-- ****************************************************************************
-- ****************************************************************************
--             Copyright(c) 2004 Mediatrix Telecom, Inc.
--  NOTICE:
--   This document contains information that is confidential and proprietary
--   to Mediatrix Telecom, Inc.
--   Mediatrix Telecom, Inc. reserves all rights to this document as well as
--   to the Intellectual Property of the document and the technology and
--   know-how that it includes and represents.
--   This publication cannot be reproduced, neither in whole nor in part in
--   any form whatsoever without written prior approval by
--   Mediatrix Telecom, Inc.
--   Mediatrix Telecom, Inc. reserves the right to revise this publication
--   and make changes at any time and without the obligation to notify any
--   person and/or entity of such revisions and/or changes.
-- ****************************************************************************
-- ****************************************************************************

MX-WEB-MIB
DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY,
        OBJECT-TYPE,
        Unsigned32,
        Integer32
    FROM SNMPv2-SMI
        MODULE-COMPLIANCE,
        OBJECT-GROUP
    FROM SNMPv2-CONF
        MxEnableState,
        MxActivationState,
        MxIpHostName,
        MxIpAddress,
        MxIpPort,
        MxAdvancedIpPort,
        MxIpSubnetMask,
        MxDigitMap
    FROM MX-TC
        MxUInt64,
        MxFloat32,
        MxIpHostNamePort,
        MxIpAddr,
        MxIpAddrPort,
        MxIpAddrMask,
        MxUri,
        MxUrl
    FROM MX-TC2
        mediatrixServices
    FROM MX-SMI2;

webMIB MODULE-IDENTITY
 LAST-UPDATED   "1910210000Z"
 ORGANIZATION " Mediatrix Telecom, Inc. "
 CONTACT-INFO " Mediatrix Telecom, Inc.
                4229, Garlock Street
                Sherbrooke (Quebec)
                Canada
                Phone: (819) 829-8749
                "
 DESCRIPTION  " Web Service

                The Web service allows the administrator to manage the unit
                using HTTP(S) web pages.
                "
 ::= { mediatrixServices 1200 }

webMIBObjects OBJECT IDENTIFIER ::= { webMIB 1 }

-- ****************************************************************************

-- Group:Server

-- Contains parameters to handle the server behavior.
-- ****************************************************************************

serverGroup OBJECT IDENTIFIER
 ::= { webMIBObjects 100 }
 -- Scalar:HTTP Mode

 httpMode OBJECT-TYPE
  SYNTAX        INTEGER { secure(100) , unsecure(200) , both(300) }
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " HTTP Mode

                Defines the HTTP mode(s) to which the Web server should
                listen.

                  * Secure: The Web server only accepts requests using HTTPS.
                    Requests using HTTP are ignored.
                  * Unsecure: The Web server only accepts requests using HTTP.
                    Requests using HTTPS are ignored.
                  * Both: The Web server accepts requests using HTTP or HTTPS.

                The Web server configured in 'Secure' or 'Both' modes listens
                to HTTPS requests only if a server certificate with 'server
                authentication' extended key usage is present on the unit.

                "
  DEFVAL        { both }
  ::= { serverGroup 50 }

 -- Scalar:Port

 serverPort OBJECT-TYPE
  SYNTAX        MxIpPort
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " Port

                Listening port of the HTTP server.
                "
  DEFVAL        { 80 }
  ::= { serverGroup 100 }

 -- Scalar:Secure port

 secureServerPort OBJECT-TYPE
  SYNTAX        MxIpPort
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " Secure port

                Listening port of the HTTPS server.
                "
  DEFVAL        { 443 }
  ::= { serverGroup 200 }

 -- Scalar:HTTPS cipher suite

 httpsCipherSuite OBJECT-TYPE
  SYNTAX        INTEGER { cS1(100) , cS2(200) , cS3(300) }
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " HTTPS cipher suite

                Defines the allowed cipher suites for the network security
                settings to which the Web server should listen when using the
                HTTPS

                  * CS1:
                      + TLS_DHE_RSA_WITH_AES_256_CBC_SHA
                      + TLS_DHE_DSS_WITH_AES_256_CBC_SHA
                      + TLS_RSA_WITH_AES_256_CBC_SHA
                      + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                      + TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
                      + TLS_RSA_WITH_3DES_EDE_CBC_SHA
                      + TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                      + TLS_DHE_DSS_WITH_AES_128_CBC_SHA
                      + TLS_RSA_WITH_AES_128_CBC_SHA
                      + TLS_RSA_WITH_RC4_128_SHA
                      + TLS_RSA_WITH_RC4_128_MD5
                  * CS2:
                      + TLS_RSA_WITH_AES_128_CBC_SHA
                      + TLS_RSA_WITH_AES_256_CBC_SHA
                      + TLS_RSA_WITH_3DES_EDE_CBC_SHA
                      + TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                      + TLS_DHE_RSA_WITH_AES_256_CBC_SHA
                      + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
                  * CS3:
                      + TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
                      + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
                      + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
                      + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
                      + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
                      + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
                      + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
                      + TLS_RSA_WITH_AES_256_GCM_SHA384
                      + TLS_RSA_WITH_AES_256_CBC_SHA256
                      + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
                      + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
                      + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
                      + TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
                      + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
                      + TLS_RSA_WITH_AES_128_GCM_SHA256
                      + TLS_RSA_WITH_AES_128_CBC_SHA256

