From 98a672123c7872f6b9b75a9a2b6bb3aea504de6a Mon Sep 17 00:00:00 2001 From: David Leutgeb Date: Tue, 5 Dec 2023 12:25:34 +0100 Subject: Initial commit --- MIBS/screenos/NETSCREEN-ADDR-MIB | 142 ++ MIBS/screenos/NETSCREEN-BGP4-MIB | 784 +++++++++ MIBS/screenos/NETSCREEN-CERTIFICATE-MIB | 217 +++ MIBS/screenos/NETSCREEN-CHASSIS-MIB | 272 ++++ MIBS/screenos/NETSCREEN-IDS-MIB | 880 ++++++++++ MIBS/screenos/NETSCREEN-INTERFACE-MIB | 696 ++++++++ MIBS/screenos/NETSCREEN-IP-ARP-MIB | 184 +++ MIBS/screenos/NETSCREEN-IPPOOL-MIB | 125 ++ MIBS/screenos/NETSCREEN-NAT-MIB | 536 +++++++ MIBS/screenos/NETSCREEN-NSRP-MIB | 1182 ++++++++++++++ MIBS/screenos/NETSCREEN-OSPF-MIB | 2397 +++++++++++++++++++++++++++ MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB | 444 +++++ MIBS/screenos/NETSCREEN-POLICY-MIB | 583 +++++++ MIBS/screenos/NETSCREEN-PRODUCTS-MIB | 117 ++ MIBS/screenos/NETSCREEN-QOS-MIB | 174 ++ MIBS/screenos/NETSCREEN-RESOURCE-MIB | 299 ++++ MIBS/screenos/NETSCREEN-RIPv2-MIB | 567 +++++++ MIBS/screenos/NETSCREEN-SCHEDULE-MIB | 253 +++ MIBS/screenos/NETSCREEN-SERVICE-MIB | 323 ++++ MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB | 202 +++ MIBS/screenos/NETSCREEN-SET-AUTH-MIB | 404 +++++ MIBS/screenos/NETSCREEN-SET-DHCP-MIB | 134 ++ MIBS/screenos/NETSCREEN-SET-DNS-MIB | 90 ++ MIBS/screenos/NETSCREEN-SET-EMAIL-MIB | 102 ++ MIBS/screenos/NETSCREEN-SET-GEN-MIB | 130 ++ MIBS/screenos/NETSCREEN-SET-GLB-MIB | 272 ++++ MIBS/screenos/NETSCREEN-SET-LOG-MIB | 197 +++ MIBS/screenos/NETSCREEN-SET-SNMP-MIB | 176 ++ MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB | 102 ++ MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB | 133 ++ MIBS/screenos/NETSCREEN-SET-WEB-MIB | 150 ++ MIBS/screenos/NETSCREEN-SMI | 97 ++ MIBS/screenos/NETSCREEN-TRAP-MIB | 548 +++++++ MIBS/screenos/NETSCREEN-UAC-MIB | 124 ++ MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB | 240 +++ MIBS/screenos/NETSCREEN-VPN-IKE-MIB | 190 +++ MIBS/screenos/NETSCREEN-VPN-L2TP-MIB | 494 ++++++ MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB | 219 +++ MIBS/screenos/NETSCREEN-VPN-MON-MIB | 537 +++++++ MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB | 186 +++ MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB | 208 +++ MIBS/screenos/NETSCREEN-VPN-USER-MIB | 466 ++++++ MIBS/screenos/NETSCREEN-VR-BGP4-MIB | 787 +++++++++ MIBS/screenos/NETSCREEN-VR-MIB | 157 ++ MIBS/screenos/NETSCREEN-VR-OSPF-MIB | 2410 ++++++++++++++++++++++++++++ MIBS/screenos/NETSCREEN-VR-RIPv2-MIB | 567 +++++++ MIBS/screenos/NETSCREEN-VSYS-MIB | 98 ++ MIBS/screenos/NETSCREEN-ZONE-MIB | 122 ++ 48 files changed, 19717 insertions(+) create mode 100644 MIBS/screenos/NETSCREEN-ADDR-MIB create mode 100644 MIBS/screenos/NETSCREEN-BGP4-MIB create mode 100644 MIBS/screenos/NETSCREEN-CERTIFICATE-MIB create mode 100644 MIBS/screenos/NETSCREEN-CHASSIS-MIB create mode 100644 MIBS/screenos/NETSCREEN-IDS-MIB create mode 100644 MIBS/screenos/NETSCREEN-INTERFACE-MIB create mode 100644 MIBS/screenos/NETSCREEN-IP-ARP-MIB create mode 100644 MIBS/screenos/NETSCREEN-IPPOOL-MIB create mode 100644 MIBS/screenos/NETSCREEN-NAT-MIB create mode 100644 MIBS/screenos/NETSCREEN-NSRP-MIB create mode 100644 MIBS/screenos/NETSCREEN-OSPF-MIB create mode 100644 MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB create mode 100644 MIBS/screenos/NETSCREEN-POLICY-MIB create mode 100644 MIBS/screenos/NETSCREEN-PRODUCTS-MIB create mode 100644 MIBS/screenos/NETSCREEN-QOS-MIB create mode 100644 MIBS/screenos/NETSCREEN-RESOURCE-MIB create mode 100644 MIBS/screenos/NETSCREEN-RIPv2-MIB create mode 100644 MIBS/screenos/NETSCREEN-SCHEDULE-MIB create mode 100644 MIBS/screenos/NETSCREEN-SERVICE-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-AUTH-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-DHCP-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-DNS-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-EMAIL-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-GEN-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-GLB-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-LOG-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-SNMP-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB create mode 100644 MIBS/screenos/NETSCREEN-SET-WEB-MIB create mode 100644 MIBS/screenos/NETSCREEN-SMI create mode 100644 MIBS/screenos/NETSCREEN-TRAP-MIB create mode 100644 MIBS/screenos/NETSCREEN-UAC-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-IKE-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-L2TP-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-MON-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB create mode 100644 MIBS/screenos/NETSCREEN-VPN-USER-MIB create mode 100644 MIBS/screenos/NETSCREEN-VR-BGP4-MIB create mode 100644 MIBS/screenos/NETSCREEN-VR-MIB create mode 100644 MIBS/screenos/NETSCREEN-VR-OSPF-MIB create mode 100644 MIBS/screenos/NETSCREEN-VR-RIPv2-MIB create mode 100644 MIBS/screenos/NETSCREEN-VSYS-MIB create mode 100644 MIBS/screenos/NETSCREEN-ZONE-MIB (limited to 'MIBS/screenos') diff --git a/MIBS/screenos/NETSCREEN-ADDR-MIB b/MIBS/screenos/NETSCREEN-ADDR-MIB new file mode 100644 index 0000000..547ebe5 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-ADDR-MIB @@ -0,0 +1,142 @@ +-- This module defines enterprise MIBs for address book +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-ADDR-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenAddr + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenAddrMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the entries in the Address Book" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenAddr 0 } + +NsAddrEntry ::= SEQUENCE +{ + nsAddrIndex Integer32, + nsAddrName DisplayString, + nsAddrVsys Integer32, + nsAddrZone Integer32, + nsAddrIpOrDomain DisplayString, + nsAddrNetmask IpAddress, + nsAddrComment DisplayString +} + +nsAddrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsAddrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The NetScreen ScreenOS classifies the addresses of all other + devices by location and netmask. For example trusted addresses + are located behind the trusted interface. This table collects + all address items that exist in ScreenOS" + ::= { netscreenAddr 1 } + +nsAddrEntry OBJECT-TYPE + SYNTAX NsAddrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Address entry collects some attributes of the address item." + INDEX + { nsAddrIndex } + ::= { nsAddrTable 1 } + +nsAddrIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each address. Its value ranges between 0 + and 65535 and may not be contiguous." + ::= { nsAddrEntry 1 } + +nsAddrName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Address item name." + ::= { nsAddrEntry 2 } + +nsAddrVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system name this address belongs to." + ::= { nsAddrEntry 3 } + +nsAddrZone OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Security zone name this address belongs to." + ::= { nsAddrEntry 4 } + +nsAddrIpOrDomain OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Address item's ip address or domain name." + ::= { nsAddrEntry 5 } + +nsAddrNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Subnet mask address use." + ::= { nsAddrEntry 6 } + +nsAddrComment OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Comments on this address." + ::= { nsAddrEntry 7 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-BGP4-MIB b/MIBS/screenos/NETSCREEN-BGP4-MIB new file mode 100644 index 0000000..0cdae97 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-BGP4-MIB @@ -0,0 +1,784 @@ +-- These MIBs were created on 1/2/2003 +-- This module defines enterprise MIBs for NS BGP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-BGP4-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, + IpAddress, Integer32, Counter32, Gauge32 + FROM SNMPv2-SMI + netscreenTrapDesc, netscreenTrapType + FROM NETSCREEN-TRAP-MIB + netscreenVR + FROM NETSCREEN-SMI; + + nsBgp MODULE-IDENTITY + LAST-UPDATED "200506032022Z" -- June 20, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module for NS-BGP-4." + ::= { netscreenVR 3 } + + -- BGP Info table. This table contains, one entry per + -- VR, information about the BGP's Version, LocalAs and Identifier. + + nsBgpInfoTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsBgpInfoEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "BGP info table. This table contains, + one entry per VR, information about + the BGP's Version, LocalAs and Identifier." + ::= { nsBgp 1 } + + nsBgpInfoEntry OBJECT-TYPE + SYNTAX NsBgpInfoEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Entry containing information about the + BGP's Version, LocalAs and Identifier" + INDEX { nsBgpInfoVRID } + ::= { nsBgpInfoTable 1 } + + NsBgpInfoEntry ::= SEQUENCE { + nsBgpInfoVersion + OCTET STRING, + nsBgpInfoLocalAs + INTEGER, + nsBgpInfoIdentifier + IpAddress, + nsBgpInfoVRID + INTEGER + } + + nsBgpInfoVersion OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (1..255)) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Vector of supported BGP protocol version + numbers. Each peer negotiates the version + from this vector. Versions are identified + via the string of bits contained within this + object. The first octet contains bits 0 to + 7, the second octet contains bits 8 to 15, + and so on, with the most significant bit + referring to the lowest bit number in the + octet (e.g., the MSB of the first octet + refers to bit 0). If a bit, i, is present + and set, then the version (i+1) of the BGP + is supported." + ::= { nsBgpInfoEntry 1 } + + nsBgpInfoLocalAs OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The local autonomous system number." + ::= { nsBgpInfoEntry 2 } + + nsBgpInfoIdentifier OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The BGP Identifier of local system." + ::= { nsBgpInfoEntry 3 } + + nsBgpInfoVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsBgpInfoEntry 4 } + + -- BGP Peer table. This table contains, one entry per + -- BGP peer, information about the BGP peer. + + nsBgpPeerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsBgpPeerEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "BGP peer table. This table contains, + one entry per BGP peer, information about + the connections with BGP peers." + ::= { nsBgp 3 } + + nsBgpPeerEntry OBJECT-TYPE + SYNTAX NsBgpPeerEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Entry containing information about the + connection with a BGP peer." + INDEX { nsBgpPeerRemoteAddr, + nsBgpPeerVRID } + ::= { nsBgpPeerTable 1 } + + NsBgpPeerEntry ::= SEQUENCE { + nsBgpPeerIdentifier + IpAddress, + nsBgpPeerState + INTEGER, + nsBgpPeerAdminStatus + INTEGER, + nsBgpPeerNegotiatedVersion + Integer32, + nsBgpPeerLocalAddr + IpAddress, + nsBgpPeerLocalPort + INTEGER, + nsBgpPeerRemoteAddr + IpAddress, + nsBgpPeerRemotePort + INTEGER, + nsBgpPeerRemoteAs + INTEGER, + nsBgpPeerInUpdates + Counter32, + nsBgpPeerOutUpdates + Counter32, + nsBgpPeerInTotalMessages + Counter32, + nsBgpPeerOutTotalMessages + Counter32, + nsBgpPeerLastError + OCTET STRING, + nsBgpPeerFsmEstablishedTransitions + Counter32, + nsBgpPeerFsmEstablishedTime + Gauge32, + nsBgpPeerConnectRetryInterval + INTEGER, + nsBgpPeerHoldTime + INTEGER, + nsBgpPeerKeepAlive + + INTEGER, + nsBgpPeerHoldTimeConfigured + INTEGER, + nsBgpPeerKeepAliveConfigured + INTEGER, + nsBgpPeerMinASOriginationInterval + INTEGER, + nsBgpPeerMinRouteAdvertisementInterval + INTEGER, + nsBgpPeerInUpdateElapsedTime + Gauge32, + nsBgpPeerVRID + INTEGER + } + + nsBgpPeerIdentifier OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The BGP Identifier of this entry's BGP + peer." + ::= { nsBgpPeerEntry 1 } + + nsBgpPeerState OBJECT-TYPE + SYNTAX INTEGER { + idle(1), + connect(2), + active(3), + opensent(4), + openconfirm(5), + established(6) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The BGP peer connection state." + ::= { nsBgpPeerEntry 2 } + + nsBgpPeerAdminStatus OBJECT-TYPE + SYNTAX INTEGER { + stop(1), + start(2) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The desired state of the BGP connection. + A transition from 'stop' to 'start' will + cause the BGP Start Event to be generated. + + A transition from 'start' to 'stop' will + cause the BGP Stop Event to be generated. + This parameter can be used to restart BGP + peer connections. Care should be used in + providing write access to this object + without adequate authentication." + ::= { nsBgpPeerEntry 3 } + + nsBgpPeerNegotiatedVersion OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The negotiated version of BGP running + between the two peers." + ::= { nsBgpPeerEntry 4 } + + nsBgpPeerLocalAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The local IP address of this entry's BGP + connection." + ::= { nsBgpPeerEntry 5 } + + nsBgpPeerLocalPort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The local port for the TCP connection + between the BGP peers." + ::= { nsBgpPeerEntry 6 } + + nsBgpPeerRemoteAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The remote IP address of this entry's BGP + peer." + ::= { nsBgpPeerEntry 7 } + + nsBgpPeerRemotePort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + + DESCRIPTION + "The remote port for the TCP connection + between the BGP peers. Note that the + objects nsBgpPeerLocalAddr, + nsBgpPeerLocalPort, nsBgpPeerRemoteAddr and + nsBgpPeerRemotePort provide the appropriate + reference to the standard MIB TCP + connection table." + ::= { nsBgpPeerEntry 8 } + + nsBgpPeerRemoteAs OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The remote autonomous system number." + ::= { nsBgpPeerEntry 9 } + + nsBgpPeerInUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of BGP UPDATE messages + received on this connection. This object + should be initialized to zero (0) when the + connection is established." + ::= { nsBgpPeerEntry 10 } + + nsBgpPeerOutUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of BGP UPDATE messages + transmitted on this connection. This + object should be initialized to zero (0) + when the connection is established." + ::= { nsBgpPeerEntry 11 } + + nsBgpPeerInTotalMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of messages received + from the remote peer on this connection. + This object should be initialized to zero + + when the connection is established." + ::= { nsBgpPeerEntry 12 } + + nsBgpPeerOutTotalMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of messages transmitted to + the remote peer on this connection. This + object should be initialized to zero when + the connection is established." + ::= { nsBgpPeerEntry 13 } + + nsBgpPeerLastError OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (2)) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The last error code and subcode seen by this + peer on this connection. If no error has + occurred, this field is zero. Otherwise, the + first byte of this two byte OCTET STRING + contains the error code, and the second byte + contains the subcode." + ::= { nsBgpPeerEntry 14 } + + nsBgpPeerFsmEstablishedTransitions OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of times the BGP FSM + transitioned into the established state." + ::= { nsBgpPeerEntry 15 } + + nsBgpPeerFsmEstablishedTime OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This timer indicates how long (in + seconds) this peer has been in the + Established state or how long + since this peer was last in the + Established state. It is set to zero when + a new peer is configured or the router is + booted." + + ::= { nsBgpPeerEntry 16 } + + nsBgpPeerConnectRetryInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the + ConnectRetry timer. The suggested value + for this timer is 120 seconds." + ::= { nsBgpPeerEntry 17 } + + nsBgpPeerHoldTime OBJECT-TYPE + SYNTAX INTEGER ( 0 | 3..65535 ) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the Hold + Timer established with the peer. The + value of this object is calculated by this + BGP speaker by using the smaller of the + value in nsBgpPeerHoldTimeConfigured and the + Hold Time received in the OPEN message. + This value must be at lease three seconds + if it is not zero (0) in which case the + Hold Timer has not been established with + the peer, or, the value of + nsBgpPeerHoldTimeConfigured is zero (0)." + ::= { nsBgpPeerEntry 18 } + + nsBgpPeerKeepAlive OBJECT-TYPE + SYNTAX INTEGER ( 0 | 1..21845 ) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the KeepAlive + timer established with the peer. The value + of this object is calculated by this BGP + speaker such that, when compared with + nsBgpPeerHoldTime, it has the same + proportion as what + nsBgpPeerKeepAliveConfigured has when + compared with nsBgpPeerHoldTimeConfigured. + If the value of this object is zero (0), + it indicates that the KeepAlive timer has + not been established with the peer, or, + the value of nsBgpPeerKeepAliveConfigured is + zero (0)." + + ::= { nsBgpPeerEntry 19 } + + nsBgpPeerHoldTimeConfigured OBJECT-TYPE + SYNTAX INTEGER ( 0 | 3..65535 ) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the Hold Time + configured for this BGP speaker with this + peer. This value is placed in an OPEN + message sent to this peer by this BGP + speaker, and is compared with the Hold + Time field in an OPEN message received + from the peer when determining the Hold + Time (nsBgpPeerHoldTime) with the peer. + This value must not be less than three + seconds if it is not zero (0) in which + case the Hold Time is NOT to be + established with the peer. The suggested + value for this timer is 90 seconds." + ::= { nsBgpPeerEntry 20 } + + nsBgpPeerKeepAliveConfigured OBJECT-TYPE + SYNTAX INTEGER ( 0 | 1..21845 ) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the + KeepAlive timer configured for this BGP + speaker with this peer. The value of this + object will only determine the + KEEPALIVE messages' frequency relative to + the value specified in + nsBgpPeerHoldTimeConfigured; the actual + time interval for the KEEPALIVE messages + is indicated by nsBgpPeerKeepAlive. A + reasonable maximum value for this timer + would be configured to be one + third of that of + nsBgpPeerHoldTimeConfigured. + If the value of this object is zero (0), + no periodical KEEPALIVE messages are sent + to the peer after the BGP connection has + been established. The suggested value for + this timer is 30 seconds." + ::= { nsBgpPeerEntry 21 } + + nsBgpPeerMinASOriginationInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the + MinASOriginationInterval timer. + The suggested value for this timer is 15 + seconds." + ::= { nsBgpPeerEntry 22 } + + nsBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Time interval in seconds for the + MinRouteAdvertisementInterval timer. + The suggested value for this timer is 30 + seconds." + ::= { nsBgpPeerEntry 23 } + + nsBgpPeerInUpdateElapsedTime OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Elapsed time in seconds since the last BGP + UPDATE message was received from the peer. + Each time nsBgpPeerInUpdates is incremented, + the value of this object is set to zero + (0)." + ::= { nsBgpPeerEntry 24 } + + nsBgpPeerVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsBgpPeerEntry 25 } + + + -- BGP-4 Received Path Attribute Table. This table + -- contains, one entry per path to a network, path + -- attributes received from all peers running BGP-4. + + nsBgp4PathAttrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsBgp4PathAttrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The BGP-4 Received Path Attribute Table + contains information about paths to + destination networks received from all + BGP4 peers." + ::= { nsBgp 6 } + + nsBgp4PathAttrEntry OBJECT-TYPE + SYNTAX NsBgp4PathAttrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information about a path to a network." + INDEX { nsBgp4PathAttrIpAddrPrefix, + nsBgp4PathAttrIpAddrPrefixLen, + nsBgp4PathAttrPeer, + nsBgp4PathAttrVRID } + ::= { nsBgp4PathAttrTable 1 } + + NsBgp4PathAttrEntry ::= SEQUENCE { + nsBgp4PathAttrPeer + IpAddress, + nsBgp4PathAttrIpAddrPrefixLen + INTEGER, + nsBgp4PathAttrIpAddrPrefix + IpAddress, + nsBgp4PathAttrOrigin + INTEGER, + nsBgp4PathAttrASPathSegment + + OCTET STRING, + nsBgp4PathAttrNextHop + IpAddress, + nsBgp4PathAttrMultiExitDisc + INTEGER, + nsBgp4PathAttrLocalPref + INTEGER, + nsBgp4PathAttrAtomicAggregate + INTEGER, + nsBgp4PathAttrAggregatorAS + INTEGER, + nsBgp4PathAttrAggregatorAddr + IpAddress, + nsBgp4PathAttrCalcLocalPref + INTEGER, + nsBgp4PathAttrBest + INTEGER, + nsBgp4PathAttrUnknown + OCTET STRING, + nsBgp4PathAttrVRID + INTEGER + + } + + nsBgp4PathAttrPeer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address of the peer where the path + information was learned." + ::= { nsBgp4PathAttrEntry 1 } + + nsBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE + SYNTAX INTEGER (0..32) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Length in bits of the IP address prefix + in the Network Layer Reachability + Information field." + ::= { nsBgp4PathAttrEntry 2 } + + nsBgp4PathAttrIpAddrPrefix OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "An IP address prefix in the Network Layer + Reachability Information field. This object + + is an IP address containing the prefix with + length specified by + nsBgp4PathAttrIpAddrPrefixLen. + Any bits beyond the length specified by + nsBgp4PathAttrIpAddrPrefixLen are zeroed." + ::= { nsBgp4PathAttrEntry 3 } + + nsBgp4PathAttrOrigin OBJECT-TYPE + SYNTAX INTEGER { + igp(1),-- networks are interior + egp(2),-- networks learned + -- via EGP + incomplete(3) -- undetermined + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The ultimate origin of the path + information." + ::= { nsBgp4PathAttrEntry 4 } + + nsBgp4PathAttrASPathSegment OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (2..255)) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The sequence of AS path segments. Each AS + path segment is represented by a triple + . + + The type is a 1-octet field which has two + possible values: + 1 AS_SET: unordered set of ASs a + route in the UPDATE + message has traversed + 2 AS_SEQUENCE: ordered set of ASs + a route in the UPDATE + message has traversed. + + The length is a 1-octet field containing the + number of ASs in the value field. + + The value field contains one or more AS + numbers, each AS is represented in the octet + string as a pair of octets according to the + following algorithm: + + first-byte-of-pair = ASNumber / 256; + second-byte-of-pair = ASNumber & 255;" + ::= { nsBgp4PathAttrEntry 5 } + + nsBgp4PathAttrNextHop OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The address of the border router that + should be used for the destination + network." + ::= { nsBgp4PathAttrEntry 6 } + + nsBgp4PathAttrMultiExitDisc OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This metric is used to discriminate + between multiple exit points to an + adjacent autonomous system. A value of -1 + indicates the absence of this attribute." + ::= { nsBgp4PathAttrEntry 7 } + + nsBgp4PathAttrLocalPref OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The originating BGP4 speaker's degree of + preference for an advertised route. A + value of -1 indicates the absence of this + attribute." + ::= { nsBgp4PathAttrEntry 8 } + + nsBgp4PathAttrAtomicAggregate OBJECT-TYPE + SYNTAX INTEGER { + lessSpecificRrouteNotSelected(1), + lessSpecificRouteSelected(2) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Whether or not the local system has + selected a less specific route without + selecting a more specific route." + ::= { nsBgp4PathAttrEntry 9 } + + nsBgp4PathAttrAggregatorAS OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The AS number of the last BGP4 speaker that + performed route aggregation. A value of + zero (0) indicates the absence of this + attribute." + ::= { nsBgp4PathAttrEntry 10 } + + nsBgp4PathAttrAggregatorAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address of the last BGP4 speaker + that performed route aggregation. A value + of 0.0.0.0 indicates the absence of this + attribute." + ::= { nsBgp4PathAttrEntry 11 } + + nsBgp4PathAttrCalcLocalPref OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The degree of preference calculated by the + receiving BGP4 speaker for an advertised + route. A value of -1 indicates the + absence of this attribute." + ::= { nsBgp4PathAttrEntry 12 } + + nsBgp4PathAttrBest OBJECT-TYPE + SYNTAX INTEGER { + false(1),-- not chosen as best route + true(2) -- chosen as best route + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "An indication of whether or not this route + was chosen as the best BGP4 route." + ::= { nsBgp4PathAttrEntry 13 } + + nsBgp4PathAttrUnknown OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..255)) + MAX-ACCESS read-only + + STATUS deprecated + DESCRIPTION + "One or more path attributes not understood + by this BGP4 speaker. Size zero (0) + indicates the absence of such + attribute(s). Octets beyond the maximum + size, if any, are not recorded by this + object." + ::= { nsBgp4PathAttrEntry 14 } + + nsBgp4PathAttrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsBgp4PathAttrEntry 15 } + + -- Traps. + + nsBgpTraps OBJECT IDENTIFIER ::= { nsBgp 7 } + + nsBgpEstablished NOTIFICATION-TYPE + OBJECTS { netscreenTrapType, + netscreenTrapDesc, + nsBgpPeerIdentifier, + nsBgpPeerVRID, + nsBgpPeerLastError, + nsBgpPeerState } + STATUS deprecated + DESCRIPTION + "The BGP Established event is generated when + the BGP FSM enters the ESTABLISHED state." + ::= { nsBgpTraps 1 } + + +END + diff --git a/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB b/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB new file mode 100644 index 0000000..85d2a5e --- /dev/null +++ b/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB @@ -0,0 +1,217 @@ +-- This module defines enterprise MIBs for VPN certificate +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-CERTIFICATE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenCertificateMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + VPN certificates" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311120000Z" -- November 12, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No comment" + REVISION "200105150000Z" -- May 15, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 7 } + +NsVpnCertCfgEntry ::= SEQUENCE +{ + nsVpnCertCfgIndex Integer32, + nsVpnCertCfgType INTEGER, + nsVpnCertCfgSubject DisplayString, + nsVpnCertCfgExpire DisplayString, + nsVpnCertCfgIssuer DisplayString, + nsVpnCertCfgVsys Integer32 +} + +NsVpnCertDefEntry ::= SEQUENCE +{ + nsVpnCertDefIndex Integer32, + nsVpnCertDefLdap DisplayString, + nsVpnCertDefCrlUrl DisplayString, + nsVpnCertDefRefresh DisplayString, + nsVpnCertDefX509 INTEGER, + nsVpnCertDefVsys Integer32 +} + +nsVpnCert OBJECT IDENTIFIER ::= { netscreenVpn 7 } + +nsVpnCertDefTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnCertDefEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Certificate default setting table collects the default + certificates used when establish a secure VPN connection in + NetScreen device." + ::= { nsVpnCert 1 } + +nsVpnCertDefEntry OBJECT-TYPE + SYNTAX NsVpnCertDefEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes of a certificate" + INDEX + { nsVpnCertDefIndex } + ::= { nsVpnCertDefTable 1 } + +nsVpnCertDefIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Table index using as primary key when retrieving the table." + ::= { nsVpnCertDefEntry 1 } + +nsVpnCertDefLdap OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "LDAP server name." + ::= { nsVpnCertDefEntry 2 } + +nsVpnCertDefCrlUrl OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "URL of CRL." + ::= { nsVpnCertDefEntry 3 } + +nsVpnCertDefRefresh OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "CRL Refresh Frequency." + ::= { nsVpnCertDefEntry 4 } + +nsVpnCertDefX509 OBJECT-TYPE + SYNTAX INTEGER { + partial(0), + full(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "X509 Certificate Path Validation Level." + ::= { nsVpnCertDefEntry 5 } + +nsVpnCertDefVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys the cert setting belongs to." + ::= { nsVpnCertDefEntry 6 } + +nsVpnCertCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnCertCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table collects detail certificate information." + ::= { nsVpnCert 2 } + +nsVpnCertCfgEntry OBJECT-TYPE + SYNTAX NsVpnCertCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnCertCfgTable contains a set of + attributes for a certificate" + INDEX + { nsVpnCertCfgIndex } + ::= { nsVpnCertCfgTable 1 } + +nsVpnCertCfgIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for certification table. Its value ranges + between 0 and 65535 and may not be contiguous." + ::= { nsVpnCertCfgEntry 1 } + +nsVpnCertCfgType OBJECT-TYPE + SYNTAX INTEGER { + ca(0), + local(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Certificate type." + ::= { nsVpnCertCfgEntry 2 } + +nsVpnCertCfgSubject OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Certificate subject." + ::= { nsVpnCertCfgEntry 3 } + +nsVpnCertCfgExpire OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Certificate expire date." + ::= { nsVpnCertCfgEntry 4 } + +nsVpnCertCfgIssuer OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Certificate configuration details." + ::= { nsVpnCertCfgEntry 5 } + +nsVpnCertCfgVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Certificate's vsys." + ::= { nsVpnCertCfgEntry 6 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-CHASSIS-MIB b/MIBS/screenos/NETSCREEN-CHASSIS-MIB new file mode 100644 index 0000000..8bcd39b --- /dev/null +++ b/MIBS/screenos/NETSCREEN-CHASSIS-MIB @@ -0,0 +1,272 @@ +-- This module defines chassis MIBs for modular ScreenOS platforms +-- Copyright (c) 1999-2007, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-CHASSIS-MIB DEFINITIONS ::= BEGIN +IMPORTS + netscreen + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenChassis MODULE-IDENTITY + LAST-UPDATED "200705080000Z" +-- May 8, 2007 by mxk + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the objects that are used to monitor + device status such as Battery, Fan, Power and Temperature" + ::= { netscreen 21} + + NsPowerEntry ::= + SEQUENCE { + nsPowerId Integer32, + nsPowerStatus Integer32, + nsPowerDesc DisplayString + } + + nsPowerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsPowerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing installed power supply modules and + their status" + ::= { netscreenChassis 1} + + nsPowerEntry OBJECT-TYPE + SYNTAX NsPowerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing one power supply module and its status" + INDEX { nsPowerId } + ::= { nsPowerTable 1 } + + nsPowerId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the power supply + id. For 5400, range is 1~3, For 5200, range is 1~2" + ::= { nsPowerEntry 1 } + + nsPowerStatus OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the + power supply module's status: + 0. Fail + 1. Good + 2. Not installed" + ::= { nsPowerEntry 2 } + + nsPowerDesc OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A description for the power supply module" + ::= { nsPowerEntry 3 } + + NsFanEntry ::= + SEQUENCE { + nsFanId Integer32, + nsFanStatus Integer32, + nsFanDesc DisplayString + } + + nsFanTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsFanEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing the installed Fan modules and their status" + ::= { netscreenChassis 2} + + nsFanEntry OBJECT-TYPE + SYNTAX NsFanEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing one installed Fan module and its status" + INDEX { nsFanId } + ::= { nsFanTable 1 } + + nsFanId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the Fan id. At the time of + this writing." + ::= { nsFanEntry 1 } + + nsFanStatus OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the + Fan module's status: + 0. Fail + 1. Good + " + ::= { nsFanEntry 2 } + + nsFanDesc OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A description for the Fan module" + ::= { nsFanEntry 3 } + + + sysBatteryStatus OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Information describing the installed Battery and its status: + 1. Good + 2. Error + " + ::= { netscreenChassis 3 } + + NsTemperatureEntry ::= + SEQUENCE { + nsTemperatureId Integer32, + nsTemperatureSlotId Integer32, + nsTemperatureDesc DisplayString, + nsTemperatureCur Integer32, + } + + nsTemperatureTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsTemperatureEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing the temperature measured by each module" + ::= { netscreenChassis 4} + + nsTemperatureEntry OBJECT-TYPE + SYNTAX NsTemperatureEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The temperature measured by a module" + INDEX { nsTemperatureId } + ::= { nsTemperatureTable 1 } + + nsTemperatureId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying temperature measured on a board or on a component e.g. CPU" + ::= { nsTemperatureEntry 1 } + + nsTemperatureSlotId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the slot where the temperature is measured. " + ::= { nsTemperatureEntry 2 } + + nsTemperatureCur OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The current temperature measured by the module, unit is Celsius" + ::= { nsTemperatureEntry 3 } + + nsTemperatureDesc OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A description for the module" + ::= { nsTemperatureEntry 4 } + + + NsSlotEntry ::= SEQUENCE { + nsSlotId Integer32, + nsSlotType DisplayString, + nsSlotStatus Integer32, + nsSlotSN DisplayString, + } + + nsSlotTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSlotEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing the installed management and traffic + processing modules and their status, built-in and internal module are also listed here. + " + ::= { netscreenChassis 5} + + nsSlotEntry OBJECT-TYPE + SYNTAX NsSlotEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing one installed module and its status" + INDEX { nsSlotId, + nsSubSlotId } + ::= { nsSlotTable 1 } + + nsSlotId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the slot id. The range + varies on different platforms " + ::= { nsSlotEntry 1 } + + nsSlotType OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A description of the installed module" + ::= { nsSlotEntry 2 } + + nsSlotStatus OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Slot status" + ::= { nsSlotEntry 3 } + + nsSlotSN OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Serial Number of the module" + ::= { nsSlotEntry 4 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-IDS-MIB b/MIBS/screenos/NETSCREEN-IDS-MIB new file mode 100644 index 0000000..9431c72 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-IDS-MIB @@ -0,0 +1,880 @@ +-- This module defines enterprise MIBs DI Setting. +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-IDS-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenIDS + FROM NETSCREEN-SMI + Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + ; + +nsIdsProtect MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs DI Setting." + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200204260000Z" -- April 26, 2002 + DESCRIPTION + "Screen option on zone setting, add new screen option (Zhong + Wang)" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200101080000Z" -- January 08, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenIDS 1 } + +NsIdsAttkMonEntry ::= SEQUENCE +{ + nsIdsAttkMonIfIdx Integer32, + nsIdsAttkMonVsys Integer32, + nsIdsAttkMonSynAttk Counter32, + nsIdsAttkMonTearDrop Counter32, + nsIdsAttkMonSrcRoute Counter32, + nsIdsAttkMonPingDeath Counter32, + nsIdsAttkMonAddrSpoof Counter32, + nsIdsAttkMonLand Counter32, + nsIdsAttkMonIcmpFlood Counter32, + nsIdsAttkMonUdpFlood Counter32, + nsIdsAttkMonWinnuke Counter32, + nsIdsAttkMonPortScan Counter32, + nsIdsAttkMonIpSweep Counter32, + nsAttkMonSynFrag Counter32, + nsAttkMonTcpNoFlag Counter32, + nsAttkMonIpUnknownProt Counter32, + nsAttkMonIpOptBad Counter32, + nsAttkMonIpOptRecord Counter32, + nsAttkMonIpOptTimestamp Counter32, + nsAttkMonIpOptSCHT Counter32, + nsAttkMonIpOptLSR Counter32, + nsAttkMonIpOptSSR Counter32, + nsAttkMonIpOptStream Counter32, + nsAttkMonIcmpFrag Counter32, + nsAttkMonIcmpLarge Counter32, + nsAttkMonTcpSynFin Counter32, + nsAttkMonTcpFinNoAck Counter32, + nsAttkMonHttpMalUrl Counter32, + nsAttkMonSessMalNum Counter32, + nsAttkMonSynAckAck Counter32, + nsAttkMonIpFrag Counter32, + nsIdsAttkMonIfInfo Integer32 +} + +NsIdsProtectSetEntry ::= SEQUENCE +{ + nsIdsProtectZoneIdx Integer32, + nsIdsDetectPingOfDeath INTEGER, + nsIdsDetectTearDrop INTEGER, + nsIdsDetectWinNuke INTEGER, + nsIdsFilterIpSrcRoute INTEGER, + nsIdsDetectPortScan INTEGER, + nsIdsDetectAddrSweep INTEGER, + nsIdsDetectLand INTEGER, + nsIdsBlockComponent INTEGER, + nsIdsDetectIpSpoof INTEGER, + nsIdsDetectSyn INTEGER, + nsIdsDetectIcmpFlood INTEGER, + nsIdsDetectUdpFlood INTEGER, + nsIdsDetectSynFrag INTEGER, + nsIdsDetectTcpNoFlag INTEGER, + nsIdsDetectIpUnknownProt INTEGER, + nsIdsDetectIpOptBad INTEGER, + nsIdsDetectIpOptRecord INTEGER, + nsIdsDetectIpOptTimestamp INTEGER, + nsIdsDetectIpOptSCHT INTEGER, + nsIdsDetectIpOptLSR INTEGER, + nsIdsDetectIpOptSSR INTEGER, + nsIdsDetectIpOptStream INTEGER, + nsIdsDetectIcmpFrag INTEGER, + nsIdsDetectIcmpLarge INTEGER, + nsIdsDetectTcpSynFin INTEGER, + nsIdsDetectTcpFinNoAck INTEGER, + nsIdsHttpMalUrl INTEGER, + nsIdsSessMalNum INTEGER, + nsIdsDetectSynAckAck INTEGER, + nsIdsDetectIpFrag INTEGER +} + +NsIdsProtectThreshEntry ::= SEQUENCE +{ + nsIdsProtectThreshZoneIdx Integer32, + nsIdsSynAttackThresh Integer32, + nsIdsSynAttackTimeout Integer32, + nsIdsSynAttackAlmTh Integer32, + nsIdsSynAttackQueSize Integer32, + nsIdsSynAttackAgeTime Integer32, + nsIdsIcmpFloodThresh Integer32, + nsIdsUdpFloodThresh Integer32, + nsIdsPortScanThresh Integer32, + nsIdsIpSweepThresh Integer32, + nsIdsSynAckAckThres Integer32 +} + +nsIdsProtectSetTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIdsProtectSetEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen ScreenOS can allow DI protection on each of + NetScreen device's physical interface. This table collects the + DI protection configuration on each physical interface." + ::= { nsIdsProtect 1 } + +nsIdsProtectSetEntry OBJECT-TYPE + SYNTAX NsIdsProtectSetEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Hold the DI setting attribute." + INDEX + { nsIdsProtectZoneIdx } + ::= { nsIdsProtectSetTable 1 } + +nsIdsProtectZoneIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unique zone id." + ::= { nsIdsProtectSetEntry 1 } + +nsIdsDetectPingOfDeath OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Ping of Death." + ::= { nsIdsProtectSetEntry 2 } + +nsIdsDetectTearDrop OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Tear Drop Attack." + ::= { nsIdsProtectSetEntry 3 } + +nsIdsDetectWinNuke OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Win Nuke Attack." + ::= { nsIdsProtectSetEntry 4 } + +nsIdsFilterIpSrcRoute OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Filter IP Source Route Option attack." + ::= { nsIdsProtectSetEntry 5 } + +nsIdsDetectPortScan OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Port Scan Death attack." + ::= { nsIdsProtectSetEntry 6 } + +nsIdsDetectAddrSweep OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Address Sweep Attack." + ::= { nsIdsProtectSetEntry 7 } + +nsIdsDetectLand OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Land Attack." + ::= { nsIdsProtectSetEntry 8 } + +nsIdsBlockComponent OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Block Java/ActiveX/ZIP/EXE Component." + ::= { nsIdsProtectSetEntry 9 } + +nsIdsDetectIpSpoof OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP Spoofing attack." + ::= { nsIdsProtectSetEntry 10 } + +nsIdsDetectSyn OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect SYN attack." + ::= { nsIdsProtectSetEntry 11 } + +nsIdsDetectIcmpFlood OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect ICMP Flood attack." + ::= { nsIdsProtectSetEntry 12 } + +nsIdsDetectUdpFlood OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect UDP Flood attack." + ::= { nsIdsProtectSetEntry 13 } + +nsIdsDetectSynFrag OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect SYN fragment" + ::= { nsIdsProtectSetEntry 14 } + +nsIdsDetectTcpNoFlag OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP without flag set." + ::= { nsIdsProtectSetEntry 15 } + +nsIdsDetectIpUnknownProt OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Unknown protocol IP packet." + ::= { nsIdsProtectSetEntry 16 } + +nsIdsDetectIpOptBad OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP bad option." + ::= { nsIdsProtectSetEntry 17 } + +nsIdsDetectIpOptRecord OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP record option." + ::= { nsIdsProtectSetEntry 18 } + +nsIdsDetectIpOptTimestamp OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP timestamp option." + ::= { nsIdsProtectSetEntry 19 } + +nsIdsDetectIpOptSCHT OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP security option." + ::= { nsIdsProtectSetEntry 20 } + +nsIdsDetectIpOptLSR OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Loose source route." + ::= { nsIdsProtectSetEntry 21 } + +nsIdsDetectIpOptSSR OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect strict source route." + ::= { nsIdsProtectSetEntry 22 } + +nsIdsDetectIpOptStream OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP stream option." + ::= { nsIdsProtectSetEntry 23 } + +nsIdsDetectIcmpFrag OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect ICMP fragment." + ::= { nsIdsProtectSetEntry 24 } + +nsIdsDetectIcmpLarge OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect large ICMP packet." + ::= { nsIdsProtectSetEntry 25 } + +nsIdsDetectTcpSynFin OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP syn fin both set." + ::= { nsIdsProtectSetEntry 26 } + +nsIdsDetectTcpFinNoAck OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP fin set without ack bit set." + ::= { nsIdsProtectSetEntry 27 } + +nsIdsHttpMalUrl OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect malicious URL." + ::= { nsIdsProtectSetEntry 28 } + +nsIdsSessMalNum OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect malicious session connection." + ::= { nsIdsProtectSetEntry 29 } + +nsIdsDetectSynAckAck OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect SYN ACK ACK DoS." + ::= { nsIdsProtectSetEntry 30 } + +nsIdsDetectIpFrag OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Block IP fragment packet." + ::= { nsIdsProtectSetEntry 31 } + +nsIdsProtectThreshTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIdsProtectThreshEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen ScreenOS can allow DI protection on each of + NetScreen device's physical interface. This table collects the + DI protection configuration on each physical interface." + ::= { nsIdsProtect 2 } + +nsIdsProtectThreshEntry OBJECT-TYPE + SYNTAX NsIdsProtectThreshEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Hold the DI setting attribute." + INDEX + { nsIdsProtectThreshZoneIdx } + ::= { nsIdsProtectThreshTable 1 } + +nsIdsProtectThreshZoneIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unique zone id." + ::= { nsIdsProtectThreshEntry 1 } + +nsIdsSynAttackThresh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN attack threshold." + ::= { nsIdsProtectThreshEntry 2 } + +nsIdsSynAttackTimeout OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN attack timeout." + ::= { nsIdsProtectThreshEntry 3 } + +nsIdsSynAttackAlmTh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN attack alarm threshold." + ::= { nsIdsProtectThreshEntry 4 } + +nsIdsSynAttackQueSize OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN attack queue size." + ::= { nsIdsProtectThreshEntry 5 } + +nsIdsSynAttackAgeTime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN flood age time." + ::= { nsIdsProtectThreshEntry 6 } + +nsIdsIcmpFloodThresh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ICMP attack alarm threshold." + ::= { nsIdsProtectThreshEntry 7 } + +nsIdsUdpFloodThresh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "UDP attack alarm threshold." + ::= { nsIdsProtectThreshEntry 8 } + +nsIdsPortScanThresh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ICMP attack alarm threshold." + ::= { nsIdsProtectThreshEntry 9 } + +nsIdsIpSweepThresh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "UDP attack alarm threshold." + ::= { nsIdsProtectThreshEntry 10 } + +nsIdsSynAckAckThres OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SYN ack ack alarm threshold." + ::= { nsIdsProtectThreshEntry 11 } + +nsIdsAttkMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIdsAttkMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table monitors the intrusion attack attemps amount to + NetScreen Device." + ::= { netscreenIDS 2 } + +nsIdsAttkMonEntry OBJECT-TYPE + SYNTAX NsIdsAttkMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing intrusion attack couters." + INDEX + { nsIdsAttkMonIfIdx } + ::= { nsIdsAttkMonTable 1 } + +nsIdsAttkMonIfIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unique interface id." + ::= { nsIdsAttkMonEntry 1 } + +nsIdsAttkMonVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "according NetScreen's concepts. each interface belongs to one + virtual system. This attribute displays the virtual system name + an interface belongs to." + ::= { nsIdsAttkMonEntry 2 } + +nsIdsAttkMonSynAttk OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "sync attack packet counter." + ::= { nsIdsAttkMonEntry 3 } + +nsIdsAttkMonTearDrop OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "tear drop attack packet counter." + ::= { nsIdsAttkMonEntry 4 } + +nsIdsAttkMonSrcRoute OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "source route option attack packet counter." + ::= { nsIdsAttkMonEntry 5 } + +nsIdsAttkMonPingDeath OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ping of death attack packet counter." + ::= { nsIdsAttkMonEntry 6 } + +nsIdsAttkMonAddrSpoof OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "address spoofing attack packet counter." + ::= { nsIdsAttkMonEntry 7 } + +nsIdsAttkMonLand OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "land attack packet counter." + ::= { nsIdsAttkMonEntry 8 } + +nsIdsAttkMonIcmpFlood OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ICMP flood attack packet counter." + ::= { nsIdsAttkMonEntry 9 } + +nsIdsAttkMonUdpFlood OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "udp flood attack packet counter." + ::= { nsIdsAttkMonEntry 10 } + +nsIdsAttkMonWinnuke OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "weired netbios attack packet counter." + ::= { nsIdsAttkMonEntry 11 } + +nsIdsAttkMonPortScan OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "port scan attempt attack packet counter." + ::= { nsIdsAttkMonEntry 12 } + +nsIdsAttkMonIpSweep OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "address sweep attemp attack packet counter." + ::= { nsIdsAttkMonEntry 13 } + +nsAttkMonSynFrag OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect SYN fragment" + ::= { nsIdsAttkMonEntry 14 } + +nsAttkMonTcpNoFlag OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP without flag set." + ::= { nsIdsAttkMonEntry 15 } + +nsAttkMonIpUnknownProt OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Unknown protocol IP packet." + ::= { nsIdsAttkMonEntry 16 } + +nsAttkMonIpOptBad OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP bad option." + ::= { nsIdsAttkMonEntry 17 } + +nsAttkMonIpOptRecord OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP record option." + ::= { nsIdsAttkMonEntry 18 } + +nsAttkMonIpOptTimestamp OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP timestamp option." + ::= { nsIdsAttkMonEntry 19 } + +nsAttkMonIpOptSCHT OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP security option." + ::= { nsIdsAttkMonEntry 20 } + +nsAttkMonIpOptLSR OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect Loose source route." + ::= { nsIdsAttkMonEntry 21 } + +nsAttkMonIpOptSSR OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect strict source route." + ::= { nsIdsAttkMonEntry 22 } + +nsAttkMonIpOptStream OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect IP stream option." + ::= { nsIdsAttkMonEntry 23 } + +nsAttkMonIcmpFrag OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect ICMP fragment." + ::= { nsIdsAttkMonEntry 24 } + +nsAttkMonIcmpLarge OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect large ICMP packet." + ::= { nsIdsAttkMonEntry 25 } + +nsAttkMonTcpSynFin OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP syn fin both set." + ::= { nsIdsAttkMonEntry 26 } + +nsAttkMonTcpFinNoAck OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect TCP fin set without ack bit set." + ::= { nsIdsAttkMonEntry 27 } + +nsAttkMonHttpMalUrl OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect malicious URL." + ::= { nsIdsAttkMonEntry 28 } + +nsAttkMonSessMalNum OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect malicious session connection." + ::= { nsIdsAttkMonEntry 29 } + +nsAttkMonSynAckAck OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Detect SYN ACK ACK attack." + ::= { nsIdsAttkMonEntry 30 } + +nsAttkMonIpFrag OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Block IP fragment packet." + ::= { nsIdsAttkMonEntry 31 } + +nsIdsAttkMonIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsIdsAttkMonEntry 32 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-INTERFACE-MIB b/MIBS/screenos/NETSCREEN-INTERFACE-MIB new file mode 100644 index 0000000..f6914c8 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-INTERFACE-MIB @@ -0,0 +1,696 @@ +-- This module defines enterprise MIBs for interface configuration +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-INTERFACE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenInterface + FROM NETSCREEN-SMI + Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString,PhysAddress + FROM SNMPv2-TC + ; + +netscreenInterfaceMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor NS's + interface configuration" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105110000Z" -- May 11, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenInterface 0 } + +NsIfEntry ::= SEQUENCE +{ + nsIfIndex Integer32, + nsIfName DisplayString, + nsIfVsys Integer32, + nsIfZone Integer32, + nsIfStatus INTEGER, + nsIfIp IpAddress, + nsIfNetmask IpAddress, + nsIfGateway IpAddress, + nsIfMngIp IpAddress, + nsIfMode INTEGER, + nsIfMAC PhysAddress, + nsIfMngTelnet INTEGER, + nsIfMngSCS INTEGER, + nsIfMngWEB INTEGER, + nsIfMngSSL INTEGER, + nsIfMngSNMP INTEGER, + nsIfMngGlobal INTEGER, + nsIfMngGlobalPro