DOS-PREV-MIB
File:
DOS-PREV-MIB.mib (12033 bytes)
Imported modules
Imported symbols
Defined Types
SwDoSCtrlEntry |
|
SEQUENCE |
|
|
|
|
swDoSCtrlType |
INTEGER |
|
|
swDoSCtrlState |
INTEGER |
|
|
swDoSCtrlActionType |
INTEGER |
|
|
swDoSCtrlMirrorPort |
INTEGER |
|
|
swDoSCtrlMirrorPriority |
INTEGER |
|
|
swDoSCtrlMirrorRxRate |
INTEGER |
|
|
swDoSCtrlFrameCount |
INTEGER |
|
Defined Values
swDoSMgmtMIB |
1.3.6.1.4.1.171.12.59 |
The MIB module for configuring the DoS prevention settings of the device. |
MODULE-IDENTITY |
|
|
|
swDoSCtrl |
1.3.6.1.4.1.171.12.59.1 |
OBJECT IDENTIFIER |
|
|
|
swDoSTrapLog |
1.3.6.1.4.1.171.12.59.1.1 |
This object indicates the status of the DoS prevention trap log. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enable(1), disable(2), other(3) |
|
swDoSClearCounters |
1.3.6.1.4.1.171.12.59.1.2 |
This object clears the DoS prevention frame counters. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
land-attack(1), blat-attack(2), smurf-attack(3), tcp-null-scan(4), tcp-xmascan(5), tcp-synfin(6), tcp-syn-srcport-less-1024(7), all(8), other(9), arp-mac-sa-mismatch(10), fraggle-attack(11), icmp-redirect-attack(12), icmp-unreachable-attack(13), ip-route-record-attac(14), ip-source-route-attack(15), ping-death-attack(16), tcp-flag-synrst(17), tcp-over-mac-mcbc(18), tcp-syn-with-data(19), tcp-tiny-frag-attack(20), tcpudp-port-zero(21), tracert-attack(22), winnuke-attack(23) |
|
swDoSCtrlTable |
1.3.6.1.4.1.171.12.59.1.3 |
A table that holds the DoS prevention settings of the device. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SwDoSCtrlEntry |
|
swDoSCtrlEntry |
1.3.6.1.4.1.171.12.59.1.3.1 |
A list of DoS prevention settings of the device. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SwDoSCtrlEntry |
|
|
swDoSCtrlType |
1.3.6.1.4.1.171.12.59.1.3.1.1 |
This object indicates the DoS prevention type. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
land-attack(1), blat-attack(2), smurf-attack(3), tcp-null-scan(4), tcp-xmascan(5), tcp-synfin(6), tcp-syn-srcport-less-1024(7), arp-mac-sa-mismatch(10), fraggle-attack(11), icmp-redirect-attack(12), icmp-unreachable-attack(13), ip-route-record-attac(14), ip-source-route-attack(15), ping-death-attack(16), tcp-flag-synrst(17), tcp-over-mac-mcbc(18), tcp-syn-with-data(19), tcp-tiny-frag-attack(20), tcpudp-port-zero(21), tracert-attack(22), winnuke-attack(23) |
|
swDoSCtrlState |
1.3.6.1.4.1.171.12.59.1.3.1.2 |
This object indicates the status of the DoS prevention type. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enable(1), disable(2) |
|
swDoSCtrlActionType |
1.3.6.1.4.1.171.12.59.1.3.1.3 |
This object indicates the action for the DoS prevention type.
If this object is set to 'mirror' and swDoSCtrlState is set to 'enable', the configuration
will not take effect until a valid mirror port is specified. If mirror port is not valid
the behavior will be the same as 'drop' |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
drop(1), mirror(2) |
|
swDoSCtrlMirrorPort |
1.3.6.1.4.1.171.12.59.1.3.1.4 |
This object indicates the port to which the attack packet will be forwarded.
A value of 0 means that the DoS prevention action type is either not set to 'mirror'.
or the 'mirror' DoS action is not active. When swDoSCtrlActionType is set to 'mirror'
with swDoSCtrlState set to 'enable', setting this value to a valid port number will
activate the 'mirror' DoS action. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..65535 |
|
swDoSCtrlMirrorPriority |
1.3.6.1.4.1.171.12.59.1.3.1.5 |
This object configures the priority of the detected packet.
Valid priority values are from 0 to 7. The value 8 indicates that there will be
no change in the priority of the DoS attack packet as it is forwarded to the
mirror port. A valid mirror port must first be specified in order to set this value. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..8 |
|
swDoSCtrlMirrorRxRate |
1.3.6.1.4.1.171.12.59.1.3.1.6 |
This object indicates the rate of reception of DoS attack packets.
The valid values are 64 to 1024000.
A value of 0 indicates that the rate has no limit. The default value is 0.
A valid mirror port must first be specified in order to set this value. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
0..1024000 |
|
swDoSCtrlFrameCount |
1.3.6.1.4.1.171.12.59.1.3.1.7 |
This object indicates the number of frames detected under the DoS prevention type.
A valid mirror port must first be specified in order to set this value. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swDoSTrapState |
1.3.6.1.4.1.171.12.59.1.4 |
This object indicates the status of the DoS prevention trap. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swDoSLogState |
1.3.6.1.4.1.171.12.59.1.5 |
This object indicates the status of the DoS prevention log. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swDoSAttackDetected |
1.3.6.1.4.1.171.12.59.4.0.1 |
This trap is sent when the specific DoS packet is received and
trap is enabled. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
swDoSNotifyVarIpAddr |
1.3.6.1.4.1.171.12.59.4.1.1 |
If the DoS packet is from the end station, represent
the IP address of attacker; otherwise represent the
router's IP |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
swDoSNotifyVarPortNumber |
1.3.6.1.4.1.171.12.59.4.1.2 |
This object indicates the attacked portNum with a string,
For example, if the device is in standalone mode, and the port
number is 23, the string should be 23.
If the device is in stack mode, and the unit ID is 2, and the
port number is 3, the string should be 2:3. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
DisplayString |
|
|