                Any connection attempts to the web server using a cipher that
                is not allowed by the cipher suite will result in a failure to
                establish the connection.

                "
  DEFVAL        { cS1 }
  ::= { serverGroup 300 }

 -- Scalar:TLS version

 tlsVersion OBJECT-TYPE
  SYNTAX        INTEGER { sSLv3(100) , tLSv1(200) , tLSv1-1(300) , tLSv1-2
                (400) }
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " TLS version

                Defines the allowed TLS versions for the network security
                settings when using the HTTPS.

                  * SSLv3: Allow SSL version 3 and all TLS versions.
                  * TLSv1: Allow TLS versions 1 and up.
                  * TLSv1_1: Allow TLS versions 1.1 and up.
                  * TLSv1_2: Allow TLS versions 1.2 and up.

                Any connection attempts to the web server using a TLS version
                that is not allowed will result in a failure to establish the
                connection.

                "
  DEFVAL        { tLSv1 }
  ::= { serverGroup 400 }

-- End of group:Server

-- ********************************************************************

-- Group:Statistics

-- ********************************************************************

statisticsGroup OBJECT IDENTIFIER
        ::= { webMIBObjects 10000 }
        -- Scalar:Number of Requests

        statsRequest OBJECT-TYPE
         SYNTAX        Unsigned32
         MAX-ACCESS    read-only
         STATUS        current
         DESCRIPTION " Number of Requests

                       Number of Requests handled by the service.
                       "
         ::= { statisticsGroup 100 }

        -- Scalar:Number of redirections

        statsRedirect OBJECT-TYPE
         SYNTAX        Unsigned32
         MAX-ACCESS    read-only
         STATUS        current
         DESCRIPTION " Number of redirections

                       Number of redirections handled by the service.
                       "
         ::= { statisticsGroup 200 }

        -- Scalar:Number of Errors

        statsError OBJECT-TYPE
         SYNTAX        Unsigned32
         MAX-ACCESS    read-only
         STATUS        current
         DESCRIPTION " Number of Errors

                       Number of Errors handled by the service.
                       "
         ::= { statisticsGroup 300 }

-- End of group:Statistics

-- ****************************************************************************

-- Group:Notification Messages Configuration

-- ****************************************************************************

notificationsGroup OBJECT IDENTIFIER
 ::= { webMIBObjects 60010 }
 -- Scalar:Minimal Severity of Notification

 minSeverity OBJECT-TYPE
  SYNTAX        INTEGER { disable(0) , debug(100) , info(200) , warning(300) ,
                error(400) , critical (500) }
  MAX-ACCESS    read-write
  STATUS        current
  DESCRIPTION " Minimal Severity of Notification

                Sets the minimal severity to issue a notification message
                incoming from this service.

                  * Disable: No notification is issued.
                  * Debug: All notification messages are issued.
                  * Info: Notification messages with a 'Informational' and
                    higher severity are issued.
                  * Warning: Notification messages with a 'Warning' and higher
                    severity are issued.
                  * Error: Notification messages with an 'Error' and higher
                    severity are issued.
                  * Critical: Notification messages with a 'Critical' severity
                    are issued.

                "
  DEFVAL        { warning }
  ::= { notificationsGroup 100 }

-- End of group:Notification Messages Configuration

-- ****************************************************************************

-- Group:Configuration Settings

-- ****************************************************************************

configurationGroup OBJECT IDENTIFIER
 ::= { webMIBObjects 60020 }
 -- Scalar:Need Restart

 needRestartInfo OBJECT-TYPE
  SYNTAX        INTEGER { no(0) , yes(100) }
  MAX-ACCESS    read-only
  STATUS        current
  DESCRIPTION " Need Restart

                Indicates if the service needs to be restarted for the
                configuration to fully take effect.

                  * Yes: Service needs to be restarted.
                  * No: Service does not need to be restarted.

                Services can be restarted by using the
                Scm.ServiceCommands.Restart command.

                "
  ::= { configurationGroup 100 }

-- End of group:Configuration Settings

END
