diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/fs/GBNL2PortSecurity-MIB | |
| download | mibs-main.tar.gz mibs-main.zip | |
Diffstat (limited to 'MIBS/fs/GBNL2PortSecurity-MIB')
| -rw-r--r-- | MIBS/fs/GBNL2PortSecurity-MIB | 501 |
1 files changed, 501 insertions, 0 deletions
diff --git a/MIBS/fs/GBNL2PortSecurity-MIB b/MIBS/fs/GBNL2PortSecurity-MIB new file mode 100644 index 0000000..5e3806a --- /dev/null +++ b/MIBS/fs/GBNL2PortSecurity-MIB @@ -0,0 +1,501 @@ +
+ GBNL2PortSecurity-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE,
+ Integer32, IpAddress,
+ NOTIFICATION-TYPE FROM SNMPv2-SMI
+
+ DisplayString, MacAddress,
+ RowStatus, TruthValue FROM SNMPv2-TC
+
+ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
+
+ gbnL2 FROM ADMIN-MASTER-MIB
+ ;
+
+ gbnL2Switch OBJECT IDENTIFIER ::= { gbnL2 1 }
+
+ gbnL2PortSecurityMib MODULE-IDENTITY
+ LAST-UPDATED "201301240000Z" -- Jan 24, 2013
+ ORGANIZATION "Admin"
+ CONTACT-INFO "Admin
+ E-mail: support@admin.com"
+
+ DESCRIPTION "gbn PortSecurity Enterprise MIB definition."
+
+ REVISION "201301240000Z" -- Jan 24, 2013
+ DESCRIPTION "Initial MIB creation."
+
+ ::= { gbnL2Switch 8 }
+
+
+------------------------------------------------------------------------------
+-- Textual Conventions (i.e., these do not affect object encoding):
+------------------------------------------------------------------------------
+ --
+ -- "DURABLE":
+ -- Objects that are saved across a system reset and/or power cycle
+ -- are noted as "DURABLE" for convenience in the DESCRIPTION
+ -- section of the object definition. Code must be explicitly
+ -- written to implement these DURABLE objects.
+ --
+
+------------------------------------------------------------------------------
+-- define groups in gbn-PortSecurity-MIB
+
+portSecurityNotifications OBJECT IDENTIFIER ::= { gbnL2PortSecurityMib 0 }
+
+ portSecurityPortTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF PortSecurityPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of information of ports."
+ REFERENCE
+ "9.6.1"
+ ::= { gbnL2PortSecurityMib 1 }
+
+ portSecurityPortEntry OBJECT-TYPE
+ SYNTAX PortSecurityPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of information of ports."
+ INDEX { portSecurityPortNum }
+ ::= { portSecurityPortTable 1 }
+
+ PortSecurityPortEntry ::=
+ SEQUENCE {
+ portSecurityPortNum
+ Unsigned32,
+ portSecurityEnable
+ TruthValue,
+ portSecurityMaxNum
+ Integer32,
+ portSecurityCurrentNum
+ Integer32,
+ portSecurityViolationMode
+ INTEGER,
+ portSecurityAgingStatic
+ TruthValue,
+ portSecurityAgingTime
+ Integer32,
+ portSecuritySticky
+ TruthValue,
+ portSecurityShutdown
+ TruthValue,
+ portSecurityRecovery
+ TruthValue,
+ portSecurityRecoveryTime
+ Integer32
+ }
+
+ portSecurityPortNum OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Port number associated with this Port."
+ ::= { portSecurityPortEntry 1 }
+
+
+ portSecurityEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "Enable/disable port security of this Port.default is disabled."
+ ::= { portSecurityPortEntry 2 }
+
+ portSecurityMaxNum OBJECT-TYPE
+ SYNTAX Integer32 (0..4000)
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "Max secure mac address.default is 0."
+ ::= { portSecurityPortEntry 3 }
+
+ portSecurityCurrentNum OBJECT-TYPE
+ SYNTAX Integer32 (0..4000)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Current mac address."
+ ::= { portSecurityPortEntry 4 }
+
+ portSecurityViolationMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ protect(0), -- drop packets
+ restrict(1), -- drop packets, send trap
+ shutdown(2) -- drop packets, send trap, shutdown port
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "action when receive illegal packets.default is protect."
+ ::= { portSecurityPortEntry 5 }
+
+ portSecurityAgingStatic OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "enable static mac aging.default is false."
