-- IPT-NETFLOW-MIB.my

PEPXIM-IPT-NETFLOW-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Counter64,
    Gauge32, Integer32, Counter32, enterprises
	FROM SNMPv2-SMI
    OBJECT-GROUP, MODULE-COMPLIANCE
	FROM SNMPv2-CONF
    CounterBasedGauge64
	FROM HCNUM-TC
    TEXTUAL-CONVENTION, DisplayString, DateAndTime
	FROM SNMPv2-TC;

--
-- Node definitions
--
-- ********************************************************************
-- *  MODULE IDENTITY
-- ********************************************************************
-- The Enterprises Number
pepxim OBJECT IDENTIFIER ::= { enterprises 52467 }

productMib  OBJECT IDENTIFIER ::= { pepxim 200 }

generalMib OBJECT IDENTIFIER ::= { productMib 1 }

iptNetflowMIB MODULE-IDENTITY
    LAST-UPDATED "202011121200Z"        -- 11 12, 2020 at 12:00 GMT
    ORGANIZATION "PEPXIM"
    CONTACT-INFO ""
    DESCRIPTION "MIB module for IPT-NETFLOW."

    ::= { generalMib 15 }

-- Top Level --
iptNetflowObjects	OBJECT IDENTIFIER ::= { iptNetflowMIB 1 }
iptNetflowStatistics	OBJECT IDENTIFIER ::= { iptNetflowMIB 2 }
iptNetflowConformance	OBJECT IDENTIFIER ::= { iptNetflowMIB 3 }

-- Objects --

-- modinfo
iptNetflowModule	OBJECT IDENTIFIER ::= { iptNetflowObjects 1 }
-- sysctl net.netflow
iptNetflowSysctl	OBJECT IDENTIFIER ::= { iptNetflowObjects 2 }

-- Modinfo Objects --

name OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Name of the module."
    ::= { iptNetflowModule 1 }

version OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Software version of the module."
    ::= { iptNetflowModule 2 }

srcversion OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	 "Binary version of the module."
    ::= { iptNetflowModule 3 }

loadTime OBJECT-TYPE
    SYNTAX	DateAndTime
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	 "Load date time of the module."
    ::= { iptNetflowModule 4 }

refcnt OBJECT-TYPE
    SYNTAX	Integer32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	 "Module usage by other kernel objects."
    ::= { iptNetflowModule 5 }

-- RW Sysctl objects --

protocol OBJECT-TYPE
    SYNTAX	INTEGER {
	netflow5(5),
	netflow9(9),
	ipfix(10)
    }
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Protocol version (5, 9, 10=IPFIX)."
    ::= { iptNetflowSysctl 1 }

hashsize OBJECT-TYPE
    SYNTAX	Integer32
    UNITS	"buckets"
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Hash table size of flows cache."
    ::= { iptNetflowSysctl 2 }

maxflows OBJECT-TYPE
    SYNTAX	Integer32
    UNITS	"flows"
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Max flows limit. This limit is used for DoS protection."
    ::= { iptNetflowSysctl 3 }

active-timeout OBJECT-TYPE
    SYNTAX	Integer32
    UNITS	"minutes"
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Active flows timeout value."
    ::= { iptNetflowSysctl 4 }

inactive-timeout OBJECT-TYPE
    SYNTAX	Integer32
    UNITS	"minutes"
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Inactive flows timeout value."
    ::= { iptNetflowSysctl 5 }

sndbuf OBJECT-TYPE
    SYNTAX	Integer32
    UNITS	"bytes"
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Sockets SNDBUF size."
    ::= { iptNetflowSysctl 6 }

destination OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Export destination parameter."
    ::= { iptNetflowSysctl 7 }

aggregation OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Aggregation parameters."
    ::= { iptNetflowSysctl 8 }

sampler OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Sampler parameters: sampling mode:sampling interval.
	Where sampling modes: deterministic, random, hash."
    ::= { iptNetflowSysctl 9 }

natevents OBJECT-TYPE
    SYNTAX	INTEGER {
	disabled(0),
	enabled(1)
    }
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Natevents (NEL) controlling parameter."
    ::= { iptNetflowSysctl 10 }

promisc OBJECT-TYPE
    SYNTAX	INTEGER {
	disabled(0),
	enabled(1)
    }
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"Promisc hack controlling parameter."
    ::= { iptNetflowSysctl 11 }

snmp-rules OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"SNMP-index translation rules."
    ::= { iptNetflowSysctl 12 }

scan-min OBJECT-TYPE
    SYNTAX	Integer32
    MAX-ACCESS	read-write
    STATUS	current
    DESCRIPTION
	"scan-min parameter."
    ::= { iptNetflowSysctl 13 }