INTEGER, + nsIfMngPing INTEGER, + nsIfMngIdentReset INTEGER, + nsIfInfo Integer32, + nsIfDescr DisplayString +} + +NsIfFlowEntry ::= SEQUENCE +{ + nsIfFlowIfIdx Integer32, + nsIfFlowVsys Integer32, + nsIfFlowInByte Counter32, + nsIfFlowInPacket Counter32, + nsIfFlowOutByte Counter32, + nsIfFlowOutPacket Counter32, + nsIfFlowInVpn Counter32, + nsIfInVlan Counter32, + nsIfOutVlan Counter32, + nsIfFlowIfInfo Integer32 +} + +NsIfMonEntry ::= SEQUENCE +{ + nsIfMonIfIdx Integer32, + nsIfMonVsys Integer32, + nsIfMonPlyDeny Counter32, + nsIfMonAuthFail Counter32, + nsIfMonUrlBlock Counter32, + nsIfMonTrMngQueue Counter32, + nsIfMonTrMngDrop Counter32, + nsIfMonEncFail Counter32, + nsIfMonNoSa Counter32, + nsIfMonNoSaPly Counter32, + nsIfMonSaInactive Counter32, + nsIfMonSaPolicyDeny Counter32, + nsIfMonIfInfo Integer32 +} + +NsIfSecondaryIpEntry ::= SEQUENCE +{ + nsIfSecondaryIpIndex Integer32, + nsIfSecondaryIpIfIdx Integer32, + nsIfSecondaryIpVsys Integer32, + nsIfSecondaryIpZone Integer32, + nsIfSecondaryIpAddress IpAddress, + nsIfSecondaryIpNetmask IpAddress, + nsIfSecondaryIpIfInfo Integer32 +} + +nsIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "All NetScreen devices have a trusted interface and an + untrusted interface. The NetScreen-10 and -100 also have a DMZ + interface. Additionally, on each of the virtual systems + supported by the NetScreen-1000 there can be on or more tursted + subinterfaces linking a particular virtual system to one or + more virtual LANs. Other interfaces-some physical, some + logical, and some virtual-provide exclusive channels for + administrative traffic, or for communication among member in a + redundant group. In this table, it will collect following + interface: tursted interface, untrusted interface, DMZ + interface, Management Interface and Subinterface." + ::= { netscreenInterface 1 } + +nsIfEntry OBJECT-TYPE + SYNTAX NsIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "nsIfEntry collects some attributes about NetScreen interface + settings." + INDEX + { nsIfIndex } + ::= { nsIfTable 1 } + +nsIfIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface number which uniquely identifies an interface." + ::= { nsIfEntry 1 } + +nsIfName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each interface has a readable name such as 'trust', 'trust/1', + etc." + ::= { nsIfEntry 2 } + +nsIfVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "According NetScreen's concepts, each interface belongs to one + virtual system. This attribute displays the virtual system name + an interface belongs to. If the device is device which doesn't + support vsys such as NS-100, we can logically think all the + setting belongs to 'root' vsys." + ::= { nsIfEntry 3 } + +nsIfZone OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each interface belongs to one security zone. This attribute + displays the security zone name an interface belongs to." + ::= { nsIfEntry 4 } + +nsIfStatus OBJECT-TYPE + SYNTAX INTEGER { + down(0), + up(1), + ready(2), + inactive(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The interface status which indicates interface's operational + status." + ::= { nsIfEntry 5 } + +nsIfIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each interface must be assigned an IP address." + ::= { nsIfEntry 6 } + +nsIfNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each interface must belong to a subnet represented by + netmask." + ::= { nsIfEntry 7 } + +nsIfGateway OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Default gateway ip address." + ::= { nsIfEntry 8 } + +nsIfMngIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Trusted, untrusted and DMZ interfaces can have two IP address: + an interface IP address that corresponds to the physical port + through which that interface connects to a network, and a + Manage IP address that can be used to receive administrative + traffic" + ::= { nsIfEntry 9 } + +nsIfMode OBJECT-TYPE + SYNTAX INTEGER { + transparent(0), + nat(1), + route(2), + not-applicable(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetScreen interface can has three operation modes. They are + transparent, nat and route." + ::= { nsIfEntry 10 } + +nsIfMAC OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "MAC address the interface has." + ::= { nsIfEntry 11 } + +nsIfMngTelnet OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits telnet management." + ::= { nsIfEntry 12 } + +nsIfMngSCS OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits Secure Command Shell management." + ::= { nsIfEntry 13 } + +nsIfMngWEB OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits WEB UI management." + ::= { nsIfEntry 14 } + +nsIfMngSSL OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits SSL management." + ::= { nsIfEntry 15 } + +nsIfMngSNMP OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits SNMP management." + ::= { nsIfEntry 16 } + +nsIfMngGlobal OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits NS Global management." + ::= { nsIfEntry 17 } + +nsIfMngGlobalPro OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits NS Global Pro management." + ::= { nsIfEntry 18 } + +nsIfMngPing OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits Ping go-through." + ::= { nsIfEntry 19 } + +nsIfMngIdentReset OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This attribute is used to indicate whether the interface + permits ident reset." + ::= { nsIfEntry 20 } + +nsIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsIfEntry 21 } + +nsIfDescr OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each interface has a a configurable descriptor string." + ::= { nsIfEntry 22 } + +nsIfSecondaryIpTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIfSecondaryIpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "In some ScreenOS, it supports multiple IP addresses and + related subnets based on the same interface. This table + collects the multiple IP addresses configuration on an + interface." + ::= { netscreenInterface 2 } + +nsIfSecondaryIpEntry OBJECT-TYPE + SYNTAX NsIfSecondaryIpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "nsIfSecondaryIpEntry collects some attributes about multiple + IP configurations on an interface." + INDEX + { nsIfSecondaryIpIndex } + ::= { nsIfSecondaryIpTable 1 } + +nsIfSecondaryIpIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The table index used as primary key when retrieving the + table." + ::= { nsIfSecondaryIpEntry 1 } + +nsIfSecondaryIpIfIdx OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index value which uniquely identifies an interface the + secodary ip belongs to. The interface identified by a + particular value of this index is the same interface as + identified by the same value of ifIndex." + ::= { nsIfSecondaryIpEntry 2 } + +nsIfSecondaryIpVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "According NetScreen's concepts, each interface belongs to one + virtual system. This attribute displays the virtual system ID + an interface belongs to. If the device is device which doesn't + support vsys such as NS-100, we can logically think all the + setting belongs to 'root' vsys." + ::= { nsIfSecondaryIpEntry 3 } + +nsIfSecondaryIpZone OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "each interface belongs to one security zone. this attribute + displays the security zone name an interface belongs to." + ::= { nsIfSecondaryIpEntry 4 } + +nsIfSecondaryIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Ip Address value." + ::= { nsIfSecondaryIpEntry 5 } + +nsIfSecondaryIpNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Subnet of a ip belongs to." + ::= { nsIfSecondaryIpEntry 6 } + +nsIfSecondaryIpIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsIfSecondaryIpEntry 7 } + +nsIfFlowTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIfFlowEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "nsIfFlowTable is used to get flow statistical information of + the interface." + ::= { netscreenInterface 3 } + +nsIfFlowEntry OBJECT-TYPE + SYNTAX NsIfFlowEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table entry collect some attributes about interface flow + counters." + INDEX + { nsIfFlowIfIdx } + ::= { nsIfFlowTable 1 } + +nsIfFlowIfIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Unique interface id, also used as table index." + ::= { nsIfFlowEntry 1 } + +nsIfFlowVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "According NetScreen's concepts. each interface belongs to one + virtual system. This attribute displays the virtual system name + an interface belongs to." + ::= { nsIfFlowEntry 2 } + +nsIfFlowInByte OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Incoming byte number arriving at the this interface" + ::= { nsIfFlowEntry 3 } + +nsIfFlowInPacket OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Incoming packet number arriving at the this interface" + ::= { nsIfFlowEntry 4 } + +nsIfFlowOutByte OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Outgoing byte number sending through this interface" + ::= { nsIfFlowEntry 5 } + +nsIfFlowOutPacket OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Outgoing packet number sending through this interface" + ::= { nsIfFlowEntry 6 } + +nsIfFlowInVpn OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN packet go through this interface" + ::= { nsIfFlowEntry 7 } + +nsIfInVlan OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Incoming vlan packet" + ::= { nsIfFlowEntry 8 } + +nsIfOutVlan OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Outgoing vlan packet" + ::= { nsIfFlowEntry 9 } + +nsIfFlowIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsIfFlowEntry 10 } + +nsIfMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIfMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table collects some of dropped packet counters of + interface" + ::= { netscreenInterface 4 } + +nsIfMonEntry OBJECT-TYPE + SYNTAX NsIfMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing tunnel information" + INDEX + { nsIfMonIfIdx } + ::= { nsIfMonTable 1 } + +nsIfMonIfIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Unique interface id, also used as table index." + ::= { nsIfMonEntry 1 } + +nsIfMonVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "According NetScreen's concepts, each interface belongs to one + virtual system. This attribute displays the virtual system name + an interface belongs to." + ::= { nsIfMonEntry 2 } + +nsIfMonPlyDeny OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packet drop since denied by policy." + ::= { nsIfMonEntry 3 } + +nsIfMonAuthFail OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packet drop due to authentication failed." + ::= { nsIfMonEntry 4 } + +nsIfMonUrlBlock OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packet drop due to URL blocking." + ::= { nsIfMonEntry 5 } + +nsIfMonTrMngQueue OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packet queue up due to traffic management" + ::= { nsIfMonEntry 6 } + +nsIfMonTrMngDrop OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packet drop due to traffic management" + ::= { nsIfMonEntry 7 } + +nsIfMonEncFail OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IPSec enc failed due to sa not available, no ipak, etc" + ::= { nsIfMonEntry 8 } + +nsIfMonNoSa OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packet drop due to no sa found for incomig spi" + ::= { nsIfMonEntry 9 } + +nsIfMonNoSaPly OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packet drop due to no policy associated with found sa" + ::= { nsIfMonEntry 10 } + +nsIfMonSaInactive OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packet drop due to sa not active" + ::= { nsIfMonEntry 11 } + +nsIfMonSaPolicyDeny OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packet drop due to denial by sa policy" + ::= { nsIfMonEntry 12 } + +nsIfMonIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsIfMonEntry 13 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-IP-ARP-MIB b/MIBS/screenos/NETSCREEN-IP-ARP-MIB new file mode 100644 index 0000000..a4999b9 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-IP-ARP-MIB @@ -0,0 +1,184 @@ +-- This module defines enterprise MIBs for ARP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-IP-ARP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenIp + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString,PhysAddress + FROM SNMPv2-TC + ; + +nsIpArp MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for ARP" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105020000Z" -- May 02, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenIp 1 } + +NsIpArpEntry ::= SEQUENCE +{ + nsIpArpIndex Integer32, + nsIpArpIp IpAddress, + nsIpArpMac PhysAddress, + nsIpArpVsys Integer32, + nsIpArpIfIdx Integer32, + nsIpArpState INTEGER, + nsIpArpAge Integer32, + nsIpArpRetry Integer32, + nsIpArpPakQue Integer32 +} + +nsIpArpAOD OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "ARP always on destination." + ::= { nsIpArp 1 } + +nsIpArpCachUpdate OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "ARP cache update." + ::= { nsIpArp 2 } + +nsIpArpTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsIpArpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table collects all the ARP entries existing in NetScreen + device." + ::= { nsIpArp 3 } + +nsIpArpEntry OBJECT-TYPE + SYNTAX NsIpArpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes of arp info" + INDEX + { nsIpArpIndex } + ::= { nsIpArpTable 1 } + +nsIpArpIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for arp table. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsIpArpEntry 1 } + +nsIpArpIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP address." + ::= { nsIpArpEntry 2 } + +nsIpArpMac OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "MAC address." + ::= { nsIpArpEntry 3 } + +nsIpArpVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system id this entry belongs to." + ::= { nsIpArpEntry 4 } + +nsIpArpIfIdx OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface location." + ::= { nsIpArpEntry 5 } + +nsIpArpState OBJECT-TYPE + SYNTAX INTEGER { + pending(1), + valid(2), + delete(3), + static(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ARP entry state." + ::= { nsIpArpEntry 6 } + +nsIpArpAge OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ARP entry age." + ::= { nsIpArpEntry 7 } + +nsIpArpRetry OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ARP entry retry time." + ::= { nsIpArpEntry 8 } + +nsIpArpPakQue OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ARP entry package queue." + ::= { nsIpArpEntry 9 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-IPPOOL-MIB b/MIBS/screenos/NETSCREEN-IPPOOL-MIB new file mode 100644 index 0000000..e8cf13f --- /dev/null +++ b/MIBS/screenos/NETSCREEN-IPPOOL-MIB @@ -0,0 +1,125 @@ +-- This module defines enterprise MIBs for VPN IP pool +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-IPPOOL-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenIppoolMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + VPN IP pool" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200008270000Z" -- August 27, 2000 + DESCRIPTION + "Creation date" + ::= { netscreenVpnMibModule 9 } + +NsVpnIpPoolEntry ::= SEQUENCE +{ + nsVpnIpPoolIndex Integer32, + nsVpnIpPoolName DisplayString, + nsVpnIpPoolStartIp IpAddress, + nsVpnIpPoolEndIp IpAddress, + nsVpnIpPoolIpUsed Integer32 +} + +nsVpnIpPool OBJECT IDENTIFIER ::= { netscreenVpn 9 } + +nsVpnIpPoolTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnIpPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table collects all ip pool configuration in NetScreen + device." + ::= { nsVpnIpPool 1 } + +nsVpnIpPoolEntry OBJECT-TYPE + SYNTAX NsVpnIpPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnIpPoolEntry holds a set of + configuration parameters associated with an instance IP pool." + INDEX + { nsVpnIpPoolIndex } + ::= { nsVpnIpPoolTable 1 } + +nsVpnIpPoolIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for ip pool. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsVpnIpPoolEntry 1 } + +nsVpnIpPoolName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ip pool name" + ::= { nsVpnIpPoolEntry 2 } + +nsVpnIpPoolStartIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP pool's start ip address." + ::= { nsVpnIpPoolEntry 3 } + +nsVpnIpPoolEndIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP pool's end ip address." + ::= { nsVpnIpPoolEntry 4 } + +nsVpnIpPoolIpUsed OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total number of addresses in use from this pool." + ::= { nsVpnIpPoolEntry 5 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-NAT-MIB b/MIBS/screenos/NETSCREEN-NAT-MIB new file mode 100644 index 0000000..b4fe7a7 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-NAT-MIB @@ -0,0 +1,536 @@ +-- This module defines enterprise MIBs for NAT +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-NAT-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenNAT + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenNATMibModule MODULE-IDENTITY + LAST-UPDATED "200503032022Z" -- March 03, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "Added dip pool utilization attribute" + REVISION "200503030000Z" -- March 03, 2005 + DESCRIPTION + "This module defines the managed objects for Netscreen NAT" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200306030000Z" -- June 03, 2003 + DESCRIPTION + "Change VIP configuration per physical interface" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenNAT 0 } + +NsNatDipEntry ::= SEQUENCE +{ + nsNatDipIndex Integer32, + nsNatDipId Integer32, + nsNatDipLow IpAddress, + nsNatDipHigh IpAddress, + nsNatDipIfIp IpAddress, + nsNatDipIfNetmask IpAddress, + nsNatDipPTEnable INTEGER, + nsNatDipVsys Integer32, + nsNatDipUtil Integer32 +} + +NsNatDipPPortEntry ::= SEQUENCE +{ + nsNatDipPPortIndex Integer32, + nsNatDipAllPort Integer32, + nsNatDipAllocatedPort Integer32, + nsNatDipAvailablePort Integer32, + nsNatDipAllocatedPairedPort Integer32, + nsNatDipAvailablePairedPort Integer32, +} + +NsNatMipEntry ::= SEQUENCE +{ + nsNatMipIndex Integer32, + nsNatMipIp IpAddress, + nsNatMipNetmask IpAddress, + nsNatMipHost IpAddress, + nsNatMipIfIp IpAddress, + nsNatMipIfNetmask IpAddress, + nsNatMipVsys Integer32 +} + +NsNatVipCfgEntry ::= SEQUENCE +{ + nsNatVipCfgIndex Integer32, + nsNatVipCfgIp IpAddress, + nsNatVipCfgPort Integer32, + nsNatVipCfgService DisplayString, + nsNatVipCfgStatus INTEGER, + nsNatVipCfgLoadBalance INTEGER +} + +NsNatVipServerEntry ::= SEQUENCE +{ + nsNatVipServerIndex Integer32, + nsNatVipServerVIP IpAddress, + nsNatVipServerService Integer32, + nsNatVipServerLoadBalance INTEGER, + nsNatVipServerIp IpAddress, + nsNatVipServerWeight Integer32, + nsNatVipServerStatus INTEGER +} + +nsNatMipTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsNatMipEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Mapped IP(MIP) is a direct one-to-one maping of traffic + destined for one IP address ot another IP address. On + NetScreen device, MIP addresses for tunnel and untrusted + interfaces can be created." + ::= { netscreenNAT 1 } + +nsNatMipEntry OBJECT-TYPE + SYNTAX NsNatMipEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes of a mip address" + INDEX + { nsNatMipIndex } + ::= { nsNatMipTable 1 } + +nsNatMipIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each address. Its value ranges between 0 + and 65535 and may not be contingous." + ::= { nsNatMipEntry 1 } + +nsNatMipIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "mip address. A MIP must be in the same subnet as the tunnel + interface to which it is linked to; however, for the untrusted + interface, a MIP does not need to be in the same subnet. In + either case, a MIP must not be the same as the interface + address or be in any DIP pool that might also be on that + subnet." + ::= { nsNatMipEntry 2 } + +nsNatMipNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Subnet mask for this MIP." + ::= { nsNatMipEntry 3 } + +nsNatMipHost OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Host ip address mip mapping to." + ::= { nsNatMipEntry 4 } + +nsNatMipIfIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface's ip address that a MIP is linked to." + ::= { nsNatMipEntry 5 } + +nsNatMipIfNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface's netmask that a MIP is linked to." + ::= { nsNatMipEntry 6 } + +nsNatMipVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this mip belongs to." + ::= { nsNatMipEntry 7 } + +nsNatDipTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsNatDipEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A DIP(Dynamic IP) pool is a range of IP addresses from which + the NetScreen device can dynamically take addresses to use when + performing NAT on the source IP address of outgoing or incoming + IP packets." + ::= { netscreenNAT 2 } + +nsNatDipEntry OBJECT-TYPE + SYNTAX NsNatDipEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes of a dynamic address" + INDEX + { nsNatDipIndex } + ::= { nsNatDipTable 1 } + +nsNatDipIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each address. Its value ranges between 0 + and 65535 and may not be contigous." + ::= { nsNatDipEntry 1 } + +nsNatDipId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DIP pool id." + ::= { nsNatDipEntry 2 } + +nsNatDipLow OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Start IP Address Range. The range of addresses in a DIP pool + must be in the same subnet as the interface IP address, but the + DIP pool should not contain the interface IP or any MIP or VIP + address that might on that subnet." + ::= { nsNatDipEntry 3 } + +nsNatDipHigh OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "End IP Address Range. The range of addresses in a DIP pool + must be in the same subnet as the interface IP address, but the + DIP pool should not contain the interface IP or any MIP or VIP + address that might on that subnet." + ::= { nsNatDipEntry 4 } + +nsNatDipIfIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface's ip address that a DIP is linked to." + ::= { nsNatDipEntry 5 } + +nsNatDipIfNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "interface's ip address that a DIP is linked to." + ::= { nsNatDipEntry 6 } + +nsNatDipPTEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Port Translation" + ::= { nsNatDipEntry 7 } + +nsNatDipVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "virtual system this dip belongs to" + ::= { nsNatDipEntry 8 } + +nsNatDipUtil OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "dip pool utilzation for this entry. Only applicable to fixed dip. If this is not a fixed dip this will return 0" + ::= { nsNatDipEntry 9 } + +nsNatDipPPortTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsNatDipPPortEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "show pseudo port allocated status of a dynamic address" + ::= { netscreenNAT 4 } + +nsNatDipPPortEntry OBJECT-TYPE + SYNTAX NsNatDipPPortEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry show pseudo port allocated status of a dynamic address" + INDEX + { nsNatDipPPortIndex } + ::= { nsNatDipPPortTable 1 } + +nsNatDipPPortIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each address. Its value ranges between 0 + and 65535 and may not be contigous." + ::= { nsNatDipPPortEntry 1 } + +nsNatDipAllPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "All port of the dip" + ::= { nsNatDipPPortEntry 2 } + +nsNatDipAllocatedPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allocated port of the dip" + ::= { nsNatDipPPortEntry 3 } + +nsNatDipAvailablePort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Available port of the dip" + ::= { nsNatDipPPortEntry 4 } + +nsNatDipAllocatedPairedPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allocated paired port of the dip" + ::= { nsNatDipPPortEntry 5 } + +nsNatDipAvailablePairedPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Available paired port of the dip" + ::= { nsNatDipPPortEntry 6 } + +nsNatVip OBJECT IDENTIFIER ::= { netscreenNAT 3 } + +nsNatVipCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsNatVipCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "VIP(Virtual IP) allows you to map routable IP addresses to + internal servers, therby providing transparent connections for + a NAT networks to the Internet. This table collects all VIP + configurations in NetScreen device." + ::= { nsNatVip 1 } + +nsNatVipCfgEntry OBJECT-TYPE + SYNTAX NsNatVipCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsNatVipCfgTable holds a set of + configuration parameters associated with an instance of VIP." + INDEX + { nsNatVipCfgIndex } + ::= { nsNatVipCfgTable 1 } + +nsNatVipCfgIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each vip configuation. Its value ranges + between 1 and 65535 and may not be contingous." + ::= { nsNatVipCfgEntry 1 } + +nsNatVipCfgIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address for the VIP, which must be in the same subnet + as the untrusted interface and can even be the same address as + the untrusted interface." + ::= { nsNatVipCfgEntry 2 } + +nsNatVipCfgPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The port number for communication between the trusted server + and the untrusted interfce on the NetScreen device." + ::= { nsNatVipCfgEntry 3 } + +nsNatVipCfgService OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service for the server on the trusted interface." + ::= { nsNatVipCfgEntry 4 } + +nsNatVipCfgStatus OBJECT-TYPE + SYNTAX INTEGER { + not-available(0), + available(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The status of the server on the trusted/DMZ interface." + ::= { nsNatVipCfgEntry 5 } + +nsNatVipCfgLoadBalance OBJECT-TYPE + SYNTAX INTEGER { + null(0), + round-robin(1), + weighted-round-robin(2), + least-conns(3), + weighted-least-conns(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Load balance algorithm for the Virtual IP servers." + ::= { nsNatVipCfgEntry 6 } + +nsNatVipServerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsNatVipServerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Ballancing the loads on NetScreen servers allow traffic + intended for a server(one IP address on the untrusted network) + to be mapped to several different IP addresses on the DMZ or + trusted network. There can be up to eight servers in one load + balancing group, which apperas as a single virtual server.This + table collects all the server pool configurations for the + virtual ip server." + ::= { nsNatVip 2 } + +nsNatVipServerEntry OBJECT-TYPE + SYNTAX NsNatVipServerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes of a vip configuration's server + pool." + INDEX + { nsNatVipServerIndex } + ::= { nsNatVipServerTable 1 } + +nsNatVipServerIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each vip server configuation. Its value + ranges between 1 and 65535 and may not be contigous." + ::= { nsNatVipServerEntry 1 } + +nsNatVipServerVIP OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address for the VIP." + ::= { nsNatVipServerEntry 2 } + +nsNatVipServerService OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service provideing through the VIP." + ::= { nsNatVipServerEntry 3 } + +nsNatVipServerLoadBalance OBJECT-TYPE + SYNTAX INTEGER { + null(0), + round-robin(1), + weighted-round-robin(2), + least-conns(3), + weighted-least-conns(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Load balance algorithm for the vitural IP servers." + ::= { nsNatVipServerEntry 4 } + +nsNatVipServerIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual IP server's IP address." + ::= { nsNatVipServerEntry 5 } + +nsNatVipServerWeight OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Loadbalance algorithm weight." + ::= { nsNatVipServerEntry 6 } + +nsNatVipServerStatus OBJECT-TYPE + SYNTAX INTEGER { + down(0), + up(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual IP server's status." + ::= { nsNatVipServerEntry 7 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-NSRP-MIB b/MIBS/screenos/NETSCREEN-NSRP-MIB new file mode 100644 index 0000000..7a52083 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-NSRP-MIB @@ -0,0 +1,1182 @@ +-- This module defines enterprise MIBs for nsrp +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-NSRP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenNsrp + FROM NETSCREEN-SMI + Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString,PhysAddress + FROM SNMPv2-TC + ; + +netscreenNsrpMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are200 used for netscreen + redundancy protocol" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311140000Z" -- November 14, 2003 + DESCRIPTION + "no comment" + REVISION "200306040000Z" -- June 04, 2003 + DESCRIPTION + "no comment" + REVISION "200101080000Z" -- January 08, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenNsrp 0 } + +NsRpRtoCounterEntry ::= SEQUENCE +{ + nsrpRtoCounterIdx Integer32, + nsrpRtoCounterName DisplayString, + nsrpRtoCounterSend Counter32, + nsrpRtoCounterReceive Counter32, + nsrpRtoCounterDrop Counter32 +} + +NsRpRtoGroupEntry ::= SEQUENCE +{ + nsrpRtoGroupId Integer32, + nsrpRtoNumOfUnit Integer32 +} + +NsRpRtoUnitEntry ::= SEQUENCE +{ + nsrpRtoUnitGroupId Integer32, + nsrpRtoUnitId Integer32, + nsrpRtoUnitStatus INTEGER, + nsrpRtoUnitDirection INTEGER, + nsrpRtoUnitLostHeartbeat Counter32, + nsrpRtoUnitToActive Counter32, + nsrpRtoUnitToSet Counter32, + nsrpRtoUnitLostPeer Counter32, + nsrpRtoUnitGroupDetach Counter32 +} + +NsRpTrackEntry ::= SEQUENCE +{ + nsrpTrackIpIndex Integer32, + nsrpTrackIpAddr IpAddress, + nsrpTrackIpStatus INTEGER, + nsrpTrackIpTimestamp Integer32, + nsrpTrackIpInterval Integer32, + nsrpTrackIpThreshhold Integer32, + nsrpTrackIpMethod INTEGER, + nsrpTrackIpWeight Integer32, + nsrpTrackIpIfName DisplayString, + nsrpTrackIpTotalCheck Integer32, + nsrpTrackIpTotalFailedCheck Integer32 +} + +NsRpVsdInterfaceEntry ::= SEQUENCE +{ + nsrpVsdIfIndex Integer32, + nsrpVsdIfStatus INTEGER, + nsrpVsdIfGroupId Integer32, + nsrpVsdIfIp IpAddress, + nsrpVsdIfNetmask IpAddress, + nsrpVsdIfGateway IpAddress, + nsrpVsdIfName DisplayString, + nsrpVsdIfVLAN Integer32, + nsrpVsdIfMAC PhysAddress, + nsrpVsdIfVSys DisplayString, + nsrpVsdIfMngTelnet INTEGER, + nsrpVsdIfMngSCS INTEGER, + nsrpVsdIfMngWEB INTEGER, + nsrpVsdIfMngSSL INTEGER, + nsrpVsdIfMngSNMP INTEGER, + nsrpVsdIfMngGlobal INTEGER, + nsrpVsdIfMngGlobalPro INTEGER, + nsrpVsdIfMngPing INTEGER, + nsrpVsdIfMngIdentReset INTEGER +} + +NsrpClusterEntry ::= SEQUENCE +{ + nsrpClusterTblIndex Integer32, + nsrpClusterUnitId Integer32, + nsrpClusterUnitCtrlMac PhysAddress, + nsrpClusterUnitDataMac PhysAddress +} + +NsrpLinkInfoEntry ::= SEQUENCE +{ + nsrpLinkInfoIndex Integer32, + nsrpLinkInfoLinkType INTEGER, + nsrpLinkInfoChannel DisplayString, + nsrpLinkInfoMac PhysAddress, + nsrpLinkInfoState INTEGER +} + +NsrpVsdGroupEntry ::= SEQUENCE +{ + nsrpVsdGroupID Integer32, + nsrpVsdGroupPriority Integer32, + nsrpVsdGroupPreempt Integer32, + nsrpVsdGroupHoldDownTime Integer32, + nsrpVsdGroupNumberOfUnit Integer32, + nsrpVsdGroupCntStateChange Integer32, + nsrpVsdGroupCntToInit Integer32, + nsrpVsdGroupCntToMaster Integer32, + nsrpVsdGroupCntToPBackup Integer32, + nsrpVsdGroupCntToBackup Integer32, + nsrpVsdGroupCntToIneligible Integer32, + nsrpVsdGroupCntToInoperable Integer32, + nsrpVsdGroupCntMasterConflict Integer32, + nsrpVsdGroupCntPbConfilict Integer32, + nsrpVsdGroupCntHeartbeatTx Integer32, + nsrpVsdGroupCntHeartbeatRx Integer32 +} + +NsrpVsdMemberEntry ::= SEQUENCE +{ + nsrpVsdMemberGroupId Integer32, + nsrpVsdMemberUnitId Integer32, + nsrpVsdMemberStatus INTEGER, + nsrpVsdMemberPriority Integer32, + nsrpVsdMemberPreempt Integer32 +} + +netscreenNsrpGeneral OBJECT IDENTIFIER ::= { netscreenNsrp 1 } + +nsrpGeneralClusterId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The cluster ID" + ::= { netscreenNsrpGeneral 1 } + +nsrpGeneralLocalUnitId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "local device's unit ID" + ::= { netscreenNsrpGeneral 2 } + +nsrpGeneralEncrypEnable OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NSRP encryption enabled" + ::= { netscreenNsrpGeneral 3 } + +nsrpGeneralAuthEnable OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NSRP authentication enabled" + ::= { netscreenNsrpGeneral 4 } + +nsrpGeneralIfMonitor OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "interface being monitored" + ::= { netscreenNsrpGeneral 5 } + +nsrpGeneralGratArps OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of gratuitious arps" + ::= { netscreenNsrpGeneral 6 } + +netscreenNsrpVSD OBJECT IDENTIFIER ::= { netscreenNsrp 2 } + +nsrpVsdGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsrpVsdGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of VSD groups on the device." + ::= { netscreenNsrpVSD 1 } + +nsrpVsdGroupEntry OBJECT-TYPE + SYNTAX NsrpVsdGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes for a track ip" + INDEX + { nsrpVsdGroupID } + ::= { nsrpVsdGroupTable 1 } + +nsrpVsdGroupID OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "one group ID the device belongs to." + ::= { nsrpVsdGroupEntry 1 } + +nsrpVsdGroupPriority OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "local unit in current group's priority." + ::= { nsrpVsdGroupEntry 2 } + +nsrpVsdGroupPreempt OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "local unit in current group's preempt." + ::= { nsrpVsdGroupEntry 3 } + +nsrpVsdGroupHoldDownTime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "TBD" + ::= { nsrpVsdGroupEntry 4 } + +nsrpVsdGroupNumberOfUnit OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unit quantity in this group." + ::= { nsrpVsdGroupEntry 5 } + +nsrpVsdGroupCntStateChange OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "total number of state transition events" + ::= { nsrpVsdGroupEntry 6 } + +nsrpVsdGroupCntToInit OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into init state, which is as out of + ineligible state`" + ::= { nsrpVsdGroupEntry 7 } + +nsrpVsdGroupCntToMaster OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into master state" + ::= { nsrpVsdGroupEntry 8 } + +nsrpVsdGroupCntToPBackup OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into primary backup state" + ::= { nsrpVsdGroupEntry 9 } + +nsrpVsdGroupCntToBackup OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into backup state." + ::= { nsrpVsdGroupEntry 10 } + +nsrpVsdGroupCntToIneligible OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into ineligible state." + ::= { nsrpVsdGroupEntry 11 } + +nsrpVsdGroupCntToInoperable OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of state transition into inoperable state." + ::= { nsrpVsdGroupEntry 12 } + +nsrpVsdGroupCntMasterConflict OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of times multiple masters exist while the local unit is + in master state." + ::= { nsrpVsdGroupEntry 13 } + +nsrpVsdGroupCntPbConfilict OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of times multiple primary backups exist while the local + unit is in primary backup state." + ::= { nsrpVsdGroupEntry 14 } + +nsrpVsdGroupCntHeartbeatTx OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of heart beat transfered by a group." + ::= { nsrpVsdGroupEntry 15 } + +nsrpVsdGroupCntHeartbeatRx OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "number of heart beat received by a group." + ::= { nsrpVsdGroupEntry 16 } + +nsrpVsdMemberTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsrpVsdMemberEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of devices within the VSD group." + ::= { netscreenNsrpVSD 2 } + +nsrpVsdMemberEntry OBJECT-TYPE + SYNTAX NsrpVsdMemberEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A entry containing attributes of one device in a group" + INDEX + { nsrpVsdMemberGroupId, nsrpVsdMemberUnitId } + ::= { nsrpVsdMemberTable 1 } + +nsrpVsdMemberGroupId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "indicate the Group it belong to" + ::= { nsrpVsdMemberEntry 1 } + +nsrpVsdMemberUnitId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VSD group member's unit id" + ::= { nsrpVsdMemberEntry 2 } + +nsrpVsdMemberStatus OBJECT-TYPE + SYNTAX INTEGER { + undefined(0), + init(1), + master(2), + primary-backup(3), + backup(4), + ineligible(5), + inoperable(6) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Undefined + 1 init + 2 Master + 3 Primary Backup + 4 Backup + 5 ineligible + 6 inoperable" + ::= { nsrpVsdMemberEntry 3 } + +nsrpVsdMemberPriority OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Priority of unit in this group" + ::= { nsrpVsdMemberEntry 4 } + +nsrpVsdMemberPreempt OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unit in current group's preempt" + ::= { nsrpVsdMemberEntry 5 } + +nsrpVsdInterfaceTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRpVsdInterfaceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of VSD interfaces on the device." + ::= { netscreenNsrpVSD 3 } + +nsrpVsdInterfaceEntry OBJECT-TYPE + SYNTAX NsRpVsdInterfaceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A track entry containing attributes for a track ip" + INDEX + { nsrpVsdIfIndex } + ::= { nsrpVsdInterfaceTable 1 } + +nsrpVsdIfIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A index." + ::= { nsrpVsdInterfaceEntry 1 } + +nsrpVsdIfStatus OBJECT-TYPE + SYNTAX INTEGER { + down(0), + inactive(1), + active(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "indicate the status of this vsi interface" + ::= { nsrpVsdInterfaceEntry 2 } + +nsrpVsdIfGroupId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "indicate the group it belong to" + ::= { nsrpVsdInterfaceEntry 3 } + +nsrpVsdIfIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ip ADDRESS" + ::= { nsrpVsdInterfaceEntry 4 } + +nsrpVsdIfNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "subnet mask" + ::= { nsrpVsdInterfaceEntry 5 } + +nsrpVsdIfGateway OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "gateway" + ::= { nsrpVsdInterfaceEntry 6 } + +nsrpVsdIfName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "trust/untrust/DMZ" + ::= { nsrpVsdInterfaceEntry 7 } + +nsrpVsdIfVLAN OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vlan -1 means no vlan" + ::= { nsrpVsdInterfaceEntry 8 } + +nsrpVsdIfMAC OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "mac address" + ::= { nsrpVsdInterfaceEntry 9 } + +nsrpVsdIfVSys OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "virtual system" + ::= { nsrpVsdInterfaceEntry 10 } + +nsrpVsdIfMngTelnet OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 11 } + +nsrpVsdIfMngSCS OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 12 } + +nsrpVsdIfMngWEB OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 13 } + +nsrpVsdIfMngSSL OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 14 } + +nsrpVsdIfMngSNMP OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 15 } + +nsrpVsdIfMngGlobal OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 16 } + +nsrpVsdIfMngGlobalPro OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 17 } + +nsrpVsdIfMngPing OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 18 } + +nsrpVsdIfMngIdentReset OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 Disable + 1 Enable" + ::= { nsrpVsdInterfaceEntry 19 } + +nsrpVsdGeneral OBJECT IDENTIFIER ::= { netscreenNsrpVSD 4 } + +nsrpVsdGeneralInitHoldTime OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VSD group init hold time (in second)" + ::= { nsrpVsdGeneral 1 } + +nsrpVsdGeneralHbInterval OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VSD heart beat interval.(in milisecond)" + ::= { nsrpVsdGeneral 2 } + +nsrpVsdGeneralHbLostThres OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsd heartbeat lost threshold" + ::= { nsrpVsdGeneral 3 } + +netscreenNsrpRTO OBJECT IDENTIFIER ::= { netscreenNsrp 3 } + +nsrpRtoGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRpRtoGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of RTO groups on the device." + ::= { netscreenNsrpRTO 1 } + +nsrpRtoGroupEntry OBJECT-TYPE + SYNTAX NsRpRtoGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes for RTO group" + INDEX + { nsrpRtoGroupId } + ::= { nsrpRtoGroupTable 1 } + +nsrpRtoGroupId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A RTO group ID.also used as table index" + ::= { nsrpRtoGroupEntry 1 } + +nsrpRtoNumOfUnit OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "how many units in this RTO group" + ::= { nsrpRtoGroupEntry 2 } + +nsrpRtoUnitTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRpRtoUnitEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of device status within a RTO group." + ::= { netscreenNsrpRTO 2 } + +nsrpRtoUnitEntry OBJECT-TYPE + SYNTAX NsRpRtoUnitEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A track entry containing attributes for a track ip" + INDEX + { nsrpRtoUnitGroupId, nsrpRtoUnitId } + ::= { nsrpRtoUnitTable 1 } + +nsrpRtoUnitGroupId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The RTO group id, a unit belongs to" + ::= { nsrpRtoUnitEntry 1 } + +nsrpRtoUnitId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "device's unit id." + ::= { nsrpRtoUnitEntry 2 } + +nsrpRtoUnitStatus OBJECT-TYPE + SYNTAX INTEGER { + undefined(0), + set(1), + active(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The RTO group id, a unit belongs to" + ::= { nsrpRtoUnitEntry 3 } + +nsrpRtoUnitDirection OBJECT-TYPE + SYNTAX INTEGER { + out(1), + in(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The RTO uint's dirction in the group" + ::= { nsrpRtoUnitEntry 4 } + +nsrpRtoUnitLostHeartbeat OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter of heartbeat" + ::= { nsrpRtoUnitEntry 5 } + +nsrpRtoUnitToActive OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter of active" + ::= { nsrpRtoUnitEntry 6 } + +nsrpRtoUnitToSet OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter of set" + ::= { nsrpRtoUnitEntry 7 } + +nsrpRtoUnitLostPeer OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter of lost peer" + ::= { nsrpRtoUnitEntry 8 } + +nsrpRtoUnitGroupDetach OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter of rto group detach" + ::= { nsrpRtoUnitEntry 9 } + +nsrpRtoCounter OBJECT IDENTIFIER ::= { netscreenNsrpRTO 3 } + +nsrpRtoCounterPakForwarded OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packets forwarded by rto." + ::= { nsrpRtoCounter 1 } + +nsrpRtoCounterPakReceived OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "packets received by rto." + ::= { nsrpRtoCounter 2 } + +nsrpRtoCounterTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRpRtoCounterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of rto counter object entry." + ::= { nsrpRtoCounter 3 } + +nsrpRtoCounterEntry OBJECT-TYPE + SYNTAX NsRpRtoCounterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A rto counter entry containing attributes for a rto counter + obj." + INDEX + { nsrpRtoCounterIdx } + ::= { nsrpRtoCounterTable 1 } + +nsrpRtoCounterIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "counter index." + ::= { nsrpRtoCounterEntry 1 } + +nsrpRtoCounterName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Name of a rto counter object." + ::= { nsrpRtoCounterEntry 2 } + +nsrpRtoCounterSend OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total number of message sent." + ::= { nsrpRtoCounterEntry 3 } + +nsrpRtoCounterReceive OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total number of message received." + ::= { nsrpRtoCounterEntry 4 } + +nsrpRtoCounterDrop OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total number of message dropped." + ::= { nsrpRtoCounterEntry 5 } + +nsrpRtoGeneral OBJECT IDENTIFIER ::= { netscreenNsrpRTO 4 } + +nsrpRtoGeneralHbInterval OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "rto heart beat interval." + ::= { nsrpRtoGeneral 1 } + +nsrpRtoGeneralHbLostThres OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "rto heartbeat lost threshold" + ::= { nsrpRtoGeneral 2 } + +nsrpRtoGeneralSessSyncEnable OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "session sync enabled." + ::= { nsrpRtoGeneral 3 } + +netscreenNsrpTrack OBJECT IDENTIFIER ::= { netscreenNsrp 4 } + +nsrpTrackEnable OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 means disable, 1 meams enable" + ::= { netscreenNsrpTrack 1 } + +nsrpTrackThreshold OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Failover Threshold" + ::= { netscreenNsrpTrack 2 } + +nsrpTrackFailoverEnalble OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Failover enable switch" + ::= { netscreenNsrpTrack 3 } + +nsrpTrackTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRpTrackEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of track ip entries." + ::= { netscreenNsrpTrack 4 } + +nsrpTrackEntry OBJECT-TYPE + SYNTAX NsRpTrackEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A track entry containing attributes for a track ip" + INDEX + { nsrpTrackIpIndex } + ::= { nsrpTrackTable 1 } + +nsrpTrackIpIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each track ip. Its value ranges between 1 + and 65535 and may not be contigous. It has no other meaning + but a pure index." + ::= { nsrpTrackEntry 1 } + +nsrpTrackIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of the monitored device." + ::= { nsrpTrackEntry 2 } + +nsrpTrackIpStatus OBJECT-TYPE + SYNTAX INTEGER { + success(0), + fail(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Status" + ::= { nsrpTrackEntry 3 } + +nsrpTrackIpTimestamp OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Timestamp of status change. Reference 1970/1/1 0:0" + ::= { nsrpTrackEntry 4 } + +nsrpTrackIpInterval OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A frequecy how the track ip is checked. It is in unit of + seconds." + ::= { nsrpTrackEntry 5 } + +nsrpTrackIpThreshhold OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A number of consective failures to regard the device has + failed." + ::= { nsrpTrackEntry 6 } + +nsrpTrackIpMethod OBJECT-TYPE + SYNTAX INTEGER { + ping(0), + arp(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The method to track the device." + ::= { nsrpTrackEntry 7 } + +nsrpTrackIpWeight OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The weight of this failure contributing to the failover." + ::= { nsrpTrackEntry 8 } + +nsrpTrackIpIfName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The interface the track messages are sent to. Auto means the + actual interface is determined by the routing table." + ::= { nsrpTrackEntry 9 } + +nsrpTrackIpTotalCheck OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of ping/arp attempts." + ::= { nsrpTrackEntry 10 } + +nsrpTrackIpTotalFailedCheck OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of total failed attempts." + ::= { nsrpTrackEntry 11 } + +netscreenNsrpCluster OBJECT IDENTIFIER ::= { netscreenNsrp 5 } + +nsrpClusterTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsrpClusterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of cluster on the device." + ::= { netscreenNsrpCluster 1 } + +nsrpClusterEntry OBJECT-TYPE + SYNTAX NsrpClusterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes for nsrp cluster" + INDEX + { nsrpClusterTblIndex } + ::= { nsrpClusterTable 1 } + +nsrpClusterTblIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "table index" + ::= { nsrpClusterEntry 1 } + +nsrpClusterUnitId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Unit id in this cluster" + ::= { nsrpClusterEntry 2 } + +nsrpClusterUnitCtrlMac OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Unit id's control path mac address" + ::= { nsrpClusterEntry 3 } + +nsrpClusterUnitDataMac OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Unit id's data path mac address" + ::= { nsrpClusterEntry 4 } + +netscreenNsrpLinkInfo OBJECT IDENTIFIER ::= { netscreenNsrp 6 } + +nsrpLinkInfoTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsrpLinkInfoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of NSRP link info" + ::= { netscreenNsrpLinkInfo 1 } + +nsrpLinkInfoEntry OBJECT-TYPE + SYNTAX NsrpLinkInfoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes for nsrp link info" + INDEX + { nsrpLinkInfoIndex } + ::= { nsrpLinkInfoTable 1 } + +nsrpLinkInfoIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "table index" + ::= { nsrpLinkInfoEntry 1 } + +nsrpLinkInfoLinkType OBJECT-TYPE + SYNTAX INTEGER { + control(0), + data(1), + unused(2), + hapath2(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "link type" + ::= { nsrpLinkInfoEntry 2 } + +nsrpLinkInfoChannel OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "link channel's name" + ::= { nsrpLinkInfoEntry 3 } + +nsrpLinkInfoMac OBJECT-TYPE + SYNTAX PhysAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "link channel's mac address" + ::= { nsrpLinkInfoEntry 4 } + +nsrpLinkInfoState OBJECT-TYPE + SYNTAX INTEGER { + down(0), + up(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "link channel's state" + ::= { nsrpLinkInfoEntry 5 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-OSPF-MIB b/MIBS/screenos/NETSCREEN-OSPF-MIB new file mode 100644 index 0000000..401149c --- /dev/null +++ b/MIBS/screenos/NETSCREEN-OSPF-MIB @@ -0,0 +1,2397 @@ +-- These MIBs were created on 1/7/2003 +-- This module defines enterprise MIBs for NS OSPF +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + + +NETSCREEN-OSPF-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, + Integer32, IpAddress + FROM SNMPv2-SMI + TEXTUAL-CONVENTION, TruthValue, RowStatus + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF + mib-2 FROM RFC1213-MIB + netscreenVR FROM NETSCREEN-SMI; + +-- This MIB module uses the extended OBJECT-TYPE macro as +-- defined in [9]. + +nsOspf MODULE-IDENTITY + LAST-UPDATED "200506032022Z" -- June 20, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module to describe the NS-OSPF Version 2 + Protocol" + ::= { netscreenVR 2 } + +-- The Area ID, in OSPF, has the same format as an IP Address, +-- but has the function of defining a summarization point for +-- Link State Advertisements + +AreaID ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "An OSPF Area Identifier." + SYNTAX IpAddress + +-- The Router ID, in OSPF, has the same format as an IP Address, + +-- but identifies the router independent of its IP Address. + +RouterID ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "A OSPF Router Identifier." + SYNTAX IpAddress + +-- The OSPF Metric is defined as an unsigned value in the range + +Metric ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The OSPF Internal Metric." + SYNTAX Integer32 (0..'FFFF'H) + +BigMetric ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The OSPF External Metric." + SYNTAX Integer32 (0..'FFFFFF'H) + +-- Status Values + +Status ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The status of an interface: 'enabled' indicates that + it is willing to communicate with other OSPF Routers, + while 'disabled' indicates that it is not." + SYNTAX INTEGER { enabled (1), disabled (2) } + +-- Time Durations measured in seconds + +PositiveInteger ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "A positive integer. Values in excess are precluded as + unnecessary and prone to interoperability issues." + SYNTAX Integer32 (0..'7FFFFFFF'H) + +HelloRange ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The range of intervals on which hello messages are + exchanged." + SYNTAX Integer32 (1..'FFFF'H) + +UpToMaxAge ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The values that one might find or configure for + variables bounded by the maximum age of an LSA." + SYNTAX Integer32 (0..3600) + +-- The range of ifIndex + +InterfaceIndex ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The range of ifIndex." + SYNTAX Integer32 + +-- Potential Priorities for the Designated Router Election + +DesignatedRouterPriority ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "The values defined for the priority of a system for + becoming the designated router." + SYNTAX Integer32 (0..'FF'H) + +TOSType ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "Type of Service is defined as a mapping to the IP Type of + Service Flags as defined in the IP Forwarding Table MIB + + +-----+-----+-----+-----+-----+-----+-----+-----+ + | | | | + | PRECEDENCE | TYPE OF SERVICE | 0 | + | | | | + +-----+-----+-----+-----+-----+-----+-----+-----+ + + IP TOS IP TOS + Field Policy Field Policy + + Contents Code Contents Code + 0 0 0 0 ==> 0 0 0 0 1 ==> 2 + 0 0 1 0 ==> 4 0 0 1 1 ==> 6 + 0 1 0 0 ==> 8 0 1 0 1 ==> 10 + 0 1 1 0 ==> 12 0 1 1 1 ==> 14 + 1 0 0 0 ==> 16 1 0 0 1 ==> 18 + 1 0 1 0 ==> 20 1 0 1 1 ==> 22 + + 1 1 0 0 ==> 24 1 1 0 1 ==> 26 + 1 1 1 0 ==> 28 1 1 1 1 ==> 30 + + The remaining values are left for future definition." + SYNTAX Integer32 (0..30) + +-- OSPF General Variables + +-- These parameters apply globally to the Router's +-- OSPF Process. + + nsOspfGeneralTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfGeneralEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Ospf general information table per VR" + ::= { nsOspf 1 } + + nsOspfGeneralEntry OBJECT-TYPE + SYNTAX NsOspfGeneralEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Ospf general information table per VR" + INDEX { nsOspfGeneralVRID } + ::= { nsOspfGeneralTable 1 } + + NsOspfGeneralEntry ::= + SEQUENCE { + nsOspfRouterId + RouterID, + nsOspfAdminStat + Status, + nsOspfVersionNumber + INTEGER, + nsOspfAreaBdrRtrStatus + TruthValue, + nsOspfASBdrRtrStatus + TruthValue, + nsOspfExternLsaCount + Gauge32, + nsOspfAreaLsaCount + Gauge32, + nsOspfExternLsaCksumSum + Integer32, + nsOspfTOSSupport + TruthValue, + nsOspfOriginateNewLsas + Counter32, + nsOspfRxNewLsas + Counter32, + nsOspfExtLsdbLimit + Integer32, + nsOspfMulticastExtensions + Integer32, + nsOspfExitOverflowInterval + PositiveInteger, + nsOspfDemandExtensions + TruthValue, + nsOspfGeneralVRID + INTEGER + } + + nsOspfRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A 32-bit integer uniquely identifying the + router in the Autonomous System. + + By convention, to ensure uniqueness, this + should default to the value of one of the + router's IP interface addresses." + REFERENCE + "OSPF Version 2, C.1 Global parameters" + ::= { nsOspfGeneralEntry 1 } + + nsOspfAdminStat OBJECT-TYPE + SYNTAX Status + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The administrative status of OSPF in the + router. The value 'enabled' denotes that the + OSPF Process is active on at least one inter- + face; 'disabled' disables it on all inter- + faces." + ::= { nsOspfGeneralEntry 2 } + + nsOspfVersionNumber OBJECT-TYPE + SYNTAX INTEGER { version2 (2) } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + + "The deprecated version number of the OSPF proto- + col is 2." + REFERENCE + "OSPF Version 2, Title" + ::= { nsOspfGeneralEntry 3 } + + nsOspfAreaBdrRtrStatus OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A flag to note whether this router is an area + border router." + REFERENCE + "OSPF Version 2, Section 3 Splitting the AS into + Areas" + ::= { nsOspfGeneralEntry 4 } + + nsOspfASBdrRtrStatus OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A flag to note whether this router is config- + ured as an Autonomous System border router." + REFERENCE + "OSPF Version 2, Section 3.3 Classification of + routers" + ::= { nsOspfGeneralEntry 5 } + + nsOspfExternLsaCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of external (LS type 5) link-state + advertisements in the link-state database." + REFERENCE + "OSPF Version 2, Appendix A.4.5 AS external link + advertisements" + ::= { nsOspfGeneralEntry 6 } + + nsOspfExternLsaCksumSum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + + STATUS deprecated + DESCRIPTION + "The 32-bit unsigned sum of the LS checksums of + the external link-state advertisements con- + tained in the link-state database. This sum + can be used to determine if there has been a + change in a router's link state database, and + to compare the link-state database of two + routers." + ::= { nsOspfGeneralEntry 7 } + + nsOspfTOSSupport OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The router's support for type-of-service rout- + ing." + REFERENCE + "OSPF Version 2, Appendix F.1.2 Optional TOS + support" + ::= { nsOspfGeneralEntry 8 } + + nsOspfOriginateNewLsas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of new link-state advertisements + that have been originated. This number is in- + cremented each time the router originates a new + LSA." + ::= { nsOspfGeneralEntry 9 } + + nsOspfRxNewLsas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of link-state advertisements re- + ceived determined to be new instantiations. + This number does not include newer instantia- + tions of self-originated link-state advertise- + ments." + ::= { nsOspfGeneralEntry 10 } + + nsOspfExtLsdbLimit OBJECT-TYPE + SYNTAX Integer32 (-1..'7FFFFFFF'H) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The maximum number of non-default AS- + external-LSAs entries that can be stored in the + link-state database. If the value is -1, then + there is no limit. + + When the number of non-default AS-external-LSAs + in a router's link-state database reaches + nsOspfExtLsdbLimit, the router enters Overflow- + State. The router never holds more than + nsOspfExtLsdbLimit non-default AS-external-LSAs + in its database. OspfExtLsdbLimit MUST be set + identically in all routers attached to the OSPF + backbone and/or any regular OSPF area. (i.e., + OSPF stub areas and NSSAs are excluded)." + DEFVAL { -1 } + ::= { nsOspfGeneralEntry 11 } + + nsOspfMulticastExtensions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A Bit Mask indicating whether the router is + forwarding IP multicast (Class D) datagrams + based on the algorithms defined in the Multi- + cast Extensions to OSPF. + + Bit 0, if set, indicates that the router can + forward IP multicast datagrams in the router's + directly attached areas (called intra-area mul- + ticast routing). + + Bit 1, if set, indicates that the router can + forward IP multicast datagrams between OSPF + areas (called inter-area multicast routing). + + Bit 2, if set, indicates that the router can + forward IP multicast datagrams between Auto- + nomous Systems (called inter-AS multicast rout- + ing). + + Only certain combinations of bit settings are + allowed, namely: 0 (no multicast forwarding is + + enabled), 1 (intra-area multicasting only), 3 + (intra-area and inter-area multicasting), 5 + (intra-area and inter-AS multicasting) and 7 + (multicasting everywhere). By default, no mul- + ticast forwarding is enabled." + DEFVAL { 0 } + ::= { nsOspfGeneralEntry 12 } + + nsOspfExitOverflowInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of seconds that, after entering + OverflowState, a router will attempt to leave + OverflowState. This allows the router to again + originate non-default AS-external-LSAs. When + set to 0, the router will not leave Overflow- + State until restarted." + DEFVAL { 0 } + ::= { nsOspfGeneralEntry 13 } + + nsOspfDemandExtensions OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The router's support for demand routing." + REFERENCE + "OSPF Version 2, Appendix on Demand Routing" + ::= { nsOspfGeneralEntry 14 } + + nsOspfGeneralVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfGeneralEntry 15 } + +-- The OSPF Area Data Structure contains information +-- regarding the various areas. The interfaces and +-- virtual links are configured as part of these areas. +-- Area 0.0.0.0, by definition, is the Backbone Area + + nsOspfAreaTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfAreaEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information describing the configured parame- + ters and cumulative statistics of the router's + attached areas." + + REFERENCE + "OSPF Version 2, Section 6 The Area Data Struc- + ture" + ::= { nsOspf 2 } + + nsOspfAreaEntry OBJECT-TYPE + SYNTAX NsOspfAreaEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information describing the configured parame- + ters and cumulative statistics of one of the + router's attached areas." + INDEX { nsOspfAreaId, nsOspfAreaVRID } + ::= { nsOspfAreaTable 1 } + + NsOspfAreaEntry ::= + SEQUENCE { + nsOspfAreaId + AreaID, + nsOspfImportAsExtern + INTEGER, + nsOspfSpfRuns + Counter32, + nsOspfAreaBdrRtrCount + Gauge32, + nsOspfAsBdrRtrCount + Gauge32, + nsOspfAreaLsaCount + Gauge32, + nsOspfAreaLsaCksumSum + Integer32, + nsOspfAreaSummary + INTEGER, + nsOspfAreaStatus + RowStatus, + nsOspfAreaVRID + INTEGER + } + + nsOspfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A 32-bit integer uniquely identifying an area. + Area ID 0.0.0.0 is used for the OSPF backbone." + + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfAreaEntry 1 } + + nsOspfImportAsExtern OBJECT-TYPE + SYNTAX INTEGER { + importExternal (1), + importNoExternal (2), + importNssa (3) + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The area's support for importing AS external + link- state advertisements." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + DEFVAL { importExternal } + ::= { nsOspfAreaEntry 3 } + + nsOspfSpfRuns OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of times that the intra-area route + table has been calculated using this area's + link-state database. This is typically done + using Dijkstra's algorithm." + + ::= { nsOspfAreaEntry 4 } + + nsOspfAreaBdrRtrCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of area border routers reach- + able within this area. This is initially zero, + and is calculated in each SPF Pass." + ::= { nsOspfAreaEntry 5 } + + nsOspfAsBdrRtrCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of Autonomous System border + routers reachable within this area. This is + initially zero, and is calculated in each SPF + Pass." + ::= { nsOspfAreaEntry 6 } + + nsOspfAreaLsaCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The total number of link-state advertisements + in this area's link-state database, excluding + AS External LSA's." + ::= { nsOspfAreaEntry 7 } + + nsOspfAreaLsaCksumSum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The 32-bit unsigned sum of the link-state ad- + vertisements' LS checksums contained in this + area's link-state database. This sum excludes + external (LS type 5) link-state advertisements. + The sum can be used to determine if there has + been a change in a router's link state data- + base, and to compare the link-state database of + + two routers." + DEFVAL { 0 } + ::= { nsOspfAreaEntry 8 } + + nsOspfAreaSummary OBJECT-TYPE + SYNTAX INTEGER { + noAreaSummary (1), + sendAreaSummary (2) + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The variable nsOspfAreaSummary controls the im- + port of summary LSAs into stub areas. It has + no effect on other areas. + + If it is noAreaSummary, the router will neither + originate nor propagate summary LSAs into the + stub area. It will rely entirely on its de- + fault route. + + If it is sendAreaSummary, the router will both + summarize and propagate summary LSAs." + DEFVAL { noAreaSummary } + ::= { nsOspfAreaEntry 9 } + + nsOspfAreaStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfAreaEntry 10 } + + nsOspfAreaVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfAreaEntry 11 } + +-- OSPF Area Default Metric Table + +-- The OSPF Area Default Metric Table describes the metrics +-- that a default Area Border Router will advertise into a +-- Stub area. + + nsOspfStubAreaTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfStubAreaEntry + + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The set of metrics that will be advertised by + a default Area Border Router into a stub area." + REFERENCE + "OSPF Version 2, Appendix C.2, Area Parameters" + ::= { nsOspf 3 } + + nsOspfStubAreaEntry OBJECT-TYPE + SYNTAX NsOspfStubAreaEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The metric for a given Type of Service that + will be advertised by a default Area Border + Router into a stub area." + REFERENCE + "OSPF Version 2, Appendix C.2, Area Parameters" + INDEX { nsOspfStubAreaId, nsOspfStubTOS, nsOspfStubVRID } + ::= { nsOspfStubAreaTable 1 } + + NsOspfStubAreaEntry ::= + SEQUENCE { + nsOspfStubAreaId + AreaID, + nsOspfStubTOS + TOSType, + nsOspfStubMetric + BigMetric, + nsOspfStubStatus + RowStatus, + nsOspfStubMetricType + INTEGER, + nsOspfStubVRID + INTEGER + } + + nsOspfStubAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The 32 bit identifier for the Stub Area. On + creation, this can be derived from the in- + stance." + ::= { nsOspfStubAreaEntry 1 } + + nsOspfStubTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Type of Service associated with the + metric. On creation, this can be derived from + the instance." + ::= { nsOspfStubAreaEntry 2 } + + nsOspfStubMetric OBJECT-TYPE + SYNTAX BigMetric + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The metric value applied at the indicated type + of service. By default, this equals the least + metric at the type of service among the inter- + faces to other areas." + ::= { nsOspfStubAreaEntry 3 } + + nsOspfStubStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfStubAreaEntry 4 } + + nsOspfStubMetricType OBJECT-TYPE + SYNTAX INTEGER { + nsOspfMetric (1), -- OSPF Metric + comparableCost (2), -- external type 1 + nonComparable (3) -- external type 2 + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the type of metric ad- + vertised as a default route." + DEFVAL { nsOspfMetric } + ::= { nsOspfStubAreaEntry 5 } + + nsOspfStubVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfStubAreaEntry 6 } + +-- OSPF Link State Database + +-- The Link State Database contains the Link State +-- Advertisements from throughout the areas that the +-- device is attached to. + + nsOspfLsdbTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfLsdbEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The OSPF Process's Link State Database." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsOspf 4 } + + nsOspfLsdbEntry OBJECT-TYPE + SYNTAX NsOspfLsdbEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A single Link State Advertisement." + INDEX { nsOspfLsdbAreaId, nsOspfLsdbType, + nsOspfLsdbLsid, nsOspfLsdbRouterId, nsOspfLsdbVRID } + ::= { nsOspfLsdbTable 1 } + + NsOspfLsdbEntry ::= + SEQUENCE { + nsOspfLsdbAreaId + AreaID, + nsOspfLsdbType + INTEGER, + nsOspfLsdbLsid + IpAddress, + nsOspfLsdbRouterId + RouterID, + nsOspfLsdbSequence + Integer32, + nsOspfLsdbAge + Integer32, + nsOspfLsdbChecksum + Integer32, + nsOspfLsdbAdvertisement + OCTET STRING, + nsOspfLsdbVRID + INTEGER + } + + nsOspfLsdbAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The 32 bit identifier of the Area from which + the LSA was received." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfLsdbEntry 1 } + +-- External Link State Advertisements are permitted +-- for backward compatibility, but should be displayed in +-- the nsOspfExtLsdbTable rather than here. + + nsOspfLsdbType OBJECT-TYPE + SYNTAX INTEGER { + routerLink (1), + networkLink (2), + summaryLink (3), + asSummaryLink (4), + asExternalLink (5), -- but see nsOspfExtLsdbTable + multicastLink (6), + nssaExternalLink (7) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The type of the link state advertisement. + Each link state type has a separate advertise- + ment format." + REFERENCE + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsOspfLsdbEntry 2 } + + nsOspfLsdbLsid OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Link State ID is an LS Type Specific field + containing either a Router ID or an IP Address; + it identifies the piece of the routing domain + that is being described by the advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.4 Link State ID" + ::= { nsOspfLsdbEntry 3 } + + nsOspfLsdbRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The 32 bit number that uniquely identifies the + originating router in the Autonomous System." + REFERENCE + "OSPF Version 2, Appendix C.1 Global parameters" + ::= { nsOspfLsdbEntry 4 } + +-- Note that the OSPF Sequence Number is a 32 bit signed +-- integer. It starts with the value '80000001'h, +-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h +-- Thus, a typical sequence number will be very negative. + + nsOspfLsdbSequence OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The sequence number field is a signed 32-bit + integer. It is used to detect old and dupli- + cate link state advertisements. The space of + sequence numbers is linearly ordered. The + larger the sequence number the more recent the + advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.6 LS sequence + number" + ::= { nsOspfLsdbEntry 5 } + + nsOspfLsdbAge OBJECT-TYPE + SYNTAX Integer32 -- Should be 0..MaxAge + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This field is the age of the link state adver- + tisement in seconds." + REFERENCE + "OSPF Version 2, Section 12.1.1 LS age" + ::= { nsOspfLsdbEntry 6 } + + nsOspfLsdbChecksum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + + DESCRIPTION + "This field is the checksum of the complete + contents of the advertisement, excepting the + age field. The age field is excepted so that + an advertisement's age can be incremented + without updating the checksum. The checksum + used is the same that is used for ISO connec- + tionless datagrams; it is commonly referred to + as the Fletcher checksum." + REFERENCE + "OSPF Version 2, Section 12.1.7 LS checksum" + ::= { nsOspfLsdbEntry 7 } + + nsOspfLsdbAdvertisement OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (1..65535)) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The entire Link State Advertisement, including + its header." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsOspfLsdbEntry 8 } + + nsOspfLsdbVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfLsdbEntry 9 } + +-- OSPF Host Table + +-- The Host/Metric Table indicates what hosts are directly + +-- attached to the Router, and what metrics and types of +-- service should be advertised for them. + + nsOspfHostTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfHostEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The list of Hosts, and their metrics, that the + router will advertise as host routes." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route param- + eters" + ::= { nsOspf 6 } + + nsOspfHostEntry OBJECT-TYPE + SYNTAX NsOspfHostEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A metric to be advertised, for a given type of + service, when a given host is reachable." + INDEX { nsOspfHostIpAddress, nsOspfHostTOS, nsOspfHostVRID } + ::= { nsOspfHostTable 1 } + + NsOspfHostEntry ::= + SEQUENCE { + nsOspfHostIpAddress + IpAddress, + nsOspfHostTOS + TOSType, + nsOspfHostMetric + Metric, + nsOspfHostStatus + RowStatus, + nsOspfHostAreaID + AreaID, + nsOspfHostVRID + INTEGER + } + + nsOspfHostIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of the Host." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + + ters" + ::= { nsOspfHostEntry 1 } + + nsOspfHostTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Type of Service of the route being config- + ured." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + ters" + ::= { nsOspfHostEntry 2 } + + nsOspfHostMetric OBJECT-TYPE + SYNTAX Metric + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The Metric to be advertised." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + ters" + ::= { nsOspfHostEntry 3 } + + nsOspfHostStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfHostEntry 4 } + + nsOspfHostAreaID OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Area the Host Entry is to be found within. + By default, the area that a subsuming OSPF in- + terface is in, or 0.0.0.0" + + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfHostEntry 5 } + + nsOspfHostVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfHostEntry 6 } + +-- OSPF Interface Table + +-- The OSPF Interface Table augments the ipAddrTable +-- with OSPF specific information. + + nsOspfIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfIfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The OSPF Interface Table describes the inter- + faces from the viewpoint of OSPF." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + ::= { nsOspf 7 } + + nsOspfIfEntry OBJECT-TYPE + SYNTAX NsOspfIfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The OSPF Interface Entry describes one inter- + face from the viewpoint of OSPF." + INDEX { nsOspfIfIpAddress, nsOspfAddressLessIf, nsOspfIfVRID } + ::= { nsOspfIfTable 1 } + + NsOspfIfEntry ::= + SEQUENCE { + nsOspfIfIpAddress + IpAddress, + nsOspfAddressLessIf + Integer32, + nsOspfIfAreaId + AreaID, + nsOspfIfType + INTEGER, + nsOspfIfAdminStat + Status, + nsOspfIfRtrPriority + DesignatedRouterPriority, + nsOspfIfTransitDelay + + UpToMaxAge, + nsOspfIfRetransInterval + UpToMaxAge, + nsOspfIfHelloInterval + HelloRange, + nsOspfIfRtrDeadInterval + PositiveInteger, + nsOspfIfPollInterval + PositiveInteger, + nsOspfIfState + INTEGER, + nsOspfIfDesignatedRouter + IpAddress, + nsOspfIfBackupDesignatedRouter + IpAddress, + nsOspfIfEvents + Counter32, + nsOspfIfAuthType + INTEGER, + nsOspfIfAuthKey + OCTET STRING, + nsOspfIfStatus + RowStatus, + nsOspfIfMulticastForwarding + INTEGER, + nsOspfIfDemand + TruthValue, + nsOspfIfVRID + INTEGER + } + + nsOspfIfIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address of this OSPF interface." + ::= { nsOspfIfEntry 1 } + + nsOspfAddressLessIf OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "For the purpose of easing the instancing of + addressed and addressless interfaces; This + variable takes the value 0 on interfaces with + IP Addresses, and the corresponding value of + ifIndex for interfaces having no IP Address." + ::= { nsOspfIfEntry 2 } + + nsOspfIfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "A 32-bit integer uniquely identifying the area + to which the interface connects. Area ID + 0.0.0.0 is used for the OSPF backbone." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsOspfIfEntry 3 } + + nsOspfIfType OBJECT-TYPE + SYNTAX INTEGER { + broadcast (1), + nbma (2), + pointToPoint (3), + pointToMultipoint (5) + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The OSPF interface type. + + By way of a default, this field may be intuited + from the corresponding value of ifType. Broad- + cast LANs, such as Ethernet and IEEE 802.5, + take the value 'broadcast', X.25 and similar + technologies take the value 'nbma', and links + that are definitively point to point take the + value 'pointToPoint'." + ::= { nsOspfIfEntry 4 } + + nsOspfIfAdminStat OBJECT-TYPE + SYNTAX Status + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The OSPF interface's administrative status. + The value formed on the interface, and the in- + terface will be advertised as an internal route + to some area. The value 'disabled' denotes + that the interface is external to OSPF." + DEFVAL { enabled } + ::= { nsOspfIfEntry 5 } + + nsOspfIfRtrPriority OBJECT-TYPE + SYNTAX DesignatedRouterPriority + + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The priority of this interface. Used in + multi-access networks, this field is used in + the designated router election algorithm. The + value 0 signifies that the router is not eligi- + ble to become the designated router on this + particular network. In the event of a tie in + this value, routers will use their Router ID as + a tie breaker." + DEFVAL { 1 } + ::= { nsOspfIfEntry 6 } + + nsOspfIfTransitDelay OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The estimated number of seconds it takes to + transmit a link state update packet over this + interface." + DEFVAL { 1 } + ::= { nsOspfIfEntry 7 } + + nsOspfIfRetransInterval OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The number of seconds between link-state ad- + vertisement retransmissions, for adjacencies + belonging to this interface. This value is + also used when retransmitting database descrip- + tion and link-state request packets." + DEFVAL { 5 } + ::= { nsOspfIfEntry 8 } + + nsOspfIfHelloInterval OBJECT-TYPE + SYNTAX HelloRange + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The length of time, in seconds, between the + Hello packets that the router sends on the in- + + terface. This value must be the same for all + routers attached to a common network." + DEFVAL { 10 } + ::= { nsOspfIfEntry 9 } + + nsOspfIfRtrDeadInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The number of seconds that a router's Hello + packets have not been seen before it's neigh- + bors declare the router down. This should be + some multiple of the Hello interval. This + value must be the same for all routers attached + to a common network." + DEFVAL { 40 } + ::= { nsOspfIfEntry 10 } + + nsOspfIfPollInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The larger time interval, in seconds, between + the Hello packets sent to an inactive non- + broadcast multi- access neighbor." + DEFVAL { 120 } + ::= { nsOspfIfEntry 11 } + + nsOspfIfState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + loopback (2), + waiting (3), + pointToPoint (4), + designatedRouter (5), + backupDesignatedRouter (6), + otherDesignatedRouter (7) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The OSPF Interface State." + DEFVAL { down } + + ::= { nsOspfIfEntry 12 } + + nsOspfIfDesignatedRouter OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of the Designated Router." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsOspfIfEntry 13 } + + nsOspfIfBackupDesignatedRouter OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of the Backup Designated + Router." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsOspfIfEntry 14 } + + nsOspfIfEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of times this OSPF interface has + changed its state, or an error has occurred." + ::= { nsOspfIfEntry 15 } + + nsOspfIfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..256)) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The Authentication Key. If the Area's Author- + ization Type is simplePassword, and the key + length is shorter than 8 octets, the agent will + left adjust and zero fill to 8 octets. + + Note that unauthenticated interfaces need no + authentication key, and simple password authen- + tication cannot use a key of more than 8 oc- + tets. Larger keys are useful only with authen- + tication mechanisms not specified in this docu- + + ment. + + When read, nsOspfIfAuthKey always returns an Oc- + tet String of length zero." + REFERENCE + "OSPF Version 2, Section 9 The Interface Data + Structure" + DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 + ::= { nsOspfIfEntry 16 } + + nsOspfIfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfIfEntry 17 } + + nsOspfIfMulticastForwarding OBJECT-TYPE + SYNTAX INTEGER { + blocked (1), -- no multicast forwarding + multicast (2), -- using multicast address + unicast (3) -- to each OSPF neighbor + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The way multicasts should forwarded on this + interface; not forwarded, forwarded as data + link multicasts, or forwarded as data link uni- + casts. Data link multicasting is not meaning- + ful on point to point and NBMA interfaces, and + setting nsOspfMulticastForwarding to 0 effective- + ly disables all multicast forwarding." + DEFVAL { blocked } + ::= { nsOspfIfEntry 18 } + + nsOspfIfDemand OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "Indicates whether Demand OSPF procedures (hel- + + lo supression to FULL neighbors and setting the + DoNotAge flag on proogated LSAs) should be per- + formed on this interface." + DEFVAL { false } + ::= { nsOspfIfEntry 19 } + + nsOspfIfAuthType OBJECT-TYPE + SYNTAX INTEGER (0..255) + -- none (0), + -- simplePassword (1) + -- md5 (2) + -- reserved for specification by IANA (> 2) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The authentication type specified for an in- + terface. Additional authentication types may + be assigned locally." + REFERENCE + "OSPF Version 2, Appendix E Authentication" + DEFVAL { 0 } -- no authentication, by default + ::= { nsOspfIfEntry 20 } + + nsOspfIfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfIfEntry 21 } + +-- OSPF Interface Metric Table + +-- The Metric Table describes the metrics to be advertised +-- for a specified interface at the various types of service. +-- As such, this table is an adjunct of the OSPF Interface +-- Table. + +-- Types of service, as defined by RFC 791, have the ability +-- to request low delay, high bandwidth, or reliable linkage. + +-- For the purposes of this specification, the measure of +-- bandwidth + +-- Metric = 10^8 / ifSpeed + +-- is the default value. For multiple link interfaces, note +-- that ifSpeed is the sum of the individual link speeds. +-- This yields a number having the following typical values: + +-- Network Type/bit rate Metric + +-- >= 100 MBPS 1 +-- Ethernet/802.3 10 + +-- E1 48 +-- T1 (ESF) 65 +-- 64 KBPS 1562 +-- 56 KBPS 1785 +-- 19.2 KBPS 5208 +-- 9.6 KBPS 10416 + +-- Routes that are not specified use the default (TOS 0) metric + + nsOspfIfMetricTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfIfMetricEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The TOS metrics for a non-virtual interface + identified by the interface index." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + ::= { nsOspf 8 } + + nsOspfIfMetricEntry OBJECT-TYPE + SYNTAX NsOspfIfMetricEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A particular TOS metric for a non-virtual in- + terface identified by the interface index." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + INDEX { nsOspfIfMetricIpAddress, + nsOspfIfMetricAddressLessIf, + nsOspfIfMetricTOS, + nsOspfIfMetricVRID } + ::= { nsOspfIfMetricTable 1 } + + NsOspfIfMetricEntry ::= + SEQUENCE { + nsOspfIfMetricIpAddress + IpAddress, + nsOspfIfMetricAddressLessIf + Integer32, + nsOspfIfMetricTOS + TOSType, + nsOspfIfMetricValue + Metric, + nsOspfIfMetricStatus + RowStatus, + nsOspfIfMetricVRID + INTEGER + + } + + nsOspfIfMetricIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address of this OSPF interface. On row + creation, this can be derived from the in- + stance." + ::= { nsOspfIfMetricEntry 1 } + + nsOspfIfMetricAddressLessIf OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "For the purpose of easing the instancing of + addressed and addressless interfaces; This + variable takes the value 0 on interfaces with + IP Addresses, and the value of ifIndex for in- + terfaces having no IP Address. On row crea- + tion, this can be derived from the instance." + ::= { nsOspfIfMetricEntry 2 } + + nsOspfIfMetricTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The type of service metric being referenced. + On row creation, this can be derived from the + instance." + ::= { nsOspfIfMetricEntry 3 } + + nsOspfIfMetricValue OBJECT-TYPE + SYNTAX Metric + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The metric of using this type of service on + this interface. The default value of the TOS 0 + Metric is 10^8 / ifSpeed." + ::= { nsOspfIfMetricEntry 4 } + + nsOspfIfMetricStatus OBJECT-TYPE + + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfIfMetricEntry 5 } + + nsOspfIfMetricVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfIfMetricEntry 6 } + +-- OSPF Virtual Interface Table + +-- The Virtual Interface Table describes the virtual +-- links that the OSPF Process is configured to +-- carry on. + + nsOspfVirtIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfVirtIfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information about this router's virtual inter- + faces." + REFERENCE + "OSPF Version 2, Appendix C.4 Virtual link + parameters" + ::= { nsOspf 9 } + + nsOspfVirtIfEntry OBJECT-TYPE + SYNTAX NsOspfVirtIfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information about a single Virtual Interface." + INDEX { nsOspfVirtIfAreaId, nsOspfVirtIfNeighbor, nsOspfVirtIfVRID } + ::= { nsOspfVirtIfTable 1 } + + NsOspfVirtIfEntry ::= + SEQUENCE { + nsOspfVirtIfAreaId + AreaID, + nsOspfVirtIfNeighbor + RouterID, + nsOspfVirtIfTransitDelay + UpToMaxAge, + nsOspfVirtIfRetransInterval + + UpToMaxAge, + nsOspfVirtIfHelloInterval + HelloRange, + nsOspfVirtIfRtrDeadInterval + PositiveInteger, + nsOspfVirtIfState + INTEGER, + nsOspfVirtIfEvents + Counter32, + nsOspfVirtIfAuthType + INTEGER, + nsOspfVirtIfAuthKey + OCTET STRING, + nsOspfVirtIfStatus + RowStatus, + nsOspfVirtIfVRID + INTEGER + } + + nsOspfVirtIfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Transit Area that the Virtual Link + traverses. By definition, this is not 0.0.0.0" + ::= { nsOspfVirtIfEntry 1 } + + nsOspfVirtIfNeighbor OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Router ID of the Virtual Neighbor." + ::= { nsOspfVirtIfEntry 2 } + + nsOspfVirtIfTransitDelay OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The estimated number of seconds it takes to + transmit a link- state update packet over this + interface." + DEFVAL { 1 } + ::= { nsOspfVirtIfEntry 3 } + + nsOspfVirtIfRetransInterval OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The number of seconds between link-state ad- + vertisement retransmissions, for adjacencies + belonging to this interface. This value is + also used when retransmitting database descrip- + tion and link-state request packets. This + value should be well over the expected round- + trip time." + DEFVAL { 5 } + ::= { nsOspfVirtIfEntry 4 } + + nsOspfVirtIfHelloInterval OBJECT-TYPE + SYNTAX HelloRange + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The length of time, in seconds, between the + Hello packets that the router sends on the in- + terface. This value must be the same for the + virtual neighbor." + DEFVAL { 10 } + ::= { nsOspfVirtIfEntry 5 } + + nsOspfVirtIfRtrDeadInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The number of seconds that a router's Hello + packets have not been seen before it's neigh- + bors declare the router down. This should be + some multiple of the Hello interval. This + value must be the same for the virtual neigh- + bor." + DEFVAL { 60 } + ::= { nsOspfVirtIfEntry 6 } + + nsOspfVirtIfState OBJECT-TYPE + SYNTAX INTEGER { + down (1), -- these use the same encoding + pointToPoint (4) -- as the nsOspfIfTable + + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "OSPF virtual interface states." + DEFVAL { down } + ::= { nsOspfVirtIfEntry 7 } + + nsOspfVirtIfEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of state changes or error events on + this Virtual Link" + ::= { nsOspfVirtIfEntry 8 } + + nsOspfVirtIfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..256)) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "If Authentication Type is simplePassword, the + device will left adjust and zero fill to 8 oc- + tets. + + Note that unauthenticated interfaces need no + authentication key, and simple password authen- + tication cannot use a key of more than 8 oc- + tets. Larger keys are useful only with authen- + tication mechanisms not specified in this docu- + ment. + + When read, nsOspfVifAuthKey always returns a + string of length zero." + REFERENCE + "OSPF Version 2, Section 9 The Interface Data + Structure" + DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 + ::= { nsOspfVirtIfEntry 9 } + + nsOspfVirtIfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfVirtIfEntry 10 } + + nsOspfVirtIfAuthType OBJECT-TYPE + SYNTAX INTEGER (0..255) + -- none (0), + -- simplePassword (1) + -- md5 (2) + -- reserved for specification by IANA (> 2) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The authentication type specified for a virtu- + al interface. Additional authentication types + may be assigned locally." + REFERENCE + "OSPF Version 2, Appendix E Authentication" + DEFVAL { 0 } -- no authentication, by default + ::= { nsOspfVirtIfEntry 11 } + + nsOspfVirtIfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfVirtIfEntry 12 } + +-- OSPF Neighbor Table + +-- The OSPF Neighbor Table describes all neighbors in +-- the locality of the subject router. + + nsOspfNbrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfNbrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A table of non-virtual neighbor information." + REFERENCE + "OSPF Version 2, Section 10 The Neighbor Data + Structure" + ::= { nsOspf 10 } + + nsOspfNbrEntry OBJECT-TYPE + SYNTAX NsOspfNbrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + + "The information regarding a single neighbor." + REFERENCE + "OSPF Version 2, Section 10 The Neighbor Data + Structure" + INDEX { nsOspfNbrIpAddr, nsOspfNbrAddressLessIndex, nsOspfNbrVRID } + ::= { nsOspfNbrTable 1 } + + NsOspfNbrEntry ::= + SEQUENCE { + nsOspfNbrIpAddr + IpAddress, + nsOspfNbrAddressLessIndex + InterfaceIndex, + nsOspfNbrRtrId + RouterID, + nsOspfNbrOptions + Integer32, + nsOspfNbrPriority + DesignatedRouterPriority, + nsOspfNbrState + INTEGER, + nsOspfNbrEvents + Counter32, + nsOspfNbrLsRetransQLen + Gauge32, + nsOspfNbmaNbrStatus + RowStatus, + nsOspfNbmaNbrPermanence + INTEGER, + nsOspfNbrHelloSuppressed + TruthValue, + nsOspfNbrVRID + INTEGER + } + + nsOspfNbrIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address this neighbor is using in its + IP Source Address. Note that, on addressless + links, this will not be 0.0.0.0, but the ad- + dress of another of the neighbor's interfaces." + ::= { nsOspfNbrEntry 1 } + + nsOspfNbrAddressLessIndex OBJECT-TYPE + SYNTAX InterfaceIndex + MAX-ACCESS read-only + + STATUS deprecated + DESCRIPTION + "On an interface having an IP Address, zero. + On addressless interfaces, the corresponding + value of ifIndex in the Internet Standard MIB. + On row creation, this can be derived from the + instance." + ::= { nsOspfNbrEntry 2 } + + nsOspfNbrRtrId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A 32-bit integer (represented as a type IpAd- + dress) uniquely identifying the neighboring + router in the Autonomous System." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsOspfNbrEntry 3 } + + nsOspfNbrOptions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A Bit Mask corresponding to the neighbor's op- + tions field. + + Bit 0, if set, indicates that the system will + operate on Type of Service metrics other than + TOS 0. If zero, the neighbor will ignore all + metrics except the TOS 0 metric. + + Bit 1, if set, indicates that the associated + area accepts and operates on external informa- + tion; if zero, it is a stub area. + + Bit 2, if set, indicates that the system is ca- + pable of routing IP Multicast datagrams; i.e., + that it implements the Multicast Extensions to + OSPF. + + Bit 3, if set, indicates that the associated + area is an NSSA. These areas are capable of + carrying type 7 external advertisements, which + are translated into type 5 external advertise- + + ments at NSSA borders." + REFERENCE + "OSPF Version 2, Section 12.1.2 Options" + DEFVAL { 0 } + ::= { nsOspfNbrEntry 4 } + + nsOspfNbrPriority OBJECT-TYPE + SYNTAX DesignatedRouterPriority + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The priority of this neighbor in the designat- + ed router election algorithm. The value 0 sig- + nifies that the neighbor is not eligible to be- + come the designated router on this particular + network." + DEFVAL { 1 } + ::= { nsOspfNbrEntry 5 } + + nsOspfNbrState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + attempt (2), + init (3), + twoWay (4), + exchangeStart (5), + exchange (6), + loading (7), + full (8) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The State of the relationship with this Neigh- + bor." + REFERENCE + "OSPF Version 2, Section 10.1 Neighbor States" + DEFVAL { down } + ::= { nsOspfNbrEntry 6 } + + nsOspfNbrEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + + "The number of times this neighbor relationship + has changed state, or an error has occurred." + ::= { nsOspfNbrEntry 7 } + + nsOspfNbrLsRetransQLen OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The deprecated length of the retransmission + queue." + ::= { nsOspfNbrEntry 8 } + + nsOspfNbmaNbrStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfNbrEntry 9 } + + nsOspfNbmaNbrPermanence OBJECT-TYPE + SYNTAX INTEGER { + dynamic (1), -- learned through protocol + permanent (2) -- configured address + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. 'dynamic' and 'permanent' refer to how + the neighbor became known." + DEFVAL { permanent } + ::= { nsOspfNbrEntry 10 } + + nsOspfNbrHelloSuppressed OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Indicates whether Hellos are being suppressed + + to the neighbor" + ::= { nsOspfNbrEntry 11 } + + nsOspfNbrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfNbrEntry 12 } + +-- OSPF Virtual Neighbor Table + +-- This table describes all virtual neighbors. +-- Since Virtual Links are configured in the +-- virtual interface table, this table is read-only. + + nsOspfVirtNbrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfVirtNbrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A table of virtual neighbor information." + REFERENCE + "OSPF Version 2, Section 15 Virtual Links" + ::= { nsOspf 11 } + + nsOspfVirtNbrEntry OBJECT-TYPE + SYNTAX NsOspfVirtNbrEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Virtual neighbor information." + INDEX { nsOspfVirtNbrArea, nsOspfVirtNbrRtrId, nsOspfVirtNbrVRID } + ::= { nsOspfVirtNbrTable 1 } + + NsOspfVirtNbrEntry ::= + SEQUENCE { + nsOspfVirtNbrArea + AreaID, + nsOspfVirtNbrRtrId + RouterID, + nsOspfVirtNbrIpAddr + IpAddress, + nsOspfVirtNbrOptions + Integer32, + nsOspfVirtNbrState + INTEGER, + nsOspfVirtNbrEvents + Counter32, + nsOspfVirtNbrLsRetransQLen + Gauge32, + nsOspfVirtNbrHelloSuppressed + TruthValue, + nsOspfVirtNbrVRID + INTEGER + + } + + nsOspfVirtNbrArea OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Transit Area Identifier." + ::= { nsOspfVirtNbrEntry 1 } + + nsOspfVirtNbrRtrId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A 32-bit integer uniquely identifying the + neighboring router in the Autonomous System." + ::= { nsOspfVirtNbrEntry 2 } + + nsOspfVirtNbrIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP address this Virtual Neighbor is us- + ing." + ::= { nsOspfVirtNbrEntry 3 } + + nsOspfVirtNbrOptions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "A Bit Mask corresponding to the neighbor's op- + tions field. + + Bit 1, if set, indicates that the system will + operate on Type of Service metrics other than + TOS 0. If zero, the neighbor will ignore all + metrics except the TOS 0 metric. + + Bit 2, if set, indicates that the system is + Network Multicast capable; ie, that it imple- + ments OSPF Multicast Routing." + ::= { nsOspfVirtNbrEntry 4 } + + nsOspfVirtNbrState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + attempt (2), + init (3), + twoWay (4), + exchangeStart (5), + exchange (6), + loading (7), + full (8) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The state of the Virtual Neighbor Relation- + ship." + ::= { nsOspfVirtNbrEntry 5 } + + nsOspfVirtNbrEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of times this virtual link has + changed its state, or an error has occurred." + ::= { nsOspfVirtNbrEntry 6 } + + nsOspfVirtNbrLsRetransQLen OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The deprecated length of the retransmission + queue." + ::= { nsOspfVirtNbrEntry 7 } + + nsOspfVirtNbrHelloSuppressed OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Indicates whether Hellos are being suppressed + to the neighbor" + ::= { nsOspfVirtNbrEntry 8 } + + nsOspfVirtNbrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfVirtNbrEntry 9 } + +-- OSPF Link State Database, External + +-- The Link State Database contains the Link State +-- Advertisements from throughout the areas that the +-- device is attached to. + +-- This table is identical to the OSPF LSDB Table in +-- format, but contains only External Link State +-- Advertisements. The purpose is to allow external +-- LSAs to be displayed once for the router rather +-- than once in each non-stub area. + + nsOspfExtLsdbTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfExtLsdbEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "The OSPF Process's Links State Database." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsOspf 12 } + + nsOspfExtLsdbEntry OBJECT-TYPE + SYNTAX NsOspfExtLsdbEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A single Link State Advertisement." + INDEX { nsOspfExtLsdbType, nsOspfExtLsdbLsid, nsOspfExtLsdbRouterId, nsOspfExtLsdbVRID } + ::= { nsOspfExtLsdbTable 1 } + + NsOspfExtLsdbEntry ::= + SEQUENCE { + nsOspfExtLsdbType + INTEGER, + nsOspfExtLsdbLsid + IpAddress, + nsOspfExtLsdbRouterId + RouterID, + nsOspfExtLsdbSequence + Integer32, + nsOspfExtLsdbAge + Integer32, + nsOspfExtLsdbChecksum + Integer32, + nsOspfExtLsdbAdvertisement + OCTET STRING, + nsOspfExtLsdbVRID + INTEGER + } + + nsOspfExtLsdbType OBJECT-TYPE + SYNTAX INTEGER { + asExternalLink (5) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The type of the link state advertisement. + Each link state type has a separate advertise- + ment format." + REFERENCE + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsOspfExtLsdbEntry 1 } + + nsOspfExtLsdbLsid OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Link State ID is an LS Type Specific field + containing either a Router ID or an IP Address; + it identifies the piece of the routing domain + that is being described by the advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.4 Link State ID" + ::= { nsOspfExtLsdbEntry 2 } + + nsOspfExtLsdbRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The 32 bit number that uniquely identifies the + originating router in the Autonomous System." + REFERENCE + "OSPF Version 2, Appendix C.1 Global parameters" + ::= { nsOspfExtLsdbEntry 3 } + +-- Note that the OSPF Sequence Number is a 32 bit signed +-- integer. It starts with the value '80000001'h, +-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h +-- Thus, a typical sequence number will be very negative. + + nsOspfExtLsdbSequence OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The sequence number field is a signed 32-bit + integer. It is used to detect old and dupli- + cate link state advertisements. The space of + sequence numbers is linearly ordered. The + larger the sequence number the more recent the + advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.6 LS sequence + number" + ::= { nsOspfExtLsdbEntry 4 } + + nsOspfExtLsdbAge OBJECT-TYPE + SYNTAX Integer32 -- Should be 0..MaxAge + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This field is the age of the link state adver- + tisement in seconds." + REFERENCE + "OSPF Version 2, Section 12.1.1 LS age" + ::= { nsOspfExtLsdbEntry 5 } + + nsOspfExtLsdbChecksum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "This field is the checksum of the complete + contents of the advertisement, excepting the + age field. The age field is excepted so that + an advertisement's age can be incremented + without updating the checksum. The checksum + used is the same that is used for ISO connec- + tionless datagrams; it is commonly referred to + as the Fletcher checksum." + REFERENCE + "OSPF Version 2, Section 12.1.7 LS checksum" + ::= { nsOspfExtLsdbEntry 6 } + + nsOspfExtLsdbAdvertisement OBJECT-TYPE + + SYNTAX OCTET STRING (SIZE(36)) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The entire Link State Advertisement, including + its header." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsOspfExtLsdbEntry 7 } + + nsOspfExtLsdbVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfExtLsdbEntry 8 } + + +-- +-- The OSPF Area Aggregate Table +-- +-- This table replaces the OSPF Area Summary Table, being an +-- extension of that for CIDR routers. + + nsOspfAreaAggregateTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsOspfAreaAggregateEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A range of IP addresses specified by an IP + address/IP network mask pair. For example, + class B address range of X.X.X.X with a network + mask of 255.255.0.0 includes all IP addresses + from X.X.0.0 to X.X.255.255. Note that if + ranges are configured such that one range sub- + sumes another range (e.g., 10.0.0.0 mask + 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the + most specific match is the preferred one." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspf 14 } + + nsOspfAreaAggregateEntry OBJECT-TYPE + SYNTAX NsOspfAreaAggregateEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A range of IP addresses specified by an IP + address/IP network mask pair. For example, + class B address range of X.X.X.X with a network + mask of 255.255.0.0 includes all IP addresses + from X.X.0.0 to X.X.255.255. Note that if + ranges are range configured such that one range + subsumes another range (e.g., 10.0.0.0 mask + 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the + + most specific match is the preferred one." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + INDEX { nsOspfAreaAggregateAreaID, nsOspfAreaAggregateLsdbType, + nsOspfAreaAggregateNet, nsOspfAreaAggregateMask, nsOspfAreaAggregateVRID } + ::= { nsOspfAreaAggregateTable 1 } + + NsOspfAreaAggregateEntry ::= + SEQUENCE { + nsOspfAreaAggregateAreaID + AreaID, + nsOspfAreaAggregateLsdbType + INTEGER, + nsOspfAreaAggregateNet + IpAddress, + nsOspfAreaAggregateMask + IpAddress, + nsOspfAreaAggregateStatus + RowStatus, + nsOspfAreaAggregateEffect + INTEGER, + nsOspfAreaAggregateVRID + INTEGER + } + + nsOspfAreaAggregateAreaID OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Area the Address Aggregate is to be found + within." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfAreaAggregateEntry 1 } + + nsOspfAreaAggregateLsdbType OBJECT-TYPE + SYNTAX INTEGER { + summaryLink (3), + nssaExternalLink (7) + } + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The type of the Address Aggregate. This field + specifies the Lsdb type that this Address Ag- + gregate applies to." + REFERENCE + + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsOspfAreaAggregateEntry 2 } + + nsOspfAreaAggregateNet OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of the Net or Subnet indicated + by the range." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfAreaAggregateEntry 3 } + + nsOspfAreaAggregateMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The Subnet Mask that pertains to the Net or + Subnet." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsOspfAreaAggregateEntry 4 } + + nsOspfAreaAggregateStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsOspfAreaAggregateEntry 5 } + + nsOspfAreaAggregateEffect OBJECT-TYPE + SYNTAX INTEGER { + advertiseMatching (1), + doNotAdvertiseMatching (2) + } + MAX-ACCESS read-create + STATUS deprecated + + DESCRIPTION + "Subnets subsumed by ranges either trigger the + advertisement of the indicated aggregate (ad- + vertiseMatching), or result in the subnet's not + being advertised at all outside the area." + DEFVAL { advertiseMatching } + ::= { nsOspfAreaAggregateEntry 6 } + + nsOspfAreaAggregateVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsOspfAreaAggregateEntry 7 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB b/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB new file mode 100644 index 0000000..e69ea73 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB @@ -0,0 +1,444 @@ +-- These MIBs were created on 1/7/2003 +-- This module defines enterprise MIBs for NS OSPF TRAP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-OSPF-TRAP-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress + FROM SNMPv2-SMI + MODULE-COMPLIANCE, OBJECT-GROUP + FROM SNMPv2-CONF + netscreenTrapDesc, netscreenTrapType + FROM NETSCREEN-TRAP-MIB + nsOspfRouterId, nsOspfIfIpAddress, nsOspfAddressLessIf, nsOspfIfState, + nsOspfVirtIfAreaId, nsOspfVirtIfNeighbor, nsOspfVirtIfState, + nsOspfNbrIpAddr, nsOspfNbrAddressLessIndex, nsOspfNbrRtrId, + nsOspfNbrState, nsOspfVirtNbrArea, nsOspfVirtNbrRtrId, nsOspfVirtNbrState, + nsOspfLsdbType, nsOspfLsdbLsid, nsOspfLsdbRouterId, nsOspfLsdbAreaId, + nsOspfExtLsdbLimit, nsOspf + FROM NETSCREEN-OSPF-MIB; + + nsOspfTrap MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module to describe traps for the OSPF + Version 2 Protocol." + ::= { nsOspf 16 } + +-- Trap Support Objects + +-- The following are support objects for the OSPF traps. + +nsOspfTrapControl OBJECT IDENTIFIER ::= { nsOspfTrap 1 } +nsOspfTraps OBJECT IDENTIFIER ::= { nsOspfTrap 2 } + + nsOspfSetTrap OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(4)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A four-octet string serving as a bit map for + the trap events defined by the OSPF traps. This + object is used to enable and disable specific + OSPF traps where a 1 in the bit field + represents enabled. The right-most bit (least + significant) represents trap 0." + ::= { nsOspfTrapControl 1 } + + nsOspfConfigErrorType OBJECT-TYPE + SYNTAX INTEGER { + badVersion (1), + areaMismatch (2), + unknownNbmaNbr (3), -- Router is Dr eligible + unknownVirtualNbr (4), + authTypeMismatch(5), + authFailure (6), + netMaskMismatch (7), + helloIntervalMismatch (8), + deadIntervalMismatch (9), + optionMismatch (10) } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Potential types of configuration conflicts. + Used by the nsOspfConfigError and nsOspfConfigVir- + tError traps." + ::= { nsOspfTrapControl 2 } + + nsOspfPacketType OBJECT-TYPE + SYNTAX INTEGER { + hello (1), + dbDescript (2), + lsReq (3), + lsUpdate (4), + lsAck (5) } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + "OSPF packet types." + ::= { nsOspfTrapControl 3 } + + nsOspfPacketSrc OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of an inbound packet that can- + not be identified by a neighbor instance." + ::= { nsOspfTrapControl 4 } + +-- Traps + + nsOspfIfStateChange NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfIfIpAddress, + nsOspfAddressLessIf, + nsOspfIfState, -- The new state + nsOspfIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfStateChange trap signifies that there + has been a change in the state of a non-virtual + OSPF interface. This trap should be generated + when the interface state regresses (e.g., goes + from Dr to Down) or progresses to a terminal + state (i.e., Point-to-Point, DR Other, Dr, or + Backup)." + ::= { nsOspfTraps 16 } + + nsOspfVirtIfStateChange NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtIfAreaId, + nsOspfVirtIfNeighbor, + nsOspfVirtIfState, -- The new state + nsOspfVirtIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfStateChange trap signifies that there + has been a change in the state of an OSPF vir- + tual interface. + + This trap should be generated when the inter- + face state regresses (e.g., goes from Point- + to-Point to Down) or progresses to a terminal + state (i.e., Point-to-Point)." + ::= { nsOspfTraps 1 } + + nsOspfNbrStateChange NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfNbrIpAddr, + nsOspfNbrAddressLessIndex, + nsOspfNbrRtrId, + nsOspfNbrState, -- The new state + nsOspfNbrVRID + } + STATUS current + DESCRIPTION + "An nsOspfNbrStateChange trap signifies that + there has been a change in the state of a non- + virtual OSPF neighbor. This trap should be + generated when the neighbor state regresses + (e.g., goes from Attempt or Full to 1-Way or + Down) or progresses to a terminal state (e.g., + 2-Way or Full). When an neighbor transitions + from or to Full on non-broadcast multi-access + and broadcast networks, the trap should be gen- + erated by the designated router. A designated + router transitioning to Down will be noted by + nsOspfIfStateChange." + ::= { nsOspfTraps 2 } + + nsOspfVirtNbrStateChange NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtNbrArea, + nsOspfVirtNbrRtrId, + nsOspfVirtNbrState, -- The new state + nsOspfVirtNbrVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfStateChange trap signifies that there + has been a change in the state of an OSPF vir- + tual neighbor. This trap should be generated + when the neighbor state regresses (e.g., goes + from Attempt or Full to 1-Way or Down) or + progresses to a terminal state (e.g., Full)." + ::= { nsOspfTraps 3 } + + nsOspfIfConfigError NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfIfIpAddress, + nsOspfAddressLessIf, + nsOspfPacketSrc, -- The source IP address + nsOspfConfigErrorType, -- Type of error + nsOspfPacketType, + nsOspfIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfConfigError trap signifies that a + packet has been received on a non-virtual in- + terface from a router whose configuration + parameters conflict with this router's confi- + guration parameters. Note that the event op- + tionMismatch should cause a trap only if it + prevents an adjacency from forming." + ::= { nsOspfTraps 4 } + + nsOspfVirtIfConfigError NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtIfAreaId, + nsOspfVirtIfNeighbor, + nsOspfConfigErrorType, -- Type of error + nsOspfPacketType, + nsOspfVirtIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfConfigError trap signifies that a pack- + et has been received on a virtual interface + from a router whose configuration parameters + conflict with this router's configuration + parameters. Note that the event optionMismatch + should cause a trap only if it prevents an ad- + jacency from forming." + ::= { nsOspfTraps 5 } + + nsOspfIfAuthFailure NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfIfIpAddress, + nsOspfAddressLessIf, + nsOspfPacketSrc, -- The source IP address + nsOspfConfigErrorType, -- authTypeMismatch or + + -- authFailure + nsOspfPacketType, + nsOspfIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfAuthFailure trap signifies that a + packet has been received on a non-virtual in- + terface from a router whose authentication key + or authentication type conflicts with this + router's authentication key or authentication + type." + ::= { nsOspfTraps 6 } + + nsOspfVirtIfAuthFailure NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtIfAreaId, + nsOspfVirtIfNeighbor, + nsOspfConfigErrorType, -- authTypeMismatch or + -- authFailure + nsOspfPacketType, + nsOspfVirtIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfVirtIfAuthFailure trap signifies that a + packet has been received on a virtual interface + from a router whose authentication key or au- + thentication type conflicts with this router's + authentication key or authentication type." + ::= { nsOspfTraps 7 } + + nsOspfIfRxBadPacket NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfIfIpAddress, + nsOspfAddressLessIf, + nsOspfPacketSrc, -- The source IP address + nsOspfPacketType, + nsOspfIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfIfRxBadPacket trap signifies that an + OSPF packet has been received on a non-virtual + interface that cannot be parsed." + ::= { nsOspfTraps 8 } + + nsOspfVirtIfRxBadPacket NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtIfAreaId, + nsOspfVirtIfNeighbor, + nsOspfPacketType, + nsOspfVirtIfVRID + } + STATUS current + DESCRIPTION + "An nsOspfRxBadPacket trap signifies that an OSPF + packet has been received on a virtual interface + that cannot be parsed." + ::= { nsOspfTraps 9 } + + nsOspfTxRetransmit NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfIfIpAddress, + nsOspfAddressLessIf, + nsOspfNbrRtrId, -- Destination + nsOspfPacketType, + nsOspfLsdbType, + nsOspfLsdbLsid, + nsOspfLsdbRouterId, + nsOspfLsdbVRID + } + STATUS current + DESCRIPTION + "An nsOspfTxRetransmit trap signifies than an + OSPF packet has been retransmitted on a non- + virtual interface. All packets that may be re- + transmitted are associated with an LSDB entry. + The LS type, LS ID, and Router ID are used to + identify the LSDB entry." + ::= { nsOspfTraps 10 } + + nsOspfVirtIfTxRetransmit NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfVirtIfAreaId, + nsOspfVirtIfNeighbor, + nsOspfPacketType, + nsOspfLsdbType, + nsOspfLsdbLsid, + nsOspfLsdbRouterId, + nsOspfLsdbVRID + } + STATUS current + + DESCRIPTION + "An nsOspfTxRetransmit trap signifies than an + OSPF packet has been retransmitted on a virtual + interface. All packets that may be retransmit- + ted are associated with an LSDB entry. The LS + type, LS ID, and Router ID are used to identify + the LSDB entry." + ::= { nsOspfTraps 11 } + + nsOspfOriginateLsa NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals + nsOspfLsdbType, + nsOspfLsdbLsid, + nsOspfLsdbRouterId, + nsOspfLsdbVRID + } + STATUS current + DESCRIPTION + "An nsOspfOriginateLsa trap signifies that a new + LSA has been originated by this router. This + trap should not be invoked for simple refreshes + of LSAs (which happesn every 30 minutes), but + instead will only be invoked when an LSA is + (re)originated due to a topology change. Addi- + tionally, this trap does not include LSAs that + are being flushed because they have reached + MaxAge." + ::= { nsOspfTraps 12 } + + nsOspfMaxAgeLsa NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals + nsOspfLsdbType, + nsOspfLsdbLsid, + nsOspfLsdbRouterId, + nsOspfLsdbVRID + } + STATUS current + DESCRIPTION + "An nsOspfMaxAgeLsa trap signifies that one of + the LSA in the router's link-state database has + aged to MaxAge." + ::= { nsOspfTraps 13 } + + nsOspfLsdbOverflow NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfExtLsdbLimit, + nsOspfLsdbVRID + } + STATUS current + DESCRIPTION + "An nsOspfLsdbOverflow trap signifies that the + number of LSAs in the router's link-state data- + base has exceeded nsOspfExtLsdbLimit." + ::= { nsOspfTraps 14 } + + nsOspfLsdbApproachingOverflow NOTIFICATION-TYPE + OBJECTS { + netscreenTrapType, + netscreenTrapDesc, + nsOspfRouterId, -- The originator of the trap + nsOspfExtLsdbLimit, + nsOspfLsdbVRID + } + STATUS current + DESCRIPTION + "An nsOspfLsdbApproachingOverflow trap signifies + that the number of LSAs in the router's link- + state database has exceeded ninety percent of + nsOspfExtLsdbLimit." + ::= { nsOspfTraps 15 } + +END diff --git a/MIBS/screenos/NETSCREEN-POLICY-MIB b/MIBS/screenos/NETSCREEN-POLICY-MIB new file mode 100644 index 0000000..682d293 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-POLICY-MIB @@ -0,0 +1,583 @@ +-- This module defines enterprise MIBs for Policy Monitoring +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-POLICY-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenPolicy + FROM NETSCREEN-SMI + Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenPolicyMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for Policy + Monitoring" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200308130000Z" -- August 13, 2003 + DESCRIPTION + "No Comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenPolicy 0 } + +NsPlyEntry ::= SEQUENCE +{ + nsPlyId Integer32, + nsPlyVsys Integer32, + nsPlySrcZone DisplayString, + nsPlyDstZone DisplayString, + nsPlySrcAddr DisplayString, + nsPlyDstAddr DisplayString, + nsPlyService INTEGER, + nsPlyAction INTEGER, + nsPlyNat INTEGER, + nsPlyFixPort INTEGER, + nsPlyDipId Integer32, + nsPlyVpnTunnel DisplayString, + nsPlyL2tpTunnel DisplayString, + nsPlyAuth INTEGER, + nsPlyLogEnable INTEGER, + nsPlyCountEnable INTEGER, + nsPlyAlarmBPS Integer32, + nsPlyAlarmBPM Integer32, + nsPlySchedule DisplayString, + nsPlyTrafficShapeEnable INTEGER, + nsPlyTrafficPriority INTEGER, + nsPlyDSEnable INTEGER, + nsPlyActiveStatus INTEGER, + nsPlyName DisplayString, + nsPlyServiceName DisplayString +} + +NsPlyMonEntry ::= SEQUENCE +{ + nsPlyMonId Integer32, + nsPlyMonVsys Integer32, + nsPlyMonPackPerSec Integer32, + nsPlyMonPackPerMin Integer32, + nsPlyMonTotalPacket Counter32, + nsPlyMonBytePerSec Integer32, + nsPlyMonBytePerMin Integer32, + nsPlyMonTotalByte Counter32, + nsPlyMonSessionPerSec Integer32, + nsPlyMonSessionPerMin Integer32, + nsPlyMonTotalSession Counter32 +} + +nsPlyTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A firewall provides a network boundary with a single point of + entry and exit-a choke point.You can screen and direct all that + traffic through the implementation of a set of access policies. + Access policies allow you to permit, deny, encrypt, + authenticate, prioritize, schedule, and monitor the traffic + attemption to cross your firewall. This table collects all the + policy configuration information existing in NetScreen + Device." + ::= { netscreenPolicy 1 } + +-- applicable only to release before 6.3 +--nsPlyEntry OBJECT-TYPE +-- SYNTAX NsPlyEntry +-- MAX-ACCESS not-accessible +-- STATUS current +-- DESCRIPTION +-- "Each entry in the nsPlyTable holds a set of configuration +-- parameters associatied with an instance of policy." +-- INDEX +-- { nsPlyId, nsPlyVsys } +-- ::= { nsPlyTable 1 } + +-- applicable since 6.3 release, for pr439626 +nsPlyEntry OBJECT-TYPE + SYNTAX NsPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsPlyTable holds a set of configuration + parameters associatied with an instance of policy." + INDEX + { nsPlyVsys, nsPlyId } + ::= { nsPlyTable 1 } + + + +nsPlyId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each policy is identified by a unique policy ID." + ::= { nsPlyEntry 1 } + +nsPlyVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Vitural system's name this polic entry belongs to." + ::= { nsPlyEntry 2 } + +nsPlySrcZone OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic through a firewall means that traffic flows from one + security zone to another. This object describes the source zone + name traffic flow passes." + ::= { nsPlyEntry 3 } + +nsPlyDstZone OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic through a firewall means that traffic flows from one + security zone to another. This object describes the destination + zone name traffic flow passes." + ::= { nsPlyEntry 4 } + +nsPlySrcAddr OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Addresses are objects that identify network devices such as + hosts and networks by their location in relation to the + firwall on which security zone.To create an access policy for + specific addresses, you must first create entries for the + relevant hosts and networks in the address book.Source IP + address indicates the address in source zone, 0.0.0.0 means any + address." + ::= { nsPlyEntry 5 } + +nsPlyDstAddr OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Addresses are objects that identify network devices such as + hosts and networks by their location in relation to the + firwall-on which security zone.To create an access policy for + specific addresses, you must first create entries for the + relevant hosts and networks in the address book.Source IP + address indicates the address in destination zone, 0.0.0.0 + means any address." + ::= { nsPlyEntry 6 } + +nsPlyService OBJECT-TYPE + SYNTAX INTEGER { + any(0), + aol(1), + bgp(2), + dpcp-relay(3), + dns(4), + finger(5), + ftp(6), + ftp-get(7), + ftp-put(8), + gopher(9), + h323(10), + http(11), + https(12), + icmp-info(13), + icmp-timestamp(14), + ike(15), + imap(16), + internet-locator-service(17), + irc(18), + l2tp(19), + ldap(20), + mail(21), + netmeeting(22), + nfs(23), + nntp(24), + ns-global(25), + ns-global-pro(26), + ntp(27), + ospf(28), + pc-anywhere(29), + ping(30), + pop3(31), + pptp(32), + real-media(33), + rip(34), + rlogin(35), + snmp(36), + ssh(37), + syslog(38), + talk(39), + tcp-any(40), + telnet(41), + tftp(42), + traceroute(43), + udp-any(44), + uucp(45), + vdo-live(46), + wais(47), + winframe(48), + x-windows(49), + other(50) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sevices are objects that identify application protocols using + layer 4 information such as standard and accepted TCP and UDP + port numbers for application services like Telnet, FTP, SMTP + and HTTP. This object indicates all the traffic service type + this policy allows. 'Any' means all this policy allows all + service go through. 'Other' could be a configured service or + not in the list. See nsPlyServiceName for service name." + ::= { nsPlyEntry 7 } + +nsPlyAction OBJECT-TYPE + SYNTAX INTEGER { + deny(0), + permit(1), + tunnel(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Actions objects that describe what the firewall does to the + traffic it receives. Permit allows the packet to pass the + firewall. Deny blocks the packet from traversing the firewall. + Tunnel encapsulates outgoing IP packets and decapsulates + incoming IP packets." + ::= { nsPlyEntry 8 } + +nsPlyNat OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "You can apply NAT at the interface level or at the policy + level. With policy-based NAT, you can translate the source + address on either incoming or outging network and VPN traffic. + This object indicates if this is a policy-based NAT." + ::= { nsPlyEntry 9 } + +nsPlyFixPort OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When in policy-based NAT, the new secure address can come from + either a Dynamic IP or from a Mapped IP. This object indicates + if poliy-based NAT uses fix port when working on NAT mode." + ::= { nsPlyEntry 10 } + +nsPlyDipId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the Dynamic ID chosen for NAT policy." + ::= { nsPlyEntry 11 } + +nsPlyVpnTunnel OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN tunnel this access policy applies to." + ::= { nsPlyEntry 12 } + +nsPlyL2tpTunnel OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2TP tunnel this access policy applies to." + ::= { nsPlyEntry 13 } + +nsPlyAuth OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the selecting this option requires the + user at the source address to authenticate his/her identiry by + supplying a user name and password before traffic is allowed to + graverw the firewall or enter the VPN tunnel." + ::= { nsPlyEntry 14 } + +nsPlyLogEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When you enable logging in an access policy, the NetScreen + device logs all connections to which that paticular access + policy applies." + ::= { nsPlyEntry 15 } + +nsPlyCountEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When you enable counting in an access plicy, the NetScreen + device counts the total number of bytes of traffic to which + this access policy applies and records the informaiton in + historical graphs." + ::= { nsPlyEntry 16 } + +nsPlyAlarmBPS OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set a threshold that triggers an alarm when the + traffic permitted by the access policy exceeds a specified + number of bytes per second." + ::= { nsPlyEntry 17 } + +nsPlyAlarmBPM OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set a threshold that triggers an alarm when the + traffic permitted by the access policy exceeds a specified + number of bytes per Minute." + ::= { nsPlyEntry 18 } + +nsPlySchedule OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "By associating a schedule to an access policy, you can + determine when the access policy is in effect." + ::= { nsPlyEntry 19 } + +nsPlyTrafficShapeEnable OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set parameters for the control and shaping of traffic + for each access policy." + ::= { nsPlyEntry 20 } + +nsPlyTrafficPriority OBJECT-TYPE + SYNTAX INTEGER { + high(0), + priority2nd(1), + priority3rd(2), + priority4th(3), + priority5th(4), + priority6th(5), + priority7th(6), + priorityLow(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic priority for this policy." + ::= { nsPlyEntry 21 } + +nsPlyDSEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Differentiated Services is a system for tagging traffic at a + position within a hierarchy of priority." + ::= { nsPlyEntry 22 } + +nsPlyActiveStatus OBJECT-TYPE + SYNTAX INTEGER { + inactive(0), + inuse(1), + hidden(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Show the status of one policy entry." + ::= { nsPlyEntry 23 } + +nsPlyName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "policy name (optional)" + ::= { nsPlyEntry 24 } + +nsPlyServiceName OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sevices name that identify application protocols using + layer 4 information such as standard and accepted TCP and UDP + port numbers for application services like Telnet, FTP, SMTP + and HTTP. This object indicates all the traffic service type + this policy allows. 'Any' means all this policy allows all + service go through." + ::= { nsPlyEntry 25 } + +nsPlyMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsPlyMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "traffic information for the policy-based traffic." + ::= { netscreenPolicy 2 } + +nsPlyMonEntry OBJECT-TYPE + SYNTAX NsPlyMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry holds a set of traffic counters of a specific + policy." + INDEX + { nsPlyMonId, nsPlyMonVsys } + ::= { nsPlyMonTable 1 } + +nsPlyMonId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Policy Id, also used as index in this table" + ::= { nsPlyMonEntry 1 } + +nsPlyMonVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this policy belongs to" + ::= { nsPlyMonEntry 2 } + +nsPlyMonPackPerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packets go through this policy per second" + ::= { nsPlyMonEntry 3 } + +nsPlyMonPackPerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packets go through this policy per minute" + ::= { nsPlyMonEntry 4 } + +nsPlyMonTotalPacket OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "total packets go through this policy" + ::= { nsPlyMonEntry 5 } + +nsPlyMonBytePerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Bytes go through this policy per second" + ::= { nsPlyMonEntry 6 } + +nsPlyMonBytePerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Bytes go through this policy per minute" + ::= { nsPlyMonEntry 7 } + +nsPlyMonTotalByte OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total bytes go through this policy" + ::= { nsPlyMonEntry 8 } + +nsPlyMonSessionPerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sessions go through this policy per second" + ::= { nsPlyMonEntry 9 } + +nsPlyMonSessionPerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sessions go through this policy per minute" + ::= { nsPlyMonEntry 10 } + +nsPlyMonTotalSession OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total Sessions go through this policy" + ::= { nsPlyMonEntry 11 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-PRODUCTS-MIB b/MIBS/screenos/NETSCREEN-PRODUCTS-MIB new file mode 100644 index 0000000..66ecd33 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-PRODUCTS-MIB @@ -0,0 +1,117 @@ +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-PRODUCTS-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenProducts + FROM NETSCREEN-SMI + MODULE-IDENTITY + FROM SNMPv2-SMI + ; + +netscreenProductsMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object identifiers that are assigned + to various hardware platforms, and hence are returned as values + for sysObjectID" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200401200000Z" -- January 20, 2004 + DESCRIPTION + "Add netscreenHardwareSecurity Client" + REVISION "200008020000Z" -- August 02, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenProducts 0 } + +netscreenGeneric OBJECT IDENTIFIER ::= { netscreenProducts 1 } + +netscreenNs5 OBJECT IDENTIFIER ::= { netscreenProducts 2 } + +netscreenNs10 OBJECT IDENTIFIER ::= { netscreenProducts 3 } + +netscreenNs100 OBJECT IDENTIFIER ::= { netscreenProducts 4 } + +netscreenNs1000 OBJECT IDENTIFIER ::= { netscreenProducts 5 } + +netscreenNs500 OBJECT IDENTIFIER ::= { netscreenProducts 6 } + +netscreenNs50 OBJECT IDENTIFIER ::= { netscreenProducts 7 } + +netscreenNs25 OBJECT IDENTIFIER ::= { netscreenProducts 8 } + +netscreenNs204 OBJECT IDENTIFIER ::= { netscreenProducts 9 } + +netscreenNs208 OBJECT IDENTIFIER ::= { netscreenProducts 10 } + +netscreenNs5XT OBJECT IDENTIFIER ::= { netscreenProducts 11 } + +netscreenNs5XP OBJECT IDENTIFIER ::= { netscreenProducts 12 } + +netscreenNs5000 OBJECT IDENTIFIER ::= { netscreenProducts 13 } + +netscreenNs5GT OBJECT IDENTIFIER ::= { netscreenProducts 14 } + +netscreenHardwareSecurityClient OBJECT IDENTIFIER ::= { netscreenProducts 15 } + +netscreenISG2000 OBJECT IDENTIFIER ::= { netscreenProducts 16 } + +netscreen-5GT-ADSL-AnnexA OBJECT IDENTIFIER ::= { netscreenProducts 17 } + +netscreen-5GT-ADSL-AnnexB OBJECT IDENTIFIER ::= { netscreenProducts 19 } + +netscreen-5GT-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 21 } + +netscreen-5GT-ADSL-AnnexA-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 23 } + +netscreen-5GT-ADSL-AnnexB-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 25 } + +netscreenISG1000 OBJECT IDENTIFIER ::= { netscreenProducts 28 } + +netscreenSSG5 OBJECT IDENTIFIER ::= { netscreenProducts 29 } + +netscreenSSG5-ISDN OBJECT IDENTIFIER ::= { netscreenProducts 30 } + +netscreenSSG5-v92 OBJECT IDENTIFIER ::= { netscreenProducts 31 } + +netscreenSSG5-Serial-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 32 } + +netscreenSSG5-ISDN-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 33 } + +netscreenSSG5-v92-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 34 } + +netscreenSSG20 OBJECT IDENTIFIER ::= { netscreenProducts 35 } + +netscreenSSG20-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 36 } + +netscreenSSG520 OBJECT IDENTIFIER ::= { netscreenProducts 50 } + +netscreenSSG550 OBJECT IDENTIFIER ::= { netscreenProducts 51 } + +netscreenSSG140 OBJECT IDENTIFIER ::= { netscreenProducts 52 } + +netscreenSSG320 OBJECT IDENTIFIER ::= { netscreenProducts 54 } + +netscreenSSG350 OBJECT IDENTIFIER ::= { netscreenProducts 55 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-QOS-MIB b/MIBS/screenos/NETSCREEN-QOS-MIB new file mode 100644 index 0000000..05c6819 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-QOS-MIB @@ -0,0 +1,174 @@ +-- This module defines enterprise MIBs for QoS +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-QOS-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenQos + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + ; + +netscreenQosMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor QoS" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105150000Z" -- May 15, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenQos 0 } + +NsQosPlyEntry ::= SEQUENCE +{ + nsQosPlyId Integer32, + nsQosPlyVsys Integer32, + nsQosPlyQosEnable INTEGER, + nsQosPlyGanBW Integer32, + nsQosPlyMaxBW Integer32,--, + nsQosPlyTraffPriority Integer32, + nsQosPlyDSEnable INTEGER +} + +nsQosUsrShapingMode OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1), + on-off(2), + off-on(3), + auto(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "QoS mode set by user" + ::= { netscreenQos 1 } + +nsQosSysShapingMode OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1), + on-off(2), + off-on(3), + auto(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "QoS mode currently set by the system" + ::= { netscreenQos 2 } + +nsQosPly OBJECT IDENTIFIER ::= { netscreenQos 3 } + +nsQosPlyTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsQosPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "QoS is the allocation of the appropriate amount of + network bandwidth to every user and application on an interface. + This table collects all the QoS configuration + setting on each physical interface." + ::= { nsQosPly 1 } + +nsQosPlyEntry OBJECT-TYPE + SYNTAX NsQosPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry holds a set of attributes for QoS" + INDEX + { nsQosPlyId } + ::= { nsQosPlyTable 1 } + +nsQosPlyId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique policy id, also used as table index." + ::= { nsQosPlyEntry 1 } + +nsQosPlyVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VSYS this policy belongs to." + ::= { nsQosPlyEntry 2 } + +nsQosPlyQosEnable OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable QoS on this policy." + ::= { nsQosPlyEntry 3 } + +nsQosPlyGanBW OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Guaranteed Bandwidth (in bytes per second). When Qos Enable + is off, the value has no meaning." + ::= { nsQosPlyEntry 4 } + +nsQosPlyMaxBW OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Maxium Bandwidth (in bytes per second). When Qos Enable is + off, the value has no meaning. Negative value means it is not + set yet." + ::= { nsQosPlyEntry 5 } + +nsQosPlyTraffPriority OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic priority for this policy. Zero is the highest + priority and seven is the lowest." + ::= { nsQosPlyEntry 6 } + +nsQosPlyDSEnable OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable DiffServ codepoint marking on this policy." + ::= { nsQosPlyEntry 7 } +END + + diff --git a/MIBS/screenos/NETSCREEN-RESOURCE-MIB b/MIBS/screenos/NETSCREEN-RESOURCE-MIB new file mode 100644 index 0000000..d969fab --- /dev/null +++ b/MIBS/screenos/NETSCREEN-RESOURCE-MIB @@ -0,0 +1,299 @@ +-- This module defines enterprise MIBs for monitoring resources +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-RESOURCE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenResource + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + ; + +netscreenResourceMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + resource in netscreen box" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200205050000Z" -- May 05, 2002 + DESCRIPTION + "Remove active session" + REVISION "200104300000Z" -- April 30, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenResource 0 } + +nsResCPU OBJECT IDENTIFIER ::= { netscreenResource 1 } + +nsResCpuAvg OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Average System CPU utilization in percentage." + ::= { nsResCPU 1 } + +nsResCpuLast1Min OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Last one minute CPU utilization in percentage." + ::= { nsResCPU 2 } + +nsResCpuLast5Min OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Last five minutes CPU utilization in percentage." + ::= { nsResCPU 3 } + +nsResCpuLast15Min OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Last fifteen minutes CPU utilization in percentage." + ::= { nsResCPU 4 } + +nsResMem OBJECT IDENTIFIER ::= { netscreenResource 2 } + +nsResMemAllocate OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Memory allocated." + ::= { nsResMem 1 } + +nsResMemLeft OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Memory left." + ::= { nsResMem 2 } + +nsResMemFrag OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Memory fragment." + ::= { nsResMem 3 } + +nsResSession OBJECT IDENTIFIER ::= { netscreenResource 3 } + +nsResSessAllocate OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allocate session number." + ::= { nsResSession 2 } + +nsResSessMaxium OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Maxium session number system can afford." + ::= { nsResSession 3 } + +nsResSessFailed OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Failed session allocation counters." + ::= { nsResSession 4 } + +nsResModTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsResModEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "System status for multiple modules." + ::= { netscreenResource 4 } + +nsResModEntry OBJECT-TYPE + SYNTAX NsResModEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "Each entry in the table holds a session status parameters associated + with an instance of security module." + INDEX { nsResModModId, nsResModCpuId} + ::= { nsResModTable 1 } + +NsResModEntry ::= + SEQUENCE { + nsResModModId + Integer32, + nsResModCpuId + Integer32, + nsResModCpuCurr + Integer32, + nsResModCpuLast1Min + Integer32, + nsResModCpuLast5Min + Integer32, + nsResModCpuLast15Min + Integer32, + nsResModMemAllocated + Integer32, + nsResModMemLeft + Integer32, + nsResModSessAllocated + Integer32, + nsResModSessMaximum + Integer32, + nsResModSessFailed + Integer32, + nsResModThresholdMem + Integer32, + nsResModThresholdCpu + Integer32, + nsResModThresholdSession + Integer32 + } + +nsResModModId OBJECT-TYPE + SYNTAX Integer32 (1..32) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Module ID for security module. Each ID uniquely identifies a single Security Module." + ::= { nsResModEntry 1 } + +nsResModCpuId OBJECT-TYPE + SYNTAX Integer32 (1..2) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "CPU Identifier. Each ID uniquely identifies a single CPU residing on a Security Module." + ::= { nsResModEntry 2 } + +nsResModCpuCurr OBJECT-TYPE + SYNTAX Integer32 (1..100) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Current System CPU utilization in percentage." + ::= { nsResModEntry 3 } + +nsResModCpuLast1Min OBJECT-TYPE + SYNTAX Integer32 (1..100) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Last one minute CPU utilization in percentage." + ::= { nsResModEntry 4 } + +nsResModCpuLast5Min OBJECT-TYPE + SYNTAX Integer32 (1..100) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Last five minutes CPU utilization in percentage." + ::= { nsResModEntry 5 } + +nsResModCpuLast15Min OBJECT-TYPE + SYNTAX Integer32 (1..100) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Last fifteen minutes CPU utilization in percentage." + ::= { nsResModEntry 6 } + +nsResModMemAllocated OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Current memory allocated for this cpu" + ::= { nsResModEntry 7 } + +nsResModMemLeft OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Current free memory for this security module. Since this is shared memory the same value is returned for both the cpus." + ::= { nsResModEntry 8 } + +nsResModSessAllocated OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Number of sessions currently allocated for this Security Module's cpu." + ::= { nsResModEntry 9 } + +nsResModSessMaximum OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Maximum number of sessions supported by this Security Module's cpu." + ::= { nsResModEntry 10 } + +nsResModSessFailed OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Number of sessions failed for this Security Module's cpu." + ::= { nsResModEntry 11 } + +nsResModThresholdMem OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Memory utilization of the security module exceeds the threshold pre-defined." + ::= { nsResModEntry 12 } + +nsResModThresholdCpu OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "CPU utilization of the security module exceeds the threshold pre-defined." + ::= { nsResModEntry 13 } + +nsResModThresholdSession OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Session number of the security module exceeds the threshold pre-defined." + ::= { nsResModEntry 14 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-RIPv2-MIB b/MIBS/screenos/NETSCREEN-RIPv2-MIB new file mode 100644 index 0000000..436f968 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-RIPv2-MIB @@ -0,0 +1,567 @@ +-- These MIBs were created on 1/2/2003 +-- This module defines enterprise MIBs for NS RIP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. +-- +-- MODULE-IDENTITY +-- OrgName +-- Juniper Networks, Inc. +-- ContactInfo +-- Customer Support +-- +-- 1194 North Mathilda Avenue +-- Sunnyvale, California 94089-1206 +-- USA +-- +-- Tel: 1-800-638-8296 +-- E-mail: customerservice@juniper.net +-- HTTP://www.juniper.net" +-- +-- Descr +-- This module defines the object that are used to monitor +-- NS's RIP configuration +-- +-- Last modified date: 01/16/2003 +-- Last modified date: 11/10/2003 +-- + +NETSCREEN-RIPv2-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, Counter32, + TimeTicks, IpAddress FROM SNMPv2-SMI + TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF + netscreenVR FROM NETSCREEN-SMI; + + -- This MIB module uses the extended OBJECT-TYPE macro as + -- defined in [9]. + + nsRip2 MODULE-IDENTITY + LAST-UPDATED "200506032022Z" -- June 20, 2005 + ORGANIZATION "IETF RIP-II Working Group" + CONTACT-INFO + " Fred Baker + Postal: Cisco Systems + 519 Lado Drive + Santa Barbara, California 93111 + Tel: +1 805 681 0115 + E-Mail: fbaker@cisco.com + + Postal: Gary Malkin + Xylogics, Inc. + 53 Third Avenue + Burlington, MA 01803 + + Phone: (617) 272-8140 + EMail: gmalkin@Xylogics.COM" + DESCRIPTION + "The MIB module to describe the RIP2 Version 2 Protocol" + ::= { netscreenVR 4 } + + -- RIP-2 Management Information Base + + -- the RouteTag type represents the contents of the + -- Route Domain field in the packet header or route entry. + -- The use of the Route Domain is deprecated. + + RouteTag ::= TEXTUAL-CONVENTION + STATUS deprecated + DESCRIPTION + "the RouteTag type represents the contents of the Route Domain + field in the packet header or route entry" + SYNTAX OCTET STRING (SIZE (2)) + +--4.1 Global Counters + +-- The RIP-2 Globals Group. +-- Implementation of this group is mandatory for systems +-- which implement RIP-2. + +-- These counters are intended to facilitate debugging quickly +-- changing routes or failing neighbors + +-- nsRip2Globals OBJECT IDENTIFIER ::= { nsRip2 1 } + +-- nsRip2GlobalRouteChanges OBJECT-TYPE +-- SYNTAX Counter32 +-- MAX-ACCESS read-only +-- STATUS deprecated +-- DESCRIPTION +-- "The number of route changes made to the IP Route +-- Database by RIP. This does not include the refresh +-- of a route's age." +-- ::= { nsRip2Globals 1 } + +-- nsRip2GlobalQueries OBJECT-TYPE +-- SYNTAX Counter32 +-- MAX-ACCESS read-only +-- STATUS deprecated +-- DESCRIPTION +-- "The number of responses sent to RIP queries +-- from other systems." +-- ::= { nsRip2Globals 2 } + + nsRip2GlobalsTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRip2GlobalsEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A list of RIP2 Globals per VR." + ::= { nsRip2 1 } + + nsRip2GlobalsEntry OBJECT-TYPE + + SYNTAX NsRip2GlobalsEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "One VR's Globals." + INDEX { nsRip2GlobalVRID } + ::= { nsRip2GlobalsTable 1 } + + NsRip2GlobalsEntry ::= + SEQUENCE { + nsRip2GlobalRouteChanges + Counter32, + nsRip2GlobalQueries + Counter32, + nsRip2GlobalVRID + INTEGER + } + + nsRip2GlobalRouteChanges OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of route changes made to the IP Route + Database by RIP. This does not include the refresh + of a route's age." + ::= { nsRip2GlobalsEntry 1 } + + nsRip2GlobalQueries OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of responses sent to RIP queries + from other systems." + ::= { nsRip2GlobalsEntry 2 } + + nsRip2GlobalVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsRip2GlobalsEntry 3 } + + +--4.2 RIP Interface Tables + +-- RIP Interfaces Groups +-- Implementation of these Groups is mandatory for systems +-- which implement RIP-2. + +-- The RIP Interface Status Table. + + nsRip2IfStatTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRip2IfStatEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A list of subnets which require separate + status monitoring in RIP." + ::= { nsRip2 2 } + + nsRip2IfStatEntry OBJECT-TYPE + + SYNTAX NsRip2IfStatEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A Single Routing Domain in a single Subnet." + INDEX { nsRip2IfStatAddress, nsRip2IfStatVRID } + ::= { nsRip2IfStatTable 1 } + + NsRip2IfStatEntry ::= + SEQUENCE { + nsRip2IfStatAddress + IpAddress, + nsRip2IfStatRcvBadPackets + Counter32, + nsRip2IfStatRcvBadRoutes + Counter32, + nsRip2IfStatSentUpdates + Counter32, + nsRip2IfStatStatus + RowStatus, + nsRip2IfStatVRID + INTEGER + } + + nsRip2IfStatAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of this system on the indicated + subnet. For unnumbered interfaces, the value 0.0.0.N, + where the least significant 24 bits (N) is the ifIndex + for the IP Interface in network byte order." + ::= { nsRip2IfStatEntry 1 } + + nsRip2IfStatRcvBadPackets OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of RIP response packets received by + the RIP process which were subsequently discarded + for any reason (e.g. a version 0 packet, or an + unknown command type)." + ::= { nsRip2IfStatEntry 2 } + + nsRip2IfStatRcvBadRoutes OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + + DESCRIPTION + "The number of routes, in valid RIP packets, + which were ignored for any reason (e.g. unknown + address family, or invalid metric)." + ::= { nsRip2IfStatEntry 3 } + + nsRip2IfStatSentUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of triggered RIP updates actually + sent on this interface. This explicitly does + NOT include full updates sent containing new + information." + ::= { nsRip2IfStatEntry 4 } + + nsRip2IfStatStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "Writing invalid has the effect of deleting + this interface." + ::= { nsRip2IfStatEntry 5 } + + nsRip2IfStatVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsRip2IfStatEntry 6 } + +-- The RIP Interface Configuration Table. + + nsRip2IfConfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRip2IfConfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A list of subnets which require separate + configuration in RIP." + ::= { nsRip2 3 } + + nsRip2IfConfEntry OBJECT-TYPE + SYNTAX NsRip2IfConfEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A Single Routing Domain in a single Subnet." + INDEX { nsRip2IfConfAddress, nsRip2IfConfVRID } + ::= { nsRip2IfConfTable 1 } + + NsRip2IfConfEntry ::= + SEQUENCE { + + nsRip2IfConfAddress + IpAddress, + nsRip2IfConfDomain + RouteTag, + nsRip2IfConfAuthType + INTEGER, + nsRip2IfConfAuthKey + OCTET STRING, + nsRip2IfConfSend + INTEGER, + nsRip2IfConfReceive + INTEGER, + nsRip2IfConfDefaultMetric + INTEGER, + nsRip2IfConfStatus + RowStatus, + nsRip2IfConfSrcAddress + IpAddress, + nsRip2IfConfVRID + INTEGER + } + + nsRip2IfConfAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address of this system on the indicated + subnet. For unnumbered interfaces, the value 0.0.0.N, + where the least significant 24 bits (N) is the ifIndex + for the IP Interface in network byte order." + ::= { nsRip2IfConfEntry 1 } + + nsRip2IfConfDomain OBJECT-TYPE + SYNTAX RouteTag + MAX-ACCESS read-create + STATUS obsolete + DESCRIPTION + "Value inserted into the Routing Domain field + of all RIP packets sent on this interface." + DEFVAL { '0000'H } + ::= { nsRip2IfConfEntry 2 } + + nsRip2IfConfAuthType OBJECT-TYPE + SYNTAX INTEGER { + noAuthentication (1), + simplePassword (2), + md5 (3) + } + MAX-ACCESS read-create + + STATUS deprecated + DESCRIPTION + "The type of Authentication used on this + interface." + DEFVAL { noAuthentication } + ::= { nsRip2IfConfEntry 3 } + + nsRip2IfConfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..16)) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "The value to be used as the Authentication Key + whenever the corresponding instance of + nsRip2IfConfAuthType has a value other than + noAuthentication. A modification of the corresponding + instance of nsRip2IfConfAuthType does not modify + the nsRip2IfConfAuthKey value. If a string shorter + than 16 octets is supplied, it will be left- + justified and padded to 16 octets, on the right, + with nulls (0x00). + + Reading this object always results in an OCTET + STRING of length zero; authentication may not + be bypassed by reading the MIB object." + DEFVAL { ''H } + ::= { nsRip2IfConfEntry 4 } + + nsRip2IfConfSend OBJECT-TYPE + SYNTAX INTEGER { + doNotSend (1), + ripVersion1 (2), + rip1Compatible (3), + ripVersion2 (4), + ripV1Demand (5), + ripV2Demand (6) + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "What the router sends on this interface. + ripVersion1 implies sending RIP updates compliant + with RFC 1058. rip1Compatible implies + broadcasting RIP-2 updates using RFC 1058 route + subsumption rules. ripVersion2 implies + multicasting RIP-2 updates. ripV1Demand indicates + the use of Demand RIP on a WAN interface under RIP + Version 1 rules. ripV2Demand indicates the use of + + Demand RIP on a WAN interface under Version 2 rules." + DEFVAL { rip1Compatible } + ::= { nsRip2IfConfEntry 5 } + + nsRip2IfConfReceive OBJECT-TYPE + SYNTAX INTEGER { + rip1 (1), + rip2 (2), + rip1OrRip2 (3), + doNotRecieve (4) + } + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This indicates which version of RIP updates + are to be accepted. Note that rip2 and + rip1OrRip2 implies reception of multicast + packets." + DEFVAL { rip1OrRip2 } + ::= { nsRip2IfConfEntry 6 } + + nsRip2IfConfDefaultMetric OBJECT-TYPE + SYNTAX INTEGER ( 0..15 ) + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "This variable indicates the metric that is to + be used for the default route entry in RIP updates + originated on this interface. A value of zero + indicates that no default route should be + originated; in this case, a default route via + another router may be propagated." + ::= { nsRip2IfConfEntry 7 } + + nsRip2IfConfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + "Writing invalid has the effect of deleting + this interface." + ::= { nsRip2IfConfEntry 8 } + + nsRip2IfConfSrcAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS deprecated + DESCRIPTION + + "The IP Address this system will use as a source + address on this interface. If it is a numbered + interface, this MUST be the same value as + nsRip2IfConfAddress. On unnumbered interfaces, + it must be the value of nsRip2IfConfAddress for + some interface on the system." + ::= { nsRip2IfConfEntry 9 } + + nsRip2IfConfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsRip2IfConfEntry 10 } + +--4.3 Peer Table + +-- Peer Table + +-- The RIP Peer Group +-- Implementation of this Group is Optional + +-- This group provides information about active peer +-- relationships intended to assist in debugging. An +-- active peer is a router from which a valid RIP +-- updated has been heard in the last 180 seconds. + + nsRip2PeerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsRip2PeerEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "A list of RIP Peers." + ::= { nsRip2 4 } + + nsRip2PeerEntry OBJECT-TYPE + SYNTAX NsRip2PeerEntry + MAX-ACCESS not-accessible + STATUS deprecated + DESCRIPTION + "Information regarding a single routing peer." + INDEX { nsRip2PeerAddress, nsRip2PeerDomain, nsRip2PeerVRID } + ::= { nsRip2PeerTable 1 } + + NsRip2PeerEntry ::= + SEQUENCE { + nsRip2PeerAddress + IpAddress, + nsRip2PeerDomain + RouteTag, + nsRip2PeerLastUpdate + TimeTicks, + nsRip2PeerVersion + INTEGER, + nsRip2PeerRcvBadPackets + + Counter32, + nsRip2PeerRcvBadRoutes + Counter32, + nsRip2PeerVRID + INTEGER + } + + nsRip2PeerAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The IP Address that the peer is using as its source + address. Note that on an unnumbered link, this may + not be a member of any subnet on the system." + ::= { nsRip2PeerEntry 1 } + + nsRip2PeerDomain OBJECT-TYPE + SYNTAX RouteTag + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The value in the Routing Domain field in RIP + packets received from the peer. As domain suuport + is deprecated, this must be zero." + ::= { nsRip2PeerEntry 2 } + + nsRip2PeerLastUpdate OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The value of sysUpTime when the most recent + RIP update was received from this system." + ::= { nsRip2PeerEntry 3 } + + nsRip2PeerVersion OBJECT-TYPE + SYNTAX INTEGER ( 0..255 ) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The RIP version number in the header of the + last RIP packet received." + ::= { nsRip2PeerEntry 4 } + + nsRip2PeerRcvBadPackets OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + + "The number of RIP response packets from this + peer discarded as invalid." + ::= { nsRip2PeerEntry 5 } + + nsRip2PeerRcvBadRoutes OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "The number of routes from this peer that were + ignored because the entry format was invalid." + ::= { nsRip2PeerEntry 6 } + + nsRip2PeerVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS deprecated + DESCRIPTION + "Virtual Router ID" + ::= { nsRip2PeerEntry 7 } + +END diff --git a/MIBS/screenos/NETSCREEN-SCHEDULE-MIB b/MIBS/screenos/NETSCREEN-SCHEDULE-MIB new file mode 100644 index 0000000..f0cc10f --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SCHEDULE-MIB @@ -0,0 +1,253 @@ +-- This module defines enterprise MIBs for Schedule +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SCHEDULE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSchedule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenScheduleMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + scheduled entries" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSchedule 0 } + +NsSchOnceEntry ::= SEQUENCE +{ + nsSchOnceIndex Integer32, + nsSchOnceName