HM2-PLATFORM-PORTSECURITY-MIB DEFINITIONS ::= BEGIN

-- 
-- ***********************************************************
-- Hirschmann Platform Portsecurity MIB
-- ***********************************************************
--

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
    Unsigned32                          FROM SNMPv2-SMI
    DisplayString,
    MacAddress,
    TruthValue                          FROM SNMPv2-TC
    ifIndex                             FROM IF-MIB
   	hm2PlatformMibs, HmEnabledStatus	FROM HM2-TC-MIB;

hm2PlatformPortSecurity MODULE-IDENTITY
	LAST-UPDATED "201107120000Z" -- July 12, 2011
    ORGANIZATION "Hirschmann Automation and Control GmbH"
    CONTACT-INFO
        "Postal:     Stuttgarter Str. 45-51
                     72654 Neckartenzlingen
                     Germany
         Phone:      +49 7127 140
         E-mail:     hac.support@belden.com"
   	DESCRIPTION
          "The Hirschmann Private Platform2 MIB for Port Security Feature.
		   Copyright (C) 2011. All Rights Reserved."
    REVISION
          "201107120000Z" -- 12 July 2011 12:00:00 GMT
    DESCRIPTION
          "Initial release."
      ::= { hm2PlatformMibs 20 }

     --**************************************************************************************
    -- hm2AgentPortSecurityGroup -> contains MIB objects displaying Port Security
    --
    --**************************************************************************************

hm2AgentPortSecurityGroup OBJECT IDENTIFIER ::= { hm2PlatformPortSecurity 1}

hm2AgentGlobalPortSecurityMode OBJECT-TYPE
    SYNTAX      HmEnabledStatus
	MAX-ACCESS 	read-write
	STATUS 		current
	DESCRIPTION
		"Mode showing whether at the global level, port security is enabled or not."
    DEFVAL { disable }
	::={ hm2AgentPortSecurityGroup 1 }

hm2AgentPortSecurityTable OBJECT-TYPE
	SYNTAX	     SEQUENCE OF Hm2AgentPortSecurityEntry
	MAX-ACCESS   not-accessible
	STATUS       current
	DESCRIPTION "A table for Port Security and associated functionality."
	::= { hm2AgentPortSecurityGroup 2 }

hm2AgentPortSecurityEntry OBJECT-TYPE
	SYNTAX Hm2AgentPortSecurityEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION "Represents entry for port security table"
	INDEX       { ifIndex }
	::={ hm2AgentPortSecurityTable 1}

	Hm2AgentPortSecurityEntry ::=
		SEQUENCE {
		hm2AgentPortSecurityMode
			HmEnabledStatus,
		hm2AgentPortSecurityDynamicLimit
			Unsigned32,
		hm2AgentPortSecurityStaticLimit
			Unsigned32,
        hm2AgentPortSecurityViolationTrapMode
        	HmEnabledStatus,
        hm2AgentPortSecurityStaticMACs
    		DisplayString,
        hm2AgentPortSecurityLastDiscardedMAC
        	DisplayString,
        hm2AgentPortSecurityMACAddressAdd
    		DisplayString,
        hm2AgentPortSecurityMACAddressRemove
        	DisplayString,
        hm2AgentPortSecurityMACAddressMove
        	HmEnabledStatus,
        hm2AgentPortSecurityDynamicCount
        	Unsigned32,
        hm2AgentPortSecurityStaticCount
        	Unsigned32,
    	hm2AgentPortSecurityViolationTrapCount
        	Unsigned32,
        hm2AgentPortSecurityViolationTrapFrequency
        	Unsigned32,
        hm2AgentPortSecurityAutoDisable
            TruthValue
		}

	hm2AgentPortSecurityMode OBJECT-TYPE
      SYNTAX      	HmEnabledStatus
	  MAX-ACCESS 	read-write
	  STATUS 		current
	  DESCRIPTION
		"Mode showing whether at port level security is enabled or not."
          DEFVAL { disable }
          ::={ hm2AgentPortSecurityEntry 1 }

