-- ====================================================================
-- Copyright (c) 2011 by Qtech Networks Co.,Ltd. All rights reserved.
--
-- Description: The MIB is designed to get IPSec tunnels' statistic information.
-- Reference: rujie Enterprise MIB
-- =====================================================================
QTECH-IPSEC-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        DisplayString,TEXTUAL-CONVENTION, TimeStamp
            FROM SNMPv2-TC
        IpAddress, Integer32, Counter32, Counter64, OBJECT-TYPE,
        MODULE-IDENTITY, Gauge32, NOTIFICATION-TYPE, Unsigned32
            FROM SNMPv2-SMI
        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
            FROM SNMPv2-CONF
        qtechMgmt
            FROM QTECH-SMI;

    qtechIPSecMonitor MODULE-IDENTITY
        LAST-UPDATED "201102170000Z"            
        ORGANIZATION
            "Qtech Networks Co.,Ltd."
        CONTACT-INFO
            "Tel: 4008-111-000 
             E-mail: service@qtech.com.cn"  
        DESCRIPTION
            "The MIB is designed to get statistic information of
             IPSec tunnels. With this MIB, we can get information of a certain
             tunnel or all tunnels."
        REVISION      "201102170000Z"
        DESCRIPTION
                "Initial version of this MIB module."
        ::= { qtechMgmt 94 }       
        
    QtechDiffHellmanGrp   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The Diffie Hellman Group used in the IKE and IPSec negotiations.
             invalidAlg(2147483647) is defined as invalid value."
        SYNTAX INTEGER { 
            none(0),
            modp768(1),
            modp1024(2),
            invalidMode(2147483647)
        }

    QtechEncapMode        ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The encapsulation mode used by an IPSec Phase-2 Tunnel."
        SYNTAX INTEGER {
            tunnel(1),
            transport(2),
            invalidMode(2147483647)
        }

    QtechEncryptAlgo   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The encryption algorithm used in the IKE and IPSec negotiations.
             invalidAlg(2147483647) is defined as invalid value."
        SYNTAX INTEGER {
            none(0),
            desCbc(2),
            threedesCbc(3),
            aesCbc(12),
            sm1Cbc(128),
            invalidAlg(2147483647)
        }

    QtechAuthAlgo   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The authentication algorithm used in the IKE negotiations.
             invalidAlg(2147483647) is defined as invalid value."
        SYNTAX INTEGER {
            none(0),
            md5(1),
            sha(2),
            invalidAlg(2147483647)
        }

    QtechSaProtocol   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The protocol of security association."
        SYNTAX INTEGER {
            reserved(0),
            isakmp(1),
            ah(2),
            esp(3)        
        }
    
    QtechTunnelProtocol   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The protocol of security association."
        SYNTAX INTEGER {
            none(0),
            icmp(1),
            igmp(2),
            ip(4),
            tcp(6),
            udp(17),
            esp(50),
            ah(51)        
        }

        
    QtechTrafficType   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The type of the data flow."
        SYNTAX INTEGER {
            ipv4Addr(1),
            ipv4AddrSubnet(2),
            ipv6Addr(3),
            ipv6AddrSubnet(4),
            ipv4AddrRange(5),
            ipv6AddrRange(6)
        }

    QtechIPSecNegoType   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The type of key used by an IPSec Phase-2 Tunnel. invalidType(2147483647)
             is defined as invalid value."
        SYNTAX INTEGER {
            ike(1),
            manual(2),
            invalidType(2147483647)
        }

    QtechIPSecTunnelState   ::= TEXTUAL-CONVENTION
        STATUS     current
        DESCRIPTION
            "The state of IPSec tunnel."
        SYNTAX INTEGER {
            establishing(1),
            active(2),
            expiring(3)
        }

-- ========================================================================
-- Node definitions
-- ========================================================================
--Begin the node of qtechIPSecObjects.

