From 98a672123c7872f6b9b75a9a2b6bb3aea504de6a Mon Sep 17 00:00:00 2001 From: David Leutgeb Date: Tue, 5 Dec 2023 12:25:34 +0100 Subject: Initial commit --- MIBS/transition/TN-IP-SOURCE-GUARD-MIB | 368 +++++++++++++++++++++++++++++++++ 1 file changed, 368 insertions(+) create mode 100644 MIBS/transition/TN-IP-SOURCE-GUARD-MIB (limited to 'MIBS/transition/TN-IP-SOURCE-GUARD-MIB') diff --git a/MIBS/transition/TN-IP-SOURCE-GUARD-MIB b/MIBS/transition/TN-IP-SOURCE-GUARD-MIB new file mode 100644 index 0000000..118d89c --- /dev/null +++ b/MIBS/transition/TN-IP-SOURCE-GUARD-MIB @@ -0,0 +1,368 @@ +-- ***************************************************************** +-- TN-IP-SOURCE-GUARD-MIB +-- +-- Copyright (c) 2012, Transition Networks Inc. +-- All rights reserved. +-- ***************************************************************** +-- +TN-IP-SOURCE-GUARD-MIB DEFINITIONS ::= BEGIN + +IMPORTS + MODULE-IDENTITY, + OBJECT-TYPE, + NOTIFICATION-TYPE, + Integer32 FROM SNMPv2-SMI + NOTIFICATION-GROUP FROM SNMPv2-CONF + TEXTUAL-CONVENTION, TimeStamp, + RowStatus, TruthValue, MacAddress FROM SNMPv2-TC + InetAddressType, InetAddress, InetAddressPrefixLength FROM INET-ADDRESS-MIB + entPhysicalIndex FROM ENTITY-MIB + tnProducts FROM TRANSITION-SMI + ifIndex, InterfaceIndex FROM IF-MIB; + +tnIPSourceGuardMIB MODULE-IDENTITY + LAST-UPDATED "201209100000Z" + ORGANIZATION "Transition Networks, Inc." + CONTACT-INFO + "Transition Networks + Technical Support + + 10900 Red Circle Drive + Minnetonka, MN 55343 USA + Tel: +1-800-526-9267 + + E-mail: techsupport@transition.com" + DESCRIPTION + "The mib module for IP Source Guard. + IP Source Guard is a secure feature used to restrict IP traffic + on DHCP snooping untrusted ports by filtering traffic based on + the DHCP Snooping Table or manually configured IP Source Bindings. + It helps prevent IP spoofing attacks when a host tries to spoof + and use the IP address of another host. " + + REVISION "201209260000Z" + DESCRIPTION + "Initial Revision of this module" + + ::= { tnProducts 31 } + +tnIPSourceGuardMIBObjects + OBJECT IDENTIFIER ::= { tnIPSourceGuardMIB 1 } + +tnIPSourceGuardMIBNotifications + OBJECT IDENTIFIER ::= { tnIPSourceGuardMIB 2 } + +-- +-- Textual Conventions +-- + + +-- +-- MIB variables +-- + +tnIPSourceGuardMgmt + OBJECT IDENTIFIER ::= { tnIPSourceGuardMIBObjects 1 } + + +-- +-- tnIPSourceGuardTable +-- + +tnIPSourceGuardTable OBJECT-TYPE + SYNTAX SEQUENCE OF TnIPSourceGuardEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is for user to configure the global settings of + IP Source Guard." + ::= { tnIPSourceGuardMgmt 1 } + +tnIPSourceGuardEntry OBJECT-TYPE + SYNTAX TnIPSourceGuardEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry represents a global configuration of IP Source Guard." + INDEX { entPhysicalIndex } + ::= { tnIPSourceGuardTable 1 } + +TnIPSourceGuardEntry ::= SEQUENCE { + tnIPSourceGuardGlobalMode TruthValue, + tnIPSourceGuardDynamicToStatic TruthValue + } + +tnIPSourceGuardGlobalMode OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Set true(1) to enable or false(2) to disable the global IP Source + Guard function. + Only when both Global Mode and Port Mode on a given port are enabled, + IP Source Guard is enabled on this given port." + DEFVAL { false } + ::= { tnIPSourceGuardEntry 1 } + +tnIPSourceGuardDynamicToStatic OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Set true(1) to translate all dynamic entries to static entries. + It will be always returned the default value false(2) when queried." + DEFVAL { false } + ::= { tnIPSourceGuardEntry 2 } + + + +-- +-- tnIPSourceGuardIfTable +-- + +tnIPSourceGuardIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF TnIPSourceGuardIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table lets user to configure the IP Source Guard for each port." + ::= { tnIPSourceGuardMgmt 2 } + +tnIPSourceGuardIfEntry OBJECT-TYPE + SYNTAX TnIPSourceGuardIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry represents a IP Source Guard setting on a port." + INDEX { ifIndex } + ::= { tnIPSourceGuardIfTable 1 } + +TnIPSourceGuardIfEntry ::= SEQUENCE { + tnIPSourceGuardIfMode TruthValue, + tnIPSourceGuardIfMaxDynamicClients INTEGER + } + +tnIPSourceGuardIfMode OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Set true(1) to enable or false(2) to disable the IP Source Guard + function on the given port. + Only when both Global Mode and Port Mode on a given port are enabled, + IP Source Guard is enabled on this given port. " + DEFVAL { false } + ::= { tnIPSourceGuardIfEntry 1 } + +tnIPSourceGuardIfMaxDynamicClients OBJECT-TYPE + SYNTAX INTEGER + { + zero (0), -- only allow the IP packets forwarding that are + -- matched in static entries on the specific port. + one (1), -- only one dynamic client that can be learned + -- on the given port. + two (2), -- only two dynamic clients that can be learned + -- on the given port. + unlimited (65535) -- no limitation for dynamic