DLINKSW-PORT-SECURITY-MIB
File:
DLINKSW-PORT-SECURITY-MIB.mib (20888 bytes)
Imported modules
Imported symbols
Defined Types
DPortSecVlanEntry |
|
SEQUENCE |
|
|
|
|
dPortSecVlanID |
VlanId |
|
|
dPortSecVlanMaximumNum |
Integer32 |
|
|
dPortSecVlanCurrentNum |
Unsigned32 |
|
DPortSecIfEntry |
|
SEQUENCE |
|
|
|
|
dPortSecIfEnable |
TruthValue |
|
|
dPortSecIfCurrentStatus |
INTEGER |
|
|
dPortSecIfMaximumNum |
Unsigned32 |
|
|
dPortSecIfViolationAction |
INTEGER |
|
|
dPortSecIfSecureMode |
INTEGER |
|
|
dPortSecIfAgingTime |
INTEGER |
|
|
dPortSecIfAgingType |
INTEGER |
|
|
dPortSecIfClearDynamicAddr |
INTEGER |
|
|
dPortSecIfCurrentNum |
Unsigned32 |
|
|
dPortSecIfViolationCount |
Counter64 |
|
DPortSecAddrEntry |
|
SEQUENCE |
|
|
|
|
dPortSecAddrIfIndex |
InterfaceIndex |
|
|
dPortSecAddrVlanID |
VlanIdOrNone |
|
|
dPortSecAddrMacAddress |
MacAddress |
|
|
dPortSecAddrSecureMode |
INTEGER |
|
|
dPortSecAddrRemainTime |
INTEGER |
|
|
dPortSecAddrRowStatus |
RowStatus |
|
Defined Values
dlinkSwPortSecurityMIB |
1.3.6.1.4.1.171.14.8 |
This MIB module defines objects for port security. |
MODULE-IDENTITY |
|
|
|
dPortSecGlobalNotifControl |
1.3.6.1.4.1.171.14.8.1.1 |
Set to 'true' to enable global SNMP Notification
for port security feature. Setting the object to
'false' will disable SNMP notifications. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
dPortSecGlobalNotifRate |
1.3.6.1.4.1.171.14.8.1.2 |
Expressed in the number of notifications can be generated
per second.
The global control configures the rate-limit of
SNMP Notification for port security feature. This object
specifies the rate at which SNMP Notification is generated
when dPortSecIfViolationCount increases. When the rate is over
the configured rate, the SNMP Notification is suppressed but it
does not affect dPortSecIfViolationCount.
A value of 0 indicates that an SNMP Notification is generated
for every security violation. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..1000 |
|
dPortSecIfViolationMacAddress |
1.3.6.1.4.1.171.14.8.1.3.1 |
This object is also used as a variable in the dPortSecMacAddrViolation
notification to contain the value of the MAC address which caused the violation. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
MacAddress |
|
|
dPortSecGlobalMaximumNum |
1.3.6.1.4.1.171.14.8.1.4 |
Indicates the system maximum addresses number (users) allowed.
A value of -1 means no-limit. The max entry range is (1..N).
The value N means the max number and is determined by the project itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
dPortSecVlanTable |
1.3.6.1.4.1.171.14.8.1.5 |
The table is used to configure and display port security settings
and status for a particular VLAN. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DPortSecVlanEntry |
|
dPortSecVlanEntry |
1.3.6.1.4.1.171.14.8.1.5.1 |
An entry contains port security information for a particular
VLAN. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DPortSecVlanEntry |
|
|
dPortSecVlanID |
1.3.6.1.4.1.171.14.8.1.5.1.1 |
This object specifies the VLAN ID for address learning. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
VlanId |
|
|
dPortSecVlanMaximumNum |
1.3.6.1.4.1.171.14.8.1.5.1.2 |
Indicates the VLAN maximum addresses number (users) allowed.
A value of -1 means no-limit. The range is (1..N).
The value N means the upper limit and is determined by the project
itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
dPortSecVlanCurrentNum |
1.3.6.1.4.1.171.14.8.1.5.1.3 |
Indicates the current number of secure MAC addresses on this VLAN. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
dPortSecIfTable |
1.3.6.1.4.1.171.14.8.1.6 |
The table is used to configure and display port security settings
and status for a particular interface. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DPortSecIfEntry |
|
dPortSecIfEntry |
1.3.6.1.4.1.171.14.8.1.6.1 |
Entry containing port security information for a particular
interface. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DPortSecIfEntry |
|
|
dPortSecIfEnable |
1.3.6.1.4.1.171.14.8.1.6.1.1 |
Uses the object to enable or disable port security. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
dPortSecIfCurrentStatus |
1.3.6.1.4.1.171.14.8.1.6.1.2 |
This object represents the operational status
of the port security feature on an interface.
notEnabled(1) - This indicates port security
is not enabled.
forwarding(2) - This indicates port security is
operational.
errDisabled(3) - This indicates that the port is
shutdown due to port security
violation when the object
dPortSecIfViolationAction is of type
'shutdown'. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
notEnabled(1), forwarding(2), errDisabled(3) |
|
dPortSecIfMaximumNum |
1.3.6.1.4.1.171.14.8.1.6.1.3 |
This object sets the maximum number of secure MAC addresses
(users) allowed. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
dPortSecIfViolationAction |
1.3.6.1.4.1.171.14.8.1.6.1.4 |
This object sets the action to be taken when a security violation is detected.
protect(1) - Drops all the packets from the insecure hosts at the
port-security process level but does not increment
the security-violation count.
restrict(2) - Drops all packets from the insecure hosts at the
port-security process level and increments the
security-violation count.
shutdown(3) - Shuts down the port if there is a security violation. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
protect(1), restrict(2), shutdown(3) |
|
dPortSecIfSecureMode |
1.3.6.1.4.1.171.14.8.1.6.1.5 |
Use the object to set the port security mode.
permanent(1) - Under this mode all learned MAC addresses won't be
purged unless a user deletes these entries manually.
deleteOnTimeout(2) - Under this mode all learned MAC addresses
will be purged when an entry ages out or a user deletes
these entries manually. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
permanent(1), deleteOnTimeout(2) |
|
dPortSecIfAgingTime |
1.3.6.1.4.1.171.14.8.1.6.1.6 |
Use the object to set aging time for auto-learned dynamic secured address.
