1204 lines
44 KiB
Plaintext
1204 lines
44 KiB
Plaintext
-- ************************************************************************
|
|
-- Copyright (c) 2004-2018 New H3C Tech. Co., Ltd. All rights reserved.
|
|
--
|
|
-- Description: WAPI extension mib
|
|
-- Reference:
|
|
-- Version: V1.5
|
|
-- History:
|
|
-- V1.0 created by zhanglianglun
|
|
-- Initial version 2007-5-20
|
|
-- V1.1 2009-06-04 modified by caizibin
|
|
-- Add hh3cwapiCertificateInstalled, hh3cwapiConfigTable,
|
|
-- hh3cwapiUserwithInvalidCertificate,
|
|
-- hh3cwapiStationReplayAttack, hh3cwapiTamperAttack,
|
|
-- hh3cwapiLowSafeLevelAttack, hh3cwapiAddressRedirectionAttack,
|
|
-- hh3cwapiTrapInfoMacAddr, hh3cwapiTrapInfoAPId,
|
|
-- hh3cwapiTrapInfoRadioId, hh3cwapiTrapInfoBSSId
|
|
-- V1.2 2010-03-06 modified by xuyonggang
|
|
-- Add hh3cwapiConfigExtTable
|
|
-- V1.3 2010-11-23 modified by xuyonggang
|
|
-- Add hh3cwapiCfgExtASIPAddressType
|
|
-- Add hh3cwapiCfgExtASIPAddress
|
|
-- Add hh3cwapiCfgExtASName
|
|
-- Add hh3cwapiCfgExtCertDomain
|
|
-- Add hh3cwapiCfgExtCertInstalled
|
|
-- V1.4 2013-01-10 modified by xuyonggang
|
|
-- Add hh3cwapiTrapInfoAPMacAddr
|
|
-- V1.5 2018-05-07 modified by muzhuqing
|
|
-- Add node hh3cwapiConfigVersion to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiControlledAuthControl to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiControlledPortControl to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiOptionImplemented to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiPreauthImplemented to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiEnabled to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiPreauthEnabled to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgUniKeysSupported to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgUniRekeyMethod to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgUniRekeyTime to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgUniRekeyPackets to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiCipher to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiRekeyMethod to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiRekeyTime to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiRekeyPackets to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiRekeyStrict to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgPSKValue to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgPSKPassPhrase to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgCertUpdateCount to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiUpdateCount to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgUniUpdateCount to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgMultiCipherSize to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgBKLifetime to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgBKReauthThreshold to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiCfgSATimeout to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiAuthenSuiteSelected to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiUniCipherSelected to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiMultiCipherSelected to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiBKIDUsed to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiAuthenSuiteRequested to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiUniCipherRequested to hh3cwapiConfigExtTable.
|
|
-- Add node hh3cwapiMultiCipherRequested to hh3cwapiConfigExtTable.
|
|
-- Add table hh3cwapiStatsTable.
|
|
-- ************************************************************************
|
|
HH3C-WAPI-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Counter32, Integer32, Unsigned32,
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
TruthValue, MacAddress
|
|
FROM SNMPv2-TC
|
|
ifIndex, ifDescr
|
|
FROM IF-MIB
|
|
InetAddressType, InetAddress
|
|
FROM INET-ADDRESS-MIB
|
|
hh3cCommon
|
|
FROM HH3C-OID-MIB;
|
|
|
|
hh3cwapiMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201012011757Z"
|
|
ORGANIZATION
|
|
"New H3C Technologies Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team New H3C Technologies Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"HH3C-WAPI-MIB is an extension of MIB in WAPI
|
|
protocol. This MIB contains objects to
|
|
manage configuration and monitor running state
|
|
for WAPI feature."
|
|
REVISION "201012011757Z"
|
|
DESCRIPTION
|
|
"Add node hh3cwapiConfigVersion to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiControlledAuthControl to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiControlledPortControl to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiOptionImplemented to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiPreauthImplemented to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiEnabled to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiPreauthEnabled to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgUniKeysSupported to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgUniRekeyMethod to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgUniRekeyTime to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgUniRekeyPackets to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiCipher to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiRekeyMethod to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiRekeyTime to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiRekeyPackets to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiRekeyStrict to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgPSKValue to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgPSKPassPhrase to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgCertUpdateCount to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiUpdateCount to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgUniUpdateCount to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgMultiCipherSize to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgBKLifetime to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgBKReauthThreshold to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiCfgSATimeout to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiAuthenSuiteSelected to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiUniCipherSelected to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiMultiCipherSelected to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiBKIDUsed to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiAuthenSuiteRequested to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiUniCipherRequested to hh3cwapiConfigExtTable.
