1085 lines
30 KiB
Plaintext
1085 lines
30 KiB
Plaintext
-- ==================================================================================
|
|
-- Copyright (C) 2002 New H3C Tech. Co., Ltd. All rights reserved.
|
|
--
|
|
-- Description: This file describes the MIB implementation of ndec
|
|
-- Reference:
|
|
-- Version: V1.6
|
|
-- History:
|
|
-- for V1.0
|
|
-- Add MODULE-IDENTITY to mib
|
|
-- V1.1 2004-9-9 lizhiyong
|
|
-- add hh3chipsNDECSAListTable,hh3chikeSATable,hh3chipsIKEPolicyTable,
|
|
-- hh3chipsStaticCryptomapTable,hh3chipsTransformNameSetTable,hh3chipsNDECLeaf,
|
|
-- modify hh3chipsNDECInfoTable,
|
|
-- V1.2 2004-9-14 lizhiyong
|
|
-- delete useless comments
|
|
-- modify the SYNTAX type of hh3chipsInPac,hh3chipsOutPac,hh3chipsInByte,hh3chipsOutByte
|
|
-- and hh3chipsDropPac from Gauge to Counter32.
|
|
-- delete the underscore character "_" which is note compliant with ASN.1
|
|
-- modify the whole file with SMIv2.
|
|
-- V1.3 2004-10-12 updated by gaolong
|
|
-- Remove variable value range from table SEQUENCE definition.
|
|
-- V1.4 2004-10-21 lizhiyong
|
|
-- modify hh3chipsStaticCryptomapMatchAddr range from 1..199 to 1..100000.
|
|
-- update the description of hh3chipsNDECBackup node
|
|
-- V1.5 2004-11-26 updated by gaolong
|
|
-- File description updated
|
|
-- V1.6 2007-1-29 updated by liukan
|
|
-- Add a new value ealgXNsa in hh3chipsEncAlgorithm type.
|
|
-- ===================================================================================
|
|
HH3C-NDEC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
IpAddress, Counter32, Gauge32, Integer32 ,Unsigned32 ,NOTIFICATION-TYPE,MODULE-IDENTITY,OBJECT-TYPE
|
|
FROM SNMPv2-SMI
|
|
DisplayString, TruthValue
|
|
FROM SNMPv2-TC
|
|
hh3cmlsr
|
|
FROM HH3C-OID-MIB;
|
|
|
|
-- HH3C-NDEC-MIB definition
|
|
|
|
|
|
hh3cNDEC MODULE-IDENTITY
|
|
LAST-UPDATED "200409150000Z" -- August 15, 2004 GMT
|
|
ORGANIZATION
|
|
"New H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team New H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"This MIB contains objects to manage the NDEC device.
|
|
"
|
|
REVISION "200409151052Z" -- August 15, 2004 at 10:52 GMT
|
|
DESCRIPTION
|
|
"The initial version of this MIB module"
|
|
::= { hh3cmlsr 2 }
|
|
|
|
--transform Set authentication/encryption method
|
|
|
|
|
|
hh3chipsNDECSAListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHipsNDECSAListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing the list of all
|
|
SA entries configured on NDEC by the operator."
|
|
::= { hh3cNDEC 1 }
|
|
|
|
hh3chipsNDECSAListEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHipsNDECSAListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the attributes
|
|
associated with a single NDEC'S SA entry."