clients that can be + -- learned on the given port. + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Specify the maximum number of dynamic clients that can be learned + on given port. + This value can be 0, 1, 2 or unlimited. + If the port mode is enabled and the value of max dynamic client is + equal to 0, it means only allow the IP packets forwarding that are + matched in static entries on the specific port." + DEFVAL { unlimited } + ::= { tnIPSourceGuardIfEntry 2 } + + + +-- +-- tnIPSourceGuardStaticTable +-- + +tnIPSourceGuardStaticTable OBJECT-TYPE + SYNTAX SEQUENCE OF TnIPSourceGuardStaticEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table lets user to configure the static entries for IP Source Guard." + ::= { tnIPSourceGuardMgmt 3 } + +tnIPSourceGuardStaticEntry OBJECT-TYPE + SYNTAX TnIPSourceGuardStaticEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry represents a static entry of IP Source Guard." + INDEX { tnIPSourceGuardStaticPort, + tnIPSourceGuardStaticVlanID, + tnIPSourceGuardStaticAddrType, + tnIPSourceGuardStaticAddr, + tnIPSourceGuardStaticMask } + ::= { tnIPSourceGuardStaticTable 1 } + +TnIPSourceGuardStaticEntry ::= SEQUENCE { + tnIPSourceGuardStaticPort InterfaceIndex, + tnIPSourceGuardStaticVlanID INTEGER, + tnIPSourceGuardStaticAddrType InetAddressType, + tnIPSourceGuardStaticAddr InetAddress, + tnIPSourceGuardStaticMask InetAddressPrefixLength, + tnIPSourceGuardStaticMacAddress MacAddress, + tnIPSourceGuardStaticRowStatus RowStatus + } + +tnIPSourceGuardStaticPort OBJECT-TYPE + SYNTAX InterfaceIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The port number for the settings." + ::= { tnIPSourceGuardStaticEntry 1 } + +tnIPSourceGuardStaticVlanID OBJECT-TYPE + SYNTAX INTEGER (1..4094) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The vlan id for the settings." + ::= { tnIPSourceGuardStaticEntry 2 } + +tnIPSourceGuardStaticAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Address type of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardStaticEntry 3 } + +tnIPSourceGuardStaticAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Address of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardStaticEntry 4 } + + +tnIPSourceGuardStaticMask OBJECT-TYPE + SYNTAX InetAddressPrefixLength + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Mask of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardStaticEntry 5 } + +tnIPSourceGuardStaticMacAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Mac Address of Source IP." + ::= { tnIPSourceGuardStaticEntry 6 } + +tnIPSourceGuardStaticRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status of static IP Source Guard." + ::= { tnIPSourceGuardStaticEntry 7} + + + +-- +-- tnIPSourceGuardDynamicTable +-- + +tnIPSourceGuardDynamicTable OBJECT-TYPE + SYNTAX SEQUENCE OF TnIPSourceGuardDynamicEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table lets user to configure the dynamic entries for IP Source Guard." + ::= { tnIPSourceGuardMgmt 4 } + +tnIPSourceGuardDynamicEntry OBJECT-TYPE + SYNTAX TnIPSourceGuardDynamicEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry represents a dynamic entry of IP Source Guard." + INDEX { tnIPSourceGuardDynamicPort, + tnIPSourceGuardDynamicVlanID, + tnIPSourceGuardDynamicAddrType, + tnIPSourceGuardDynamicAddr, + tnIPSourceGuardDynamicMask } + ::= { tnIPSourceGuardDynamicTable 1 } + +TnIPSourceGuardDynamicEntry ::= SEQUENCE { + tnIPSourceGuardDynamicPort InterfaceIndex, + tnIPSourceGuardDynamicVlanID INTEGER, + tnIPSourceGuardDynamicAddrType InetAddressType, + tnIPSourceGuardDynamicAddr InetAddress, + tnIPSourceGuardDynamicMask InetAddressPrefixLength, + tnIPSourceGuardDynamicMacAddress MacAddress + } + +tnIPSourceGuardDynamicPort OBJECT-TYPE + SYNTAX InterfaceIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The port number for the settings." + ::= { tnIPSourceGuardDynamicEntry 1 } + +tnIPSourceGuardDynamicVlanID OBJECT-TYPE + SYNTAX INTEGER (1..4094) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The vlan id for the settings. " + ::= { tnIPSourceGuardDynamicEntry 2 } + +tnIPSourceGuardDynamicAddrType OBJECT-TYPE + SYNTAX InetAddressType + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Address type of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardDynamicEntry 3 } + +tnIPSourceGuardDynamicAddr OBJECT-TYPE + SYNTAX InetAddress + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Address of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardDynamicEntry 4 } + +tnIPSourceGuardDynamicMask OBJECT-TYPE + SYNTAX InetAddressPrefixLength + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Mask of Source IP. + For a detailed description of this type, please refer to INET-ADDRESS-MIB." + ::= { tnIPSourceGuardDynamicEntry 5 } + +tnIPSourceGuardDynamicMacAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Mac Address of Source IP." + ::= { tnIPSourceGuardDynamicEntry 6 } +-- +-- Notifications +-- + +END -- cgit v1.2.3