	hm2AgentPortSecurityDynamicLimit OBJECT-TYPE
        SYNTAX  Unsigned32(0..600)
		MAX-ACCESS read-write
		STATUS current
		DESCRIPTION
			"This variable signifies the limit of dynamically locked MAC addresses
			 allowed on a specific port."
	    DEFVAL { 600 }
	::={ hm2AgentPortSecurityEntry 2 }

	hm2AgentPortSecurityStaticLimit OBJECT-TYPE
        SYNTAX  Unsigned32(0..64)
		MAX-ACCESS read-write
		STATUS current
		DESCRIPTION
			"This variable signifies the limit of statically locked MAC addresses
			 allowed on a specific port."
	    DEFVAL { 64 }
		::={ hm2AgentPortSecurityEntry 3 }

	hm2AgentPortSecurityViolationTrapMode OBJECT-TYPE
		SYNTAX      HmEnabledStatus
		MAX-ACCESS read-write
		STATUS current
		DESCRIPTION
			"This variable is used to enable or disable the sending of new violation
			 traps designating when a packet with a disallowed MAC address is
			 received on a locked port."
		DEFVAL { disable }
		::={hm2AgentPortSecurityEntry 4 }

	hm2AgentPortSecurityStaticMACs OBJECT-TYPE
		SYNTAX      DisplayString (SIZE(0..1536))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"This variable displays the statically locked MAC addresses for port.
			 The list displayed in a particular fashion :
			 2 a0:b1:c2:d1:e3:a1,11 a0:b1:c2:d3:e4:f5
			 (i.e., VLAN MAC pairs separated by commas)."
		::={hm2AgentPortSecurityEntry 6 }

	hm2AgentPortSecurityLastDiscardedMAC OBJECT-TYPE
		SYNTAX      DisplayString
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"This variable displays the vlan-id and source MAC address of the last packet that was
			 discarded on a locked port."
		::={hm2AgentPortSecurityEntry 7 }


	hm2AgentPortSecurityMACAddressAdd OBJECT-TYPE
    	SYNTAX      DisplayString
        MAX-ACCESS  read-write
        STATUS current
	    DESCRIPTION
			"This MIB variable accepts a VLAN id and MAC address to be added to the list
		 	of statically locked MAC addresses on a port. The VLAN id and MAC address combination
		 	would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
		 	MAC address separated by a blank-space)."
        ::={ hm2AgentPortSecurityEntry 8 }

    hm2AgentPortSecurityMACAddressRemove OBJECT-TYPE
    	SYNTAX      DisplayString
        MAX-ACCESS  read-write
	    STATUS current
	    DESCRIPTION
			"This MIB variable accepts a VLAN id and MAC address to be removed from the list
		 	of statically locked MAC addresses on a port.. The VLAN id and MAC address combination
		 	would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
		 	MAC address separated by a blank-space)."
        ::={ hm2AgentPortSecurityEntry 9 }

     hm2AgentPortSecurityMACAddressMove OBJECT-TYPE
    	SYNTAX      HmEnabledStatus
        MAX-ACCESS  read-write
	    STATUS current
	    DESCRIPTION
			"When this object is enabled, all the dynamically locked MAC addresses will
             be moved to statically locked addresses on a port. GET operation on this object will display
             disable."
        ::={ hm2AgentPortSecurityEntry 10 }

      hm2AgentPortSecurityDynamicCount OBJECT-TYPE
        SYNTAX  Unsigned32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"The current number of dynamically locked MAC addresses on this port."
		::={ hm2AgentPortSecurityEntry 20 }

	  hm2AgentPortSecurityStaticCount OBJECT-TYPE
        SYNTAX  Unsigned32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"The current number of statically locked MAC addresses on this port."
		::={ hm2AgentPortSecurityEntry 21 }

	  hm2AgentPortSecurityViolationTrapCount OBJECT-TYPE
        SYNTAX  Unsigned32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"The number of active violations for which a violation trap was sent on this port.
			 This counter is only valid when hm2AgentPortSecurityViolationTrapMode is enabled"
		::={ hm2AgentPortSecurityEntry 22 }
		
	  hm2AgentPortSecurityViolationTrapFrequency OBJECT-TYPE
		SYNTAX  Unsigned32 (0..3600)
		MAX-ACCESS read-write
		STATUS current
		DESCRIPTION
			"The minimum seconds between two successive violation traps on this port."
	    DEFVAL { 0 }
		::={ hm2AgentPortSecurityEntry 23 }
		
	  hm2AgentPortSecurityAutoDisable OBJECT-TYPE
        SYNTAX  TruthValue
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "This object indicates whether a port is auto-disabled when the configured threshold is reached."
        DEFVAL { true }
        ::={ hm2AgentPortSecurityEntry 248 }