|
|
INDEX { hh3chipsPeerIpAddr, hh3chipsProtocol, hh3chipsSPI }
|
|
::= { hh3chipsNDECSAListTable 1 }
|
|
|
|
Hh3cHipsNDECSAListEntry ::= SEQUENCE {
|
|
hh3chipsPeerIpAddr IpAddress,
|
|
hh3chipsProtocol INTEGER,
|
|
hh3chipsSPI Gauge32,
|
|
hh3chipsEncAlgorithm INTEGER,
|
|
hh3chipsAuthAlgorithm INTEGER,
|
|
hh3chipsLocalIpAddr IpAddress,
|
|
hh3chipsSaLifeKBytes Gauge32,
|
|
hh3chipsSaLifeSecond Gauge32,
|
|
hh3chipsByCard TruthValue,
|
|
hh3chipsNegotiateSaMode INTEGER,
|
|
hh3chipsExpBytes Gauge32,
|
|
hh3chipsSoftBytes Gauge32,
|
|
hh3chipsExpTimeout Gauge32,
|
|
hh3chipsSoftTimeout Gauge32
|
|
}
|
|
|
|
|
|
hh3chipsPeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer IP address of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 1 }
|
|
|
|
hh3chipsProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ipsecEsp(50),
|
|
ipsecAh(51)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Protocol of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 2 }
|
|
|
|
hh3chipsSPI OBJECT-TYPE
|
|
SYNTAX Gauge32(256..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The SPI of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 3 }
|
|
|
|
hh3chipsEncAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ealgNone(1),
|
|
ealgDescbc(2),
|
|
ealg3desCbc(3),
|
|
ealgXBlf(4),
|
|
ealgXCast(5),
|
|
ealgXSkipjack(6),
|
|
ealgXAes(7),
|
|
ealgXQc5(8),
|
|
ealgXNsa(9)
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encrypt algorithm of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 4 }
|
|
|
|
hh3chipsAuthAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication algorithm of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 5 }
|
|
|
|
hh3chipsLocalIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The local IP address of this SA entry.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 6 }
|
|
|
|
hh3chipsSaLifeKBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lifetime of this SA entry in bytes.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 7 }
|
|
|
|
hh3chipsSaLifeSecond OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lifetime of this SA entry in seconds.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 8 }
|
|
|
|
hh3chipsByCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of this SA on NDEC or not.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 9 }
|
|
|
|
|
|
hh3chipsNegotiateSaMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
isakmp(2),
|
|
manual(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of key used by the IPSec Phase-2 Tunnel.
|
|
"
|
|
::= { hh3chipsNDECSAListEntry 10 }
|
|
|
|
hh3chipsExpBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in bytes
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hh3chipsNDECSAListEntry 11 }
|
|
|
|
hh3chipsSoftBytes OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in bytes
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hh3chipsNDECSAListEntry 12 }
|
|
|
|
hh3chipsExpTimeout OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in seconds
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hh3chipsNDECSAListEntry 13 }
|
|
|
|
hh3chipsSoftTimeout OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the lifetime in seconds
|
|
of the tunnels generated using this
|
|
policy specification."
|
|
::= { hh3chipsNDECSAListEntry 14 }
|
|
|
|
|
|
hh3chikeSATable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHikeSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing IKE SA entities
|
|
configured on NDEC by the operator.
|
|
"
|
|
|
|
::= { hh3cNDEC 2 }
|
|
|
|
hh3chikeSAEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHikeSAEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains the attributes
|
|
associated with a single IKE SA entity."
|
|
INDEX { hh3chikeConnId }
|
|
::= { hh3chikeSATable 1 }
|
|
|
|
Hh3cHikeSAEntry ::= SEQUENCE {
|
|
hh3chikeConnId Integer32,
|
|
hh3chikePeerIpAddr IpAddress,
|
|
hh3chikeFlag DisplayString,
|
|
hh3chikePhase INTEGER,
|
|
hh3chikeDoi INTEGER,
|
|
hh3chikeClearSA TruthValue
|
|
}
|
|
|
|
hh3chikeConnId OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of IKE SA connection."
|
|
::= { hh3chikeSAEntry 1 }
|
|
|
|
hh3chikePeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer IP address of this IKE SA.
|
|
"
|
|
::= { hh3chikeSAEntry 2 }
|
|
|
|
hh3chikeFlag OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this IKE SA.
|
|
"
|
|
::= { hh3chikeSAEntry 3 }
|
|
|
|
hh3chikePhase OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
unkown(1),
|
|
phase1(2),
|
|
phase2(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The phase of this IKE SA.
|
|
"
|
|
::= { hh3chikeSAEntry 4 }
|
|
|
|
hh3chikeDoi OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
unkown(1),
|
|
ipsec(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The domain of this IKE SA
|
|
"
|
|
::= { hh3chikeSAEntry 5 }
|
|
|
|
hh3chikeClearSA OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Clear this IKE SA or not.
|
|
"
|
|
::= { hh3chikeSAEntry 6 }
|
|
|
|
|
|
hh3chipsIKEPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHipsIKEPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"List of all ISAKMP policy entries."
|
|
::= { hh3cNDEC 3 }
|
|
|
|
hh3chipsIKEPolicyEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHipsIKEPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry includes the properties of a ISAKMP Policy entry."