|
|
Add node hh3cwapiMultiCipherRequested to hh3cwapiConfigExtTable.
|
|
Add table hh3cwapiStatsTable."
|
|
::= { hh3cCommon 77 }
|
|
|
|
hh3cwapiMIBObjects OBJECT IDENTIFIER ::= { hh3cwapiMIB 1 }
|
|
hh3cwapiMIBStatsObjects OBJECT IDENTIFIER ::= { hh3cwapiMIB 2 }
|
|
hh3cwapiMIBTableObjects OBJECT IDENTIFIER ::= { hh3cwapiMIB 3 }
|
|
hh3cwapiTrap OBJECT IDENTIFIER ::= { hh3cwapiMIB 4 }
|
|
|
|
-- ************************************************************************
|
|
-- * hh3cwapiModeEnabled OBJECT
|
|
-- ************************************************************************
|
|
hh3cwapiModeEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to TRUE, it shall indicate that WAPI
|
|
is enabled. Otherwise, it shall indicate that WAPI is disabled."
|
|
::= { hh3cwapiMIBObjects 1 }
|
|
|
|
-- ************************************************************************
|
|
-- * hh3cwapiASIPAddress OBJECT
|
|
-- ************************************************************************
|
|
hh3cwapiASIPAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set global IP addresses
|
|
type (IPv4 or IPv6) of AS."
|
|
DEFVAL { ipv4 }
|
|
::= { hh3cwapiMIBObjects 2 }
|
|
|
|
hh3cwapiASIPAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the global IP address of AS."
|
|
::= { hh3cwapiMIBObjects 3 }
|
|
|
|
-- ************************************************************************
|
|
-- * hh3cwapiCertificateInstalled OBJECT
|
|
-- ************************************************************************
|
|
hh3cwapiCertificateInstalled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity has installed
|
|
certificate. When the value is TRUE, it shall indicate that
|
|
the entity has installed certificate. Otherwise, it shall
|
|
indicate that the entity hasn't installed certificate."
|
|
::= { hh3cwapiMIBObjects 4 }
|
|
|
|
-- ************************************************************************
|
|
-- * 9 statistics OBJECTS
|
|
-- ************************************************************************
|
|
hh3cwapiStatsWAISignatureErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received packet of
|
|
WAI signature is wrong."
|
|
::= { hh3cwapiMIBStatsObjects 1 }
|
|
|
|
hh3cwapiStatsWAIHMACErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received packet of
|
|
WAI message authentication key checking error occurs."
|
|
::= { hh3cwapiMIBStatsObjects 2 }
|
|
|
|
hh3cwapiStatsWAIAuthRsltFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI authentication result is
|
|
unsuccessful."
|
|
::= { hh3cwapiMIBStatsObjects 3 }
|
|
|
|
hh3cwapiStatsWAIDiscardCounters OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received packet of WAI are
|
|
discarded."
|
|
::= { hh3cwapiMIBStatsObjects 4 }
|
|
|
|
hh3cwapiStatsWAITimeoutCounters OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the packet of WAI overtime are
|
|
detected."
|
|
::= { hh3cwapiMIBStatsObjects 5 }
|
|
|
|
hh3cwapiStatsWAIFormatErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI packet of WAI format
|
|
error is detected."
|
|
::= { hh3cwapiMIBStatsObjects 6 }
|
|
|
|
hh3cwapiStatsWAICtfHskFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI certificate authenticates
|
|
unsuccessfully."
|
|
::= { hh3cwapiMIBStatsObjects 7 }
|
|
|
|
hh3cwapiStatsWAIUniHskFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI unicast cipher key
|
|
negotiates unsuccessfully."
|
|
::= { hh3cwapiMIBStatsObjects 8 }
|
|
|
|
hh3cwapiStatsWAIMulHskFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI multicast cipher key
|
|
announces unsuccessfully."
|
|
::= { hh3cwapiMIBStatsObjects 9 }
|
|
|
|
-- ************************************************************************
|
|
-- * hh3cwapiConfigTable Table
|
|
-- ************************************************************************
|
|
hh3cwapiConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cwapiConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing WAPI configuration objects."
|
|
::= { hh3cwapiMIBTableObjects 1 }
|
|
|
|
hh3cwapiConfigEntry OBJECT-TYPE
|
|
SYNTAX Hh3cwapiConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the hh3cwapiConfigTable."