 --**********************************************************************--

 	hm2AgentPortSecurityDynamicTable OBJECT-TYPE
    	SYNTAX       SEQUENCE OF Hm2AgentPortSecurityDynamicEntry
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION "A table for Port Security Dynamic and associated functionality."
        ::= { hm2AgentPortSecurityGroup 3 }

    hm2AgentPortSecurityDynamicEntry OBJECT-TYPE
    	SYNTAX Hm2AgentPortSecurityDynamicEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION "Represents entry for port MAC Locking table"
        INDEX       { ifIndex,hm2AgentPortSecurityDynamicVLANId,hm2AgentPortSecurityDynamicMACAddress }
        ::={ hm2AgentPortSecurityDynamicTable 1}

    Hm2AgentPortSecurityDynamicEntry ::=
    	SEQUENCE {
        	hm2AgentPortSecurityDynamicVLANId
            	Unsigned32,
            hm2AgentPortSecurityDynamicMACAddress
            	MacAddress
        }

     hm2AgentPortSecurityDynamicVLANId OBJECT-TYPE
     	SYNTAX      Unsigned32
        MAX-ACCESS read-only
        STATUS current
     	DESCRIPTION
        	"Source VLAN id of the packet that is received on the dynamically locked port."
        ::={hm2AgentPortSecurityDynamicEntry 1 }

     hm2AgentPortSecurityDynamicMACAddress OBJECT-TYPE
      	SYNTAX  MacAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        	"Source MAC address of the packet that is received on the dynamically locked port."
        ::={ hm2AgentPortSecurityDynamicEntry 2 }

 --**********************************************************************--

 	 hm2AgentPortSecurityStaticTable OBJECT-TYPE
     	SYNTAX       SEQUENCE OF Hm2AgentPortSecurityStaticEntry
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION "A table for Port Security Static and associated functionality."
        ::= { hm2AgentPortSecurityGroup 10 }

        hm2AgentPortSecurityStaticEntry OBJECT-TYPE
            SYNTAX Hm2AgentPortSecurityStaticEntry
            MAX-ACCESS not-accessible
            STATUS current
            DESCRIPTION "Represents entry for port MAC Locking table"
            INDEX       { ifIndex,hm2AgentPortSecurityStaticVLANId,hm2AgentPortSecurityStaticMACAddress }
            ::={ hm2AgentPortSecurityStaticTable 1}

        Hm2AgentPortSecurityStaticEntry ::=
        	SEQUENCE {
                hm2AgentPortSecurityStaticVLANId
                	Unsigned32,
                hm2AgentPortSecurityStaticMACAddress
                	MacAddress
                }

        hm2AgentPortSecurityStaticVLANId OBJECT-TYPE
        	SYNTAX      Unsigned32
            MAX-ACCESS read-only
            STATUS current
            DESCRIPTION
            	"VLAN id of the statically locked address ."
            ::={hm2AgentPortSecurityStaticEntry 1 }

        hm2AgentPortSecurityStaticMACAddress OBJECT-TYPE
        	SYNTAX  MacAddress
            MAX-ACCESS read-only
            STATUS current
            DESCRIPTION
            	"Statically locked MAC address."
            ::={ hm2AgentPortSecurityStaticEntry 2 }


    --**************************************************************************************
    -- hm2AgentPortSecurity   Traps
    --
    --**************************************************************************************

    hm2AgentPortSecurityTraps  OBJECT IDENTIFIER ::= { hm2PlatformPortSecurity 2 }

    hm2AgentPortSecurityViolation NOTIFICATION-TYPE
        OBJECTS {
                 ifIndex,
                 hm2AgentPortSecurityLastDiscardedMAC
                }
        STATUS  current
        DESCRIPTION
            "Sent when a packet is received on a locked port with a source MAC address
             that is not allowed."
         ::= { hm2AgentPortSecurityTraps 1 }

END

