diff options
Diffstat (limited to 'MIBS/ibm/IBMIROCAUTH-MIB')
| -rw-r--r-- | MIBS/ibm/IBMIROCAUTH-MIB | 585 |
1 files changed, 585 insertions, 0 deletions
diff --git a/MIBS/ibm/IBMIROCAUTH-MIB b/MIBS/ibm/IBMIROCAUTH-MIB new file mode 100644 index 0000000..b21f9eb --- /dev/null +++ b/MIBS/ibm/IBMIROCAUTH-MIB @@ -0,0 +1,585 @@ +-- MIB created 5/06/99 21:06:00, by +-- SMIC (the next generation) version 1.6.29, November 22, 1994. + +IBMIROCAUTH-MIB DEFINITIONS ::= BEGIN + +-- From file: "ibmauth.mi2" +-- Compile options "G A T M" + +IMPORTS + Counter32, Gauge32, Integer32, TimeTicks, IpAddress + FROM SNMPv2-SMI-v1 + OBJECT-TYPE + FROM RFC-1212 + TRAP-TYPE + FROM RFC-1215 + DisplayString, PhysAddress, TruthValue, RowStatus, + AutonomousType, TestAndIncr + FROM SNMPv2-TC-v1 + enterprises + FROM RFC1155-SMI; + +ibmIROCconfigAuth OBJECT IDENTIFIER ::= { ibmIROCconfig 2 } +-- MODULE-IDENTITY +-- LastUpdated +-- 9808050900Z +-- OrgName +-- IBM +-- ContactInfo +-- David D. Chen +-- Joe B. Kerr +-- IBM Corporation +-- 800 Park, Highway 54 +-- Research Triangle Park, NC 27709-9990 +-- Tel: 1 919 254 6182 +-- E-mail: ddchen@us.ibm.com +-- Descr +-- IBM Authenication. +-- RevDate +-- 9808050900Z +-- RevDescr +-- Added the virtual connection configuration parameters, +-- and define Enabled textual convention. +-- RevDate +-- 9805050900Z +-- RevDescr +-- The initial version of this MIB module. + +ibm OBJECT IDENTIFIER ::= { enterprises 2 } +ibmProd OBJECT IDENTIFIER ::= { ibm 6 } +ibm2210 OBJECT IDENTIFIER ::= { ibmProd 72 } +ibmIROC OBJECT IDENTIFIER ::= { ibmProd 119 } +ibmIROCconfig OBJECT IDENTIFIER ::= { ibmIROC 7 } +ibmAuthTraps OBJECT IDENTIFIER ::= { ibmIROCconfigAuth 0 } +ibmAuthMIB OBJECT IDENTIFIER ::= { ibmIROCconfigAuth 1 } +ibmAuthDomains OBJECT IDENTIFIER ::= { ibmIROCconfigAuth 2 } +ibmAuthConformance OBJECT IDENTIFIER ::= { ibmIROCconfigAuth 3 } +ibmAuthGeneral OBJECT IDENTIFIER ::= { ibmAuthMIB 1 } +authCompliances OBJECT IDENTIFIER ::= { ibmAuthConformance 1 } +authGroups OBJECT IDENTIFIER ::= { ibmAuthConformance 2 } + +RowDefinition ::= INTEGER { + active(1), + notReady(3), + createAndGo(4), + createAndWait(5), + destroy(6) + } +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- This textual convention is used to describe a slight variation on +-- the RowStatus textual convention, defined in SNMPv2-TC. An +-- object with the syntax of RowDefinition behaves as defined in +-- RowStatus, with the following exceptions: +-- - Upon receipt of an SNMP SET request containing rowDefinition=active, +-- transition from 'notReady' to 'active' occurs +-- - the state of notInService does not exist. In this environment, +-- either the act of row creation is complete and therefore +-- the row is in 'active' state, or the act of row creation +-- is not complete, and therefore the row is in 'notReady' state. + +Enabled ::= INTEGER { + disabled(0), + enabled(1) + } +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- This textual convention is used to indicate if a function is +-- enabled or disabled. + +DateAndTime2 ::= OCTET STRING(SIZE(0..11)) +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- A date-time specification that follows the convention +-- defined in SNMPv2-TC for DateAndTime, except allowing +-- for a zero-length string if the date is unknown or not set. + +SecureOctetString ::= OCTET STRING(SIZE(0..65535)) +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- This syntax describes an octet string to which a security +-- mechanism may be applied. The description of the security +-- mechanism is provided by a single octet security descriptor +-- field that preceeds the secured data. The level of security +-- on the data and the security mechanism used to protect the +-- data may vary according to the security descriptor field. +-- +-- The security descriptor field consists of the first +-- octet of the octet string data field. The data to be secured +-- follows according to the security method as shown below: +-- 1 octet 0 or more octets +-- ================================================================= +-- | security descriptor | data field according to security method | +-- ================================================================= +-- +-- The following values are assigned to the security descriptor +-- field and the corresponding security algorithm. +-- (1) 0x00 (data value not accessible) +-- The appropriate key information has not