DisplayString, + nsSchOnceStartTime DisplayString, + nsSchOnceStopTime DisplayString, + nsSchOnceComments DisplayString, + nsSchOnceVsys Integer32 +} + +NsSchRecurEntry ::= SEQUENCE +{ + nsSchRecurIndex Integer32, + nsSchRecurName DisplayString, + nsSchRecurWeekday INTEGER, + nsSchRecurStartTime1 DisplayString, + nsSchRecurStopTime1 DisplayString, + nsSchRecurStartTime2 DisplayString, + nsSchRecurStopTime2 DisplayString, + nsSchRecurComments DisplayString, + nsSchRecurVsys Integer32 +} + +nsSchOnceTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSchOnceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "By associating a schedule to a NetScreen device setting, user + can determine when that setting is in effect. This table + specifies the configuration of schedules as a one-time + event." + ::= { netscreenSchedule 1 } + +nsSchOnceEntry OBJECT-TYPE + SYNTAX NsSchOnceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsSchOnceTable holds a set of configuration + parameters associated with an instance of one-time schedule." + INDEX + { nsSchOnceIndex } + ::= { nsSchOnceTable 1 } + +nsSchOnceIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for schedule. Its value ranges between 1 and + 65535 and may not be contiguous. The index has no other + meaning but a pure index" + ::= { nsSchOnceEntry 1 } + +nsSchOnceName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's name." + ::= { nsSchOnceEntry 2 } + +nsSchOnceStartTime OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's start time." + ::= { nsSchOnceEntry 3 } + +nsSchOnceStopTime OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's stop time." + ::= { nsSchOnceEntry 4 } + +nsSchOnceComments OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Comments for this schedule." + ::= { nsSchOnceEntry 5 } + +nsSchOnceVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Vsys this entry belongs to" + ::= { nsSchOnceEntry 6 } + +nsSchRecurTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSchRecurEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "By associating a schedule to a NetScreen device setting, user + can determine when that setting is in effect. This table + specifies the configuration of schedules on a recurring + basis." + ::= { netscreenSchedule 2 } + +nsSchRecurEntry OBJECT-TYPE + SYNTAX NsSchRecurEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsSchOnceTable holds a set of configuration + parameters associated with an instance of re-occurring + schedule." + INDEX + { nsSchRecurIndex } + ::= { nsSchRecurTable 1 } + +nsSchRecurIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for schedule. Its value ranges between 1 and + 65535 and may not be contiguous. The index has no other + meaning but a pure index" + ::= { nsSchRecurEntry 1 } + +nsSchRecurName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's name" + ::= { nsSchRecurEntry 2 } + +nsSchRecurWeekday OBJECT-TYPE + SYNTAX INTEGER { + sun(0), + mon(1), + tue(2), + wed(3), + thu(4), + fri(5), + sat(6) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's starts date, using week day to determine." + ::= { nsSchRecurEntry 3 } + +nsSchRecurStartTime1 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's start time one." + ::= { nsSchRecurEntry 4 } + +nsSchRecurStopTime1 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule's stop time one." + ::= { nsSchRecurEntry 5 } + +nsSchRecurStartTime2 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule start time two." + ::= { nsSchRecurEntry 6 } + +nsSchRecurStopTime2 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "schedule stop time two." + ::= { nsSchRecurEntry 7 } + +nsSchRecurComments OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "comments for the schedule." + ::= { nsSchRecurEntry 8 } + +nsSchRecurVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The vsys this entry belongs to" + ::= { nsSchRecurEntry 9 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SERVICE-MIB b/MIBS/screenos/NETSCREEN-SERVICE-MIB new file mode 100644 index 0000000..54a54ea --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SERVICE-MIB @@ -0,0 +1,323 @@ +-- This module defines enterprise MIBs for Services +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SERVICE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenService + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenServiceMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + service configuration in NetScreen device." + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenService 0 } + +NsServiceEntry ::= SEQUENCE +{ + nsServiceIndex Integer32, + nsServiceName DisplayString, + nsServiceCategory INTEGER, + nsServiceTransProto INTEGER, + nsServiceSrcPortLow Integer32, + nsServiceSrcPortHigh Integer32, + nsServiceDstPortLow Integer32, + nsServiceDstPortHigh Integer32, + nsServiceFlag INTEGER, + nsServiceVsys Integer32 +} + +NsServiceGroupEntry ::= SEQUENCE +{ + nsServiceGroupIndex Integer32, + nsServiceGroupName DisplayString, + nsServiceGroupMember Integer32, + nsServiceGroupComment DisplayString, + nsServiceGroupVsys Integer32 +} + +NsServiceGrpMemberEntry ::= SEQUENCE +{ + nsServiceGrpMemberIndex Integer32, + nsServiceGrpName DisplayString, + nsServiceGroupMemberName DisplayString, + nsServiceGroupMemberVsys Integer32 +} + +nsServiceTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsServiceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Services are types of IP traffic for which protocol standards + exist. This table collects all the service configurations + existing in NetScreen device." + ::= { netscreenService 1 } + +nsServiceEntry OBJECT-TYPE + SYNTAX NsServiceEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each enry in the nsServiceTable holds a set of configuration + parameters associated with an instance of service." + INDEX + { nsServiceIndex } + ::= { nsServiceTable 1 } + +nsServiceIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each address. Its value ranges between 0 + and 65535 and may not be contiguous." + ::= { nsServiceEntry 1 } + +nsServiceName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service name." + ::= { nsServiceEntry 2 } + +nsServiceCategory OBJECT-TYPE + SYNTAX INTEGER { + remote(1), + email(2), + infoseek(3), + security(4), + other(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Category this service belongs to." + ::= { nsServiceEntry 3 } + +nsServiceTransProto OBJECT-TYPE + SYNTAX INTEGER { + other(0), + icmp(1), + tcp(6), + udp(17), + egp(8), + igp(9), + udp(17), + rsvp(46), + gre(47), + ospf(89) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service trans protocol. + 6 means tcp + 17 means udp" + ::= { nsServiceEntry 4 } + +nsServiceSrcPortLow OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The low source port number associated with service." + ::= { nsServiceEntry 5 } + +nsServiceSrcPortHigh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The high source port number associated with service." + ::= { nsServiceEntry 6 } + +nsServiceDstPortLow OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The low destination port number associated with service." + ::= { nsServiceEntry 7 } + +nsServiceDstPortHigh OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The high source port number associated with service." + ::= { nsServiceEntry 8 } + +nsServiceFlag OBJECT-TYPE + SYNTAX INTEGER { + pre-define(0), + usr-define(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service flag used to indicate if the service is a pre-defined + one or a custom one." + ::= { nsServiceEntry 9 } + +nsServiceVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this configuration belongs to." + ::= { nsServiceEntry 10 } + +nsServiceGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsServiceGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Services can be organized into service group for convenience. + This table collects all service group entries in NetScreen + device." + ::= { netscreenService 2 } + +nsServiceGroupEntry OBJECT-TYPE + SYNTAX NsServiceGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsServiceGroupTable holds a set of + information about service group." + INDEX + { nsServiceGroupIndex } + ::= { nsServiceGroupTable 1 } + +nsServiceGroupIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each group. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsServiceGroupEntry 1 } + +nsServiceGroupName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service group name." + ::= { nsServiceGroupEntry 2 } + +nsServiceGroupMember OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Service member number in service group." + ::= { nsServiceGroupEntry 3 } + +nsServiceGroupComment OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Comments for service group." + ::= { nsServiceGroupEntry 4 } + +nsServiceGroupVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this group belongs to." + ::= { nsServiceGroupEntry 5 } + +nsServiceGrpMemberTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsServiceGrpMemberEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Service group membership info table will show detail + information of a service group." + ::= { netscreenService 3 } + +nsServiceGrpMemberEntry OBJECT-TYPE + SYNTAX NsServiceGrpMemberEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing attributes service group's member info" + INDEX + { nsServiceGrpMemberIndex } + ::= { nsServiceGrpMemberTable 1 } + +nsServiceGrpMemberIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each group. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsServiceGrpMemberEntry 1 } + +nsServiceGrpName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Specific service group name" + ::= { nsServiceGrpMemberEntry 2 } + +nsServiceGroupMemberName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Specific service name in the service group." + ::= { nsServiceGrpMemberEntry 3 } + +nsServiceGroupMemberVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this configuration belongs to" + ::= { nsServiceGrpMemberEntry 4 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB b/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB new file mode 100644 index 0000000..94e7fe2 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB @@ -0,0 +1,202 @@ +-- This module defines enterprise MIBs for NS admin setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-ADMIN-USR-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetAdminUsrMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor admin + user" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 11 } + +NsSetAdminUserClientEntry ::= SEQUENCE +{ + nsAdminUserClientIndex Integer32, + nsAdminUserClientIp IpAddress, + nsAdminUserClientNetmask IpAddress, + nsAdminUserVSYS Integer32 +} + +NsSetAdminUserLocalEntry ::= SEQUENCE +{ + nsAdminUserLocalIndex Integer32, + nsAdminUserLocalName DisplayString, + nsAdminUserLocalPriv Integer32, + nsAdminUserLocalRole Integer32 +} + +nsSetAdminUser OBJECT IDENTIFIER ::= { netscreenSetting 11 } + +nsSetAdminUserLocalTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetAdminUserLocalEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table collects all administration user information stored + in local user database." + ::= { nsSetAdminUser 1 } + +nsSetAdminUserLocalEntry OBJECT-TYPE + SYNTAX NsSetAdminUserLocalEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Local database administration user attributes." + INDEX + { nsAdminUserLocalIndex } + ::= { nsSetAdminUserLocalTable 1 } + +nsAdminUserLocalIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for user info table. Its value ranges between + 0 and 65535 and may not be contiguous." + ::= { nsSetAdminUserLocalEntry 1 } + +nsAdminUserLocalName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Administration user name." + ::= { nsSetAdminUserLocalEntry 2 } + +nsAdminUserLocalPriv OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Administration user's privileges. The smaller the value, the + higher the privileges." + ::= { nsSetAdminUserLocalEntry 3 } + +nsAdminUserLocalRole OBJECT-TYPE + SYNTAX Integer32 { + not-assigned(0), + crypto(1), + security(2), + audit(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Administration user's role attributes." + ::= { nsSetAdminUserLocalEntry 4 } + +nsAdminUserRadius OBJECT IDENTIFIER ::= { nsSetAdminUser 2 } + +nsAdminUserRadiusEnabled OBJECT-TYPE + SYNTAX INTEGER { + disabled(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable external radius server to authenticate admin user" + ::= { nsAdminUserRadius 1 } + +nsAdminUserRadiusServer OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "External radius server name" + ::= { nsAdminUserRadius 2 } + +nsSetAdminUserClientTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetAdminUserClientEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Management Client IP addresses is used to restrict the + administration ability from one or multiple addresses of a + subnet." + ::= { nsSetAdminUser 3 } + +nsSetAdminUserClientEntry OBJECT-TYPE + SYNTAX NsSetAdminUserClientEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing admin client ip information" + INDEX + { nsAdminUserClientIndex } + ::= { nsSetAdminUserClientTable 1 } + +nsAdminUserClientIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for client ip table. Its value ranges between + 0 and 65535 and may not be contiguous." + ::= { nsSetAdminUserClientEntry 1 } + +nsAdminUserClientIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Management client ip" + ::= { nsSetAdminUserClientEntry 2 } + +nsAdminUserClientNetmask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Management client ip netmask" + ::= { nsSetAdminUserClientEntry 3 } + +nsAdminUserVSYS OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Vsys ID of the admin user" + ::= { nsSetAdminUserClientEntry 4 } +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-AUTH-MIB b/MIBS/screenos/NETSCREEN-SET-AUTH-MIB new file mode 100644 index 0000000..95254ba --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-AUTH-MIB @@ -0,0 +1,404 @@ +-- This module defines enterprise MIBs for Authentication +-- Configuration +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-AUTH-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetAuthMibModule MODULE-IDENTITY + LAST-UPDATED "200411102022Z" -- Nov 10, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the configuration info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Added nsSetAuthCfgEntry attributes" + REVISION "200411102022Z" -- Nov 10, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200204270000Z" -- April 27, 2002 + DESCRIPTION + "More than one auth setting allowed in one system" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 2 } + +NsSetAuthCfgEntry ::= SEQUENCE +{ + nsSetAuthCfgIdx Integer32, + nsSetAuthCfgVsys Integer32, + nsSetAuthCfgName DisplayString, + nsSetAuthCfgPrimary DisplayString, + nsSetAuthCfgBackup1 DisplayString, + nsSetAuthCfgBackup2 DisplayString, + nsSetAuthCfgConnIdleTimeout Integer32, + nsSetAuthCfgAuthAccount INTEGER, + nsSetAuthCfgIkeAccount INTEGER, + nsSetAuthCfgL2tpAccount INTEGER, + nsSetAuthCfgAdminAccount INTEGER, + nsSetAuthCfgXauthAccount INTEGER, + nsSetAuthCfgMethod INTEGER, + nsSetAuthCfgPort Integer32, + nsSetAuthCfgSecCliRetry Integer32, + nsSetAuthCfgSecCliTimeout Integer32, + nsSetAuthCfgSecEncType INTEGER, + nsSetAuthCfgSecUseDuress INTEGER, + nsSetAuthCfgLDAPCni DisplayString, + nsSetAuthCfgLDAPDn DisplayString, + nsSetAuthCfgSepChar DisplayString, + nsSetAuthCfgSepNumber Integer32, + nsSetAuthCfgRevInterval Integer32, + nsSetAuthCfgRadRetries Integer32, + nsSetAuthCfgEnableStnID INTEGER, + nsSetAuthCfgDomainName DisplayString, + nsSetAuthCfgAcctSessIdLen Integer32, + nsSetAuthCfgRFC2138Compatibility INTEGER, + nsSetAuthCfgSourceIfName DisplayString, + nsSetAuthCfgAcctPort Integer32, + nsSetAuthCfgAcctListActn INTEGER, + nsSetAuthCfgSourceIfInfo Integer32 +} + +nsSetAuth OBJECT IDENTIFIER ::= { netscreenSetting 2 } + +nsSetAuthCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetAuthCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The authentication configuration of NetScreen device." + ::= { nsSetAuth 1 } + +nsSetAuthCfgEntry OBJECT-TYPE + SYNTAX NsSetAuthCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen admin user authentication setting table." + INDEX + { nsSetAuthCfgIdx } + ::= { nsSetAuthCfgTable 1 } + +nsSetAuthCfgIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Authentication server config index." + ::= { nsSetAuthCfgEntry 1 } + +nsSetAuthCfgVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtural system the setting belongs to." + ::= { nsSetAuthCfgEntry 2 } + +nsSetAuthCfgName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Authentication server setting entry name." + ::= { nsSetAuthCfgEntry 3 } + +nsSetAuthCfgPrimary OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Primary authentication server IP or domain name." + ::= { nsSetAuthCfgEntry 4 } + +nsSetAuthCfgBackup1 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "First backup authentication server IP or domain name.It's + optional." + ::= { nsSetAuthCfgEntry 5 } + +nsSetAuthCfgBackup2 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secondary backup authentication server IP or domain name.It's + optional." + ::= { nsSetAuthCfgEntry 6 } + +nsSetAuthCfgConnIdleTimeout OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "connection timeout threshold setting. 0 means no timeout + setting." + ::= { nsSetAuthCfgEntry 7 } + +nsSetAuthCfgAuthAccount OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allow authentication account." + ::= { nsSetAuthCfgEntry 8 } + +nsSetAuthCfgIkeAccount OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allow IKE account." + ::= { nsSetAuthCfgEntry 9 } + +nsSetAuthCfgL2tpAccount OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allow L2tp account." + ::= { nsSetAuthCfgEntry 10 } + +nsSetAuthCfgAdminAccount OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allow administration account." + ::= { nsSetAuthCfgEntry 11 } + +nsSetAuthCfgXauthAccount OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Allow Xauth account." + ::= { nsSetAuthCfgEntry 12 } + +nsSetAuthCfgMethod OBJECT-TYPE + SYNTAX INTEGER { + build-in-user-db(0), + radius-server(1), + secureId-server(2), + ldap-server(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetScreen device admin user authentication method." + ::= { nsSetAuthCfgEntry 13 } + +nsSetAuthCfgPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Server listening port number." + ::= { nsSetAuthCfgEntry 14 } + +nsSetAuthCfgSecCliRetry OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SecureID client client retry times" + ::= { nsSetAuthCfgEntry 15 } + +nsSetAuthCfgSecCliTimeout OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SecureID client timeout threshold." + ::= { nsSetAuthCfgEntry 16 } + +nsSetAuthCfgSecEncType OBJECT-TYPE + SYNTAX INTEGER { + sdi(0), + des(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SecureID traffic encryption type." + ::= { nsSetAuthCfgEntry 17 } + +nsSetAuthCfgSecUseDuress OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Use duress in SecureID authentication." + ::= { nsSetAuthCfgEntry 18 } + +nsSetAuthCfgLDAPCni OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..2)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "LDAP server common name identifier" + ::= { nsSetAuthCfgEntry 19 } + +nsSetAuthCfgLDAPDn OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "LDAP server distinguished name" + ::= { nsSetAuthCfgEntry 20 } + +nsSetAuthCfgSepChar OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..2)) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Seperator character for this entry" + ::= { nsSetAuthCfgEntry 21 } + +nsSetAuthCfgSepNumber OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Seperator number for this entry" + ::= { nsSetAuthCfgEntry 22 } + +nsSetAuthCfgRevInterval OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Revert interval for this entry" + ::= { nsSetAuthCfgEntry 23 } +nsSetAuthCfgRadRetries OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Radius retries for this entries" + ::= { nsSetAuthCfgEntry 24 } +nsSetAuthCfgEnableStnID OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Enable/Disable call station ID for this entry." + ::= { nsSetAuthCfgEntry 25 } + +nsSetAuthCfgDomainName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Domain name for this entry" + ::= { nsSetAuthCfgEntry 26 } + +nsSetAuthCfgAcctSessIdLen OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Acct session identifier length for this entry" + ::= { nsSetAuthCfgEntry 27 } +nsSetAuthCfgRFC2138Compatibility OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Is RFC2138 compatible for this entry" + ::= { nsSetAuthCfgEntry 28 } + +nsSetAuthCfgSourceIfName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Source interface name for this entry" + ::= { nsSetAuthCfgEntry 29 } + +nsSetAuthCfgAcctPort OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Radius accounting port for this entry" + ::= { nsSetAuthCfgEntry 30 } + +nsSetAuthCfgAcctListActn OBJECT-TYPE + SYNTAX INTEGER { + none(0), + cleanup-sess(1) + } + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Radius accounting action for this entry" + ::= { nsSetAuthCfgEntry 31 } + +nsSetAuthCfgSourceIfInfo OBJECT-TYPE + SYNTAX Integer32 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Source interface info for this entry. Returns -1 if no interface is selected" + ::= { nsSetAuthCfgEntry 32 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-DHCP-MIB b/MIBS/screenos/NETSCREEN-SET-DHCP-MIB new file mode 100644 index 0000000..7f41788 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-DHCP-MIB @@ -0,0 +1,134 @@ +-- This module defines enterprise MIBs for DHCP Configuration +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-DHCP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetDhcpMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the configuration info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct wrong title" + REVISION "200112120000Z" -- December 12, 2001 + DESCRIPTION + "change dhcp configuration per physical interface" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 5 } + +NsSetDhcpEntry ::= SEQUENCE +{ + nsSetDhcpIfIdx Integer32, + nsSetDHCPService INTEGER, + nsSetDHCPRelayServer DisplayString, + nsSetDHCPVpnEncryp INTEGER, + nsSetDhcpIfInfo Integer32 +} + +nsSetDHCP OBJECT IDENTIFIER ::= { netscreenSetting 5 } + +nsSetDhcpTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetDhcpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen ScreenOS can allow dhcp service on each of NetScreen + device's physical interface. This table collects the dhcp + configuration on each physical interface." + ::= { nsSetDHCP 1 } + +nsSetDhcpEntry OBJECT-TYPE + SYNTAX NsSetDhcpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Hold the firewall setting attribute." + INDEX + { nsSetDhcpIfIdx } + ::= { nsSetDhcpTable 1 } + +nsSetDhcpIfIdx OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "unique interface id." + ::= { nsSetDhcpEntry 1 } + +nsSetDHCPService OBJECT-TYPE + SYNTAX INTEGER { + none(0), + dhcp-relay-agent(1), + dhcp-server(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DHCP service type for trusted network." + ::= { nsSetDhcpEntry 2 } + +nsSetDHCPRelayServer OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..128)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DHCP relay agent server name." + ::= { nsSetDhcpEntry 3 } + +nsSetDHCPVpnEncryp OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure DHCP relay agent traffic via VPN encryption." + ::= { nsSetDhcpEntry 4 } + +nsSetDhcpIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsSetDhcpEntry 5 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-DNS-MIB b/MIBS/screenos/NETSCREEN-SET-DNS-MIB new file mode 100644 index 0000000..3d41b41 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-DNS-MIB @@ -0,0 +1,90 @@ +-- This module defines enterprise MIBs for DNS Configuration +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-DNS-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetDnsMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the configuration info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct wrong title" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 3 } + +nsSetDNS OBJECT IDENTIFIER ::= { netscreenSetting 3 } + +nsConfigDnsPriSer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Primary DNS server ip address" + ::= { nsSetDNS 1 } + +nsConfigDnsSecSer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secondary DNS server ip address" + ::= { nsSetDNS 2 } + +nsConfigDnsRefEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable refresh DNS every day." + ::= { nsSetDNS 3 } + +nsConfigDnsRefTime OBJECT-TYPE + SYNTAX DisplayString (SIZE(6)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DNS refresh time." + ::= { nsSetDNS 4 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB b/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB new file mode 100644 index 0000000..6939a09 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB @@ -0,0 +1,102 @@ +-- This module defines enterprise MIBs for email notification +-- setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-EMAIL-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetEmailMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + the email notification setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct wrong title" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 7 } + +nsSetEmail OBJECT IDENTIFIER ::= { netscreenSetting 7 } + +nsSetEmailEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable E-mail Notification for Alarms" + ::= { nsSetEmail 1 } + +nsSetEmailSMTP OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SMTP server name" + ::= { nsSetEmail 2 } + +nsSetEmailLog OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Include Traffic Log in email" + ::= { nsSetEmail 3 } + +nsSetEmailAddr1 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "E-mail receiver address one" + ::= { nsSetEmail 4 } + +nsSetEmailAddr2 OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "E-mail receiver address two" + ::= { nsSetEmail 5 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-GEN-MIB b/MIBS/screenos/NETSCREEN-SET-GEN-MIB new file mode 100644 index 0000000..db5b921 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-GEN-MIB @@ -0,0 +1,130 @@ +-- This module defines enterprise MIBs for Configuration monitoring +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-GEN-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetGenMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "obsolete nsSetGenSysIp" + REVISION "200508120000Z" -- Aug 12, 2005 + DESCRIPTION + "This module defines the object that are used to monitor all + the configuration info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 1 } + +nsSetGeneral OBJECT IDENTIFIER ::= { netscreenSetting 1 } + +nsSetGenSysIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS obsolete + DESCRIPTION + "System Ip address" + ::= { nsSetGeneral 1 } + +nsSetGenHostName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Host name of NetScreen device." + ::= { nsSetGeneral 2 } + +nsSetGenDomain OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Domain name of NetScreen device." + ::= { nsSetGeneral 3 } + +nsSetGenOpMode OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetScreen device can work in one of the tree mode: + transparent, NAT and route. This attribute indicates which + operation mode it use." + ::= { nsSetGeneral 4 } + +nsSetGenSwVer OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..128)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetSceen OS version." + ::= { nsSetGeneral 5 } + +nsSetGenLicInfo OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetScreen OS license information." + ::= { nsSetGeneral 6 } + +nsSetGenSCSAdminEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "enable Command Security Shell" + ::= { nsSetGeneral 7 } + +nsSetGenDropSelfLogPac OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Log Packets to Self that are dropped" + ::= { nsSetGeneral 8 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-GLB-MIB b/MIBS/screenos/NETSCREEN-SET-GLB-MIB new file mode 100644 index 0000000..9c01c8e --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-GLB-MIB @@ -0,0 +1,272 @@ +-- This module defines enterprise MIBs for Global, Global-Pro and NSM setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-GLB-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetGlbMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + Global, Global-Pro and NSM setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 10 } + +nsSetGlbMng OBJECT IDENTIFIER ::= { netscreenSetting 10 } + +nsSetGlbMngVPNEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure NS Global Manager/PRO traffic via VPN encryption." + ::= { nsSetGlbMng 1 } + +nsSetGlbMngEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Global Manager service on NetScreen device." + ::= { nsSetGlbMng 2 } + +nsSetGlbProEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Global Pro Management service on NetScreen device." + ::= { nsSetGlbMng 3 } + +nsSetGlbManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 4 } + +nsSetGlbMngSerName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Server Name of Global Manager service." + ::= { nsSetGlbManagerSetting 1 } + +nsSetGlbMngSerTCP OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "TCP port number of Global Manager service." + ::= { nsSetGlbManagerSetting 2 } + +nsSetGlbMngSerUDP OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "UDP port number of Global Manager service." + ::= { nsSetGlbManagerSetting 3 } + +nsSetGlbMngLocal OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Global Manager service listening port number(NS device + side)." + ::= { nsSetGlbManagerSetting 4 } + +nsSetGlbProManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 5 } + +nsSetGlbProPriSer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Primary IP Address of Global PRO Server." + ::= { nsSetGlbProManagerSetting 1 } + +nsSetGlbProSecSer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secondary IP Address of Global PRO Server" + ::= { nsSetGlbProManagerSetting 2 } + +nsSetGlbMngSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 6 } + +nsSetGlbMngProtDist OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Protocol Distribution in global management service." + ::= { nsSetGlbMngSetting 1 } + +nsSetGlbMngEthStatis OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Ethernet Statistics in global management service." + ::= { nsSetGlbMngSetting 2 } + +nsSetGlbMngAttStatis OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Attack Statistics in global management service." + ::= { nsSetGlbMngSetting 3 } + +nsSetGlbMngPlyStatis OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Policy Statistics in global management service." + ::= { nsSetGlbMngSetting 4 } + +nsSetGlbMngFlowStatis OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Flow Statistics in global management service." + ::= { nsSetGlbMngSetting 5 } + +nsSetGlbMngTrafAlm OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Traffic Alarms in global management service." + ::= { nsSetGlbMngSetting 6 } + +nsSetGlbMngAttAlm OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Attack Alarms in global management service." + ::= { nsSetGlbMngSetting 7 } + +nsSetGlbMngEvtAlm OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Event Alarms in global management service." + ::= { nsSetGlbMngSetting 8 } + +nsSetGlbMngCfgLog OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Configuration Logs in global management service." + ::= { nsSetGlbMngSetting 9 } + +nsSetGlbMngTrafLog OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Traffic Logs in global management service." + ::= { nsSetGlbMngSetting 10 } + +nsSetGlbMngInfoLog OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Information Logs in global management service." + ::= { nsSetGlbMngSetting 11 } + +nsSetGlbMngSelfLog OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Self Logs in global management service." + ::= { nsSetGlbMngSetting 12 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-LOG-MIB b/MIBS/screenos/NETSCREEN-SET-LOG-MIB new file mode 100644 index 0000000..83c3c78 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-LOG-MIB @@ -0,0 +1,197 @@ +-- This module defines enterprise MIBs for syslog setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-LOG-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetLogMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + syslog setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 8 } + +nsSetLog OBJECT IDENTIFIER ::= { netscreenSetting 8 } + +nsSetLogEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Syslog messages" + ::= { nsSetLog 1 } + +nsSetLogVPNEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure syslog message traffic using VPN encryption" + ::= { nsSetLog 2 } + +nsSetLogTraffic OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Including traffic log when recording administration log" + ::= { nsSetLog 3 } + +nsSetLogHostName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "syslog server name or ip address" + ::= { nsSetLog 4 } + +nsSetLogPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "syslog server port number" + ::= { nsSetLog 5 } + +nsSetLogSecFacility OBJECT-TYPE + SYNTAX INTEGER { + local0(16), + local1(17), + local2(18), + local3(19), + local4(20), + local5(21), + local6(22), + local7(23), + auth-sec(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Security Facility of syslog server" + ::= { nsSetLog 6 } + +nsSetLogFacility OBJECT-TYPE + SYNTAX INTEGER { + local0(16), + local1(17), + local2(18), + local3(19), + local4(20), + lcoal5(21), + local6(22), + loca7(23), + auth-sec(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Facility of syslog server" + ::= { nsSetLog 7 } + +nsSetLogLevel OBJECT-TYPE + SYNTAX INTEGER { + emergency(0), + aleart(1), + critical(2), + error(3), + warning(4), + notice(5), + info(6), + debug(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Only log messages with a priority level of + EMERGENCY/ALERT/CRITICAL/ERROR/WARNING/NOTICE/INFO/DEBUG or + higher" + ::= { nsSetLog 8 } + +nsSetLogWebTrendsEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable WebTrends Firewall syslog report." + ::= { nsSetLog 9 } + +nsSetLogWebTrendsVPNEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure WebTrends message via VPN encryption" + ::= { nsSetLog 10 } + +nsSetLogWebTrendsHostName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "WebTrends Host Name" + ::= { nsSetLog 11 } + +nsSetLogWebTrendsPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "WebTrends Host Port" + ::= { nsSetLog 12 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-SNMP-MIB b/MIBS/screenos/NETSCREEN-SET-SNMP-MIB new file mode 100644 index 0000000..46bf1bd --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-SNMP-MIB @@ -0,0 +1,176 @@ +-- This module defines enterprise MIBs for SNMP setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-SNMP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetSnmpMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + SNMP setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311100000Z" -- November 10, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 9 } + +NsSetSnmpCommHostEntry ::= SEQUENCE +{ + nsSetSnmpCommHostIndex Integer32, + nsSetSnmpCommunity DisplayString, + nsSetSnmpHostInComm IpAddress, + nsSetSnmpWritePermit INTEGER, + nsSetSnmpTrapPermit INTEGER, + nsSetSnmpTrafficAlarmPermit INTEGER +} + +nsSetSNMP OBJECT IDENTIFIER ::= { netscreenSetting 9 } + +nsSetSnmpSysName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SNMP agent's sysname." + ::= { nsSetSNMP 1 } + +nsSetSnmpContact OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "contact name." + ::= { nsSetSNMP 2 } + +nsSetSnmpLocation OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SNMP agent Location." + ::= { nsSetSNMP 3 } + +nsSetSnmpVPNEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure SNMP traffic via VPN encryption" + ::= { nsSetSNMP 4 } + +nsSetSnmpCommHostTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetSnmpCommHostEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The snmp community and host table" + ::= { nsSetSNMP 5 } + +nsSetSnmpCommHostEntry OBJECT-TYPE + SYNTAX NsSetSnmpCommHostEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing community and hosts information" + INDEX + { nsSetSnmpCommHostIndex } + ::= { nsSetSnmpCommHostTable 1 } + +nsSetSnmpCommHostIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for snmp community & host table. Its value + ranges between 0 and 65535 and may not be contiguous." + ::= { nsSetSnmpCommHostEntry 1 } + +nsSetSnmpCommunity OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SNMP community name." + ::= { nsSetSnmpCommHostEntry 2 } + +nsSetSnmpHostInComm OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SNMP host ip address." + ::= { nsSetSnmpCommHostEntry 3 } + +nsSetSnmpWritePermit OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Permission to write." + ::= { nsSetSnmpCommHostEntry 4 } + +nsSetSnmpTrapPermit OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Permission to receive trap." + ::= { nsSetSnmpCommHostEntry 5 } + +nsSetSnmpTrafficAlarmPermit OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Permission of including traffic alarm in trap." + ::= { nsSetSnmpCommHostEntry 6 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB b/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB new file mode 100644 index 0000000..bcde7d4 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB @@ -0,0 +1,102 @@ +-- This module defines enterprise MIBs for time and NTP setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-SYSTIME-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + ; + +netscreenSetSystimeMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + NTP setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311120000Z" -- November 12, 2003 + DESCRIPTION + "Correct wrong title" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 6 } + +nsSetSysTime OBJECT IDENTIFIER ::= { netscreenSetting 6 } + +nsSetSysTimeGmtOffset OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "GMT time offset of system time" + ::= { nsSetSysTime 1 } + +nsSetSysTimeDaySaving OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "enable daylight time saving method." + ::= { nsSetSysTime 2 } + +nsSetSysTimeNTP OBJECT IDENTIFIER ::= { nsSetSysTime 3 } + +nsSetNtpEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Network Time Protocol" + ::= { nsSetSysTimeNTP 1 } + +nsSetNtpServer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Network Time Server ip" + ::= { nsSetSysTimeNTP 2 } + +nsSetNtpUpdateInterval OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If NetScreen device use NTP to get system time. This object + indicate the update system clock time interval." + ::= { nsSetSysTimeNTP 3 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB b/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB new file mode 100644 index 0000000..f8326ec --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB @@ -0,0 +1,133 @@ +-- This module defines enterprise MIBs for URL filtering +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-URL-FILTER-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetUrlFilterMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the configuration info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311120000Z" -- November 12, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No Comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 4 } + +nsSetURLFilter OBJECT IDENTIFIER ::= { netscreenSetting 4 } + +nsSetUrlFilterViaWebsense OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable URL Filtering via Websense Server." + ::= { nsSetURLFilter 1 } + +nsSetUrlServerName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Websense Server Name." + ::= { nsSetURLFilter 2 } + +nsSetUrlServerPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Websense Server Port." + ::= { nsSetURLFilter 3 } + +nsSetUrlCommTimeout OBJECT-TYPE + SYNTAX INTEGER (0..240) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Communication timeout threshold of url filtering." + ::= { nsSetURLFilter 4 } + +nsSetUrlServerStatus OBJECT-TYPE + SYNTAX INTEGER { + not-applicable(0), + running(1), + down(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Current server status." + ::= { nsSetURLFilter 5 } + +nsSetUrlSerLostHdlWay OBJECT-TYPE + SYNTAX INTEGER { + block-all(0), + permit-all(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If connectivity to the Websense server is lost, the way of + handling HTTP requests." + ::= { nsSetURLFilter 6 } + +nsSetUrlBlockMsgType OBJECT-TYPE + SYNTAX INTEGER { + websense(0), + netscreen(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "URL filter block message type." + ::= { nsSetURLFilter 7 } + +nsSetUrlNsBlockMsg OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..220)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "NetScreen device block message." + ::= { nsSetURLFilter 8 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SET-WEB-MIB b/MIBS/screenos/NETSCREEN-SET-WEB-MIB new file mode 100644 index 0000000..ddec597 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SET-WEB-MIB @@ -0,0 +1,150 @@ +-- This module defines enterprise MIBs for NS web setting +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SET-WEB-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenSetting, netscreenSettingMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenSetWebMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + NS web setting" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311120000Z" -- November 12, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No comment" + REVISION "200105270000Z" -- May 27, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenSettingMibModule 12 } + +NsSetWebUICfgEntry ::= SEQUENCE +{ + nsSetWebVsys Integer32, + nsSetWebIdleTimeout INTEGER, + nsSetWebTimeout Integer32, + nsSetWebPort Integer32, + nsSetWebSSLPort Integer32, + nsSetWebSSLCertificate DisplayString, + nsSetWebSSLCipher INTEGER +} + +nsSetWebUI OBJECT IDENTIFIER ::= { netscreenSetting 12 } + +nsSetWebUICfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsSetWebUICfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen devices provide WebUI for easy administration. This + table collects admin settings relating to WebUI." + ::= { nsSetWebUI 1 } + +nsSetWebUICfgEntry OBJECT-TYPE + SYNTAX NsSetWebUICfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing WebUI admin configuration." + INDEX + { nsSetWebVsys } + ::= { nsSetWebUICfgTable 1 } + +nsSetWebVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system name the configuration belongs to. Also used as + table index." + ::= { nsSetWebUICfgEntry 1 } + +nsSetWebIdleTimeout OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Web Management Idle Timeout" + ::= { nsSetWebUICfgEntry 2 } + +nsSetWebTimeout OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Web Management Idle Timeout Setting" + ::= { nsSetWebUICfgEntry 3 } + +nsSetWebPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Web Management Http port number setting." + ::= { nsSetWebUICfgEntry 4 } + +nsSetWebSSLPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Web Management http ssl port number setting." + ::= { nsSetWebUICfgEntry 5 } + +nsSetWebSSLCertificate OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SSL certificate web management." + ::= { nsSetWebUICfgEntry 6 } + +nsSetWebSSLCipher OBJECT-TYPE + SYNTAX INTEGER { + rc4-md5(0), + rc4-40-md5(1), + des-sha(2), + triple-des-sha(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Web Management via SSL cipher algorithm" + ::= { nsSetWebUICfgEntry 7 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-SMI b/MIBS/screenos/NETSCREEN-SMI new file mode 100644 index 0000000..7b17d9a --- /dev/null +++ b/MIBS/screenos/NETSCREEN-SMI @@ -0,0 +1,97 @@ +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-SMI DEFINITIONS ::= BEGIN + +IMPORTS + MODULE-IDENTITY, enterprises + FROM SNMPv2-SMI + ; + +-- netscreenSmiMibModule MODULE-IDENTITY + + netscreen MODULE-IDENTITY + LAST-UPDATED "200408310000Z" -- Aug 31, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "Modified SMI Mib Module" + REVISION "200408310000Z" -- Aug 31, 2004 + DESCRIPTION + "SMI Mib" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No comment" + REVISION "200008020000Z" -- August 02, 2000 + DESCRIPTION + "Creation Date" +-- ::= { netscreen 50 } + ::= { enterprises 3224 } + +-- netscreen OBJECT IDENTIFIER ::= { enterprises 3224 } + +netscreenTrap OBJECT IDENTIFIER ::= { netscreen 0 } + +netscreenProducts OBJECT IDENTIFIER ::= { netscreen 1 } + +netscreenTrapInfo OBJECT IDENTIFIER ::= { netscreen 2 } + +netscreenIDS OBJECT IDENTIFIER ::= { netscreen 3 } + +netscreenVpn OBJECT IDENTIFIER ::= { netscreen 4 } + +netscreenQos OBJECT IDENTIFIER ::= { netscreen 5 } + +netscreenNsrp OBJECT IDENTIFIER ::= { netscreen 6 } + +netscreenSetting OBJECT IDENTIFIER ::= { netscreen 7 } + +netscreenZone OBJECT IDENTIFIER ::= { netscreen 8 } + +netscreenInterface OBJECT IDENTIFIER ::= { netscreen 9 } + +netscreenPolicy OBJECT IDENTIFIER ::= { netscreen 10 } + +netscreenNAT OBJECT IDENTIFIER ::= { netscreen 11 } + +netscreenAddr OBJECT IDENTIFIER ::= { netscreen 12 } + +netscreenService OBJECT IDENTIFIER ::= { netscreen 13 } + +netscreenSchedule OBJECT IDENTIFIER ::= { netscreen 14 } + +netscreenVsys OBJECT IDENTIFIER ::= { netscreen 15 } + +netscreenResource OBJECT IDENTIFIER ::= { netscreen 16 } + +netscreenIp OBJECT IDENTIFIER ::= { netscreen 17 } + +netscreenVR OBJECT IDENTIFIER ::= { netscreen 18 } + +netscreenChassis OBJECT IDENTIFIER ::= { netscreen 21 } + +netscreenUAC OBJECT IDENTIFIER ::= { netscreen 22 } + +netscreenSettingMibModule OBJECT IDENTIFIER ::= { netscreenSetting 0 } + +netscreenVpnMibModule OBJECT IDENTIFIER ::= { netscreenVpn 0 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-TRAP-MIB b/MIBS/screenos/NETSCREEN-TRAP-MIB new file mode 100644 index 0000000..f649398 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-TRAP-MIB @@ -0,0 +1,548 @@ +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-TRAP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenTrap, netscreenTrapInfo + FROM NETSCREEN-SMI + MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenTrapMibModule MODULE-IDENTITY + LAST-UPDATED "200503032022Z" -- March 03, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "Added trap types 15, it is still in use" + REVISION "200803170000Z" -- Mar 17, 2008 + DESCRIPTION + "Added 5 new trap types - 800-804. Removed 1000." + REVISION "200510170000Z" -- Oct 17, 2005 + DESCRIPTION + "Added 4 new trap types - ipv6 ip conflicts(101), dip util raise(102) and clear(103), + ids-icmp-ping-id-zero(441)." + REVISION "200503030000Z" -- March 03, 2005 + DESCRIPTION + "Trap MIB" + REVISION "200409100000Z" -- Sep 10, 2004 + DESCRIPTION + "Removed nsTrapType 3, 15,18,19 and 1000" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200401230000Z" -- January 23, 2004 + DESCRIPTION + "Add new traps (430~434)" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "Add global-report manager specific trap" + REVISION "200008020000Z" -- August 02, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenTrapInfo 0 } + +netscreenTrapHw NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that some kind of hardware problem has + occured." + ::= { netscreenTrap 100 } + +netscreenTrapFw NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that some kind of firewall functions has + been triggered." + ::= { netscreenTrap 200 } + +netscreenTrapSw NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that some kind of software problem has + occured." + ::= { netscreenTrap 300 } + +netscreenTrapTrf NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that some kind of traffic conditions has + been triggered." + ::= { netscreenTrap 400 } + +netscreenTrapVpn NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that VPN tunnel status has occured." + ::= { netscreenTrap 500 } + +netscreenTrapNsrp NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that NSRP status has occured." + ::= { netscreenTrap 600 } + +netscreenTrapGPRO NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that some kind of Global PRO problems has + occurred." + ::= { netscreenTrap 700 } + +netscreenTrapDrp NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that Drp status has occured." + ::= { netscreenTrap 800 } + +netscreenTrapIFFailover NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that interface fail over status has + occured." + ::= { netscreenTrap 900 } + +netscreenTrapIDPAttack NOTIFICATION-TYPE + OBJECTS + { netscreenTrapType, netscreenTrapDesc } + STATUS current + DESCRIPTION + "This trap indicates that IDP attack status has occured." + ::= { netscreenTrap 1000 } + +netscreenTrapType OBJECT-TYPE + SYNTAX INTEGER { + + -- Traffic per-second threshold + traffic-sec(1), + -- Traffic per-minute threshold + traffic-min(2), + -- Multiple user auth fail alarm type + multi-auth-fail(3), + -- Winnuke pak + winnuke(4), + -- Syn attack + syn-attack(5), + -- tear-drop attack + tear-drop(6), + -- Ping of Death attack + ping-death(7), + -- IP spoofing attack + ip-spoofing(8), + -- IP source routing attack + ip-src-route(9), + -- land attack + land(10), + -- ICMP flooding attack + icmp-flood(11), + -- UDP flooding attack + udp-flood(12), + -- Illegal server IP to connect to CMS port + illegal-cms-svr(13), + -- URL blocking server connection alarm + url-block-srv(14), + -- high availability + high-availability(15), + -- Port Scan attack + port-scan(16), + -- address sweep attack + addr-sweep(17), + -- deny by policy attack + deny-policy(18), + -- device is dead + device-dead(19) + -- memory low + low-memory(20), + -- DNS server unreachable + dns-srv-down(21), + -- Fan, Power Supply failure + generic-HW-fail(22), + -- Load balance server unreachable + lb-srv-down(23), + -- log buffer overflow + log-full(24), + -- X509 related + x509(25), + -- VPN and IKE related + vpn-ike(26), + -- admin realted + admin(27), + -- Illegal src ip to connect to sme port + sme(28), + -- DHCP related + dhcp(29), + -- CPU usage is high + cpu-usage-high(30), + -- Interface IP conflict + ip-conflict(31), + -- Microsoft IIS server vulnerability + attact-malicious-url(32), + -- session threshold is exceeded + session-threshold(33), + -- SSH related alarms + ssh-alarm(34), + -- Audit storage related alarms + audit-storage(35), + -- memory normal + memory-normal(36), + -- cpu usage normal + cpu-usage-normal(37) + -- driver's rx bd shortage + rxbd-low-alarm(39), + -- VPN tunnel from down to up + vpn-tunnel-up(40), + -- VPN tunnel from up to down + vpn-tunnel-down(41), + -- VPN replay detected + vpn-replay-attack(42), + -- VPN tunnel removed + vpn-l2tp-tunnel-remove(43), + -- VPN tunnel removed and error detected + vpn-l2tp-tunnel-remove-err(44), + -- VPN call removed + vpn-l2tp-call-remove(45), + -- VPN call removed and error detected + vpn-l2tp-call-remove-err(46), + -- Number of IAS exceeds configured maximum + vpn-ias-too-many(47), + -- Number of IAS crossed configured upper threshold + vpn-ias-over-threshold(48), + -- Number of IAS crossed configured lower threshold + vpn-ias-under-threshold(49), + -- IKE error occured for the IAS session + vpn-ias-ike-error(50), + -- allocated session exceed threshold + allocated-session-threshold(51), + -- av-csp related alarm + av-csp-alarm(52), + -- av related alarm + av-alarm(53), + -- apppry related alarm + apppry-alarm(54), + -- NSRP rto self unit status change from up to down + nsrp-rto-up(60), + -- NSRP rto self unit status change from down to up + nsrp-rto-down(61), + -- NSRP track ip successed + nsrp-trackip-success(62), + -- NSRP track ip failed + nsrp-trackip-failed(63), + -- NSRP track ip fail over + nsrp-trackip-failover(64), + -- NSRP inconsistent configuration between master and backup + nsrp-inconsistent-configuration(65), + -- track ip status related alarm + trackip-status(66), + -- NSRP vsd group status change to elect + nsrp-vsd-init(70), + -- NSRP vsd group status change to master + nsrp-vsd-master(71), + -- NSRP vsd group status change to primary backup + nsrp-vsd-pbackup(72), + -- NSRP vsd group status change to backup + nsrp-vsd-backup(73), + -- NSRP vsd group status change to ineligible + nsrp-vsd-ineligible(74), + -- NSRP VSD group status change to inoperable + nsrp-vsd-inoperable(75), + -- NSRP VSD request heartbeat from 2nd HA path + nsrp-vsd-req-hearbeat-2nd(76), + -- NSRP VSD reply to 2nd path request + nsrp-vsd-reply-2nd(77), + -- NSRP duplicated RTO group found + nsrp-rto-duplicated(78), + -- NSRP duplicated VSD group master + ip-dup-master(79), + -- MEM cannot find usable memory for current pool + di-heap-create-fail(80), + -- MEM cannot find usable in any pool + mem-alloc-fail(81), + -- VRRP status related alarm + vrrp-status-alarm(82), + -- SCCP related alarm + sccp-alarm(83), + -- MGCP related alarm + mgcp-reinit(84), + -- MLFR related alarm + mlfr-alarm(85), + -- FR related alarm + fr-alarm(86), + -- CISCO HDLC related alarm + cisco-hdlc-alarm(87), + -- PPPOW related alarm + pppow-alarm(88), + -- H323 related alarm + h323-alarm(89), + -- ISDN related alarm + isdn-alarm(90), + -- interface backup + interface-backup(91), + -- Card function is abnormal + wan-card-function(92), + -- A USB key is plug/unplug from USB port + usb-device-operation(93), + -- interface failure + interface-failure(94), + -- No ppp IP pool configured + ppp-no-ip-cfg(95), + -- IP pool exhausted. No ip to assign + ppp-no-ip-in-pool(96), + -- Any change to interface IP address can use the type + ip-addr-event(101), + -- DIP utilization reaches raised threshold limit + dip-util-raise(102), + -- DIP utilization reaches clear threshold limit + dip-util-clear(103), + -- DOT1X related alarm + dot1x-alarm(105), + -- VPN IAS radius error + vpn-ias-radius-error(110), + -- VPN IKEID enum attack + vpn-ikeid-enum-attack(111), + -- VPN soft limit reached + vpn-softlimit-reached(112), + -- VPN IKE dos attack + vpn-ikedos-attack(113), + -- VPN acvpn profile error + vpn-acvpn-profile-error(114), + -- exceed maximum routing entry allowed for the system + route-sys-entry-ex(200), + -- exceed maximum routing entry allowed for a vr + route-vr-entry-ex(201), + -- exceed the hello packet threshold per hello interval + route-ospf-hello-flood(202), + -- exceed the lsa packet threshold per lsa threshold + route-ospf-lsa-flood(203), + -- exceed the update4 packet threshold per update time in rip + route-rip-update-flood(204), + -- Errors in route module (exceed limit, malloc failure, add-perfix failure etc) + route-alarm(205), + -- LSA/Hello packets flood in OSPF, route redistribution exceed limit, + ospf-flood(206), + -- Update packet floods in RIP + rip-flood(207), + -- Peer forms adjacency completely + bgp-established(208), + -- Peer's adjacency is torn down, goes to Idle state + bgp-backwardtransition(209), + -- change in virtual link's state (down, point-to-point etc) + ospf-virtifstatechange(210), + -- change in neighbor's state on regular interface (down, 2way, full etc) + ospf-nbrstatechange(211), + -- change in neighbor's state on virtual link (down, full etc) + ospf-virtnbrstatechange(212), + -- authentication mismatch/area mismatch etc on regular interface + ospf-ifconfigerror(213), + -- authentication mismatch/area mismatch etc on virtual link + ospf-virtifconfigerror(214), + -- Authentication eror on regular interface + ospf-ifauthfailure(215), + -- Authentication eror on virtual link + ospf-virtifauthfailure(216), + -- lsa received with invalid lsa-type on regular interface + ospf-ifrxbadpacket(217), + -- lsa received with invalid lsa-type on virtual link + ospf-virtifrxbadpacket(218), + -- retransmission to neighbor on regular interface + ospf-txretransmit(219), + -- retransmission to neighbor on virtual link + ospf-virtiftxretransmit(220), + -- new LSA generated by local router + ospf-originatelsa(221), + -- LSA aged out + ospf-maxagelsa(222), + -- when total LSAs in database exceed predefined limit + ospf-lsdboverflow(223), + -- when total LSAs in database approach predefined limit + ospf-lsdbapproachingoverflow(224), + -- change in regular interface state (up/down, dr/bdr etc) + ospf-ifstatechange(225), + -- BGP related alarm + bgp-alarm(226), + -- packet floods in RIPng + ripng-flood(227), + -- exceed the update4 packet threshold per update time in ripng + route-ripng-update-flood(228), + -- PBR related alarm + pbr-alarm(229), + -- NHRP related alarm + nhrp-alarm(230), + -- OSPFV3 related alarm + ospfv3-alarm(231), + -- block java/active-x component + ids-component(400), + -- icmp flood attack + ids-icmp-flood(401), + -- udp flood attack + ids-udp-flood(402), + -- winnuke attack + ids-winnuke(403), + -- port scan attack + ids-port-scan(404), + -- address sweep attack + ids-addr-sweep(405), + -- tear drop attack + ids-tear-drop(406), + -- syn flood attack + ids-syn(407), + -- ip spoofing attack + ids-ip-spoofing(408), + -- ping of death attack + ids-ping-death(409), + -- filter ip packet with source route option + ids-ip-source-route(410), + -- land attack + ids-land(411), + -- screen syn fragment attack + syn-frag-attack(412), + -- screen tcp packet without flag attack + tcp-without-flag(413), + -- screen unknown ip packet + unknow-ip-packet(414), + -- screen bad ip option + bad-ip-option(415), + -- screen ip option record + ip-option-record(416), + -- screen ip option timestamp + ip-option-timestamp(417), + -- screen ip option scht + ip-option-scht(418), + -- screen ip option lsr + ip-option-lsr(419), + -- screen ip option ssr + ip-option-ssr(420), + -- screen ip option stream + ip-option-stream(421), + -- screen icmp fragment packet + icmp-fragment(422), + -- screen too large icmp packet + too-large-icmp(423), + -- screen tcp flag syn-fin set + tcp-syn-fin(424), + -- screen tcp fin without ack + tcp-fin-no-ack(425), + -- screen mal url + tcp-mal-url(426), + -- screen sess mal num + tcp-sess-mal-num(427), + -- avoid replying to syns after excessive 3 way TCP handshakes from + -- same src ip but not proceeding with user auth. (not replying to + -- username/password).. + ids-tcp-syn-ack-ack(428), + -- ip fragment + ids-ip-block-frag(429), + -- Dst IP-based session limiting + dst-ip-session-limit(430), + -- HTTP component blocking for .zip files + ids-block-zip(431), + -- HTTP component blocking for Java applets + ids-block-jar(432), + -- HTTP component blocking for .exe files + ids-block-exe(433), + -- HTTP component blocking for ActiveX controls + ids-block-activex(434), + -- screenos tcp syn mac + tcp-syn-mac(435), + -- screenos nac attack + ids-nac-attack(436), + -- icmp ping id 0 + ids-icmp-ping-id-zero(441), + -- tcp sweep + tcp-sweep(442), + -- udp sweep + udp-sweep(443), + -- AV Scan Manager Alarm, sofeware trap + av-scan-mgr(554), + -- starting value for multicast alarm + mcast-base(600), + -- mcore related alarm + mcore-alarm(601), + -- spim related alarm + spim-alarm(602), + -- starting value for Security Module alarm + sm-base(700), + -- Security Module down detected + sm-down(701), + -- Security Module packet droped detected + sm-packet-drop(702), + -- Security Module memory, CPU and session detected + sm-overload(703), + -- Security Module CPU unresponsive detected + sm-cpu-unresponsive(704), + -- Security Module Engine unresponisve + sm-cpu-unresponsive(705), + -- Secruity Module Policy Abnormal + sm-policy-abnormal(706), + -- switch alarm + switch(751), + -- sfp alarm + sfp(752), + --Shared to fair transition forced + cpu-limit-s2f-forced(800), + --Shared to fair transition auto + cpu-limit-s2f-auto(801), + --Fair to shared transition forced + cpu-limit-f2s-forced(802), + --Fair to shared transition because of timeout + cpu-limit-f2s-timeout(803), + --Fair to shared transition auto + cpu-limit-f2s-auto(804), + --Flow potential violation + sec-potential-voilation(805), + --Flow session cache alarm + flow-sess-cache(806), + --vsys session limit alarm + vsys-session-limit(850) + } + MAX-ACCESS accessible-for-notify + STATUS current + DESCRIPTION + "The integer value of the raised alarm type. Note that the type + should be interpreted within a specific trap" + ::= { netscreenTrapInfo 1 } + +netscreenTrapDesc OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..255)) + MAX-ACCESS accessible-for-notify + STATUS current + DESCRIPTION + "The textual description of the alarm" + ::= { netscreenTrapInfo 3 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-UAC-MIB b/MIBS/screenos/NETSCREEN-UAC-MIB new file mode 100644 index 0000000..e7de1fd --- /dev/null +++ b/MIBS/screenos/NETSCREEN-UAC-MIB @@ -0,0 +1,124 @@ +-- This module defines enterprise MIBs for UACs +-- +-- Copyright (c) 1999-2010, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-UAC-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenUAC + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenUACMibModule MODULE-IDENTITY + LAST-UPDATED "201004140000Z" -- Apr 14, 2010 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + UAC" + REVISION "201004140000Z" -- Apr 14, 2010 + DESCRIPTION + "Creation Date" + ::= { netscreenUAC 0 } + + +nsUACActiveUsers OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Active users on this box, base on auth entry from UAC controler" + ::= { netscreenUAC 1 } + + +NsUACControlerStatusEntry ::= SEQUENCE +{ + nsUACControlerId Integer32, + nsUACControlerName DisplayString, + nsUACControlerHost DisplayString, + nsUACConnectionStatus Integer32 +} + +nsUACControlerStatusTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsUACControlerStatusEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen UAC controler status table" + ::= { netscreenUAC 2} + +nsUACControlerStatusEntry OBJECT-TYPE + SYNTAX NsUACControlerStatusEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the table holds a set of configuration + parameters associated with an instance of secure UAC." + INDEX + { nsUACControlerID} + ::= { nsUACControlerStatusTable 1 } + +nsUACControlerId OBJECT-TYPE + SYNTAX Integer32 (1..8) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for UAC table. Its value ranges between 1 and + 65535 and may not be contiguous. the index has no other + meaning but a pure index" + ::= { nsUACControlerStatusEntry 1 } + +nsUACControlerName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure UAC name." + ::= { nsUACControlerStatusEntry 2 } + + +nsUACControlerHost OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure UAC name." + ::= { nsUACControlerStatusEntry 3 } + +nsUACConnectionStatus OBJECT-TYPE + SYNTAX Integer32 { + disconnected(0), + connected(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "UAC controler status table" + ::= { nsUACControlerStatusEntry 4 } + +nsUACGlobalStatus OBJECT-TYPE + SYNTAX Integer32 { + disconnected(0), + connected(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "To indicate whether there is at least one heathy IC-IE connection" + ::= { netscreenUAC 3 } +END diff --git a/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB b/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB new file mode 100644 index 0000000..96096bb --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB @@ -0,0 +1,240 @@ +-- This module defines enterprise MIBs for Gateway VPN +-- configuration +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-GATEWAY-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnGatewayMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for Gateway VPN + configuration" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation date" + ::= { netscreenVpnMibModule 4 } + +NsVpnGwEntry ::= SEQUENCE +{ + nsVpnGwIndex Integer32, + nsVpnGwName DisplayString, + nsVpnGwRemoteType INTEGER, + nsVpnGwRemoteStaticIp IpAddress, + nsVpnGwRemotePeerId DisplayString, + nsVpnGwDialup DisplayString, + nsVpnGwInitMode INTEGER, + nsVpnGwPhOnePropOne DisplayString, + nsVpnGwPhOnePropTwo DisplayString, + nsVpnGwPhOnePropThree DisplayString, + nsVpnGwPhOnePropFour DisplayString, + nsVpnGwCertLocal DisplayString, + nsVpnGwPeerCa DisplayString, + nsVpnGwPeerType INTEGER, + nsVpnGwVsys Integer32 +} + +nsVpnGateway OBJECT IDENTIFIER ::= { netscreenVpn 4 } + +nsVpnGwTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnGwEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Remote tunnel gateway table collects tunnel gateway + configurations." + ::= { nsVpnGateway 1 } + +nsVpnGwEntry OBJECT-TYPE + SYNTAX NsVpnGwEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnGwTable holds a set of configuration + parameters associated with an instance of tunnel gateway." + INDEX + { nsVpnGwIndex } + ::= { nsVpnGwTable 1 } + +nsVpnGwIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for ike gateway table. Its value ranges + between 0 and 65535 and may not be contiguous." + ::= { nsVpnGwEntry 1 } + +nsVpnGwName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Tunnel gateway name." + ::= { nsVpnGwEntry 2 } + +nsVpnGwRemoteType OBJECT-TYPE + SYNTAX INTEGER { + static-ip(0), + dynamic-ip(1), + dialup-user(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote tunnel gateway type.It shows whether the gateway use + static ip, dynamic ip or dialup user." + ::= { nsVpnGwEntry 3 } + +nsVpnGwRemoteStaticIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ip address of static-ip gateway." + ::= { nsVpnGwEntry 4 } + +nsVpnGwRemotePeerId OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote gateway peer id, which can be used for static-ip and + dynamic ip gateway. This is optional for the static-ip + gateway." + ::= { nsVpnGwEntry 5 } + +nsVpnGwDialup OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote gateway dialup user or group" + ::= { nsVpnGwEntry 6 } + +nsVpnGwInitMode OBJECT-TYPE + SYNTAX INTEGER { + main(0), + aggressive(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 1 can take place in either Main mode or Aggressive + mode." + ::= { nsVpnGwEntry 7 } + +nsVpnGwPhOnePropOne OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 1 Proposal one." + ::= { nsVpnGwEntry 8 } + +nsVpnGwPhOnePropTwo OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 1 Proposal two." + ::= { nsVpnGwEntry 9 } + +nsVpnGwPhOnePropThree OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 1 Proposal three." + ::= { nsVpnGwEntry 10 } + +nsVpnGwPhOnePropFour OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 1 Proposal four." + ::= { nsVpnGwEntry 11 } + +nsVpnGwCertLocal OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Local Certificate configuration for preferred + certification.(optional)" + ::= { nsVpnGwEntry 12 } + +nsVpnGwPeerCa OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Preferred Peer CA(optional)" + ::= { nsVpnGwEntry 13 } + +nsVpnGwPeerType OBJECT-TYPE + SYNTAX INTEGER { + none(0), + pkcs7(1), + pgp(2), + dns(3), + x509-sig(4), + x509-ke(5), + keerberos(6), + crl(7), + arl(8), + spki(9), + x509-att(10) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Peer Type(optional)" + ::= { nsVpnGwEntry 14 } + +nsVpnGwVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this gateway configuration belongs to." + ::= { nsVpnGwEntry 15 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-IKE-MIB b/MIBS/screenos/NETSCREEN-VPN-IKE-MIB new file mode 100644 index 0000000..fb8851a --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-IKE-MIB @@ -0,0 +1,190 @@ +-- This module defines enterprise MIBs for VPN IKE info +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-IKE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnIkeMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor + VPN IKE info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "No comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 3 } + +NsVpnIkeEntry ::= SEQUENCE +{ + nsVpnIkeIndex Integer32, + nsVpnIkeName DisplayString, + nsVpnIkeReplayProc INTEGER, + nsVpnIkeGWTun DisplayString, + nsVpnIkePh2ProOne DisplayString, + nsVpnIkePh2ProTwo DisplayString, + nsVpnIkePh2ProThree DisplayString, + nsVpnIkePh2ProFour DisplayString, + nsVpnIkeMonitorEnable INTEGER, + nsVpnIkeTransMode INTEGER, + nsVpnIkeVsys Integer32 +} + +nsVpnIke OBJECT IDENTIFIER ::= { netscreenVpn 3 } + +nsVpnIkeTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnIkeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "IPSec supports the automated generation and negotiation of + keys and security associations using the Internet Key + Exchange(IKE) protocol. This table collects the IKE + configuration in NetScreen device." + ::= { nsVpnIke 1 } + +nsVpnIkeEntry OBJECT-TYPE + SYNTAX NsVpnIkeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnIkeTable holds a set of configuration + parameters associated with an IKE." + INDEX + { nsVpnIkeIndex } + ::= { nsVpnIkeTable 1 } + +nsVpnIkeIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for ike table. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsVpnIkeEntry 1 } + +nsVpnIkeName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each IKE configuration can have a readable name." + ::= { nsVpnIkeEntry 2 } + +nsVpnIkeReplayProc OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable Replay Protection" + ::= { nsVpnIkeEntry 3 } + +nsVpnIkeGWTun OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote Gateway Tunnel Name" + ::= { nsVpnIkeEntry 4 } + +nsVpnIkePh2ProOne OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 2 Proposal one" + ::= { nsVpnIkeEntry 5 } + +nsVpnIkePh2ProTwo OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 2 Proposal two" + ::= { nsVpnIkeEntry 6 } + +nsVpnIkePh2ProThree OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 2 Proposal three" + ::= { nsVpnIkeEntry 7 } + +nsVpnIkePh2ProFour OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase 2 Proposal four" + ::= { nsVpnIkeEntry 8 } + +nsVpnIkeMonitorEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable to monitor VPN tunnel's link status." + ::= { nsVpnIkeEntry 9 } + +nsVpnIkeTransMode OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Transport Mode Enable (For L2TP-over-IPSec only)" + ::= { nsVpnIkeEntry 10 } + +nsVpnIkeVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys the configuration belongs to." + ::= { nsVpnIkeEntry 11 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB b/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB new file mode 100644 index 0000000..5ffbb9d --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB @@ -0,0 +1,494 @@ +-- This module defines enterprise MIBs for L2tp configuration. +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-L2TP-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnL2tpMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for L2tp + configuration." + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200008270000Z" -- August 27, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 8 } + +NsVpnL2tpDefEntry ::= SEQUENCE +{ + nsVpnL2tpDefVsys Integer32, + nsVpnL2tpDefPool DisplayString, + nsVpnL2tpDefAuthDb INTEGER, + nsVpnL2tpDefPPPAuth INTEGER, + nsVpnL2tpDefRadServer DisplayString, + nsVpnL2tpDefPriDns IpAddress, + nsVpnL2tpDefSecDns IpAddress, + nsVpnL2tpDefPriWins IpAddress, + nsVpnL2tpDefSecWins IpAddress +} + +NsVpnL2tpTunnelEntry ::= SEQUENCE +{ + nsVpnL2tpTunIndex Integer32, + nsVpnL2tpTunId Integer32, + nsVpnL2tpTunName DisplayString, + nsVpnL2tpTunUsrOrGroup DisplayString, + nsVpnL2tpTunPeerIp IpAddress, + nsVpnL2tpTunHost DisplayString, + nsVpnL2tpTunKeepAlive Integer32, + nsVpnL2tpTunVsys Integer32 +} + +nsVpnL2TP OBJECT IDENTIFIER ::= { netscreenVpn 8 } + +nsVpnL2tpDefTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnL2tpDefEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the configuration attributes for + NetScreen L2TP tunnel." + ::= { nsVpnL2TP 1 } + +nsVpnL2tpDefEntry OBJECT-TYPE + SYNTAX NsVpnL2tpDefEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnL2tpDefEntry holds a set of + configuration parameters associated with an instance of L2TP + configuration." + INDEX + { nsVpnL2tpDefVsys } + ::= { nsVpnL2tpDefTable 1 } + +nsVpnL2tpDefVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "virtual system id" + ::= { nsVpnL2tpDefEntry 1 } + +nsVpnL2tpDefPool OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP pool used by the default L2TP setting." + ::= { nsVpnL2tpDefEntry 2 } + +nsVpnL2tpDefAuthDb OBJECT-TYPE + SYNTAX INTEGER { + local(0), + radius(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "l2tp authentication database." + ::= { nsVpnL2tpDefEntry 3 } + +nsVpnL2tpDefPPPAuth OBJECT-TYPE + SYNTAX INTEGER { + pap(1), + chap(2), + any(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "l2tp PPP authentication algorithm." + ::= { nsVpnL2tpDefEntry 4 } + +nsVpnL2tpDefRadServer OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "l2tp RADIUS Server's IP address or name." + ::= { nsVpnL2tpDefEntry 5 } + +nsVpnL2tpDefPriDns OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DNS Primary Server's IP address." + ::= { nsVpnL2tpDefEntry 6 } + +nsVpnL2tpDefSecDns OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DNS Secondary Server's IP address." + ::= { nsVpnL2tpDefEntry 7 } + +nsVpnL2tpDefPriWins OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "WINS Primary Server's IP address." + ::= { nsVpnL2tpDefEntry 8 } + +nsVpnL2tpDefSecWins OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "WINS Secondary Server's IP address." + ::= { nsVpnL2tpDefEntry 9 } + +nsVpnL2tpTunnelTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnL2tpTunnelEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the configuration attributes for + NetScreen L2TP tunnel." + ::= { nsVpnL2TP 2 } + +nsVpnL2tpTunnelEntry OBJECT-TYPE + SYNTAX NsVpnL2tpTunnelEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnL2tpTunnelTable holds a set of + configuration parameters associated with an instance of L2TP + tunnel." + INDEX + { nsVpnL2tpTunIndex } + ::= { nsVpnL2tpTunnelTable 1 } + +nsVpnL2tpTunIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for l2tp tunnel table. Its value ranges + between 0 and 65535 and may not be contigous." + ::= { nsVpnL2tpTunnelEntry 1 } + +nsVpnL2tpTunId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "l2tp tunnel id." + ::= { nsVpnL2tpTunnelEntry 2 } + +nsVpnL2tpTunName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "l2tp tunnel name." + ::= { nsVpnL2tpTunnelEntry 3 } + +nsVpnL2tpTunUsrOrGroup OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Dialup user or group using this l2tp tunnel." + ::= { nsVpnL2tpTunnelEntry 4 } + +nsVpnL2tpTunPeerIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel peer's IP address." + ::= { nsVpnL2tpTunnelEntry 5 } + +nsVpnL2tpTunHost OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel's host name." + ::= { nsVpnL2tpTunnelEntry 6 } + +nsVpnL2tpTunKeepAlive OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Keep alive time threshold for a l2tp tunnel." + ::= { nsVpnL2tpTunnelEntry 7 } + +nsVpnL2tpTunVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this tunnel belongs to" + ::= { nsVpnL2tpTunnelEntry 8 } + + -- VPN L2tp Monitoring Tunnel Table + +nsVpnL2tpMonTunnelTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnL2tpMonTunnelEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the monitoring attributes for NetScreen + L2TP tunnel." + ::= { nsVpnL2TP 3 } + +nsVpnL2tpMonTunnelEntry OBJECT-TYPE + SYNTAX NsVpnL2tpMonTunnelEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnL2tpMonTunnelTable holds a set of monitoring + parameters associated with an instance of L2TP tunnel." + INDEX + { nsVpnL2tpMonTunId } + ::= { nsVpnL2tpMonTunnelTable 1 } + +NsVpnL2tpMonTunnelEntry ::= SEQUENCE +{ + nsVpnL2tpMonTunId Integer32, + nsVpnL2tpMonTunPeerId Integer32, + nsVpnL2tpMonTunName DisplayString, + nsVpnL2tpMonTunPeerIp IpAddress, + nsVpnL2tpMonTunPort Integer32, + nsVpnL2tpMonTunPeerHost DisplayString, + nsVpnL2tpMonTunCalls Integer32, + nsVpnL2tpMonTunState INTEGER, + nsVpnL2tpMonTunVsys Integer32 +} + +nsVpnL2tpMonTunId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel id. Its value ranges between 1 and 65535 and may + not be contigous." + ::= { nsVpnL2tpMonTunnelEntry 1 } + +nsVpnL2tpMonTunPeerId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel peer id." + ::= { nsVpnL2tpMonTunnelEntry 2 } + +nsVpnL2tpMonTunName OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel name." + ::= { nsVpnL2tpMonTunnelEntry 3 } + +nsVpnL2tpMonTunPeerIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel peer's IP address." + ::= { nsVpnL2tpMonTunnelEntry 4 } + +nsVpnL2tpMonTunPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel port number." + ::= { nsVpnL2tpMonTunnelEntry 5 } + +nsVpnL2tpMonTunPeerHost OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel peer's host name." + ::= { nsVpnL2tpMonTunnelEntry 6 } + +nsVpnL2tpMonTunCalls OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total calls for this tunnel." + ::= { nsVpnL2tpMonTunnelEntry 7 } + +nsVpnL2tpMonTunState OBJECT-TYPE + SYNTAX INTEGER { + idle(1), + wait-reply(2), + wait-conn(3), + establish(4), + dead(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel state." + ::= { nsVpnL2tpMonTunnelEntry 8 } + +nsVpnL2tpMonTunVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this tunnel belongs to" + ::= { nsVpnL2tpMonTunnelEntry 9 } + + +-- VPN L2tp Monitoring Call Table + +nsVpnL2tpMonCallTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnL2tpMonCallEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the monitoring attributes for NetScreen + L2TP calls." + ::= { nsVpnL2TP 4 } + +nsVpnL2tpMonCallEntry OBJECT-TYPE + SYNTAX NsVpnL2tpMonCallEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnL2tpMonCallTable holds a set of monitoring + parameters associated with an instance of L2TP tunnel and call id." + INDEX + { nsVpnL2tpMonCallTunId, nsVpnL2tpMonCallId } + ::= { nsVpnL2tpMonCallTable 1 } + +NsVpnL2tpMonCallEntry ::= SEQUENCE +{ + nsVpnL2tpMonCallTunId Integer32, + nsVpnL2tpMonCallId Integer32, + nsVpnL2tpMonCallPeerId Integer32, + nsVpnL2tpMonCallIp IpAddress, + nsVpnL2tpMonCallUser DisplayString, + nsVpnL2tpMonCallType INTEGER, + nsVpnL2tpMonCallState INTEGER, + nsVpnL2tpMonCallEstTime TimeTicks, + nsVpnL2tpMonCallVsys Integer32 +} + +nsVpnL2tpMonCallTunId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp tunnel id. Its value ranges between 1 and 65535 and may not + be contigous." + ::= { nsVpnL2tpMonCallEntry 1 } + +nsVpnL2tpMonCallId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call id." + ::= { nsVpnL2tpMonCallEntry 2 } + +nsVpnL2tpMonCallPeerId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call peer id." + ::= { nsVpnL2tpMonCallEntry 3 } + +nsVpnL2tpMonCallIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call assigned IP address." + ::= { nsVpnL2tpMonCallEntry 4 } + +nsVpnL2tpMonCallUser OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call user name." + ::= { nsVpnL2tpMonCallEntry 5 } + +nsVpnL2tpMonCallType OBJECT-TYPE + SYNTAX INTEGER { + none(1), + incoming(2), + outgoing(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Call type." + ::= { nsVpnL2tpMonCallEntry 6 } + +nsVpnL2tpMonCallState OBJECT-TYPE + SYNTAX INTEGER { + idle(1), + wait-conn(2), + establish(3), + wait-tunnel(4), + wait-reply(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call state." + ::= { nsVpnL2tpMonCallEntry 7 } + +nsVpnL2tpMonCallEstTime OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2tp call establish time. This is the sysUptime when + the call was established" + ::= { nsVpnL2tpMonCallEntry 8 } + +nsVpnL2tpMonCallVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual system this tunnel belongs to" + ::= { nsVpnL2tpMonCallEntry 9 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB b/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB new file mode 100644 index 0000000..0392b30 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB @@ -0,0 +1,219 @@ +-- This module defines enterprise MIBs for VPN Manual Key +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-MANUAL-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnManualMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for VPN Manual + Key" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200205210000Z" -- May 21, 2002 + DESCRIPTION + "Zwang add sha-256 in nsVpnManualKeyEspAuthAlg" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 2 } + +NsVpnManualKeyEntry ::= SEQUENCE +{ + nsVpnManualKeyIndex Integer32, + nsVpnManualKeyTunName DisplayString, + nsVpnManualKeyGW IpAddress, + nsVpnManualKeySILocal Integer32, + nsVpnManualKeySIRemote Integer32, + nsVpnManualKeyTunnelType INTEGER, + nsVpnManualKeyEspEncAlg INTEGER, + nsVpnManualKeyEspAuthAlg INTEGER, + nsVpnManualKeyAhHash INTEGER, + nsVpnManualKeyMonitorEnable INTEGER, + nsVpnManualKeyTunToTrust INTEGER, + nsVpnManualKeyVsys Integer32 +} + +nsVpnManualKey OBJECT IDENTIFIER ::= { netscreenVpn 2 } + +nsVpnManualKeyTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnManualKeyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the configuration attributes for + NetScreen device's manual key setting." + ::= { nsVpnManualKey 1 } + +nsVpnManualKeyEntry OBJECT-TYPE + SYNTAX NsVpnManualKeyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnManualKeyTable holds a set of + configuration parameters associated with an instance of manual + key." + INDEX + { nsVpnManualKeyIndex } + ::= { nsVpnManualKeyTable 1 } + +nsVpnManualKeyIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for manual key table. Its value ranges between + 0 and 65535 and may not be contiguous." + ::= { nsVpnManualKeyEntry 1 } + +nsVpnManualKeyTunName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN tunnel name that uses this manual key configuration." + ::= { nsVpnManualKeyEntry 2 } + +nsVpnManualKeyGW OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN tunnel peer gateway IP address." + ::= { nsVpnManualKeyEntry 3 } + +nsVpnManualKeySILocal OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Local Security Index." + ::= { nsVpnManualKeyEntry 4 } + +nsVpnManualKeySIRemote OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote Security Index." + ::= { nsVpnManualKeyEntry 5 } + +nsVpnManualKeyTunnelType OBJECT-TYPE + SYNTAX INTEGER { + esp(0), + ah(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN tunnel type." + ::= { nsVpnManualKeyEntry 6 } + +nsVpnManualKeyEspEncAlg OBJECT-TYPE + SYNTAX INTEGER { + null(0), + des-cbc(1), + tripple-des-cbc(2), + aes-cbc(3), + aes-192(4), + aes-256(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ESP Encryption Algorithm when manual key vpn tunnel type is + ESP." + ::= { nsVpnManualKeyEntry 7 } + +nsVpnManualKeyEspAuthAlg OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2), + sha256(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ESP Authentication Algorithm when manual key vpn tunnel type + is ESP." + ::= { nsVpnManualKeyEntry 8 } + +nsVpnManualKeyAhHash OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "AH Hash Algorithm when manual key vpn tunnel type is AH." + ::= { nsVpnManualKeyEntry 9 } + +nsVpnManualKeyMonitorEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable monitor vpn tunnel's link status." + ::= { nsVpnManualKeyEntry 10 } + +nsVpnManualKeyTunToTrust OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Tunnel to Trusted Interface" + ::= { nsVpnManualKeyEntry 11 } + +nsVpnManualKeyVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this vpn manual key setting belongs to." + ::= { nsVpnManualKeyEntry 12 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-MON-MIB b/MIBS/screenos/NETSCREEN-VPN-MON-MIB new file mode 100644 index 0000000..ea6644c --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-MON-MIB @@ -0,0 +1,537 @@ +-- This module defines enterprise MIBs for VPN tunnel monitoring +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-MON-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE, + TimeTicks + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnMonMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor VPN + tunnels" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200008270000Z" -- August 27, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 1 } + +NsVpnMonEntry ::= SEQUENCE +{ + nsVpnMonIndex Integer32, + nsVpnMonInPlyId Integer32, + nsVpnMonOutPlyId Integer32, + nsVpnMonVpnName DisplayString, + nsVpnMonVsysName DisplayString, + nsVpnMonTunnelType INTEGER, + nsVpnMonEspEncAlg INTEGER, + nsVpnMonEspAuthAlg INTEGER, + nsVpnMonAhAlg INTEGER, + nsVpnMonKeyType INTEGER, + nsVpnMonP1Auth INTEGER, + nsVpnMonVpnType INTEGER, + nsVpnMonRmtGwIp IpAddress, + nsVpnMonRmtGwId DisplayString, + nsVpnMonMyGwIp IpAddress, + nsVpnMonMyGwId DisplayString, + nsVpnMonOutSpi Integer32, + nsVpnMonInSpi Integer32, + nsVpnMonMonState INTEGER, + nsVpnMonTunnelState INTEGER, + nsVpnMonP1State INTEGER, + nsVpnMonP1LifeTime Integer32, + nsVpnMonP2State INTEGER, + nsVpnMonP2LifeTime Integer32, + nsVpnMonP2LifeBytes Integer32, + nsVpnMonDelayAvg Integer32, + nsVpnMonDelayLast Integer32, + nsVpnMonAvail Integer32, + nsVpnMonSaId Integer32, + nsVpnMonGroupId Integer32, + nsVpnMonUsrId Integer32, + nsVpnMonStartSessRequestTime TimeTicks, + nsVpnMonStartSessEstTime TimeTicks, + nsVpnMonEndSessTime TimeTicks, + nsVpnMonBytesIn Counter32, + nsVpnMonBytesOut Counter32, + nsVpnMonPacketsIn Counter32, + nsVpnMonPacketsOut Counter32, + nsVpnMonIfIndex Integer32, + nsVpnMonUpdateTime TimeTicks, + nsVpnMonDN DisplayString, + nsVpnMonIfInfo Integer32 +} + +netscreenVpnMon OBJECT IDENTIFIER ::= { netscreenVpn 1 } + +nsVpnMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of active VPN tunnel entries." + ::= { netscreenVpnMon 1 } + +nsVpnMonEntry OBJECT-TYPE + SYNTAX NsVpnMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A VPN tunnel entry containing attributes for both IKE Phase 1 + and Phase 2 as well as associated policy" + INDEX + { nsVpnMonIndex } + ::= { nsVpnMonTable 1 } + +nsVpnMonIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for each active VPN tunnel. Its value ranges + between 1 and 65535 and may not be contiguous. Due to the + dynamic nature of active VPN tunnels, the index has no other + meaning but a pure index" + ::= { nsVpnMonEntry 1 } + +nsVpnMonInPlyId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The incoming policy ID for which this tunnel is created for. + -1 means no policy associates with this SA." + ::= { nsVpnMonEntry 2 } + +nsVpnMonOutPlyId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The outgoing policy ID for which this tunnel is created for. + -1 means no policy associates with this SA." + ::= { nsVpnMonEntry 3 } + +nsVpnMonVpnName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A textual string contains information about the VPN entity + from which this tunnel was derived." + ::= { nsVpnMonEntry 4 } + +nsVpnMonVsysName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A textual string contains the Virtual system to which this + tunnel belongs." + ::= { nsVpnMonEntry 5 } + +nsVpnMonTunnelType OBJECT-TYPE + SYNTAX INTEGER { + reserved(0), + proto-isakmp(1), + proto-ipsec-ah(2), + proto-ipsec-esp(3), + proto-ipcomp(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Protocol type used for the tunnel" + ::= { nsVpnMonEntry 6 } + +nsVpnMonEspEncAlg OBJECT-TYPE + SYNTAX INTEGER { + reserved(0), + esp-des-iv64(1), + esp-des(2), + esp-3des(3), + esp-rc5(4), + esp-idea(5), + esp-cast(6), + esp-blowfish(7), + esp-3idea(8), + esp-des-iv32(9), + esp-rc4(10), + esp-null(11), + esp-aes(12), + esp-aes192(20), + esp-aes256(21) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "a value which identifies a particular algorithm to be used to + provide secrecy protection for ESP." + ::= { nsVpnMonEntry 7 } + +nsVpnMonEspAuthAlg OBJECT-TYPE + SYNTAX INTEGER { + reserved(0), + hmac-md5(1), + hmac-sha(2), + des-mac(3), + ipdk(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ESP Authentication Algorithm used in the IPsec." + ::= { nsVpnMonEntry 8 } + +nsVpnMonAhAlg OBJECT-TYPE + SYNTAX INTEGER { + reserved(0), + ah-md5(2), + ah-sha(3), + ah-des(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "a value which identifies a particular algorithm to be used to + provide integrity protection for AH." + ::= { nsVpnMonEntry 9 } + +nsVpnMonKeyType OBJECT-TYPE + SYNTAX INTEGER { + manual(0), + auto-ike(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "a value which identifies a key exchange protocol to be used + for the negotiation" + ::= { nsVpnMonEntry 10 } + +nsVpnMonP1Auth OBJECT-TYPE + SYNTAX INTEGER { + unused(0), + preshared-key(1), + dss-Signature(2), + rsa-Signature(3), + rsa-Encryption1(4), + rsa-Encryption2(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "a value which identifies Phase 1 authentication method" + ::= { nsVpnMonEntry 11 } + +nsVpnMonVpnType OBJECT-TYPE + SYNTAX INTEGER { + reserved(0), + dialup(1), + site-to-site(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of this VPN tunnel, either a dialup or site-to-site" + ::= { nsVpnMonEntry 12 } + +nsVpnMonRmtGwIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The peer Gateway's IP address" + ::= { nsVpnMonEntry 13 } + +nsVpnMonRmtGwId OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The peer Gateway's ID" + ::= { nsVpnMonEntry 14 } + +nsVpnMonMyGwIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local Gateway's IP address" + ::= { nsVpnMonEntry 15 } + +nsVpnMonMyGwId OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local Gateway's ID" + ::= { nsVpnMonEntry 16 } + +nsVpnMonOutSpi OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The SPI for outgoing packets" + ::= { nsVpnMonEntry 17 } + +nsVpnMonInSpi OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The SPI for incoming packets" + ::= { nsVpnMonEntry 18 } + +nsVpnMonMonState OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The monitoring status, if it is on, an icmp ping will be sent + over the tunnel periodically to test the connectivity and + latency" + ::= { nsVpnMonEntry 19 } + +nsVpnMonTunnelState OBJECT-TYPE + SYNTAX INTEGER { + down(0), + up(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The current tunnel status determined by the icmp ping if The + monitoring status is on." + ::= { nsVpnMonEntry 20 } + +nsVpnMonP1State OBJECT-TYPE + SYNTAX INTEGER { + inactive(0), + active(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IKE's Phase 1 status" + ::= { nsVpnMonEntry 21 } + +nsVpnMonP1LifeTime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "an active Phase 1 sa's time left before re-key. -1 means + unlimited lifetime." + ::= { nsVpnMonEntry 22 } + +nsVpnMonP2State OBJECT-TYPE + SYNTAX INTEGER { + inactive(0), + active(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IKE's Phase 2 status" + ::= { nsVpnMonEntry 23 } + +nsVpnMonP2LifeTime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "an active Phase 2 sa's time left before re-key. -1 means + unlimited life time." + ::= { nsVpnMonEntry 24 } + +nsVpnMonP2LifeBytes OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "an active Phase 2 sa's bytes left before re-key. -1 means + unlimited life bytes." + ::= { nsVpnMonEntry 25 } + +nsVpnMonDelayAvg OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "a kind of rolling average of latency, in milliseconds. -1 has + no meaning here, which means nsVpnMonDelayAvg has not been + calculated yet." + ::= { nsVpnMonEntry 26 } + +nsVpnMonDelayLast OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "latency in last sample, in milliseconds. + -1 means either vpn tunnel is inactive or vpn tunnel monitor is + not turned on." + ::= { nsVpnMonEntry 27 } + +nsVpnMonAvail OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "percentage over 30 samples" + ::= { nsVpnMonEntry 28 } + +nsVpnMonSaId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "SA identifier, also used as table index" + ::= { nsVpnMonEntry 29 } + +nsVpnMonGroupId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Group Identifier" + ::= { nsVpnMonEntry 30 } + +nsVpnMonUsrId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User Identifier" + ::= { nsVpnMonEntry 31 } + +nsVpnMonStartSessRequestTime OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Start Session request timestamp" + ::= { nsVpnMonEntry 32 } + +nsVpnMonStartSessEstTime OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Start Session establish timestamp" + ::= { nsVpnMonEntry 33 } + +nsVpnMonEndSessTime OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "End Session timestamp [when session terminates]" + ::= { nsVpnMonEntry 34 } + +nsVpnMonBytesIn OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Incoming bytes through this sa." + ::= { nsVpnMonEntry 35 } + +nsVpnMonBytesOut OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Outgoing bytes through this sa." + ::= { nsVpnMonEntry 36 } + +nsVpnMonPacketsIn OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Incoming packets through this sa." + ::= { nsVpnMonEntry 37 } + +nsVpnMonPacketsOut OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Outgoing packets through this sa." + ::= { nsVpnMonEntry 38 } + +nsVpnMonIfIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "interface index." + ::= { nsVpnMonEntry 39 } + +nsVpnMonUpdateTime OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Timestamp [Whenever any member of the row gets updated, the + timestamp is updated]" + ::= { nsVpnMonEntry 40 } + +nsVpnMonDN OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..64)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "DN name" + ::= { nsVpnMonEntry 41 } + +nsVpnMonIfInfo OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Internal id assigned to this interface. Stays persistent across resets." + ::= { nsVpnMonEntry 42 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB b/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB new file mode 100644 index 0000000..70734c9 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB @@ -0,0 +1,186 @@ +-- This module defines enterprise MIBs for VPN Phase 1 +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-PHASEONE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnPhaseoneMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for VPN Phase 1" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 5 } + +NsVpnPhOneEntry ::= SEQUENCE +{ + nsVpnPhOneIndex Integer32, + nsVpnPhOneName DisplayString, + nsVpnPhOneAuthMethod INTEGER, + nsVpnPhOneDhGroup Integer32, + nsVpnPhOneEncryp INTEGER, + nsVpnPhOneHash INTEGER, + nsVpnPhOneLifetime Integer32, + nsVpnPhOneLifetimeMeasure INTEGER, + nsVpnPhOneVsys Integer32 +} + +nsVpnPhaseOneCfg OBJECT IDENTIFIER ::= { netscreenVpn 5 } + +nsVpnPhOneTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnPhOneEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "To establish an IKE IPSec tunnel, two phases of negotiation + are required. This table specifies the configuration attributes + for Phase One negotiation. In Phase 1, the participants + establish a secure channel in which to negotiate the IPSec + SAs." + ::= { nsVpnPhaseOneCfg 1 } + +nsVpnPhOneEntry OBJECT-TYPE + SYNTAX NsVpnPhOneEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnPhOneTable holds a set of configuration + parameters associated with an instance of Phase 1 setting." + INDEX + { nsVpnPhOneIndex } + ::= { nsVpnPhOneTable 1 } + +nsVpnPhOneIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for phase one table. Its value ranges between + 1 and 65535 and may not be contiguous. The index has no other + meaning but a pure index" + ::= { nsVpnPhOneEntry 1 } + +nsVpnPhOneName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase one proposal name." + ::= { nsVpnPhOneEntry 2 } + +nsVpnPhOneAuthMethod OBJECT-TYPE + SYNTAX INTEGER { + preshare(0), + rsa-sig(1), + dsa-sig(2), + rsa-enc(3), + rsa-rev(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase one proposal authentication method." + ::= { nsVpnPhOneEntry 3 } + +nsVpnPhOneDhGroup OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase one proposal Diffie-Hellman exchange group id." + ::= { nsVpnPhOneEntry 4 } + +nsVpnPhOneEncryp OBJECT-TYPE + SYNTAX INTEGER { + null(0), + des(1), + des3(2), + aes(3), + aes-192(4), + aes-256(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase one proposal encryption exchange id." + ::= { nsVpnPhOneEntry 5 } + +nsVpnPhOneHash OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase one proposal hash algorithm." + ::= { nsVpnPhOneEntry 6 } + +nsVpnPhOneLifetime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Lifetime of this phase one setting." + ::= { nsVpnPhOneEntry 7 } + +nsVpnPhOneLifetimeMeasure OBJECT-TYPE + SYNTAX INTEGER { + second(0), + minute(1), + hours(2), + days(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "life time measurement." + ::= { nsVpnPhOneEntry 8 } + +nsVpnPhOneVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this phase one proposal configuration belongs to." + ::= { nsVpnPhOneEntry 9 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB b/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB new file mode 100644 index 0000000..583df99 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB @@ -0,0 +1,208 @@ +-- This module defines enterprise MIBs for VPN Phase two +-- negotiation. +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-PHASETWO-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVpnPhasetwoMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for VPN Phase two + negotiation." + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 6 } + +NsVpnPhTwoEntry ::= SEQUENCE +{ + nsVpnPhTwoIndex Integer32, + nsVpnPhTwoName DisplayString, + nsVpnPhTwoPFS Integer32, + nsVpnPhTwoEncapMethod INTEGER, + nsVpnPhTwoESPEncryp INTEGER, + nsVpnPhTwoESPAuth INTEGER, + nsVpnPhTwoAhAuth INTEGER, + nsVpnPhTwoLifetime Integer32, + nsVpnPhTwoLifetimeMeasure INTEGER, + nsVpnPhTwoLifetimeKb Integer32, + nsVpnPhTwoVsys Integer32 +} + +nsVpnPhaseTwoCfg OBJECT IDENTIFIER ::= { netscreenVpn 6 } + +nsVpnPhTwoTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnPhTwoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "To establish an IKE IPSec tunnel, two phases of negotiation + are required. This table specifies the configuration attributes + for Phase Two negotiation. In Phase 2, the participants + negotiate the IPSec SAs for encrypting and authenticating the + ensuing exchanges of user data." + ::= { nsVpnPhaseTwoCfg 1 } + +nsVpnPhTwoEntry OBJECT-TYPE + SYNTAX NsVpnPhTwoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnPhTwoTable holds a set of configuration + parameters associated with an instance of Phase 2 setting." + INDEX + { nsVpnPhTwoIndex } + ::= { nsVpnPhTwoTable 1 } + +nsVpnPhTwoIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for phase Two table. Its value ranges between + 1 and 65535 and may not be contiguous. The index has no other + meaning but a pure index" + ::= { nsVpnPhTwoEntry 1 } + +nsVpnPhTwoName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase two proposal name." + ::= { nsVpnPhTwoEntry 2 } + +nsVpnPhTwoPFS OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Perfect Forward Secrecy - Diffie-Hellman exchange group." + ::= { nsVpnPhTwoEntry 3 } + +nsVpnPhTwoEncapMethod OBJECT-TYPE + SYNTAX INTEGER { + ah(0), + esp(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase two proposal encapsulation method." + ::= { nsVpnPhTwoEntry 4 } + +nsVpnPhTwoESPEncryp OBJECT-TYPE + SYNTAX INTEGER { + null(0), + des(1), + triple-des(2), + aes(3), + aes-192(4), + aes-256(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase two proposal ESP encryption algorithm." + ::= { nsVpnPhTwoEntry 5 } + +nsVpnPhTwoESPAuth OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2), + sha-256(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase two proposal ESP authentication Algorithm." + ::= { nsVpnPhTwoEntry 6 } + +nsVpnPhTwoAhAuth OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Phase two proposal AH authentication Algorithm." + ::= { nsVpnPhTwoEntry 7 } + +nsVpnPhTwoLifetime OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Lifetime in time" + ::= { nsVpnPhTwoEntry 8 } + +nsVpnPhTwoLifetimeMeasure OBJECT-TYPE + SYNTAX INTEGER { + second(0), + minute(1), + hours(2), + days(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "life time measurement." + ::= { nsVpnPhTwoEntry 9 } + +nsVpnPhTwoLifetimeKb OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Lifetime in KBytes" + ::= { nsVpnPhTwoEntry 10 } + +nsVpnPhTwoVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this proposal configuration belongs to." + ::= { nsVpnPhTwoEntry 11 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VPN-USER-MIB b/MIBS/screenos/NETSCREEN-VPN-USER-MIB new file mode 100644 index 0000000..f4ae6b6 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VPN-USER-MIB @@ -0,0 +1,466 @@ +-- This module defines enterprise MIBs for VPN User +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VPN-USER-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVpn, netscreenVpnMibModule + FROM NETSCREEN-SMI + Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenUserMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for VPN User" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200205050000Z" -- May 05, 2002 + DESCRIPTION + "Add dial-up group type" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenVpnMibModule 10 } + +NsVpnAILUsrEntry ::= SEQUENCE +{ + nsVpnAILUsrIndex Integer32, + nsVpnAILUsrName DisplayString, + nsVpnAILUsrGrp