-- Statistics Objects --

iptNetflowTotals	OBJECT IDENTIFIER ::= { iptNetflowStatistics 1 }

inBitRate OBJECT-TYPE
    SYNTAX      CounterBasedGauge64
    UNITS       "bits/second"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total incoming bits per second."
::= { iptNetflowTotals 1 }

inPacketRate OBJECT-TYPE
    SYNTAX      Gauge32
    UNITS       "packets/second"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total incoming packets per second."
::= { iptNetflowTotals 2 }

inFlows OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "flows"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total observed (metered) flows."
::= { iptNetflowTotals 3 }

inPackets OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "packets"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total metered packets(Not including dropped packets)."
::= { iptNetflowTotals 4 }

inBytes OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total metered bytes of in packets."
::= { iptNetflowTotals 5 }

FixedDiv100 ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "d-2"
    STATUS	current
    DESCRIPTION "Fixed point, two decimals."
    SYNTAX	Gauge32

hashMetric OBJECT-TYPE
    SYNTAX      FixedDiv100
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Measure of performance of hash table.
	When optimal will be attract to 1.0.
        When non-optimal will be highly above of 1."
::= { iptNetflowTotals 6 }

hashMemory OBJECT-TYPE
    SYNTAX      Gauge32
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"System memory used by the hash table."
::= { iptNetflowTotals 7 }

hashFlows OBJECT-TYPE
    SYNTAX      Gauge32
    UNITS       "flows"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Flows currently residing in the hash table and not
	exported yet."
::= { iptNetflowTotals 8 }

hashPackets OBJECT-TYPE
    SYNTAX      Gauge32
    UNITS       "packets"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Packets in flows currently residing in the hash table."
::= { iptNetflowTotals 9 }

hashBytes OBJECT-TYPE
    SYNTAX      CounterBasedGauge64
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Bytes in flows currently residing in the hash table."
::= { iptNetflowTotals 10 }

dropPackets OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "packets"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total packets dropped by metering process."
::= { iptNetflowTotals 11 }

dropBytes OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total bytes in packets dropped by metering process."
::= { iptNetflowTotals 12 }

outByteRate OBJECT-TYPE
    SYNTAX      Gauge32
    UNITS       "bytes/second"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total exporter output bytes per second."
::= { iptNetflowTotals 13 }

outFlows OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "flows"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total exported flow data records."
::= { iptNetflowTotals 14 }

outPackets OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "packets"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total exported packets of netflow stream itself."
::= { iptNetflowTotals 15 }

outBytes OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total exported bytes of netflow stream itself."
::= { iptNetflowTotals 16 }

lostFlows OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "flows"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total of accounted flows that are lost by exporting process
	 due to socket errors. This value will not include asynchronous
	 errors (cberr), these will be counted in errTotal."
::= { iptNetflowTotals 17 }

lostPackets OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "packets"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total metered packets lost by exporting process.
	 See lostFlows for details."
::= { iptNetflowTotals 18 }

lostBytes OBJECT-TYPE
    SYNTAX      Counter64
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total bytes in packets lost by exporting process.
	 See lostFlows for details."
::= { iptNetflowTotals 19 }

errTotal OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Total exporting sockets errors (including cberr)."
::= { iptNetflowTotals 20 }

sndbufPeak OBJECT-TYPE
    SYNTAX      Counter32
    UNITS       "bytes"
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
	"Global maximum value of socket sndbuf. Sort of output
	queue length."
::= { iptNetflowTotals 21 }

-- Per CPU statistics --

iptNetflowCpuTable OBJECT-TYPE
    SYNTAX	SEQUENCE OF IptNetflowCpuEntry
    MAX-ACCESS	not-accessible
    STATUS	current
    DESCRIPTION
	"Per-CPU statistics."
    ::= { iptNetflowStatistics 2 }

iptNetflowCpuEntry OBJECT-TYPE
    SYNTAX	IptNetflowCpuEntry
    MAX-ACCESS	not-accessible
    STATUS	current
    DESCRIPTION
	"Defines an entry in the iptNetflowCpuTable."
    INDEX	{ cpuIndex }
    ::= { iptNetflowCpuTable 1 }

