-- *****************************************************************
-- CISCO-VOIP-TAP-MIB.my: Cisco intercept extension MIB for VoIP
--
--	October 2009, Sunil Jain
--	Copyright (c) 2009 by cisco Systems, Inc.
--	All rights reserved.
--
-- *****************************************************************
--

CISCO-VOIP-TAP-MIB DEFINITIONS ::= BEGIN
IMPORTS
      Integer32,
      MODULE-IDENTITY,
      OBJECT-TYPE
      FROM SNMPv2-SMI
      MODULE-COMPLIANCE,
      OBJECT-GROUP
      FROM SNMPv2-CONF
      RowStatus,
      TEXTUAL-CONVENTION
      FROM SNMPv2-TC
      cTap2MediationContentId,
      cTap2StreamIndex
      FROM CISCO-TAP2-MIB
      ciscoMgmt
      FROM CISCO-SMI;

ciscoVoIpTapMIB MODULE-IDENTITY
      LAST-UPDATED  "200910010000Z"
      ORGANIZATION  "Cisco Systems, Inc."
      CONTACT-INFO
              "      Cisco Systems
                     Customer Service

                     Postal:170 W. Tasman Drive
                     San Jose, CA  95134
                     USA

                     Tel:+1 800 553-NETS
                     E-mail:cs-li@cisco.com"
      DESCRIPTION
        "This module manages Cisco's intercept feature for Voice
         over IP (VoIP). This MIB is used along with CISCO-TAP2-MIB 
         to intercept VoIP Control and Data traffic."
      REVISION        "200910010000Z"
      DESCRIPTION
        "Initial version of this MIB module."
     ::= { ciscoMgmt 716 }

ciscoVoIpTapMIBNotifs       OBJECT IDENTIFIER ::= { ciscoVoIpTapMIB 0 }
ciscoVoIpTapMIBObjects      OBJECT IDENTIFIER ::= { ciscoVoIpTapMIB 1 }
ciscoVoIpTapMIBConform      OBJECT IDENTIFIER ::= { ciscoVoIpTapMIB 2 }

cvoiptapStreamEncodePacket OBJECT IDENTIFIER ::= 
                                           { ciscoVoIpTapMIBObjects 1 }

-- ********************************************************************
-- *                                                                  *
-- * Textual Conventions                                              *
-- *                                                                  *
-- ********************************************************************
CvoipWarrantId ::= TEXTUAL-CONVENTION
        STATUS          current
        DESCRIPTION
                "The warrant identifier used by the Mediation Device."
        SYNTAX OCTET STRING ( SIZE ( 0..30 ) )

CvoipSubscriberId ::= TEXTUAL-CONVENTION
        STATUS          current
        DESCRIPTION
              "The subscriber identifier for identifying the endpoint."
        SYNTAX OCTET STRING ( SIZE ( 0..256 ) )

--
--The filter specifics for intercepting VoIP Signaling and Data traffic
-- 

cvoiptapStreamCapabilities  OBJECT-TYPE
     SYNTAX     BITS {
           tapEnable(0),
           usernameOrNumber(1),
           uri(2)
       }
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
       "This object identifies what types of intercept streams can be
        configured on this type of device. This may be dependent on
        hardware capabilities, software capabilities. The following
        fields may be supported:
             tapEnable:   set if table entries with
                          cTap2StreamInterceptEnable set to 'false'
                          are used to pre-screen packets for intercept
                          otherwise these entries are ignored.
             usernameOrNumber: SNMP ifIndex value may be used to 
                          select interception of calls to or from 
                          a user or phone number may be used to 
                          select traffic to be intercepted.
             uri:         Session Initiation Protocol (SIP) Uniform 
                          Resource Identifier (URI) may be used to 
                          select traffic to be intercepted."
     ::= { cvoiptapStreamEncodePacket 1 }

--
--The 'list' for intercepting voice signaling and/or data traffic.
--


cvoiptapStreamTable OBJECT-TYPE
     SYNTAX       SEQUENCE OF CvoiptapStreamEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "The Intercept Stream VoIP Table lists the streams to be 
         intercepted. To create a VoIP intercept, an entry 
         cvoiptapStreamEntry is created which contains the 
         filter details. An entry cTap2StreamEntry of CISCO-TAP2-MIB 
         is created, which is the common stream information for all 
         kinds of intercepts and type of the specific stream is set 
         to IP in this entry. The same data stream may be required by 
         multiple taps, and one might assume that often the 
         intercepted stream is a small subset of the traffic that 
         could be intercepted.  This essentially provides options 
         for call selection. For example, if all traffic to or from 
         a given user is to be intercepted, one would configure an 
         entry which lists the user with approprite tap type. The 
         first index indicates which Mediation Device the intercepted 
         traffic will be diverted to. The second index permits 
         multiple classifiers to be used together, such as having an 
         IP address as source or destination. The value of the second 
         index is that of the stream's counter entry in the 
         cTap2StreamTable. Entries are added to this table via 
         citapStreamStatus in accordance with the RowStatus 
         convention."
     ::= { cvoiptapStreamEncodePacket 2 }

cvoiptapStreamEntry OBJECT-TYPE
     SYNTAX     CvoiptapStreamEntry
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "A stream entry indicates a single data stream to be
          intercepted to a Mediation Device. Many selected data
          streams may go to the same application interface, and many
          application interfaces are supported."
     INDEX      { cTap2MediationContentId, cTap2StreamIndex }
     ::= { cvoiptapStreamTable 1 }

