1583 lines
56 KiB
Plaintext
1583 lines
56 KiB
Plaintext
-- ==================================================================
|
|
-- Copyright (C) 2008 by HUAWEI TECHNOLOGIES. All rights reserved.
|
|
--
|
|
-- Description: HUAWEI SECURITY MIB
|
|
-- Reference:
|
|
-- Version: V1.0
|
|
-- History:
|
|
-- V1.0 2008-3-12 publish
|
|
-- ==================================================================
|
|
|
|
HUAWEI-SECURITY-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
hwDatacomm
|
|
FROM HUAWEI-MIB
|
|
OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
Integer32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
EnabledStatus
|
|
FROM P-BRIDGE-MIB
|
|
DisplayString
|
|
FROM SNMPv2-TC;
|
|
|
|
hwSecurityMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200803121015Z"
|
|
ORGANIZATION
|
|
"Huawei Technologies Co.,Ltd."
|
|
CONTACT-INFO
|
|
"8090 Team Huawei Technologies Co.,Ltd.
|
|
Huawei Bld.,NO.3 Xinxi Rd.,
|
|
Shang-Di Information Industry Base,
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.huawei.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"The private mib file includes the general extent
|
|
information of the device.hwDatacomm(165).hwSecurityMIB."
|
|
::= { hwDatacomm 165 }
|
|
|
|
|
|
hwBaseSecurityMIBObjects OBJECT IDENTIFIER ::= { hwSecurityMIB 1 }
|
|
|
|
hwLocalUrpf OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 2 }
|
|
|
|
hwLocalUrpfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwLocalUrpfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The table lists the information about local URPF Packets. "
|
|
::= { hwLocalUrpf 1 }
|
|
|
|
hwLocalUrpfEntry OBJECT-TYPE
|
|
SYNTAX HwLocalUrpfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The table lists the information about local URPF protection."
|
|
INDEX { hwLocalUrpfChassisId , hwLocalUrpfSlotId }
|
|
::= { hwLocalUrpfTable 1 }
|
|
|
|
HwLocalUrpfEntry ::=
|
|
SEQUENCE{
|
|
hwLocalUrpfChassisId
|
|
INTEGER,
|
|
hwLocalUrpfSlotId
|
|
Integer32,
|
|
hwLocalUrpfCurrentRateLow
|
|
Integer32,
|
|
hwLocalUrpfCurrentRateHigh
|
|
Integer32,
|
|
hwLocalUrpfNotifyEnabledStatus
|
|
EnabledStatus,
|
|
hwLocalUrpfRateThreshold
|
|
Integer32,
|
|
hwLocalUrpfRateInterval
|
|
Integer32
|
|
}
|
|
|
|
hwLocalUrpfChassisId OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
clc1(1),
|
|
clc2(2),
|
|
clc3(3),
|
|
clc4(4),
|
|
clc5(5),
|
|
clc6(6),
|
|
clc7(7),
|
|
clc8(8)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of local URPF,the chassis ID indicates the slot on which chassis is configured with URPF."
|
|
::= { hwLocalUrpfEntry 1 }
|
|
|
|
hwLocalUrpfSlotId OBJECT-TYPE
|
|
SYNTAX Integer32(1..16)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of local URPF,the slot configured with URPF."
|
|
::= { hwLocalUrpfEntry 2 }
|
|
|
|
hwLocalUrpfCurrentRateLow OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lower 32 bits discard number during the interval of local URPF.unit(packet)."
|
|
::= { hwLocalUrpfEntry 11 }
|
|
|
|
hwLocalUrpfCurrentRateHigh OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The upper 32 bits discard number during the interval of local URPF.unit(packet)."
|
|
::= { hwLocalUrpfEntry 12 }
|
|
|
|
hwLocalUrpfNotifyEnabledStatus OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm state of local URPF."
|
|
::= { hwLocalUrpfEntry 13 }
|
|
|
|
hwLocalUrpfRateThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Local URPF's discard threshold during the configured interval.unit(packet)."
|
|
::= { hwLocalUrpfEntry 14 }
|
|
|
|
hwLocalUrpfRateInterval OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detection interval of the local URPF.unit(s). "
|
|
::= { hwLocalUrpfEntry 15 }
|
|
|
|
hwTcpIpDefend OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 3 }
|
|
|
|
hwTcpIpDefendTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwTcpIpDefendEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about TCPIP protection."
|
|
::= { hwTcpIpDefend 1 }
|
|
|
|
hwTcpIpDefendEntry OBJECT-TYPE
|
|
SYNTAX HwTcpIpDefendEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about TCPIP protection."
|
|
INDEX { hwTcpIpDefendChassisId,
|
|
hwTcpIpDefendSlotId,
|
|
hwTcpIpDefendType
|
|
}
|
|
::= { hwTcpIpDefendTable 1 }
|
|
|
|
HwTcpIpDefendEntry ::=
|
|
SEQUENCE{
|
|
hwTcpIpDefendChassisId
|
|
INTEGER,
|
|
hwTcpIpDefendSlotId
|
|
Integer32,
|
|
hwTcpIpDefendType
|
|
INTEGER,
|
|
hwTcpIpDefendCurrentRateLow
|
|
Integer32,
|
|
hwTcpIpDefendCurrentRateHigh
|
|
Integer32,
|
|
hwTcpIpDefendNotifyEnabledStatus
|
|
EnabledStatus,
|
|
hwTcpIpDefendRateThreshold
|
|
Integer32,
|
|
hwTcpIpDefendRateInterval
|
|
Integer32
|
|
}
|
|
|
|
hwTcpIpDefendChassisId OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
clc1(1),
|
|
clc2(2),
|
|
clc3(3),
|
|
clc4(4),
|
|
clc5(5),
|
|
clc6(6),
|
|
clc7(7),
|
|
clc8(8)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of TCPIP protection,the chassis ID indicates the slot on which chassis is configured with TCPIP protection."
