forked from taishin/vendor_mibs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CISCO-POLICY-GROUP-MIB.my
520 lines (445 loc) · 15.5 KB
/
CISCO-POLICY-GROUP-MIB.my
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
-- *****************************************************************
-- CISCO-POLICY-GROUP-MIB
--
-- January 2006, Edward Pham
--
-- Copyright (c) 2006 by cisco Systems, Inc.
-- All rights reserved.
-- *****************************************************************
CISCO-POLICY-GROUP-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
OBJECT-TYPE,
Unsigned32
FROM SNMPv2-SMI
MODULE-COMPLIANCE,
OBJECT-GROUP
FROM SNMPv2-CONF
TEXTUAL-CONVENTION,
RowStatus
FROM SNMPv2-TC
InetAddressType,
InetAddress
FROM INET-ADDRESS-MIB
ciscoMgmt
FROM CISCO-SMI;
ciscoPolicyGroupMIB MODULE-IDENTITY
LAST-UPDATED "200601131600Z"
ORGANIZATION "Cisco Systems, Inc."
CONTACT-INFO
" Cisco Systems
Customer Service
Postal: 170 W Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
E-mail: [email protected]"
DESCRIPTION
"The MIB module is for configuration of policy and
policy group. A policy group can be described as a set
of entities identified by IP addresses or other means.
Members of a policy group will be subjected to the same policy.
In this MIB, user can apply a policy to policy group(s)
as well as configure and retrieve the group membership."
REVISION "200601131600Z"
DESCRIPTION
"Initial revision of this MIB module."
::= { ciscoMgmt 507 }
--
-- Definitions of textual convention
--
CpgPolicyName ::= TEXTUAL-CONVENTION
DISPLAY-HINT "128a"
STATUS current
DESCRIPTION
"An octet string, preferably in human-readable form,
describes the name of a policy."
SYNTAX OCTET STRING (SIZE (1..128))
CpgPolicyNameOrEmpty ::= TEXTUAL-CONVENTION
DISPLAY-HINT "128a"
STATUS current
DESCRIPTION
"This textual convention is an extension of the
CpgPolicyName convention. The latter defines a non-empty
policy name. This extension permits the additional value
of empty string."
SYNTAX OCTET STRING (SIZE (0..128))
CpgGroupName ::= TEXTUAL-CONVENTION
DISPLAY-HINT "128a"
STATUS current
DESCRIPTION
"An octet string, preferably in human-readable form,
describes the name of a policy group."
SYNTAX OCTET STRING (SIZE (1..128))
--
-- MIB object definitions
--
ciscoPolicyGroupMIBNotifs
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIB 0 }
ciscoPolicyGroupMIBObjects
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIB 1 }
ciscoPolicyGroupMIBConformance
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIB 2 }
cpgGroup
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIBObjects 1 }
cpgPolicy
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIBObjects 2 }
--
-- cpgGroupTable
--
cpgGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF CpgGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table indicates the policy groups in the device."
::= { cpgGroup 1 }
cpgGroupEntry OBJECT-TYPE
SYNTAX CpgGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the name of a policy group,
the source method which creates this group, the number
of IP addresses contained in the group and the status
of this instance. A row instance can be created or removed
by the system or by setting the appropriate value
of the RowStatus object."
INDEX { IMPLIED cpgGroupName }
::= { cpgGroupTable 1 }
CpgGroupEntry ::= SEQUENCE {
cpgGroupName CpgGroupName,
cpgGroupSourceType INTEGER,
cpgGroupIpAddrCount Unsigned32,
cpgGroupRowStatus RowStatus
}
cpgGroupName OBJECT-TYPE
SYNTAX CpgGroupName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indicates the name of a policy group in the device."
::= { cpgGroupEntry 1 }
cpgGroupSourceType OBJECT-TYPE
SYNTAX INTEGER {
unknown(1),
accessList(2),
configured(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the source i.e. the method used to create this
group.
unknown(1) indicates that the source of this group cannot
be identified.
accessList(2) indicates that this group is added via
the ACL (Access Control List) feature.
configured(3) indicates that this group is added via
this policy group configuration."
