mirror of
https://github.com/hsnodgrass/snmp_mib_archive.git
synced 2025-04-17 16:03:04 +00:00
541 lines
16 KiB
Plaintext
541 lines
16 KiB
Plaintext
-- *********************************************************************
|
|
-- CISCO-FCSP-MIB.my: Fibre Channel Security Protocols MIB.
|
|
--
|
|
-- October 2003, Charuhas Ghatge
|
|
--
|
|
-- Copyright (c) 2003, 2004 by cisco Systems, Inc.
|
|
-- All rights reserved.
|
|
--
|
|
-- *********************************************************************
|
|
|
|
CISCO-FCSP-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
Unsigned32, Counter32,
|
|
NOTIFICATION-TYPE FROM SNMPv2-SMI
|
|
MODULE-COMPLIANCE, OBJECT-GROUP,
|
|
NOTIFICATION-GROUP FROM SNMPv2-CONF
|
|
RowStatus FROM SNMPv2-TC
|
|
SnmpAdminString FROM SNMP-FRAMEWORK-MIB
|
|
FcNameId FROM CISCO-ST-TC
|
|
ifIndex, ifDescr FROM IF-MIB
|
|
ciscoMgmt FROM CISCO-SMI;
|
|
|
|
|
|
ciscoFcspMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200407020000Z"
|
|
ORGANIZATION "Cisco Systems Inc. "
|
|
CONTACT-INFO
|
|
" Cisco Systems
|
|
Customer Service
|
|
Postal: 170 W Tasman Drive
|
|
San Jose, CA 95134
|
|
USA
|
|
Tel: +1 800 553 -NETS
|
|
E-mail: cs-san@cisco.com"
|
|
DESCRIPTION
|
|
"MIB module for managing Fibre Channel Security for the
|
|
fibre channel devices.
|
|
|
|
This MIB is used to configure and monitor the
|
|
Fibre-Channel Security Protocol (FC-SP)
|
|
|
|
Rev 1.1 of FC-SP, Dated 04/18/03,
|
|
T11/Project 1570-D.
|
|
Please refer to http://www.t11.org.
|
|
"
|
|
|
|
REVISION "200407020000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { ciscoMgmt 391 }
|
|
|
|
|
|
ciscoFcspMIBNotifications
|
|
OBJECT IDENTIFIER ::= { ciscoFcspMIB 0 }
|
|
ciscoFcspMIBObjects
|
|
OBJECT IDENTIFIER ::= { ciscoFcspMIB 1 }
|
|
ciscoFcspMIBConformance
|
|
OBJECT IDENTIFIER ::= { ciscoFcspMIB 2 }
|
|
|
|
|
|
cfcspConfig OBJECT IDENTIFIER ::=
|
|
{ ciscoFcspMIBObjects 1 }
|
|
|
|
cfcspInfo OBJECT IDENTIFIER ::=
|
|
{ ciscoFcspMIBObjects 2 }
|
|
|
|
cfcspStatistics OBJECT IDENTIFIER ::=
|
|
{ ciscoFcspMIBObjects 3 }
|
|
|
|
cfcspNotificationObjects OBJECT IDENTIFIER ::=
|
|
{ ciscoFcspMIBObjects 4 }
|
|
|
|
|
|
|
|
--
|
|
-- FCSP interface configuration
|
|
--
|
|
|
|
cfcspIfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CfcspIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table provides the FCSP configuration for the
|
|
fibre channel interfaces. Note that the ifType for
|
|
the fibre channel interfaces is fibreChannel(56)."
|
|
::= { cfcspConfig 1 }
|
|
|
|
cfcspIfEntry OBJECT-TYPE
|
|
SYNTAX CfcspIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) in the cfcspIfTable,
|
|
containing FCSP configuration for the
|
|
interface identified by ifIndex.
|
|
|
|
Each entry contains a FCSP mode of the interface,
|
|
reauthentication interval and authentication command
|
|
object.
|
|
"
|
|
INDEX { ifIndex }
|
|
::= { cfcspIfTable 1 }
|
|
|
|
CfcspIfEntry ::= SEQUENCE {
|
|
cfcspMode INTEGER,
|
|
cfcspReauthInterval Unsigned32,
|
|
cfcspReauthenticate INTEGER
|
|
}
|
|
|
|
cfcspMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
off (1),
|
|
autoPassive (2),
|
|
autoActive (3),
|
|
on (4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The FC-SP mode of this interface.
|
|
|
|
If off(1), port would never initiate FC-SP
|
|
authentication exchange and send reject to any FC-SP
|
|
authentication message started from other end.
|
|
|
|
If autoPassive(2), a port would not initiate any FC-SP
|
|
authentication exchange; but would always take part in
|
|
FC-SP authentication exchange initiated on this
|
|
interface by other devices.
|
|
|
|
If autoActive(3), a port would always try to initiate
|
|
FC-SP authentication exchange after ESC. If otherside
|
|
does not support FC-SP authentication, port will
|
|
still be brought up. If the authentication fails, the
|
|
port will not be brought up.
