HM2-DOS-MITIGATION-MIB
File:
HM2-DOS-MITIGATION-MIB.mib (13324 bytes)
Imported modules
Imported symbols
Defined Types
| DosFeatureValue |
|
| Type of feature support:
- hw(1): Supported in Hardware
- sw(2): Supported in Software
- noSup(3): Not implemented (no support) |
| TEXTUAL-CONVENTION |
|
|
|
| |
INTEGER |
hw(1), sw(2), noSup(3) |
|
| Hm2DosMitigationLimiterRuleEntry |
|
| SEQUENCE |
|
|
|
| |
hm2DosMitigationLimiterInterface |
InterfaceIndex |
|
| |
hm2DosMitigationLimiterTcpSynLimit |
Unsigned32 |
|
| |
hm2DosMitigationLimiterArpLimit |
Unsigned32 |
|
| |
hm2DosMitigationLimiterRowStatus |
RowStatus |
|
Defined Values
| hm2DosMitigationMib |
1.3.6.1.4.1.248.11.82 |
| Hirschmann Denial of Service MIB
Copyright (C) 2012. All Rights Reserved. |
| MODULE-IDENTITY |
|
|
|
| hm2DosMitigationTcpNullScan |
1.3.6.1.4.1.248.11.82.1.1.1.1 |
| When enabled, TCP Null scans (TCP flags and sequence number
set to 0) are filtered by the device. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationTcpXmasScan |
1.3.6.1.4.1.248.11.82.1.1.1.4 |
| When enabled TCP Xmas scans (TCP flags FIN,
URG and PSH all set to 1 and a TCP sequence
number = 0) are filtered by the device. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationLandAttack |
1.3.6.1.4.1.248.11.82.1.1.1.13 |
| When enabled all IP frames are checked for equality of
src and dst IP address (known as land attack). Packets that
contain such a combination are silently discarded when
enabled. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationTcpOffsetEqu1 |
1.3.6.1.4.1.248.11.82.1.1.1.14 |
| Enable/Disable TCP offset DoS protection. All packets
ingress having a TCP header offset equal to 1 are dropped. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationTcpPrivilegedSrcPort |
1.3.6.1.4.1.248.11.82.1.1.1.15 |
| Enable/Disable TCP SYN and L4 source port smaller than 1024
DoS protection. All packets ingress having the TCP SYN flag set
and a L4 source port from 0 to 1023 are dropped. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationTcpSrcDstPortEqu |
1.3.6.1.4.1.248.11.82.1.1.1.16 |
| Enable/Disable L4 source port equals L4 destination port
DoS protection. All TCP or UDP packets ingress having the
L4 source port equal to L4 destination port are dropped. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationIcmpPacketSize |
1.3.6.1.4.1.248.11.82.1.1.2.4 |
| Specifies the max. allowed payload size of ICMP packets.
Packets having bigger payload are filtered by the device
if the hm2DosMitigationIcmpPacketSizeMode is enabled. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
Unsigned32 |
0..1472 |
|
| hm2DosMitigationIcmpPacketSizeMode |
1.3.6.1.4.1.248.11.82.1.1.2.5 |
| When enabled all ICMP ingress packets having the
payload bigger than hm2DosMitigationIcmpPacketSize
are filtered by device. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationIcmpSmurfAttack |
1.3.6.1.4.1.248.11.82.1.1.2.6 |
| When enabled, all ingress ICMP packets having
the type set to ECHO_REQ (ping) and a broadcast
destination IP are dropped. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationSMacDMac |
1.3.6.1.4.1.248.11.82.1.1.3.7 |
| Enable/Disable source MAC address equals destination
MAC address DoS protection. All packets ingress having
SMAC equals DMAC are dropped. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
HmEnabledStatus |
|
|
| hm2DosMitigationLimiterRuleEntry |
1.3.6.1.4.1.248.11.82.1.2.2.1.1 |
| TCP Syn Interface entry. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
Hm2DosMitigationLimiterRuleEntry |
|
|
| hm2DosMitigationLimiterTcpSynLimit |
1.3.6.1.4.1.248.11.82.1.2.2.1.1.2 |
| The number of allowed outgoing TCP syn packets per second
per interface.
A value of 0 disables the limiter for this interface. |
| Status: current |
Access: read-create |
| OBJECT-TYPE |
|
|
|
| |
Unsigned32 |
|
|
| hm2DosMitigationLimiterArpLimit |
1.3.6.1.4.1.248.11.82.1.2.2.1.1.3 |
| The number of allowed outgoing ARP packets per second per
interface.
A value of 0 disables the limiter for this interface. |
| Status: current |
Access: read-create |
| OBJECT-TYPE |
|
|
|
| |
Unsigned32 |
|
|
| hm2DosMitigationCompliance |
1.3.6.1.4.1.248.11.82.2.1.1 |
| The compliance statement for an SNMP entity which
implements the Hirschmann DOS Mitigation MIB. |
| Status: current |
Access: read-create |
| MODULE-COMPLIANCE |
|
|
|
| hm2DosMitigationGeneralGroup |
1.3.6.1.4.1.248.11.82.2.2.1 |
| A collection of all Hirschmann objects provided by the DoS Mitigation
module. |
| Status: current |
Access: read-create |
| OBJECT-GROUP |
|
|
|