::= { cpgGroupEntry 2 }
cpgGroupIpAddrCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the number of IP address(es) contained in
this group. This is the number of entries for this group
in the cpgGroupIpTable. The initial value of this object
in a row created via cpgGroupRowStatus object is zero."
::= { cpgGroupEntry 3 }
cpgGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to manage the creation and deletion
of rows in this table."
::= { cpgGroupEntry 4 }
--
-- The cpgGroupIpTable
--
cpgGroupIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF CpgGroupIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides management information for policy group
and its IP address(es) membership in the device."
::= { cpgGroup 2 }
cpgGroupIpEntry OBJECT-TYPE
SYNTAX CpgGroupIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the IP address mask, source type
and its status. A row instance can be created or removed
by the system or by setting the appropriate value of its
RowStatus object.
A row instance is indexed by a group name, type and value
of an IP address. The group name index must exist in the
cpgGroupTable. If a group name is deleted from cpgGroupTable,
entries in this table using this group as an index will also be
automatically removed."
INDEX { cpgGroupIpGroupName,
cpgGroupIpAddrType,
cpgGroupIpAddress
}
::= { cpgGroupIpTable 1 }
CpgGroupIpEntry ::= SEQUENCE {
cpgGroupIpGroupName CpgGroupName,
cpgGroupIpAddrType InetAddressType,
cpgGroupIpAddress InetAddress,
cpgGroupIpMask InetAddress,
cpgGroupIpSourceType INTEGER,
cpgGroupIpRowStatus RowStatus
}
cpgGroupIpGroupName OBJECT-TYPE
SYNTAX CpgGroupName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indicates the policy group name. This group should exist in
cpgGroupTable."
::= { cpgGroupIpEntry 1 }
cpgGroupIpAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of Internet address of a group member."
::= { cpgGroupIpEntry 2 }
cpgGroupIpAddress OBJECT-TYPE
SYNTAX InetAddress (SIZE (1..64))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Internet address of a group member.
The type of this address is determined by
the value of the cpgGroupIpAddrType object.
The cpgGroupIpAddress may not be empty due to the SIZE
restriction."
::= { cpgGroupIpEntry 3 }
cpgGroupIpMask OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the mask to be logical-ANDed with the IP address
denoted in cpgGroupIpAddress object to indicate IP address
group membership. The type of this mask is determined by
the value of the cpgGroupIpAddrType object.
Value of this object can not be modified when the corresponding
instance of cpgGroupIpRowStatus is 'active'."
DEFVAL { 'FFFFFFFF'H } -- 255.255.255.255
::= { cpgGroupIpEntry 4 }
cpgGroupIpSourceType OBJECT-TYPE
SYNTAX INTEGER {
other(1),
configured(2),
dot1x(3),
nac(4),
webAuth(5),
macAuth(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the source of this IP address.
other(1) indicates the source of this IP address is
not one of the following types.
configured(2) indicates this IP address is configured
via this policy group and IP address configuration.
dot1x(3) indicates this IP address is added by
802.1x feature.
nac(4) indicates this IP address is added by
NAC (network admission control) feature.
webAuth(5) indicates this IP address is added
by Web-Proxy Authentication feature.
macAuth(6) indicatest this IP address is added
by MAC Authentication Bypass feature."
::= { cpgGroupIpEntry 5 }
cpgGroupIpRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to manage the creation and deletion
of rows in this table. Once a row becomes active, values
within this row cannot be modified, except by setting this
object value to 'notInService' first, or deleting and
re-creating it.
A conceptual row can be removed by setting this object
value to 'destroy' if and only if the value of corresponding
instance of cpgGroupIpSourceType is 'configured'."
::= { cpgGroupIpEntry 6 }
--
-- Policy group
--
cpgPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF CpgPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table describes the policies in the device."
::= { cpgPolicy 1 }
cpgPolicyEntry OBJECT-TYPE
SYNTAX CpgPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the name of a policy
in the device."
INDEX { IMPLIED cpgPolicyName }
::= { cpgPolicyTable 1 }
CpgPolicyEntry ::= SEQUENCE {
cpgPolicyName CpgPolicyName,
cpgPolicyGroupCount Unsigned32
}
cpgPolicyName OBJECT-TYPE
SYNTAX CpgPolicyName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Indicates a policy name in the device."
