NETGEAR-PORTSECURITY-PRIVATE-MIB DEFINITIONS ::= BEGIN -- NETGEAR Port Mac Locking MIB -- LVL7 FASTPATH Port Security MIB -- Copyright LVL7 Systems (2004-2005) All rights reserved. -- This SNMP Management Information Specification -- embodies LVL7 System's confidential and proprietary -- intellectual property. LVL7 Systems retains all title -- and ownership in the Specification including any revisions. -- This Specification is supplied "AS IS", LVL7 Systems -- makes no warranty, either expressed or implied, -- as to the use, operation, condition, or performance of the -- Specification. IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32 FROM SNMPv2-SMI TEXTUAL-CONVENTION,RowStatus, MacAddress FROM SNMPv2-TC ifIndex FROM IF-MIB DisplayString FROM RFC1213-MIB ng7000Switch FROM NETGEAR-REF-MIB; agentPortSecurity MODULE-IDENTITY LAST-UPDATED "200502231200Z" -- 23 Feb 2005 12:00:00 GMT ORGANIZATION "Netgear" CONTACT-INFO "" DESCRIPTION "The NETGEAR0 Private MIB for Port Security Feature." -- revision history REVISION "200502231200Z" -- 23 Feb 2005 12:00:00 GMT DESCRIPTION "Initial revision." ::= { ng7000Switch 20 } --************************************************************************************** -- agentPortSecurityGroup -> contains MIB objects displaying Port Security -- and associated Functionality -- --************************************************************************************** agentPortSecurityGroup OBJECT IDENTIFIER ::= { agentPortSecurity 1} agentGlobalPortSecurityMode OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Mode showing whether at the global level, port security is enabled or not." DEFVAL { disable } ::={ agentPortSecurityGroup 1 } agentPortSecurityTable OBJECT-TYPE SYNTAX SEQUENCE OF AgentPortSecurityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table for Port Security and associated functionality." ::= { agentPortSecurityGroup 2 } agentPortSecurityEntry OBJECT-TYPE SYNTAX AgentPortSecurityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Represents entry for port security table" INDEX { ifIndex } ::={ agentPortSecurityTable 1} AgentPortSecurityEntry ::= SEQUENCE { agentPortSecurityMode INTEGER, agentPortSecurityDynamicLimit Unsigned32, agentPortSecurityStaticLimit Unsigned32, agentPortSecurityViolationTrapMode INTEGER, agentPortSecurityStaticMACs DisplayString, agentPortSecurityLastDiscardedMAC DisplayString, agentPortSecurityMACAddressAdd DisplayString, agentPortSecurityMACAddressRemove DisplayString, agentPortSecurityMACAddressMove INTEGER } agentPortSecurityMode OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Mode showing whether at port level security is enabled or not." DEFVAL { disable } ::={ agentPortSecurityEntry 1 } agentPortSecurityDynamicLimit OBJECT-TYPE SYNTAX Unsigned32(0..600) MAX-ACCESS read-write STATUS current DESCRIPTION "This variable signifies the limit of dynamically locked MAC addresses allowed on a specific port." DEFVAL { 600 } ::={ agentPortSecurityEntry 2 } agentPortSecurityStaticLimit OBJECT-TYPE SYNTAX Unsigned32(0..20) MAX-ACCESS read-write STATUS current DESCRIPTION "This variable signifies the limit of statically locked MAC addresses allowed on a specific port." DEFVAL { 20 } ::={ agentPortSecurityEntry 3 } agentPortSecurityViolationTrapMode OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This variable is used to enable or disable the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port." ::={agentPortSecurityEntry 4 } agentPortSecurityStaticMACs OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "This variable displays the statically locked MAC addresses for port. The list displayed in a particular fashion : 2 a0:b1:c2:d1:e3:a1,11 a0:b1:c2:d3:e4:f5 (i.e., VLAN MAC pairs separated by commas)." ::={agentPortSecurityEntry 6 } agentPortSecurityLastDiscardedMAC OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "This variable displays the vlan-id and source MAC address of the last packet that was discarded on a locked port." ::={agentPortSecurityEntry 7 } agentPortSecurityMACAddressAdd OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB variable accepts a VLAN id and MAC address to be added to the list of statically locked MAC addresses on a port. The VLAN id and MAC address combination would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and MAC address separated by a blank-space)." ::={ agentPortSecurityEntry 8 } agentPortSecurityMACAddressRemove OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB variable accepts a VLAN id and MAC address to be removed from the list of statically locked MAC addresses on a port.. The VLAN id and MAC address combination would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and MAC address separated by a blank-space)." ::={ agentPortSecurityEntry 9 } agentPortSecurityMACAddressMove OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "When this object is enabled, all the dynamically locked MAC addresses will be moved to statically locked addresses on a port. GET operation on this object will display disable." ::={ agentPortSecurityEntry 10 } --**********************************************************************-- agentPortSecurityDynamicTable OBJECT-TYPE SYNTAX SEQUENCE OF AgentPortSecurityDynamicEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table for Port Security Dynamic and associated functionality." ::= { agentPortSecurityGroup 3 } agentPortSecurityDynamicEntry OBJECT-TYPE SYNTAX AgentPortSecurityDynamicEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Represents entry for port MAC Locking table" INDEX { ifIndex,agentPortSecurityDynamicVLANId,agentPortSecurityDynamicMACAddress } ::={ agentPortSecurityDynamicTable 1} AgentPortSecurityDynamicEntry ::= SEQUENCE { agentPortSecurityDynamicVLANId Unsigned32, agentPortSecurityDynamicMACAddress MacAddress } agentPortSecurityDynamicVLANId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Source VLAN id of the packet that is received on the dynamically locked port." ::={agentPortSecurityDynamicEntry 1 } agentPortSecurityDynamicMACAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Source MAC address of the packet that is received on the dynamically locked port." ::={ agentPortSecurityDynamicEntry 2 } --************************************************************************************** -- agentPortSecurity Traps -- --************************************************************************************** agentPortSecurityTraps OBJECT IDENTIFIER ::= { agentPortSecurity 2 } agentPortSecurityViolation NOTIFICATION-TYPE OBJECTS { ifIndex, agentPortSecurityLastDiscardedMAC } STATUS current DESCRIPTION "Sent when a packet is received on a locked port with a source MAC address that is not allowed." ::= { agentPortSecurityTraps 1 } END