mirror of
https://github.com/hsnodgrass/snmp_mib_archive.git
synced 2025-04-17 16:03:04 +00:00
517 lines
18 KiB
Plaintext
517 lines
18 KiB
Plaintext
-- *****************************************************************
|
|
-- CISCO-IP-TAP-MIB.my: Cisco intercept extension MIB for IP
|
|
--
|
|
-- January 2004,Srinivas Dhulipala
|
|
--
|
|
-- Copyright (c) 2004-2005 by Cisco Systems, Inc.
|
|
-- All rights reserved.
|
|
--
|
|
-- *****************************************************************
|
|
--
|
|
|
|
CISCO-IP-TAP-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Integer32,
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE
|
|
FROM SNMPv2-SMI
|
|
|
|
MODULE-COMPLIANCE,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
|
|
InetAddress,
|
|
InetAddressPrefixLength,
|
|
InetAddressType,
|
|
InetPortNumber
|
|
FROM INET-ADDRESS-MIB
|
|
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
|
|
RowStatus
|
|
FROM SNMPv2-TC
|
|
|
|
cTap2MediationContentId,
|
|
cTap2StreamIndex
|
|
FROM CISCO-TAP2-MIB
|
|
|
|
ciscoMgmt
|
|
FROM CISCO-SMI;
|
|
|
|
|
|
ciscoIpTapMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200403110000Z"
|
|
ORGANIZATION "Cisco Systems, Inc."
|
|
CONTACT-INFO
|
|
" Cisco Systems
|
|
Customer Service
|
|
|
|
Postal:170 W. Tasman Drive
|
|
San Jose, CA 95134
|
|
USA
|
|
|
|
Tel:+1 800 553-NETS
|
|
|
|
E-mail:cs-li@cisco.com"
|
|
DESCRIPTION
|
|
"This module manages Cisco's intercept feature for IP.
|
|
|
|
This MIB is used along with CISCO-TAP2-MIB to
|
|
intercept IP traffic. CISCO-TAP2-MIB along with
|
|
specific filter MIBs like this MIB replace
|
|
CISCO-TAP-MIB.
|
|
|
|
To create an IP intercept, an entry citapStreamEntry
|
|
is created which contains the filter details. An entry
|
|
cTap2StreamEntry of CISCO-TAP2-MIB is created, which is
|
|
the common stream information for all kinds of
|
|
intercepts and type of the specific stream is set to
|
|
ip in this entry."
|
|
|
|
REVISION "200403110000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { ciscoMgmt 394 }
|
|
|
|
|
|
ciscoIpTapMIBNotifs OBJECT IDENTIFIER ::= { ciscoIpTapMIB 0 }
|
|
ciscoIpTapMIBObjects OBJECT IDENTIFIER ::= { ciscoIpTapMIB 1 }
|
|
ciscoIpTapMIBConform OBJECT IDENTIFIER ::= { ciscoIpTapMIB 2 }
|
|
|
|
citapStreamEncodePacket OBJECT IDENTIFIER ::= { ciscoIpTapMIBObjects
|
|
1 }
|
|
|
|
--
|
|
-- The filter specifics for intercepting IPv4 and IPv6 traffic
|
|
--
|
|
|
|
citapStreamCapabilities OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
tapEnable(0),
|
|
interface(1),
|
|
ipV4(2),
|
|
ipV6(3),
|
|
l4Port(4),
|
|
dscp(5),
|
|
voip(6)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object displays what types of intercept streams can be
|
|
configured on this type of device. This may be dependent on
|
|
hardware capabilities, software capabilities. The following
|
|
fields may be supported:
|
|
tapEnable: set if table entries with
|
|
cTap2StreamInterceptEnable set to 'false'
|
|
are used to pre-screen packets for intercept;
|
|
otherwise these entries are ignored.
|
|
interface: SNMP ifIndex Value may be used to select
|
|
interception of all data crossing an
|
|
interface or set of interfaces.
|
|
ipV4: IPv4 Address or prefix may be used to select
|
|
traffic to be intercepted.
|
|
ipV6: IPv6 Address or prefix may be used to select
|
|
traffic to be intercepted.
|
|
l4Port: TCP/UDP Ports may be used to select traffic
|
|
to be intercepted.
|
|
dscp: DSCP (Differentiated Services Code Point) may
|
|
be used to select traffic to be intercepted.
