diff --git a/html/.htaccess b/html/.htaccess index 23c02b12c7..738e8cb8b7 100644 --- a/html/.htaccess +++ b/html/.htaccess @@ -29,7 +29,8 @@ RewriteRule ^interfaces/(.+)/ ?page=interfaces&type=$1 RewriteRule ^vrf/(.+)/(.+)/(.+)/ ?page=vrf&id=$1&opta=$2&optb=$3 RewriteRule ^vrf/(.+)/(.+)/ ?page=vrf&id=$1&opta=$2 RewriteRule ^vrf/(.+)/ ?page=vrf&id=$1 - +RewriteRule ^device/([0-9]+)/([a-z]+)/(.+)/(.+)/(.+)/(.+)/(.+)/(.+)/(.+)/ ?page=device&id=$1§ion=$2&opta=$3&optb=$4&optc=$5&optd=$6&opte=$7&optf=$8&optg=$9 +RewriteRule ^device/([0-9]+)/([a-z]+)/(.+)/(.+)/(.+)/(.+)/(.+)/(.+)/ ?page=device&id=$1§ion=$2&opta=$3&optb=$4&optc=$5&optd=$6&opte=$7&optf=$8 RewriteRule ^device/([0-9]+)/([a-z]+)/(.+)/(.+)/(.+)/(.+)/(.+)/ ?page=device&id=$1§ion=$2&opta=$3&optb=$4&optc=$5&optd=$6&opte=$7 RewriteRule ^device/([0-9]+)/([a-z]+)/(.+)/(.+)/(.+)/(.+)/ ?page=device&id=$1§ion=$2&opta=$3&optb=$4&optc=$5&optd=$6 RewriteRule ^device/([0-9]+)/([a-z]+)/(.+)/(.+)/(.+)/ ?page=device&id=$1§ion=$2&opta=$3&optb=$4&optc=$5 diff --git a/html/includes/graphs/mac_acc_total.inc.php b/html/includes/graphs/mac_acc_total.inc.php index 61a556ae92..a4bf50279d 100644 --- a/html/includes/graphs/mac_acc_total.inc.php +++ b/html/includes/graphs/mac_acc_total.inc.php @@ -1,8 +1,7 @@ diff --git a/html/includes/print-interface.inc b/html/includes/print-interface.inc index a95a2374a4..ee95a2485a 100644 --- a/html/includes/print-interface.inc +++ b/html/includes/print-interface.inc @@ -15,11 +15,15 @@ $error_img = generateiflink($interface,"Interface Errors",errors); } else { $error_img = ""; } + if(mysql_result(mysql_query("SELECT count(*) FROM mac_accounting WHERE interface_id = '".$interface['interface_id']."'"),0)){ + $mac = ""; + } else { $mac = ""; } + echo(" "); echo(" - " . generateiflink($interface, $interface['ifIndex'] . ". ".fixifName($interface['label'])) . " $error_img + " . generateiflink($interface, $interface['ifIndex'] . ". ".fixifName($interface['label'])) . " $error_img $mac
".$interface['ifAlias'].""); @@ -43,8 +47,10 @@ echo(""); - if(mysql_result(mysql_query("SELECT count(*) FROM mac_accounting WHERE interface_id = '".$interface['interface_id']."'"),0)){ - echo(" Mac Acc"); + if($port_details) { + echo(generateiflink($interface, "")); + echo(generateiflink($interface, "")); + echo(generateiflink($interface, "")); } echo(""); diff --git a/html/pages/device/bgp.inc.php b/html/pages/device/bgp.inc.php index 92e755fa89..00dccdd301 100644 --- a/html/pages/device/bgp.inc.php +++ b/html/pages/device/bgp.inc.php @@ -1,20 +1,37 @@ +
Local AS : " . $device['bgpLocalAs'] . "
+"); echo(" -
-
Local AS : " . $device['bgpLocalAs'] . "
-
- No Graphs | - Updates | Prefixes: - IPv4 | +
+ + + + + + +
+
+ No Graphs | + Updates | Prefixes: + IPv4 | VPNv4 | IPv6 | Traffic: Mac Accounting -
-
"); - +
+
+ + + + + + +
+"); echo("
"); diff --git a/html/pages/device/interface.inc.php b/html/pages/device/interface.inc.php index 38236192db..a09873b60b 100644 --- a/html/pages/device/interface.inc.php +++ b/html/pages/device/interface.inc.php @@ -80,7 +80,7 @@ echo(" if($_GET['optb']) { -include("pages/device/port/".mres($_GET['optb']).".php"); +include("pages/device/port/".mres($_GET['optb']).".inc.php"); } else { diff --git a/html/pages/device/port/macaccounting.php b/html/pages/device/port/macaccounting.inc.php similarity index 68% rename from html/pages/device/port/macaccounting.php rename to html/pages/device/port/macaccounting.inc.php index 0675f2c08a..d6e271624a 100644 --- a/html/pages/device/port/macaccounting.php +++ b/html/pages/device/port/macaccounting.inc.php @@ -20,37 +20,56 @@ $query = mysql_query("SELECT *, (M.bps_in + M.bps_out) as bps FROM `mac_accounting` AS M, `interfaces` AS I, `devices` AS D WHERE M.interface_id = '".$interface['interface_id']."' AND I.interface_id = M.interface_id AND I.device_id = D.device_id ORDER BY bps DESC"); echo("
"); - if($_GET['optd'] == "top10") { if($_GET['opte']) { $from = "-" . $_GET['opte']; } else { $from = "-1day"; } - echo("
- -
- Day - - + if($_GET['optc']) { + $stat = $_GET['optc']; + } else { $stat = "bits"; } + + echo("
+ -
- Week - - +
+ -
- Month - - +
+ -
- Year - - +
+ +
+
+
+ +
+
+
+ Traffic
+ + + +
+
+ Packets
+ + + +
"); diff --git a/html/pages/device/ports.inc.php b/html/pages/device/ports.inc.php index 7dd276534f..2b53d4c535 100644 --- a/html/pages/device/ports.inc.php +++ b/html/pages/device/ports.inc.php @@ -59,59 +59,10 @@ if($_GET['optc'] == thumbs) { } echo("
"); } else { - if($_GET['opta'] == "details" ) { $port_details = 1; } if($_GET['opta'] == "arp" ) { - - $interface_query = mysql_query("select * from interfaces WHERE device_id = '$_GET[id]' AND deleted = '0' ORDER BY `ifIndex` ASC"); - echo("
- "); - $i = 1; - while($interface = mysql_fetch_array($interface_query)) { - $sql = "SELECT * FROM `ipv4_mac` WHERE `interface_id` = '".$interface['interface_id']."'"; - $arp_query = mysql_query($sql); - while($arp = mysql_fetch_array($arp_query)) { - $i++; - if(!is_integer($i/2)) { $row_colour = $list_colour_a; } else { $row_colour = $list_colour_b; } - $r_sql = "SELECT * FROM `ipv4_addresses` AS A, `interfaces` AS I, `devices` AS D WHERE I.interface_id = A.interface_id AND - I.device_id = D.device_id AND A.ipv4_address = '".$arp['ipv4_address']."' ORDER BY A.ipv4_address"; - $remote = mysql_fetch_array(mysql_query($r_sql)); - $mac = formatMac($arp['mac_address']); - $mac_acc = mysql_fetch_array(mysql_query("SELECT * FROM mac_accounting WHERE `interface_id` = '".$interface['interface_id']."' AND mac = '".$arp['mac_address']."'")); - echo(" - "); - if ($remote['interface_id'] == $interface['interface_id']) { - $remote_host = "local"; - $remote_port = "local"; - } elseif($remote['device_id']) { - $remote_host = generatedevicelink($remote); - $remote_port = generateiflink($remote); - } elseif(mysql_result(mysql_query("SELECT count(*) FROM bgpPeers WHERE device_id = '".$device['device_id']."' AND bgpPeerIdentifier ='".$arp['ipv4_address']."'"),0)) { - $peer_query = mysql_query("SELECT * FROM bgpPeers WHERE device_id = '".$device['device_id']."' AND bgpPeerIdentifier = '".$arp['ipv4_address']."'"); - $peer_info = mysql_fetch_array($peer_query); - $remote_port = "AS".$peer_info['bgpPeerRemoteAs']; - $remote_host = $peer_info['astext']; - } elseif($mac_acc['interface_id'] == $interface['interface_id']) { - $remote_host = gethostbyaddr($arp['ipv4_address']); - if($remote_host == $arp['ipv4_address']) { unset ($remote_host); } - $remote_port = ""; - } else { - $remote_host = ""; - $remote_port = ""; - } - echo(""); - if ($mac_acc['interface_id'] == $interface['interface_id']) { - $style = "onmouseover=\"return overlib('', LEFT".$config['overlib_defaults'].", WIDTH, 500);\" onmouseout=\"return nd();\""; - echo(""); - } else { - echo(""); - } - - echo(""); - } - echo(""); - } - echo("
AddressHardware AddrInterfaceRemote DeviceRemote PortRate UpRate Down
" . $arp['ipv4_address'] . "" . $mac . "".generateiflink($interface)."".truncate($remote_host, 24, "")."$remote_port".formatRates($mac_acc['bps_out'])."".formatRates($mac_acc['bps_in'])."
