ELTEX-MES-SECURITY-SUITE-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, 
    OBJECT-TYPE,
    Counter32,
    Unsigned32     
        FROM SNMPv2-SMI
        
    VlanId
        FROM Q-BRIDGE-MIB

    InterfaceIndex
        FROM IF-MIB
        
    InetAddress,
    InetAddressType
      FROM INET-ADDRESS-MIB

    TEXTUAL-CONVENTION,
    TruthValue, 
    DisplayString  
        FROM SNMPv2-TC
    eltMes  
        FROM ELTEX-MES
    RlSecuritySuiteSynProtectionPortMode
        FROM RADLAN-SECURITY-SUITE;

eltMesSecuritySuiteMIB MODULE-IDENTITY
           LAST-UPDATED "202005080000Z" 
           ORGANIZATION "Eltex Enterprise Co, Ltd." 
           CONTACT-INFO "eltex-co.ru" 
           DESCRIPTION  "MIB for security suite protection." 

           REVISION "202005080000Z" 
           DESCRIPTION "Initial revision." 
        ::= { eltMes 19 }

eltMesSecuritySuiteMIBObjects OBJECT IDENTIFIER ::= { eltMesSecuritySuiteMIB 1 }
eltMesSecuritySuiteGlobals    OBJECT IDENTIFIER ::= { eltMesSecuritySuiteMIBObjects 1 } 

-------------------------------------------------------------------------------
--
-- TCP Syn Protection
--

eltMesSecuritySuiteSynProtection        OBJECT IDENTIFIER ::= { eltMesSecuritySuiteMIBObjects 2 }
eltMesSecuritySuiteSynProtectionGlobals OBJECT IDENTIFIER ::= { eltMesSecuritySuiteSynProtection 1 }

-------------------------------------------------------------------------------
eltMesSecuritySuiteSynProtectionStatistics OBJECT IDENTIFIER ::= { eltMesSecuritySuiteSynProtection 2 }


eltSecuritySuiteSynProtectionStatsEnable OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
        "Enables statistics for TCP SYN Protection feature."
    ::= { eltMesSecuritySuiteSynProtectionStatistics 1 }
    
    
eltSecuritySuiteSynProtectionStatsClearAction OBJECT-TYPE
    SYNTAX      INTEGER {
       noAction(1),  -- for get only
       clearNow(2)
    }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Used to clear Syn protection statistics Table."
    ::= { eltMesSecuritySuiteSynProtectionStatistics 2 }

--
-- TCP Syn Protection Flow Statistics Table.
--

eltSecuritySuiteSynProtectionFlowTable OBJECT-TYPE
    SYNTAX SEQUENCE OF EltSecuritySuiteSynProtectionFlowEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table stores detailed information about TCP SYN
         flows destined to the local device."
    ::= { eltMesSecuritySuiteSynProtectionStatistics 3 }

eltSecuritySuiteSynProtectionFlowEntry OBJECT-TYPE
    SYNTAX     EltSecuritySuiteSynProtectionFlowEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "Each entry represents a single TCP SYN flow uniquely defined by 6-tuple index: 
         Interface, VLAN ID, Source address and TCP port, Destination address and TCP port.
         
         After the maximum number of entries in the table is reached, the entries with the 
         oldest activity time are deleted to be replaced with the new flows."
    INDEX { eltSecuritySuiteSynProtectionFlowIfIndex,
            eltSecuritySuiteSynProtectionFlowVlanId,
            eltSecuritySuiteSynProtectionFlowSrcAddrType,
            eltSecuritySuiteSynProtectionFlowSrcAddr,
            eltSecuritySuiteSynProtectionFlowSrcPort,
            eltSecuritySuiteSynProtectionFlowDstAddrType,
            eltSecuritySuiteSynProtectionFlowDstAddr, 
            eltSecuritySuiteSynProtectionFlowDstPort
 }
    ::= { eltSecuritySuiteSynProtectionFlowTable 1 }

EltSecuritySuiteSynProtectionFlowEntry::= SEQUENCE {
    eltSecuritySuiteSynProtectionFlowIfIndex          InterfaceIndex,
    eltSecuritySuiteSynProtectionFlowVlanId           VlanId,
    eltSecuritySuiteSynProtectionFlowSrcAddrType      InetAddressType,
    eltSecuritySuiteSynProtectionFlowSrcAddr          InetAddress,
    eltSecuritySuiteSynProtectionFlowSrcPort          Unsigned32,
    eltSecuritySuiteSynProtectionFlowDstAddrType      InetAddressType,
    eltSecuritySuiteSynProtectionFlowDstAddr          InetAddress,
    eltSecuritySuiteSynProtectionFlowDstPort          Unsigned32,
    eltSecuritySuiteSynProtectionFlowCurrentRate      Unsigned32,
    eltSecuritySuiteSynProtectionFlowMaxRate          Unsigned32,
    eltSecuritySuiteSynProtectionFlowTotalCount       Counter32,
    eltSecuritySuiteSynProtectionFlowLastTimeAttack   DisplayString,
    eltSecuritySuiteSynProtectionFlowStatus           RlSecuritySuiteSynProtectionPortMode,
    eltSecuritySuiteSynProtectionFlowId               Counter32
    }

eltSecuritySuiteSynProtectionFlowIfIndex OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "Interface on which the flow was received."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 1 }
    
eltSecuritySuiteSynProtectionFlowVlanId  OBJECT-TYPE
    SYNTAX     VlanId
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "VLAN ID on which the flow was received."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 2 }
    
eltSecuritySuiteSynProtectionFlowSrcAddrType OBJECT-TYPE
    SYNTAX  InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Source IP address type of TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 3 }
    
eltSecuritySuiteSynProtectionFlowSrcAddr OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "Source IP address of TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 4 }
    
eltSecuritySuiteSynProtectionFlowSrcPort OBJECT-TYPE
    SYNTAX     Unsigned32(0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "Source port of the TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 5 }
    
eltSecuritySuiteSynProtectionFlowDstAddrType OBJECT-TYPE
    SYNTAX  InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Destination IP address type of TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 6 }
    
eltSecuritySuiteSynProtectionFlowDstAddr OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "Destination IP address of the TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 7 }

eltSecuritySuiteSynProtectionFlowDstPort OBJECT-TYPE
    SYNTAX     Unsigned32(0..65535)
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "Destination port of the TCP SYN packets in the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 8 }

eltSecuritySuiteSynProtectionFlowCurrentRate OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of packets received in the flow per second."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 9 }

eltSecuritySuiteSynProtectionFlowMaxRate OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The maximum number of packets received in the flow per second."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 10 }

eltSecuritySuiteSynProtectionFlowTotalCount OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The total number of packets received in the flow"
    ::= { eltSecuritySuiteSynProtectionFlowEntry 11 }
    
eltSecuritySuiteSynProtectionFlowLastTimeAttack OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The time at which the last attack occurred."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 12 }
    
eltSecuritySuiteSynProtectionFlowStatus OBJECT-TYPE
    SYNTAX     RlSecuritySuiteSynProtectionPortMode
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
        "The operational status of the interface the flow was received on, 
         defined by Security Suite application."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 13 }
    
eltSecuritySuiteSynProtectionFlowId OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "A unique numeric ID of the flow."
    ::= { eltSecuritySuiteSynProtectionFlowEntry 14 }

END