|
|
INDEX { ifIndex }
|
|
::= { hh3cwapiConfigTable 1 }
|
|
|
|
Hh3cwapiConfigEntry ::= SEQUENCE
|
|
{
|
|
hh3cwapiConfigASIPAddressType InetAddressType,
|
|
hh3cwapiConfigASIPAddress InetAddress,
|
|
hh3cwapiConfigAuthMethod INTEGER,
|
|
hh3cwapiConfigAuthMode INTEGER,
|
|
hh3cwapiConfigISPDomain OCTET STRING,
|
|
hh3cwapiConfigCertificateDomain OCTET STRING,
|
|
hh3cwapiConfigASName OCTET STRING,
|
|
hh3cwapiConfigBKRekeyEnabled TruthValue
|
|
}
|
|
|
|
hh3cwapiConfigASIPAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set IP addresses type of AS."
|
|
::= { hh3cwapiConfigEntry 1 }
|
|
|
|
hh3cwapiConfigASIPAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the IP address of AS."
|
|
::= { hh3cwapiConfigEntry 2 }
|
|
|
|
hh3cwapiConfigAuthMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
certificate(1),
|
|
psk(2),
|
|
certificatePsk(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for WAPI authentication.
|
|
The default is certificate."
|
|
DEFVAL { certificate }
|
|
::= { hh3cwapiConfigEntry 3 }
|
|
|
|
hh3cwapiConfigAuthMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
standard(1),
|
|
radiusExtension(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for WAPI authentication.
|
|
When the value is standard, it shall indicate that the entity
|
|
acts based on the official definition. Otherwise, it shall
|
|
indicate that the entity finishes authentication by means of RADIUS.
|
|
The default is standard."
|
|
DEFVAL { standard }
|
|
::= { hh3cwapiConfigEntry 4 }
|
|
|
|
hh3cwapiConfigISPDomain OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..24))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ISP domain name."
|
|
::= { hh3cwapiConfigEntry 5 }
|
|
|
|
hh3cwapiConfigCertificateDomain OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PKI domain name."
|
|
::= { hh3cwapiConfigEntry 6 }
|
|
|
|
hh3cwapiConfigASName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of AS."
|
|
::= { hh3cwapiConfigEntry 7 }
|
|
|
|
hh3cwapiConfigBKRekeyEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the BK rekey function is
|
|
supported. When the value is TRUE, it shall indicate that
|
|
the BK rekey function is supported. Otherwise, it shall
|
|
indicate that the BK rekey function is not supported."
|
|
::= { hh3cwapiConfigEntry 8 }
|
|
|
|
-- *************************************************************************
|
|
-- * hh3cwapiConfigExtTable Table
|
|
-- *************************************************************************
|
|
|
|
hh3cwapiConfigExtTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cwapiConfigExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing WAPI configuration objects for SSID."
|
|
::= { hh3cwapiMIBTableObjects 2 }
|
|
|
|
hh3cwapiConfigExtEntry OBJECT-TYPE
|
|
SYNTAX Hh3cwapiConfigExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An extend entry in the hh3cwapiConfigExtTable."
|
|
INDEX { hh3cwapiConfigServicePolicyID }
|
|
::= { hh3cwapiConfigExtTable 1 }
|
|
|
|
Hh3cwapiConfigExtEntry ::= SEQUENCE
|
|
{
|
|
hh3cwapiConfigServicePolicyID Integer32,
|
|
hh3cwapiConfigUnicastCipherEnabled TruthValue,
|
|
hh3cwapiConfigUnicastCipherSize Unsigned32,
|
|
hh3cwapiConfigAuthenticationSuiteEnabled TruthValue,
|
|
hh3cwapiConfigAuthenticationSuite OCTET STRING,
|
|
hh3cwapiCfgExtASIPAddressType InetAddressType,
|
|
hh3cwapiCfgExtASIPAddress InetAddress,
|
|
hh3cwapiCfgExtASName OCTET STRING,
|
|
hh3cwapiCfgExtCertDomain OCTET STRING,
|
|
hh3cwapiCfgExtCertInstalled TruthValue,
|
|
hh3cwapiConfigVersion Integer32,
|
|
hh3cwapiControlledAuthControl TruthValue,
|
|
hh3cwapiControlledPortControl Integer32,
|
|
hh3cwapiOptionImplemented TruthValue,
|
|
hh3cwapiPreauthImplemented TruthValue,
|
|
hh3cwapiEnabled TruthValue,
|
|