IptNetflowCpuEntry ::=
    SEQUENCE {
      cpuIndex		Integer32,
      cpuInPacketRate	Gauge32,
      cpuInFlows	Counter64,
      cpuInPackets	Counter64,
      cpuInBytes	Counter64,
      cpuHashMetric	FixedDiv100,
      cpuDropPackets	Counter64,
      cpuDropBytes	Counter64,
      cpuErrTrunc	Counter32,
      cpuErrFrag	Counter32,
      cpuErrAlloc	Counter32,
      cpuErrMaxflows	Counter32
    }

cpuIndex OBJECT-TYPE
    SYNTAX	Integer32 (0..4096)
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Index of this CPU."
    ::= { iptNetflowCpuEntry 1 }

cpuInPacketRate OBJECT-TYPE
    SYNTAX	Gauge32
    UNITS	"packets/second"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Incoming packets per second for this CPU."
    ::= { iptNetflowCpuEntry 2 }

cpuInFlows OBJECT-TYPE
    SYNTAX	Counter64
    UNITS	"flows"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Flows metered on this CPU."
    ::= { iptNetflowCpuEntry 3 }

cpuInPackets OBJECT-TYPE
    SYNTAX	Counter64
    UNITS	"packets"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Packets metered for cpuIndex."
    ::= { iptNetflowCpuEntry 4 }

cpuInBytes OBJECT-TYPE
    SYNTAX	Counter64
    UNITS	"bytes"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Bytes metered on this CPU."
    ::= { iptNetflowCpuEntry 5 }

cpuHashMetric OBJECT-TYPE
    SYNTAX	FixedDiv100
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Measure of performance of hash table on this CPU."
    ::= { iptNetflowCpuEntry 6 }

cpuDropPackets OBJECT-TYPE
    SYNTAX	Counter64
    UNITS	"packets"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Packets dropped by metering process on this CPU."
    ::= { iptNetflowCpuEntry 7 }

cpuDropBytes OBJECT-TYPE
    SYNTAX	Counter64
    UNITS	"bytes"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Bytes in cpuDropPackets for this CPU."
    ::= { iptNetflowCpuEntry 8 }

cpuErrTrunc OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Truncated packets dropped for this CPU."
    ::= { iptNetflowCpuEntry 9 }

cpuErrFrag OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Fragmented packets dropped for this CPU."
    ::= { iptNetflowCpuEntry 10 }

cpuErrAlloc OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Packets dropped due to memory allocation errors."
    ::= { iptNetflowCpuEntry 11 }

cpuErrMaxflows OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Packets dropped due to maxflows limit being reached."
    ::= { iptNetflowCpuEntry 12 }

-- Per Socket statistics --

iptNetflowSockTable OBJECT-TYPE
    SYNTAX	SEQUENCE OF IptNetflowSockEntry
    MAX-ACCESS	not-accessible
    STATUS	current
    DESCRIPTION
	"Per socket statistics."
    ::= { iptNetflowStatistics 3 }

iptNetflowSockEntry OBJECT-TYPE
    SYNTAX	IptNetflowSockEntry
    MAX-ACCESS	not-accessible
    STATUS	current
    DESCRIPTION
	"Defines an entry in the iptNetflowSockTable."
    INDEX	{ sockIndex }
    ::= { iptNetflowSockTable 1 }

IptNetflowSockEntry ::=
    SEQUENCE {
      sockIndex		Integer32,
      sockDestination	DisplayString,
      sockActive	INTEGER,
      sockErrConnect	Counter32,
      sockErrFull	Counter32,
      sockErrCberr	Counter32,
      sockErrOther	Counter32,
      sockSndbuf	Gauge32,
      sockSndbufFill	Gauge32,
      sockSndbufPeak	Gauge32
    }

sockIndex OBJECT-TYPE
    SYNTAX	Integer32 (0..4096)
    MAX-ACCESS	not-accessible
    STATUS	current
    DESCRIPTION
	"Exporting socket index."
    ::= { iptNetflowSockEntry 1 }

sockDestination OBJECT-TYPE
    SYNTAX	DisplayString
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Exporting connection destination of socket."
    ::= { iptNetflowSockEntry 2 }

sockActive OBJECT-TYPE
    SYNTAX	INTEGER {
	  inactive(0),
	  active(1)
    }
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Connection state of socket."
    ::= { iptNetflowSockEntry 3 }

