PANA-MIB

File: PANA-MIB.mib (16676 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
SNMP-FRAMEWORK-MIB IPSEC-SPD-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE NOTIFICATION-TYPE
Integer32 RowStatus PhysAddress
StorageType TimeStamp MODULE-COMPLIANCE
OBJECT-GROUP NOTIFICATION-GROUP SnmpAdminString
spdMIB spdActionExecuted spdIPInterfaceType
spdIPInterfaceAddress spdIPSourceType spdIPSourceAddress
spdIPDestinationType spdIPDestinationAddress spdPacketDirection

Defined Types

Pana802FilterEntry  
SEQUENCE    
  pana802FilterName SnmpAdminString
  pana802FilterType BITS
  pana802FilterDstAddr PhysAddress
  pana802FilterSrcAddr PhysAddress
  pana802FilterVlanId Integer32
  pana802FilterVlanTagRequired INTEGER
  pana802FilterEtherType Integer32
  pana802FilterUserPriority BITS
  pana802FiltLastChanged TimeStamp
  pana802FiltStorageType StorageType
  pana802FiltRowStatus RowStatus

Defined Values

panaMIB 1.3.6.1.2.1.153.1
The MIB module for defining additional PANA-specific objects to the IPSec SPD MIB. Copyright (C) The Internet Society (2003). This version of this MIB module is part of RFC XXXX, see the RFC itself for full legal notices.
MODULE-IDENTITY    

panaConfigObjects 1.3.6.1.2.1.153.1.1
OBJECT IDENTIFIER    

panaNotificationObjects 1.3.6.1.2.1.153.1.2
OBJECT IDENTIFIER    

panaConformanceObjects 1.3.6.1.2.1.153.1.3
OBJECT IDENTIFIER    

pana802FilterTable 1.3.6.1.2.1.153.1.1.1
IEEE 802-based filter definitions. A class that contains attributes of IEEE 802 (e.g., 802.3) traffic that form filters that are used to perform traffic classification.
Status: current Access: not-accessible
OBJECT-TYPE    
  SEQUENCE OF  
    Pana802FilterEntry

pana802FilterEntry 1.3.6.1.2.1.153.1.1.1.1
IEEE 802-based filter definitions. An entry specifies (potentially) several distinct matching components. Each component is tested against the data in a frame individually. An overall match occurs when all of the individual components match the data they are compared against in the frame being processed. A failure of any one test causes the overall match to fail. Wildcards may be specified for those fields that are not relevant.
Status: current Access: not-accessible
OBJECT-TYPE    
  Pana802FilterEntry  

pana802FilterName 1.3.6.1.2.1.153.1.1.1.1.1
The administrative name for this filter.
Status: current Access: not-accessible
OBJECT-TYPE    
  SnmpAdminString Size(1..32)  

pana802FilterType 1.3.6.1.2.1.153.1.1.1.1.2
This defines the various tests that are used when evaluating a given filter. The results of each test are ANDed together to produce the result of the entire filter. When processing this filter, it is recommended for efficiency reasons that the filter halt processing the instant any of the specified tests fail. Once a row is 'active', this object's value may not be changed unless all the appropriate columns needed by the new value to be imposed on this object have been appropriately configured. .
Status: current Access: read-create
OBJECT-TYPE    
  BITS srcAddress(0), dstAddress(1), vlanId(4), etherType(5), userPriority(6)  

pana802FilterDstAddr 1.3.6.1.2.1.153.1.1.1.1.3
The 802 address against which the 802 DA of incoming traffic streams will be compared. Frames whose 802 DA matches the physical address specified by this object, taking into account address wildcarding as specified by the pana802FilterDstAddrMask object, are potentially subject to the processing guidelines that are associated with this entry through the related action class.
Status: current Access: read-create
OBJECT-TYPE    
  PhysAddress  

pana802FilterSrcAddr 1.3.6.1.2.1.153.1.1.1.1.4
The 802 MAC address against which the 802 MAC SA of incoming traffic streams will be compared. Frames whose 802 MAC SA matches the physical address specified by this object, taking into account address wildcarding as specified by the pana802FilterSrcAddrMask object, are potentially subject to the processing guidelines that are associated with this entry through the related action class.
Status: current Access: read-create
OBJECT-TYPE    
  PhysAddress  

pana802FilterVlanId 1.3.6.1.2.1.153.1.1.1.1.5
The VLAN ID (VID) that uniquely identifies a VLAN within the device. This VLAN may be known or unknown (i.e., traffic associated with this VID has not yet been seen by the device) at the time this entry is instantiated. Setting the pana802FilterVlanId object to -1 indicates that VLAN data should not be considered during traffic classification.
Status: current Access: read-create
OBJECT-TYPE    
  Integer32 -1 | 1..4094  