"); + include("arp.inc.php"); } else { + if($_GET['opta'] == "details" ) { $port_details = 1; } echo("
"); $i = "1"; $interface_query = mysql_query("select * from interfaces WHERE device_id = '$_GET[id]' AND deleted = '0' ORDER BY `ifIndex` ASC"); diff --git a/includes/discovery/cisco-mac-accounting.php b/includes/discovery/cisco-mac-accounting.php index c86eb083f5..e6235e5342 100755 --- a/includes/discovery/cisco-mac-accounting.php +++ b/includes/discovery/cisco-mac-accounting.php @@ -2,11 +2,13 @@ unset ($mac_table); + echo("ARP Table : "); + $ipNetToMedia_data = shell_exec($config['snmpbulkwalk'] . " -m IP-MIB -Oq -".$device['snmpver']." -c ".$device['community']." ".$device['hostname']." ipNetToMediaPhysAddress"); $ipNetToMedia_data = str_replace("ipNetToMediaPhysAddress.", "", trim($ipNetToMedia_data)); $ipNetToMedia_data = str_replace("IP-MIB::", "", trim($ipNetToMedia_data)); - echo("$ipNetToMedia_data\n"); - echo("done\n"); + #echo("$ipNetToMedia_data\n"); + #echo("done\n"); foreach(explode("\n", $ipNetToMedia_data) as $data) { list($oid, $mac) = explode(" ", $data); list($if, $first, $second, $third, $fourth) = explode(".", $oid); @@ -35,15 +37,14 @@ if(mysql_result(mysql_query("SELECT COUNT(*) from ipv4_mac WHERE interface_id = '".$interface['interface_id']."' AND ipv4_address = '$ip'"),0)) { $sql = "UPDATE `ipv4_mac` SET `mac_address` = '$clean_mac' WHERE interface_id = '".$interface['interface_id']."' AND ipv4_address = '$ip'"; mysql_query($sql); + echo("."); } else { + echo("+"); #echo("Add MAC $mac\n"); mysql_query("INSERT INTO `ipv4_mac` (interface_id, mac_address, ipv4_address) VALUES ('".$interface['interface_id']."','$clean_mac','$ip')"); } $interface_id = $interface['interface_id']; } - - print_r($mac_table); - $sql = "SELECT * from ipv4_mac AS M, interfaces as I WHERE M.interface_id = I.interface_id and I.device_id = '".$device['device_id']."'"; $query = mysql_query($sql); while($entry = mysql_fetch_array($query)) { @@ -51,15 +52,20 @@ $entry_if = $entry['interface_id']; if(!$mac_table[$entry_if][$entry_mac]) { mysql_query("DELETE FROM ipv4_mac WHERE interface_id = '".$entry_if."' AND mac_address = '".$entry_mac."'"); - echo("Removing MAC $entry_mac from interface ".$interface['ifName']); + #echo("Removing MAC $entry_mac from interface ".$interface['ifName']); + echo("-"); } } + echo("\n"); + unset($mac); + echo("MAC Accounting : "); + $datas = shell_exec($config['snmpbulkwalk'] . " -m CISCO-IP-STAT-MIB -Oqn -".$device['snmpver']." -c ".$device['community']." ".$device['hostname']." cipMacSwitchedBytes"); - echo("$datas\n"); - echo("done\n"); + #echo("$datas\n"); + #echo("done\n"); foreach(explode("\n", $datas) as $data) { list($oid) = explode(" ", $data); $oid = str_replace(".1.3.6.1.4.1.9.9.84.1.2.1.1.4.", "", $oid); @@ -80,18 +86,22 @@ $ip = $mac_table[$if][$mac]['ip']; if($ip && $interface) { $new_mac = str_replace(":", "", $mac); - echo($interface['ifDescr'] . " ($if) -> $mac ($oid) -> $ip -> $name"); + #echo($interface['ifDescr'] . " ($if) -> $mac ($oid) -> $ip"); if(mysql_result(mysql_query("SELECT COUNT(*) from mac_accounting WHERE interface_id = '".$interface['interface_id']."' AND mac = '$clean_mac'"),0)) { #$sql = "UPDATE `mac_accounting` SET `mac` = '$clean_mac' WHERE interface_id = '".$interface['interface_id']."' AND `mac` = '$clean_mac'"; #mysql_query($sql); #if(mysql_affected_rows()) { echo(" UPDATED!"); } #echo($sql); + echo("."); } else { #echo(" Not Exists!"); mysql_query("INSERT INTO `mac_accounting` (interface_id, mac) VALUES ('".$interface['interface_id']."','$clean_mac')"); + echo("+"); } - echo("\n"); + #echo("\n"); } } + echo("\n"); + ?> diff --git a/includes/discovery/cisco-physical.php b/includes/discovery/cisco-physical.php index 02130a4e16..833c0f1d90 100755 --- a/includes/discovery/cisco-physical.php +++ b/includes/discovery/cisco-physical.php @@ -65,7 +65,7 @@ $sensor_data = shell_exec($sensor_cmd); list($entSensorType,$entSensorScale,$entSensorPrecision,$entSensorValueUpdateRate,$entSensorMeasuredEntity) = explode("\n", $sensor_data); if($entSensorMeasuredEntity) { - echo("M:$entSensorMeasuredEntity"); + #echo("M:$entSensorMeasuredEntity"); } if($config['allow_entity_sensor'][$entSensorType]) { $sql = "UPDATE `entPhysical` SET entSensorType = '$entSensorType', entSensorScale = '$entSensorScale', entSensorPrecision = '$entSensorPrecision', "; diff --git a/includes/graphing.php b/includes/graphing.php index 7d4987b727..116f37041e 100644 --- a/includes/graphing.php +++ b/includes/graphing.php @@ -580,6 +580,8 @@ function graph_bits ($rrd, $graph, $from, $to, $width, $height, $title, $vertica $options .= $config['rrdgraph_def_text']; if($height < "99") { $options .= " --only-graph"; unset ($legend); } if($width <= "300") { $options .= " --font LEGEND:7:".$config['mono_font']." --font AXIS:6:".$config['mono_font']." --font-render-mode normal "; } + global $_GET; + if($_GET['bg']) { $options .= " -c CANVAS#" . $_GET['bg'] . " "; } if($inverse) { $in = 'out'; $out = 'in'; @@ -655,6 +657,8 @@ function pktsgraph ($rrd, $graph, $from, $to, $width, $height) { $options .= $config['rrdgraph_def_text']; if($height < "99") { $options .= " --only-graph"; unset ($legend); } if($width <= "300") { $options .= " --font LEGEND:7:".$config['mono_font']." --font AXIS:6:".$config['mono_font']." --font-render-mode normal "; } + global $_GET; + if($_GET['bg']) { $options .= " -c CANVAS#" . $_GET['bg'] . " "; } $options .= " DEF:in=$database:INUCASTPKTS:AVERAGE"; $options .= " DEF:out=$database:OUTUCASTPKTS:AVERAGE"; $options .= " CDEF:dout=out,-1,*"; @@ -710,6 +714,8 @@ function errorgraph ($rrd, $graph, $from, $to, $width, $height) { $options .= $config['rrdgraph_def_text']; if($height < "99") { $options .= " --only-graph"; unset ($legend); } if($width <= "300") { $options .= " --font LEGEND:7:".$config['mono_font']." --font AXIS:6:".$config['mono_font']." --font-render-mode normal "; } + global $_GET; + if($_GET['bg']) { $options .= " -c CANVAS#" . $_GET['bg'] . " "; } $options .= " DEF:in=$database:INERRORS:AVERAGE"; $options .= " DEF:out=$database:OUTERRORS:AVERAGE"; $options .= " CDEF:dout=out,-1,*"; @@ -736,6 +742,8 @@ function nucastgraph ($rrd, $graph, $from, $to, $width, $height) { $options .= $config['rrdgraph_def_text']; if($height < "99") { $options .= " --only-graph"; unset ($legend); } if($width <= "300") { $options .= " --font LEGEND:7:".$config['mono_font']." --font AXIS:6:".$config['mono_font']." --font-render-mode normal "; } + global $_GET; + if($_GET['bg']) { $options .= " -c CANVAS#" . $_GET['bg'] . " "; } $options .= " DEF:in=$database:INNUCASTPKTS:AVERAGE"; $options .= " DEF:out=$database:OUTNUCASTPKTS:AVERAGE"; $options .