ZTE-AN-SECURITY-L3-MIB

File: ZTE-AN-SECURITY-L3-MIB.mib (10309 bytes)

Imported modules

SNMPv2-SMI ZTE-AN-SMI

Imported symbols

OBJECT-TYPE MODULE-IDENTITY Integer32
zxAnServiceSecurity

Defined Values

zxAnSecurityL3Mib 1.3.6.1.4.1.3902.1082.70.37
The MIB module for the layer 3 security management.
MODULE-IDENTITY    

zxAnSecL3Objects 1.3.6.1.4.1.3902.1082.70.37.2
OBJECT IDENTIFIER    

zxAnSecL3IpObjects 1.3.6.1.4.1.3902.1082.70.37.2.2
OBJECT IDENTIFIER    

zxAnSecL3TcpObjects 1.3.6.1.4.1.3902.1082.70.37.2.3
OBJECT IDENTIFIER    

zxAnSecL3IpGlobalObjects 1.3.6.1.4.1.3902.1082.70.37.2.2.1
OBJECT IDENTIFIER    

zxAnSecL3IpSrcDstIpAddrCheckEn 1.3.6.1.4.1.3902.1082.70.37.2.2.1.1
Enable/disable source and destination IP address check function. When this object is set to enabled(1), the source and destination IP address of the received packets will be checked, if both addresses are the same, the packets will be dropped.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

zxAnSecL3IpSrcRouteCheckEn 1.3.6.1.4.1.3902.1082.70.37.2.2.1.2
Enable/disable IP source route check function. When this object is set to enabled(1), the received packets with IP source route option will be dropped.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

zxAnSecL3TcpGlobalObjects 1.3.6.1.4.1.3902.1082.70.37.2.3.1
OBJECT IDENTIFIER    

zxAnSecL3TcpSynFloodGlbObjects 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1
OBJECT IDENTIFIER    

zxAnSecL3TcpSynFldProtectEnable 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.1
Enable/disable TCP SYN flooding protection function.
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

zxAnSecL3TcpSynFldProtectType 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.2
TCP SYN flooding protection type. delHalfOpenAndAccelerateTimeout(1) -- Both delHalfOpen(2) and accelerateTimeout(3) will be performed when zxAnSecL3TcpSynFldProtectStatus is defence(3). delHalfOpen(2) -- TCP half-open connections specified by zxAnSecL3TcpHalfOpenDels will be deleted, this action will be performed automatically and periodically until zxAnSecL3TcpSynFldProtectStatus is not defence(3). when zxAnSecL3TcpSynFldProtectStatus is defence(3). accelerateTimeout(3) -- The system TCP half-open timeout parameter will be forcely set to the value specified by zxAnSecL3TcpHalfOpenTimeout when zxAnSecL3TcpSynFldProtectStatus is defence(3).
Status: current Access: read-write
OBJECT-TYPE    
  INTEGER delHalfOpenAndAccelerateTimeout(1), delHalfOpen(2), accelerateTimeout(3)  

zxAnSecL3TcpHalfOpenTimeout 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.3
Timeout of TCP half-open (SYN-RCVD) status. This object will be activated when zxAnSecL3TcpSynFldProtectStatus is defence(3).
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..255  

zxAnSecL3TcpHalfOpenDels 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.4
Deleting number of TCP half-open connections that cannot be established each time. This action will be performed automatically and periodically until zxAnSecL3TcpSynFldProtectStatus is not defence(3).
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..255  

zxAnSecL3TcpHalfOpenLoThresh 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.5
TCP half-open connections lowest ratio threshold between zxAnSecL3TcpHalfOpenConns and zxAnSecL3TcpTotalConns.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..100  

zxAnSecL3TcpHalfOpenHiThresh 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.6
TCP half-open connections highest ratio threshold between zxAnSecL3TcpHalfOpenConns and zxAnSecL3TcpTotalConns.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..100  

zxAnSecL3TcpC1MHalfOpenLoThresh 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.7
TCP half-open connections lowest ratio threshold between zxAnSecL3TcpC1MHalfOpenConns and zxAnSecL3TcpC1MTotalConns in current 1 minute.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..100  

zxAnSecL3TcpC1MHalfOpenHiThresh 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.8
TCP half-open connections highest ratio threshold between zxAnSecL3TcpC1MHalfOpenConns and zxAnSecL3TcpC1MTotalConns in current 1 minute.
Status: current Access: read-write
OBJECT-TYPE    
  Integer32 0..100  

zxAnSecL3TcpSynFldProtectStatus 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.20
TCP SYN flooding protection status. This object will be automatically set as following: CurrentHoRatio = 100 * zxAnSecL3TcpHalfOpenConns / zxAnSecL3TcpTotalConns Current1MinHoRatio = 100 * zxAnSecL3TcpC1MHalfOpenConns / zxAnSecL3TcpC1MTotalConns If CurrentHoRatio < zxAnSecL3TcpHalfOpenLoThresh and Current1MinHoRatio < zxAnSecL3TcpC1MHalfOpenLoThresh zxAnSecL3TcpSynFldProtectStatus will be set to safety(1); If CurrentHoRatio >= zxAnSecL3TcpHalfOpenHiThresh or Current1MinHoRatio >= zxAnSecL3TcpC1MHalfOpenHiThresh zxAnSecL3TcpSynFldProtectStatus will be set to defence(3); In other cases, zxAnSecL3TcpSynFldProtectStatus will be set to warning(2).
Status: current Access: read-only
OBJECT-TYPE    
  INTEGER safety(1), warning(2), defence(3)  

zxAnSecL3TcpTotalConns 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.21
Number of all TCP connections.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

zxAnSecL3TcpHalfOpenConns 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.22
Number of TCP half-open connections that cannot be established.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

zxAnSecL3TcpC1MTotalConns 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.23
Number of all TCP connections in current 1 minute.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

zxAnSecL3TcpC1MHalfOpenConns 1.3.6.1.4.1.3902.1082.70.37.2.3.1.1.24
Number of TCP half-open connections that cannot be established in current 1 minute.
Status: current Access: read-only
OBJECT-TYPE    
  Integer32  

Generation date: July 28, 2023, 16:18:13, Copyright © 2007 - 2022 - Circitor