When 0 is set on the specified interface, it means the port security aging
has been disabled. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..1440 |
|
dPortSecIfAgingType |
1.3.6.1.4.1.171.14.8.1.6.1.7 |
Use the object to set aging type for auto-learned dynamic secured address.
absolute(1) - Under this aging type, all the secured address on this interface will
age out exactly after the time specified.
inactivity(2) - Under this aging type, all learned MAC addresses on this interface
will age out only if there is no data traffic from the secure source
address for the specified time period. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
absolute(1), inactivity(2) |
|
dPortSecIfClearDynamicAddr |
1.3.6.1.4.1.171.14.8.1.6.1.8 |
Setting this object to 'clear' to clear the addresses which will be
purged out when an entry is aged out on the corresponding
interface.
No action is taken if this object is set to 'noOp'.
When read, the value 'noOp' is returned. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
clear(1), noOp(2) |
|
dPortSecIfCurrentNum |
1.3.6.1.4.1.171.14.8.1.6.1.9 |
Indicates the current number of secure MAC addresses
on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
dPortSecIfViolationCount |
1.3.6.1.4.1.171.14.8.1.6.1.10 |
Indicates the number of address violations
occurred on a secure interface. The counter will
be initialized to zero when the port security
feature is enabled on an interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter64 |
|
|
dPortSecAddrTableCurrentNum |
1.3.6.1.4.1.171.14.8.1.7 |
This object indicates the number of entries present in the dPortSecAddrTable. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
dPortSecAddrTable |
1.3.6.1.4.1.171.14.8.1.8 |
A list of port security entries containing the secure MAC address
information. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
DPortSecAddrEntry |
|
dPortSecAddrEntry |
1.3.6.1.4.1.171.14.8.1.8.1 |
An entry contains secure MAC address information for a particular
interface. A secure MAC address can be added by the user
and can be added when the device learns a new secure MAC address. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
DPortSecAddrEntry |
|
|
dPortSecAddrVlanID |
1.3.6.1.4.1.171.14.8.1.8.1.2 |
This object specifies the VLAN ID where the user-defined secure
MAC address is located. If this object is set to 0 at row creation
time, the PVID (default port VLAN ID) will be used for the MAC
address. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
VlanIdOrNone |
|
|
dPortSecAddrMacAddress |
1.3.6.1.4.1.171.14.8.1.8.1.3 |
This object indicates the secure MAC address to gain port access
rights. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
MacAddress |
|
|
dPortSecAddrSecureMode |
1.3.6.1.4.1.171.14.8.1.8.1.4 |
Specifies the secure mode.
For manually configured secure MAC addresses, the dPortSecAddrSecureMode is
permanent. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
permanent(1), deleteOnTimeout(2) |
|
dPortSecAddrRemainTime |
1.3.6.1.4.1.171.14.8.1.8.1.5 |
Specifies the remaining aging time for the auto-learned dynamic secured address. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
dPortSecAddrRowStatus |
1.3.6.1.4.1.171.14.8.1.8.1.99 |
The status of this conceptual row.
This object is used to create and delete instances
of this table. In other words, besides 'permanent' secure MAC
address, a 'deleteOnTimeout' address can be cleared by
this object. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
dPortSecMacAddrViolation |
1.3.6.1.4.1.171.14.8.0.1 |
The address violation notification is generated when port security
address violation is detected (dPortSecIfViolationCount increases). |
Status: current |
Access: read-create |
NOTIFICATION-TYPE |
|
|
|
dPortSecMIBCompliance |
1.3.6.1.4.1.171.14.8.2.1.1 |
The compliance statement for the Port Security MIB. |
Status: current |
Access: read-create |
MODULE-COMPLIANCE |
|
|
|
dPortSecIfCfgGroup |
1.3.6.1.4.1.171.14.8.2.2.1 |
A collection of objects for configuring port
security feature. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|
dPortSecIfStatusGroup |
1.3.6.1.4.1.171.14.8.2.2.2 |
A collection of objects providing the counter
information for the port security feature. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|
dPortSecAddrGroup |
1.3.6.1.4.1.171.14.8.2.2.3 |
A collection of objects providing the address
information for the port security feature. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|
dPortSecAddrNumCtrlGroup |
1.3.6.1.4.1.171.14.8.2.2.4 |
A collection of objects provides the configuration of
the maximum secure MAC address number on system or VLAN specific. |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|
dPortSecNotifEnableGroup |
1.3.6.1.4.1.171.14.8.2.2.5 |
A collection of object(s) that provides control over
port security related notification(s). |
Status: current |
Access: read-create |
OBJECT-GROUP |
|
|
|
dPortSecNotifGroup |
1.3.6.1.4.1.171.14.8.2.2.6 |
A collection of notifications providing information
about address violation. |
Status: current |
Access: read-create |
NOTIFICATION-GROUP |
|
|
|