sockErrConnect OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Connections attempt count.
	High value usually mean that network is not set up properly,
	or module is loaded before network is up."
    ::= { iptNetflowSockEntry 4 }

sockErrFull OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Socket full errors on this socket. Usually mean sndbuf
	value is too small."
    ::= { iptNetflowSockEntry 5 }

sockErrCberr OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Asynchronous callback errors on this socket. Usually mean
	that there is 'connection refused' errors on UDP socket
	reported via ICMP messages."
    ::= { iptNetflowSockEntry 6 }

sockErrOther OBJECT-TYPE
    SYNTAX	Counter32
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"All other possible errors on this socket."
    ::= { iptNetflowSockEntry 7 }

sockSndbuf OBJECT-TYPE
    SYNTAX	Gauge32
    UNITS	"bytes"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Sndbuf value for this socket.
	Higher value allows accommodate (exporting) traffic bursts."
    ::= { iptNetflowSockEntry 8 }

sockSndbufFill OBJECT-TYPE
    SYNTAX	Gauge32
    UNITS	"bytes"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Amount of data currently in socket buffers.
	When this value will reach size sndbuf, packet loss will occur."
    ::= { iptNetflowSockEntry 9 }

sockSndbufPeak OBJECT-TYPE
    SYNTAX	Gauge32
    UNITS	"bytes"
    MAX-ACCESS	read-only
    STATUS	current
    DESCRIPTION
	"Historical peak amount of data in socket buffers.
	Useful to evaluate sndbuf size, due to sockSndbufFill is transient."
    ::= { iptNetflowSockEntry 10 }

-- Conformance Information --

iptNetflowCompliances	OBJECT IDENTIFIER ::= { iptNetflowConformance 1 }
iptNetflowGroups	OBJECT IDENTIFIER ::= { iptNetflowConformance 2 }

iptNetflowCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION "iptNetflowCompliance"
    MODULE
    MANDATORY-GROUPS {
	iptNetflowModuleGroup,
	iptNetflowSysctlGroup,
	iptNetflowTotalsGroup,
	iptNetflowCpuGroup,
	iptNetflowSockGroup
    }
    ::= { iptNetflowCompliances 1 }

iptNetflowModuleGroup OBJECT-GROUP
    OBJECTS {
	name,
	version,
	srcversion,
	loadTime,
	refcnt
    }
    STATUS	current
    DESCRIPTION "Module info."
    ::= { iptNetflowGroups 1 }

iptNetflowSysctlGroup OBJECT-GROUP
    OBJECTS {
	hashsize,
	maxflows,
	protocol,
	active-timeout,
	inactive-timeout,
	sndbuf,
	destination,
	aggregation,
	sampler,
	natevents,
	promisc,
	snmp-rules,
	scan-min
    }
    STATUS	current
    DESCRIPTION "Read-write objects accessed via sysctl"
    ::= { iptNetflowGroups 2 }

iptNetflowTotalsGroup OBJECT-GROUP
    OBJECTS {
	inBitRate,
	inPacketRate,
	inFlows,
	inPackets,
	inBytes,
	hashMetric,
	hashMemory,
	hashFlows,
	hashPackets,
	hashBytes,
	dropPackets,
	dropBytes,
	outByteRate,
	outFlows,
	outPackets,
	outBytes,
	lostFlows,
	lostPackets,
	lostBytes,
	errTotal,
	sndbufPeak
    }
    STATUS	current
    DESCRIPTION "Statistics totals."
    ::= { iptNetflowGroups 3 }

iptNetflowCpuGroup OBJECT-GROUP
    OBJECTS {
	cpuIndex,
	cpuInPacketRate,
	cpuInFlows,
	cpuInPackets,
	cpuInBytes,
	cpuHashMetric,
	cpuDropPackets,
	cpuDropBytes,
	cpuErrTrunc,
	cpuErrFrag,
	cpuErrAlloc,
	cpuErrMaxflows
    }
    STATUS	current
    DESCRIPTION "Per CPU statistics."
    ::= { iptNetflowGroups 4 }

iptNetflowSockGroup OBJECT-GROUP
    OBJECTS {
	sockDestination,
	sockActive,
	sockErrConnect,
	sockErrFull,
	sockErrCberr,
	sockErrOther,
	sockSndbuf,
	sockSndbufFill,
	sockSndbufPeak
    }
    STATUS	current
    DESCRIPTION "Per socket statistics."
    ::= { iptNetflowGroups 5 }

END