+ ::= { portSecurityPortEntry 6 }
+
+ portSecurityAgingTime OBJECT-TYPE
+ SYNTAX Integer32 (1..1440)
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "value of aging time.default is 1 minute"
+ ::= { portSecurityPortEntry 7 }
+
+ portSecuritySticky OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "enable sticky function.default is false."
+ ::= { portSecurityPortEntry 8 }
+
+ portSecurityShutdown OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "whether port is shutdown by port-security."
+ ::= { portSecurityPortEntry 9 }
+
+ portSecurityRecovery OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "whether port auto recovery after shutdown."
+ ::= { portSecurityPortEntry 10 }
+
+ portSecurityRecoveryTime OBJECT-TYPE
+ SYNTAX Integer32 (1..3660)
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "value of auto recovery time.default is 5 minute"
+ ::= { portSecurityPortEntry 11 }
+
+ portSecurityMacRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF PortSecurityMacRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of mac rules of ports."
+ REFERENCE
+ "9.6.1"
+ ::= { gbnL2PortSecurityMib 2 }
+
+ portSecurityMacRuleEntry OBJECT-TYPE
+ SYNTAX PortSecurityMacRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of mac rules of ports."
+ INDEX { portSecurityMacRulePortNum, portSecurityMacRuleMac }
+ ::= { portSecurityMacRuleTable 1 }
+
+ PortSecurityMacRuleEntry ::=
+ SEQUENCE {
+ portSecurityMacRulePortNum
+ Unsigned32,
+ portSecurityMacRuleMac
+ MacAddress,
+ portSecurityMacRuleAction
+ INTEGER,
+ portSecurityMacRuleVid
+ Integer32,
+ portSecurityMacRuleIpv4
+ IpAddress,
+ portSecurityMacRuleType
+ INTEGER,
+ portsecurityMacRuleRowStatus
+ RowStatus
+ }
+
+ portSecurityMacRulePortNum OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Port number associated with this Port."
+ ::= { portSecurityMacRuleEntry 1 }
+
+ portSecurityMacRuleMac OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "mac address."
+ ::= { portSecurityMacRuleEntry 2 }
+
+ portSecurityMacRuleAction OBJECT-TYPE
+ SYNTAX INTEGER {
+ permit(0),
+ deny(1),
+ sticky(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "forward action of mac address."
+ ::= { portSecurityMacRuleEntry 3 }
+
+ portSecurityMacRuleVid OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "vlan id of mac address.0 means no configured."
+ ::= { portSecurityMacRuleEntry 4 }
+
+ portSecurityMacRuleIpv4 OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "vlan if of mac address.0.0.0.0 means no configured."
+ ::= { portSecurityMacRuleEntry 5 }
+
+ portSecurityMacRuleType OBJECT-TYPE
+ SYNTAX INTEGER {
+ mac(0),
+ macvid(1),
+ macip(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "type of mac address."
+ ::= { portSecurityMacRuleEntry 6 }
+
+ portsecurityMacRuleRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "use to create or delete a rule.step:1)portsecurityMacRuleRowStatus with value 5(create and wait);2)other mib needed;
+ for mac rule just portSecurityMacRuleType and portSecurityMacRuleAction, for mac+vid rule just portSecurityMacRuleType, portSecurityMacRuleAction,
+ and portSecurityMacRuleVid, for mac+ip rule just portSecurityMacRuleType, portSecurityMacRuleAction, and portSecurityMacRuleIpv4;
+ 3)portsecurityMacRuleRowStatus with value 4(create and go) to create, or portsecurityMacRuleRowStatus with value 6(destroy) to delete"
+ ::= { portSecurityMacRuleEntry 7 }
+
+ portSecurityIpRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF PortSecurityIpRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of ip rules of ports."
+ REFERENCE
+ "9.6.1"
+ ::= { gbnL2PortSecurityMib 3 }
+
+ portSecurityIpRuleEntry OBJECT-TYPE
+ SYNTAX PortSecurityIpRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of ip rules of ports."
+ INDEX { portSecurityIpRulePortNum, portSecurityIpRuleIpv4Start, portSecurityIpRuleIpv4End }
+ ::= { portSecurityIpRuleTable 1 }
+
+ PortSecurityIpRuleEntry ::=
+ SEQUENCE {
+ portSecurityIpRulePortNum
+ Unsigned32,
+ portSecurityIpRuleIpv4Start
+ IpAddress,
+ portSecurityIpRuleIpv4End
+ IpAddress,
+ portSecurityIpRuleAction
+ INTEGER,
+ portsecurityIpRuleRowStatus
+ RowStatus
+ }
+
+ portSecurityIpRulePortNum OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Port number associated with this Port."
