-- -- WS-SW-ROLE-FIREWALL-MIB.my -- MIB generated by MG-SOFT Visual MIB Builder Version 6.0 Build 88 -- Wednesday, July 01, 2009 at 15:49:32 -- WS-SW-ROLE-FIREWALL-MIB DEFINITIONS ::= BEGIN IMPORTS OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF BITS, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI DisplayString, RowStatus, PhysAddress, TruthValue FROM SNMPv2-TC wsSw FROM WS-SMI AbbrevRowStatus, DoActionNow FROM WS-TYPE-MIB; -- 1.3.6.1.4.1.388.14.2.20.1 wsSwRoleFirewallMibModule MODULE-IDENTITY LAST-UPDATED "200902241124Z" -- February 24, 2009 at 11:24 GMT ORGANIZATION "Motorola Pvt Ltd" CONTACT-INFO "Contact-info." DESCRIPTION "Description." REVISION "200902241134Z" -- February 24, 2009 at 11:34 GMT DESCRIPTION "02a05 Added Role sequence number as index to wsSwRoleMuTable" REVISION "200902061132Z" -- February 06, 2009 at 11:32 GMT DESCRIPTION "Added bit position any to encryption type." REVISION "200812042018Z" -- December 04, 2008 at 20:18 GMT DESCRIPTION "Incorporated review comments in the previous revision." REVISION "200812041954Z" -- December 04, 2008 at 19:54 GMT DESCRIPTION "Mib definition for role configuration, attaching Acls and displaying Mus belonging to a role" REVISION "200707041129Z" -- July 04, 2007 at 11:29 GMT DESCRIPTION "Added Initial MIB for Role based Firewall" ::= { wsSwRoleFirewall 1 } -- -- Type definitions -- -- Different authentication types RoleAuthType ::= BITS { noneOrPreSharedKey(0), eap(1), kerberos(2), hotspot(3), macAuthentication(4), any(5) } -- Different encryption types RoleEncryptType ::= BITS { none(0), wep64(1), wep128(2), tkip(3), ccmp(4), tkipccmp(5), keyGuard(6), wep128Keyguard(7), any(8) } -- Match expression for the strings. Usage like wildcard entry. -- For example, in role based firewall to define a role with radio name which can match exactly or can contain or not contain "radio description" -- In role1 --> radio name --> exact --> radio1 (radio name should exactly match with "radio1") StringMatchExpression ::= INTEGER { exact(1), contains(2), notContains(3), any(4) } ValueCmpExpression ::= INTEGER { equal(1), notequal(2), any(3) } -- -- Node definitions -- -- 1.3.6.1.4.1.388.14.2.20 wsSwRoleFirewall OBJECT IDENTIFIER ::= { wsSw 20 } -- 1.3.6.1.4.1.388.14.2.20.1.1 wsSwRoleFirewallMib OBJECT IDENTIFIER ::= { wsSwRoleFirewallMibModule 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1 wsSwRoleTable OBJECT-TYPE SYNTAX SEQUENCE OF WsSwRoleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each MU will be assigned a role defined in this table" ::= { wsSwRoleFirewallMib 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1 wsSwRoleEntry OBJECT-TYPE SYNTAX WsSwRoleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the role table" INDEX { wsSwRoleSequenceNumber, wsSwRoleName } ::= { wsSwRoleTable 1 } WsSwRoleEntry ::= SEQUENCE { wsSwRoleSequenceNumber INTEGER, wsSwRoleName DisplayString, wsSwRoleAuthType RoleAuthType, wsSwRoleAuthMatchExpression ValueCmpExpression, wsSwRoleEncType RoleEncryptType, wsSwRoleEncMatchExpression ValueCmpExpression, wsSwRoleApLocation DisplayString, wsSwRoleApLocationExpression StringMatchExpression, wsSwRoleLocation DisplayString, wsSwRoleLocationMatchExpression StringMatchExpression, wsSwRoleEssid DisplayString, wsSwRoleEssidMatchExpression StringMatchExpression, wsSwRoleMuMac PhysAddress, wsSwRoleMuMacMask PhysAddress, wsSwRoleMuMacAny TruthValue, wsSwRoleGroupName DisplayString, wsSwRoleRadioGroupMatchExpression