been provided or setup. +-- The octet string consists only of the security mechanism +-- descriptor field. No data field is provided. +-- (2) 0x01 (no authentication, no encryption) +-- The data field octets flow as clear-text immediately after the +-- security descriptor octet. +-- (3) 0x02 (DES/CBC and SHA-1: encryption and authentication) +-- The data field octets flow according to the algorithym +-- below immediately after the security descriptor octet. +-- The data field octets are treated in the following manner: +-- +-- FIELD OCTET NUMBER DESCRIPTION SECURITY +-- =========================================================== +-- 0x02 1 security descriptor clear +-- +DES seed 2..9 initialization vector clear +-- +DESEncryptedData 10..10+n secured data encrypted +-- +SHA-1 digest 10+n+1+20 secured data digest +-- where: +-- + denotes concatenation +-- the number in parentheses denotes the length of the field +-- DES IV seed (Initialization Vector) = 8 byte non-reoccurring value +-- DES IV (Initialization Vector) = SysUpTime(4) + SeqNo(4) +-- DESEncryptedData = ASN1_Tag(1)+Length(2)+Data+padding +-- ASN1_Tag = ASN1 tag, e.g., INTEGER(0x02), OCTETSTRING(0x04) +-- Length = the length of the data to be encrypted +-- Data = the data to be encrypted +-- padding = the DESEncryptedData is on 8-octet boundary +-- SHA-1digest : SHA-1 digest consisting of: +-- (0x02(1) + DESseed(8) + DESEncryptedData(*8) + OID) +-- OID : +-- the Object Identifier represented as a concatenation of 4 byte +-- arrays for each level of the naming tree used in the OID. + +SecureDisplayString ::= OCTET STRING(SIZE(0..65535)) +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- Same as SecureOctetString, with DisplayString content. + +SecureRowDefinition ::= OCTET STRING(SIZE(0..65535)) +-- TEXTUAL-CONVENTION +-- Status +-- mandatory +-- Descr +-- Same as SecureOctetString, with RowDefinition content. + +authUserProfileTable OBJECT-TYPE + SYNTAX SEQUENCE OF AuthUserProfileEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "Table of named profiles. Used to collect information + about tunnel profiles and user, e.g., PPP, related + information." + ::= { ibmAuthMIB 2 } + +authUserProfileEntry OBJECT-TYPE + SYNTAX AuthUserProfileEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "Each entry is a separate profile with associated attributes." + INDEX { IMPLIED authUserProfileName } + ::= { authUserProfileTable 1 } + +AuthUserProfileEntry ::= SEQUENCE { + authUserProfileName DisplayString, + authUserProfileRowDefinition SecureRowDefinition, + authUserProfilePassword SecureDisplayString, + authUserProfileType OCTET STRING, + authUserProfileMaxConnectTime INTEGER, + authUserProfileCallbackType INTEGER, + authUserProfileCallbackNum DisplayString, + authUserProfileDialout Enabled, + authUserProfileEncryptionKey SecureOctetString, + authUserProfileStatus INTEGER, + authUserProfileExpirationDate DateAndTime2, + authUserProfileGLoginAllowed INTEGER, + authUserProfileGLoginsAttempts INTEGER, + authUserProfileLoginAttempts INTEGER, + authUserProfileLoginFails INTEGER, + authUserProfileLoginLock INTEGER, + authUserProfileIpType INTEGER, + authUserProfileIpAddr IpAddress, + authUserProfileIpMask IpAddress, + authUserProfileHostName DisplayString, + authUserProfileSharedSecurity SecureDisplayString, + authUserProfileTunneled Enabled, + authUserProfileTunnelType INTEGER, + authUserProfileTunnelMediumType INTEGER, + authUserProfileTunnelServer DisplayString, + authUserProfileVcEnabled Enabled, + authUserProfileVcMaxSuspendTime INTEGER, + authUserProfileVcIdleTime INTEGER + } + +authUserProfileName OBJECT-TYPE + SYNTAX DisplayString(SIZE(1..64)) +-- Rsyntax OCTET STRING(SIZE(1..64)) + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "For ppp user, it is the name of the user. For tunnel + connection definition, it is the host name of the remote + tunnel end point." + ::= { authUserProfileEntry 1 } + +authUserProfileRowDefinition OBJECT-TYPE + SYNTAX SecureRowDefinition +-- Rsyntax OCTET STRING(SIZE(0..65535)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The status of the row." + ::= { authUserProfileEntry 2 } + +authUserProfilePassword OBJECT-TYPE + SYNTAX SecureDisplayString +-- Rsyntax OCTET STRING(SIZE(0..65535)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The password for this user. It is used for PPP and SNMP + users but not tunnel profiles." + ::= { authUserProfileEntry 3 } + +authUserProfileType