+ ::= { portSecurityIpRuleEntry 1 }
+
+ portSecurityIpRuleIpv4Start OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "start ip address of this rule."
+ ::= { portSecurityIpRuleEntry 2 }
+
+ portSecurityIpRuleIpv4End OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "end ip address of this rule."
+ ::= { portSecurityIpRuleEntry 3 }
+
+ portSecurityIpRuleAction OBJECT-TYPE
+ SYNTAX INTEGER {
+ permit(0),
+ deny(1)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "forward action of ip address."
+ ::= { portSecurityIpRuleEntry 4 }
+
+ portsecurityIpRuleRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "use to create or delete a rule.step:1)portsecurityIpRuleRowStatus with value 5(create and wait);2)portSecurityIpRuleAction;
+ 3)portsecurityIpRuleRowStatus with value 4(create and go) to create, or portsecurityIpRuleRowStatus with value 6(destroy) to delete"
+ ::= { portSecurityIpRuleEntry 5 }
+
+ portSecurityActiveMacTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF PortSecurityActiveMacEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of active mac."
+ REFERENCE
+ "9.6.1"
+ ::= { gbnL2PortSecurityMib 4 }
+
+ portSecurityActiveMacEntry OBJECT-TYPE
+ SYNTAX PortSecurityActiveMacEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "table of active mac."
+ INDEX { portSecurityActiveMacDevice, portSecurityActiveMacMacAddr }
+ ::= { portSecurityActiveMacTable 1 }
+
+ PortSecurityActiveMacEntry ::=
+ SEQUENCE {
+ portSecurityActiveMacDevice
+ Integer32,
+ portSecurityActiveMacMacAddr
+ MacAddress,
+ portSecurityActiveMacPortNum
+ Unsigned32,
+ portSecurityActiveMacAction
+ INTEGER,
+ portSecurityActiveMacVid
+ Integer32,
+ portSecurityActiveMacIpv4
+ IpAddress,
+ portSecurityActiveMacType
+ INTEGER,
+ }
+
+ portSecurityActiveMacDevice OBJECT-TYPE
+ SYNTAX Integer32 (0..7)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "member unit of the switch."
+ ::= { portSecurityActiveMacEntry 0 }
+
+ portSecurityActiveMacMacAddr OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "mac address."
+ ::= { portSecurityActiveMacEntry 1 }
+
+ portSecurityActiveMacPortNum OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Port number associated with this Port."
+ ::= { portSecurityActiveMacEntry 2 }
+
+ portSecurityActiveMacAction OBJECT-TYPE
+ SYNTAX INTEGER {
+ permit(0),
+ deny(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "forward action of ip address."
+ ::= { portSecurityActiveMacEntry 3 }
+
+ portSecurityActiveMacVid OBJECT-TYPE
+ SYNTAX Integer32 (1..4094)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vlan id of mac address."
+ ::= { portSecurityActiveMacEntry 4 }
+
+ portSecurityActiveMacIpv4 OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vlan if of mac address.0.0.0.0 means no information."
+ ::= { portSecurityActiveMacEntry 5 }
+
+ portSecurityActiveMacType OBJECT-TYPE
+ SYNTAX INTEGER {
+ mac(0),
+ macvid(1),
+ macip(2),
+ ip(3),
+ learned(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "type of mac address."
+ ::= { portSecurityActiveMacEntry 6 }
+
+--
+-- Notifications Section
+--
+--
+
+ portSecurityMacDenyNotification NOTIFICATION-TYPE
+ OBJECTS { portSecurityActiveMacPortNum, portSecurityActiveMacVid, portSecurityActiveMacIpv4, portSecurityActiveMacType }
+ STATUS current
+ DESCRIPTION
+ " This notification indicates that a mac address matching a deny rule."
+ ::= { portSecurityNotifications 1 }
+
+ portSecurityMaxDenyNotification NOTIFICATION-TYPE
+ OBJECTS { portSecurityCurrentNum }
+ STATUS current
+ DESCRIPTION
+ " This notification indicates that current learned mac address number is bigger than max number."
+ ::= { portSecurityNotifications 2 }
+
+ portSecurityShutdownNotification NOTIFICATION-TYPE
+ OBJECTS { portSecurityShutdown }
+ STATUS current
+ DESCRIPTION
+ " This notification indicates that port is shutdown by port-security."
+ ::= { portSecurityNotifications 3 }
+
+--
+-- END of gbn-PortSecurity-MIB
+--
+
+END
+
|