    qtechIPSecObjects OBJECT IDENTIFIER ::= { qtechIPSecMonitor 1 }

-- ===============================================
-- Begin the table of qtechIPSecTunnelTable.
-- ===============================================

    qtechIPSecTunnelTable OBJECT-TYPE
        SYNTAX SEQUENCE OF QtechIPSecTunnelEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The IPSec Phase-2 Tunnel Table. There is one
             entry in this table for each active IPSec Phase-2 Tunnel."
        ::= { qtechIPSecObjects 1 }

    qtechIPSecTunnelEntry OBJECT-TYPE
        SYNTAX QtechIPSecTunnelEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Information about qtechIPSecTunnelTable."
        INDEX { qtechIPSecTunRemoteAddr }
        ::= { qtechIPSecTunnelTable 1 }

    QtechIPSecTunnelEntry ::=
        SEQUENCE {
            qtechIPSecTunIfIndex
                Integer32,
            qtechIPSecTunIndex
                Integer32,
            qtechIPSecTunIKETunnelIndex
                Integer32,
            qtechIPSecTunLocalAddr
                IpAddress,
            qtechIPSecTunRemoteAddr
                IpAddress,  
            qtechIPSecTunLocalHostname
                DisplayString,
            qtechIPSecTunRemoteHostname
                DisplayString,     
            qtechIPSecTunKeyType
                QtechIPSecNegoType,
            qtechIPSecTunEncapMode
                QtechEncapMode,
            qtechIPSecTunInitiator
                INTEGER,
            qtechIPSecTunLifeSize
                Integer32,
            qtechIPSecTunLifeTime
                Integer32,
            qtechIPSecTunRemainTime
                Integer32,
            qtechIPSecTunActiveTime
                Integer32,
            qtechIPSecTunCreateTime
                Integer32,
            qtechIPSecTunRemainSize
                Integer32,
            qtechIPSecTunTotalRefreshes
                Counter32,
            qtechIPSecTunCurrentSaInstances
                Gauge32,
            qtechIPSecTunInSaEncryptAlgo
                QtechEncryptAlgo,
            qtechIPSecTunInSaAhAuthAlgo
                QtechAuthAlgo,
            qtechIPSecTunInSaEspAuthAlgo
                QtechAuthAlgo,
            qtechIPSecTunDiffHellmanGrp
                QtechDiffHellmanGrp,
            qtechIPSecTunOutSaEncryptAlgo
                QtechEncryptAlgo,
            qtechIPSecTunOutSaAhAuthAlgo
                QtechAuthAlgo,
            qtechIPSecTunOutSaEspAuthAlgo
                QtechAuthAlgo,
            qtechIPSecTunMapName
                DisplayString,
            qtechIPSecTunSeqNum
                Integer32,
            qtechIPSecTunStatus
                QtechIPSecTunnelState
        }

    qtechIPSecTunIfIndex OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The interface index( the ifIndex of ifTable )."
        ::= { qtechIPSecTunnelEntry 1 }

    qtechIPSecTunIndex OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The index of IPSec Phase-2 Tunnel Table. The value of
             the index is a number which begins at one and is
             incremented with each tunnel that is created. The
             value of this object will wrap at 2,147,483,647."
        ::= { qtechIPSecTunnelEntry 2 }

    qtechIPSecTunIKETunnelIndex OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The index of the associated IPSec Phase-1 IKE Tunnel
             (IKETunIndex in the IKETunnelTable). 2147483647 is defined as
             invalid value. "
        ::= { qtechIPSecTunnelEntry 3 }

    qtechIPSecTunLocalAddr OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The IP address of the local peer for the IPSec Phase-2
             Tunnel. 0.0.0.0 is defined as invalid value."
        ::= { qtechIPSecTunnelEntry 4 }

    qtechIPSecTunRemoteAddr OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The IP address of the remote peer for the IPSec Phase-2
             Tunnel. 0.0.0.0 is defined as invalid value."
        ::= { qtechIPSecTunnelEntry 5 }

    qtechIPSecTunLocalHostname OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Hostname of the local peer for the IPSec Phase-2
             Tunnel."
        ::= { qtechIPSecTunnelEntry 6 }
    
    qtechIPSecTunRemoteHostname OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Hostname of the remote peer for the IPSec Phase-2
             Tunnel. "
        ::= { qtechIPSecTunnelEntry 7 }
    