= " CDEF:dout=out,-1,*"; diff --git a/mibs/CISCO-IP-URPF-MIB.my b/mibs/CISCO-IP-URPF-MIB.my new file mode 100644 index 0000000000..895d92b0d3 --- /dev/null +++ b/mibs/CISCO-IP-URPF-MIB.my @@ -0,0 +1,708 @@ +-- ****************************************************************** +-- CISCO-IP-URPF-MIB +-- +-- This module is used for monitoring the state of Unicast Reverse +-- Path Forwarding (URPF) checking. +-- +-- September 2004, Michael Grobelch +-- +-- Copyright (c) 2004 by Cisco Systems, Inc. +-- All rights reserved. +-- ****************************************************************** +-- + +CISCO-IP-URPF-MIB DEFINITIONS ::= BEGIN + +IMPORTS + MODULE-IDENTITY, + OBJECT-TYPE, + Gauge32, + Integer32, + Counter32, + Unsigned32, + NOTIFICATION-TYPE FROM SNMPv2-SMI + MODULE-COMPLIANCE, + NOTIFICATION-GROUP, + OBJECT-GROUP FROM SNMPv2-CONF + TimeStamp, + TruthValue FROM SNMPv2-TC + SnmpAdminString FROM SNMP-FRAMEWORK-MIB + ifIndex FROM IF-MIB + ciscoMgmt FROM CISCO-SMI; + +ciscoIpUrpfMIB MODULE-IDENTITY + LAST-UPDATED "200411120000Z" + ORGANIZATION "Cisco System, Inc." + CONTACT-INFO + "Postal: Cisco Systems, Inc. + 170 West Tasman Drive + San Jose, CA 95134-1706 + USA + + Tel: +1 800 553-NETS + + E-mail: cs-cef@cisco.com" + + DESCRIPTION + "Unicast Reverse Path Forwarding (URPF) is a function + that checks the validity of the source address of IP + packets received on an interface. This in an attempt + to prevent Denial of Service attacks based on IP address + spoofing. + + URPF checks validity of a source address by determining + whether the packet would be successfully routed as a + destination address. + + Based on configuration, the check made can be for existence + of any route for the address, or more strictly for a route + out the interface on which the packet was received by the + device. When a violating packet is detected, it can be dropped. + + This MIB allows detection of spoofing events." + REVISION "200411120000Z" + DESCRIPTION + "Initial version of this MIB module." + ::= { ciscoMgmt 451 } + +-- +-- MIB Object Definitions +-- + +ciscoIpUrpfMIBNotifs OBJECT IDENTIFIER ::= { ciscoIpUrpfMIB 0 } +ciscoIpUrpfMIBObjects OBJECT IDENTIFIER ::= { ciscoIpUrpfMIB 1 } +ciscoIpUrpfMIBConformance OBJECT IDENTIFIER ::= { ciscoIpUrpfMIB 2 } + +-- +-- URPF Statistics objects +-- +cipUrpfScalar OBJECT IDENTIFIER ::= { ciscoIpUrpfMIBObjects 1 } +cipUrpfStatistics OBJECT IDENTIFIER ::= { ciscoIpUrpfMIBObjects 2 } +cipUrpfInterfaceConfig OBJECT IDENTIFIER ::= { ciscoIpUrpfMIBObjects 3 } +cipUrpfVrf OBJECT IDENTIFIER ::= { ciscoIpUrpfMIBObjects 4 } + +cipUrpfDropRateWindow OBJECT-TYPE + SYNTAX Integer32 (1..600) + UNITS "seconds" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The window of time in the recent past over which the drop + count used in the drop rate computation is collected. + This global value applies for the computation of all URPF + rates, global and per-interface. + + Once the period over which computations have been + performed exceeds cipUrpfDropRateWindow, every time a + computation is performed, the window slides up to end + at the current time and start at cipUrpfDropRateWindow + seconds before. + + The cipUrpfDropRateWindow must be greater than + or equal to the interval between computations + (cipUrpfComputeInterval). + + Since the agent must save the drop count values + for each compute interval in order to slide the window, + the number of counts saved is the quotient of + cipUrpfDropRateWindow divided by cipUrpfComputeInterval." + DEFVAL { 300 } + ::= { cipUrpfScalar 1 } + +cipUrpfComputeInterval OBJECT-TYPE + SYNTAX Integer32 (1..120) + UNITS "seconds" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The time between rate computations. This global value + applies for the computation of all URPF rates, global + and per-interface. + + When the value of cipUrpfComputeInterval is changed, + the interval in-progress proceeds as though the value + had not changed. The change will apply to the length + of subsequent intervals. + + The cipUrpfComputeInterval must be less than or equal + to the cipUrpfDropRateWindow." + DEFVAL { 30 } + ::= { cipUrpfScalar 2 } + +cipUrpfDropNotifyHoldDownTime OBJECT-TYPE + SYNTAX Integer32(1..1000) + UNITS "seconds" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The minimum time between issuance of + cipUrpfIfDropRateNotify notifications for a + particular interface and packet forwarding type. + + Notifications are generated for each interface and + packet forwarding type that exceeds the drop-rate. + When a Notify is sent because the drop-rate is + exceeded for a particular interface and forwarding + type, the time specified by this object is used to + specify the minimum time that must elapse before + another Notify can be sent for that interface and + forwarding type. The time is specified globally but + used individually." + DEFVAL { 300 } + ::= { cipUrpfScalar 3 } + +cipUrpfTable OBJECT-TYPE + SYNTAX SEQUENCE OF CipUrpfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains summary information for the + managed device on URPF dropping." + ::= { cipUrpfStatistics 1 } + +cipUrpfEntry OBJECT-TYPE + SYNTAX CipUrpfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "If the managed device supports URPF dropping, + a row exists for each IP version type (v4 and v6). + A row contains summary information on URPF + dropping over the entire managed device." + INDEX { cipUrpfIpVersion } + ::= { cipUrpfTable 1 } + +CipUrpfEntry ::= SEQUENCE { + cipUrpfIpVersion INTEGER, + cipUrpfDrops Counter32, + cipUrpfDropRate Gauge32 + } + +cipUrpfIpVersion OBJECT-TYPE + SYNTAX INTEGER {ipv4(1), ipv6(2)} + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Specifies the version of IP forwarding on an interface + to which the table row URPF counts, rates, and + configuration apply." + ::= { cipUrpfEntry 1 } + +cipUrpfDrops OBJECT-TYPE + SYNTAX Counter32 + UNITS "packets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sum of dropped IP version cipUrpfIpVersion packets failing + a URPF check. This value is the sum of drops of packets + received on all interfaces of the managed device." + ::= { cipUrpfEntry 2 } + +cipUrpfDropRate OBJECT-TYPE + SYNTAX Gauge32 + UNITS "packets per second" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The rate of packet drops of IP version cipUrpfIpVersion + packets due to URPF for the managed device. The + per-interface drop rate notification is issued on rates + exceeding a limit (rising rate). This dropping may + indicate an security attack on the network. To determine + whether the attack/event is over, the NMS must + consult the managed device. This object can be polled to + determine the recent drop rate for the managed device + as a whole, in addition to querying particular interface + objects. + + This object is the average rate of dropping over the most + recent window of time. The rate is computed by dividing + the