::= { cpgPolicyEntry 1 }
cpgPolicyGroupCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the number of policy group(s) associated with
this policy. This is the number of entries for this policy
in the cpgPolicyGroupTable."
::= { cpgPolicyEntry 2 }
--
-- The Policy Group Table
--
cpgPolicyGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF CpgPolicyGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the mechanism to configure association
between a policy and a policy group. When a policy associates
with a policy group, this policy is applied to all the
members of the group. A policy can associate with
multiple groups and vice versa."
::= { cpgPolicy 2 }
cpgPolicyGroupEntry OBJECT-TYPE
SYNTAX CpgPolicyGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the RowStatus object to configure
the association between a policy and a policy group. A row
instance can be created or removed by the system or by setting
the appropriate value of the RowStatus object.
A row instance is indexed by a policy name and a policy group
name. The policy name index must exist in cpgPolicyTable. The
policy group name index must exist in cpgGroupTable. If a policy
group is removed from cpgGroupTable, entries in this table
using this group as an index will be automatically removed."
INDEX { cpgPolicyGroupPolicyName,
IMPLIED cpgPolicyGroupGroupName }
::= { cpgPolicyGroupTable 1 }
CpgPolicyGroupEntry ::= SEQUENCE {
cpgPolicyGroupPolicyName CpgPolicyName,
cpgPolicyGroupGroupName CpgGroupName,
cpgPolicyGroupRowStatus RowStatus
}
cpgPolicyGroupPolicyName OBJECT-TYPE
SYNTAX CpgPolicyName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the policy name used to associate
to the group denoted by cpgPolicyGroupGroupName. This policy
must exist in cpgPolicyTable."
::= { cpgPolicyGroupEntry 1 }
cpgPolicyGroupGroupName OBJECT-TYPE
SYNTAX CpgGroupName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the group name used to associate
to the policy denoted by cpgPolicyGroupPolicyName. This
group must exist in cpgGroupTable."
::= { cpgPolicyGroupEntry 2 }
cpgPolicyGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to manage the creation and deletion
of rows in this table."
::= { cpgPolicyGroupEntry 3 }
--
-- Conformance
--
ciscoPolicyGroupMIBCompliances
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIBConformance 1 }
ciscoPolicyGroupMIBGroups
OBJECT IDENTIFIER ::= { ciscoPolicyGroupMIBConformance 2 }
ciscoPolicyGroupMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for the CISCO-POLICY-GROUP-MIB"
MODULE
MANDATORY-GROUPS {
ciscoCpgPolicyInfoGroup,
ciscoCpgGroupInfoGroup,
ciscoCpgGroupIpInfoGroup,
ciscoCpgPolicyGroupInfoGroup
}
OBJECT cpgGroupIpRowStatus
SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) }
DESCRIPTION
"Support for 'createAndWait' is not required."
OBJECT cpgPolicyGroupRowStatus
SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) }
DESCRIPTION
"Support for 'createAndWait' is not required."
::= { ciscoPolicyGroupMIBCompliances 1 }
-- Units of Conformance
ciscoCpgGroupInfoGroup OBJECT-GROUP
OBJECTS {
cpgGroupSourceType,
cpgGroupIpAddrCount,
cpgGroupRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects which provides information on
policy groups in the device."
::= { ciscoPolicyGroupMIBGroups 1 }
ciscoCpgGroupIpInfoGroup OBJECT-GROUP
OBJECTS {
cpgGroupIpMask,
cpgGroupIpSourceType,
cpgGroupIpRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects which provides information on
policy group and IP addresses membership."
::= { ciscoPolicyGroupMIBGroups 2 }
ciscoCpgPolicyInfoGroup OBJECT-GROUP
OBJECTS {
cpgPolicyGroupCount
}
STATUS current
DESCRIPTION
"A collection of objects which provides the policies data
in the device."
::= { ciscoPolicyGroupMIBGroups 3 }
ciscoCpgPolicyGroupInfoGroup OBJECT-GROUP
OBJECTS {
cpgPolicyGroupRowStatus
}
STATUS current
DESCRIPTION
"A collection of object which provides information on
group and policy association."
::= { ciscoPolicyGroupMIBGroups 4 }
END