|
|
::= { hwTcpIpDefendEntry 1 }
|
|
|
|
hwTcpIpDefendSlotId OBJECT-TYPE
|
|
SYNTAX Integer32(1..16)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of TCPIP protection,the slot configured with TCPIP protection."
|
|
::= { hwTcpIpDefendEntry 2 }
|
|
|
|
hwTcpIpDefendType OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
abnormalPacket(1),
|
|
udpPacket(2),
|
|
tcpSyn(3),
|
|
ipFragmentation(4)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of TCPIP protection,the type of TCPIP protection."
|
|
::= { hwTcpIpDefendEntry 3 }
|
|
|
|
hwTcpIpDefendCurrentRateLow OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lower 32 bits discard number during the interval of TCPIP protection.unit(packet)."
|
|
::= { hwTcpIpDefendEntry 11 }
|
|
|
|
hwTcpIpDefendCurrentRateHigh OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The upper 32 bits discard number during the interval of TCPIP protection.unit(packet)."
|
|
::= { hwTcpIpDefendEntry 12 }
|
|
|
|
hwTcpIpDefendNotifyEnabledStatus OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm state of TCPIP protection."
|
|
::= { hwTcpIpDefendEntry 13 }
|
|
|
|
hwTcpIpDefendRateThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCPIP protection's discard threshold during the configured interval.unit(packet)."
|
|
::= { hwTcpIpDefendEntry 14 }
|
|
|
|
hwTcpIpDefendRateInterval OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detection interval of TCPIP protection.unit(s)."
|
|
::= { hwTcpIpDefendEntry 15 }
|
|
|
|
|
|
hwMaDefend OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 4 }
|
|
|
|
hwMaDefendTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwMaDefendEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about management and application protection."
|
|
::= { hwMaDefend 1 }
|
|
|
|
hwMaDefendEntry OBJECT-TYPE
|
|
SYNTAX HwMaDefendEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about management and application protection."
|
|
INDEX { hwMaDefendChassisId,
|
|
hwMaDefendSlotId,
|
|
hwMaDefendProtocol}
|
|
::= { hwMaDefendTable 1 }
|
|
|
|
HwMaDefendEntry ::=
|
|
SEQUENCE{
|
|
hwMaDefendChassisId
|
|
INTEGER,
|
|
hwMaDefendSlotId
|
|
Integer32,
|
|
hwMaDefendProtocol
|
|
INTEGER,
|
|
hwMaDefendCurrentRateLow
|
|
Integer32,
|
|
hwMaDefendCurrentRateHigh
|
|
Integer32,
|
|
hwMaDefendNotifyEnabledStatus
|
|
EnabledStatus,
|
|
hwMaDefendRateThreshold
|
|
Integer32,
|
|
hwMaDefendRateInterval
|
|
Integer32
|
|
}
|
|
|
|
hwMaDefendChassisId OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
clc1(1),
|
|
clc2(2),
|
|
clc3(3),
|
|
clc4(4),
|
|
clc5(5),
|
|
clc6(6),
|
|
clc7(7),
|
|
clc8(8)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of management and application protection,the chassis ID indicates the slot on which chassis is configured with management and application protection."
|
|
::= { hwMaDefendEntry 1 }
|
|
|
|
hwMaDefendSlotId OBJECT-TYPE
|
|
SYNTAX Integer32(1..16)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of management and application protection,the slots configured with management and application protection."
|
|
::= { hwMaDefendEntry 2 }
|
|
|
|
hwMaDefendProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
ftp(1),
|
|
ssh(2),
|
|
snmp(3),
|
|
telnet(4),
|
|
tftp(5),
|
|
bgp(6),
|
|
ldp(7),
|
|
rsvp(8),
|
|
ospf(9),
|
|
rip(10),
|
|
isis(11),
|
|
pim(12),
|
|
ntp(13),
|
|
lsp-ping(14),
|
|
dhcp-c(15),
|
|
dhcp-r(16),
|
|
tcp(17),
|
|
udp(18)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of management and application protection,the protocols configured in management and application protection."
|
|
::= { hwMaDefendEntry 3 }
|
|
|
|
hwMaDefendCurrentRateLow OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lower 32 bits discard number during the interval of management and application protection.unit(packet)."
|
|
::= { hwMaDefendEntry 11 }
|
|
|
|
hwMaDefendCurrentRateHigh OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The upper 32 bits discard number during the interval of management and application protection.unit(packet)."
|
|
::= { hwMaDefendEntry 12 }
|
|
|
|
hwMaDefendNotifyEnabledStatus OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm state of management and application protection."
|
|
::= { hwMaDefendEntry 13 }
|
|
|
|
hwMaDefendRateThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The discard threshold of management and application protection during the configured interval.unit(packet)."
|
|
::= { hwMaDefendEntry 14 }
|
|
|
|
hwMaDefendRateInterval OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detection interval of management and application protection. unit(s)."