number of packets dropped over a window by the window + time in seconds. The window time is specified by + cipUrpfDropRateWindow. Each time the drop rate is computed, + and at system startup, a snapshot is taken of the latest + value of cipUrpfDrops. Subtracting from this the snapshot + of cipUrpfDrops at the start of the current window of time + gives the number of packets dropped. The drop rate is + computed every cipUrpfComputeInterval seconds. As an + example, let cipUrpfDropRateWindow be 300 seconds, + and cipUrpfComputeInterval 30 seconds. Every 30 seconds, + the drop count five minutes previous is subtracted + from the current drop count, and the result is divided + by 300 to arrive at the drop rate. + + At device start-up, until the device has been up more than + cipUrpfDropRateWindow, when drop rate is computed, + the value of cipUrpfDrops is divided by the time the + device has been up. + + After the device has been up for cipUrpfDropRateWindow, + when drop rate is computed, the number of packet drops counted + from interval start time to the computation time is divided + by cipUrpfDropRateWindow. + + Changes to cipUrpfDropRateWindow are not reflected in this + object until the next computation time. + + The rate from the most recent computation is the value + fetched until the subsequent computation is performed." + ::= { cipUrpfEntry 3 } + +cipUrpfIfMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF CipUrpfIfMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains information on URPF dropping on + an interface." + ::= { cipUrpfStatistics 2 } + +cipUrpfIfMonEntry OBJECT-TYPE + SYNTAX CipUrpfIfMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "If IPv4 packet forwarding is configured on an interface, + and is configured to perform URPF checking, a row appears + in this table with indices [ifIndex][ipv4]. If IPv4 + packet forwarding is deconfigured, or URPF checking + is deconfigured, the row disappears. + + If IPv6 packet forwarding is configured on an interface, + and is configured to perform URPF checking, a row appears + in the table with indices [ifIndex][ipv6]. If IPv6 + packet forwarding is deconfigured, or URPF checking + is deconfigured, the row disappears." + INDEX { ifIndex, cipUrpfIfIpVersion } + ::= { cipUrpfIfMonTable 1 } + +CipUrpfIfMonEntry ::= SEQUENCE { + cipUrpfIfIpVersion INTEGER, + cipUrpfIfDrops Counter32, + cipUrpfIfSuppressedDrops Counter32, + cipUrpfIfDropRate Gauge32, + cipUrpfIfDiscontinuityTime TimeStamp + } + +cipUrpfIfIpVersion OBJECT-TYPE + SYNTAX INTEGER {ipv4(1), ipv6(2)} + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Specifies the version of IP forwarding on an interface + to which the table row URPF counts, rates, and + configuration apply." + ::= { cipUrpfIfMonEntry 1} + +cipUrpfIfDrops OBJECT-TYPE + SYNTAX Counter32 + UNITS "packets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of IP packets of version cipUrpfIfIpVersion + failing the URPF check and dropped by the managed device + on a particular interface. + + Discontinuities in the value of this variable can occur + at re-initialization of the management system, and at + other times as indicated by the values of + cipUrpfIfDiscontinuityTime." + ::= { cipUrpfIfMonEntry 2 } + +cipUrpfIfSuppressedDrops OBJECT-TYPE + SYNTAX Counter32 + UNITS "packets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of IP packets of version cipUrpfIfIpVersion + failing the URPF check but given a reprieve and not + dropped by the managed device. Depending on the + device configuration and capabilities, the following + cases may cause incrementing of the counter: + - if the managed device is configured to allow self-pings + and the managed device pings itself. + - if the managed device is configured for loose URPF (if any + interface has a route to the source), and the strict + case fails while the loose case passes. + - DHCP Request packets (src 0.0.0.0 dst 255.255.255.255) + will pass after initially being marked for drop. + - RIP routing on unnumbered interfaces will pass after + initially being marked for drop. + - multicast packets will pass after initially being marked + for drop + - ACL's can be applied to permit packets after initially + being marked for drop. + + Discontinuities in the value of this variable can occur + at re-initialization of the management system, and at + other times as indicated by the values of + cipUrpfIfDiscontinuityTime." + ::= { cipUrpfIfMonEntry 3 } + +cipUrpfIfDropRate OBJECT-TYPE + SYNTAX Gauge32 + UNITS "packets/second" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The rate of packet drops of IP version cipUrpfIfIpVersion + packets due to URPF on the interface. + + This object is the average rate of dropping over the most + recent interval of time. The rate is computed by dividing + the number of packets dropped over an interval by the + interval time in seconds. Each time the drop rate + is computed, and at system startup, a snapshot is taken + of the latest value of cipUrpfIfDrops. Subtracting from this + the snapshot of cipUrpfIfDrops at the start of the current + interval of time gives the number of packets dropped. + The drop rate is computed every cipUrpfComputeInterval + seconds. + + When drop rate is computed, if time since the creation of + a row in cipUrpfIfMonTable is less than + cipUrpfDropRateWindow, the value of cipUrpfIfDrops is + divided by the time since row was created. + + After the row has been in existence for + cipUrpfDropRateWindow, when drop rate is computed, the + number of packet drops counted on the interface from + interval start time to the computation time is divided + by cipUrpfDropRateWindow. + + Changes to cipUrpfDropRateWindow are not reflected in this + object until the next computation time. + + The rate from the most recent computation is the value + fetched until the subsequent computation is performed." + ::= { cipUrpfIfMonEntry 4 } + +cipUrpfIfDiscontinuityTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime on the most recent + occasion at which this interface's counters + suffered a discontinuity. + If no such discontinuities have occurred + since the last re-initialization of the + local management subsystem, then this + object contains a value of zero." + ::= { cipUrpfIfMonEntry 5 } + +cipUrpfIfConfTable OBJECT-TYPE + SYNTAX SEQUENCE OF CipUrpfIfConfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains statistics information on URPF on + an interface." + ::= { cipUrpfInterfaceConfig 1 } + +cipUrpfIfConfEntry OBJECT-TYPE + SYNTAX CipUrpfIfConfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A row exists in this table if a row exists + in cipUrpfIfMonTable." + AUGMENTS { cipUrpfIfMonEntry } + ::= { cipUrpfIfConfTable 1 } + +CipUrpfIfConfEntry ::= SEQUENCE { + cipUrpfIfDropRateNotifyEnable