|
|
voip: packets belonging to a voice session may
|
|
be intercepted using source IPv4 address and
|
|
source UDP port."
|
|
::= { citapStreamEncodePacket 1 }
|
|
|
|
--
|
|
-- The 'access list' for intercepting data at the IP network layer
|
|
--
|
|
|
|
|
|
citapStreamTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CitapStreamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Intercept Stream IP Table lists the IPv4 and IPv6 streams
|
|
to be intercepted. The same data stream may be required by
|
|
multiple taps, and one might assume that often the intercepted
|
|
stream is a small subset of the traffic that could be
|
|
intercepted.
|
|
|
|
|
|
This essentially provides options for packet selection, only
|
|
some of which might be used. For example, if all traffic to or
|
|
from a given interface is to be intercepted, one would
|
|
configure an entry which lists the interface, and wild-card
|
|
everything else. If all traffic to or from a given IP Address
|
|
is to be intercepted, one would configure two such entries
|
|
listing the IP Address as source and destination respectively,
|
|
and wild-card everything else. If a particular voice on a
|
|
teleconference is to be intercepted, on the other hand, one
|
|
would extract the multicast (destination) IP address, the
|
|
source IP Address, the protocol (UDP), and the source and
|
|
destination ports from the call control exchange and list all
|
|
necessary information.
|
|
|
|
|
|
The first index indicates which Mediation Device the
|
|
intercepted traffic will be diverted to. The second index
|
|
permits multiple classifiers to be used together, such as
|
|
having an IP address as source or destination. The value of the
|
|
second index is that of the stream's counter entry in the
|
|
cTap2StreamTable.
|
|
|
|
Entries are added to this table via citapStreamStatus in
|
|
accordance with the RowStatus convention."
|
|
::= { citapStreamEncodePacket 2 }
|
|
|
|
|
|
citapStreamEntry OBJECT-TYPE
|
|
SYNTAX CitapStreamEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A stream entry indicates a single data stream to be
|
|
intercepted to a Mediation Device. Many selected data
|
|
streams may go to the same application interface, and many
|
|
application interfaces are supported."
|
|
INDEX { cTap2MediationContentId, cTap2StreamIndex }
|
|
::= { citapStreamTable 1 }
|
|
|
|
|
|
CitapStreamEntry::= SEQUENCE {
|
|
citapStreamInterface Integer32,
|
|
citapStreamAddrType InetAddressType,
|
|
citapStreamDestinationAddress InetAddress,
|
|
citapStreamDestinationLength InetAddressPrefixLength,
|
|
citapStreamSourceAddress InetAddress,
|
|
citapStreamSourceLength InetAddressPrefixLength,
|
|
citapStreamTosByte Integer32,
|
|
citapStreamTosByteMask Integer32,
|
|
citapStreamFlowId Integer32,
|
|
citapStreamProtocol Integer32,
|
|
citapStreamDestL4PortMin InetPortNumber,
|
|
citapStreamDestL4PortMax InetPortNumber,
|
|
citapStreamSourceL4PortMin InetPortNumber,
|
|
citapStreamSourceL4PortMax InetPortNumber,
|
|
citapStreamVRF SnmpAdminString,
|
|
citapStreamStatus RowStatus
|
|
}
|
|
|
|
|
|
citapStreamInterface OBJECT-TYPE
|
|
SYNTAX Integer32 (-2..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ifIndex value of the interface over which traffic to be
|
|
intercepted is received or transmitted. The interface may be
|
|
physical or virtual. If this is the only parameter specified,
|
|
and it is other than -2, -1 or 0, all traffic on the selected
|
|
interface will be chosen.
|
|
|
|
|
|
If the value is zero, matching traffic may be received or
|
|
transmitted on any interface. Additional selection parameters
|
|
must be selected to limit the scope of traffic intercepted.
|
|
This is most useful on non-routing platforms or on intercepts
|
|
placed elsewhere than a subscriber interface.
|
|
|
|
|
|
If the value is -1, one or both of
|
|
citapStreamDestinationAddress and citapStreamSourceAddress
|
|
must be specified with prefix length greater than zero.
|
|
Matching traffic on the interface pointed to by ipRouteIfIndex
|
|
or ipCidrRouteIfIndex values associated with those values is
|
|
intercepted, whichever is specified to be more focused than a
|
|
default route. If routing changes, either by operator action
|
|
or by routing protocol events, the interface will change with
|
|
it. This is primarily intended for use on subscriber interfaces
|
|
and other places where routing is guaranteed to be
|
|
symmetrical.