|
|
::= { hwMaDefendEntry 15 }
|
|
|
|
|
|
hwApplicationApperceive OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 5 }
|
|
|
|
hwApplicationApperceiveTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwApplicationApperceiveEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about Application-Apperceive protection."
|
|
::= { hwApplicationApperceive 1 }
|
|
|
|
hwApplicationApperceiveEntry OBJECT-TYPE
|
|
SYNTAX HwApplicationApperceiveEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about Application-Apperceive protection."
|
|
INDEX { hwAppliApperChassisId,
|
|
hwAppliApperSlotId,
|
|
hwAppliApperProtocol}
|
|
::= { hwApplicationApperceiveTable 1 }
|
|
|
|
HwApplicationApperceiveEntry ::=
|
|
SEQUENCE{
|
|
hwAppliApperChassisId
|
|
INTEGER,
|
|
hwAppliApperSlotId
|
|
Integer32,
|
|
hwAppliApperProtocol
|
|
INTEGER,
|
|
hwAppliApperCurrentRateLow
|
|
Integer32,
|
|
hwAppliApperCurrentRateHigh
|
|
Integer32,
|
|
hwAppliApperNotifyEnabledStatus
|
|
EnabledStatus,
|
|
hwAppliApperRateThreshold
|
|
Integer32,
|
|
hwAppliApperRateInterval
|
|
Integer32
|
|
}
|
|
|
|
hwAppliApperChassisId OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
clc1(1),
|
|
clc2(2),
|
|
clc3(3),
|
|
clc4(4),
|
|
clc5(5),
|
|
clc6(6),
|
|
clc7(7),
|
|
clc8(8)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of Application-Apperceive protection,the chassis ID indicates the slot on which chassis is configured with Application-Apperceive protection."
|
|
::= { hwApplicationApperceiveEntry 1 }
|
|
|
|
hwAppliApperSlotId OBJECT-TYPE
|
|
SYNTAX Integer32(1..16)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of Application-Apperceive protection,the slots configured with Application-Apperceive protection."
|
|
::= { hwApplicationApperceiveEntry 2 }
|
|
|
|
hwAppliApperProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
ftpServer(1),
|
|
sshServer(2),
|
|
snmp(3),
|
|
telnetServer(4),
|
|
tftp(5),
|
|
bgp(6),
|
|
ldp(7),
|
|
rsvp(8),
|
|
ospf(9),
|
|
rip(10),
|
|
isis(11),
|
|
sftpSever(12),
|
|
icmp(13),
|
|
msdp(14),
|
|
pim(15),
|
|
ipv4Arp(16),
|
|
bpdu(17),
|
|
dhcp(18),
|
|
lacp(19),
|
|
ntp(20),
|
|
radius(21),
|
|
hwTacacs(22),
|
|
lspPing(23),
|
|
igmp(24),
|
|
vgmp(25),
|
|
rrpp(26),
|
|
vrrp(27),
|
|
bfd(28),
|
|
mplsOam(29),
|
|
eth8021ag(30),
|
|
ftpClient(31),
|
|
telnetClient(32),
|
|
sshClient(33),
|
|
sftpClient(34),
|
|
dnsClient(35)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of Application-Apperceive protection,the protocol configured in Application-Apperceive protection."
|
|
::= { hwApplicationApperceiveEntry 3 }
|
|
|
|
hwAppliApperCurrentRateLow OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lower 32 bits discard number during the interval of Application-Apperceive protection.unit(packet)."
|
|
::= { hwApplicationApperceiveEntry 11 }
|
|
|
|
hwAppliApperCurrentRateHigh OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The upper 32 bits discard number during the interval of Application-Apperceive protection.unit(packet)."
|
|
::= { hwApplicationApperceiveEntry 12 }
|
|
|
|
hwAppliApperNotifyEnabledStatus OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm state of Application-Apperceive protection."
|
|
::= { hwApplicationApperceiveEntry 13 }
|
|
|
|
hwAppliApperRateThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The discard threshold of Application-Apperceive protection during the configured interval.unit(packet)."
|
|
::= { hwApplicationApperceiveEntry 14 }
|
|
|
|
hwAppliApperRateInterval OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The detect interval of Application-Apperceive protection. unit(s)."
|
|
::= { hwApplicationApperceiveEntry 15 }
|
|
|
|
hwDefdPortVlan OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 6 }
|
|
|
|
hwDefdPortVlanTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwDefdPortVlanEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The table lists the information about defend port vlan packet. "
|
|
::= { hwDefdPortVlan 1 }
|
|
|
|
|
|
hwDefdPortVlanEntry OBJECT-TYPE
|
|
SYNTAX HwDefdPortVlanEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about defend port vlan ."
|
|
INDEX { hwDefdPortVlanIfIndex }
|
|
::= { hwDefdPortVlanTable 1 }
|
|
|
|
HwDefdPortVlanEntry ::=
|
|
SEQUENCE{
|
|
hwDefdPortVlanIfIndex
|
|
Integer32,
|
|
hwDefdPortVlanIfName
|
|
OCTET STRING,
|
|
hwDefdPortVlanId
|
|
Integer32,
|
|
hwDefdPortVlanCheckProtocol
|
|
OCTET STRING
|
|
}
|
|
|
|
hwDefdPortVlanIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32(1..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interface Index, equal to ifIndex."
|
|
::= { hwDefdPortVlanEntry 1 }
|
|
|
|
hwDefdPortVlanIfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..256))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the interface."
|
|
::= { hwDefdPortVlanEntry 2 }
|
|
|
|
hwDefdPortVlanId OBJECT-TYPE
|
|
SYNTAX Integer32(0..4096)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Data index of defend port vlan."
