PANA-MIB
File:
PANA-MIB.mib (16676 bytes)
Imported modules
Imported symbols
Defined Types
Pana802FilterEntry |
|
SEQUENCE |
|
|
|
|
pana802FilterName |
SnmpAdminString |
|
|
pana802FilterType |
BITS |
|
|
pana802FilterDstAddr |
PhysAddress |
|
|
pana802FilterSrcAddr |
PhysAddress |
|
|
pana802FilterVlanId |
Integer32 |
|
|
pana802FilterVlanTagRequired |
INTEGER |
|
|
pana802FilterEtherType |
Integer32 |
|
|
pana802FilterUserPriority |
BITS |
|
|
pana802FiltLastChanged |
TimeStamp |
|
|
pana802FiltStorageType |
StorageType |
|
|
pana802FiltRowStatus |
RowStatus |
|
Defined Values
panaMIB |
1.3.6.1.2.1.153.1 |
The MIB module for defining additional PANA-specific objects to
the IPSec SPD MIB. Copyright (C) The Internet Society (2003).
This version of this MIB module is part of RFC XXXX, see the
RFC itself for full legal notices. |
MODULE-IDENTITY |
|
|
|
pana802FilterTable |
1.3.6.1.2.1.153.1.1.1 |
IEEE 802-based filter definitions. A class that contains
attributes of IEEE 802 (e.g., 802.3) traffic that form
filters that are used to perform traffic classification. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
Pana802FilterEntry |
|
pana802FilterEntry |
1.3.6.1.2.1.153.1.1.1.1 |
IEEE 802-based filter definitions. An entry specifies
(potentially) several distinct matching components. Each
component is tested against the data in a frame
individually. An overall match occurs when all of the
individual components match the data they are compared
against in the frame being processed. A failure of any
one test causes the overall match to fail.
Wildcards may be specified for those fields that are not
relevant. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Pana802FilterEntry |
|
|
pana802FilterName |
1.3.6.1.2.1.153.1.1.1.1.1 |
The administrative name for this filter. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
Size(1..32) |
|
pana802FilterType |
1.3.6.1.2.1.153.1.1.1.1.2 |
This defines the various tests that are used when evaluating
a given filter. The results of each test are ANDed together
to produce the result of the entire filter. When processing
this filter, it is recommended for efficiency reasons that
the filter halt processing the instant any of the specified
tests fail.
Once a row is 'active', this object's value may not be
changed unless all the appropriate columns needed by the new
value to be imposed on this object have been appropriately
configured. . |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
BITS |
srcAddress(0), dstAddress(1), vlanId(4), etherType(5), userPriority(6) |
|
pana802FilterDstAddr |
1.3.6.1.2.1.153.1.1.1.1.3 |
The 802 address against which the 802 DA of incoming
traffic streams will be compared. Frames whose 802 DA
matches the physical address specified by this object,
taking into account address wildcarding as specified by the
pana802FilterDstAddrMask object, are potentially subject to
the processing guidelines that are associated with this
entry through the related action class. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
PhysAddress |
|
|
pana802FilterSrcAddr |
1.3.6.1.2.1.153.1.1.1.1.4 |
The 802 MAC address against which the 802 MAC SA of
incoming traffic streams will be compared. Frames whose 802
MAC SA matches the physical address specified by this
object, taking into account address wildcarding as specified
by the pana802FilterSrcAddrMask object, are potentially
subject to the processing guidelines that are associated
with this entry through the related action class. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
PhysAddress |
|
|
pana802FilterVlanId |
1.3.6.1.2.1.153.1.1.1.1.5 |
The VLAN ID (VID) that uniquely identifies a VLAN
within the device. This VLAN may be known or unknown
(i.e., traffic associated with this VID has not yet
been seen by the device) at the time this entry
is instantiated.
Setting the pana802FilterVlanId object to -1 indicates that
VLAN data should not be considered during traffic
classification. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1 | 1..4094 |
|
pana802FilterVlanTagRequired |
1.3.6.1.2.1.153.1.1.1.1.6 |
This object indicates whether the presence of an
IEEE 802.1Q VLAN tag in data link layer frames must
be considered when determining if a given frame
matches this 802 filter entry.
