPsmEnfLoginDev OBJECT-TYPE
|
|
SYNTAX Hh3cFcNameIdOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The logging-in device name, which is decided by the
|
|
hh3cFcPsmEnfLoginDevType object. It represents node WWN
|
|
when the value of hh3cFcPsmEnfLoginDevType is nWWN. It
|
|
represents port WWN when the value of hh3cFcPsmEnfLoginDevType
|
|
is pWWN. It represents switch WWN when the value of
|
|
hh3cFcPsmEnfLoginDevType is sWWN. It represents any device when
|
|
the value of hh3cFcPsmEnfLoginDevType is wildCard, and the value
|
|
of the instance of this object should be zero-length string."
|
|
::= { hh3cFcPsmEnfEntry 3 }
|
|
|
|
|
|
hh3cFcPsmEnfLoginPoint OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the port on the local switch through which
|
|
the instance of hh3cFcPsmEnfLoginDev can log in. It represents
|
|
ifindex when the value is not zero. It represents any port
|
|
when the value is zero."
|
|
::= { hh3cFcPsmEnfEntry 4 }
|
|
|
|
|
|
hh3cFcPsmEnfEntryType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
learning(1),
|
|
learned(2),
|
|
static(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When the value is learning, it represents the entry is learned
|
|
by the switch itself temporarily and will be deleted when the
|
|
device log out. When the value is learned, it represents the
|
|
entry is learned by the switch permanently. When the value is
|
|
static, it represents the entry is configured."
|
|
::= { hh3cFcPsmEnfEntry 5 }
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Copy To Config Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmCopyToConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmCopyToConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies whether to copy the entries from enforced table
|
|
to the ones on configured table."
|
|
::= { hh3cFcPsmConfiguration 4 }
|
|
|
|
|
|
hh3cFcPsmCopyToConfigEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmCopyToConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the operation."
|
|
INDEX {
|
|
hh3cFcPsmEnableVsanIndex
|
|
}
|
|
::= { hh3cFcPsmCopyToConfigTable 1 }
|
|
|
|
|
|
Hh3cFcPsmCopyToConfigEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmCopyToConfig
|
|
INTEGER
|
|
}
|
|
|
|
|
|
hh3cFcPsmCopyToConfig OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
copy(1),
|
|
noop(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When the object is set to copy, the learned entries will be
|
|
copied on to the configured table on this VSAN, while the noop
|
|
means no operation.
|
|
The value of this object when read is always noop."
|
|
DEFVAL { noop }
|
|
::= { hh3cFcPsmCopyToConfigEntry 1 }
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Auto Learn Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmAutoLearnTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmAutoLearnEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table shows whether the auto-learning is enabled or
|
|
not on specific VSANs."
|
|
::= { hh3cFcPsmConfiguration 5 }
|
|
|
|
|
|
hh3cFcPsmAutoLearnEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmAutoLearnEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the auto-learning."
|
|
INDEX { hh3cFcPsmEnableVsanIndex }
|
|
::= { hh3cFcPsmAutoLearnTable 1 }
|
|
|
|
|
|
Hh3cFcPsmAutoLearnEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmAutoLearnEnable
|
|
TruthValue
|
|
}
|
|
|
|
|
|
|
|
hh3cFcPsmAutoLearnEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is set to true to enable, or false to disable
|
|
auto-learning on the local switch. When set to true, the
|
|
switch can learn the devices that have already logged in
|
|
as learning entries on the enforced table, while the false
|
|
can stop the learning operation with the learning entries
|
|
transformed to learned ones."
|
|
DEFVAL { false }
|
|
::= { hh3cFcPsmAutoLearnEntry 1 }
|
|
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Clear Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmClearTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table is used for cleaning specific entries in enforced table."
|
|
::= { hh3cFcPsmConfiguration 6 }
|
|
|
|
|
|
hh3cFcPsmClearEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the cleaning options."
|
|
INDEX { hh3cFcPsmEnableVsanIndex }
|
|
::= { hh3cFcPsmClearTable 1 }
|
|
|
|
|
|
Hh3cFcPsmClearEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmClearType
|
|
Hh3cFcPsmClearEntryType,
|
|
hh3cFcPsmClearIntf
|
|
InterfaceIndexOrZero
|
|
}
|
|
|
|
|
|
hh3cFcPsmClearType OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmClearEntryType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object when set to clearStatic, results in port bind
|
|
static entries being cleared on this VSAN. This object when
|
|
set to clearAutoLearn, results in auto-learned entries being
|
|
cleared on this VSAN. This object when set to clearAll,
|
|
results in all of the port bind entries being cleared on
|
|
this VSAN. No action is taken if this object is set to noop.
|
|
The value of this object when read is always noop."
|
|
DEFVAL { noop }
|
|
::= { hh3cFcPsmClearEntry 1 }
|
|
|
|
|
|
hh3cFcPsmClearIntf OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object specifies the interface on which the entries will be
|
|
cleared. If the object is zero or not set, it means the specified
|
|
entries on all interfaces will be cleared.
|
|
The value of this object when read is always zero."
|
|
::= { hh3cFcPsmClearEntry 2 }
|
|
|
|
|
|
--
|
|
-- The hh3cFcPsmStats subtree
|
|
--
|
|
-- Implementation of the hh3cFcPsmStats subtree is for
|
|
-- the show of statistics about FC port security.
|
|
--
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Stats Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains statistics of devices, which had been
|
|
allowed or denied to log into the switch."
|
|
::= { hh3cFcPsmStats 1 }
|
|
|
|
|
|
hh3cFcPsmStatsEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the statistics."
