--**************************************************************************
--                                                                          
--    Copyright 2007 Broadcom Corporation                                   
--    All Rights Reserved                                                   
--    No portions of this material may be reproduced in any form without the
--    written permission of:                                                
--             Broadcom Corporation                                         
--             16251 Laguna Canyon Road                                     
--             Irvine, California  92618                                    
--    All information contained in this document is Broadcom Corporation    
--    company private, proprietary, and trade secret.                       
--                                                                          
--                                                                          
--                                                                          
--**************************************************************************
--    Filename: brcm-telnet-mgmt.mib
--    Author:   Kevin O'Neal
--    Creation Date: 6-march-2003
--
--**************************************************************************
--    Description:
--
--		private MIB for runtime (not factory) CM management
--		
--**************************************************************************
--    Revision History:
--
--**************************************************************************

BRCM-TELNET-MGMT-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY,
    OBJECT-TYPE,
    NOTIFICATION-TYPE,
    Integer32,
    Unsigned32,
    IpAddress,
    TimeTicks
        FROM SNMPv2-SMI
    DisplayString,
    TruthValue
        FROM SNMPv2-TC
    InetAddressType,
    InetAddress
        FROM INET-ADDRESS-MIB
    cableDataMgmtBase
        FROM BRCM-CABLEDATA-MGMT-MIB;
                
telnetMgmt MODULE-IDENTITY
    LAST-UPDATED "200702050000Z"
    ORGANIZATION "Broadcom Corporation"
    CONTACT-INFO
        "	BANANA-CABLEDATA
                (cableData branch of the
                Broadcom Assigned Numbers and Naming Authority)
                Broadcom Corporation

        Postal: 4385 River Green Parkway
                Duluth, GA  30096
                USA

           Tel: +1 770 232-0018

        E-mail: banana-cabledata@broadcom.com"
    DESCRIPTION
        "Broadcom proprietary MIB for runtime management and configuration
         of objects related to telnet."
    REVISION      "200702050000Z"
    DESCRIPTION
        "Module description was updated. 
         Compilability issues were cleaned up: 
         - Chronological order of revision history was corrected.
         - Changed access of objects telnetHackerAddressType and 
           telnetHackerAddress from not-accessible to accessible-for-notify
           so that they may legally be included in the object list for
           the telnetHackerTrap notification."
    REVISION      "200609290000Z"
    DESCRIPTION
        "Added object telnetHackerInactivityTimeout."
    REVISION      "200602020000Z"
    DESCRIPTION
        "Added object telnetSessionInactivityTimeout."
    REVISION      "200506080000Z"
    DESCRIPTION
        "Deprecated telnetSessionIp in favor of telnetSessionAddressType
         and telnetSessionAddress objects which are IPv6 friendly.  Also
         added telnetHackerTable."        
    REVISION      "200303060000Z"
    DESCRIPTION
        "Initial version of this MIB module."
    ::= { cableDataMgmtBase 1 }
    
telnetIpStackInterfaces OBJECT-TYPE
    SYNTAX      BITS {
                interface1(0),
                interface2(1),
                interface3(2),
                interface4(3),
                interface5(4),
                interface6(5),
                interface7(6),
                interface8(7)
    }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Controls and reflects the IP stack interfaces on which a telnet server
         is active."
    DEFVAL { '00'h }
    ::= { telnetMgmt 1 }

telnetUserName OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (0..15))
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Controls and reflects the user name which will be allowed telnet
         access."
    DEFVAL { "" }
    ::= { telnetMgmt 2 }

telnetPassword OBJECT-TYPE
    SYNTAX      DisplayString (SIZE (0..15))
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Controls and reflects the password which will be allowed telnet
         access."
    DEFVAL { "" }
    ::= { telnetMgmt 3 }

telnetServerControl OBJECT-TYPE
    SYNTAX      INTEGER {
                stop(0),
                start(1)
    }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Used to start or stop the telnet server.  When read, indicates
         the current state of the server."
    ::= { telnetMgmt 4 }

telnetSessionIp OBJECT-TYPE
    SYNTAX      IpAddress
    MAX-ACCESS  read-only
    STATUS      deprecated -- in favor of telnetSessionAddressType and telnetSessionAddress
    DESCRIPTION
        "This object gives the IP address of the most recently connected device.  
         If no session has taken place since the last reboot, this object will 
         read 0.0.0.0."
    ::= { telnetMgmt 5 }
    
