-
Notifications
You must be signed in to change notification settings - Fork 57
/
CISCO-802-TAP-MIB.mib
345 lines (299 loc) · 12.7 KB
/
CISCO-802-TAP-MIB.mib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
-- *****************************************************************
-- CISCO-802-TAP-MIB.my: Cisco intercept ("tap") MIB
--
-- September 2003, Srinivas Dhulipala
--
-- Copyright (c) 2003-2006 by Cisco Systems, Inc.
-- All rights reserved.
--
-- *****************************************************************
--
CISCO-802-TAP-MIB DEFINITIONS ::= BEGIN
IMPORTS
Integer32,
MODULE-IDENTITY,
OBJECT-TYPE,
Unsigned32
FROM SNMPv2-SMI
MODULE-COMPLIANCE,
OBJECT-GROUP
FROM SNMPv2-CONF
MacAddress,
RowStatus
FROM SNMPv2-TC
cTap2MediationContentId,
cTap2StreamIndex
FROM CISCO-TAP2-MIB
ciscoMgmt
FROM CISCO-SMI;
cisco802TapMIB MODULE-IDENTITY
LAST-UPDATED "200403110000Z"
ORGANIZATION "Cisco Systems, Inc."
CONTACT-INFO
" Cisco Systems
Customer Service
Postal:170 W. Tasman Drive
San Jose, CA 95134
USA
Tel:+1 800 553-NETS
E-mail:[email protected]"
DESCRIPTION
"This module manages Cisco's intercept feature for
802 (layer 2) streams.
This MIB is used along with CISCO-TAP2-MIB to
intercept 802 traffic. CISCO-TAP2-MIB along with
specific filter MIBs like this MIB replace
CISCO-TAP-MIB.
To create an 802 intercept, an entry c802tapStreamEntry
is created which contains the filter details. An entry
cTap2StreamEntry of CISCO-TAP2-MIB is created which
is the common stream information for all kinds of
intercepts and type of the specific stream is set to
mac in this entry."
REVISION "200403110000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { ciscoMgmt 395 }
cisco802TapMIBNotifs OBJECT IDENTIFIER ::= { cisco802TapMIB 0 }
cisco802TapMIBObjects OBJECT IDENTIFIER ::= { cisco802TapMIB 1 }
cisco802TapMIBConform OBJECT IDENTIFIER ::= { cisco802TapMIB 2 }
c802tapStreamEncodePacket OBJECT IDENTIFIER ::= { cisco802TapMIBObjects
1 }
--
-- The filter specifics for intercepting 802 traffic.
--
c802tapStreamCapabilities OBJECT-TYPE
SYNTAX BITS {
tapEnable(0),
interface(1),
dstMacAddr(2),
srcMacAddr(3),
ethernetPid(4),
dstLlcSap(5),
srcLlcSap(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object displays what types of intercept streams can be
configured on this type of device. This may be dependent on
hardware capabilities, software capabilities. The following
fields may be supported:
tapEnable: set if table entries with
cTap2StreamInterceptEnable set to 'false'
are used to pre-screen packets for intercept;
otherwise these entries are ignored.
interface: SNMP ifIndex Value may be used to select
interception of all data crossing an
interface or set of interfaces.
dstMacAddr: Destination MAC Address may be used to select
traffic to be intercepted.
srcMacAddr: Source MAC Address may be used to select
traffic to be intercepted.
ethernetPid: Ethernet Protocol Identifier may be used to
select traffic to be intercepted.
dstLlcSap: IEEE 802.2 Destination SAP may be used to
select traffic to be intercepted.
srcLlcSap: IEEE 802.2 Source SAP may be used to select
traffic to be intercepted."
::= { c802tapStreamEncodePacket 1 }
--
-- The "access list" for intercepting data at the IEEE 802
-- link layer
--
c802tapStreamTable OBJECT-TYPE
SYNTAX SEQUENCE OF C802tapStreamEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Intercept Stream 802 Table lists the IEEE 802 data streams
to be intercepted. The same data stream may be required by
multiple taps, and one might assume that often the intercepted
stream is a small subset of the traffic that could be
intercepted.
This essentially provides options for packet selection, only
some of which might be used. For example, if all traffic to or
from a given interface is to be intercepted, one would
configure an entry which lists the interface, and wild-card
everything else. If all traffic to or from a given MAC Address
is to be intercepted, one would configure two such entries
listing the MAC Address as source and destination respectively,
and wild-card everything else.
The first index indicates which Mediation Device the
intercepted traffic will be diverted to. The second index
permits multiple classifiers to be used together, such as
having a MAC address as source or destination.
Entries are added to this table via c802tapStreamStatus in
accordance with the RowStatus convention."
::= { c802tapStreamEncodePacket 2 }
c802tapStreamEntry OBJECT-TYPE
SYNTAX C802tapStreamEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A stream entry indicates a single data stream to be
intercepted to a Mediation Device. Many selected data
streams may go to the same application interface, and many
application interfaces are supported."
