PORT-SECURITY-MIB
File:
PORT-SECURITY-MIB.mib (16780 bytes)
Imported modules
Imported symbols
Defined Types
SwPortSecPortEntry |
|
SEQUENCE |
|
|
|
|
swPortSecPortIndex |
INTEGER |
|
|
swPortSecPortMaxLernAddr |
INTEGER |
|
|
swPortSecPortLockAddrMode |
INTEGER |
|
|
swPortSecPortAdmState |
INTEGER |
|
|
swPortSecPortViolationAction |
INTEGER |
|
|
swPortSecPortClearCtrl |
INTEGER |
|
SwPortSecVLANEntry |
|
SEQUENCE |
|
|
|
|
swPortSecVLANID |
INTEGER |
|
|
swPortSecVLANMaxLernAddr |
INTEGER |
|
|
swPortSecVLANClearCtrl |
INTEGER |
|
SwPortSecVLANOnPortEntry |
|
SEQUENCE |
|
|
|
|
swPortSecVLANOnPortMaxLernAddr |
INTEGER |
|
|
swPortSecVLANOnPortAddCtrl |
INTEGER |
|
SwPortSecEntriesEntry |
|
SEQUENCE |
|
|
|
|
swPortSecMac |
MacAddress |
|
|
swPortSecVID |
INTEGER |
|
|
swPortSecPort |
INTEGER |
|
|
swPortSecDelCtrl |
INTEGER |
|
Defined Values
swPortSecMIB |
1.3.6.1.4.1.171.12.63 |
The structure of port security for the proprietary enterprise. |
MODULE-IDENTITY |
|
|
|
swPortSecTrapLogState |
1.3.6.1.4.1.171.12.63.1.1 |
When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, traps will be sent out
and the relevant information will be logged into the system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swPortSecSysMaxLernAddr |
1.3.6.1.4.1.171.12.63.1.2 |
Indicates the maximum number of addresses to be authorized
by port security on the system.
A value of -1 means no-limit. The default value is no-limit.
The max entry range is (1..N). The value N means the max number and is
determined by the project itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecTrapState |
1.3.6.1.4.1.171.12.63.1.3 |
When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, trap will be sent out. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swPortSecLogState |
1.3.6.1.4.1.171.12.63.1.4 |
When enabled(1), whenever there's a new MAC address that violates
the pre-defined port security configuration, the relevant information
will be logged into the system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swPortSecPortTable |
1.3.6.1.4.1.171.12.63.3.1.1 |
A port security feature which controls the address learning capability and
traffic forwarding decisions. Each port can be enabled or disabled for this function.
When it is enabled and a number is given said N, which allows N addresses to be
learned on this port, the first N learned addresses are locked at this port as
static entries. When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this port. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SwPortSecPortEntry |
|
swPortSecPortEntry |
1.3.6.1.4.1.171.12.63.3.1.1.1 |
A list of information contained in the swPortSecPortTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SwPortSecPortEntry |
|
|
swPortSecPortIndex |
1.3.6.1.4.1.171.12.63.3.1.1.1.1 |
Indicates the secured port to lock address learning. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecPortMaxLernAddr |
1.3.6.1.4.1.171.12.63.3.1.1.1.2 |
Indicates the allowable number of addresses to be learned on this port.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecPortLockAddrMode |
1.3.6.1.4.1.171.12.63.3.1.1.1.3 |
Indicates the mode of locking address.
In deleteOnTimeout(2) mode, the locked addresses can be aged out after
the aging timer expires. In this mode, when the locked address is aged
out, the number of addresses that can be learned has to be increased by one.
In deleteOnReset (3) mode, locked addresses never age out unless the system
restarts which will prevent port movement or intrusion. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
permanent(1), deleteOnTimeout(2), deleteOnReset(3) |
|
swPortSecPortAdmState |
1.3.6.1.4.1.171.12.63.3.1.1.1.4 |
Indicates the administration state of the locking address. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
enabled(1), disabled(2) |
|
swPortSecPortClearCtrl |
1.3.6.1.4.1.171.12.63.3.1.1.1.5 |
Used to clear port security entries by port.
Setting this value to 'start' will execute the clear action.