hh3cwapiPreauthEnabled TruthValue,
|
|
hh3cwapiCfgUniKeysSupported Unsigned32,
|
|
hh3cwapiCfgUniRekeyMethod INTEGER,
|
|
hh3cwapiCfgUniRekeyTime Unsigned32,
|
|
hh3cwapiCfgUniRekeyPackets Unsigned32,
|
|
hh3cwapiCfgMultiCipher OCTET STRING,
|
|
hh3cwapiCfgMultiRekeyMethod INTEGER,
|
|
hh3cwapiCfgMultiRekeyTime Unsigned32,
|
|
hh3cwapiCfgMultiRekeyPackets Unsigned32,
|
|
hh3cwapiCfgMultiRekeyStrict TruthValue,
|
|
hh3cwapiCfgPSKValue OCTET STRING,
|
|
hh3cwapiCfgPSKPassPhrase OCTET STRING,
|
|
hh3cwapiCfgCertUpdateCount Unsigned32,
|
|
hh3cwapiCfgMultiUpdateCount Unsigned32,
|
|
hh3cwapiCfgUniUpdateCount Unsigned32,
|
|
hh3cwapiCfgMultiCipherSize Unsigned32,
|
|
hh3cwapiCfgBKLifetime Unsigned32,
|
|
hh3cwapiCfgBKReauthThreshold Unsigned32,
|
|
hh3cwapiCfgSATimeout Unsigned32,
|
|
hh3cwapiAuthenSuiteSelected OCTET STRING,
|
|
hh3cwapiUniCipherSelected OCTET STRING,
|
|
hh3cwapiMultiCipherSelected OCTET STRING,
|
|
hh3cwapiBKIDUsed OCTET STRING,
|
|
hh3cwapiAuthenSuiteRequested OCTET STRING,
|
|
hh3cwapiUniCipherRequested OCTET STRING,
|
|
hh3cwapiMultiCipherRequested OCTET STRING
|
|
}
|
|
|
|
hh3cwapiConfigServicePolicyID OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the ID of each service policy."
|
|
::= { hh3cwapiConfigExtEntry 1 }
|
|
|
|
hh3cwapiConfigUnicastCipherEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object enables or disables the unicast cipher."
|
|
::= { hh3cwapiConfigExtEntry 2 }
|
|
|
|
hh3cwapiConfigUnicastCipherSize OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the length in bits of the unicast cipher
|
|
key. This should be 256 for SMS4, first 128 bits for encrypting,
|
|
last 128 bits for integrity checking."
|
|
::= { hh3cwapiConfigExtEntry 3 }
|
|
|
|
hh3cwapiConfigAuthenticationSuiteEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This variable indicates the corresponding AKM suite is enabled
|
|
or disabled."
|
|
::= { hh3cwapiConfigExtEntry 4 }
|
|
|
|
hh3cwapiConfigAuthenticationSuite OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of an AKM suite. It consists of an OUI (the first 3
|
|
octets) and a cipher suite identifier (the last octet)."
|
|
::= { hh3cwapiConfigExtEntry 5 }
|
|
|
|
hh3cwapiCfgExtASIPAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set IP addresses type of AS."
|
|
::= { hh3cwapiConfigExtEntry 6 }
|
|
|
|
hh3cwapiCfgExtASIPAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the IP address of AS."
|
|
::= { hh3cwapiConfigExtEntry 7 }
|
|
|
|
hh3cwapiCfgExtASName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the name of AS."
|
|
::= { hh3cwapiConfigExtEntry 8 }
|
|
|
|
hh3cwapiCfgExtCertDomain OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..15))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the PKI domain name."
|
|
::= { hh3cwapiConfigExtEntry 9 }
|
|
|
|
hh3cwapiCfgExtCertInstalled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity has installed
|
|
certificate. When the value is TRUE, it shall indicate that
|
|
the SSID has installed certificate. Otherwise, it shall
|
|
indicate that the SSID hasn't installed certificate."
|
|
::= { hh3cwapiConfigExtEntry 10 }
|
|
|
|
hh3cwapiConfigVersion OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The highest WAPI version this entity supports."
|
|
::= { hh3cwapiConfigExtEntry 11 }
|
|
|
|
hh3cwapiControlledAuthControl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity is enabled with
|
|
authentication. When the value is FALSE, it shall indicate that
|
|
authentication is not enabled on this entity, and the status of
|
|
the controlled port is 'authenticated'. When the value is TRUE,
|
|
it shall indicate that authentication is enabled, and the status
|
|
of controlled port is decided by
|
|
hh3cwapiControlledPortControl."
