FDRY-IP-SOURCE-GUARD-MIB DEFINITIONS ::= BEGIN

IMPORTS
	MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, IpAddress
	   FROM SNMPv2-SMI
	snSwitch
	   FROM FOUNDRY-SN-SWITCH-GROUP-MIB
	TruthValue, RowStatus, TEXTUAL-CONVENTION
	   FROM SNMPv2-TC
	VlanIndex
	   FROM Q-BRIDGE-MIB
	ifIndex, InterfaceIndex
	   FROM IF-MIB;
	  
fdryIpSrcGuardMIB MODULE-IDENTITY
	LAST-UPDATED "201708070000Z" -- Aug 7, 2017
	ORGANIZATION "Ruckus Wireless, Inc."
	CONTACT-INFO
		"Technical Support Center
              350 West Java Drive,
              Sunnyvale, CA 94089, USA
              Support URL: https://support.ruckuswireless.com
              Phone: +1-855-782-5871
              ROW TF Numbers: https://support.ruckuswireless.com/contact-us"
	DESCRIPTION
		"Management Information for configuration of IP Source Guard feature. 
		IP Source Guard is a security feature that restricts IP traffic on untrusted 
		ports by filtering traffic based on the DHCP snooping binding database or 
		manually configured IP source bindings.
			
		Copyright 1996-2017 Ruckus Wireless, Inc.  
  		All rights reserved.
  		This Ruckus Wireless, Inc SNMP Management Information Base Specification
 		embodies Ruckus Wireless, Inc' confidential and proprietary
 		intellectual property. Ruckus Wireless, Inc retains all
  		title and ownership in the Specification, including any revisions.
                                                
 		This Specification is supplied AS IS, and Ruckus Wireless, Inc makes
 		no warranty, either express or implied, as to the use,
 		operation, condition, or performance of the specification, and any unintended 
 		consequence it may on the user environment."
 		
 	REVISION        "201007260000Z" -- July 26, 2010
 	DESCRIPTION  
 		"Changed the ORGANIZATION, CONTACT-INFO and DESCRIPTION fields."
 		
	REVISION     "201002220000Z" -- February 22, 2010
	DESCRIPTION
		""
	REVISION     "201708070000Z" -- Aug 7, 2017
	DESCRIPTION
        	     "Modified contact Info, Organization and Description"
   ::= { snSwitch 37}

BindMode ::= TEXTUAL-CONVENTION
	STATUS	  current
	DESCRIPTION
		"Represents mode of the IP Source Guard entry."
	SYNTAX     INTEGER {
		other(1),
		active(2),
		inactive(3)
		}

BindType ::= TEXTUAL-CONVENTION
	STATUS	  current
	DESCRIPTION
		"Represents type of the IP Source Guard entry."
	SYNTAX     INTEGER {
		other(1),
		ip(2)
		}
		
fdryIpSrcGuardInterface  OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 1 }
fdryIpSrcGuardPortVlan OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 2 }
fdryIpSrcGuardBind OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 3 }

--
-- IP Source Guard Interface configuration table
--

fdryIpSrcGuardIfConfigTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardIfConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the mechanism to configure enabling or disabling 
		IP Source Guard purpose at each physical interface."
	::= { fdryIpSrcGuardInterface 1 }

fdryIpSrcGuardIfConfigEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardIfConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains the configuration to enable or disable IP 
		Source Guard at each physical interface capable of this feature."
	INDEX { ifIndex }
	::= { fdryIpSrcGuardIfConfigTable 1 }

FdryIpSrcGuardIfConfigEntry ::= SEQUENCE {
	fdryIpSrcGuardIfEnable 
		TruthValue
	}

fdryIpSrcGuardIfEnable  OBJECT-TYPE
	SYNTAX		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object indicates whether IP Source Guard is 
		enabled  at this interface.
		If this object is set to 'true', IP Source Guard is enabled.
		Traffic  coming to this interface will be forwarded. If it is 
		 from the list of IP addresses obtained from DHCP snooping.
		 Otherwise it is denied.
		If this object is set to 'false', IP Source Guard is disabled."
	::= { fdryIpSrcGuardIfConfigEntry 1 }