Once cleared, the value returns to 'other'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), start(2) |
|
swPortSecPortViolationAction |
1.3.6.1.4.1.171.12.63.3.1.1.1.6 |
Used to indicates the action when violation occurs. When the number of
secure MAC address reaches the maximum learning number on the port,
for drop action, new entry will be dropped and for shutdown action,
the port will be shut down and enter error-disabled state immediately. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
drop(1), shutdown(2) |
|
swPortSecVLANTable |
1.3.6.1.4.1.171.12.63.3.2.1 |
A port security feature which controls the address leaning capability.
When number is given said N, which allows N addresses to be learned on this VLAN,
the first N learned addresses are locked at this VLAN as static entries.
When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this VLAN. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SwPortSecVLANEntry |
|
swPortSecVLANEntry |
1.3.6.1.4.1.171.12.63.3.2.1.1 |
A list of information contained in the swPortSecVLANTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SwPortSecVLANEntry |
|
|
swPortSecVLANID |
1.3.6.1.4.1.171.12.63.3.2.1.1.1 |
Indicates the secured VLAN to lock address learning. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..4094 |
|
swPortSecVLANMaxLernAddr |
1.3.6.1.4.1.171.12.63.3.2.1.1.2 |
Indicates allowable number of addresses to be learned on this VLAN.
A value of -1 means no-limit. The default value is no-limit.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecVLANClearCtrl |
1.3.6.1.4.1.171.12.63.3.2.1.1.3 |
Used to clear port security entries by VLAN.
Setting this value to 'start' will execute the clear action.
Once cleared, the value returns to 'other'.
|
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), start(2) |
|
swPortSecVLANOnPortTable |
1.3.6.1.4.1.171.12.63.3.3.1 |
A port security feature which controls the address learning capability.
When number is given said N, which allows N addresses to be learned
on this VLAN from the special port, the first N learned addresses are locked
at this VLAN from the special port as static entries.
When the learned addresses number reaches N, any incoming packet
without learned source addresses are discarded (e.g. dropped) and no more new
addresses can be learned on this VLAN from the special port. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
SwPortSecVLANOnPortEntry |
|
swPortSecVLANOnPortEntry |
1.3.6.1.4.1.171.12.63.3.3.1.1 |
A list of information contained in the swPortSecVLANOnPortTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SwPortSecVLANOnPortEntry |
|
|
swPortSecVLANOnPortMaxLernAddr |
1.3.6.1.4.1.171.12.63.3.3.1.1.1 |
Indicates allowable number of addresses to be learned on this VLAN
from the special port.
A value of -1 means no-limit. The default value is no-limit.
Only VLANs with limitations will be displayed in this table.
The max entry range is (0..N). The value N means the max number and is
determined by the project itself. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecVLANOnPortAddCtrl |
1.3.6.1.4.1.171.12.63.3.3.1.1.2 |
other (1):
When user gets this object, it always returns other(1).
add (2):
Used to configure the VLAN limit from the special port.
If 'add' is selected, swPortSecVLANOnPortMaxLernAddr must be set to a valid value except -1.
|
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), add(2) |
|
swPortSecMgmtByVLANOnPortClearAction |
1.3.6.1.4.1.171.12.63.3.3.2.3 |
other(1):
When user gets this object, it always returns other(1).
start(2):
Used to clear port security entries by VLAN on the special port. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), start(2) |
|
swPortSecEntriesEntry |
1.3.6.1.4.1.171.12.63.3.4.1 |
A list of information contained in the swPortSecEntriesTable. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SwPortSecEntriesEntry |
|
|
swPortSecMac |
1.3.6.1.4.1.171.12.63.3.4.1.1 |
Specifies a MAC address. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
MacAddress |
|
|
swPortSecVID |
1.3.6.1.4.1.171.12.63.3.4.1.2 |
Indicates the VLAN ID. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
1..4094 |
|
swPortSecPort |
1.3.6.1.4.1.171.12.63.3.4.1.3 |
Indicates the port. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
|
|
swPortSecDelCtrl |
1.3.6.1.4.1.171.12.63.3.4.1.4 |
Used to delete this port security entry.
Setting this value to 'start' will execute the delete action.
Once deleted, the value returns to 'other'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), start(2) |
|