|
|
::= { hh3cwapiConfigExtEntry 12 }
|
|
|
|
hh3cwapiControlledPortControl OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the controlling type of the entity's port.
|
|
This object is available when
|
|
hh3cwapiControlledAuthControl is TRUE. When the value is
|
|
zero, it means 'automatic', and the status of the controlled port
|
|
is decided by authentication result. When the value is one,
|
|
it means 'forcibly unauthenticated', and the status of the
|
|
controlled port is 'unauthenticated'."
|
|
::= { hh3cwapiConfigExtEntry 13 }
|
|
|
|
hh3cwapiOptionImplemented OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity supports WAPI. When the
|
|
value is TRUE, it shall indicate that the entity supports WAPI.
|
|
Otherwise, it shall indicate that the entity does not support WAPI."
|
|
::= { hh3cwapiConfigExtEntry 14 }
|
|
|
|
hh3cwapiPreauthImplemented OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity supports WAPI
|
|
preauthentication. This object can't be set to TRUE, unless
|
|
hh3cwapiOptionImplemented is TRUE."
|
|
::= { hh3cwapiConfigExtEntry 15 }
|
|
|
|
hh3cwapiEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to TRUE, it shall indicate that WAPI is
|
|
enabled on this entity. The entity will advertise the WAPI
|
|
information element in its beacon and probe response frames."
|
|
::= { hh3cwapiConfigExtEntry 16 }
|
|
|
|
hh3cwapiPreauthEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to TRUE, it shall indicate that WAPI
|
|
preauthentication is enabled on this entity. Otherwise, it shall
|
|
indicate that WAPI preauthentication is disabled on this entity.
|
|
This object requires that hh3cWAPIEnabled also be set to
|
|
TRUE."
|
|
::= { hh3cwapiConfigExtEntry 17 }
|
|
|
|
hh3cwapiCfgUniKeysSupported OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates how many unicast keys the entity supports
|
|
for WAPI."
|
|
::= { hh3cwapiConfigExtEntry 18 }
|
|
|
|
hh3cwapiCfgUniRekeyMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
timeBased(2),
|
|
packetBased(3),
|
|
timepacketBased(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for rekeying the WAPI USK. The
|
|
default is time-based, once per day. Rekeying the USK is only
|
|
applicable to an entity acting as an AE or ASUE."
|
|
DEFVAL { timeBased }
|
|
::= { hh3cwapiConfigExtEntry 19 }
|
|
|
|
hh3cwapiCfgUniRekeyTime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time in seconds after which the WAPI USK shall be refreshed.
|
|
The timer shall start at the moment the USK was set using the
|
|
MLME-SETWPIKEYS request primitive."
|
|
DEFVAL { 86400 }
|
|
::= { hh3cwapiConfigExtEntry 20 }
|
|
|
|
hh3cwapiCfgUniRekeyPackets OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "1000 packets"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A packet count (a multiple of 1000) after which the WAPI USK
|
|
shall be refreshed. The packet counter shall start at the moment
|
|
the USK was set using the MLME-SETKEYS request primitive and it
|
|
shall count all packets encrypted using the current USK."
|
|
::= { hh3cwapiConfigExtEntry 21 }
|
|
|
|
hh3cwapiCfgMultiCipher OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the multicast cipher suite selector the
|
|
entity must use. The multicast cipher suite in the WAPI
|
|
information element shall take its value from this variable.
|
|
It contains an OUI (the first 3 octets) and a cipher suite
|
|
identifier (the last octet)."
|
|
::= { hh3cwapiConfigExtEntry 22 }
|
|
|
|
hh3cwapiCfgMultiRekeyMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
timeBased(2),
|
|
packetBased(3),
|
|
timepacketBased(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for rekeying the WAPI MSK. The
|
|
default is time-based, once per day. Rekeying the MSK is only
|
|
applicable to an entity acting as an AE or ASUE."
|
|
DEFVAL { timeBased }
|
|
::= { hh3cwapiConfigExtEntry 23 }
|
|
|
|
hh3cwapiCfgMultiRekeyTime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time in seconds after which the WAPI MSK shall be refreshed.
|
|
The timer shall start at the moment the MSK was set using the
|
|
MLME-SETWPIKEYS request primitive."
|
|
DEFVAL { 86400 }
|
|
::= { hh3cwapiConfigExtEntry 24 }
|
|
|
|
hh3cwapiCfgMultiRekeyPackets OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "1000 packets"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A packet count (a multiple of 1000) after which the WAPI MSK
|
|
shall be refreshed. The packet counter shall start at the moment
|
|
the MSK was set using the MLME-SETKEYS request primitive and it
|
|
shall count all packets encrypted using the current MSK."