|
|
INDEX { hh3chipsIsakmpPolPriority }
|
|
::= { hh3chipsIKEPolicyTable 1 }
|
|
|
|
Hh3cHipsIKEPolicyEntry ::= SEQUENCE {
|
|
hh3chipsIsakmpPolPriority Integer32,
|
|
hh3chipsIsakmpPolEncr INTEGER,
|
|
hh3chipsIsakmpPolHash INTEGER,
|
|
hh3chipsIsakmpPolAuth INTEGER,
|
|
hh3chipsIsakmpPolGroup INTEGER,
|
|
hh3chipsIsakmpPolLifetime Gauge32
|
|
}
|
|
|
|
hh3chipsIsakmpPolPriority OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ISAKMP Policy entry's priority."
|
|
::= { hh3chipsIKEPolicyEntry 1 }
|
|
|
|
hh3chipsIsakmpPolEncr OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeEncryptNone(1),
|
|
ikeEncryptDesCbc(2),
|
|
ikeEncryptIdeaCbc(3),
|
|
ikeEncryptBlowfishcbc(4),
|
|
ikeEncryptRc5R16B64cbc(5),
|
|
ikeEncrypt3DesCbc(6),
|
|
ikeEncryptCastCbc(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified encryption transform. It is used by
|
|
Internet Key Exchange(IKE) tunnels to protect the ISAKMP
|
|
PDUs."
|
|
::= { hh3chipsIKEPolicyEntry 2 }
|
|
|
|
hh3chipsIsakmpPolHash OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeHashNone(1),
|
|
ikeHashMd5(2),
|
|
ikeHashSha(3),
|
|
ikeHashTiger(4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified hash transform. It is used by
|
|
Internet Key Exchange(IKE) tunnels to protect the ISAKMP
|
|
PDUs."
|
|
::= { hh3chipsIKEPolicyEntry 3 }
|
|
|
|
hh3chipsIsakmpPolAuth OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ikeAuthPreNone(1),
|
|
ikeAuthPreShared(2) ,
|
|
ikeAuthDss(3),
|
|
ikeAuthRsaSig(4),
|
|
ikeAuthRsaEnc(5),
|
|
ikeAuthRsaEncRev(6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified peer authentication method.
|
|
The local entity would authenticate the peer using
|
|
the method specified by this object when this policy
|
|
entity is selected to negotiate with a peer."
|
|
::= { hh3chipsIKEPolicyEntry 4 }
|
|
|
|
hh3chipsIsakmpPolGroup OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
dhGroup1(2),
|
|
dhGroup2(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the Oakley group
|
|
which is used for Diffie Hellman exchange in the
|
|
Main Mode.
|
|
The local entity selects the group specified by
|
|
this object to perform Diffie Hellman exchange with
|
|
the peer when this policy item is chosen to negotiate
|
|
the Main Mode with an IKE peer."
|
|
::= { hh3chipsIKEPolicyEntry 5 }
|
|
|
|
hh3chipsIsakmpPolLifetime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the lifetime of the IKE tunnels in seconds."
|
|
::= { hh3chipsIKEPolicyEntry 6 }
|
|
|
|
|
|
hh3chipsStaticCryptomapTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHipsStaticCryptomapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table includes the list of the member cryptomaps
|
|
of the cryptomap sets which are set on the specific entity."
|
|
::= { hh3cNDEC 4 }
|
|
|
|
hh3chipsStaticCryptomapEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHipsStaticCryptomapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains properites of a single static cryptomap entry.
|
|
The members of dynamic cryptomap sets, which may be linked with the
|
|
parent static cryptomap set, are not included in this table."