TruthValue, + cipUrpfIfNotifyDropRateThreshold Unsigned32, + cipUrpfIfNotifyDrHoldDownReset TruthValue, + cipUrpfIfCheckStrict INTEGER, + cipUrpfIfWhichRouteTableID INTEGER, + cipUrpfIfVrfName SnmpAdminString + } + +cipUrpfIfDropRateNotifyEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This object specifies whether the system produces the + cipUrpfIfDropRateNotify notification as a result of URPF + dropping of version cipUrpfIfIpVersion IP packets on this + interface. A false value prevents such notifications from + being generated by this system." + DEFVAL { false } + ::= { cipUrpfIfConfEntry 1 } + +cipUrpfIfNotifyDropRateThreshold OBJECT-TYPE + SYNTAX Unsigned32 + UNITS "packets/second" + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "When the calculated rate of URPF packet drops + (cipUrpfIfDropRate) meets or exceeds the value + specified by this object, a cipUrpfIfDropRateNotify + notification is sent if cipUrpfIfDropRateNotifyEnable + is set to true, and no such notification for the + IP version has been sent for this interface for the + hold-down period. + + Note that due to the calculation used for drop rate, + if there are less than n drop events in an n-second + period the notification will not be generated. To allow + for the detection of a small number of drop events, the + value 0 (zero) is used to indicate that if any drop events + occur during the interval, a notification is generated." + DEFVAL { 1000 } + ::= { cipUrpfIfConfEntry 2 } + +cipUrpfIfNotifyDrHoldDownReset OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Setting this object to true causes the five-minute + hold-down timer for emitting URPF drop rate + notifications for IP version cipUrpfIfIpVersion on + the interface to be short-circuited. If a notification + is due and would be emitted for the interface if the + five-minutes elapsed, setting this object will cause + the notification to be sent. + + This is a trigger, and doesn't hold information. It is + set and an action is performed. Therefore a get for + this object always returns false." + DEFVAL { false } + ::= { cipUrpfIfConfEntry 3 } + +cipUrpfIfCheckStrict OBJECT-TYPE + SYNTAX INTEGER { + strict(1), + loose(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface configuration indicating the strictness of + the reachability check performed + on the interface. + - strict: check that source addr is reachable via + the interface it came in on. + - loose : check that source addr is reachable via + some interface on the device." + ::= { cipUrpfIfConfEntry 4 } + +cipUrpfIfWhichRouteTableID OBJECT-TYPE + SYNTAX INTEGER { + default(1), + vrf(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Interface configuration indicating the routing table + consulted for the reachability check: + - default: the non-private routing table for of the + managed system. + - vrf : a particular VPN routing table." + ::= { cipUrpfIfConfEntry 5 } + +cipUrpfIfVrfName OBJECT-TYPE + SYNTAX SnmpAdminString (SIZE (0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If the value of cipUrpfIfWhichRouteTableID is 'vrf', + the name of the VRF Table. Otherwise a zero-length + string." + ::= { cipUrpfIfConfEntry 6 } + +cipUrpfVrfTable OBJECT-TYPE + SYNTAX SEQUENCE OF CipUrpfVrfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table enables indexing URPF drop statistics + by Virtual Routing and Forwarding instances." + ::= { cipUrpfVrf 1 } + +cipUrpfVrfEntry OBJECT-TYPE + SYNTAX CipUrpfVrfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry exists for a VRF if and only if the VRF + is associated with an interface that is configured + to perform IP URPF checking using the routing table + for that VRF." + INDEX { cipUrpfVrfName } + ::= { cipUrpfVrfTable 1 } + +CipUrpfVrfEntry ::= SEQUENCE { + cipUrpfVrfName SnmpAdminString + } + +cipUrpfVrfName OBJECT-TYPE + SYNTAX SnmpAdminString (SIZE (0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This field is used to specify the VRF Table + name." + ::= { cipUrpfVrfEntry 1 } + +cipUrpfVrfIfTable OBJECT-TYPE + SYNTAX SEQUENCE OF CipUrpfVrfIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains statistics information for interfaces + performing URPF using VRF table to determine reachability." + ::= { cipUrpfStatistics 3 } + +cipUrpfVrfIfEntry OBJECT-TYPE + SYNTAX CipUrpfVrfIfEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry exists for a VRF and interface if and only + if the VRF associated with the interface is configured + to perform IP URPF checking using the routing + table for the VRF." + INDEX { cipUrpfVrfName, ifIndex } + ::= { cipUrpfVrfIfTable 1 } + +CipUrpfVrfIfEntry ::= SEQUENCE { + cipUrpfVrfIfDrops Counter32, + cipUrpfVrfIfDiscontinuityTime TimeStamp + } + +cipUrpfVrfIfDrops OBJECT-TYPE + SYNTAX Counter32 + UNITS "packets" + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The number of packets failing the URPF check for a VRF on + the interface and dropped by the managed device. + + Discontinuities in the value of this variable can occur + at re-initialization of the management system, and at + other times as indicated by the values of + cipUrpfVrfIfDiscontinuityTime." + ::= { cipUrpfVrfIfEntry 2 } + +cipUrpfVrfIfDiscontinuityTime OBJECT-TYPE + SYNTAX TimeStamp + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of sysUpTime on the most recent occasion at + which the URPF counters for this VRF on this interface + suffered a discontinuity. If no such discontinuities + have occurred since the last re-initialization of the + local management subsystem, then this object contains a + value of zero." + ::= { cipUrpfVrfIfEntry 3 } + +-- +-- URPF Notification objects +-- + +cipUrpfIfDropRateNotify NOTIFICATION-TYPE + OBJECTS { + cipUrpfIfDropRate + } + STATUS current + DESCRIPTION + "This notification is generated when + cipUrpfIfDropRateNotifyEnable is set to true and + the calculated URPF drop rate (cipUrpfIfDropRate) + exceeds the notification threshold drop rate + (cipUrpfIfNotifyDropRateThreshold). Note the + exceptional value of 0 for threshold allows notification + generation if any drop events occur in an interval. + + After generating this notification, another such + notification will not be sent out for a minimum of five + minutes (note the exception to this provided by + cipUrpfIfNotifyDrHoldDownReset). + + The object value present in the notification is the + the drop rate that exceeded the threshold." + ::= { ciscoIpUrpfMIBNotifs 1 } + + +-- Conformance Information Definition +ciscoIpUrpfMIBCompliances OBJECT IDENTIFIER ::= + { ciscoIpUrpfMIBConformance 1 } +ciscoIpUrpfMIBGroups OBJECT IDENTIFIER ::= + { ciscoIpUrpfMIBConformance 2 } + + +ciscoIpUrpfMIBCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "An SNMP entity can implement this module to + provide URPF problem diagnosis