|
|
::= { hh3cwapiConfigExtEntry 25 }
|
|
|
|
hh3cwapiCfgMultiRekeyStrict OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates that the MSK shall be refreshed whenever an
|
|
STA leaves the BSS that has the MSK."
|
|
::= { hh3cwapiConfigExtEntry 26 }
|
|
|
|
hh3cwapiCfgPSKValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(2..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PSK value when WAPI in PSK mode is the selected AKM suite.
|
|
In that case, the BK will obtain its value from this object.
|
|
This object is logically write-only. Reading this variable shall
|
|
return unsuccessful status or null or zero."
|
|
::= { hh3cwapiConfigExtEntry 27 }
|
|
|
|
hh3cwapiCfgPSKPassPhrase OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PSK value when WAPI in PSK mode is the selected AKM suite,
|
|
which is configured by hh3cwapiCfgPSKValue.
|
|
An alternative method of setting the PSK is to
|
|
use the password-to-key algorithm.
|
|
This variable provides a means to enter a pass-phrase.
|
|
When this object is written, the WAPI entity shall
|
|
use the password-to-key algorithm to derive a preshared key
|
|
and populate hh3cwapiCfgPSKValue with this key.
|
|
This object is logically write-only. Reading this variable shall
|
|
return unsuccessful status or null or zero."
|
|
::= { hh3cwapiConfigExtEntry 28 }
|
|
|
|
hh3cwapiCfgCertUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI certificate
|
|
authentication handshake will be retried per certificate
|
|
authentication handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { hh3cwapiConfigExtEntry 29 }
|
|
|
|
hh3cwapiCfgMultiUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI multicast key handshake
|
|
will be retried per MSK handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { hh3cwapiConfigExtEntry 30 }
|
|
|
|
hh3cwapiCfgUniUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI unicast key handshake
|
|
will be retried per 3-way handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { hh3cwapiConfigExtEntry 31 }
|
|
|
|
hh3cwapiCfgMultiCipherSize OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the length in bits of the multicast cipher
|
|
key. This should be 256 for SMS4, where the first 128 bits are
|
|
for encryption, and the last 128 bits for integrity check."
|
|
::= { hh3cwapiConfigExtEntry 32 }
|
|
|
|
hh3cwapiCfgBKLifetime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum lifetime of a BK in the BK cache."
|
|
DEFVAL { 43200 }
|
|
::= { hh3cwapiConfigExtEntry 33 }
|
|
|
|
hh3cwapiCfgBKReauthThreshold OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..100)
|
|
UNITS "percentage"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The percentage of the BK lifetime that should expire before a
|
|
reauthentication occurs."
|
|
DEFVAL { 70 }
|
|
::= { hh3cwapiConfigExtEntry 34 }
|
|
|
|
hh3cwapiCfgSATimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum time a security association shall take to set up."
|
|
DEFVAL { 60 }
|
|
::= { hh3cwapiConfigExtEntry 35 }
|
|
|
|
hh3cwapiAuthenSuiteSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last negotiated AKM suite."
|
|
::= { hh3cwapiConfigExtEntry 36 }
|
|
|
|
hh3cwapiUniCipherSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last negotiated unicast cipher."
|
|
::= { hh3cwapiConfigExtEntry 37 }
|
|
|
|
hh3cwapiMultiCipherSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last negotiated multicast cipher."
|
|
::= { hh3cwapiConfigExtEntry 38 }
|
|
|
|
hh3cwapiBKIDUsed OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last BKID used in the last unicast
|
|
cipher key handshake."
|
|
::= { hh3cwapiConfigExtEntry 39 }
|
|
|
|
hh3cwapiAuthenSuiteRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last requested AKM suite."
|
|
::= { hh3cwapiConfigExtEntry 40 }
|
|
|
|
hh3cwapiUniCipherRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last requested unicast cipher."
|
|
::= { hh3cwapiConfigExtEntry 41 }
|
|
|
|
hh3cwapiMultiCipherRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last requested multicast cipher."
|
|
::= { hh3cwapiConfigExtEntry 42 }
|
|
|
|
hh3cwapiStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Hh3cwapiStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table maintains per-STA statistics in a WAPI. The entry
|
|
with hh3cwapiStatsSTAAddress set to FF-FF-FF-FF-FF-FF
|
|
shall contain statistics for broadcast/multicast traffic."