|
|
INDEX { hh3chipsStaticCryptomapName,hh3chipsStaticCryptomapSN }
|
|
::= { hh3chipsStaticCryptomapTable 1 }
|
|
|
|
Hh3cHipsStaticCryptomapEntry ::= SEQUENCE {
|
|
hh3chipsStaticCryptomapName DisplayString,
|
|
hh3chipsStaticCryptomapSN Integer32,
|
|
hh3chipsStaticCryptomapNegMode INTEGER,
|
|
hh3chipsStaticCryptomapMatchAddr INTEGER,
|
|
hh3chipsStaticCryptomapPeerIpAddr IpAddress,
|
|
hh3chipsStaticCryptomapTransforName DisplayString,
|
|
hh3chipsStaticCryptomapLifetime Gauge32,
|
|
hh3chipsStaticCryptomapLifesize Gauge32,
|
|
hh3chipsStaticCryptomapLocalIpAddr IpAddress,
|
|
hh3chipsIfNameUsed DisplayString,
|
|
hh3chipsInAHSPI Gauge32,
|
|
hh3chipsInESPSPI Gauge32,
|
|
hh3chipsOutAHSPI Gauge32,
|
|
hh3chipsOutESPSPI Gauge32,
|
|
hh3chipsInAhHexKeyString DisplayString,
|
|
hh3chipsInEspCipherHexKeyString DisplayString,
|
|
hh3chipsInEspAuthenHexKeyString DisplayString,
|
|
hh3chipsInAhStringKeyString DisplayString,
|
|
hh3chipsInEspStringKeyString DisplayString,
|
|
hh3chipsOutAhHexKeyString DisplayString,
|
|
hh3chipsOutEspCipherHexKeyString DisplayString,
|
|
hh3chipsOutEspAuthenHexKeyString DisplayString,
|
|
hh3chipsOutAhStringKeyString DisplayString,
|
|
hh3chipsOutEspStringKeyString DisplayString
|
|
}
|
|
|
|
|
|
|
|
hh3chipsStaticCryptomapName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the cryptomap entry in the
|
|
cryptomap set. This is the first index
|
|
component of this table."
|
|
::= { hh3chipsStaticCryptomapEntry 1 }
|
|
|
|
hh3chipsStaticCryptomapSN OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sequence number of the cryptomap entry in the
|
|
cryptomap set. This is the second index component
|
|
of this table."
|
|
::= { hh3chipsStaticCryptomapEntry 2 }
|
|
|
|
hh3chipsStaticCryptomapNegMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1),
|
|
isakmp(2),
|
|
manual(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Type of the cryptomap entry. This object may be an ISAKMP
|
|
cryptomap or manual."
|
|
::= { hh3chipsStaticCryptomapEntry 3 }
|
|
|
|
hh3chipsStaticCryptomapMatchAddr OBJECT-TYPE
|
|
SYNTAX INTEGER(1..100000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The access list number entered by the operatoir
|
|
while creating this cryptomap. "
|
|
::= { hh3chipsStaticCryptomapEntry 4 }
|
|
|
|
hh3chipsStaticCryptomapPeerIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of the current peer. Traffic protected by
|
|
this cryptomap is protected by a tunnel terminating
|
|
at the device whose IP address is the value of this object."
|
|
::= { hh3chipsStaticCryptomapEntry 5 }
|
|
|
|
hh3chipsStaticCryptomapTransforName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The transform associated with this cryptomap entry."
|
|
::= { hh3chipsStaticCryptomapEntry 6 }
|
|
|
|
hh3chipsStaticCryptomapLifetime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the lifetime of the IPSec SA which is
|
|
created using this IPSec policy entry."
|
|
::= { hh3chipsStaticCryptomapEntry 7 }
|
|
|
|
hh3chipsStaticCryptomapLifesize OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the lifesize of the IPSec SAs
|
|
generated using this IPSec policy entry.
|
|
Lifesize means maximum traffic in bytes that may be carried.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 8 }
|
|
|
|
hh3chipsStaticCryptomapLocalIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object is the local IP address of the
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 9 }
|
|
|
|
|
|
hh3chipsIfNameUsed OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the name of the
|
|
interface which uses this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 10 }
|
|
|
|
|
|
hh3chipsInAHSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound AH SPI
|
|
IPSec SAs generated using this IPSec policy entry."
|
|
::= { hh3chipsStaticCryptomapEntry 11 }
|
|
|
|
hh3chipsInESPSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 12 }
|
|
|
|
hh3chipsOutAHSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 13 }
|
|
|
|
hh3chipsOutESPSPI OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP SPI
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 14 }
|
|
|
|
hh3chipsInAhHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The AH authentication key is in hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 15 }
|
|
|
|
hh3chipsInEspCipherHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The ESP authentication key is hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 16 }
|
|
|
|
hh3chipsInEspAuthenHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The ESP authentication key is hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 17 }
|
|
|
|
|
|
hh3chipsInAhStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 18 }
|
|
hh3chipsInEspStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the inbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 19 }
|
|
hh3chipsOutAhHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 20 }
|
|
hh3chipsOutEspCipherHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 21 }
|
|
hh3chipsOutEspAuthenHexKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in hex.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 22 }
|
|
hh3chipsOutAhStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound AH authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 23 }
|
|
|
|
hh3chipsOutEspStringKeyString OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the outbound ESP authentication key
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
The key is in string.