A value of 'taggedOnly(1)' means that only frames
containing a VLAN tag with a non-Null VID (i.e., a
VID in the range 1..4094) will be considered a match.
A value of 'priorityTaggedPlus(2)' means that only
frames containing a VLAN tag, regardless of the value
of the VID, will be considered a match.
A value of 'untaggedOnly(3)' indicates that only
untagged frames will match this filter component.
The presence of a VLAN tag is not taken into
consideration in terms of a match if the value is
'ignoreTag(4)'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
taggedOnly(1), priorityTaggedPlus(2), untaggedOnly(3), ignoreTag(4) |
|
pana802FilterEtherType |
1.3.6.1.2.1.153.1.1.1.1.7 |
This object specifies the value that will be compared
against the value contained in the EtherType field of an
IEEE 802 frame. Example settings would include 'IP'
(0x0800), 'ARP' (0x0806) and 'IPX' (0x8137).
Setting the pana802FilterEtherTypeMin object to -1 indicates
that EtherType data should not be considered during traffic
classification.
Note that the position of the EtherType field depends on
the underlying frame format. For Ethernet-II encapsulation,
the EtherType field follows the 802 MAC source address. For
802.2 LLC/SNAP encapsulation, the EtherType value follows
the Organization Code field in the 802.2 SNAP header. The
value that is tested with regard to this filter component
therefore depends on the data link layer frame format being
used. If this 802 filter component is active when there is
no EtherType field in a frame (e.g., 802.2 LLC), a match is
implied. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1 | 0..ffff |
|
pana802FilterUserPriority |
1.3.6.1.2.1.153.1.1.1.1.8 |
The set of values, representing the potential range
of user priority values, against which the value contained
in the user priority field of a tagged 802.1 frame is
compared. A test for equality is performed when determining
if a match exists between the data in a data link layer
frame and the value of this 802 filter component. Multiple
values may be set at one time such that potentially several
different user priority values may match this 802 filter
component.
Setting all of the bits that are associated with this
object causes all user priority values to match this
attribute. This essentially makes any comparisons
with regard to user priority values unnecessary. Untagged
frames are treated as an implicit match. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
BITS |
matchPriority0(0), matchPriority1(1), matchPriority2(2), matchPriority3(3), matchPriority4(4), matchPriority5(5), matchPriority6(6), matchPriority7(7) |
|
pana802FiltLastChanged |
1.3.6.1.2.1.153.1.1.1.1.9 |
The value of sysUpTime when this row was last modified or
created either through SNMP SETs or by some other external
means. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TimeStamp |
|
|
pana802FiltStorageType |
1.3.6.1.2.1.153.1.1.1.1.10 |
The storage type for this row. Rows in this table which were
created through an external process may have a storage type
of readOnly or permanent. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
StorageType |
|
|
pana802FiltRowStatus |
1.3.6.1.2.1.153.1.1.1.1.11 |
This object indicates the conceptual status of this row.
This object may not be set to active if the requirements of
the pana802FilterType object are not met. In other words,
if the associated value columns needed by a particular test
have not been set, then attempting to change this row to an
active state will result in an inconsistentValue error. See
the pana802FilterType object description for further
details. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
panaNewPacNotification |
1.3.6.1.2.1.153.1.2.0.1 |
Notification that AP detected traffic coming from an
unauthorized source. The objects sent must include the
ipspActionExecuted which will indicate which action was executed
within the scope of the rule. Additionally, the ipspIPSourceType,
ipspIPSourceAddress, ipspIPDestinationType, and
ipspIPDestinationAddress, objects must be included to indicate the
packet source and destination of the packet that triggered the
action. The ipspIPInterfaceType, ipspIPInterfaceAddress, and
ipspPacketDirection objects are included to indicate which endpoint
the packet was associated with. |
Status: current |
Access: read-create |
NOTIFICATION-TYPE |
|
|
|