|
|
::= { hwDefdPortVlanEntry 3 }
|
|
|
|
|
|
hwDefdPortVlanCheckProtocol OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..100))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Check protocol name."
|
|
::= { hwDefdPortVlanEntry 4 }
|
|
|
|
|
|
hwSocAttackTrapObject OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 7 }
|
|
|
|
|
|
hwSocAttackInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwSocAttackInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The table lists the information about Security Operation Center. "
|
|
::= { hwSocAttackTrapObject 1 }
|
|
|
|
|
|
hwSocAttackInfoEntry OBJECT-TYPE
|
|
SYNTAX HwSocAttackInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about Securty Operation Center detected one attack."
|
|
INDEX { hwSocAttackSeqNo }
|
|
::= { hwSocAttackInfoTable 1 }
|
|
|
|
HwSocAttackInfoEntry ::=
|
|
SEQUENCE {
|
|
hwSocAttackSeqNo
|
|
Integer32,
|
|
hwSocAttackPossib
|
|
OCTET STRING,
|
|
hwSocAttackReason
|
|
OCTET STRING,
|
|
hwSocAttackIfName
|
|
OCTET STRING,
|
|
hwSocAttackSubIfName
|
|
OCTET STRING,
|
|
hwSocAttackVlanIndex
|
|
OCTET STRING,
|
|
hwSocAttackUserQinQIndex
|
|
OCTET STRING,
|
|
hwSocAttackMacAddr
|
|
OCTET STRING,
|
|
hwSocAttackIPAddr
|
|
OCTET STRING
|
|
}
|
|
|
|
|
|
hwSocAttackSeqNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..200)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sequence number of attack infomation."
|
|
::= { hwSocAttackInfoEntry 1 }
|
|
|
|
hwSocAttackPossib OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The prabability of the attack ."
|
|
::= { hwSocAttackInfoEntry 2 }
|
|
|
|
|
|
hwSocAttackReason OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The reason of the attack ."
|
|
::= { hwSocAttackInfoEntry 3 }
|
|
|
|
|
|
hwSocAttackIfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface of the attack"
|
|
::= { hwSocAttackInfoEntry 4 }
|
|
|
|
|
|
hwSocAttackSubIfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..256))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sub-interface of the attack"
|
|
::= { hwSocAttackInfoEntry 5 }
|
|
|
|
|
|
hwSocAttackVlanIndex OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The vlan of the attack"
|
|
::= { hwSocAttackInfoEntry 6 }
|
|
|
|
|
|
hwSocAttackUserQinQIndex OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..64))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UserQinQ of the attack"
|
|
::= { hwSocAttackInfoEntry 7 }
|
|
|
|
|
|
hwSocAttackMacAddr OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC of the attack"
|
|
::= { hwSocAttackInfoEntry 8 }
|
|
|
|
|
|
hwSocAttackIPAddr OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP of the attack"
|
|
::= { hwSocAttackInfoEntry 9 }
|
|
|
|
|
|
hwBaseSecurityNotifications OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 11 }
|
|
|
|
hwBaseSecurityUrpfDiscardedRateRising NOTIFICATION-TYPE
|
|
OBJECTS { hwLocalUrpfCurrentRateLow, hwLocalUrpfCurrentRateHigh, hwLocalUrpfRateThreshold}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The discard packets exceed the threshold of local URPF protection."
|
|
::= { hwBaseSecurityNotifications 1 }
|
|
|
|
hwBaseSecurityUrpfDiscardedRateResume NOTIFICATION-TYPE
|
|
OBJECTS { hwLocalUrpfCurrentRateLow, hwLocalUrpfCurrentRateHigh, hwLocalUrpfRateThreshold}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The alarm of local URPF is resumed."
|
|
::= { hwBaseSecurityNotifications 2 }
|
|
|
|
hwBaseSecurityTcpIpAttackDiscardedRateRising NOTIFICATION-TYPE
|
|
OBJECTS { hwTcpIpDefendCurrentRateLow, hwTcpIpDefendCurrentRateHigh, hwTcpIpDefendRateThreshold, hwTcpIpDefendRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The discard packets exceed the threshold of TCPIP protection. "
|
|
::= { hwBaseSecurityNotifications 3 }
|
|
|
|
hwBaseSecurityTcpIpAttackDiscardedRateResume NOTIFICATION-TYPE
|
|
OBJECTS { hwTcpIpDefendCurrentRateLow, hwTcpIpDefendCurrentRateHigh, hwTcpIpDefendRateThreshold, hwTcpIpDefendRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The alarm of TCPIP protection is resumed. "
|
|
::= { hwBaseSecurityNotifications 4 }
|
|
|
|
hwBaseSecurityMaDiscardedRateRising NOTIFICATION-TYPE
|
|
OBJECTS { hwMaDefendCurrentRateLow, hwMaDefendCurrentRateHigh, hwMaDefendRateThreshold, hwMaDefendRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The discard packets exceed the threshold of management and application protection."