|
|
INDEX { hh3cFcPsmEnableVsanIndex }
|
|
::= { hh3cFcPsmStatsTable 1 }
|
|
|
|
|
|
Hh3cFcPsmStatsEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmAllowedLogins
|
|
Counter32,
|
|
hh3cFcPsmDeniedLogins
|
|
Counter32,
|
|
hh3cFcPsmStatsClear
|
|
INTEGER
|
|
}
|
|
|
|
|
|
|
|
hh3cFcPsmAllowedLogins OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of requests that have been allowed on the
|
|
specified VSAN."
|
|
::= { hh3cFcPsmStatsEntry 1 }
|
|
|
|
|
|
hh3cFcPsmDeniedLogins OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of requests that have been denied on the
|
|
specified VSAN."
|
|
::= { hh3cFcPsmStatsEntry 2 }
|
|
|
|
|
|
hh3cFcPsmStatsClear OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
clear(1),
|
|
noop(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The statistics on this VSAN will be cleared if this object
|
|
is set to clear. No action is taken if this object is
|
|
set to noop.
|
|
The value of this object when read is always noop."
|
|
DEFVAL { noop }
|
|
::= { hh3cFcPsmStatsEntry 3 }
|
|
|
|
|
|
-- =================================================================
|
|
-- The FC Port Security Management Violation Table
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmViolationTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cFcPsmViolationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table maintains the information about the violations happened,
|
|
containing at most 1024 items.
|
|
When the number exceeds 1024, the earliest item will be over-written."
|
|
::= { hh3cFcPsmStats 2 }
|
|
|
|
|
|
hh3cFcPsmViolationEntry OBJECT-TYPE
|
|
SYNTAX Hh3cFcPsmViolationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Detailed information about the violation."
|
|
INDEX {
|
|
hh3cFcPsmEnableVsanIndex,
|
|
hh3cFcPsmViolationIndex
|
|
}
|
|
::= { hh3cFcPsmViolationTable 1 }
|
|
|
|
|
|
Hh3cFcPsmViolationEntry ::=
|
|
SEQUENCE {
|
|
hh3cFcPsmViolationIndex
|
|
Unsigned32,
|
|
hh3cFcPsmLoginPWWN
|
|
Hh3cFcNameIdOrZero,
|
|
hh3cFcPsmLoginNWWN
|
|
Hh3cFcNameIdOrZero,
|
|
hh3cFcPsmLoginSWWN
|
|
Hh3cFcNameIdOrZero,
|
|
hh3cFcPsmLoginIntf
|
|
InterfaceIndex,
|
|
hh3cFcPsmLoginTime
|
|
DateAndTime,
|
|
hh3cFcPsmLoginCount
|
|
Counter32
|
|
}
|
|
|
|
|
|
hh3cFcPsmViolationIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..1024)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of this entry. The entry is uniquely distinguished by WWN,
|
|
WWN type and ifindex where the login was denied."
|
|
::= { hh3cFcPsmViolationEntry 1 }
|
|
|
|
|
|
hh3cFcPsmLoginPWWN OBJECT-TYPE
|
|
SYNTAX Hh3cFcNameIdOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The pWWN of the device whose FLOGI(Fabric Login) request had
|
|
been denied. If the device is an n-node, the value of the instance
|
|
of hh3cFcPsmLoginSWWN should be zero-length string."
|
|
::= { hh3cFcPsmViolationEntry 2 }
|
|
|
|
|
|
hh3cFcPsmLoginNWWN OBJECT-TYPE
|
|
SYNTAX Hh3cFcNameIdOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The nWWN of the device whose FLOGI request had been denied.
|
|
If the device is an n-node, the value of the instance of
|
|
hh3cFcPsmLoginSWWN should be zero-length string."
|
|
::= { hh3cFcPsmViolationEntry 3 }
|
|
|
|
|
|
hh3cFcPsmLoginSWWN OBJECT-TYPE
|
|
SYNTAX Hh3cFcNameIdOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sWWN of the device whose FLOGI request had been denied.
|
|
If the device is a switch, the values of the instance of
|
|
hh3cFcPsmLoginPWWN and hh3cFcPsmLoginNWWN should be zero-length
|
|
string."
|
|
::= { hh3cFcPsmViolationEntry 4 }
|
|
|
|
hh3cFcPsmLoginIntf OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ifindex of the port where the login was denied."
|
|
::= { hh3cFcPsmViolationEntry 5 }
|
|
|
|
|
|
hh3cFcPsmLoginTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the date and time when the last denied login
|
|
happened."
|
|
::= { hh3cFcPsmViolationEntry 6 }
|
|
|
|
|
|
hh3cFcPsmLoginCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times for a certain nWWN/pWWN or sWWN had
|
|
been denied to log into an interface of the local device."
|
|
::= { hh3cFcPsmViolationEntry 7 }
|
|
|
|
-- =================================================================
|
|
-- Notifications
|
|
-- =================================================================
|
|
|
|
hh3cFcPsmFPortDenyNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
ifDescr,
|
|
hh3cFcPsmLoginPWWN,
|
|
hh3cFcPsmLoginIntf,
|
|
hh3cFcPsmLoginTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Notifies that a FLOGI is denied on an F port of the local device."
|
|
::= { hh3cFcPsmNotifications 1 }
|
|
|
|
|
|
hh3cFcPsmEPortDenyNotify NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
ifDescr,
|
|
hh3cFcPsmLoginSWWN,
|
|
hh3cFcPsmLoginIntf,
|
|
hh3cFcPsmLoginTime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Notifies that a switch is denied on an E port of the local device."
|
|
::= { hh3cFcPsmNotifications 2 }
|
|
|
|
END
|