|
|
"
|
|
::= { hh3chipsStaticCryptomapEntry 24 }
|
|
|
|
|
|
hh3chipsTransformNameSetTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHipsTransformNameSetEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Transform set table."
|
|
::= { hh3cNDEC 5 }
|
|
|
|
hh3chipsTransformNameSetEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHipsTransformNameSetEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry refers to properties of a transform."
|
|
INDEX { hh3chipsTransformName }
|
|
::= { hh3chipsTransformNameSetTable 1 }
|
|
|
|
Hh3cHipsTransformNameSetEntry ::= SEQUENCE {
|
|
hh3chipsTransformName DisplayString,
|
|
hh3chipsTransformMode INTEGER,
|
|
hh3chipsTransformProtocol INTEGER,
|
|
hh3chipsAH INTEGER,
|
|
hh3chipsEespEn INTEGER,
|
|
hh3chipsEspAu INTEGER,
|
|
hh3chipsIsCardTransform TruthValue
|
|
}
|
|
|
|
|
|
hh3chipsTransformName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of the transform entry."
|
|
::= { hh3chipsTransformNameSetEntry 1 }
|
|
|
|
hh3chipsTransformMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
tunnel(1),
|
|
transport(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mode of the transform entry."
|
|
::= { hh3chipsTransformNameSetEntry 2 }
|
|
|
|
hh3chipsTransformProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ipsecNone(1),
|
|
ipsecAhNew(2),
|
|
ipsecAhEspNew(3),
|
|
ipsecAhEspOld(4),
|
|
ipsecAhOld(5),
|
|
ipsecEspNew(6),
|
|
ipsecEspAhNew(7),
|
|
ipsecEspAhOld(8),
|
|
ipsecEspOld(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Transform protocol."
|
|
::= { hh3chipsTransformNameSetEntry 3 }
|
|
|
|
hh3chipsAH OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Algorithm of AH protocol."
|
|
::= { hh3chipsTransformNameSetEntry 4 }
|
|
|
|
|
|
hh3chipsEespEn OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ealgNone(1),
|
|
ealgDescbc(2),
|
|
ealg3desCbc(3),
|
|
ealgXBlf(4),
|
|
ealgXCast(5),
|
|
ealgXSkipjack(6),
|
|
ealgXAes(7),
|
|
ealgXQc5(8)
|
|
}
|
|
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Encryption algorithm of ESP protocol."
|
|
::= { hh3chipsTransformNameSetEntry 5 }
|
|
|
|
hh3chipsEspAu OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aalgNone(1),
|
|
aalgMd5Hmac(2),
|
|
aalgSha1Hmac(3),
|
|
aalgMd5Hmac96(4),
|
|
aalgSha1Hmac96(5),
|
|
aalgXRipeMd160Hmac96(6),
|
|
aalgXMd5(7),
|
|
aalgXSha1(8)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Authentication algorithm of ESP protocol."
|
|
::= { hh3chipsTransformNameSetEntry 6 }
|
|
|
|
|
|
hh3chipsIsCardTransform OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the flag of the NDEC is used for
|
|
IPSec SAs generated using this IPSec policy entry.
|
|
"
|
|
::= { hh3chipsTransformNameSetEntry 7 }
|
|
|
|
|
|
hh3chipsNDECInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cHipsNDECInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of NDEC set."
|
|
::= { hh3cNDEC 6 }
|
|
|
|
hh3chipsNDECInfoEntry OBJECT-TYPE
|
|
SYNTAX Hh3cHipsNDECInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Properties of each NDEC.
|
|
"
|
|
INDEX { hh3chipsCardSlot }
|
|
::= { hh3chipsNDECInfoTable 1 }
|
|
|
|
Hh3cHipsNDECInfoEntry ::= SEQUENCE {
|
|
hh3chipsCardSlot INTEGER,
|
|
hh3chipsInPac Counter32,
|
|
hh3chipsOutPac Counter32,
|
|
hh3chipsInByte Counter32,
|
|
hh3chipsOutByte Counter32,
|
|
hh3chipsDropPac Counter32,
|
|
hh3chipsCardStatus INTEGER,
|
|
hh3chipsCardHardVer DisplayString,
|
|
hh3chipsCardSoftVer DisplayString,
|
|
hh3chipsCardCPLDVer DisplayString,
|
|
hh3chipsCardOperate INTEGER,
|
|
hh3chipsDropPacInUnitTime Gauge32
|
|
}
|
|
|
|
|
|
hh3chipsCardSlot OBJECT-TYPE
|
|
SYNTAX INTEGER(0..7)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Slot number of NDEC ."