|
|
::= { hwBaseSecurityNotifications 5 }
|
|
|
|
hwBaseSecurityMaDiscardedRateResume NOTIFICATION-TYPE
|
|
OBJECTS { hwMaDefendCurrentRateLow, hwMaDefendCurrentRateHigh, hwMaDefendRateThreshold, hwMaDefendRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The alarm of management and application protection is resumed. "
|
|
::= { hwBaseSecurityNotifications 6 }
|
|
|
|
hwBaseSecurityApplicationApperceiveDiscardedRateRising NOTIFICATION-TYPE
|
|
OBJECTS { hwAppliApperCurrentRateLow, hwAppliApperCurrentRateHigh, hwAppliApperRateThreshold, hwAppliApperRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The discard packets exceed the threshold of Application-Apperceive protection. "
|
|
::= { hwBaseSecurityNotifications 7 }
|
|
|
|
hwBaseSecurityApplicationApperceiveDiscardedRateResume NOTIFICATION-TYPE
|
|
OBJECTS { hwAppliApperCurrentRateLow, hwAppliApperCurrentRateHigh, hwAppliApperRateThreshold, hwAppliApperRateInterval}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm of Application-Apperceive protection is resumed."
|
|
::= { hwBaseSecurityNotifications 8 }
|
|
|
|
hwBaseSecurityStormControlInterface NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
hwBaseSecurityStormControlInterfaceChassisId,
|
|
hwBaseSecurityStormControlInterfaceSlotId,
|
|
hwBaseSecurityStormControlInterfaceName}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm of storm-control detection."
|
|
::= { hwBaseSecurityNotifications 9 }
|
|
|
|
hwBaseSocAttackTrap NOTIFICATION-TYPE
|
|
OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex,
|
|
hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An attack occur on the Network. "
|
|
::= { hwBaseSecurityNotifications 12 }
|
|
|
|
|
|
hwBaseSocAttackResumeTrap NOTIFICATION-TYPE
|
|
OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex,
|
|
hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An attack cancels on the Network."
|
|
::= { hwBaseSecurityNotifications 13 }
|
|
|
|
|
|
hwMacFilter OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 12 }
|
|
|
|
hwMacFilterModeTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwMacFilterModeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about mac-filter statistics."
|
|
::= { hwMacFilter 1 }
|
|
|
|
hwMacFilterModeEntry OBJECT-TYPE
|
|
SYNTAX HwMacFilterModeEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about mac-filter statistics."
|
|
INDEX { hwMacFilterIfIndex }
|
|
::= { hwMacFilterModeTable 1 }
|
|
|
|
HwMacFilterModeEntry ::=
|
|
SEQUENCE{
|
|
hwMacFilterIfIndex
|
|
Integer32,
|
|
hwMacFilterInterface
|
|
DisplayString,
|
|
hwMacFilterEnableMode
|
|
INTEGER,
|
|
hwMacFilterMatchNum
|
|
Integer32
|
|
}
|
|
|
|
hwMacFilterIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter interface index."
|
|
::= { hwMacFilterModeEntry 1 }
|
|
|
|
hwMacFilterInterface OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter interface name."
|
|
::= { hwMacFilterModeEntry 2 }
|
|
|
|
hwMacFilterEnableMode OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
none(0),
|
|
whitelist(1),
|
|
balcklist(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter enable mode."
|
|
::= { hwMacFilterModeEntry 3 }
|
|
|
|
hwMacFilterMatchNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter if-match number."
|
|
::= { hwMacFilterModeEntry 4 }
|
|
|
|
hwMacFilterMacAddrTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwMacFilterMacAddrEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about mac-filter if-match mac-address."
|
|
::= { hwMacFilter 2 }
|
|
|
|
hwMacFilterMacAddrEntry OBJECT-TYPE
|
|
SYNTAX HwMacFilterMacAddrEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table list the information about mac-filter if-match mac-address."
|
|
INDEX { hwMacFilterIfindex,
|
|
hwMacFilterMacAddr}
|
|
::= { hwMacFilterMacAddrTable 1 }
|
|
|
|
HwMacFilterMacAddrEntry ::=
|
|
SEQUENCE{
|
|
hwMacFilterIfindex
|
|
Integer32,
|
|
hwMacFilterInterfaceBuf
|
|
DisplayString,
|
|
hwMacFilterMacAddr
|
|
DisplayString
|
|
}
|
|
|
|
hwMacFilterIfindex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter interface index."
|
|
::= { hwMacFilterMacAddrEntry 1 }
|
|
|
|
hwMacFilterInterfaceBuf OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter interface name."
|
|
::= { hwMacFilterMacAddrEntry 2 }
|
|
|
|
hwMacFilterMacAddr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..100))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Mac-filter if-match mac-address."
|
|
::= { hwMacFilterMacAddrEntry 3 }
|
|
|
|
hwMeSecurityMIBObjects OBJECT IDENTIFIER ::= { hwSecurityMIB 2 }
|
|
|
|
hwSecurityTrapObject OBJECT IDENTIFIER ::= { hwMeSecurityMIBObjects 1 }
|
|
|
|
hwStrackTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 1 }
|
|
|
|
hwStrackTotalPacket OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The total packets of strack during the configured interval.unit(packet)."
|
|
::= { hwStrackTrapObject 1 }
|
|
|
|
hwStrackEndTime OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of strack."
|
|
::= { hwStrackTrapObject 2 }
|
|
|
|
hwStrackSourceMac OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of strack."
|
|
::= { hwStrackTrapObject 3 }
|
|
|
|
hwStrackPacketPVlan OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of strack."
|
|
::= { hwStrackTrapObject 4 }
|
|
|
|
hwStrackPacketCVlan OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of strack."
|
|
::= { hwStrackTrapObject 5 }
|
|
|
|
hwStrackPacketIfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of strack."