|
|
|
|
If on(4), port would always try to initiate FC-SP
|
|
authentication exchange and authentication is done
|
|
before the port becomes up. If otherside does not
|
|
support FC-SP authentication or if authentication
|
|
fails, port will not be brought up."
|
|
|
|
|
|
DEFVAL {autoPassive}
|
|
::= {cfcspIfEntry 1}
|
|
|
|
|
|
cfcspReauthInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..100000)
|
|
UNITS "minutes"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time for which a port has to wait
|
|
before trying to re-authenticate the other
|
|
end.
|
|
0 means re-authentication is not done.
|
|
This object is not relevant if cfcspMode is 'off'."
|
|
DEFVAL { 0 }
|
|
::= {cfcspIfEntry 2}
|
|
|
|
|
|
cfcspReauthenticate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable (1),
|
|
noOp (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If this object is set to 'enable',
|
|
reauthentication is started.
|
|
No action is taken if set to 'noOp'.
|
|
When read, always 'noOp' is returned."
|
|
::= {cfcspIfEntry 3}
|
|
|
|
|
|
-- fcsp configuration objects
|
|
|
|
cfcspAuthProtocols OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dhChap(0),
|
|
fcCap(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The FC-SP authentication protocols used by this
|
|
device.
|
|
|
|
Only 1 bit can be set to 1 at any time. The bit
|
|
that is set to 1, its corresponding protocol will
|
|
be used first and other protocol will be used
|
|
as second preference."
|
|
::= {cfcspConfig 2}
|
|
|
|
|
|
cfcspTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32 (20..1000)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Timeout period for FC-SP messages"
|
|
DEFVAL { 20 }
|
|
::= { cfcspConfig 3 }
|
|
|
|
|
|
|
|
|
|
-- DH-CHAP Configuration objects
|
|
--
|
|
-- DH-CHAP is a password based Authentication and key exchange
|
|
-- protocol that uses the CHAP algorithm [RFC 1994] augmented
|
|
-- with an optional Diffie-Hellman exchange.
|
|
|
|
cfcspDhChapObjects OBJECT IDENTIFIER ::=
|
|
{ cfcspConfig 4 }
|
|
|
|
cfcspDhChapHashList OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (2))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each octet in this object contains a IANA
|
|
assigned identifier of a proposed hash mechanism, in
|
|
the order of preference. The first octet is the most
|
|
preferred and the last octet contains the least
|
|
preferred."
|
|
REFERENCE
|
|
"Rev 1.1 of FC-SP, section 5.4.2.2"
|
|
|
|
::= { cfcspDhChapObjects 1 }
|
|
|
|
|
|
|
|
cfcspDhChapGroupList OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (5))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each octet in this object contains
|
|
a group number, corresponding to a Diffie-Hellman
|
|
group identifier, in order of preference.
|
|
Currently there are 5 groups supported,
|
|
from value 0 through 4.
|
|
|
|
Each number corresponds to the Diffie-Hellman group
|
|
as follows -
|
|
|
|
0 - DH_NULL
|
|
1 - DH_1024
|
|
2 - DH_1280
|
|
3 - DH_1536
|
|
4 - DH_2048 "
|
|
REFERENCE
|
|
"Rev 1.1 of FC-SP, section 5.4.2.3"
|
|
::= { cfcspDhChapObjects 2 }
|
|
|
|
|
|
|
|
cfcspDhChapGenericPasswd OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE (1..64))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"DHCHAP Password for this device"
|
|
::= { cfcspDhChapObjects 3 }
|
|
|
|
|
|
cfcspLocalPasswdTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CfcspLocalPasswdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table provides the FCSP DHCHAP password
|
|
configuration for the device."
|
|
::= { cfcspConfig 5 }
|
|
|
|
|
|
cfcspLocalPasswdEntry OBJECT-TYPE
|
|
SYNTAX CfcspLocalPasswdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) in the cfcspLocalPasswdTable.
|
|
Each entry, indexed by the device's World-wide name,
|
|
consists of a local password and a rowStatus object."
|
|
INDEX { cfcspSwitchWwn }
|
|
::= { cfcspLocalPasswdTable 1 }
|
|
|
|
|
|
CfcspLocalPasswdEntry ::= SEQUENCE {
|
|
cfcspSwitchWwn FcNameId,
|
|
cfcspLocalPasswd SnmpAdminString,
|
|
cfcspLocalPassRowStatus RowStatus
|
|
}
|
|
|
|
cfcspSwitchWwn OBJECT-TYPE
|
|
SYNTAX FcNameId
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The World-Wide Name of the host with which this
|
|
password has to be used."
|
|
::= { cfcspLocalPasswdEntry 1 }
|
|
|
|
|
|
cfcspLocalPasswd OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE (1..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"DHCHAP Password of the local device."
|
|
::= { cfcspLocalPasswdEntry 2 }
|
|
|
|
|
|
cfcspLocalPassRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row. "
|
|
::= { cfcspLocalPasswdEntry 3 }
|
|
|
|
|
|
cfcspRemotePasswdTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CfcspRemotePasswdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table provides the FCSP DHCHAP password
|
|
configuration for other devices"
|
|
::= { cfcspConfig 6 }
|
|
|
|
|
|
cfcspRemotePasswdEntry OBJECT-TYPE
|
|
SYNTAX CfcspRemotePasswdEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) in the
|
|
cfcspRemotePasswdTable.