--
-- IP Source Guard per-port-per-VLAN configuration table
--

fdryIpSrcGuardPortVlanConfigTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardPortVlanConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the mechanism to configure enabling or disabling 
		IP Source Guard purpose per port per VLAN."
	::= { fdryIpSrcGuardPortVlan 1 }

fdryIpSrcGuardPortVlanConfigEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardPortVlanConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains the configuration to enable or disable IP 
		Source Guard per port per VLAN of this feature."
	INDEX { fdryIpSrcGuardPortVlanPortId, fdryIpSrcGuardPortVlanVlanId }
	::= { fdryIpSrcGuardPortVlanConfigTable 1 }

FdryIpSrcGuardPortVlanConfigEntry ::= SEQUENCE {
	fdryIpSrcGuardPortVlanPortId
		InterfaceIndex,
	fdryIpSrcGuardPortVlanVlanId
		VlanIndex,
	fdryIpSrcGuardPortVlanEnable 
		TruthValue
	}

fdryIpSrcGuardPortVlanPortId OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "The ifIndex of the port for IP Source Guard purpose per port per VLAN."
    ::= { fdryIpSrcGuardPortVlanConfigEntry 1 }

fdryIpSrcGuardPortVlanVlanId OBJECT-TYPE
    SYNTAX     VlanIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "The number of VLAN for IP Source Guard purpose per port per VLAN."
    ::= { fdryIpSrcGuardPortVlanConfigEntry 2 }

fdryIpSrcGuardPortVlanEnable  OBJECT-TYPE
	SYNTAX		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object indicates whether IP Source Guard is 
		enabled at this interface and this VLAN number.
		If this object is set to 'true', IP Source Guard per-port-per-VLAN is enabled.
		If this object is set to 'false', IP Source Guard per-port-per-VLAN is disabled."
	::= { fdryIpSrcGuardPortVlanConfigEntry 3 }

--
-- IP Source Guard binding table
-- Use this table to configure Ip source entries
--

fdryIpSrcGuardBindTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardBindEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the information of IP addresses used IP Source 
		Guard purpose at each physical interface with or without specific VLAN 
		memberships  "
	::= { fdryIpSrcGuardBind 1 }

fdryIpSrcGuardBindEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardBindEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains IP address used for IP Source Guard purpose 
		at each physical interface with or without specific VLAN memberships ."
	INDEX { ifIndex, fdryIpSrcGuardBindIpAddr }
	::= { fdryIpSrcGuardBindTable 1 }

FdryIpSrcGuardBindEntry ::= SEQUENCE {
	fdryIpSrcGuardBindIpAddr 
		IpAddress,
	fdryIpSrcGuardBindVlanId
		Unsigned32,
	fdryIpSrcGuardBindRowStatus
		RowStatus,
	fdryIpSrcGuardBindMode
		BindMode,
	fdryIpSrcGuardBindType
		BindType
	}
	
fdryIpSrcGuardBindIpAddr  OBJECT-TYPE
	SYNTAX		IpAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The device IP address."
	::= { fdryIpSrcGuardBindEntry 1}

fdryIpSrcGuardBindVlanId  OBJECT-TYPE
	SYNTAX		Unsigned32
	MAX-ACCESS	read-create
	STATUS 		current
	DESCRIPTION
		"This object indicates the specific VLAN memberships on this interface.
		The VLAN number is optional. If you configure a VLAN number, the bindings
		applies to that VLAN only. If you do not configure a VLAN number, the static 
		applies to all VLANs associated with the port. In this case, the VLAN number 
		will be displayed as 0."
	::= { fdryIpSrcGuardBindEntry 2 }

fdryIpSrcGuardBindRowStatus  OBJECT-TYPE
 	SYNTAX  RowStatus
 	MAX-ACCESS  read-create
 	STATUS  current
 	DESCRIPTION
 		"This variable is used to create, or
 		delete a row in this table. When a row in this
 		table is in active(1) state, no objects in that row
 		can be modified except this object."
 	::= { fdryIpSrcGuardBindEntry 3 }

fdryIpSrcGuardBindMode OBJECT-TYPE
	SYNTAX    BindMode 
	MAX-ACCESS read-only
	STATUS     current
	DESCRIPTION
		"The mode of the IP Source Guard entry"
	::= { fdryIpSrcGuardBindEntry 4 }

fdryIpSrcGuardBindType OBJECT-TYPE
	SYNTAX    BindType 
	MAX-ACCESS read-only
	STATUS     current
	DESCRIPTION
		"The type of the IP Source Guard entry"
	::= { fdryIpSrcGuardBindEntry 5 }

	
   END