|
|
::= { hwStrackTrapObject 6 }
|
|
|
|
|
|
hwArpsTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 2 }
|
|
|
|
|
|
hwArpsSourceInterface OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of arp security."
|
|
::= { hwArpsTrapObject 1 }
|
|
|
|
|
|
hwArpsSourceIp OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TThe data of arp security."
|
|
::= { hwArpsTrapObject 2 }
|
|
|
|
|
|
hwArpsSourceMac OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of arp security."
|
|
::= { hwArpsTrapObject 3 }
|
|
|
|
|
|
hwArpsPVlan OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of arp security."
|
|
::= { hwArpsTrapObject 4 }
|
|
|
|
|
|
hwArpsCVlan OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of arp security."
|
|
::= { hwArpsTrapObject 5 }
|
|
|
|
|
|
hwArpsPacketDropNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets discarded by arp inspection .unit(packet)."
|
|
::= { hwArpsTrapObject 6 }
|
|
|
|
|
|
hwArpsAlarmThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm threshold of dynamic arp inspection during the configured interval.unit(packet)."
|
|
::= { hwArpsTrapObject 7 }
|
|
|
|
hwArpsBlockTime OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of time which ARP Packet will be blocked. unit(second)."
|
|
::= { hwArpsTrapObject 8 }
|
|
|
|
hwIpsgTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 3 }
|
|
|
|
|
|
hwIpsgPacketDropNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of ip source check ."
|
|
::= { hwIpsgTrapObject 1 }
|
|
|
|
|
|
hwIpsgAlarmThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm threshold of ip source check during the configured interval.unit(packet)."
|
|
::= { hwIpsgTrapObject 2 }
|
|
|
|
|
|
hwIpsgSourceInterface OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of ip souce check."
|
|
::= { hwIpsgTrapObject 3 }
|
|
|
|
|
|
hwIcmpTrapObject OBJECT IDENTIFIER ::= { hwSecurityTrapObject 4 }
|
|
|
|
|
|
hwIcmpPacketDropNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets discarded by ip source check .unit(packet)."
|
|
::= { hwIcmpTrapObject 1 }
|
|
|
|
|
|
hwIcmpAlarmThreshold OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm threshold of icmp defend during the configured interval.unit(packet)."
|
|
::= { hwIcmpTrapObject 2 }
|
|
|
|
|
|
hwIcmpSourceInterface OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of icmp security."
|
|
::= { hwIcmpTrapObject 3 }
|
|
|
|
hwSecurityTraps OBJECT IDENTIFIER ::= { hwMeSecurityMIBObjects 2 }
|
|
|
|
hwStrackTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 1 }
|
|
|
|
hwStrackUserInfo NOTIFICATION-TYPE
|
|
OBJECTS { hwStrackPacketIfName, hwStrackSourceMac, hwStrackPacketCVlan, hwStrackPacketPVlan, hwStrackEndTime,
|
|
hwStrackTotalPacket }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The user data of stack."
|
|
::= { hwStrackTrap 1 }
|
|
|
|
hwStrackIfVlanInfo NOTIFICATION-TYPE
|
|
OBJECTS { hwStrackPacketIfName, hwStrackPacketCVlan, hwStrackPacketPVlan, hwStrackEndTime, hwStrackTotalPacket
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The data of stack."
|
|
::= { hwStrackTrap 2 }
|
|
|
|
|
|
hwArpsTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 2 }
|
|
|
|
|
|
hwArpsGatewayConflict NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The gateway conflict alarm is resumed."
|
|
::= { hwArpsTrap 1 }
|
|
|
|
|
|
hwArpsEntryCheck NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp talbe chekc alarm is resumed."
|
|
::= { hwArpsTrap 2 }
|
|
|
|
|
|
hwArpsPacketCheck NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceInterface, hwArpsSourceIp, hwArpsSourceMac, hwArpsPVlan, hwArpsCVlan
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp packet check alarm is resumed."
|
|
::= { hwArpsTrap 3 }
|
|
|
|
|
|
hwArpsDaiDropALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsPacketDropNum, hwArpsAlarmThreshold, hwArpsSourceInterface }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The DAI alarm is resumed."
|
|
::= { hwArpsTrap 4 }
|
|
|
|
|
|
hwArpGlobleSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp rate limit alarm is resumed."
|
|
::= { hwArpsTrap 5 }
|
|
|
|
|
|
hwArpIfSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold, hwArpsSourceInterface }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TThe arp rate limit alarm is resumed."
|
|
::= { hwArpsTrap 6 }
|
|
|
|
|
|
hwArpVlanSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold, hwArpsPVlan }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp rate limit alarm is resumed."
|
|
::= { hwArpsTrap 7 }
|
|
|
|
|
|
hwArpMissGlobleSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp miss rate limit alarm is resumed."
|
|
::= { hwArpsTrap 8 }
|
|
|
|
|
|
hwArpMissIfSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold, hwArpsSourceInterface }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp miss rate limit alarm is resumed."
|
|
::= { hwArpsTrap 9 }
|
|
|
|
|
|
hwArpMissVlanSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsAlarmThreshold, hwArpsPVlan }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp miss rate limit alarm is resumed."
|
|
::= { hwArpsTrap 10 }
|
|
|
|
|
|
hwArpSourceIpSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceIp, hwArpsAlarmThreshold }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm of arp speed limit."
|
|
::= { hwArpsTrap 11 }
|
|
|
|
|
|
hwArpMissSourceIpSpeedLimitALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceIp, hwArpsAlarmThreshold }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm of arp miss speed limit."