|
|
|
|
|
|
In both of these cases, it is possible to have the same packet
|
|
selected for intersection on both its ingress and egress
|
|
interface. Nonetheless, only one instance of the packet is
|
|
sent to the Mediation Device.
|
|
|
|
|
|
If the value is -2, packets belonging to a Voice over IP (VoIP)
|
|
session identified by citapStreamSourceAddress,
|
|
citapStreamSourceLen and citapStreamSourceL4PortMin may be
|
|
intercepted, as a specific voice session can be identified
|
|
with source IP address and udp port number. Other selection
|
|
parameters may be not considered, even if they are set by
|
|
the Mediation Device.
|
|
|
|
|
|
This value must be set when creating a stream entry, either to
|
|
select an interface, to select all interfaces, or to select the
|
|
interface that routing chooses. Some platforms may not
|
|
implement the entire range of options."
|
|
REFERENCE "RFC 1213, RFC 2096"
|
|
::= { citapStreamEntry 1 }
|
|
|
|
|
|
citapStreamAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of address, used in packet selection."
|
|
DEFVAL { ipv4 }
|
|
::= { citapStreamEntry 2 }
|
|
|
|
|
|
citapStreamDestinationAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Destination address or prefix used in packet selection.
|
|
This address will be of the type specified in
|
|
citapStreamAddrType."
|
|
DEFVAL { '00000000'H } -- 0.0.0.0
|
|
::= { citapStreamEntry 3 }
|
|
|
|
|
|
citapStreamDestinationLength OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of the Destination Prefix. A value of zero causes
|
|
all addresses to match. This prefix length will be consistent
|
|
with the type specified in citapStreamAddrType."
|
|
DEFVAL { 0 } -- by default, any destination address
|
|
::= { citapStreamEntry 4 }
|
|
|
|
|
|
citapStreamSourceAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Source Address used in packet selection. This address will
|
|
be of the type specified in citapStreamAddrType."
|
|
DEFVAL { '00000000'H } -- 0.0.0.0
|
|
::= { citapStreamEntry 5 }
|
|
|
|
|
|
citapStreamSourceLength OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The length of the Source Prefix. A value of zero causes all
|
|
addresses to match. This prefix length will be consistent with
|
|
the type specified in citapStreamAddrType."
|
|
DEFVAL { 0 } -- by default, any source address
|
|
::= { citapStreamEntry 6 }
|
|
|
|
|
|
citapStreamTosByte OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the TOS byte, when masked with
|
|
citapStreamTosByteMask, of traffic to be intercepted. If
|
|
citapStreamTosByte&(~citapStreamTosByteMask)!=0,
|
|
configuration is rejected."
|
|
DEFVAL { 0 }
|
|
::= { citapStreamEntry 7 }
|
|
|
|
|
|
citapStreamTosByteMask OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of the TOS byte in an IPv4 or IPv6 header is ANDed
|
|
with citapStreamTosByteMask and compared with
|
|
citapStreamTosByte. If the values are equal, the comparison
|
|
is equal. If the mask is zero and the TosByte value is zero,
|
|
the result is to always accept."
|
|
DEFVAL { 0 } -- by default, any DSCP or other TOS byte value
|
|
::= { citapStreamEntry 8 }
|
|
|
|
|
|
citapStreamFlowId OBJECT-TYPE
|
|
SYNTAX Integer32 (-1 | 0..1048575)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flow identifier in an IPv6 header. -1 indicates that the
|
|
Flow Id is unused."
|
|
DEFVAL { -1 } -- by default, any flow identifier value
|
|
::= { citapStreamEntry 9 }
|
|
|
|
|
|
citapStreamProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (-1 | 0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP protocol to match against the IPv4 protocol number or
|
|
the IPv6 Next- Header number in the packet. -1 means 'any IP
|
|
protocol'."
|
|
DEFVAL { -1 } -- by default, any IP protocol
|
|
::= { citapStreamEntry 10 }
|
|
|
|
|
|
citapStreamDestL4PortMin OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimum value that the layer-4 destination port number in
|
|
the packet must have in order to match. This value must be
|
|
equal to or less than the value specified for this entry in
|
|
citapStreamDestL4PortMax.
