mibs/MIBS/quanta/fastpath_portsecurity.my
2023-12-05 12:25:34 +01:00

318 lines
11 KiB
Plaintext

-- Port Security MIB overview:
-- Port Security MIB falls under lb6m MIB node of the private subtree.
NETGEAR-PORTSECURITY-PRIVATE-MIB DEFINITIONS ::= BEGIN
-- Netgear Inc NETGEAR Port Security MIB
-- Copyright Netgear Inc(2004-2007) All rights reserved.
-- This SNMP Management Information Specification
-- embodies Netgear Inc's confidential and proprietary
-- intellectual property. Netgear Inc retains all title
-- and ownership in the Specification including any revisions.
-- This Specification is supplied "AS IS", Netgear Inc
-- makes no warranty, either expressed or implied,
-- as to the use, operation, condition, or performance of the
-- Specification.
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Unsigned32 FROM SNMPv2-SMI
TEXTUAL-CONVENTION,RowStatus,
MacAddress FROM SNMPv2-TC
ifIndex FROM IF-MIB
DisplayString FROM RFC1213-MIB
lb6m FROM QUANTA-LB6M-REF-MIB;
fastPathPortSecurity MODULE-IDENTITY
LAST-UPDATED "201101260000Z" -- 26 January 2011 12:00:00 GMT
ORGANIZATION "Netgear Inc"
CONTACT-INFO ""
DESCRIPTION
"The Netgear Private MIB for NETGEAR Port Security Feature."
-- Revision history.
REVISION
"201101260000Z" -- 26 January 2011 12:00:00 GMT
DESCRIPTION
"Postal address updated."
REVISION
"200705230000Z" -- 23 May 2007 12:00:00 GMT
DESCRIPTION
"Netgear branding related changes."
::= { lb6m 20 }
--**************************************************************************************
-- agentPortSecurityGroup -> contains MIB objects displaying Port Security
-- and associated Functionality
--
--**************************************************************************************
agentPortSecurityGroup OBJECT IDENTIFIER ::= { fastPathPortSecurity 1}
agentGlobalPortSecurityMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mode showing whether at the global level, port security is enabled or not."
DEFVAL { disable }
::={ agentPortSecurityGroup 1 }
agentPortSecurityTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentPortSecurityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A table for Port Security and associated functionality."
::= { agentPortSecurityGroup 2 }
agentPortSecurityEntry OBJECT-TYPE
SYNTAX AgentPortSecurityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Represents entry for port security table"
INDEX { ifIndex }
::={ agentPortSecurityTable 1}
AgentPortSecurityEntry ::=
SEQUENCE {
agentPortSecurityMode
INTEGER,
agentPortSecurityDynamicLimit
Unsigned32,
agentPortSecurityStaticLimit
Unsigned32,
agentPortSecurityViolationTrapMode
INTEGER,
agentPortSecurityStaticMACs
DisplayString,
agentPortSecurityLastDiscardedMAC
DisplayString,
agentPortSecurityMACAddressAdd
DisplayString,
agentPortSecurityMACAddressRemove
DisplayString,
agentPortSecurityMACAddressMove
INTEGER,
agentPortSecurityStickyMode
INTEGER
}
agentPortSecurityMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mode showing whether at port level security is enabled or not."
DEFVAL { disable }
::={ agentPortSecurityEntry 1 }
agentPortSecurityDynamicLimit OBJECT-TYPE
SYNTAX Unsigned32(0..4096)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable signifies the limit of dynamically locked MAC addresses
allowed on a specific port."
DEFVAL { 4096 }
::={ agentPortSecurityEntry 2 }
agentPortSecurityStaticLimit OBJECT-TYPE
SYNTAX Unsigned32(0..20)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable signifies the limit of statically locked MAC addresses
allowed on a specific port."
DEFVAL { 20 }
::={ agentPortSecurityEntry 3 }
agentPortSecurityViolationTrapMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable is used to enable or disable the sending of new violation
traps designating when a packet with a disallowed MAC address is
received on a locked port."
::={agentPortSecurityEntry 4 }
agentPortSecurityStaticMACs OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This variable displays the statically locked MAC addresses for port.
The list displayed in a particular fashion :
2 a0:b1:c2:d1:e3:a1,11 a0:b1:c2:d3:e4:f5
(i.e., VLAN MAC pairs followed by a 1 or 0 to indicate a sticky entry, separated by commas)."
::={agentPortSecurityEntry 6 }
agentPortSecurityLastDiscardedMAC OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This variable displays the vlan-id and source MAC address of the last packet that was
discarded on a locked port."
::={agentPortSecurityEntry 7 }
agentPortSecurityMACAddressAdd OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB variable accepts a VLAN id, MAC address and the sticky value to be added to the list
of statically locked MAC addresses on a port. The VLAN id, MAC address and sticky value combination
would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1 1(the vlan-id, MAC address
and sticky value separated by blank-spaces)."
::={ agentPortSecurityEntry 8 }
agentPortSecurityMACAddressRemove OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB variable accepts a VLAN id and MAC address to be removed from the list
of statically locked MAC addresses on a port.. The VLAN id and MAC address combination
would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
MAC address separated by a blank-space)."
::={ agentPortSecurityEntry 9 }
agentPortSecurityMACAddressMove OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When this object is enabled, all the dynamically locked MAC addresses will
be moved to statically locked addresses on a port. GET operation on this object will display
disable."
::={ agentPortSecurityEntry 10 }
agentPortSecurityStickyMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure port level security sticky mode in a port."
DEFVAL { disable }
::={ agentPortSecurityEntry 11 }
--**********************************************************************--
agentPortSecurityDynamicTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentPortSecurityDynamicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A table for Port Security Dynamic and associated functionality."
::= { agentPortSecurityGroup 3 }
agentPortSecurityDynamicEntry OBJECT-TYPE
SYNTAX AgentPortSecurityDynamicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Represents entry for port MAC Locking table"
INDEX { ifIndex,agentPortSecurityDynamicVLANId,agentPortSecurityDynamicMACAddress }
::={ agentPortSecurityDynamicTable 1}
AgentPortSecurityDynamicEntry ::=
SEQUENCE {
agentPortSecurityDynamicVLANId
Unsigned32,
agentPortSecurityDynamicMACAddress
MacAddress
}
agentPortSecurityDynamicVLANId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source VLAN id of the packet that is received on the dynamically locked port."
::={agentPortSecurityDynamicEntry 1 }
agentPortSecurityDynamicMACAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source MAC address of the packet that is received on the dynamically locked port."
::={ agentPortSecurityDynamicEntry 2 }
agentGlobalPortSecurityStickyMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to apply the Sticky Mode to all ports.
This is write-only value. It always returns 'disable' on request"
DEFVAL { disable }
::={ agentPortSecurityGroup 4 }
agentGlobalPortSecurityViolationTrapMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable is used to enable or disable the sending of new violation
traps designating when a packet with a disallowed MAC address is
received on a locked port. The configuration will be done on all ports.
This is write-only value. It always returns 'disable' on request"
DEFVAL { disable }
::={ agentPortSecurityGroup 5 }
--**************************************************************************************
-- agentPortSecurity Traps
--
--**************************************************************************************
agentPortSecurityTraps OBJECT IDENTIFIER ::= { fastPathPortSecurity 2 }
agentPortSecurityViolation NOTIFICATION-TYPE
OBJECTS {
ifIndex,
agentPortSecurityLastDiscardedMAC
}
STATUS current
DESCRIPTION
"Sent when a packet is received on a locked port with a source MAC address
that is not allowed."
::= { agentPortSecurityTraps 1 }
END