|
|
::= { hh3chipsNDECInfoEntry 1 }
|
|
|
|
hh3chipsInPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC recieved."
|
|
::= { hh3chipsNDECInfoEntry 2 }
|
|
|
|
hh3chipsOutPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC sent."
|
|
::= { hh3chipsNDECInfoEntry 3 }
|
|
|
|
hh3chipsInByte OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total bytes of the NDEC sent."
|
|
::= { hh3chipsNDECInfoEntry 4 }
|
|
|
|
hh3chipsOutByte OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total bytes of the NDEC sent."
|
|
::= { hh3chipsNDECInfoEntry 5 }
|
|
|
|
hh3chipsDropPac OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total packets of the NDEC dropped ."
|
|
::= { hh3chipsNDECInfoEntry 6 }
|
|
|
|
hh3chipsCardStatus OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
ecStateInvalid(1), -- status exeception
|
|
ecStateReady(2), -- status normal
|
|
ecStateResetting(3) , -- card is reseting
|
|
ecStateProgramUpdating(4), --card is loading
|
|
ecStateDisable(5) -- card is forbidden
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"State of the NDEC."
|
|
::= { hh3chipsNDECInfoEntry 7 }
|
|
|
|
hh3chipsCardHardVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hardware version of the NDEC."
|
|
::= { hh3chipsNDECInfoEntry 8 }
|
|
|
|
hh3chipsCardSoftVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Software version of the NDEC."
|
|
::= { hh3chipsNDECInfoEntry 9 }
|
|
|
|
hh3chipsCardCPLDVer OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CPLD version of the NDEC."
|
|
::= { hh3chipsNDECInfoEntry 10 }
|
|
|
|
hh3chipsCardOperate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
cardClearStatic(1),
|
|
cardReset(2),
|
|
cardSynTime(3),
|
|
cardSysLogOn(4),
|
|
cardSysLogOff(5),
|
|
cardSysLogClear(6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The version of the NDEC's CPLD.
|
|
cardClearStatic(1): clear the statistics of the card
|
|
cardReset(2): rest the card
|
|
cardSynTime(3): synchoronize the clock of the card
|
|
cardSysLogOn(4):turn on the log of the card
|
|
cardSysLogOff(5):turn off the log of the card
|
|
cardSysLogClear(6):clear the log of the card"
|
|
::= { hh3chipsNDECInfoEntry 11 }
|
|
|
|
hh3chipsDropPacInUnitTime OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dropped packets in unit interval."
|
|
::= { hh3chipsNDECInfoEntry 12 }
|
|
|
|
|
|
hh3chipsNDECLeaf OBJECT IDENTIFIER ::= { hh3cNDEC 7 }
|
|
|
|
hh3chipsNDECConnections OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total connections of the system at this time."
|
|
::= { hh3chipsNDECLeaf 1 }
|
|
|
|
hh3chipsNDECBackup OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag that NDEC using backup. The value 1 represents using backup
|
|
The value 0 represents not using backup"
|
|
::= { hh3chipsNDECLeaf 2 }
|
|
|
|
|
|
hh3chipsTraps OBJECT IDENTIFIER ::= { hh3cNDEC 8 }
|
|
|
|
hh3chipsNDECNormalResetTrap NOTIFICATION-TYPE
|
|
OBJECTS { hh3chipsCardSlot,hh3chipsCardHardVer,
|
|
hh3chipsCardSoftVer,hh3chipsCardCPLDVer }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when the NDEC card is reset."
|
|
::= { hh3chipsTraps 1 }
|
|
|
|
hh3chipsNDECStateChangeTrap NOTIFICATION-TYPE
|
|
OBJECTS { hh3chipsCardSlot,hh3chipsCardStatus }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when the NDEC card's state changes."
|
|
::= { hh3chipsTraps 2 }
|
|
|
|
hh3chipsNDECFlowTrap NOTIFICATION-TYPE
|
|
OBJECTS { hh3chipsCardSlot,hh3chipsDropPacInUnitTime }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is generated when a NDEC card is overloaded."
|
|
::= { hh3chipsTraps 3 }
|
|
|
|
END
|