telnetSessionInProgress OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Indicates whether or not a telnet session is currently in progress."
    ::= { telnetMgmt 6 }

telnetForceUserLogout OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "If a telnet session is currently in progress, setting this object
         to true(1) will terminate the session.  Setting to false(2) has
         no effect.  Always returns false(2) when read."
    ::= { telnetMgmt 7 }
    
telnetSessionAddressType OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The type of internet address used for telnetSessionAddress."
    ::= { telnetMgmt 8 }
    
telnetSessionAddress OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "This object gives the address of the most recently connected device.  
         If no session has taken place since the last reboot, this object will 
         report an empty string."
    ::= { telnetMgmt 9 }
    
telnetHackerTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF TelnetHackerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "A table of internet addresses which have been blacklisted from telnet
         access on this station.  Blacklisting occurs when a login attempt
         fails a number of times from the given address."
    ::= { telnetMgmt 10 }
    
telnetHackerEntry OBJECT-TYPE
    SYNTAX      TelnetHackerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "An entry representing a single blacklisted address."
    INDEX   { telnetHackerAddressType, telnetHackerAddress }    
    ::= { telnetHackerTable 1 }
    
TelnetHackerEntry ::= 
    SEQUENCE    {
                telnetHackerAddressType InetAddressType,
                telnetHackerAddress     InetAddress,
                telnetHackerNumAttempts Unsigned32,
                telnetHackerLastTime    TimeTicks
    }

telnetHackerAddressType OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "The type of internet address used for telnetHackerAddress."
    ::= { telnetHackerEntry 1 }
    
telnetHackerAddress OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "The address of an device which has unsuccessfully attempted to log in 
         to this station enough times to be blacklisted as a hacker."
    ::= { telnetHackerEntry 2 }
    
telnetHackerNumAttempts OBJECT-TYPE
    SYNTAX         Unsigned32
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION
        "The number of times that the device represented by this entry has
         attempted to log in to this station."
    ::= { telnetHackerEntry 3 }
    
telnetHackerLastTime OBJECT-TYPE
    SYNTAX         TimeTicks
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION
        "The value of sysUpTime when this row was created, or when the value
         of telnetHackerNumAttempts was last incremented."
    ::= { telnetHackerEntry 4 }
    
telnetSessionInactivityTimeout OBJECT-TYPE
    SYNTAX      INTEGER (0..86400)
    UNITS       "seconds"
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object controls the length of time after which a telnet session
         will be terminated if there is no activity.  Note that if this object
         is set to zero, the session will never be terminated due to 
         inactivity."
    DEFVAL { 0 }
    ::= { telnetMgmt 11 }
    
telnetHackerInactivityTimeout OBJECT-TYPE
    SYNTAX      INTEGER (-1..86400)
    UNITS       "seconds"
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object controls the length of time after which an entry in the
         telnetHackerTable will be removed if there are no further attempts to
         access the system from the corresponding telnetHackerAddress. Note 
         that if this object is set to zero, the telnetHackerTable will be
         effectively disabled and no IP addresses will be blacklisted for
         unauthorized access.  If set to -1, entries in the telnetHackerTable
         will never be aged out and once blacklisted, only a system reboot
         will allow another attempted login from the blacklisted address." 
    DEFVAL { -1 }
    ::= { telnetMgmt 12 }
    

--
-- Notifications, aka traps.
--
-- Note that this MIB is rather poorly designed in that all the objects
-- reside immediately under the MODULE-IDENTITY node, so there's no really 
-- good node to reserve for traps.  So we'll just pick 99 which allows
-- some room to add objects if needed.
--
    
telnetTraps OBJECT IDENTIFIER ::= { telnetMgmt 99 }
    
telnetHackerTrap NOTIFICATION-TYPE
    OBJECTS { 
              telnetHackerAddressType,
              telnetHackerAddress,
              telnetHackerNumAttempts,
              telnetHackerLastTime
            }
    STATUS current
    DESCRIPTION
        "An entry has been added to the telnetHackerTable, indicating repeated
         unauthorized login attempts by the device indicated."
    ::= { telnetTraps 1 }
    
END