OBJECT-TYPE + SYNTAX OCTET STRING(SIZE(1)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The profile type. '80'H represents login. '40'H + represents tunnel, and '20'H represents ppp, '10'H + represents snmp. It is implementation choice to + restrict to one type per entry (i.e., can't be + combination of these types) or not support certain + types of users." + DEFVAL { '20'h } + ::= { authUserProfileEntry 4 } + +authUserProfileMaxConnectTime OBJECT-TYPE + SYNTAX INTEGER(-1..2147483647) +-- Units +-- seconds + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The max connection allowed per connection. A value of + zero is using the interface default, and negative one (-1) + indicates no limits." + DEFVAL { 0 } + ::= { authUserProfileEntry 5 } + +authUserProfileCallbackType OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + roaming(1), + required(2) + } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The type of callback." + DEFVAL { disabled } + ::= { authUserProfileEntry 6 } + +authUserProfileCallbackNum OBJECT-TYPE + SYNTAX DisplayString(SIZE(0..30)) +-- Rsyntax OCTET STRING(SIZE(0..30)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The dial back phone number when callback type is + required. An octet string of length zero indicates + the dial back phone number is not set." + DEFVAL { "" } + ::= { authUserProfileEntry 7 } + +authUserProfileDialout OBJECT-TYPE + SYNTAX Enabled +-- Rsyntax INTEGER { +-- disabled(0), +-- enabled(1) +-- } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "A user on the network may be requesting permission + to use dialout function. This flag attached to the + user profile determines whether the user is able to + dialout." + DEFVAL { disabled } + ::= { authUserProfileEntry 8 } + +authUserProfileEncryptionKey OBJECT-TYPE + SYNTAX SecureOctetString +-- Rsyntax OCTET STRING(SIZE(0..65535)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The encryption key. An octet string of length zero indicates + the encryption key is not set. The key is used when ECP + is negotiated for this user." + DEFVAL { ''h } + ::= { authUserProfileEntry 9 } + +authUserProfileStatus OBJECT-TYPE + SYNTAX INTEGER { + enabled(1), + disabled(2), + locked(3) + } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The status of the user profile entry. By setting the + value to 'enabled' from a non-enabled status will reset + the following statistics: authUserProfileGLoginsAttempts, + authUserProfileLoginAttempts, authUserProfileLoginFails, + authUserProfileLoginLock." + DEFVAL { enabled } + ::= { authUserProfileEntry 10 } + +authUserProfileExpirationDate OBJECT-TYPE + SYNTAX DateAndTime2 +-- Rsyntax OCTET STRING(SIZE(0..11)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The date and time when the password will be expired. That is, + the user will no longer be allowed to dial in after this time. + A value of zero length indicates no expiration." + DEFVAL { ''h } + ::= { authUserProfileEntry 11 } + +authUserProfileGLoginAllowed OBJECT-TYPE + SYNTAX INTEGER(0..2147483647) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Number of grace logins is allowed after expiration + Some local maximum may apply." + DEFVAL { 0 } + ::= { authUserProfileEntry 12 } + +authUserProfileGLoginsAttempts OBJECT-TYPE + SYNTAX INTEGER(0..2147483647) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Number of grace login attempted is attempted after the + expiration of this user profile. Some local maximum may apply." + ::= { authUserProfileEntry 13 } + +authUserProfileLoginAttempts OBJECT-TYPE + SYNTAX INTEGER(0..2147483647) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Total number of login attempted, sucessfully or not." + ::= { authUserProfileEntry 14 } + +authUserProfileLoginFails OBJECT-TYPE + SYNTAX INTEGER(0..2147483647) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Total number of login failed." + ::= { authUserProfileEntry 15 } + +authUserProfileLoginLock OBJECT-TYPE + SYNTAX INTEGER(0..2147483647) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Number of consecutive failed logins attempted. The number + is reset to zero after a successful login." + ::= { authUserProfileEntry 16 } + +authUserProfileIpType OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + single(1), + networkDials(3), + singleDials(4) + } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The Ip network type of Dials." + DEFVAL { single } + ::= { authUserProfileEntry 17 } + +authUserProfileIpAddr OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "IP address for this user." + DEFVAL { 0.0.0.0 } + ::= { authUserProfileEntry 18 } + +authUserProfileIpMask OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "IP mask for this user." + DEFVAL { 255.255.255.255 } + ::= { authUserProfileEntry 19 } + +authUserProfileHostName OBJECT-TYPE + SYNTAX DisplayString(SIZE(0..16)) +-- Rsyntax OCTET STRING(SIZE(0..16)) +-- Units +-- hundredths of a second + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The host name for this user." + DEFVAL { "" } + ::= { authUserProfileEntry 20 } + +authUserProfileSharedSecurity OBJECT-TYPE + SYNTAX SecureDisplayString +-- Rsyntax OCTET STRING(SIZE(0..65535)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The shared security between two L2TP Peers." + ::= { authUserProfileEntry 21 } + +authUserProfileTunneled OBJECT-TYPE + SYNTAX Enabled +-- Rsyntax INTEGER { +-- disabled(0), +-- enabled(1) +-- } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The value of enabled means this PPP user profile + is a tunneled user." + DEFVAL { disabled } + ::= { authUserProfileEntry 22 } + +authUserProfileTunnelType OBJECT-TYPE + SYNTAX INTEGER { + l2tp(3) + } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Tunneling Protocol." + DEFVAL { l2tp } + ::= { authUserProfileEntry 23 } + +authUserProfileTunnelMediumType OBJECT-TYPE + SYNTAX INTEGER { + ip(1) + } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Tunneling Medium." + DEFVAL { ip } + ::= { authUserProfileEntry 24 } + +authUserProfileTunnelServer OBJECT-TYPE + SYNTAX DisplayString(SIZE(0..15)) +-- Rsyntax OCTET STRING(SIZE(0..15)) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Tunnel-Server endpoint address. For IP protocol, it + is the server IP address in dotted notation." + DEFVAL { "" } + ::= { authUserProfileEntry 25 } + +authUserProfileVcEnabled OBJECT-TYPE + SYNTAX Enabled +-- Rsyntax INTEGER { +-- disabled(0), +-- enabled(1) +-- } + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The value of enabled means this PPP user profile + is a virtual connection user." + DEFVAL { disabled } + ::= { authUserProfileEntry 26 } + +authUserProfileVcMaxSuspendTime OBJECT-TYPE + SYNTAX INTEGER(-1..2147483647) +-- Units +-- hours + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The maximum amount of time (in hours) that the device will + allow a virtual connection in suspend mode. After that, the + device will remove the all states of the virtual connection. + A value of -1 means use the box default value, 0 means no limits. + It is device choice to provide reasonable minimum and maximum + suspend time values." + DEFVAL { -1 } + ::= { authUserProfileEntry 27 } + +authUserProfileVcIdleTime OBJECT-TYPE + SYNTAX INTEGER(-1..2147483647) +-- Units +-- seconds + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The device will instruct the dial-in station to suspend the + real connection after the inactivity for this amount of time. + A value of -1 means use the box default value, 0 means no limits. + It is device choice to support 0, and provide reasonable + minimum and maximum idle time values." + DEFVAL { -1 } + ::= { authUserProfileEntry 28 } + +authUserProfileGroup OBJECT IDENTIFIER ::= { authGroups 1 } +-- OBJECT-GROUP +-- Status +-- mandatory +-- Descr +-- Conformance group for authentication user profile. +-- objects +-- authUserProfileName, authUserProfilePassword, +-- authUserProfileType, authUserProfileMaxConnectTime, +-- authUserProfileCallbackType, authUserProfileCallbackNum, +-- authUserProfileDialout, authUserProfileEncryptionKey, +-- authUserProfileStatus, authUserProfileExpirationDate, +-- authUserProfileGLoginAllowed, authUserProfileGLoginsAttempts, +-- authUserProfileLoginAttempts, authUserProfileLoginFails, +-- authUserProfileLoginLock, authUserProfileIpType, +-- authUserProfileIpAddr, authUserProfileIpMask, +-- authUserProfileHostName, authUserProfileTunneled, +-- authUserProfileTunnelType, authUserProfileTunnelMediumType, +-- authUserProfileTunnelServer, authUserProfileVcEnabled, +-- authUserProfileVcMaxSuspendTime, authUserProfileVcIdleTime + +authUserProfileCompliance OBJECT IDENTIFIER ::= { authCompliances 1 } +-- MODULE-COMPLIANCE +-- Status +-- mandatory +-- Descr +-- The core compliance statement for all authentication. +-- Module +-- >>current<< +-- MandGroup +-- authUserProfileGroup + + +END + |