|
|
::= { hh3cwapiMIBTableObjects 3 }
|
|
|
|
hh3cwapiStatsEntry OBJECT-TYPE
|
|
SYNTAX Hh3cwapiStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the hh3cwapiStatsTable."
|
|
INDEX { hh3cwapiStationMAC }
|
|
::= { hh3cwapiStatsTable 1 }
|
|
|
|
Hh3cwapiStatsEntry ::=
|
|
SEQUENCE {
|
|
hh3cwapiStationMAC MacAddress,
|
|
hh3cwapiStatsSTAAddress MacAddress,
|
|
hh3cwapiStatsVersion Unsigned32,
|
|
hh3cwapiStatsCtrlPortStatus TruthValue,
|
|
hh3cwapiStatsSelectedUniCipher OCTET STRING,
|
|
hh3cwapiStatsWPIReplayCnt Counter32,
|
|
hh3cwapiStatsWPIDecryptErr Counter32,
|
|
hh3cwapiStatsWPIMICErr Counter32,
|
|
hh3cwapiStatsWAISignatureErr Counter32,
|
|
hh3cwapiStatsWAIHMACErr Counter32,
|
|
hh3cwapiStatsWAIAuthenFail Counter32,
|
|
hh3cwapiStatsWAIDiscardCnt Counter32,
|
|
hh3cwapiStatsWAITimeoutCnt Counter32,
|
|
hh3cwapiStatsWAIFormatErr Counter32,
|
|
hh3cwapiStatsWAICertFail Counter32,
|
|
hh3cwapiStatsWAIUniFail Counter32,
|
|
hh3cwapiStatsWAIMultiFail Counter32
|
|
}
|
|
|
|
hh3cwapiStationMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents the unique MAC Address of station."
|
|
::= { hh3cwapiStatsEntry 1 }
|
|
|
|
hh3cwapiStatsSTAAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC address of the STA to which the statistics in this
|
|
conceptual row belong."
|
|
::= { hh3cwapiStatsEntry 2 }
|
|
|
|
hh3cwapiStatsVersion OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The WAPI version with which the STA is associated."
|
|
::= { hh3cwapiStatsEntry 3 }
|
|
|
|
hh3cwapiStatsCtrlPortStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the status of the authentication
|
|
entity's controlled port. When the value is TRUE, it means
|
|
'authenticated'. Otherwise, it means 'unauthenticated'."
|
|
::= { hh3cwapiStatsEntry 4 }
|
|
|
|
hh3cwapiStatsSelectedUniCipher OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unicast cipher suite selector used during association."
|
|
::= { hh3cwapiStatsEntry 5 }
|
|
|
|
hh3cwapiStatsWPIReplayCnt OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded by the replay mechanism."
|
|
::= { hh3cwapiStatsEntry 6 }
|
|
|
|
hh3cwapiStatsWPIDecryptErr OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded because of unavailable cipher
|
|
key during WPI-SMS4 decryption."
|
|
::= { hh3cwapiStatsEntry 7 }
|
|
|
|
hh3cwapiStatsWPIMICErr OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded because of MIC checking
|
|
failure during WPI-SMS4 decryption."
|
|
::= { hh3cwapiStatsEntry 8 }
|
|
|
|
hh3cwapiStatsWAISignatureErr OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received WAI packets' signature
|
|
is wrong."
|
|
::= { hh3cwapiStatsEntry 9 }
|
|
|
|
hh3cwapiStatsWAIHMACErr OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when message authentication key
|
|
checking error occurs on the received WAI packets."
|
|
::= { hh3cwapiStatsEntry 10 }
|
|
|
|
hh3cwapiStatsWAIAuthenFail OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI authentication result
|
|
is unsuccessful."
|
|
::= { hh3cwapiStatsEntry 11 }
|
|
|
|
hh3cwapiStatsWAIDiscardCnt OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received WAI packet is
|
|
discarded."
|
|
::= { hh3cwapiStatsEntry 12 }
|
|
|
|
hh3cwapiStatsWAITimeoutCnt OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when a WAI packet timeout is
|
|
detected."
|
|
::= { hh3cwapiStatsEntry 13 }
|
|
|
|
hh3cwapiStatsWAIFormatErr OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when WAI packet format error occurs"
|
|
::= { hh3cwapiStatsEntry 14 }
|
|
|
|
hh3cwapiStatsWAICertFail OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when WAI certificate authentication
|
|
fails."
|
|
::= { hh3cwapiStatsEntry 15 }
|
|
|
|
hh3cwapiStatsWAIUniFail OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when WAI unicast cipher key
|
|
negotiation succeeds."