|
|
::= { hwArpsTrap 12 }
|
|
|
|
hwArpIfRateLimitBlockALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwArpsSourceInterface, hwArpsBlockTime }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The arp rate limit block alarm is resumed."
|
|
::= { hwArpsTrap 13 }
|
|
|
|
|
|
hwIpsgTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 3 }
|
|
|
|
|
|
hwIpsgDropALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwIpsgPacketDropNum, hwIpsgAlarmThreshold, hwIpsgSourceInterface }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ipsg alarm is resumed."
|
|
::= { hwIpsgTrap 1 }
|
|
|
|
|
|
hwIcmpTrap OBJECT IDENTIFIER ::= { hwSecurityTraps 4 }
|
|
|
|
|
|
hwIcmpGlobleDropALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwIcmpAlarmThreshold }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The icmp rate limit alarm is resumed."
|
|
::= { hwIcmpTrap 1 }
|
|
|
|
|
|
hwIcmpIfDropALarm NOTIFICATION-TYPE
|
|
OBJECTS { hwIcmpAlarmThreshold, hwIcmpSourceInterface }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The icmp rate limit alarm is resumed."
|
|
::= { hwIcmpTrap 2 }
|
|
|
|
hwSecurityConformance OBJECT IDENTIFIER ::= { hwSecurityMIB 11 }
|
|
|
|
hwSecurityCompliances OBJECT IDENTIFIER ::= { hwSecurityConformance 1 }
|
|
|
|
hwSecurityCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for systems supporting
|
|
the HUAWEI-SECURITY-MIB."
|
|
MODULE
|
|
MANDATORY-GROUPS { hwLocalUrpfObjectGroup, hwTcpIpDefendObjectGroup, hwMaDefendObjectGroup,
|
|
hwApplicationApperceiveObjectGroup, hwBaseSecurityNotificationsObjectGroup,
|
|
hwMeSecurityObjectGroup, hwMeSecurityTrapGroup, hwDefdPortVlanObjectGroup, hwSocAttackTrapGroup }
|
|
::= { hwSecurityCompliances 1 }
|
|
|
|
hwBaseSecurityGroups OBJECT IDENTIFIER ::= { hwSecurityConformance 2 }
|
|
|
|
hwLocalUrpfObjectGroup OBJECT-GROUP
|
|
OBJECTS{
|
|
hwLocalUrpfCurrentRateLow
|
|
,
|
|
hwLocalUrpfCurrentRateHigh
|
|
,
|
|
hwLocalUrpfNotifyEnabledStatus
|
|
,
|
|
hwLocalUrpfRateThreshold
|
|
,
|
|
hwLocalUrpfRateInterval
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of URPF."
|
|
::= { hwBaseSecurityGroups 2 }
|
|
|
|
hwTcpIpDefendObjectGroup OBJECT-GROUP
|
|
OBJECTS{
|
|
hwTcpIpDefendCurrentRateLow
|
|
,
|
|
hwTcpIpDefendCurrentRateHigh
|
|
,
|
|
hwTcpIpDefendNotifyEnabledStatus
|
|
,
|
|
hwTcpIpDefendRateThreshold
|
|
,
|
|
hwTcpIpDefendRateInterval
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of TCPIP protection."
|
|
::= { hwBaseSecurityGroups 3 }
|
|
|
|
hwMaDefendObjectGroup OBJECT-GROUP
|
|
OBJECTS{
|
|
hwMaDefendCurrentRateLow
|
|
,
|
|
hwMaDefendCurrentRateHigh
|
|
,
|
|
hwMaDefendNotifyEnabledStatus
|
|
,
|
|
hwMaDefendRateThreshold
|
|
,
|
|
hwMaDefendRateInterval
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of management and application protection."
|
|
::= { hwBaseSecurityGroups 4 }
|
|
|
|
hwApplicationApperceiveObjectGroup OBJECT-GROUP
|
|
OBJECTS{
|
|
hwAppliApperCurrentRateLow
|
|
,
|
|
hwAppliApperCurrentRateHigh
|
|
,
|
|
hwAppliApperNotifyEnabledStatus
|
|
,
|
|
hwAppliApperRateThreshold
|
|
,
|
|
hwAppliApperRateInterval
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of Application-Apperceive protection."
|
|
::= { hwBaseSecurityGroups 5 }
|
|
|
|
hwBaseSecurityNotificationsObjectGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS{
|
|
hwBaseSecurityUrpfDiscardedRateRising
|
|
,
|
|
hwBaseSecurityUrpfDiscardedRateResume
|
|
,
|
|
hwBaseSecurityTcpIpAttackDiscardedRateRising
|
|
,
|
|
hwBaseSecurityTcpIpAttackDiscardedRateResume
|
|
,
|
|
hwBaseSecurityMaDiscardedRateRising
|
|
,
|
|
hwBaseSecurityMaDiscardedRateResume
|
|
,
|
|
hwBaseSecurityApplicationApperceiveDiscardedRateRising
|
|
,
|
|
hwBaseSecurityApplicationApperceiveDiscardedRateResume
|
|
,
|
|
hwBaseSecurityStormControlInterface
|
|
,
|
|
hwBaseSecDefdPortVlanShutdown
|
|
,
|
|
hwBaseSecDefdPortVlanUndoShutdown
|
|
,
|
|
hwBaseSocAttackTrap
|
|
,
|
|
hwBaseSocAttackResumeTrap
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total alarm of protection are resumed."