information." + + MODULE -- this module + + MANDATORY-GROUPS { ciscoIpUrpfMIBMainObjectGroup, + ciscoIpUrpfMIBNotifyGroup } + + GROUP ciscoIpUrpfMIBVrfObjectGroup + DESCRIPTION + "This group is mandatory for all implementations + that need to index URPF statistics by VRF interfaces." + + ::= { ciscoIpUrpfMIBCompliances 1 } + +ciscoIpUrpfMIBMainObjectGroup OBJECT-GROUP + OBJECTS { + cipUrpfDropRateWindow, + cipUrpfComputeInterval, + cipUrpfDropNotifyHoldDownTime, + cipUrpfDrops, + cipUrpfDropRate, + cipUrpfIfDrops, + cipUrpfIfSuppressedDrops, + cipUrpfIfDropRate, + cipUrpfIfDropRateNotifyEnable, + cipUrpfIfNotifyDropRateThreshold, + cipUrpfIfNotifyDrHoldDownReset, + cipUrpfIfCheckStrict, + cipUrpfIfDiscontinuityTime + } + STATUS current + DESCRIPTION + "The collection of common counter objects, those + needed by other objects, and the common interface + table." + ::= { ciscoIpUrpfMIBGroups 1 } + +ciscoIpUrpfMIBVrfObjectGroup OBJECT-GROUP + OBJECTS { + cipUrpfVrfName, + cipUrpfIfWhichRouteTableID, + cipUrpfIfVrfName, + cipUrpfVrfIfDrops, + cipUrpfVrfIfDiscontinuityTime + } + STATUS current + DESCRIPTION + "The collection of objects needed to index by + VRF." + ::= { ciscoIpUrpfMIBGroups 2 } + +ciscoIpUrpfMIBNotifyGroup NOTIFICATION-GROUP + NOTIFICATIONS { cipUrpfIfDropRateNotify } + STATUS current + DESCRIPTION + "The collection of objects which are used to specify + notifications for URPF." + ::= { ciscoIpUrpfMIBGroups 6 } + +END diff --git a/mibs/IANAifType-MIB.my b/mibs/IANAifType-MIB.my new file mode 100644 index 0000000000..32ea64e047 --- /dev/null +++ b/mibs/IANAifType-MIB.my @@ -0,0 +1,518 @@ +-- ***************************************************************** +-- IANAifType-MIB.my: IANA Interface Type MIB +-- +-- May 1994, Jeffrey T. Johnson +-- +-- Copyright (c) 1994-1997, 1998, 1999, 2000-2006 by cisco Systems, Inc. +-- All rights reserved. +-- +-- ***************************************************************** + + IANAifType-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, mib-2 FROM SNMPv2-SMI + TEXTUAL-CONVENTION FROM SNMPv2-TC; + + ianaifType MODULE-IDENTITY + LAST-UPDATED "200603310000Z" -- March 31, 2006 + ORGANIZATION "IANA" + CONTACT-INFO " Internet Assigned Numbers Authority + + Postal: ICANN + 4676 Admiralty Way, Suite 330 + Marina del Rey, CA 90292 + + Tel: +1 310 823 9358 + E-Mail: iana@iana.org" + + DESCRIPTION "This MIB module defines the IANAifType Textual + Convention, and thus the enumerated values of + the ifType object defined in MIB-II's ifTable." + + REVISION "200603310000Z" -- March 31, 2006 + DESCRIPTION "Registration of new IANA ifType 234." + + REVISION "200603300000Z" -- March 30, 2006 + DESCRIPTION "Registration of new IANA ifType 233." + + REVISION "200512220000Z" -- December 22, 2005 + DESCRIPTION "Registration of new IANA ifTypes 231 and 232." + + REVISION "200510100000Z" -- October 10, 2005 + DESCRIPTION "Registration of new IANA ifType 230." + + REVISION "200509090000Z" -- September 09, 2005 + DESCRIPTION "Registration of new IANA ifType 229." + + REVISION "200505270000Z" -- May 27, 2005 + DESCRIPTION "Registration of new IANA ifType 228." + + REVISION "200503030000Z" -- March 3, 2005 + DESCRIPTION "Added the IANAtunnelType TC and deprecated + IANAifType sixToFour (215) per RFC4087." + + REVISION "200411220000Z" -- November 22, 2004 + DESCRIPTION "Registration of new IANA ifType 227 per RFC4327." + + REVISION "200406170000Z" -- June 17, 2004 + DESCRIPTION "Registration of new IANA ifType 226." + + REVISION "200405120000Z" -- May 12, 2004 + DESCRIPTION "Added description for IANAifType 6, and + changed the descriptions for IANAifTypes + 180, 181, and 182." + + REVISION "200405070000Z" -- May 7, 2004 + DESCRIPTION "Registration of new IANAifType 225." + + REVISION "200308250000Z" -- Aug 25, 2003 + DESCRIPTION "Deprecated IANAifTypes 7 and 11. Obsoleted + IANAifTypes 62, 69, and 117. ethernetCsmacd (6) + should be used instead of these values" + + REVISION "200308180000Z" -- Aug 18, 2003 + DESCRIPTION "Registration of new IANAifType + 224." + + REVISION "200308070000Z" -- Aug 7, 2003 + DESCRIPTION "Registration of new IANAifTypes + 222 and 223." + + REVISION "200303180000Z" -- Mar 18, 2003 + DESCRIPTION "Registration of new IANAifType + 221." + + REVISION "200301130000Z" -- Jan 13, 2003 + DESCRIPTION "Registration of new IANAifType + 220." + + REVISION "200210170000Z" -- Oct 17, 2002 + DESCRIPTION "Registration of new IANAifType + 219." + + REVISION "200207160000Z" -- Jul 16, 2002 + DESCRIPTION "Registration of new IANAifTypes + 217 and 218." + + REVISION "200207100000Z" -- Jul 10, 2002 + DESCRIPTION "Registration of new IANAifTypes + 215 and 216." + + REVISION "200206190000Z" -- Jun 19, 2002 + DESCRIPTION "Registration of new IANAifType + 214." + + REVISION "200201040000Z" -- Jan 4, 2002 + DESCRIPTION "Registration of new IANAifTypes + 211, 212 and 213." + + REVISION "200112200000Z" -- Dec 20, 2001 + DESCRIPTION "Registration of new IANAifTypes + 209 and 210." + + REVISION "200111150000Z" -- Nov 15, 2001 + DESCRIPTION "Registration of new IANAifTypes + 207 and 208." + + + + REVISION "200111060000Z" -- Nov 6, 2001 + DESCRIPTION "Registration of new IANAifType + 206." + + + REVISION "200111020000Z" -- Nov 2, 2001 + DESCRIPTION "Registration of new IANAifType + 205." + + + REVISION "200110160000Z" -- Oct 16, 2001 + DESCRIPTION "Registration of new IANAifTypes + 199, 200, 201, 202, 203, and 204." + + + REVISION "200109190000Z" -- Sept 19, 2001 + DESCRIPTION "Registration of new IANAifType + 198." + + REVISION "200105110000Z" -- May 11, 2001 + DESCRIPTION "Registration of new IANAifType + 197." + + + REVISION "200101120000Z" -- Jan 12, 2001 + DESCRIPTION "Registration of new IANAifTypes + 195 and 196." + + REVISION "200012190000Z" -- Dec 19, 2000 + DESCRIPTION "Registration of new IANAifTypes + 193 and 194." + + REVISION "200012070000Z" -- Dec 07, 2000 + DESCRIPTION "Registration of new IANAifTypes + 191 and 192." + + REVISION "200012040000Z" -- Dec 04, 2000 + DESCRIPTION "Registration of new IANAifType + 190." + + REVISION "200010170000Z" -- Oct 17, 2000 + DESCRIPTION "Registration of new IANAifTypes + 188 and 189." + + REVISION "200010020000Z" -- Oct 02, 2000 + DESCRIPTION "Registration of new IANAifType 187." + + REVISION "200009010000Z" -- Sept 01, 2000 + DESCRIPTION "Registration of new IANAifTypes + 184, 185, and 186." + + REVISION "200008240000Z" -- Aug 24, 2000 + DESCRIPTION "Registration of new IANAifType 183." + + REVISION "200008230000Z" -- Aug 23, 2000 + DESCRIPTION "Registration of new IANAifTypes + 174-182." + + REVISION "200008220000Z" -- Aug 22, 2000 + DESCRIPTION "Registration of new IANAifTypes 170, + 171, 172 and 173." + + REVISION "200004250000Z" -- Apr 25, 2000 + DESCRIPTION "Registration of new IANAifTypes 168 and 169." + + + REVISION "200003060000Z" -- Mar 6, 2000 + DESCRIPTION "Fixed a missing semi-colon in the IMPORT. + Also cleaned up the REVISION log a bit. + It is not complete, but from now on it will + be maintained and kept up to date with each + change to this MIB module." + + REVISION "199910081430Z" -- Oct 08, 1999 + DESCRIPTION "Include new name assignments up to cnr(85). + This is the first version available via the WWW + at: ftp://ftp.isi.edu/mib/ianaiftype.mib" + + REVISION "199401310000Z" -- Jan 31, 1994 + DESCRIPTION "Initial version of this MIB as published in + RFC 1573." + + ::= { mib-2 30 } + + + IANAifType ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This data type is used as the syntax of the ifType + object in the (updated) definition of MIB-II's + ifTable. + + The definition of this textual convention with the + addition of newly assigned values is published + periodically by the IANA, in either the Assigned + Numbers RFC, or some derivative of it specific to + Internet Network Management number assignments. (The + latest arrangements can be obtained by contacting the + IANA.) + + Requests for new values should be made to IANA via + email (iana@iana.org). + + The relationship between the assignment of ifType + values and of OIDs to particular media-specific MIBs + is solely the purview of IANA and is subject to change + without notice. Quite often, a media-specific MIB's + OID-subtree assignment within MIB-II's 'transmission' + subtree will be the same as its ifType value. + However, in some circumstances this will not be the + case, and implementors must not pre-assume any + specific relationship between ifType values and + transmission subtree OIDs." + SYNTAX INTEGER { + other(1), -- none of the following + regular1822(2), + hdh1822(3), + ddnX25(4), + rfc877x25(5), + ethernetCsmacd(6), -- for all ethernet-like interfaces, + -- regardless of speed, as per RFC3635 + iso88023Csmacd(7), -- Deprecated via RFC-draft-ietf-hubmib-etherif-mib-v3 ethernetCsmacd (6) should be used instead + iso88024TokenBus(8), + iso88025TokenRing(9), + iso88026Man(10), + starLan(11), -- Deprecated via RFC-draft-ietf-hubmib-etherif-mib-v3 ethernetCsmacd (6) should be used instead + proteon10Mbit(12), + proteon80Mbit(13), + hyperchannel(14), + fddi(15), + lapb(16), + sdlc(17), + ds1(18), -- DS1-MIB + e1(19), -- Obsolete see DS1-MIB + basicISDN(20), + primaryISDN(21), + propPointToPointSerial(22), -- proprietary serial + ppp(23), + softwareLoopback(24), + eon(25), -- CLNP over IP + ethernet3Mbit(26), + nsip(27), -- XNS over IP + slip(28), -- generic SLIP + ultra(29), -- ULTRA technologies + ds3(30), -- DS3-MIB + sip(31), -- SMDS, coffee + frameRelay(32), -- DTE only. + rs232(33), + para(34), -- parallel-port + arcnet(35), -- arcnet + arcnetPlus(36), -- arcnet plus + atm(37), -- ATM cells + miox25(38), + sonet(39), -- SONET or SDH + x25ple(40), + iso88022llc(41), + localTalk(42), + smdsDxi(43), + frameRelayService(44), -- FRNETSERV-MIB + v35(45), + hssi(46), + hippi(47), + modem(48), -- Generic modem + aal5(49), -- AAL5 over ATM + sonetPath(50), + sonetVT(51), + smdsIcip(52), -- SMDS InterCarrier Interface + propVirtual(53), -- proprietary virtual/internal + propMultiplexor(54),-- proprietary multiplexing + ieee80212(55), -- 100BaseVG + fibreChannel(56), -- Fibre Channel + hippiInterface(57), -- HIPPI interfaces + frameRelayInterconnect(58), -- Obsolete use either + -- frameRelay(32) or + -- frameRelayService(44). + aflane8023(59), -- ATM Emulated LAN for 802.3 + aflane8025(60), -- ATM Emulated LAN for 802.5 + cctEmul(61), -- ATM Emulated circuit + fastEther(62), -- Obsoleted via RFC-draft-ietf-hubmib-etherif-mib-v3 ethernetCsmacd (6) should be used instead + isdn(63), -- ISDN and X.25 + v11(64), -- CCITT V.11/X.21 + v36(65), -- CCITT V.36 + g703at64k(66), -- CCITT G703 at 64Kbps + g703at2mb(67), -- Obsolete see DS1-MIB + qllc(68), -- SNA QLLC + fastEtherFX(69), -- Obsoleted via RFC-draft-ietf-hubmib-etherif-mib-v3 ethernetCsmacd (6) should be used instead + channel(70), -- channel + ieee80211(71), -- radio spread spectrum + ibm370parChan(72), -- IBM System 360/370 OEMI Channel + escon(73), -- IBM Enterprise Systems Connection + dlsw(74), -- Data Link Switching + isdns(75), -- ISDN S/T interface + isdnu(76), -- ISDN U interface + lapd(77), -- Link Access Protocol D + ipSwitch(78), -- IP Switching Objects + rsrb(79), -- Remote Source Route Bridging + atmLogical(80), -- ATM Logical Port + ds0(81), -- Digital Signal Level 0 + ds0Bundle(82), -- group of ds0s on the same ds1 + bsc(83), -- Bisynchronous Protocol + async(84), -- Asynchronous Protocol + cnr(85), -- Combat Net Radio + iso88025Dtr(86), -- ISO 802.5r DTR + eplrs(87), -- Ext Pos Loc Report Sys + arap(88), -- Appletalk Remote Access Protocol + propCnls(89), -- Proprietary Connectionless Protocol + hostPad(90), -- CCITT-ITU X.29 PAD Protocol + termPad(91), -- CCITT-ITU X.3 PAD Facility + frameRelayMPI(92), -- Multiproto Interconnect over FR + x213(93), -- CCITT-ITU X213 + adsl(94), -- Asymmetric Digital Subscriber Loop + radsl(95), -- Rate-Adapt. Digital Subscriber Loop + sdsl(96), -- Symmetric Digital Subscriber Loop + vdsl(97), -- Very H-Speed Digital Subscrib. Loop + iso88025CRFPInt(98), -- ISO 802.5 CRFP + myrinet(99), -- Myricom Myrinet + voiceEM(100), -- voice recEive and transMit + voiceFXO(101), -- voice Foreign Exchange Office + voiceFXS(102), -- voice Foreign Exchange Station + voiceEncap(103), -- voice encapsulation + voiceOverIp(104), -- voice over IP encapsulation + atmDxi(105), -- ATM DXI + atmFuni(106), -- ATM FUNI + atmIma (107), -- ATM IMA + pppMultilinkBundle(108), -- PPP Multilink Bundle + ipOverCdlc (109), -- IBM ipOverCdlc + ipOverClaw (110), -- IBM Common Link Access to Workstn + stackToStack (111), -- IBM stackToStack + virtualIpAddress (112), -- IBM VIPA + mpc (113), -- IBM multi-protocol channel support + ipOverAtm (114), -- IBM ipOverAtm + iso88025Fiber (115), -- ISO 802.5j Fiber Token Ring + tdlc (116), -- IBM twinaxial data link control + gigabitEthernet (117), -- Obsoleted via RFC-draft-ietf-hubmib-etherif-mib-v3 ethernetCsmacd (6) should be used instead + hdlc (118), -- HDLC + lapf (119), -- LAP F + v37 (120), -- V.37 + x25mlp (121), -- Multi-Link Protocol + x25huntGroup (122), -- X25 Hunt Group + trasnpHdlc (123), -- Transp HDLC + interleave (124), -- Interleave channel + fast (125), -- Fast channel + ip (126), -- IP (for APPN HPR in IP networks) + docsCableMaclayer (127), -- CATV Mac Layer + docsCableDownstream (128), -- CATV Downstream interface + docsCableUpstream (129), -- CATV Upstream interface + a12MppSwitch (130), -- Avalon Parallel Processor + tunnel (131), -- Encapsulation interface + coffee (132), -- coffee pot + ces (133), -- Circuit Emulation Service + atmSubInterface (134), -- ATM Sub Interface + l2vlan (135), -- Layer 