INDEX { cTap2MediationContentId, cTap2StreamIndex }
::= { c802tapStreamTable 1 }
C802tapStreamEntry ::= SEQUENCE {
c802tapStreamFields BITS,
c802tapStreamInterface Integer32,
c802tapStreamDestinationAddress MacAddress,
c802tapStreamSourceAddress MacAddress,
c802tapStreamEthernetPid Unsigned32,
c802tapStreamSourceLlcSap Unsigned32,
c802tapStreamDestinationLlcSap Unsigned32,
c802tapStreamStatus RowStatus
}
c802tapStreamFields OBJECT-TYPE
SYNTAX BITS {
interface(0),
dstMacAddress(1),
srcMacAddress(2),
ethernetPid(3),
dstLlcSap(4),
srcLlcSap(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object displays what attributes must be tested to
identify traffic which requires interception. The packet
matches if all flagged fields match.
interface: indicates that traffic on the stated
interface is to be intercepted
dstMacAddress: indicates that traffic destined to a
given address should be intercepted
srcMacAddress: indicates that traffic sourced from a
given address should be intercepted
ethernetPid: indicates that traffic with a stated
Ethernet Protocol Identifier should be
intercepted
dstLlcSap: indicates that traffic with an certain
802.2 LLC Destination SAP should be
intercepted
srcLlcSap: indicates that traffic with an certain
802.2 LLC Source SAP should be
intercepted
At least one of the bits has to be set in order to activate an
entry. If the bit is not on, the corresponding MIB object
value has no effect, and need not be specified when creating
the entry."
::= { c802tapStreamEntry 1 }
c802tapStreamInterface OBJECT-TYPE
SYNTAX Integer32 (-1 | 0 | 1..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The ifIndex value of the interface over which traffic to be
intercepted is received or transmitted. The interface may be
physical or virtual. If this is the only parameter specified,
and it is other than -1 or 0, all traffic on the selected
interface will be chosen.
If the value is zero, matching traffic may be received or
transmitted on any interface. Additional selection parameters
must be selected to limit the scope of traffic intercepted.
This is most useful on non-routing platforms or on intercepts
placed elsewhere than a subscriber interface.
If the value is -1, one or both of
c802tapStreamDestinationAddress and c802tapStreamSourceAddress
must be specified. Matching traffic on the interface pointed
to by the dot1dTpFdbPort values associated with those values is
intercepted, whichever is specified. If dot1dTpFdbPort
changes, either by operator action or by protocol events, the
interface will change with it. This is primarily intended for
use on subscriber interfaces and other places where routing is
guaranteed to be symmetrical.
In both of these cases, it is possible to have the same packet
selected for intersection on both its ingress and egress
interface. Nonetheless, only one instance of the packet is
sent to the Mediation Device.
This value must be set when creating a stream entry, either to
select an interface, to select all interfaces, or to select the
interface that bridging learns. Some platforms may not
implement the entire range of options."
REFERENCE "RFC 1493"
::= { c802tapStreamEntry 2 }
c802tapStreamDestinationAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Destination address used in packet selection."
::= { c802tapStreamEntry 3 }
c802tapStreamSourceAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Source Address used in packet selection."
::= { c802tapStreamEntry 4 }
c802tapStreamEthernetPid OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of the Ethernet Protocol Identifier, which may be
found on Ethernet traffic or IEEE 802.2 SNAP traffic."
::= { c802tapStreamEntry 5 }
c802tapStreamDestinationLlcSap OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of the IEEE 802.2 Destination SAP."
::= { c802tapStreamEntry 6 }
c802tapStreamSourceLlcSap OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of the IEEE 802.2 Source SAP."
::= { c802tapStreamEntry 7 }
c802tapStreamStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row. This object manages
creation, modification, and deletion of rows in this table.
When any rows must be changed, c802tapStreamStatus must
be first set to 'notInService'."
::= { c802tapStreamEntry 8 }
-- conformance information
cisco802TapMIBCompliances OBJECT IDENTIFIER ::= { cisco802TapMIBConform
1 }
cisco802TapMIBGroups OBJECT IDENTIFIER ::= { cisco802TapMIBConform
2 }
-- compliance statement
cisco802TapMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which implement the
Cisco Intercept MIB for 802 streams."
MODULE -- this module
MANDATORY-GROUPS {
cisco802TapStreamGroup
}
::= {cisco802TapMIBCompliances 1 }
-- units of conformance
cisco802TapStreamGroup OBJECT-GROUP
OBJECTS {
c802tapStreamCapabilities,
c802tapStreamFields,
c802tapStreamInterface,
c802tapStreamDestinationAddress,
c802tapStreamSourceAddress,
c802tapStreamEthernetPid,
c802tapStreamSourceLlcSap,
c802tapStreamDestinationLlcSap,
c802tapStreamStatus
}
STATUS current
DESCRIPTION
"These objects are necessary for a description of IEEE 802
packets to select for interception."
::= { cisco802TapMIBGroups 1 }
END