pana802FilterVlanTagRequired 1.3.6.1.2.1.153.1.1.1.1.6
This object indicates whether the presence of an IEEE 802.1Q VLAN tag in data link layer frames must be considered when determining if a given frame matches this 802 filter entry. A value of 'taggedOnly(1)' means that only frames containing a VLAN tag with a non-Null VID (i.e., a VID in the range 1..4094) will be considered a match. A value of 'priorityTaggedPlus(2)' means that only frames containing a VLAN tag, regardless of the value of the VID, will be considered a match. A value of 'untaggedOnly(3)' indicates that only untagged frames will match this filter component. The presence of a VLAN tag is not taken into consideration in terms of a match if the value is 'ignoreTag(4)'.
Status: current Access: read-create
OBJECT-TYPE    
  INTEGER taggedOnly(1), priorityTaggedPlus(2), untaggedOnly(3), ignoreTag(4)  

pana802FilterEtherType 1.3.6.1.2.1.153.1.1.1.1.7
This object specifies the value that will be compared against the value contained in the EtherType field of an IEEE 802 frame. Example settings would include 'IP' (0x0800), 'ARP' (0x0806) and 'IPX' (0x8137). Setting the pana802FilterEtherTypeMin object to -1 indicates that EtherType data should not be considered during traffic classification. Note that the position of the EtherType field depends on the underlying frame format. For Ethernet-II encapsulation, the EtherType field follows the 802 MAC source address. For 802.2 LLC/SNAP encapsulation, the EtherType value follows the Organization Code field in the 802.2 SNAP header. The value that is tested with regard to this filter component therefore depends on the data link layer frame format being used. If this 802 filter component is active when there is no EtherType field in a frame (e.g., 802.2 LLC), a match is implied.
Status: current Access: read-create
OBJECT-TYPE    
  Integer32 -1 | 0..ffff  

pana802FilterUserPriority 1.3.6.1.2.1.153.1.1.1.1.8
The set of values, representing the potential range of user priority values, against which the value contained in the user priority field of a tagged 802.1 frame is compared. A test for equality is performed when determining if a match exists between the data in a data link layer frame and the value of this 802 filter component. Multiple values may be set at one time such that potentially several different user priority values may match this 802 filter component. Setting all of the bits that are associated with this object causes all user priority values to match this attribute. This essentially makes any comparisons with regard to user priority values unnecessary. Untagged frames are treated as an implicit match.
Status: current Access: read-create
OBJECT-TYPE    
  BITS matchPriority0(0), matchPriority1(1), matchPriority2(2), matchPriority3(3), matchPriority4(4), matchPriority5(5), matchPriority6(6), matchPriority7(7)  

pana802FiltLastChanged 1.3.6.1.2.1.153.1.1.1.1.9
The value of sysUpTime when this row was last modified or created either through SNMP SETs or by some other external means.
Status: current Access: read-only
OBJECT-TYPE    
  TimeStamp  

pana802FiltStorageType 1.3.6.1.2.1.153.1.1.1.1.10
The storage type for this row. Rows in this table which were created through an external process may have a storage type of readOnly or permanent.
Status: current Access: read-create
OBJECT-TYPE    
  StorageType  

pana802FiltRowStatus 1.3.6.1.2.1.153.1.1.1.1.11
This object indicates the conceptual status of this row. This object may not be set to active if the requirements of the pana802FilterType object are not met. In other words, if the associated value columns needed by a particular test have not been set, then attempting to change this row to an active state will result in an inconsistentValue error. See the pana802FilterType object description for further details.
Status: current Access: read-create
OBJECT-TYPE    
  RowStatus  

panaNotifications 1.3.6.1.2.1.153.1.2.0
OBJECT IDENTIFIER    

panaNewPacNotification 1.3.6.1.2.1.153.1.2.0.1
Notification that AP detected traffic coming from an unauthorized source. The objects sent must include the ipspActionExecuted which will indicate which action was executed within the scope of the rule. Additionally, the ipspIPSourceType, ipspIPSourceAddress, ipspIPDestinationType, and ipspIPDestinationAddress, objects must be included to indicate the packet source and destination of the packet that triggered the action. The ipspIPInterfaceType, ipspIPInterfaceAddress, and ipspPacketDirection objects are included to indicate which endpoint the packet was associated with.
Status: current Access: read-create
NOTIFICATION-TYPE