|
|
|
|
|
|
If both citapStreamDestL4PortMin and citapStreamDestL4PortMax
|
|
are at their default values, the port number is effectively
|
|
unused."
|
|
DEFVAL { 0 } -- by default, any transport layer port number
|
|
::= { citapStreamEntry 11 }
|
|
|
|
|
|
citapStreamDestL4PortMax OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum value that the layer-4 destination port number in
|
|
the packet must have in order to match this classifier entry.
|
|
This value must be equal to or greater than the value specified
|
|
for this entry in citapStreamDestL4PortMin.
|
|
|
|
|
|
If both citapStreamDestL4PortMin and citapStreamDestL4PortMax
|
|
are at their default values, the port number is effectively
|
|
unused."
|
|
DEFVAL { 65535 } -- by default, any transport layer port number
|
|
::= { citapStreamEntry 12 }
|
|
|
|
|
|
citapStreamSourceL4PortMin OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimum value that the layer-4 destination port number in
|
|
the packet must have in order to match. This value must be
|
|
equal to or less than the value specified for this entry in
|
|
citapStreamSourceL4PortMax.
|
|
|
|
|
|
If both citapStreamSourceL4PortMin and
|
|
citapStreamSourceL4PortMax are at their default values, the
|
|
port number is effectively unused."
|
|
DEFVAL { 0 } -- by default, any transport layer port number
|
|
::= { citapStreamEntry 13 }
|
|
|
|
|
|
citapStreamSourceL4PortMax OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum value that the layer-4 destination port number in
|
|
the packet must have in order to match this classifier entry.
|
|
This value must be equal to or greater than the value specified
|
|
for this entry in citapStreamSourceL4PortMin.
|
|
|
|
|
|
If both citapStreamSourceL4PortMin and
|
|
citapStreamSourceL4PortMax are at their default values, the
|
|
port number is effectively unused."
|
|
DEFVAL { 65535 } -- by default, any transport layer port number
|
|
::= { citapStreamEntry 14 }
|
|
|
|
citapStreamVRF OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An ASCII string, which is the name of a Virtual Routing
|
|
and Forwarding (VRF) table comprising the routing context
|
|
of a Virtual Private Network. The interface or set of
|
|
interfaces on which the packet might be found should be
|
|
selected from the set of interfaces in the VRF table.
|
|
A string length of zero implies that global routing table
|
|
be used for selection of interfaces on which the packet
|
|
might be found."
|
|
DEFVAL { "" } -- by default, global routing table
|
|
::= { citapStreamEntry 15 }
|
|
|
|
citapStreamStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row. This object manages
|
|
creation, modification, and deletion of rows in this table.
|
|
When any rows must be changed, citapStreamStatus must be first
|
|
set to 'notInService'."
|
|
::= { citapStreamEntry 16 }
|
|
|
|
|
|
-- conformance information
|
|
|
|
|
|
ciscoIpTapMIBCompliances OBJECT IDENTIFIER ::= { ciscoIpTapMIBConform
|
|
1 }
|
|
ciscoIpTapMIBGroups OBJECT IDENTIFIER ::= { ciscoIpTapMIBConform
|
|
2 }
|
|
|
|
|
|
-- compliance statement
|
|
|
|
|
|
ciscoIpTapMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which implement the
|
|
Cisco Intercept MIB for IP."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS {
|
|
ciscoIpTapStreamComplianceGroup
|
|
}
|
|
::= {ciscoIpTapMIBCompliances 1 }
|
|
|
|
-- units of conformance
|
|
|
|
ciscoIpTapStreamComplianceGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
citapStreamCapabilities,
|
|
citapStreamInterface,
|
|
citapStreamAddrType,
|
|
citapStreamDestinationAddress,
|
|
citapStreamDestinationLength,
|
|
citapStreamSourceAddress,
|
|
citapStreamSourceLength,
|
|
citapStreamTosByte,
|
|
citapStreamTosByteMask,
|
|
citapStreamFlowId,
|
|
citapStreamProtocol,
|
|
citapStreamDestL4PortMin,
|
|
citapStreamDestL4PortMax,
|
|
citapStreamSourceL4PortMin,
|
|
citapStreamSourceL4PortMax,
|
|
citapStreamVRF,
|
|
citapStreamStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"These objects are necessary for a description of IPv4 and IPv6
|
|
packets to select for interception."
|
|
::= { ciscoIpTapMIBGroups 1 }
|
|
|
|
END
|