|
|
|
|
Each entry, indexed by the remote device's
|
|
World-wide name, consists of a DHCHAP
|
|
password and a rowStatus object."
|
|
INDEX { cfcspRemoteSwitchWwn }
|
|
::= { cfcspRemotePasswdTable 1 }
|
|
|
|
|
|
CfcspRemotePasswdEntry ::= SEQUENCE {
|
|
cfcspRemoteSwitchWwn FcNameId,
|
|
cfcspRemotePasswd SnmpAdminString,
|
|
cfcspRemotePassRowStatus RowStatus
|
|
}
|
|
|
|
cfcspRemoteSwitchWwn OBJECT-TYPE
|
|
SYNTAX FcNameId
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The World-Wide Name of other device."
|
|
::= { cfcspRemotePasswdEntry 1 }
|
|
|
|
|
|
cfcspRemotePasswd OBJECT-TYPE
|
|
SYNTAX SnmpAdminString (SIZE (1..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Password of the other device. "
|
|
::= { cfcspRemotePasswdEntry 2 }
|
|
|
|
|
|
cfcspRemotePassRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row."
|
|
::= { cfcspRemotePasswdEntry 3 }
|
|
|
|
|
|
|
|
|
|
--
|
|
-- FCSP interface Statistics
|
|
--
|
|
|
|
cfcspIfStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CfcspIfStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table provides the FCSP statistics for all the
|
|
fibre channel interfaces."
|
|
::= { cfcspStatistics 1 }
|
|
|
|
cfcspIfStatsEntry OBJECT-TYPE
|
|
SYNTAX CfcspIfStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) in the cfcspIfStatsTable."
|
|
INDEX { ifIndex }
|
|
::= { cfcspIfStatsTable 1 }
|
|
|
|
CfcspIfStatsEntry ::= SEQUENCE {
|
|
cfcspIfAuthSucceeded Counter32,
|
|
cfcspIfAuthFailed Counter32,
|
|
cfcspIfAuthByPassed Counter32
|
|
}
|
|
|
|
cfcspIfAuthSucceeded OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times the FCSP authentication
|
|
succeeded on this interface."
|
|
::= {cfcspIfStatsEntry 1}
|
|
|
|
|
|
cfcspIfAuthFailed OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times the FCSP authentication failed on
|
|
this interface."
|
|
::= {cfcspIfStatsEntry 2}
|
|
|
|
|
|
cfcspIfAuthByPassed OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times the FCSP authentication was
|
|
bypassed on this interface."
|
|
::= {cfcspIfStatsEntry 3}
|
|
|
|
|
|
|
|
cfcspAuthFailNotification NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
ifDescr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"FCSP Authentication Failure trap"
|
|
|
|
::= { ciscoFcspMIBNotifications 1 }
|
|
|
|
-- Conformance
|
|
|
|
ciscoFcspMIBCompliances
|
|
OBJECT IDENTIFIER ::= { ciscoFcspMIBConformance 1 }
|
|
|
|
ciscoFcspMIBGroups
|
|
OBJECT IDENTIFIER ::= { ciscoFcspMIBConformance 2 }
|
|
|
|
ciscoFcspMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which
|
|
implement the CISCO-FCSP-MIB."
|
|
MODULE MANDATORY-GROUPS { cfcspConfigGroup,
|
|
cfcspLocalPasswdGroup,
|
|
cfcspIfStatsGroup,
|
|
cfcspNotificationGroup
|
|
}
|
|
|
|
::= { ciscoFcspMIBCompliances 1 }
|
|
|
|
-- Units of Conformance
|
|
|
|
|
|
|
|
cfcspConfigGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cfcspMode,
|
|
cfcspReauthInterval,
|
|
cfcspReauthenticate,
|
|
cfcspAuthProtocols,
|
|
cfcspTimeout,
|
|
cfcspDhChapHashList,
|
|
cfcspDhChapGroupList,
|
|
cfcspDhChapGenericPasswd
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for configuring Fibre Channel
|
|
security Information."
|
|
::= { ciscoFcspMIBGroups 1 }
|
|
|
|
|
|
cfcspLocalPasswdGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cfcspLocalPasswd,
|
|
cfcspLocalPassRowStatus,
|
|
cfcspRemotePasswd,
|
|
cfcspRemotePassRowStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for configuring Fibre Channel
|
|
security Information."
|
|
::= { ciscoFcspMIBGroups 2 }
|
|
|
|
|
|
|
|
|
|
cfcspIfStatsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
cfcspIfAuthSucceeded,
|
|
cfcspIfAuthFailed,
|
|
cfcspIfAuthByPassed
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for monitoring FCSP
|
|
statistics."
|
|
::= { ciscoFcspMIBGroups 3 }
|
|
|
|
|
|
cfcspNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
cfcspAuthFailNotification
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects for FCSP notifications."
|
|
::= { ciscoFcspMIBGroups 4 }
|
|
|
|
END
|