DisplayString, + nsVpnAILUsrStatus INTEGER, + nsVpnAILUsrIKE INTEGER, + nsVpnAILUsrIKEIdType INTEGER, + nsVpnAILUsrIKEId DisplayString, + nsVpnAILUsrAuth INTEGER, + nsVpnAILUsrL2TP INTEGER, + nsVpnAILUsrL2tpRemoteIp IpAddress, + nsVpnAILUsrL2tpIpPool DisplayString, + nsVpnAILUsrL2tpIp IpAddress, + nsVpnAILUsrL2tpPriDnsIp IpAddress, + nsVpnAILUsrL2tpSecDnsIp IpAddress, + nsVpnAILUsrL2tpPriWinsIp IpAddress, + nsVpnAILUsrL2tpSecWinsIp IpAddress, + nsVpnAILUsrVsys Integer32 +} + +NsVpnManualKeyUsrEntry ::= SEQUENCE +{ + nsVpnManualKeyUsrIndex Integer32, + nsVpnManualKeyUsrName DisplayString, + nsVpnManualKeyUsrGrp DisplayString, + nsVpnManualKeyUsrSILocal Integer32, + nsVpnManualKeyUsrSIRemote Integer32, + nsVpnManualKeyUsrTunnelType INTEGER, + nsVpnManualKeyUsrEspEncAlg INTEGER, + nsVpnManualKeyUsrEspAuthAlg INTEGER, + nsVpnManualKeyUsrAhHash INTEGER, + nsVpnManualKeyUsrVsys Integer32 +} + +NsVpnUsrDialupGrpEntry ::= SEQUENCE +{ + nsVpnUsrDialupGrpIndex Integer32, + nsVpnUsrDialupGrpName DisplayString, + nsVpnUsrDialupGrpType INTEGER, + nsVpnUsrDialupGrpVsys Integer32 +} + +nsVpnUser OBJECT IDENTIFIER ::= { netscreenVpn 10 } + +nsVpnUsrDialupGrpTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnUsrDialupGrpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen supports using dialup group to organize vpn + user.This table collects the information of dialup group in + NetScreen device." + ::= { nsVpnUser 1 } + +nsVpnUsrDialupGrpEntry OBJECT-TYPE + SYNTAX NsVpnUsrDialupGrpEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in this table holds a set of configuration + information about dialup group." + INDEX + { nsVpnUsrDialupGrpIndex } + ::= { nsVpnUsrDialupGrpTable 1 } + +nsVpnUsrDialupGrpIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for schedule. Its value ranges between 0 and + 65535 and may not be contiguous." + ::= { nsVpnUsrDialupGrpEntry 1 } + +nsVpnUsrDialupGrpName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "dialup user group name." + ::= { nsVpnUsrDialupGrpEntry 2 } + +nsVpnUsrDialupGrpType OBJECT-TYPE + SYNTAX INTEGER { + undefined(0), + manual(1), + ike(2), + l2tp(3), + xauth(4), + auth(5), + external(6) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "dial up group type." + ::= { nsVpnUsrDialupGrpEntry 3 } + +nsVpnUsrDialupGrpVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this group belongs to." + ::= { nsVpnUsrDialupGrpEntry 4 } + +nsVpnManualKeyUsrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnManualKeyUsrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the configuration attributes for manual + key user." + ::= { nsVpnUser 2 } + +nsVpnManualKeyUsrEntry OBJECT-TYPE + SYNTAX NsVpnManualKeyUsrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnManualkeyUsrTable holds a set of + configuration parameters associated with an instance of manual + key user." + INDEX + { nsVpnManualKeyUsrIndex } + ::= { nsVpnManualKeyUsrTable 1 } + +nsVpnManualKeyUsrIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for manual key user table. Its value ranges + between 0 and 65535 and may not be contiguous." + ::= { nsVpnManualKeyUsrEntry 1 } + +nsVpnManualKeyUsrName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User name." + ::= { nsVpnManualKeyUsrEntry 2 } + +nsVpnManualKeyUsrGrp OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "group this user belongs to." + ::= { nsVpnManualKeyUsrEntry 3 } + +nsVpnManualKeyUsrSILocal OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Local Security Index" + ::= { nsVpnManualKeyUsrEntry 4 } + +nsVpnManualKeyUsrSIRemote OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Remote Security Index" + ::= { nsVpnManualKeyUsrEntry 5 } + +nsVpnManualKeyUsrTunnelType OBJECT-TYPE + SYNTAX INTEGER { + esp(0), + ah(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vpn tunnel type." + ::= { nsVpnManualKeyUsrEntry 6 } + +nsVpnManualKeyUsrEspEncAlg OBJECT-TYPE + SYNTAX INTEGER { + null(0), + des-cbc(1), + triple-des-cbc(2), + aes(3), + aes-192(4), + aes-256(5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ESP Encryption Algorithm." + ::= { nsVpnManualKeyUsrEntry 7 } + +nsVpnManualKeyUsrEspAuthAlg OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ESP Authentication Algorithm." + ::= { nsVpnManualKeyUsrEntry 8 } + +nsVpnManualKeyUsrAhHash OBJECT-TYPE + SYNTAX INTEGER { + null(0), + md5(1), + sha(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "AH Hash Algorithm." + ::= { nsVpnManualKeyUsrEntry 9 } + +nsVpnManualKeyUsrVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this user belongs to." + ::= { nsVpnManualKeyUsrEntry 10 } + +nsVpnAILUsrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVpnAILUsrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table specifies the configuration attributes for + AUTH/IKE/L2TP user." + ::= { nsVpnUser 3 } + +nsVpnAILUsrEntry OBJECT-TYPE + SYNTAX NsVpnAILUsrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsVpnManualkeyUsrTable holds a set of + configuration parameters associated with an instance of + AUTH/IKE/L2TP user." + INDEX + { nsVpnAILUsrIndex } + ::= { nsVpnAILUsrTable 1 } + +nsVpnAILUsrIndex OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for Auth/Ike/l2tp user table. Its value ranges + between 1 and 65535 and may not be contiguous." + ::= { nsVpnAILUsrEntry 1 } + +nsVpnAILUsrName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User name." + ::= { nsVpnAILUsrEntry 2 } + +nsVpnAILUsrGrp OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "group this user belongs to." + ::= { nsVpnAILUsrEntry 3 } + +nsVpnAILUsrStatus OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User status" + ::= { nsVpnAILUsrEntry 4 } + +nsVpnAILUsrIKE OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Since Authentication, IKE L2TP can be combined together. This + attribute is used to indicate if this user is an IKE user." + ::= { nsVpnAILUsrEntry 5 } + +nsVpnAILUsrIKEIdType OBJECT-TYPE + SYNTAX INTEGER { + not-set(0), + ipv4-addr(1), + fqdn(2), + usr-fqdn(3), + ipv4-addr-subnet(4), + ipv6-addr(5), + ipv6-addr-subnet(6), + ipv4-addr-addr-range(7), + ipv6-addr-addr-range(8), + der-asn1-dn(9), + der-asn1-gn(10) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IKE user type 1 means auto, other values are undefined." + ::= { nsVpnAILUsrEntry 6 } + +nsVpnAILUsrIKEId OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IKE id." + ::= { nsVpnAILUsrEntry 7 } + +nsVpnAILUsrAuth OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Since Authentication, IKE L2TP can be combined together. This + attribute is used to indicate if this user is an Authentication + user." + ::= { nsVpnAILUsrEntry 8 } + +nsVpnAILUsrL2TP OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Since Authentication, IKE L2TP can be combined together. This + attribute is used to indicate if this user is a L2TP user. The + NetScreen-1000 does not support L2TP." + ::= { nsVpnAILUsrEntry 9 } + +nsVpnAILUsrL2tpRemoteIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2TP remote peer ip address." + ::= { nsVpnAILUsrEntry 10 } + +nsVpnAILUsrL2tpIpPool OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "ip pool entity name." + ::= { nsVpnAILUsrEntry 11 } + +nsVpnAILUsrL2tpIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2TP local ip address." + ::= { nsVpnAILUsrEntry 12 } + +nsVpnAILUsrL2tpPriDnsIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "primary DNS server IP address for L2TP user." + ::= { nsVpnAILUsrEntry 13 } + +nsVpnAILUsrL2tpSecDnsIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "secondary DNS server IP address for L2TP user." + ::= { nsVpnAILUsrEntry 14 } + +nsVpnAILUsrL2tpPriWinsIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "primary WINS server IP address for L2TP user." + ::= { nsVpnAILUsrEntry 15 } + +nsVpnAILUsrL2tpSecWinsIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "secondary WINS server IP address for L2TP user." + ::= { nsVpnAILUsrEntry 16 } + +nsVpnAILUsrVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this user belongs to." + ::= { nsVpnAILUsrEntry 17 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VR-BGP4-MIB b/MIBS/screenos/NETSCREEN-VR-BGP4-MIB new file mode 100644 index 0000000..f61f13c --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VR-BGP4-MIB @@ -0,0 +1,787 @@ +-- These MIBs were created on 1/2/2003 +-- This module defines enterprise MIBs for NS BGP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VR-BGP4-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, + IpAddress, Integer32, Counter32, Gauge32 + FROM SNMPv2-SMI + netscreenTrapDesc, netscreenTrapType + FROM NETSCREEN-TRAP-MIB + netscreenVR + FROM NETSCREEN-SMI; + + nsVrBgp MODULE-IDENTITY + LAST-UPDATED "200506202022Z" -- June 20, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module for NS-BGP-4." + ::= { netscreenVR 6 } + + -- BGP Info table. This table contains, one entry per + -- VR, information about the BGP's Version, LocalAs and Identifier. + + nsVrBgpInfoTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrBgpInfoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "BGP info table. This table contains, + one entry per VR, information about + the BGP's Version, LocalAs and Identifier." + ::= { nsVrBgp 1 } + + nsVrBgpInfoEntry OBJECT-TYPE + SYNTAX NsVrBgpInfoEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Entry containing information about the + BGP's Version, LocalAs and Identifier" + INDEX { nsVrBgpInfoVRID } + ::= { nsVrBgpInfoTable 1 } + + NsVrBgpInfoEntry ::= SEQUENCE { + nsVrBgpInfoVersion + OCTET STRING, + nsVrBgpInfoLocalAs + INTEGER, + nsVrBgpInfoIdentifier + IpAddress, + nsVrBgpInfoVRID + INTEGER + } + + nsVrBgpInfoVersion OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (1..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Vector of supported BGP protocol version + numbers. Each peer negotiates the version + from this vector. Versions are identified + via the string of bits contained within this + object. The first octet contains bits 0 to + 7, the second octet contains bits 8 to 15, + and so on, with the most significant bit + referring to the lowest bit number in the + octet (e.g., the MSB of the first octet + refers to bit 0). If a bit, i, is present + and set, then the version (i+1) of the BGP + is supported." + ::= { nsVrBgpInfoEntry 1 } + + nsVrBgpInfoLocalAs OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local autonomous system number." + ::= { nsVrBgpInfoEntry 2 } + + nsVrBgpInfoIdentifier OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The BGP Identifier of local system." + ::= { nsVrBgpInfoEntry 3 } + + nsVrBgpInfoVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrBgpInfoEntry 4 } + + -- BGP Peer table. This table contains, one entry per + -- BGP peer, information about the BGP peer. + + nsVrBgpPeerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrBgpPeerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "BGP peer table. This table contains, + one entry per BGP peer, information about + the connections with BGP peers." + ::= { nsVrBgp 3 } + + nsVrBgpPeerEntry OBJECT-TYPE + SYNTAX NsVrBgpPeerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Entry containing information about the + connection with a BGP peer." + INDEX { nsVrBgpPeerVRID, + nsVrBgpPeerRemoteAddr } + ::= { nsVrBgpPeerTable 1 } + + NsVrBgpPeerEntry ::= SEQUENCE { + nsVrBgpPeerIdentifier + IpAddress, + nsVrBgpPeerState + INTEGER, + nsVrBgpPeerAdminStatus + INTEGER, + nsVrBgpPeerNegotiatedVersion + Integer32, + nsVrBgpPeerLocalAddr + IpAddress, + nsVrBgpPeerLocalPort + INTEGER, + nsVrBgpPeerRemoteAddr + IpAddress, + nsVrBgpPeerRemotePort + INTEGER, + nsVrBgpPeerRemoteAs + INTEGER, + nsVrBgpPeerInUpdates + Counter32, + nsVrBgpPeerOutUpdates + Counter32, + nsVrBgpPeerInTotalMessages + Counter32, + nsVrBgpPeerOutTotalMessages + Counter32, + nsVrBgpPeerLastError + OCTET STRING, + nsVrBgpPeerFsmEstablishedTransitions + Counter32, + nsVrBgpPeerFsmEstablishedTime + Gauge32, + nsVrBgpPeerConnectRetryInterval + INTEGER, + nsVrBgpPeerHoldTime + INTEGER, + nsVrBgpPeerKeepAlive + + INTEGER, + nsVrBgpPeerHoldTimeConfigured + INTEGER, + nsVrBgpPeerKeepAliveConfigured + INTEGER, + nsVrBgpPeerMinASOriginationInterval + INTEGER, + nsVrBgpPeerMinRouteAdvertisementInterval + INTEGER, + nsVrBgpPeerInUpdateElapsedTime + Gauge32, + nsVrBgpPeerVRID + INTEGER + } + + nsVrBgpPeerIdentifier OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The BGP Identifier of this entry's BGP + peer." + ::= { nsVrBgpPeerEntry 1 } + + nsVrBgpPeerState OBJECT-TYPE + SYNTAX INTEGER { + idle(1), + connect(2), + active(3), + opensent(4), + openconfirm(5), + established(6) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The BGP peer connection state." + ::= { nsVrBgpPeerEntry 2 } + + nsVrBgpPeerAdminStatus OBJECT-TYPE + SYNTAX INTEGER { + stop(1), + start(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The desired state of the BGP connection. + A transition from 'stop' to 'start' will + cause the BGP Start Event to be generated. + + A transition from 'start' to 'stop' will + cause the BGP Stop Event to be generated. + This parameter can be used to restart BGP + peer connections. Care should be used in + providing write access to this object + without adequate authentication." + ::= { nsVrBgpPeerEntry 3 } + + nsVrBgpPeerNegotiatedVersion OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The negotiated version of BGP running + between the two peers." + ::= { nsVrBgpPeerEntry 4 } + + nsVrBgpPeerLocalAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local IP address of this entry's BGP + connection." + ::= { nsVrBgpPeerEntry 5 } + + nsVrBgpPeerLocalPort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The local port for the TCP connection + between the BGP peers." + ::= { nsVrBgpPeerEntry 6 } + + nsVrBgpPeerRemoteAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The remote IP address of this entry's BGP + peer." + ::= { nsVrBgpPeerEntry 7 } + + nsVrBgpPeerRemotePort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + + DESCRIPTION + "The remote port for the TCP connection + between the BGP peers. Note that the + objects nsVrBgpPeerLocalAddr, + nsVrBgpPeerLocalPort, nsVrBgpPeerRemoteAddr and + nsVrBgpPeerRemotePort provide the appropriate + reference to the standard MIB TCP + connection table." + ::= { nsVrBgpPeerEntry 8 } + + nsVrBgpPeerRemoteAs OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The remote autonomous system number." + ::= { nsVrBgpPeerEntry 9 } + + nsVrBgpPeerInUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of BGP UPDATE messages + received on this connection. This object + should be initialized to zero (0) when the + connection is established." + ::= { nsVrBgpPeerEntry 10 } + + nsVrBgpPeerOutUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of BGP UPDATE messages + transmitted on this connection. This + object should be initialized to zero (0) + when the connection is established." + ::= { nsVrBgpPeerEntry 11 } + + nsVrBgpPeerInTotalMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of messages received + from the remote peer on this connection. + This object should be initialized to zero + + when the connection is established." + ::= { nsVrBgpPeerEntry 12 } + + nsVrBgpPeerOutTotalMessages OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of messages transmitted to + the remote peer on this connection. This + object should be initialized to zero when + the connection is established." + ::= { nsVrBgpPeerEntry 13 } + + nsVrBgpPeerLastError OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (2)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The last error code and subcode seen by this + peer on this connection. If no error has + occurred, this field is zero. Otherwise, the + first byte of this two byte OCTET STRING + contains the error code, and the second byte + contains the subcode." + ::= { nsVrBgpPeerEntry 14 } + + nsVrBgpPeerFsmEstablishedTransitions OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of times the BGP FSM + transitioned into the established state." + ::= { nsVrBgpPeerEntry 15 } + + nsVrBgpPeerFsmEstablishedTime OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This timer indicates how long (in + seconds) this peer has been in the + Established state or how long + since this peer was last in the + Established state. It is set to zero when + a new peer is configured or the router is + booted." + + ::= { nsVrBgpPeerEntry 16 } + + nsVrBgpPeerConnectRetryInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the + ConnectRetry timer. The suggested value + for this timer is 120 seconds." + ::= { nsVrBgpPeerEntry 17 } + + nsVrBgpPeerHoldTime OBJECT-TYPE + SYNTAX INTEGER ( 0 | 3..65535 ) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the Hold + Timer established with the peer. The + value of this object is calculated by this + BGP speaker by using the smaller of the + value in nsVrBgpPeerHoldTimeConfigured and the + Hold Time received in the OPEN message. + This value must be at lease three seconds + if it is not zero (0) in which case the + Hold Timer has not been established with + the peer, or, the value of + nsVrBgpPeerHoldTimeConfigured is zero (0)." + ::= { nsVrBgpPeerEntry 18 } + + nsVrBgpPeerKeepAlive OBJECT-TYPE + SYNTAX INTEGER ( 0 | 1..21845 ) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the KeepAlive + timer established with the peer. The value + of this object is calculated by this BGP + speaker such that, when compared with + nsVrBgpPeerHoldTime, it has the same + proportion as what + nsVrBgpPeerKeepAliveConfigured has when + compared with nsVrBgpPeerHoldTimeConfigured. + If the value of this object is zero (0), + it indicates that the KeepAlive timer has + not been established with the peer, or, + the value of nsVrBgpPeerKeepAliveConfigured is + zero (0)." + + ::= { nsVrBgpPeerEntry 19 } + + nsVrBgpPeerHoldTimeConfigured OBJECT-TYPE + SYNTAX INTEGER ( 0 | 3..65535 ) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the Hold Time + configured for this BGP speaker with this + peer. This value is placed in an OPEN + message sent to this peer by this BGP + speaker, and is compared with the Hold + Time field in an OPEN message received + from the peer when determining the Hold + Time (nsVrBgpPeerHoldTime) with the peer. + This value must not be less than three + seconds if it is not zero (0) in which + case the Hold Time is NOT to be + established with the peer. The suggested + value for this timer is 90 seconds." + ::= { nsVrBgpPeerEntry 20 } + + nsVrBgpPeerKeepAliveConfigured OBJECT-TYPE + SYNTAX INTEGER ( 0 | 1..21845 ) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the + KeepAlive timer configured for this BGP + speaker with this peer. The value of this + object will only determine the + KEEPALIVE messages' frequency relative to + the value specified in + nsVrBgpPeerHoldTimeConfigured; the actual + time interval for the KEEPALIVE messages + is indicated by nsVrBgpPeerKeepAlive. A + reasonable maximum value for this timer + would be configured to be one + third of that of + nsVrBgpPeerHoldTimeConfigured. + If the value of this object is zero (0), + no periodical KEEPALIVE messages are sent + to the peer after the BGP connection has + been established. The suggested value for + this timer is 30 seconds." + ::= { nsVrBgpPeerEntry 21 } + + nsVrBgpPeerMinASOriginationInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the + MinASOriginationInterval timer. + The suggested value for this timer is 15 + seconds." + ::= { nsVrBgpPeerEntry 22 } + + nsVrBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time interval in seconds for the + MinRouteAdvertisementInterval timer. + The suggested value for this timer is 30 + seconds." + ::= { nsVrBgpPeerEntry 23 } + + nsVrBgpPeerInUpdateElapsedTime OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Elapsed time in seconds since the last BGP + UPDATE message was received from the peer. + Each time nsVrBgpPeerInUpdates is incremented, + the value of this object is set to zero + (0)." + ::= { nsVrBgpPeerEntry 24 } + + nsVrBgpPeerVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrBgpPeerEntry 25 } + + + -- BGP-4 Received Path Attribute Table. This table + -- contains, one entry per path to a network, path + -- attributes received from all peers running BGP-4. + + nsVrBgp4PathAttrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrBgp4PathAttrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The BGP-4 Received Path Attribute Table + contains information about paths to + destination networks received from all + BGP4 peers." + ::= { nsVrBgp 6 } + + nsVrBgp4PathAttrEntry OBJECT-TYPE + SYNTAX NsVrBgp4PathAttrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information about a path to a network." + INDEX { nsVrBgp4PathAttrVRID, + nsVrBgp4PathAttrIpAddrPrefix, + nsVrBgp4PathAttrIpAddrPrefixLen, + nsVrBgp4PathAttrPeer } + ::= { nsVrBgp4PathAttrTable 1 } + + NsVrBgp4PathAttrEntry ::= SEQUENCE { + nsVrBgp4PathAttrPeer + IpAddress, + nsVrBgp4PathAttrIpAddrPrefixLen + INTEGER, + nsVrBgp4PathAttrIpAddrPrefix + IpAddress, + nsVrBgp4PathAttrOrigin + INTEGER, + nsVrBgp4PathAttrASPathSegment + + OCTET STRING, + nsVrBgp4PathAttrNextHop + IpAddress, + nsVrBgp4PathAttrMultiExitDisc + INTEGER, + nsVrBgp4PathAttrLocalPref + INTEGER, + nsVrBgp4PathAttrAtomicAggregate + INTEGER, + nsVrBgp4PathAttrAggregatorAS + INTEGER, + nsVrBgp4PathAttrAggregatorAddr + IpAddress, + nsVrBgp4PathAttrCalcLocalPref + INTEGER, + nsVrBgp4PathAttrBest + INTEGER, + nsVrBgp4PathAttrUnknown + OCTET STRING, + nsVrBgp4PathAttrVRID + INTEGER + + } + + nsVrBgp4PathAttrPeer OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of the peer where the path + information was learned." + ::= { nsVrBgp4PathAttrEntry 1 } + + nsVrBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE + SYNTAX INTEGER (0..32) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Length in bits of the IP address prefix + in the Network Layer Reachability + Information field." + ::= { nsVrBgp4PathAttrEntry 2 } + + nsVrBgp4PathAttrIpAddrPrefix OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An IP address prefix in the Network Layer + Reachability Information field. This object + + is an IP address containing the prefix with + length specified by + nsVrBgp4PathAttrIpAddrPrefixLen. + Any bits beyond the length specified by + nsVrBgp4PathAttrIpAddrPrefixLen are zeroed." + ::= { nsVrBgp4PathAttrEntry 3 } + + nsVrBgp4PathAttrOrigin OBJECT-TYPE + SYNTAX INTEGER { + igp(1),-- networks are interior + egp(2),-- networks learned + -- via EGP + incomplete(3) -- undetermined + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ultimate origin of the path + information." + ::= { nsVrBgp4PathAttrEntry 4 } + + nsVrBgp4PathAttrASPathSegment OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (2..255)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The sequence of AS path segments. Each AS + path segment is represented by a triple + . + + The type is a 1-octet field which has two + possible values: + 1 AS_SET: unordered set of ASs a + route in the UPDATE + message has traversed + 2 AS_SEQUENCE: ordered set of ASs + a route in the UPDATE + message has traversed. + + The length is a 1-octet field containing the + number of ASs in the value field. + + The value field contains one or more AS + numbers, each AS is represented in the octet + string as a pair of octets according to the + following algorithm: + + first-byte-of-pair = ASNumber / 256; + second-byte-of-pair = ASNumber & 255;" + ::= { nsVrBgp4PathAttrEntry 5 } + + nsVrBgp4PathAttrNextHop OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The address of the border router that + should be used for the destination + network." + ::= { nsVrBgp4PathAttrEntry 6 } + + nsVrBgp4PathAttrMultiExitDisc OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This metric is used to discriminate + between multiple exit points to an + adjacent autonomous system. A value of -1 + indicates the absence of this attribute." + ::= { nsVrBgp4PathAttrEntry 7 } + + nsVrBgp4PathAttrLocalPref OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The originating BGP4 speaker's degree of + preference for an advertised route. A + value of -1 indicates the absence of this + attribute." + ::= { nsVrBgp4PathAttrEntry 8 } + + nsVrBgp4PathAttrAtomicAggregate OBJECT-TYPE + SYNTAX INTEGER { + lessSpecificRrouteNotSelected(1), + lessSpecificRouteSelected(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Whether or not the local system has + selected a less specific route without + selecting a more specific route." + ::= { nsVrBgp4PathAttrEntry 9 } + + nsVrBgp4PathAttrAggregatorAS OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The AS number of the last BGP4 speaker that + performed route aggregation. A value of + zero (0) indicates the absence of this + attribute." + ::= { nsVrBgp4PathAttrEntry 10 } + + nsVrBgp4PathAttrAggregatorAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of the last BGP4 speaker + that performed route aggregation. A value + of 0.0.0.0 indicates the absence of this + attribute." + ::= { nsVrBgp4PathAttrEntry 11 } + + nsVrBgp4PathAttrCalcLocalPref OBJECT-TYPE + SYNTAX INTEGER (-1..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The degree of preference calculated by the + receiving BGP4 speaker for an advertised + route. A value of -1 indicates the + absence of this attribute." + ::= { nsVrBgp4PathAttrEntry 12 } + + nsVrBgp4PathAttrBest OBJECT-TYPE + SYNTAX INTEGER { + false(1),-- not chosen as best route + true(2) -- chosen as best route + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "An indication of whether or not this route + was chosen as the best BGP4 route." + ::= { nsVrBgp4PathAttrEntry 13 } + + nsVrBgp4PathAttrUnknown OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..255)) + MAX-ACCESS read-only + + STATUS current + DESCRIPTION + "One or more path attributes not understood + by this BGP4 speaker. Size zero (0) + indicates the absence of such + attribute(s). Octets beyond the maximum + size, if any, are not recorded by this + object." + ::= { nsVrBgp4PathAttrEntry 14 } + + nsVrBgp4PathAttrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrBgp4PathAttrEntry 15 } + + -- Traps. + + nsVrBgpTraps OBJECT IDENTIFIER ::= { nsVrBgp 7 } + + nsVrBgpEstablished NOTIFICATION-TYPE + OBJECTS { nsVrBgp4PathAttrVRID, + netscreenTrapType, + netscreenTrapDesc, + nsVrBgpPeerIdentifier, + nsVrBgpPeerLastError, + nsVrBgpPeerState } + STATUS current + DESCRIPTION + "The BGP Established event is generated when + the BGP FSM enters the ESTABLISHED state." + ::= { nsVrBgpTraps 1 } + + +END + diff --git a/MIBS/screenos/NETSCREEN-VR-MIB b/MIBS/screenos/NETSCREEN-VR-MIB new file mode 100644 index 0000000..c4a3cb0 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VR-MIB @@ -0,0 +1,157 @@ +-- These MIBs were created on 1/9/2003 +-- This module defines enterprise MIBs for virtual router +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VR-MIB DEFINITIONS ::= BEGIN + +IMPORTS + OBJECT-TYPE + FROM SNMPv2-SMI + netscreenVR + FROM NETSCREEN-SMI; + +netscreenVRMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor VR + info" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200109010000Z" -- September 1, 2003 + DESCRIPTION + "Creation Date" + ::= { netscreenVR 0 } + + +vrTable OBJECT-TYPE + SYNTAX SEQUENCE OF VrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "VR table. This table contains VR info." + ::= { netscreenVR 1 } + +vrEntry OBJECT-TYPE + SYNTAX VrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Entry containing information about the + BGP's Version, LocalAs and Identifier" + INDEX { vrId } + ::= { vrTable 1 } + +VrEntry ::= SEQUENCE { + vrName + OCTET STRING, + vrId + INTEGER, + vrVsysName + OCTET STRING, + vrRouteId + INTEGER, + vrMaxRoutes + INTEGER, + vrNumRoutes + INTEGER, + vrSharable + INTEGER, + vrOspfRipBgpEnabled + INTEGER, + vrTrapPrivate + INTEGER +} + +vrName OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Name of the VR." + ::= { vrEntry 1 } + +vrId OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Id for the VR. It will be used in all other + private MIBs so that cross reference can be made." + ::= { vrEntry 2 } + +vrVsysName OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Id of the vsys which owns this VR." + ::= { vrEntry 3 } + +vrRouteId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Router id, used by OSFP and BGP." + ::= { vrEntry 4 } + +vrMaxRoutes OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Maximum routes allowed for this VR." + ::= { vrEntry 5 } + +vrNumRoutes OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of routes currently the VR has." + ::= { vrEntry 6 } + +vrSharable OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The VR is sharable or not." + ::= { vrEntry 7 } + +vrOspfRipBgpEnabled OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Enable OSPF, RIP, BGP." + ::= { vrEntry 8 } + +vrTrapPrivate OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "0 private, 1 public. This only applies to + root system' default VR. If private trap is + enabled, a private trap is sent, otherwise, + the standard trap is sent. For other VRs, By + default, the public trap is supported." + ::= { vrEntry 9 } +END + diff --git a/MIBS/screenos/NETSCREEN-VR-OSPF-MIB b/MIBS/screenos/NETSCREEN-VR-OSPF-MIB new file mode 100644 index 0000000..3fbd9ba --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VR-OSPF-MIB @@ -0,0 +1,2410 @@ +-- These MIBs were created on 1/7/2003 +-- This module defines enterprise MIBs for NS OSPF +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + + +NETSCREEN-VR-OSPF-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32, + Integer32, IpAddress + FROM SNMPv2-SMI + TEXTUAL-CONVENTION, TruthValue, RowStatus + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF + mib-2 FROM RFC1213-MIB + netscreenVR FROM NETSCREEN-SMI; + +-- This MIB module uses the extended OBJECT-TYPE macro as +-- defined in [9]. + +nsVrOspf MODULE-IDENTITY + LAST-UPDATED "200506202022Z" -- June 20, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module to describe the NS-OSPF Version 2 + Protocol" + ::= { netscreenVR 5 } + +-- The Area ID, in OSPF, has the same format as an IP Address, +-- but has the function of defining a summarization point for +-- Link State Advertisements + +AreaID ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "An OSPF Area Identifier." + SYNTAX IpAddress + +-- The Router ID, in OSPF, has the same format as an IP Address, + +-- but identifies the router independent of its IP Address. + +RouterID ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "A OSPF Router Identifier." + SYNTAX IpAddress + +-- The OSPF Metric is defined as an unsigned value in the range + +Metric ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The OSPF Internal Metric." + SYNTAX Integer32 (0..'FFFF'H) + +BigMetric ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The OSPF External Metric." + SYNTAX Integer32 (0..'FFFFFF'H) + +-- Status Values + +Status ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The status of an interface: 'enabled' indicates that + it is willing to communicate with other OSPF Routers, + while 'disabled' indicates that it is not." + SYNTAX INTEGER { enabled (1), disabled (2) } + +-- Time Durations measured in seconds + +PositiveInteger ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "A positive integer. Values in excess are precluded as + unnecessary and prone to interoperability issues." + SYNTAX Integer32 (0..'7FFFFFFF'H) + +HelloRange ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The range of intervals on which hello messages are + exchanged." + SYNTAX Integer32 (1..'FFFF'H) + +UpToMaxAge ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The values that one might find or configure for + variables bounded by the maximum age of an LSA." + SYNTAX Integer32 (0..3600) + +-- The range of ifIndex + +InterfaceIndex ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The range of ifIndex." + SYNTAX Integer32 + +-- Potential Priorities for the Designated Router Election + +DesignatedRouterPriority ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The values defined for the priority of a system for + becoming the designated router." + SYNTAX Integer32 (0..'FF'H) + +TOSType ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "Type of Service is defined as a mapping to the IP Type of + Service Flags as defined in the IP Forwarding Table MIB + + +-----+-----+-----+-----+-----+-----+-----+-----+ + | | | | + | PRECEDENCE | TYPE OF SERVICE | 0 | + | | | | + +-----+-----+-----+-----+-----+-----+-----+-----+ + + IP TOS IP TOS + Field Policy Field Policy + + Contents Code Contents Code + 0 0 0 0 ==> 0 0 0 0 1 ==> 2 + 0 0 1 0 ==> 4 0 0 1 1 ==> 6 + 0 1 0 0 ==> 8 0 1 0 1 ==> 10 + 0 1 1 0 ==> 12 0 1 1 1 ==> 14 + 1 0 0 0 ==> 16 1 0 0 1 ==> 18 + 1 0 1 0 ==> 20 1 0 1 1 ==> 22 + + 1 1 0 0 ==> 24 1 1 0 1 ==> 26 + 1 1 1 0 ==> 28 1 1 1 1 ==> 30 + + The remaining values are left for future definition." + SYNTAX Integer32 (0..30) + +-- OSPF General Variables + +-- These parameters apply globally to the Router's +-- OSPF Process. + + nsVrOspfGeneralTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfGeneralEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Ospf general information table per VR" + ::= { nsVrOspf 1 } + + nsVrOspfGeneralEntry OBJECT-TYPE + SYNTAX NsVrOspfGeneralEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Ospf general information table per VR" + INDEX { nsVrOspfGeneralVRID } + ::= { nsVrOspfGeneralTable 1 } + + NsVrOspfGeneralEntry ::= + SEQUENCE { + nsVrOspfRouterId + RouterID, + nsVrOspfAdminStat + Status, + nsVrOspfVersionNumber + INTEGER, + nsVrOspfAreaBdrRtrStatus + TruthValue, + nsVrOspfASBdrRtrStatus + TruthValue, + nsVrOspfExternLsaCount + Gauge32, + nsVrOspfAreaLsaCount + Gauge32, + nsVrOspfExternLsaCksumSum + Integer32, + nsVrOspfTOSSupport + TruthValue, + nsVrOspfOriginateNewLsas + Counter32, + nsVrOspfRxNewLsas + Counter32, + nsVrOspfExtLsdbLimit + Integer32, + nsVrOspfMulticastExtensions + Integer32, + nsVrOspfExitOverflowInterval + PositiveInteger, + nsVrOspfDemandExtensions + TruthValue, + nsVrOspfGeneralVRID + INTEGER + } + + nsVrOspfRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the + router in the Autonomous System. + + By convention, to ensure uniqueness, this + should default to the value of one of the + router's IP interface addresses." + REFERENCE + "OSPF Version 2, C.1 Global parameters" + ::= { nsVrOspfGeneralEntry 1 } + + nsVrOspfAdminStat OBJECT-TYPE + SYNTAX Status + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The administrative status of OSPF in the + router. The value 'enabled' denotes that the + OSPF Process is active on at least one inter- + face; 'disabled' disables it on all inter- + faces." + ::= { nsVrOspfGeneralEntry 2 } + + nsVrOspfVersionNumber OBJECT-TYPE + SYNTAX INTEGER { version2 (2) } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + "The current version number of the OSPF proto- + col is 2." + REFERENCE + "OSPF Version 2, Title" + ::= { nsVrOspfGeneralEntry 3 } + + nsVrOspfAreaBdrRtrStatus OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A flag to note whether this router is an area + border router." + REFERENCE + "OSPF Version 2, Section 3 Splitting the AS into + Areas" + ::= { nsVrOspfGeneralEntry 4 } + + nsVrOspfASBdrRtrStatus OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A flag to note whether this router is config- + ured as an Autonomous System border router." + REFERENCE + "OSPF Version 2, Section 3.3 Classification of + routers" + ::= { nsVrOspfGeneralEntry 5 } + + nsVrOspfExternLsaCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of external (LS type 5) link-state + advertisements in the link-state database." + REFERENCE + "OSPF Version 2, Appendix A.4.5 AS external link + advertisements" + ::= { nsVrOspfGeneralEntry 6 } + + nsVrOspfExternLsaCksumSum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + + STATUS current + DESCRIPTION + "The 32-bit unsigned sum of the LS checksums of + the external link-state advertisements con- + tained in the link-state database. This sum + can be used to determine if there has been a + change in a router's link state database, and + to compare the link-state database of two + routers." + ::= { nsVrOspfGeneralEntry 7 } + + nsVrOspfTOSSupport OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The router's support for type-of-service rout- + ing." + REFERENCE + "OSPF Version 2, Appendix F.1.2 Optional TOS + support" + ::= { nsVrOspfGeneralEntry 8 } + + nsVrOspfOriginateNewLsas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of new link-state advertisements + that have been originated. This number is in- + cremented each time the router originates a new + LSA." + ::= { nsVrOspfGeneralEntry 9 } + + nsVrOspfRxNewLsas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of link-state advertisements re- + ceived determined to be new instantiations. + This number does not include newer instantia- + tions of self-originated link-state advertise- + ments." + ::= { nsVrOspfGeneralEntry 10 } + + nsVrOspfExtLsdbLimit OBJECT-TYPE + SYNTAX Integer32 (-1..'7FFFFFFF'H) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The maximum number of non-default AS- + external-LSAs entries that can be stored in the + link-state database. If the value is -1, then + there is no limit. + + When the number of non-default AS-external-LSAs + in a router's link-state database reaches + nsVrOspfExtLsdbLimit, the router enters Overflow- + State. The router never holds more than + nsVrOspfExtLsdbLimit non-default AS-external-LSAs + in its database. OspfExtLsdbLimit MUST be set + identically in all routers attached to the OSPF + backbone and/or any regular OSPF area. (i.e., + OSPF stub areas and NSSAs are excluded)." + DEFVAL { -1 } + ::= { nsVrOspfGeneralEntry 11 } + + nsVrOspfMulticastExtensions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A Bit Mask indicating whether the router is + forwarding IP multicast (Class D) datagrams + based on the algorithms defined in the Multi- + cast Extensions to OSPF. + + Bit 0, if set, indicates that the router can + forward IP multicast datagrams in the router's + directly attached areas (called intra-area mul- + ticast routing). + + Bit 1, if set, indicates that the router can + forward IP multicast datagrams between OSPF + areas (called inter-area multicast routing). + + Bit 2, if set, indicates that the router can + forward IP multicast datagrams between Auto- + nomous Systems (called inter-AS multicast rout- + ing). + + Only certain combinations of bit settings are + allowed, namely: 0 (no multicast forwarding is + + enabled), 1 (intra-area multicasting only), 3 + (intra-area and inter-area multicasting), 5 + (intra-area and inter-AS multicasting) and 7 + (multicasting everywhere). By default, no mul- + ticast forwarding is enabled." + DEFVAL { 0 } + ::= { nsVrOspfGeneralEntry 12 } + + nsVrOspfExitOverflowInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of seconds that, after entering + OverflowState, a router will attempt to leave + OverflowState. This allows the router to again + originate non-default AS-external-LSAs. When + set to 0, the router will not leave Overflow- + State until restarted." + DEFVAL { 0 } + ::= { nsVrOspfGeneralEntry 13 } + + nsVrOspfDemandExtensions OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The router's support for demand routing." + REFERENCE + "OSPF Version 2, Appendix on Demand Routing" + ::= { nsVrOspfGeneralEntry 14 } + + nsVrOspfGeneralVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfGeneralEntry 15 } + +-- The OSPF Area Data Structure contains information +-- regarding the various areas. The interfaces and +-- virtual links are configured as part of these areas. +-- Area 0.0.0.0, by definition, is the Backbone Area + + nsVrOspfAreaTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfAreaEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing the configured parame- + ters and cumulative statistics of the router's + attached areas." + + REFERENCE + "OSPF Version 2, Section 6 The Area Data Struc- + ture" + ::= { nsVrOspf 2 } + + nsVrOspfAreaEntry OBJECT-TYPE + SYNTAX NsVrOspfAreaEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information describing the configured parame- + ters and cumulative statistics of one of the + router's attached areas." + INDEX { nsVrOspfAreaVRID, nsVrOspfAreaId } + ::= { nsVrOspfAreaTable 1 } + + NsVrOspfAreaEntry ::= + SEQUENCE { + nsVrOspfAreaId + AreaID, + nsVrOspfImportAsExtern + INTEGER, + nsVrOspfSpfRuns + Counter32, + nsVrOspfAreaBdrRtrCount + Gauge32, + nsVrOspfAsBdrRtrCount + Gauge32, + nsVrOspfAreaLsaCount + Gauge32, + nsVrOspfAreaLsaCksumSum + Integer32, + nsVrOspfAreaSummary + INTEGER, + nsVrOspfAreaStatus + RowStatus, + nsVrOspfAreaVRID + INTEGER + } + + nsVrOspfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying an area. + Area ID 0.0.0.0 is used for the OSPF backbone." + + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfAreaEntry 1 } + + nsVrOspfImportAsExtern OBJECT-TYPE + SYNTAX INTEGER { + importExternal (1), + importNoExternal (2), + importNssa (3) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The area's support for importing AS external + link- state advertisements." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + DEFVAL { importExternal } + ::= { nsVrOspfAreaEntry 3 } + + nsVrOspfSpfRuns OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times that the intra-area route + table has been calculated using this area's + link-state database. This is typically done + using Dijkstra's algorithm." + + ::= { nsVrOspfAreaEntry 4 } + + nsVrOspfAreaBdrRtrCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of area border routers reach- + able within this area. This is initially zero, + and is calculated in each SPF Pass." + ::= { nsVrOspfAreaEntry 5 } + + nsVrOspfAsBdrRtrCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of Autonomous System border + routers reachable within this area. This is + initially zero, and is calculated in each SPF + Pass." + ::= { nsVrOspfAreaEntry 6 } + + nsVrOspfAreaLsaCount OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of link-state advertisements + in this area's link-state database, excluding + AS External LSA's." + ::= { nsVrOspfAreaEntry 7 } + + nsVrOspfAreaLsaCksumSum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 32-bit unsigned sum of the link-state ad- + vertisements' LS checksums contained in this + area's link-state database. This sum excludes + external (LS type 5) link-state advertisements. + The sum can be used to determine if there has + been a change in a router's link state data- + base, and to compare the link-state database of + + two routers." + DEFVAL { 0 } + ::= { nsVrOspfAreaEntry 8 } + + nsVrOspfAreaSummary OBJECT-TYPE + SYNTAX INTEGER { + noAreaSummary (1), + sendAreaSummary (2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The variable nsVrOspfAreaSummary controls the im- + port of summary LSAs into stub areas. It has + no effect on other areas. + + If it is noAreaSummary, the router will neither + originate nor propagate summary LSAs into the + stub area. It will rely entirely on its de- + fault route. + + If it is sendAreaSummary, the router will both + summarize and propagate summary LSAs." + DEFVAL { noAreaSummary } + ::= { nsVrOspfAreaEntry 9 } + + nsVrOspfAreaStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfAreaEntry 10 } + + nsVrOspfAreaVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfAreaEntry 11 } + +-- OSPF Area Default Metric Table + +-- The OSPF Area Default Metric Table describes the metrics +-- that a default Area Border Router will advertise into a +-- Stub area. + + nsVrOspfStubAreaTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfStubAreaEntry + + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The set of metrics that will be advertised by + a default Area Border Router into a stub area." + REFERENCE + "OSPF Version 2, Appendix C.2, Area Parameters" + ::= { nsVrOspf 3 } + + nsVrOspfStubAreaEntry OBJECT-TYPE + SYNTAX NsVrOspfStubAreaEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The metric for a given Type of Service that + will be advertised by a default Area Border + Router into a stub area." + REFERENCE + "OSPF Version 2, Appendix C.2, Area Parameters" + INDEX { nsVrOspfStubVRID, nsVrOspfStubAreaId, nsVrOspfStubTOS } + ::= { nsVrOspfStubAreaTable 1 } + + NsVrOspfStubAreaEntry ::= + SEQUENCE { + nsVrOspfStubAreaId + AreaID, + nsVrOspfStubTOS + TOSType, + nsVrOspfStubMetric + BigMetric, + nsVrOspfStubStatus + RowStatus, + nsVrOspfStubMetricType + INTEGER, + nsVrOspfStubVRID + INTEGER + } + + nsVrOspfStubAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 32 bit identifier for the Stub Area. On + creation, this can be derived from the in- + stance." + ::= { nsVrOspfStubAreaEntry 1 } + + nsVrOspfStubTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Type of Service associated with the + metric. On creation, this can be derived from + the instance." + ::= { nsVrOspfStubAreaEntry 2 } + + nsVrOspfStubMetric OBJECT-TYPE + SYNTAX BigMetric + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The metric value applied at the indicated type + of service. By default, this equals the least + metric at the type of service among the inter- + faces to other areas." + ::= { nsVrOspfStubAreaEntry 3 } + + nsVrOspfStubStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfStubAreaEntry 4 } + + nsVrOspfStubMetricType OBJECT-TYPE + SYNTAX INTEGER { + nsVrOspfMetric (1), -- OSPF Metric + comparableCost (2), -- external type 1 + nonComparable (3) -- external type 2 + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the type of metric ad- + vertised as a default route." + DEFVAL { nsVrOspfMetric } + ::= { nsVrOspfStubAreaEntry 5 } + + nsVrOspfStubVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfStubAreaEntry 6 } + +-- OSPF Link State Database + +-- The Link State Database contains the Link State +-- Advertisements from throughout the areas that the +-- device is attached to. + + nsVrOspfLsdbTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfLsdbEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The OSPF Process's Link State Database." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsVrOspf 4 } + + nsVrOspfLsdbEntry OBJECT-TYPE + SYNTAX NsVrOspfLsdbEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A single Link State Advertisement." + INDEX { nsVrOspfLsdbVRID, nsVrOspfLsdbAreaId, nsVrOspfLsdbType, + nsVrOspfLsdbLsid, nsVrOspfLsdbRouterId } + ::= { nsVrOspfLsdbTable 1 } + + NsVrOspfLsdbEntry ::= + SEQUENCE { + nsVrOspfLsdbAreaId + AreaID, + nsVrOspfLsdbType + INTEGER, + nsVrOspfLsdbLsid + IpAddress, + nsVrOspfLsdbRouterId + RouterID, + nsVrOspfLsdbSequence + Integer32, + nsVrOspfLsdbAge + Integer32, + nsVrOspfLsdbChecksum + Integer32, + nsVrOspfLsdbAdvertisement + OCTET STRING, + nsVrOspfLsdbVRID + INTEGER + } + + nsVrOspfLsdbAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 32 bit identifier of the Area from which + the LSA was received." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfLsdbEntry 1 } + +-- External Link State Advertisements are permitted +-- for backward compatibility, but should be displayed in +-- the nsVrOspfExtLsdbTable rather than here. + + nsVrOspfLsdbType OBJECT-TYPE + SYNTAX INTEGER { + routerLink (1), + networkLink (2), + summaryLink (3), + asSummaryLink (4), + asExternalLink (5), -- but see nsVrOspfExtLsdbTable + multicastLink (6), + nssaExternalLink (7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of the link state advertisement. + Each link state type has a separate advertise- + ment format." + REFERENCE + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsVrOspfLsdbEntry 2 } + + nsVrOspfLsdbLsid OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Link State ID is an LS Type Specific field + containing either a Router ID or an IP Address; + it identifies the piece of the routing domain + that is being described by the advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.4 Link State ID" + ::= { nsVrOspfLsdbEntry 3 } + + nsVrOspfLsdbRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 32 bit number that uniquely identifies the + originating router in the Autonomous System." + REFERENCE + "OSPF Version 2, Appendix C.1 Global parameters" + ::= { nsVrOspfLsdbEntry 4 } + +-- Note that the OSPF Sequence Number is a 32 bit signed +-- integer. It starts with the value '80000001'h, +-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h +-- Thus, a typical sequence number will be very negative. + + nsVrOspfLsdbSequence OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The sequence number field is a signed 32-bit + integer. It is used to detect old and dupli- + cate link state advertisements. The space of + sequence numbers is linearly ordered. The + larger the sequence number the more recent the + advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.6 LS sequence + number" + ::= { nsVrOspfLsdbEntry 5 } + + nsVrOspfLsdbAge OBJECT-TYPE + SYNTAX Integer32 -- Should be 0..MaxAge + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This field is the age of the link state adver- + tisement in seconds." + REFERENCE + "OSPF Version 2, Section 12.1.1 LS age" + ::= { nsVrOspfLsdbEntry 6 } + + nsVrOspfLsdbChecksum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + + DESCRIPTION + "This field is the checksum of the complete + contents of the advertisement, excepting the + age field. The age field is excepted so that + an advertisement's age can be incremented + without updating the checksum. The checksum + used is the same that is used for ISO connec- + tionless datagrams; it is commonly referred to + as the Fletcher checksum." + REFERENCE + "OSPF Version 2, Section 12.1.7 LS checksum" + ::= { nsVrOspfLsdbEntry 7 } + + nsVrOspfLsdbAdvertisement OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (1..65535)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The entire Link State Advertisement, including + its header." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsVrOspfLsdbEntry 8 } + + nsVrOspfLsdbVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfLsdbEntry 9 } + +-- OSPF Host Table + +-- The Host/Metric Table indicates what hosts are directly + +-- attached to the Router, and what metrics and types of +-- service should be advertised for them. + + nsVrOspfHostTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfHostEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The list of Hosts, and their metrics, that the + router will advertise as host routes." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route param- + eters" + ::= { nsVrOspf 6 } + + nsVrOspfHostEntry OBJECT-TYPE + SYNTAX NsVrOspfHostEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A metric to be advertised, for a given type of + service, when a given host is reachable." + INDEX { nsVrOspfHostVRID, nsVrOspfHostIpAddress, nsVrOspfHostTOS } + ::= { nsVrOspfHostTable 1 } + + NsVrOspfHostEntry ::= + SEQUENCE { + nsVrOspfHostIpAddress + IpAddress, + nsVrOspfHostTOS + TOSType, + nsVrOspfHostMetric + Metric, + nsVrOspfHostStatus + RowStatus, + nsVrOspfHostAreaID + AreaID, + nsVrOspfHostVRID + INTEGER + } + + nsVrOspfHostIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of the Host." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + + ters" + ::= { nsVrOspfHostEntry 1 } + + nsVrOspfHostTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Type of Service of the route being config- + ured." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + ters" + ::= { nsVrOspfHostEntry 2 } + + nsVrOspfHostMetric OBJECT-TYPE + SYNTAX Metric + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The Metric to be advertised." + REFERENCE + "OSPF Version 2, Appendix C.6 Host route parame- + ters" + ::= { nsVrOspfHostEntry 3 } + + nsVrOspfHostStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfHostEntry 4 } + + nsVrOspfHostAreaID OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Area the Host Entry is to be found within. + By default, the area that a subsuming OSPF in- + terface is in, or 0.0.0.0" + + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfHostEntry 5 } + + nsVrOspfHostVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfHostEntry 6 } + +-- OSPF Interface Table + +-- The OSPF Interface Table augments the ipAddrTable +-- with OSPF specific information. + + nsVrOspfIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The OSPF Interface Table describes the inter- + faces from the viewpoint of OSPF." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + ::= { nsVrOspf 7 } + + nsVrOspfIfEntry OBJECT-TYPE + SYNTAX NsVrOspfIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The OSPF Interface Entry describes one inter- + face from the viewpoint of OSPF." + INDEX { nsVrOspfIfVRID, nsVrOspfIfIpAddress, nsVrOspfAddressLessIf } + ::= { nsVrOspfIfTable 1 } + + NsVrOspfIfEntry ::= + SEQUENCE { + nsVrOspfIfIpAddress + IpAddress, + nsVrOspfAddressLessIf + Integer32, + nsVrOspfIfAreaId + AreaID, + nsVrOspfIfType + INTEGER, + nsVrOspfIfAdminStat + Status, + nsVrOspfIfRtrPriority + DesignatedRouterPriority, + nsVrOspfIfTransitDelay + + UpToMaxAge, + nsVrOspfIfRetransInterval + UpToMaxAge, + nsVrOspfIfHelloInterval + HelloRange, + nsVrOspfIfRtrDeadInterval + PositiveInteger, + nsVrOspfIfPollInterval + PositiveInteger, + nsVrOspfIfState + INTEGER, + nsVrOspfIfDesignatedRouter + IpAddress, + nsVrOspfIfBackupDesignatedRouter + IpAddress, + nsVrOspfIfEvents + Counter32, + nsVrOspfIfAuthType + INTEGER, + nsVrOspfIfAuthKey + OCTET STRING, + nsVrOspfIfStatus + RowStatus, + nsVrOspfIfMulticastForwarding + INTEGER, + nsVrOspfIfDemand + TruthValue, + nsVrOspfIfVRID + INTEGER + } + + nsVrOspfIfIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of this OSPF interface." + ::= { nsVrOspfIfEntry 1 } + + nsVrOspfAddressLessIf OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "For the purpose of easing the instancing of + addressed and addressless interfaces; This + variable takes the value 0 on interfaces with + IP Addresses, and the corresponding value of + ifIndex for interfaces having no IP Address." + ::= { nsVrOspfIfEntry 2 } + + nsVrOspfIfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the area + to which the interface connects. Area ID + 0.0.0.0 is used for the OSPF backbone." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsVrOspfIfEntry 3 } + + nsVrOspfIfType OBJECT-TYPE + SYNTAX INTEGER { + broadcast (1), + nbma (2), + pointToPoint (3), + pointToMultipoint (5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The OSPF interface type. + + By way of a default, this field may be intuited + from the corresponding value of ifType. Broad- + cast LANs, such as Ethernet and IEEE 802.5, + take the value 'broadcast', X.25 and similar + technologies take the value 'nbma', and links + that are definitively point to point take the + value 'pointToPoint'." + ::= { nsVrOspfIfEntry 4 } + + nsVrOspfIfAdminStat OBJECT-TYPE + SYNTAX Status + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The OSPF interface's administrative status. + The value formed on the interface, and the in- + terface will be advertised as an internal route + to some area. The value 'disabled' denotes + that the interface is external to OSPF." + DEFVAL { enabled } + ::= { nsVrOspfIfEntry 5 } + + nsVrOspfIfRtrPriority OBJECT-TYPE + SYNTAX DesignatedRouterPriority + + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The priority of this interface. Used in + multi-access networks, this field is used in + the designated router election algorithm. The + value 0 signifies that the router is not eligi- + ble to become the designated router on this + particular network. In the event of a tie in + this value, routers will use their Router ID as + a tie breaker." + DEFVAL { 1 } + ::= { nsVrOspfIfEntry 6 } + + nsVrOspfIfTransitDelay OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The estimated number of seconds it takes to + transmit a link state update packet over this + interface." + DEFVAL { 1 } + ::= { nsVrOspfIfEntry 7 } + + nsVrOspfIfRetransInterval OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The number of seconds between link-state ad- + vertisement retransmissions, for adjacencies + belonging to this interface. This value is + also used when retransmitting database descrip- + tion and link-state request packets." + DEFVAL { 5 } + ::= { nsVrOspfIfEntry 8 } + + nsVrOspfIfHelloInterval OBJECT-TYPE + SYNTAX HelloRange + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The length of time, in seconds, between the + Hello packets that the router sends on the in- + + terface. This value must be the same for all + routers attached to a common network." + DEFVAL { 10 } + ::= { nsVrOspfIfEntry 9 } + + nsVrOspfIfRtrDeadInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The number of seconds that a router's Hello + packets have not been seen before it's neigh- + bors declare the router down. This should be + some multiple of the Hello interval. This + value must be the same for all routers attached + to a common network." + DEFVAL { 40 } + ::= { nsVrOspfIfEntry 10 } + + nsVrOspfIfPollInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The larger time interval, in seconds, between + the Hello packets sent to an inactive non- + broadcast multi- access neighbor." + DEFVAL { 120 } + ::= { nsVrOspfIfEntry 11 } + + nsVrOspfIfState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + loopback (2), + waiting (3), + pointToPoint (4), + designatedRouter (5), + backupDesignatedRouter (6), + otherDesignatedRouter (7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The OSPF Interface State." + DEFVAL { down } + + ::= { nsVrOspfIfEntry 12 } + + nsVrOspfIfDesignatedRouter OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of the Designated Router." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsVrOspfIfEntry 13 } + + nsVrOspfIfBackupDesignatedRouter OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of the Backup Designated + Router." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsVrOspfIfEntry 14 } + + nsVrOspfIfEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times this OSPF interface has + changed its state, or an error has occurred." + ::= { nsVrOspfIfEntry 15 } + + nsVrOspfIfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..256)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The Authentication Key. If the Area's Author- + ization Type is simplePassword, and the key + length is shorter than 8 octets, the agent will + left adjust and zero fill to 8 octets. + + Note that unauthenticated interfaces need no + authentication key, and simple password authen- + tication cannot use a key of more than 8 oc- + tets. Larger keys are useful only with authen- + tication mechanisms not specified in this docu- + + ment. + + When read, nsVrOspfIfAuthKey always returns an Oc- + tet String of length zero." + REFERENCE + "OSPF Version 2, Section 9 The Interface Data + Structure" + DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 + ::= { nsVrOspfIfEntry 16 } + + nsVrOspfIfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfIfEntry 17 } + + nsVrOspfIfMulticastForwarding OBJECT-TYPE + SYNTAX INTEGER { + blocked (1), -- no multicast forwarding + multicast (2), -- using multicast address + unicast (3) -- to each OSPF neighbor + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The way multicasts should forwarded on this + interface; not forwarded, forwarded as data + link multicasts, or forwarded as data link uni- + casts. Data link multicasting is not meaning- + ful on point to point and NBMA interfaces, and + setting nsVrOspfMulticastForwarding to 0 effective- + ly disables all multicast forwarding." + DEFVAL { blocked } + ::= { nsVrOspfIfEntry 18 } + + nsVrOspfIfDemand OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Indicates whether Demand OSPF procedures (hel- + + lo supression to FULL neighbors and setting the + DoNotAge flag on proogated LSAs) should be per- + formed on this interface." + DEFVAL { false } + ::= { nsVrOspfIfEntry 19 } + + nsVrOspfIfAuthType OBJECT-TYPE + SYNTAX INTEGER (0..255) + -- none (0), + -- simplePassword (1) + -- md5 (2) + -- reserved for specification by IANA (> 2) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The authentication type specified for an in- + terface. Additional authentication types may + be assigned locally." + REFERENCE + "OSPF Version 2, Appendix E Authentication" + DEFVAL { 0 } -- no authentication, by default + ::= { nsVrOspfIfEntry 20 } + + nsVrOspfIfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfIfEntry 21 } + +-- OSPF Interface Metric Table + +-- The Metric Table describes the metrics to be advertised +-- for a specified interface at the various types of service. +-- As such, this table is an adjunct of the OSPF Interface +-- Table. + +-- Types of service, as defined by RFC 791, have the ability +-- to request low delay, high bandwidth, or reliable linkage. + +-- For the purposes of this specification, the measure of +-- bandwidth + +-- Metric = 10^8 / ifSpeed + +-- is the default value. For multiple link interfaces, note +-- that ifSpeed is the sum of the individual link speeds. +-- This yields a number having the following typical values: + +-- Network Type/bit rate Metric + +-- >= 100 MBPS 1 +-- Ethernet/802.3 10 + +-- E1 48 +-- T1 (ESF) 65 +-- 64 KBPS 1562 +-- 56 KBPS 1785 +-- 19.2 KBPS 5208 +-- 9.6 KBPS 10416 + +-- Routes that are not specified use the default (TOS 0) metric + + nsVrOspfIfMetricTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfIfMetricEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The TOS metrics for a non-virtual interface + identified by the interface index." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + ::= { nsVrOspf 8 } + + nsVrOspfIfMetricEntry OBJECT-TYPE + SYNTAX NsVrOspfIfMetricEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A particular TOS metric for a non-virtual in- + terface identified by the interface index." + REFERENCE + "OSPF Version 2, Appendix C.3 Router interface + parameters" + INDEX { nsVrOspfIfMetricVRID, + nsVrOspfIfMetricIpAddress, + nsVrOspfIfMetricAddressLessIf, + nsVrOspfIfMetricTOS, + nsVrOspfIfMetricVRID } + ::= { nsVrOspfIfMetricTable 1 } + + NsVrOspfIfMetricEntry ::= + SEQUENCE { + nsVrOspfIfMetricIpAddress + IpAddress, + nsVrOspfIfMetricAddressLessIf + Integer32, + nsVrOspfIfMetricTOS + TOSType, + nsVrOspfIfMetricValue + Metric, + nsVrOspfIfMetricStatus + RowStatus, + nsVrOspfIfMetricVRID + INTEGER + + } + + nsVrOspfIfMetricIpAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address of this OSPF interface. On row + creation, this can be derived from the in- + stance." + ::= { nsVrOspfIfMetricEntry 1 } + + nsVrOspfIfMetricAddressLessIf OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "For the purpose of easing the instancing of + addressed and addressless interfaces; This + variable takes the value 0 on interfaces with + IP Addresses, and the value of ifIndex for in- + terfaces having no IP Address. On row crea- + tion, this can be derived from the instance." + ::= { nsVrOspfIfMetricEntry 2 } + + nsVrOspfIfMetricTOS OBJECT-TYPE + SYNTAX TOSType + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of service metric being referenced. + On row creation, this can be derived from the + instance." + ::= { nsVrOspfIfMetricEntry 3 } + + nsVrOspfIfMetricValue OBJECT-TYPE + SYNTAX Metric + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The metric of using this type of service on + this interface. The default value of the TOS 0 + Metric is 10^8 / ifSpeed." + ::= { nsVrOspfIfMetricEntry 4 } + + nsVrOspfIfMetricStatus OBJECT-TYPE + + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfIfMetricEntry 5 } + + nsVrOspfIfMetricVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfIfMetricEntry 6 } + +-- OSPF Virtual Interface Table + +-- The Virtual Interface Table describes the virtual +-- links that the OSPF Process is configured to +-- carry on. + + nsVrOspfVirtIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfVirtIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information about this router's virtual inter- + faces." + REFERENCE + "OSPF Version 2, Appendix C.4 Virtual link + parameters" + ::= { nsVrOspf 9 } + + nsVrOspfVirtIfEntry OBJECT-TYPE + SYNTAX NsVrOspfVirtIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information about a single Virtual Interface." + INDEX { nsVrOspfVirtIfVRID, nsVrOspfVirtIfAreaId, nsVrOspfVirtIfNeighbor } + ::= { nsVrOspfVirtIfTable 1 } + + NsVrOspfVirtIfEntry ::= + SEQUENCE { + nsVrOspfVirtIfAreaId + AreaID, + nsVrOspfVirtIfNeighbor + RouterID, + nsVrOspfVirtIfTransitDelay + UpToMaxAge, + nsVrOspfVirtIfRetransInterval + + UpToMaxAge, + nsVrOspfVirtIfHelloInterval + HelloRange, + nsVrOspfVirtIfRtrDeadInterval + PositiveInteger, + nsVrOspfVirtIfState + INTEGER, + nsVrOspfVirtIfEvents + Counter32, + nsVrOspfVirtIfAuthType + INTEGER, + nsVrOspfVirtIfAuthKey + OCTET STRING, + nsVrOspfVirtIfStatus + RowStatus, + nsVrOspfVirtIfVRID + INTEGER + } + + nsVrOspfVirtIfAreaId OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Transit Area that the Virtual Link + traverses. By definition, this is not 0.0.0.0" + ::= { nsVrOspfVirtIfEntry 1 } + + nsVrOspfVirtIfNeighbor OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Router ID of the Virtual Neighbor." + ::= { nsVrOspfVirtIfEntry 2 } + + nsVrOspfVirtIfTransitDelay OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The estimated number of seconds it takes to + transmit a link- state update packet over this + interface." + DEFVAL { 1 } + ::= { nsVrOspfVirtIfEntry 3 } + + nsVrOspfVirtIfRetransInterval OBJECT-TYPE + SYNTAX UpToMaxAge + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The number of seconds between link-state ad- + vertisement retransmissions, for adjacencies + belonging to this interface. This value is + also used when retransmitting database descrip- + tion and link-state request packets. This + value should be well over the expected round- + trip time." + DEFVAL { 5 } + ::= { nsVrOspfVirtIfEntry 4 } + + nsVrOspfVirtIfHelloInterval OBJECT-TYPE + SYNTAX HelloRange + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The length of time, in seconds, between the + Hello packets that the router sends on the in- + terface. This value must be the same for the + virtual neighbor." + DEFVAL { 10 } + ::= { nsVrOspfVirtIfEntry 5 } + + nsVrOspfVirtIfRtrDeadInterval OBJECT-TYPE + SYNTAX PositiveInteger + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The number of seconds that a router's Hello + packets have not been seen before it's neigh- + bors declare the router down. This should be + some multiple of the Hello interval. This + value must be the same for the virtual neigh- + bor." + DEFVAL { 60 } + ::= { nsVrOspfVirtIfEntry 6 } + + nsVrOspfVirtIfState OBJECT-TYPE + SYNTAX INTEGER { + down (1), -- these use the same encoding + pointToPoint (4) -- as the nsVrOspfIfTable + + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "OSPF virtual interface states." + DEFVAL { down } + ::= { nsVrOspfVirtIfEntry 7 } + + nsVrOspfVirtIfEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of state changes or error events on + this Virtual Link" + ::= { nsVrOspfVirtIfEntry 8 } + + nsVrOspfVirtIfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..256)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "If Authentication Type is simplePassword, the + device will left adjust and zero fill to 8 oc- + tets. + + Note that unauthenticated interfaces need no + authentication key, and simple password authen- + tication cannot use a key of more than 8 oc- + tets. Larger keys are useful only with authen- + tication mechanisms not specified in this docu- + ment. + + When read, nsVrOspfVifAuthKey always returns a + string of length zero." + REFERENCE + "OSPF Version 2, Section 9 The Interface Data + Structure" + DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 + ::= { nsVrOspfVirtIfEntry 9 } + + nsVrOspfVirtIfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfVirtIfEntry 10 } + + nsVrOspfVirtIfAuthType OBJECT-TYPE + SYNTAX INTEGER (0..255) + -- none (0), + -- simplePassword (1) + -- md5 (2) + -- reserved for specification by IANA (> 2) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The authentication type specified for a virtu- + al interface. Additional authentication types + may be assigned locally." + REFERENCE + "OSPF Version 2, Appendix E Authentication" + DEFVAL { 0 } -- no authentication, by default + ::= { nsVrOspfVirtIfEntry 11 } + + nsVrOspfVirtIfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfVirtIfEntry 12 } + +-- OSPF Neighbor Table + +-- The OSPF Neighbor Table describes all neighbors in +-- the locality of the subject router. + + nsVrOspfNbrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfNbrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A table of non-virtual neighbor information." + REFERENCE + "OSPF Version 2, Section 10 The Neighbor Data + Structure" + ::= { nsVrOspf 10 } + + nsVrOspfNbrEntry OBJECT-TYPE + SYNTAX NsVrOspfNbrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + + "The information regarding a single neighbor." + REFERENCE + "OSPF Version 2, Section 10 The Neighbor Data + Structure" + INDEX { nsVrOspfNbrVRID, nsVrOspfNbrIpAddr, nsVrOspfNbrAddressLessIndex } + ::= { nsVrOspfNbrTable 1 } + + NsVrOspfNbrEntry ::= + SEQUENCE { + nsVrOspfNbrIpAddr + IpAddress, + nsVrOspfNbrAddressLessIndex + InterfaceIndex, + nsVrOspfNbrRtrId + RouterID, + nsVrOspfNbrOptions + Integer32, + nsVrOspfNbrPriority + DesignatedRouterPriority, + nsVrOspfNbrState + INTEGER, + nsVrOspfNbrEvents + Counter32, + nsVrOspfNbrLsRetransQLen + Gauge32, + nsVrOspfNbmaNbrStatus + RowStatus, + nsVrOspfNbmaNbrPermanence + INTEGER, + nsVrOspfNbrHelloSuppressed + TruthValue, + nsVrOspfNbrVRID + INTEGER + } + + nsVrOspfNbrIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address this neighbor is using in its + IP Source Address. Note that, on addressless + links, this will not be 0.0.0.0, but the ad- + dress of another of the neighbor's interfaces." + ::= { nsVrOspfNbrEntry 1 } + + nsVrOspfNbrAddressLessIndex OBJECT-TYPE + SYNTAX InterfaceIndex + MAX-ACCESS read-only + + STATUS current + DESCRIPTION + "On an interface having an IP Address, zero. + On addressless interfaces, the corresponding + value of ifIndex in the Internet Standard MIB. + On row creation, this can be derived from the + instance." + ::= { nsVrOspfNbrEntry 2 } + + nsVrOspfNbrRtrId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer (represented as a type IpAd- + dress) uniquely identifying the neighboring + router in the Autonomous System." + DEFVAL { '00000000'H } -- 0.0.0.0 + ::= { nsVrOspfNbrEntry 3 } + + nsVrOspfNbrOptions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A Bit Mask corresponding to the neighbor's op- + tions field. + + Bit 0, if set, indicates that the system will + operate on Type of Service metrics other than + TOS 0. If zero, the neighbor will ignore all + metrics except the TOS 0 metric. + + Bit 1, if set, indicates that the associated + area accepts and operates on external informa- + tion; if zero, it is a stub area. + + Bit 2, if set, indicates that the system is ca- + pable of routing IP Multicast datagrams; i.e., + that it implements the Multicast Extensions to + OSPF. + + Bit 3, if set, indicates that the associated + area is an NSSA. These areas are capable of + carrying type 7 external advertisements, which + are translated into type 5 external advertise- + + ments at NSSA borders." + REFERENCE + "OSPF Version 2, Section 12.1.2 Options" + DEFVAL { 0 } + ::= { nsVrOspfNbrEntry 4 } + + nsVrOspfNbrPriority OBJECT-TYPE + SYNTAX DesignatedRouterPriority + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The priority of this neighbor in the designat- + ed router election algorithm. The value 0 sig- + nifies that the neighbor is not eligible to be- + come the designated router on this particular + network." + DEFVAL { 1 } + ::= { nsVrOspfNbrEntry 5 } + + nsVrOspfNbrState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + attempt (2), + init (3), + twoWay (4), + exchangeStart (5), + exchange (6), + loading (7), + full (8) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The State of the relationship with this Neigh- + bor." + REFERENCE + "OSPF Version 2, Section 10.1 Neighbor States" + DEFVAL { down } + ::= { nsVrOspfNbrEntry 6 } + + nsVrOspfNbrEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + "The number of times this neighbor relationship + has changed state, or an error has occurred." + ::= { nsVrOspfNbrEntry 7 } + + nsVrOspfNbrLsRetransQLen OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The current length of the retransmission + queue." + ::= { nsVrOspfNbrEntry 8 } + + nsVrOspfNbmaNbrStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfNbrEntry 9 } + + nsVrOspfNbmaNbrPermanence OBJECT-TYPE + SYNTAX INTEGER { + dynamic (1), -- learned through protocol + permanent (2) -- configured address + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. 'dynamic' and 'permanent' refer to how + the neighbor became known." + DEFVAL { permanent } + ::= { nsVrOspfNbrEntry 10 } + + nsVrOspfNbrHelloSuppressed OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Indicates whether Hellos are being suppressed + + to the neighbor" + ::= { nsVrOspfNbrEntry 11 } + + nsVrOspfNbrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfNbrEntry 12 } + +-- OSPF Virtual Neighbor Table + +-- This table describes all virtual neighbors. +-- Since Virtual Links are configured in the +-- virtual interface table, this table is read-only. + + nsVrOspfVirtNbrTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfVirtNbrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A table of virtual neighbor information." + REFERENCE + "OSPF Version 2, Section 15 Virtual Links" + ::= { nsVrOspf 11 } + + nsVrOspfVirtNbrEntry OBJECT-TYPE + SYNTAX NsVrOspfVirtNbrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Virtual neighbor information." + INDEX { nsVrOspfVirtNbrVRID, nsVrOspfVirtNbrArea, nsVrOspfVirtNbrRtrId } + ::= { nsVrOspfVirtNbrTable 1 } + + NsVrOspfVirtNbrEntry ::= + SEQUENCE { + nsVrOspfVirtNbrArea + AreaID, + nsVrOspfVirtNbrRtrId + RouterID, + nsVrOspfVirtNbrIpAddr + IpAddress, + nsVrOspfVirtNbrOptions + Integer32, + nsVrOspfVirtNbrState + INTEGER, + nsVrOspfVirtNbrEvents + Counter32, + nsVrOspfVirtNbrLsRetransQLen + Gauge32, + nsVrOspfVirtNbrHelloSuppressed + TruthValue, + nsVrOspfVirtNbrVRID + INTEGER + + } + + nsVrOspfVirtNbrArea OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Transit Area Identifier." + ::= { nsVrOspfVirtNbrEntry 1 } + + nsVrOspfVirtNbrRtrId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A 32-bit integer uniquely identifying the + neighboring router in the Autonomous System." + ::= { nsVrOspfVirtNbrEntry 2 } + + nsVrOspfVirtNbrIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP address this Virtual Neighbor is us- + ing." + ::= { nsVrOspfVirtNbrEntry 3 } + + nsVrOspfVirtNbrOptions OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A Bit Mask corresponding to the neighbor's op- + tions field. + + Bit 1, if set, indicates that the system will + operate on Type of Service metrics other than + TOS 0. If zero, the neighbor will ignore all + metrics except the TOS 0 metric. + + Bit 2, if set, indicates that the system is + Network Multicast capable; ie, that it imple- + ments OSPF Multicast Routing." + ::= { nsVrOspfVirtNbrEntry 4 } + + nsVrOspfVirtNbrState OBJECT-TYPE + SYNTAX INTEGER { + down (1), + attempt (2), + init (3), + twoWay (4), + exchangeStart (5), + exchange (6), + loading (7), + full (8) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The state of the Virtual Neighbor Relation- + ship." + ::= { nsVrOspfVirtNbrEntry 5 } + + nsVrOspfVirtNbrEvents OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of times this virtual link has + changed its state, or an error has occurred." + ::= { nsVrOspfVirtNbrEntry 6 } + + nsVrOspfVirtNbrLsRetransQLen OBJECT-TYPE + SYNTAX Gauge32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The current length of the retransmission + queue." + ::= { nsVrOspfVirtNbrEntry 7 } + + nsVrOspfVirtNbrHelloSuppressed OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Indicates whether Hellos are being suppressed + to the neighbor" + ::= { nsVrOspfVirtNbrEntry 8 } + + nsVrOspfVirtNbrVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfVirtNbrEntry 9 } + +-- OSPF Link State Database, External + +-- The Link State Database contains the Link State +-- Advertisements from throughout the areas that the +-- device is attached to. + +-- This table is identical to the OSPF LSDB Table in +-- format, but contains only External Link State +-- Advertisements. The purpose is to allow external +-- LSAs to be displayed once for the router rather +-- than once in each non-stub area. + + nsVrOspfExtLsdbTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfExtLsdbEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The OSPF Process's Links State Database." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsVrOspf 12 } + + nsVrOspfExtLsdbEntry OBJECT-TYPE + SYNTAX NsVrOspfExtLsdbEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A single Link State Advertisement." + INDEX { nsVrOspfExtLsdbVRID, nsVrOspfExtLsdbType, nsVrOspfExtLsdbLsid, nsVrOspfExtLsdbRouterId } + ::= { nsVrOspfExtLsdbTable 1 } + + NsVrOspfExtLsdbEntry ::= + SEQUENCE { + nsVrOspfExtLsdbType + INTEGER, + nsVrOspfExtLsdbLsid + IpAddress, + nsVrOspfExtLsdbRouterId + RouterID, + nsVrOspfExtLsdbSequence + Integer32, + nsVrOspfExtLsdbAge + Integer32, + nsVrOspfExtLsdbChecksum + Integer32, + nsVrOspfExtLsdbAdvertisement + OCTET STRING, + nsVrOspfExtLsdbVRID + INTEGER + } + + nsVrOspfExtLsdbType OBJECT-TYPE + SYNTAX INTEGER { + asExternalLink (5) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of the link state advertisement. + Each link state type has a separate advertise- + ment format." + REFERENCE + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsVrOspfExtLsdbEntry 1 } + + nsVrOspfExtLsdbLsid OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Link State ID is an LS Type Specific field + containing either a Router ID or an IP Address; + it identifies the piece of the routing domain + that is being described by the advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.4 Link State ID" + ::= { nsVrOspfExtLsdbEntry 2 } + + nsVrOspfExtLsdbRouterId OBJECT-TYPE + SYNTAX RouterID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 32 bit number that uniquely identifies the + originating router in the Autonomous System." + REFERENCE + "OSPF Version 2, Appendix C.1 Global parameters" + ::= { nsVrOspfExtLsdbEntry 3 } + +-- Note that the OSPF Sequence Number is a 32 bit signed +-- integer. It starts with the value '80000001'h, +-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h +-- Thus, a typical sequence number will be very negative. + + nsVrOspfExtLsdbSequence OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The sequence number field is a signed 32-bit + integer. It is used to detect old and dupli- + cate link state advertisements. The space of + sequence numbers is linearly ordered. The + larger the sequence number the more recent the + advertisement." + REFERENCE + "OSPF Version 2, Section 12.1.6 LS sequence + number" + ::= { nsVrOspfExtLsdbEntry 4 } + + nsVrOspfExtLsdbAge OBJECT-TYPE + SYNTAX Integer32 -- Should be 0..MaxAge + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This field is the age of the link state adver- + tisement in seconds." + REFERENCE + "OSPF Version 2, Section 12.1.1 LS age" + ::= { nsVrOspfExtLsdbEntry 5 } + + nsVrOspfExtLsdbChecksum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This field is the checksum of the complete + contents of the advertisement, excepting the + age field. The age field is excepted so that + an advertisement's age can be incremented + without updating the checksum. The checksum + used is the same that is used for ISO connec- + tionless datagrams; it is commonly referred to + as the Fletcher checksum." + REFERENCE + "OSPF Version 2, Section 12.1.7 LS checksum" + ::= { nsVrOspfExtLsdbEntry 6 } + + nsVrOspfExtLsdbAdvertisement OBJECT-TYPE + + SYNTAX OCTET STRING (SIZE(36)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The entire Link State Advertisement, including + its header." + REFERENCE + "OSPF Version 2, Section 12 Link State Adver- + tisements" + ::= { nsVrOspfExtLsdbEntry 7 } + + nsVrOspfExtLsdbVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfExtLsdbEntry 8 } + + +-- +-- The OSPF Area Aggregate Table +-- +-- This table replaces the OSPF Area Summary Table, being an +-- extension of that for CIDR routers. + + nsVrOspfAreaAggregateTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrOspfAreaAggregateEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A range of IP addresses specified by an IP + address/IP network mask pair. For example, + class B address range of X.X.X.X with a network + mask of 255.255.0.0 includes all IP addresses + from X.X.0.0 to X.X.255.255. Note that if + ranges are configured such that one range sub- + sumes another range (e.g., 10.0.0.0 mask + 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the + most specific match is the preferred one." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspf 14 } + + nsVrOspfAreaAggregateEntry OBJECT-TYPE + SYNTAX NsVrOspfAreaAggregateEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A range of IP addresses specified by an IP + address/IP network mask pair. For example, + class B address range of X.X.X.X with a network + mask of 255.255.0.0 includes all IP addresses + from X.X.0.0 to X.X.255.255. Note that if + ranges are range configured such that one range + subsumes another range (e.g., 10.0.0.0 mask + 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the + + most specific match is the preferred one." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + INDEX { nsVrOspfAreaAggregateVRID, nsVrOspfAreaAggregateAreaID, nsVrOspfAreaAggregateLsdbType, + nsVrOspfAreaAggregateNet, nsVrOspfAreaAggregateMask } + ::= { nsVrOspfAreaAggregateTable 1 } + + NsVrOspfAreaAggregateEntry ::= + SEQUENCE { + nsVrOspfAreaAggregateAreaID + AreaID, + nsVrOspfAreaAggregateLsdbType + INTEGER, + nsVrOspfAreaAggregateNet + IpAddress, + nsVrOspfAreaAggregateMask + IpAddress, + nsVrOspfAreaAggregateStatus + RowStatus, + nsVrOspfAreaAggregateEffect + INTEGER, + nsVrOspfAreaAggregateVRID + INTEGER + } + + nsVrOspfAreaAggregateAreaID OBJECT-TYPE + SYNTAX AreaID + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Area the Address Aggregate is to be found + within." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfAreaAggregateEntry 1 } + + nsVrOspfAreaAggregateLsdbType OBJECT-TYPE + SYNTAX INTEGER { + summaryLink (3), + nssaExternalLink (7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of the Address Aggregate. This field + specifies the Lsdb type that this Address Ag- + gregate applies to." + REFERENCE + + "OSPF Version 2, Appendix A.4.1 The Link State + Advertisement header" + ::= { nsVrOspfAreaAggregateEntry 2 } + + nsVrOspfAreaAggregateNet OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of the Net or Subnet indicated + by the range." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfAreaAggregateEntry 3 } + + nsVrOspfAreaAggregateMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Subnet Mask that pertains to the Net or + Subnet." + REFERENCE + "OSPF Version 2, Appendix C.2 Area parameters" + ::= { nsVrOspfAreaAggregateEntry 4 } + + nsVrOspfAreaAggregateStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable displays the status of the en- + try. Setting it to 'invalid' has the effect of + rendering it inoperative. The internal effect + (row removal) is implementation dependent." + ::= { nsVrOspfAreaAggregateEntry 5 } + + nsVrOspfAreaAggregateEffect OBJECT-TYPE + SYNTAX INTEGER { + advertiseMatching (1), + doNotAdvertiseMatching (2) + } + MAX-ACCESS read-create + STATUS current + + DESCRIPTION + "Subnets subsumed by ranges either trigger the + advertisement of the indicated aggregate (ad- + vertiseMatching), or result in the subnet's not + being advertised at all outside the area." + DEFVAL { advertiseMatching } + ::= { nsVrOspfAreaAggregateEntry 6 } + + nsVrOspfAreaAggregateVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrOspfAreaAggregateEntry 7 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB b/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB new file mode 100644 index 0000000..2e1806f --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB @@ -0,0 +1,567 @@ +-- These MIBs were created on 1/2/2003 +-- This module defines enterprise MIBs for NS RIP +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. +-- +-- MODULE-IDENTITY +-- OrgName +-- Juniper Networks, Inc. +-- ContactInfo +-- Customer Support +-- +-- 1194 North Mathilda Avenue +-- Sunnyvale, California 94089-1206 +-- USA +-- +-- Tel: 1-800-638-8296 +-- E-mail: customerservice@juniper.net +-- HTTP://www.juniper.net" +-- +-- Descr +-- This module defines the object that are used to monitor +-- NS's RIP configuration +-- +-- Last modified date: 06/20/2005 +-- Created from NS-RIP.MIB with modified VR table index +-- + +NETSCREEN-VR-RIPv2-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, Counter32, + TimeTicks, IpAddress FROM SNMPv2-SMI + TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF + netscreenVR FROM NETSCREEN-SMI; + + -- This MIB module uses the extended OBJECT-TYPE macro as + -- defined in [9]. + + nsVrRip2 MODULE-IDENTITY + LAST-UPDATED "200506202022Z" -- June 20, 2005 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "The MIB module to describe the RIP2 Version 2 Protocol" + ::= { netscreenVR 7 } + + -- RIP-2 Management Information Base + + -- the RouteTag type represents the contents of the + -- Route Domain field in the packet header or route entry. + -- The use of the Route Domain is deprecated. + + RouteTag ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "the RouteTag type represents the contents of the Route Domain + field in the packet header or route entry" + SYNTAX OCTET STRING (SIZE (2)) + +--4.1 Global Counters + +-- The RIP-2 Globals Group. +-- Implementation of this group is mandatory for systems +-- which implement RIP-2. + +-- These counters are intended to facilitate debugging quickly +-- changing routes or failing neighbors + +-- nsVrRip2Globals OBJECT IDENTIFIER ::= { nsVrRip2 1 } + +-- nsVrRip2GlobalRouteChanges OBJECT-TYPE +-- SYNTAX Counter32 +-- MAX-ACCESS read-only +-- STATUS current +-- DESCRIPTION +-- "The number of route changes made to the IP Route +-- Database by RIP. This does not include the refresh +-- of a route's age." +-- ::= { nsVrRip2Globals 1 } + +-- nsVrRip2GlobalQueries OBJECT-TYPE +-- SYNTAX Counter32 +-- MAX-ACCESS read-only +-- STATUS current +-- DESCRIPTION +-- "The number of responses sent to RIP queries +-- from other systems." +-- ::= { nsVrRip2Globals 2 } + + nsVrRip2GlobalsTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrRip2GlobalsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of RIP2 Globals per VR." + ::= { nsVrRip2 1 } + + nsVrRip2GlobalsEntry OBJECT-TYPE + + SYNTAX NsVrRip2GlobalsEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "One VR's Globals." + INDEX { nsVrRip2GlobalVRID } + ::= { nsVrRip2GlobalsTable 1 } + + NsVrRip2GlobalsEntry ::= + SEQUENCE { + nsVrRip2GlobalRouteChanges + Counter32, + nsVrRip2GlobalQueries + Counter32, + nsVrRip2GlobalVRID + INTEGER + } + + nsVrRip2GlobalRouteChanges OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of route changes made to the IP Route + Database by RIP. This does not include the refresh + of a route's age." + ::= { nsVrRip2GlobalsEntry 1 } + + nsVrRip2GlobalQueries OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of responses sent to RIP queries + from other systems." + ::= { nsVrRip2GlobalsEntry 2 } + + nsVrRip2GlobalVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrRip2GlobalsEntry 3 } + + +--4.2 RIP Interface Tables + +-- RIP Interfaces Groups +-- Implementation of these Groups is mandatory for systems +-- which implement RIP-2. + +-- The RIP Interface Status Table. + + nsVrRip2IfStatTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrRip2IfStatEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of subnets which require separate + status monitoring in RIP." + ::= { nsVrRip2 2 } + + nsVrRip2IfStatEntry OBJECT-TYPE + + SYNTAX NsVrRip2IfStatEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A Single Routing Domain in a single Subnet." + INDEX { nsVrRip2IfStatVRID, nsVrRip2IfStatAddress } + ::= { nsVrRip2IfStatTable 1 } + + NsVrRip2IfStatEntry ::= + SEQUENCE { + nsVrRip2IfStatAddress + IpAddress, + nsVrRip2IfStatRcvBadPackets + Counter32, + nsVrRip2IfStatRcvBadRoutes + Counter32, + nsVrRip2IfStatSentUpdates + Counter32, + nsVrRip2IfStatStatus + RowStatus, + nsVrRip2IfStatVRID + INTEGER + } + + nsVrRip2IfStatAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of this system on the indicated + subnet. For unnumbered interfaces, the value 0.0.0.N, + where the least significant 24 bits (N) is the ifIndex + for the IP Interface in network byte order." + ::= { nsVrRip2IfStatEntry 1 } + + nsVrRip2IfStatRcvBadPackets OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of RIP response packets received by + the RIP process which were subsequently discarded + for any reason (e.g. a version 0 packet, or an + unknown command type)." + ::= { nsVrRip2IfStatEntry 2 } + + nsVrRip2IfStatRcvBadRoutes OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + + DESCRIPTION + "The number of routes, in valid RIP packets, + which were ignored for any reason (e.g. unknown + address family, or invalid metric)." + ::= { nsVrRip2IfStatEntry 3 } + + nsVrRip2IfStatSentUpdates OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of triggered RIP updates actually + sent on this interface. This explicitly does + NOT include full updates sent containing new + information." + ::= { nsVrRip2IfStatEntry 4 } + + nsVrRip2IfStatStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Writing invalid has the effect of deleting + this interface." + ::= { nsVrRip2IfStatEntry 5 } + + nsVrRip2IfStatVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrRip2IfStatEntry 6 } + +-- The RIP Interface Configuration Table. + + nsVrRip2IfConfTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrRip2IfConfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of subnets which require separate + configuration in RIP." + ::= { nsVrRip2 3 } + + nsVrRip2IfConfEntry OBJECT-TYPE + SYNTAX NsVrRip2IfConfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A Single Routing Domain in a single Subnet." + INDEX { nsVrRip2IfConfVRID, nsVrRip2IfConfAddress } + ::= { nsVrRip2IfConfTable 1 } + + NsVrRip2IfConfEntry ::= + SEQUENCE { + + nsVrRip2IfConfAddress + IpAddress, + nsVrRip2IfConfDomain + RouteTag, + nsVrRip2IfConfAuthType + INTEGER, + nsVrRip2IfConfAuthKey + OCTET STRING, + nsVrRip2IfConfSend + INTEGER, + nsVrRip2IfConfReceive + INTEGER, + nsVrRip2IfConfDefaultMetric + INTEGER, + nsVrRip2IfConfStatus + RowStatus, + nsVrRip2IfConfSrcAddress + IpAddress, + nsVrRip2IfConfVRID + INTEGER + } + + nsVrRip2IfConfAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address of this system on the indicated + subnet. For unnumbered interfaces, the value 0.0.0.N, + where the least significant 24 bits (N) is the ifIndex + for the IP Interface in network byte order." + ::= { nsVrRip2IfConfEntry 1 } + + nsVrRip2IfConfDomain OBJECT-TYPE + SYNTAX RouteTag + MAX-ACCESS read-create + STATUS obsolete + DESCRIPTION + "Value inserted into the Routing Domain field + of all RIP packets sent on this interface." + DEFVAL { '0000'H } + ::= { nsVrRip2IfConfEntry 2 } + + nsVrRip2IfConfAuthType OBJECT-TYPE + SYNTAX INTEGER { + noAuthentication (1), + simplePassword (2), + md5 (3) + } + MAX-ACCESS read-create + + STATUS current + DESCRIPTION + "The type of Authentication used on this + interface." + DEFVAL { noAuthentication } + ::= { nsVrRip2IfConfEntry 3 } + + nsVrRip2IfConfAuthKey OBJECT-TYPE + SYNTAX OCTET STRING (SIZE(0..16)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value to be used as the Authentication Key + whenever the corresponding instance of + nsVrRip2IfConfAuthType has a value other than + noAuthentication. A modification of the corresponding + instance of nsVrRip2IfConfAuthType does not modify + the nsVrRip2IfConfAuthKey value. If a string shorter + than 16 octets is supplied, it will be left- + justified and padded to 16 octets, on the right, + with nulls (0x00). + + Reading this object always results in an OCTET + STRING of length zero; authentication may not + be bypassed by reading the MIB object." + DEFVAL { ''H } + ::= { nsVrRip2IfConfEntry 4 } + + nsVrRip2IfConfSend OBJECT-TYPE + SYNTAX INTEGER { + doNotSend (1), + ripVersion1 (2), + rip1Compatible (3), + ripVersion2 (4), + ripV1Demand (5), + ripV2Demand (6) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "What the router sends on this interface. + ripVersion1 implies sending RIP updates compliant + with RFC 1058. rip1Compatible implies + broadcasting RIP-2 updates using RFC 1058 route + subsumption rules. ripVersion2 implies + multicasting RIP-2 updates. ripV1Demand indicates + the use of Demand RIP on a WAN interface under RIP + Version 1 rules. ripV2Demand indicates the use of + + Demand RIP on a WAN interface under Version 2 rules." + DEFVAL { rip1Compatible } + ::= { nsVrRip2IfConfEntry 5 } + + nsVrRip2IfConfReceive OBJECT-TYPE + SYNTAX INTEGER { + rip1 (1), + rip2 (2), + rip1OrRip2 (3), + doNotRecieve (4) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This indicates which version of RIP updates + are to be accepted. Note that rip2 and + rip1OrRip2 implies reception of multicast + packets." + DEFVAL { rip1OrRip2 } + ::= { nsVrRip2IfConfEntry 6 } + + nsVrRip2IfConfDefaultMetric OBJECT-TYPE + SYNTAX INTEGER ( 0..15 ) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This variable indicates the metric that is to + be used for the default route entry in RIP updates + originated on this interface. A value of zero + indicates that no default route should be + originated; in this case, a default route via + another router may be propagated." + ::= { nsVrRip2IfConfEntry 7 } + + nsVrRip2IfConfStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Writing invalid has the effect of deleting + this interface." + ::= { nsVrRip2IfConfEntry 8 } + + nsVrRip2IfConfSrcAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + + "The IP Address this system will use as a source + address on this interface. If it is a numbered + interface, this MUST be the same value as + nsVrRip2IfConfAddress. On unnumbered interfaces, + it must be the value of nsVrRip2IfConfAddress for + some interface on the system." + ::= { nsVrRip2IfConfEntry 9 } + + nsVrRip2IfConfVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrRip2IfConfEntry 10 } + +--4.3 Peer Table + +-- Peer Table + +-- The RIP Peer Group +-- Implementation of this Group is Optional + +-- This group provides information about active peer +-- relationships intended to assist in debugging. An +-- active peer is a router from which a valid RIP +-- updated has been heard in the last 180 seconds. + + nsVrRip2PeerTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVrRip2PeerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A list of RIP Peers." + ::= { nsVrRip2 4 } + + nsVrRip2PeerEntry OBJECT-TYPE + SYNTAX NsVrRip2PeerEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information regarding a single routing peer." + INDEX { nsVrRip2PeerVRID, nsVrRip2PeerAddress, nsVrRip2PeerDomain } + ::= { nsVrRip2PeerTable 1 } + + NsVrRip2PeerEntry ::= + SEQUENCE { + nsVrRip2PeerAddress + IpAddress, + nsVrRip2PeerDomain + RouteTag, + nsVrRip2PeerLastUpdate + TimeTicks, + nsVrRip2PeerVersion + INTEGER, + nsVrRip2PeerRcvBadPackets + + Counter32, + nsVrRip2PeerRcvBadRoutes + Counter32, + nsVrRip2PeerVRID + INTEGER + } + + nsVrRip2PeerAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The IP Address that the peer is using as its source + address. Note that on an unnumbered link, this may + not be a member of any subnet on the system." + ::= { nsVrRip2PeerEntry 1 } + + nsVrRip2PeerDomain OBJECT-TYPE + SYNTAX RouteTag + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value in the Routing Domain field in RIP + packets received from the peer. As domain suuport + is deprecated, this must be zero." + ::= { nsVrRip2PeerEntry 2 } + + nsVrRip2PeerLastUpdate OBJECT-TYPE + SYNTAX TimeTicks + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime when the most recent + RIP update was received from this system." + ::= { nsVrRip2PeerEntry 3 } + + nsVrRip2PeerVersion OBJECT-TYPE + SYNTAX INTEGER ( 0..255 ) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The RIP version number in the header of the + last RIP packet received." + ::= { nsVrRip2PeerEntry 4 } + + nsVrRip2PeerRcvBadPackets OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + + "The number of RIP response packets from this + peer discarded as invalid." + ::= { nsVrRip2PeerEntry 5 } + + nsVrRip2PeerRcvBadRoutes OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of routes from this peer that were + ignored because the entry format was invalid." + ::= { nsVrRip2PeerEntry 6 } + + nsVrRip2PeerVRID OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Virtual Router ID. VRID range for system created + VRs: [1-1024] and for user created VRs: [1025-2048]" + ::= { nsVrRip2PeerEntry 7 } + +END diff --git a/MIBS/screenos/NETSCREEN-VSYS-MIB b/MIBS/screenos/NETSCREEN-VSYS-MIB new file mode 100644 index 0000000..e7f5c34 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-VSYS-MIB @@ -0,0 +1,98 @@ +-- This module defines enterprise MIBs for Virtual Systems +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-VSYS-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenVsys + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenVsysMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are use to monitor all the + virtual systems" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200005080000Z" -- May 08, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenVsys 0 } + +NsVsysCfgEntry ::= SEQUENCE +{ + nsVsysCfgId Integer32, + nsVsysCfgName DisplayString +} + +nsVsysCfg OBJECT IDENTIFIER ::= { netscreenVsys 1 } + +nsVsysCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsVsysCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen-500, NetScreen-1000 and above series support virtual + system. This table collects the vsys configuration in NetScreen + device." + ::= { nsVsysCfg 1 } + +nsVsysCfgEntry OBJECT-TYPE + SYNTAX NsVsysCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the table holds a set of configuration + parameters associated with an instance of virtual system." + INDEX + { nsVsysCfgId } + ::= { nsVsysCfgTable 1 } + +nsVsysCfgId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique ID for each virtual system." + ::= { nsVsysCfgEntry 1 } + +nsVsysCfgName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "virtual system name." + ::= { nsVsysCfgEntry 2 } + +END + + diff --git a/MIBS/screenos/NETSCREEN-ZONE-MIB b/MIBS/screenos/NETSCREEN-ZONE-MIB new file mode 100644 index 0000000..2fe41e5 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-ZONE-MIB @@ -0,0 +1,122 @@ +-- This module defines enterprise MIBs for security zones +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-ZONE-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenZone + FROM NETSCREEN-SMI + Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenZoneMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines the object that are used to monitor all + the security zones" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200311130000Z" -- November 13, 2003 + DESCRIPTION + "Correct spelling mistake" + REVISION "200109280000Z" -- September 28, 2001 + DESCRIPTION + "no comment" + REVISION "200005080000Z" -- May 08, 2000 + DESCRIPTION + "Creation Date" + ::= { netscreenZone 0 } + +NsZoneCfgEntry ::= SEQUENCE +{ + nsZoneCfgId Integer32, + nsZoneCfgName DisplayString, + nsZoneCfgType INTEGER, + nsZoneCfgVsys Integer32 +} + +nsZoneCfg OBJECT IDENTIFIER ::= { netscreenZone 1 } + +nsZoneCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsZoneCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "NetScreen device can have lots of secure zone. This table + collects the zones exiting in NetScreen device." + ::= { nsZoneCfg 1 } + +nsZoneCfgEntry OBJECT-TYPE + SYNTAX NsZoneCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the table holds a set of configuration + parameters associated with an instance of secure zone." + INDEX + { nsZoneCfgId } + ::= { nsZoneCfgTable 1 } + +nsZoneCfgId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A unique value for zone table. Its value ranges between 1 and + 65535 and may not be contiguous. the index has no other + meaning but a pure index" + ::= { nsZoneCfgEntry 1 } + +nsZoneCfgName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure zone name." + ::= { nsZoneCfgEntry 2 } + +nsZoneCfgType OBJECT-TYPE + SYNTAX INTEGER { + regular(0), + layer2(1), + tunnel(2), + null(3), + func(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Secure zone type. Regular is sec(L3) and layer2 is sec(L2) type" + ::= { nsZoneCfgEntry 3 } + +nsZoneCfgVsys OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VSYS this security zone belongs to." + ::= { nsZoneCfgEntry 4 } +END + + -- cgit v1.2.3