|
|
::= { hh3cwapiStatsEntry 16 }
|
|
|
|
hh3cwapiStatsWAIMultiFail OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI multicast cipher key
|
|
announcement failure occurs."
|
|
::= { hh3cwapiStatsEntry 17 }
|
|
|
|
-- ************************************************************************
|
|
-- * trap OBJECT
|
|
-- ************************************************************************
|
|
hh3cwapiTrapPrefix OBJECT IDENTIFIER ::= { hh3cwapiTrap 0 }
|
|
hh3cwapiUserwithInvalidCertificate NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
ifIndex,
|
|
ifDescr,
|
|
hh3cwapiTrapInfoMacAddr,
|
|
hh3cwapiTrapInfoAPId,
|
|
hh3cwapiTrapInfoRadioId,
|
|
hh3cwapiTrapInfoBSSId,
|
|
hh3cwapiTrapInfoAPMacAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is sent when a user intrudes upon network with invalid
|
|
certificate."
|
|
::= { hh3cwapiTrapPrefix 1 }
|
|
|
|
hh3cwapiStationReplayAttack NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
ifIndex,
|
|
ifDescr,
|
|
hh3cwapiTrapInfoMacAddr,
|
|
hh3cwapiTrapInfoAPId,
|
|
hh3cwapiTrapInfoRadioId,
|
|
hh3cwapiTrapInfoBSSId,
|
|
hh3cwapiTrapInfoAPMacAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is sent when an attacker records and replays network
|
|
transactions."
|
|
::= { hh3cwapiTrapPrefix 2 }
|
|
|
|
hh3cwapiTamperAttack NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
ifIndex,
|
|
ifDescr,
|
|
hh3cwapiTrapInfoMacAddr,
|
|
hh3cwapiTrapInfoAPId,
|
|
hh3cwapiTrapInfoRadioId,
|
|
hh3cwapiTrapInfoBSSId,
|
|
hh3cwapiTrapInfoAPMacAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is sent when an attacker monitors network traffic and
|
|
maliciously changes data in transit(for example, an attacker may
|
|
modify the contents of a WAI message)."
|
|
::= { hh3cwapiTrapPrefix 3 }
|
|
|
|
hh3cwapiLowSafeLevelAttack NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
ifIndex,
|
|
ifDescr,
|
|
hh3cwapiTrapInfoMacAddr,
|
|
hh3cwapiTrapInfoAPId,
|
|
hh3cwapiTrapInfoRadioId,
|
|
hh3cwapiTrapInfoBSSId,
|
|
hh3cwapiTrapInfoAPMacAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is sent when a station associates AP(Access Point),
|
|
creates packet of Unicast Key Negotiation Response with wrong
|
|
WIE(WAPI Information Element) of ASUE(Authentication Supplicant
|
|
Entity)."
|
|
::= { hh3cwapiTrapPrefix 4 }
|
|
|
|
hh3cwapiAddressRedirectionAttack NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
ifIndex,
|
|
ifDescr,
|
|
hh3cwapiTrapInfoMacAddr,
|
|
hh3cwapiTrapInfoAPId,
|
|
hh3cwapiTrapInfoRadioId,
|
|
hh3cwapiTrapInfoBSSId,
|
|
hh3cwapiTrapInfoAPMacAddr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This trap is sent when an attacker maliciously changes destination
|
|
MAC address of WPI(WLAN Privacy Infrastructure) frame."
|
|
::= { hh3cwapiTrapPrefix 5 }
|
|
|
|
-- ************************************************************************
|
|
-- * The following objects are used for binding informations when sending traps.
|
|
-- ************************************************************************
|
|
|
|
hh3cwapiTrapInfo OBJECT IDENTIFIER ::= { hh3cwapiTrap 1 }
|
|
|
|
hh3cwapiTrapInfoMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC address of the WAPI user."
|
|
::= { hh3cwapiTrapInfo 1 }
|
|
|
|
hh3cwapiTrapInfoAPId OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"To uniquely identify each AP."
|
|
::= { hh3cwapiTrapInfo 2 }
|
|
|
|
hh3cwapiTrapInfoRadioId OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents each radio."
|
|
::= { hh3cwapiTrapInfo 3 }
|
|
|
|
hh3cwapiTrapInfoBSSId OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"As MAC Address format, it is to identify BSS."
|
|
::= { hh3cwapiTrapInfo 4 }
|
|
|
|
hh3cwapiTrapInfoAPMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"As MAC Address format, it is to identify AP"
|
|
::= { hh3cwapiTrapInfo 5 }
|
|
END
|