2 Virtual LAN using 802.1Q + l3ipvlan (136), -- Layer 3 Virtual LAN using IP + l3ipxvlan (137), -- Layer 3 Virtual LAN using IPX + digitalPowerline (138), -- IP over Power Lines + mediaMailOverIp (139), -- Multimedia Mail over IP + dtm (140), -- Dynamic syncronous Transfer Mode + dcn (141), -- Data Communications Network + ipForward (142), -- IP Forwarding Interface + msdsl (143), -- Multi-rate Symmetric DSL + ieee1394 (144), -- IEEE1394 High Performance Serial Bus + if-gsn (145), -- HIPPI-6400 + dvbRccMacLayer (146), -- DVB-RCC MAC Layer + dvbRccDownstream (147), -- DVB-RCC Downstream Channel + dvbRccUpstream (148), -- DVB-RCC Upstream Channel + atmVirtual (149), -- ATM Virtual Interface + mplsTunnel (150), -- MPLS Tunnel Virtual Interface + srp (151), -- Spatial Reuse Protocol + voiceOverAtm (152), -- Voice Over ATM + voiceOverFrameRelay (153), -- Voice Over Frame Relay + idsl (154), -- Digital Subscriber Loop over ISDN + compositeLink (155), -- Avici Composite Link Interface + ss7SigLink (156), -- SS7 Signaling Link + propWirelessP2P (157), -- Prop. P2P wireless interface + frForward (158), -- Frame Forward Interface + rfc1483 (159), -- Multiprotocol over ATM AAL5 + usb (160), -- USB Interface + ieee8023adLag (161), -- IEEE 802.3ad Link Aggregate + bgppolicyaccounting (162), -- BGP Policy Accounting + frf16MfrBundle (163), -- FRF .16 Multilink Frame Relay + h323Gatekeeper (164), -- H323 Gatekeeper + h323Proxy (165), -- H323 Voice and Video Proxy + mpls (166), -- MPLS + mfSigLink (167), -- Multi-frequency signaling link + hdsl2 (168), -- High Bit-Rate DSL - 2nd generation + shdsl (169), -- Multirate HDSL2 + ds1FDL (170), -- Facility Data Link 4Kbps on a DS1 + pos (171), -- Packet over SONET/SDH Interface + dvbAsiIn (172), -- DVB-ASI Input + dvbAsiOut (173), -- DVB-ASI Output + plc (174), -- Power Line Communtications + nfas (175), -- Non Facility Associated Signaling + tr008 (176), -- TR008 + gr303RDT (177), -- Remote Digital Terminal + gr303IDT (178), -- Integrated Digital Terminal + isup (179), -- ISUP + propDocsWirelessMaclayer (180), -- Cisco proprietary Maclayer + propDocsWirelessDownstream (181), -- Cisco proprietary Downstream + propDocsWirelessUpstream (182), -- Cisco proprietary Upstream + hiperlan2 (183), -- HIPERLAN Type 2 Radio Interface + propBWAp2Mp (184), -- PropBroadbandWirelessAccesspt2multipt + sonetOverheadChannel (185), -- SONET Overhead Channel + digitalWrapperOverheadChannel (186), -- Digital Wrapper + aal2 (187), -- ATM adaptation layer 2 + radioMAC (188), -- MAC layer over radio links + atmRadio (189), -- ATM over radio links + imt (190), -- Inter Machine Trunks + mvl (191), -- Multiple Virtual Lines DSL + reachDSL (192), -- Long Reach DSL + frDlciEndPt (193), -- Frame Relay DLCI End Point + atmVciEndPt (194), -- ATM VCI End Point + opticalChannel (195), -- Optical Channel + opticalTransport (196), -- Optical Transport + propAtm (197), -- Proprietary ATM + voiceOverCable (198), -- Voice Over Cable Interface + infiniband (199), -- Infiniband + teLink (200), -- TE Link + q2931 (201), -- Q.2931 + virtualTg (202), -- Virtual Trunk Group + sipTg (203), -- SIP Trunk Group + sipSig (204), -- SIP Signaling + docsCableUpstreamChannel (205), -- CATV Upstream Channel + econet (206), -- Acorn Econet + pon155 (207), -- FSAN 155Mb Symetrical PON interface + pon622 (208), -- FSAN622Mb Symetrical PON interface + bridge (209), -- Transparent bridge interface + linegroup (210), -- Interface common to multiple lines + voiceEMFGD (211), -- voice E&M Feature Group D + voiceFGDEANA (212), -- voice FGD Exchange Access North American + voiceDID (213), -- voice Direct Inward Dialing + mpegTransport (214), -- MPEG transport interface + sixToFour (215), -- 6to4 interface (DEPRECATED) + gtp (216), -- GTP (GPRS Tunneling Protocol) + pdnEtherLoop1 (217), -- Paradyne EtherLoop 1 + pdnEtherLoop2 (218), -- Paradyne EtherLoop 2 + opticalChannelGroup (219), -- Optical Channel Group + homepna (220), -- HomePNA ITU-T G.989 + gfp (221), -- Generic Framing Procedure (GFP) + ciscoISLvlan (222), -- Layer 2 Virtual LAN using Cisco ISL + actelisMetaLOOP (223), -- Acteleis proprietary MetaLOOP High Speed Link + fcipLink (224), -- FCIP Link + rpr (225), -- Resilient Packet Ring Interface Type + qam (226), -- RF Qam Interface + lmp (227), -- Link Management Protocol + cblVectaStar (228), -- Cambridge Broadband Limited VectaStar + docsCableMCmtsDownstream (229), -- CATV Modular CMTS Downstream Interface + adsl2 (230), -- Asymmetric Digital Subscriber Loop Version 2 + macSecControlledIF (231), -- MACSecControlled + macSecUncontrolledIF (232), -- MACSecUncontrolled + aviciOpticalEther (233), -- Avici Optical Ethernet Aggregate + atmbond (234) -- atmbond + } + +IANAtunnelType ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "The encapsulation method used by a tunnel. The value + direct indicates that a packet is encapsulated + directly within a normal IP header, with no + intermediate header, and unicast to the remote tunnel + endpoint (e.g., an RFC 2003 IP-in-IP tunnel, or an RFC + 1933 IPv6-in-IPv4 tunnel). The value minimal indicates + that a Minimal Forwarding Header (RFC 2004) is + inserted between the outer header and the payload + packet. The value UDP indicates that the payload + packet is encapsulated within a normal UDP packet + (e.g., RFC 1234). + + The values sixToFour, sixOverFour, and isatap + indicates that an IPv6 packet is encapsulated directly + within an IPv4 header, with no intermediate header, + and unicast to the destination determined by the 6to4, + 6over4, or ISATAP protocol. + + The remaining protocol-specific values indicate that a + header of the protocol of that name is inserted + between the outer header and the payload header. + + The assignment policy for IANAtunnelType values is + identical to the policy for assigning IANAifType + values." + SYNTAX INTEGER { + other(1), -- none of the following + direct(2), -- no intermediate header + gre(3), -- GRE encapsulation + minimal(4), -- Minimal encapsulation + l2tp(5), -- L2TP encapsulation + pptp(6), -- PPTP encapsulation + l2f(7), -- L2F encapsulation + udp(8), -- UDP encapsulation + atmp(9), -- ATMP encapsulation + msdp(10), -- MSDP encapsulation + sixToFour(11), -- 6to4 encapsulation + sixOverFour(12), -- 6over4 encapsulation + isatap(13), -- ISATAP encapsulation + teredo(14) -- Teredo encapsulation + } + + END diff --git a/mibs/process.pl b/mibs/process.pl new file mode 100755 index 0000000000..d054614e24 --- /dev/null +++ b/mibs/process.pl @@ -0,0 +1,21 @@ +#!/usr/bin/perl + +sub getfiles { + +opendir(DIR,"."); + +while($file = readdir(DIR)) { + +if($file !~ /^\./) { + +foreach $all ($file) { + +system("snmpttconvertmib --in=$all --out=/etc/snmp/snmptt-d.conf"); +print "$all\n"; +} +} +} +closedir(DIR); +} + +&getfiles;