CvoiptapStreamEntry::= SEQUENCE {
        cvoiptapStreamId                 CvoipWarrantId,
        cvoiptapStreamType               INTEGER,
        cvoiptapStreamMatch              CvoipSubscriberId,
        cvoiptapStreamMatchType          INTEGER,
        cvoiptapStreamCCMediationDevice  Integer32,
        cvoiptapStreamRowStatus          RowStatus
}


cvoiptapStreamId OBJECT-TYPE
     SYNTAX     CvoipWarrantId
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
         "This object uniquely identifies this warrant. 
          It has to be unique among all the rows."
     ::= { cvoiptapStreamEntry 1 }

cvoiptapStreamType OBJECT-TYPE
     SYNTAX     INTEGER { pen(1), 
                          trace(2), 
                          penAndTrace(3), 
                          intercept(4) 
                        }
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
        "pen :         Pen Register - provides trace of all outgoing 
                       calls.  Only Call Data is sent.
         trace :       Trace - provides trace of all incoming calls.  
                       Only Call Data is sent.
         penAndTrace : Provides trace of both incoming and outgoing 
                       calls.  Only Call Data is sent.
         intercept :   Provides both Call Data and Call Content to 
                       Commission on Accreditation for Law 
                       Enforcement Agencies (CALEA). Intercept 
                       is applicable to both originating and 
                       terminating calls."
     DEFVAL     { intercept }
     ::= { cvoiptapStreamEntry 2 }


cvoiptapStreamMatch OBJECT-TYPE
     SYNTAX     CvoipSubscriberId
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
     "This field describes the candidate which needs to be tapped."
     ::= { cvoiptapStreamEntry 3 }


cvoiptapStreamMatchType OBJECT-TYPE
     SYNTAX     INTEGER { usernameOrNumber(1), uri(2) }
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
         "This field specifies the type of information in 
          cvoiptapStreamMatch. A subscriber or intercept candidate can
          be defined either as username, phone number or Session 
          Initiation Protocol (SIP) Uniform Resource Identifier (URI). 
          'username' is defined as per RFC-3261. Same value is being 
          used for either username or phone number."
     DEFVAL { usernameOrNumber } 
     ::= { cvoiptapStreamEntry 4 }

cvoiptapStreamCCMediationDevice OBJECT-TYPE
     SYNTAX     Integer32
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
         "This object points to a row in Mediation Table which contains
          the IP address and port number for sending the Call Content 
          intercept information."
     ::= { cvoiptapStreamEntry 5 }

cvoiptapStreamRowStatus OBJECT-TYPE
     SYNTAX     RowStatus
     MAX-ACCESS read-create
     STATUS     current
     DESCRIPTION
         "The status of this conceptual row. This object manages
          creation, modification, and deletion of rows in this table.
          When any rows must be changed, cvoiptapStreamRowStatus must 
          be first set to 'notInService'. Row will be created when
          the service provider has to provision a tap for a VoIP 
          endpoint. Row will be deleted when the warrant has expired.
          Row will be changed when the warrant type has been changed.
          cTap2StreamTable defined in CISCO-TAP2-MIB goes in 
          conjunction with this row, using the same index."
     ::= { cvoiptapStreamEntry 6 }

--	conformance information


ciscoVoIpTapMIBCompliances OBJECT IDENTIFIER ::= 
                                           { ciscoVoIpTapMIBConform 1 }
ciscoVoIpTapMIBGroups      OBJECT IDENTIFIER ::= 
                                           { ciscoVoIpTapMIBConform 2 }

--	compliance statement


ciscoVoIpTapMIBCompliance MODULE-COMPLIANCE
     STATUS  current
     DESCRIPTION
        "The compliance statement for entities which implement the 
         Cisco Intercept MIB for VoIP."
     MODULE        -- this module
     MANDATORY-GROUPS {
          ciscoVoIpTapStreamGroup
     }
     ::= {ciscoVoIpTapMIBCompliances 1 }

--	units of conformance

ciscoVoIpTapStreamGroup OBJECT-GROUP
     OBJECTS {
          cvoiptapStreamCapabilities,
          cvoiptapStreamId,
          cvoiptapStreamType,
          cvoiptapStreamMatch,
          cvoiptapStreamMatchType,
          cvoiptapStreamCCMediationDevice,
          cvoiptapStreamRowStatus
     }
     STATUS     current
     DESCRIPTION
        "These objects are necessary for a description of VoIP 
         Signaling and Data packets to select for interception."
     ::= { ciscoVoIpTapMIBGroups 1 }
END