StringMatchExpression, wsSwRoleRowStatus AbbrevRowStatus } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.1 wsSwRoleSequenceNumber OBJECT-TYPE SYNTAX INTEGER (1..10000) MAX-ACCESS read-only STATUS current DESCRIPTION "If there are multiple role match, then the lowest sequence number match will be considered. This should be typically specified in multiples of 10 like 10, 20, 30 etc., so that new role can be inserted in between. For e.g. to insert another role between 10 and 20, one has to specify a match-seq-no value of 15." ::= { wsSwRoleEntry 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.2 wsSwRoleName OBJECT-TYPE SYNTAX DisplayString (SIZE (1..20)) MAX-ACCESS read-only STATUS current DESCRIPTION "Name of the Role" ::= { wsSwRoleEntry 2 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.3 wsSwRoleAuthType OBJECT-TYPE SYNTAX RoleAuthType MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU authentication type" ::= { wsSwRoleEntry 3 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.4 wsSwRoleAuthMatchExpression OBJECT-TYPE SYNTAX ValueCmpExpression MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU authentication to match" ::= { wsSwRoleEntry 4 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.5 wsSwRoleEncType OBJECT-TYPE SYNTAX RoleEncryptType MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU encryption type" ::= { wsSwRoleEntry 5 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.6 wsSwRoleEncMatchExpression OBJECT-TYPE SYNTAX ValueCmpExpression MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU encryption type to match" ::= { wsSwRoleEntry 6 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.7 wsSwRoleApLocation OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current DESCRIPTION "Radio name configuration" ::= { wsSwRoleEntry 7 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.8 wsSwRoleApLocationExpression OBJECT-TYPE SYNTAX StringMatchExpression MAX-ACCESS read-create STATUS current DESCRIPTION "Matching expression which matches the radio name wsSwRoleRadioDescr with the radio name configured in wireless" ::= { wsSwRoleEntry 8 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.9 wsSwRoleLocation OBJECT-TYPE SYNTAX DisplayString (SIZE (1..40)) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU zone " ::= { wsSwRoleEntry 9 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.10 wsSwRoleLocationMatchExpression OBJECT-TYPE SYNTAX StringMatchExpression MAX-ACCESS read-create STATUS current DESCRIPTION "Zone-name – this should match any one the zones present in SOLE" ::= { wsSwRoleEntry 10 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.11 wsSwRoleEssid OBJECT-TYPE SYNTAX DisplayString (SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU essid " ::= { wsSwRoleEntry 11 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.12 wsSwRoleEssidMatchExpression OBJECT-TYPE SYNTAX StringMatchExpression MAX-ACCESS read-create STATUS current DESCRIPTION "this should match the essid specified in wlan ssid command in wireless context" ::= { wsSwRoleEntry 12 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.13 wsSwRoleMuMac OBJECT-TYPE SYNTAX PhysAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU MAC address" ::= { wsSwRoleEntry 13 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.14 wsSwRoleMuMacMask OBJECT-TYPE SYNTAX PhysAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies MU MAC mask " ::= { wsSwRoleEntry 14 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.15 wsSwRoleMuMacAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The user does not want to set mac or mask" ::= { wsSwRoleEntry 15 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.16 wsSwRoleGroupName OBJECT-TYPE SYNTAX DisplayString (SIZE (1..50)) MAX-ACCESS read-create STATUS current DESCRIPTION "Radio name configuration" ::= { wsSwRoleEntry 16 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.17 wsSwRoleRadioGroupMatchExpression OBJECT-TYPE SYNTAX StringMatchExpression MAX-ACCESS read-create STATUS current DESCRIPTION "Matching expression which matches the radio name wsSwRoleRadioDescr with the radio name configured in wireless" ::= { wsSwRoleEntry 17 } -- 1.3.6.1.4.1.388.14.2.20.1.1.1.1.18 wsSwRoleRowStatus OBJECT-TYPE SYNTAX AbbrevRowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Create or delete an entry from role table" ::= { wsSwRoleEntry 18 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2 wsSwRoleFirewallPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF WsSwRoleFirewallPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table will assign firewall policy in inbound and outbound direction for a role" ::= { wsSwRoleFirewallMib 2 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1 wsSwRoleFirewallPolicyEntry OBJECT-TYPE SYNTAX WsSwRoleFirewallPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the RoleFirewallPolicy Table." INDEX { wsSwRoleFirewallPolicyRolePriority, wsSwRoleFirewallPolicyRoleName, wsSwRoleFirewallPolicyDirection, wsSwRoleFirewallPolicyAclPrecedence, wsSwRoleFirewallPolicyAclName } ::= { wsSwRoleFirewallPolicyTable 1 } WsSwRoleFirewallPolicyEntry ::= SEQUENCE { wsSwRoleFirewallPolicyRolePriority INTEGER, wsSwRoleFirewallPolicyRoleName DisplayString, wsSwRoleFirewallPolicyDirection INTEGER, wsSwRoleFirewallPolicyAclPrecedence INTEGER, wsSwRoleFirewallPolicyAclName DisplayString, wsSwRoleFirewallPolicyRowStatus AbbrevRowStatus } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.1 wsSwRoleFirewallPolicyRolePriority OBJECT-TYPE SYNTAX INTEGER (1..10001) MAX-ACCESS read-only STATUS current DESCRIPTION "Role Priority needed for returning roles in a sorted order" ::= { wsSwRoleFirewallPolicyEntry 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.2 wsSwRoleFirewallPolicyRoleName OBJECT-TYPE SYNTAX DisplayString (SIZE (1..20)) MAX-ACCESS read-only STATUS current DESCRIPTION "Name of Role" ::= { wsSwRoleFirewallPolicyEntry 2 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.3 wsSwRoleFirewallPolicyDirection OBJECT-TYPE SYNTAX INTEGER { inbound(1), outbound(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This Firewall policy can be applied for which direction ( inbound or outbound) " ::= { wsSwRoleFirewallPolicyEntry 3 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.4 wsSwRoleFirewallPolicyAclPrecedence OBJECT-TYPE SYNTAX INTEGER (1..100) MAX-ACCESS read-only STATUS current DESCRIPTION "ACL precedence - Each Role can have 2 Acls attached in either direction (IN and OUT). The precedences of Acls attached in same direction have to be different." ::= { wsSwRoleFirewallPolicyEntry 4 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.5 wsSwRoleFirewallPolicyAclName OBJECT-TYPE SYNTAX DisplayString (SIZE (1..64)) MAX-ACCESS read-only STATUS current DESCRIPTION "This either an IP Acl or a Mac ACL configured as apart of global Acl configuration which we are attaching to the role" ::= { wsSwRoleFirewallPolicyEntry 5 } -- 1.3.6.1.4.1.388.14.2.20.1.1.2.1.6 