|
|
::= { hwBaseSecurityGroups 6 }
|
|
|
|
hwMeSecurityObjectGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
hwStrackTotalPacket
|
|
,
|
|
hwStrackEndTime
|
|
,
|
|
hwStrackSourceMac
|
|
,
|
|
hwStrackPacketPVlan
|
|
,
|
|
hwStrackPacketCVlan
|
|
,
|
|
hwStrackPacketIfName
|
|
,
|
|
hwArpsSourceInterface
|
|
,
|
|
hwArpsSourceIp
|
|
,
|
|
hwArpsSourceMac
|
|
,
|
|
hwArpsPVlan
|
|
,
|
|
hwArpsCVlan
|
|
,
|
|
hwArpsPacketDropNum
|
|
,
|
|
hwArpsAlarmThreshold
|
|
,
|
|
hwArpsBlockTime
|
|
,
|
|
hwIpsgPacketDropNum
|
|
,
|
|
hwIpsgAlarmThreshold
|
|
,
|
|
hwIpsgSourceInterface
|
|
,
|
|
hwIcmpPacketDropNum
|
|
,
|
|
hwIcmpAlarmThreshold
|
|
,
|
|
hwIcmpSourceInterface
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of huawei base security group."
|
|
::= { hwBaseSecurityGroups 7 }
|
|
|
|
hwMeSecurityTrapGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
hwStrackUserInfo
|
|
,
|
|
hwStrackIfVlanInfo
|
|
,
|
|
hwArpsGatewayConflict
|
|
,
|
|
hwArpsEntryCheck
|
|
,
|
|
hwArpsPacketCheck
|
|
,
|
|
hwArpsDaiDropALarm
|
|
,
|
|
hwArpGlobleSpeedLimitALarm
|
|
,
|
|
hwArpIfSpeedLimitALarm
|
|
,
|
|
hwArpVlanSpeedLimitALarm
|
|
,
|
|
hwArpMissGlobleSpeedLimitALarm
|
|
,
|
|
hwArpMissIfSpeedLimitALarm
|
|
,
|
|
hwArpMissVlanSpeedLimitALarm
|
|
,
|
|
hwArpSourceIpSpeedLimitALarm
|
|
,
|
|
hwArpMissSourceIpSpeedLimitALarm
|
|
,
|
|
hwArpIfRateLimitBlockALarm
|
|
,
|
|
hwIpsgDropALarm
|
|
,
|
|
hwIcmpGlobleDropALarm
|
|
,
|
|
hwIcmpIfDropALarm
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total alarm of protection are resumed."
|
|
::= { hwBaseSecurityGroups 8 }
|
|
|
|
hwDefdPortVlanObjectGroup OBJECT-GROUP
|
|
OBJECTS{
|
|
hwDefdPortVlanIfName
|
|
,
|
|
hwDefdPortVlanId
|
|
,
|
|
hwDefdPortVlanCheckProtocol
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of l2 ring-route ."
|
|
::= { hwBaseSecurityGroups 9 }
|
|
|
|
hwSocAttackTrapGroup OBJECT-GROUP
|
|
OBJECTS { hwSocAttackPossib, hwSocAttackReason, hwSocAttackIfName, hwSocAttackSubIfName, hwSocAttackVlanIndex,
|
|
hwSocAttackUserQinQIndex, hwSocAttackMacAddr, hwSocAttackIPAddr }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The alarm parameter of Security Operation Center"
|
|
::= { hwBaseSecurityGroups 11 }
|
|
|
|
hwBaseSecurityStormControlInterfaceObjects OBJECT IDENTIFIER ::= { hwBaseSecurityMIBObjects 13 }
|
|
|
|
hwBaseSecurityStormControlInterfaceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwBaseSecurityStormControlInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A Table about storm-control interface information."
|
|
::= { hwBaseSecurityStormControlInterfaceObjects 1 }
|
|
|
|
|
|
hwBaseSecurityStormControlInterfaceEntry OBJECT-TYPE
|
|
SYNTAX HwBaseSecurityStormControlInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Description."
|
|
INDEX { hwBaseSecurityStormControlInterfaceChassisId,
|
|
hwBaseSecurityStormControlInterfaceSlotId
|
|
}
|
|
::= { hwBaseSecurityStormControlInterfaceTable 1 }
|
|
|
|
|
|
HwBaseSecurityStormControlInterfaceEntry ::=
|
|
SEQUENCE {
|
|
hwBaseSecurityStormControlInterfaceChassisId
|
|
Integer32,
|
|
hwBaseSecurityStormControlInterfaceSlotId
|
|
Integer32,
|
|
hwBaseSecurityStormControlInterfaceName
|
|
OCTET STRING
|
|
}
|
|
|
|
hwBaseSecurityStormControlInterfaceChassisId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..128)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The chassis ID indicates the slot on which chassis is configured with storm control."
|
|
::= { hwBaseSecurityStormControlInterfaceEntry 1 }
|
|
|
|
hwBaseSecurityStormControlInterfaceSlotId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..128)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The slot configured with storm control."
|
|
::= { hwBaseSecurityStormControlInterfaceEntry 2 }
|
|
|
|
hwBaseSecurityStormControlInterfaceName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..63))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface name."
|
|
::= { hwBaseSecurityStormControlInterfaceEntry 3 }
|
|
|
|
END
|
|
|
|
--
|
|
-- HUAWEI-SECURITY-MIB.mib
|