wsSwRoleFirewallPolicyRowStatus OBJECT-TYPE SYNTAX AbbrevRowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "Row Status - supports create and delete" ::= { wsSwRoleFirewallPolicyEntry 6 } -- 1.3.6.1.4.1.388.14.2.20.1.1.3 wsSwRoleMuTable OBJECT-TYPE SYNTAX SEQUENCE OF WsSwRoleMuEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Description." ::= { wsSwRoleFirewallMib 3 } -- 1.3.6.1.4.1.388.14.2.20.1.1.3.1 wsSwRoleMuEntry OBJECT-TYPE SYNTAX WsSwRoleMuEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table Of MU mac addresses belonging to a role" INDEX { wsSwRolePriority, wsSwRoleMuTableRoleName, wsSwRoleMuTableMUMac } ::= { wsSwRoleMuTable 1 } WsSwRoleMuEntry ::= SEQUENCE { wsSwRolePriority INTEGER, wsSwRoleMuTableRoleName DisplayString, wsSwRoleMuTableMUMac PhysAddress } -- 1.3.6.1.4.1.388.14.2.20.1.1.3.1.1 wsSwRolePriority OBJECT-TYPE SYNTAX INTEGER (1..10000) MAX-ACCESS read-only STATUS current DESCRIPTION "Role Priority" ::= { wsSwRoleMuEntry 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.3.1.2 wsSwRoleMuTableRoleName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Role Name" ::= { wsSwRoleMuEntry 2 } -- 1.3.6.1.4.1.388.14.2.20.1.1.3.1.3 wsSwRoleMuTableMUMac OBJECT-TYPE SYNTAX PhysAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Mac address of MU belonging to the role" ::= { wsSwRoleMuEntry 3 } -- 1.3.6.1.4.1.388.14.2.20.1.1.4 wsSwRoleAssignmentImmediateEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable role assignment action immediate. When a new role is created send De-Auth to all MU's if this configuration is enabled. No de-auth will be sent if this flag is off, so Mu's will get applied with this new role when it connects next time." ::= { wsSwRoleFirewallMib 4 } -- 1.3.6.1.4.1.388.14.2.20.1.1.5 wsSwRoleConfigLastError OBJECT-TYPE SYNTAX DisplayString (SIZE (0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "For displaying last error encountered during configuration" ::= { wsSwRoleFirewallMib 5 } -- 1.3.6.1.4.1.388.14.2.20.1.1.100 wsSwRoleFirewallConformance OBJECT IDENTIFIER ::= { wsSwRoleFirewallMib 100 } -- 1.3.6.1.4.1.388.14.2.20.1.1.100.1 wsSwRoleFirewallCompliances OBJECT IDENTIFIER ::= { wsSwRoleFirewallConformance 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.100.1.1 wsCcRfCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION " " MODULE -- this module MANDATORY-GROUPS { wsSwRoleFirewallGroup } ::= { wsSwRoleFirewallCompliances 1 } -- 1.3.6.1.4.1.388.14.2.20.1.1.100.2 wsSwRoleFirewallGroups OBJECT IDENTIFIER ::= { wsSwRoleFirewallConformance 2 } -- 1.3.6.1.4.1.388.14.2.20.1.1.100.2.1 wsSwRoleFirewallGroup OBJECT-GROUP OBJECTS { wsSwRoleSequenceNumber, wsSwRoleName, wsSwRoleAuthType, wsSwRoleAuthMatchExpression, wsSwRoleEncType, wsSwRoleEncMatchExpression, wsSwRoleLocation, wsSwRoleLocationMatchExpression, wsSwRoleEssid, wsSwRoleEssidMatchExpression, wsSwRoleMuMac, wsSwRoleMuMacMask, wsSwRoleRowStatus, wsSwRoleFirewallPolicyDirection, wsSwRoleFirewallPolicyAclName, wsSwRoleFirewallPolicyAclPrecedence, wsSwRoleFirewallPolicyRowStatus, wsSwRoleFirewallPolicyRoleName, wsSwRoleGroupName, wsSwRoleMuMacAny, wsSwRoleFirewallPolicyRolePriority, wsSwRoleConfigLastError, wsSwRoleRadioGroupMatchExpression, wsSwRoleApLocation, wsSwRoleApLocationExpression, wsSwRolePriority, wsSwRoleMuTableMUMac, wsSwRoleMuTableRoleName, wsSwRoleAssignmentImmediateEnable } STATUS current DESCRIPTION " " ::= { wsSwRoleFirewallGroups 1 } END -- -- WS-SW-ROLE-FIREWALL-MIB.my --