    qtechIPSecTunKeyType OBJECT-TYPE
        SYNTAX QtechIPSecNegoType
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The key negotiate mode used by the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 8 }
    qtechIPSecTunEncapMode OBJECT-TYPE
        SYNTAX QtechEncapMode
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The encapsulation mode used by the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 9 }

    qtechIPSecTunInitiator OBJECT-TYPE
        SYNTAX INTEGER
            {
                local(1),
                remote(2),
                none(2147483647)
            }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The initiator of this IPSec tunnel. Value none is used for manual
             IPsec tunnel, for there is no initiator or responder in this method."
        ::= { qtechIPSecTunnelEntry 10 }

    qtechIPSecTunLifeSize OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The negotiated LifeSize of the IPSec Phase-2 Tunnel in kilobytes.
             2147483647 is defined as invalid value."
        ::= { qtechIPSecTunnelEntry 11 }

    qtechIPSecTunLifeTime OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The negotiated LifeTime of the IPSec Phase-2 Tunnel in seconds.
             2147483647 is defined as invalid value."
        ::= { qtechIPSecTunnelEntry 12 }

    qtechIPSecTunRemainTime OBJECT-TYPE
        SYNTAX Integer32 (0..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The remain time of SA in seconds. 2147483647 is defined as invalid
             value."
        ::= { qtechIPSecTunnelEntry 13 }

    qtechIPSecTunActiveTime OBJECT-TYPE
        SYNTAX Integer32 (0..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The duration the IPSec Phase-2 Tunnel has been active in
             hundredths of seconds. 2147483647 is defined as invalid value."
        ::= { qtechIPSecTunnelEntry 14 }
    
    qtechIPSecTunCreateTime OBJECT-TYPE
        SYNTAX  Integer32 (0..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Time Stamp when the IPSec Phase-2 Tunnel created."
        ::= { qtechIPSecTunnelEntry 15 }
    
    qtechIPSecTunRemainSize OBJECT-TYPE
        SYNTAX Integer32 (0..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The remain LifeSize of SA in kilobytes. 2147483647 is defined as
             invalid value."
        ::= { qtechIPSecTunnelEntry 16 }

    qtechIPSecTunTotalRefreshes OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of security association refreshing performed."
        ::= { qtechIPSecTunnelEntry 17 }

    qtechIPSecTunCurrentSaInstances OBJECT-TYPE
        SYNTAX Gauge32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of security associations which are currently active
             or expiring."
        ::= { qtechIPSecTunnelEntry 18 }

    qtechIPSecTunInSaEncryptAlgo OBJECT-TYPE
        SYNTAX QtechEncryptAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The encryption algorithm used by the inbound security association
             of the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 19 }

    qtechIPSecTunInSaAhAuthAlgo OBJECT-TYPE
        SYNTAX QtechAuthAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The authentication algorithm used by the inbound authentication
             header (AH) security association of the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 20 }

    qtechIPSecTunInSaEspAuthAlgo OBJECT-TYPE
        SYNTAX QtechAuthAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The authentication algorithm used by the inbound encapsulation
             security protocol(ESP) security association of the IPSec
             Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 21 }

    qtechIPSecTunDiffHellmanGrp OBJECT-TYPE
        SYNTAX QtechDiffHellmanGrp
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Diffie Hellman Group used by the security association of the
             IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 22 }

    qtechIPSecTunOutSaEncryptAlgo OBJECT-TYPE
        SYNTAX QtechEncryptAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The encryption algorithm used by the outbound security
             association of the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 23 }

    qtechIPSecTunOutSaAhAuthAlgo OBJECT-TYPE
        SYNTAX QtechAuthAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The authentication algorithm used by the outbound
             authentication header (AH) security association of
             the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 24 }

    qtechIPSecTunOutSaEspAuthAlgo OBJECT-TYPE
        SYNTAX QtechAuthAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The authentication algorithm used by the outbound encapsulation
             security protocol(ESP) security association of the IPSec
             Phase-2 Tunnel."
        ::= { qtechIPSecTunnelEntry 25 }

    qtechIPSecTunMapName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Map name used by this IPSec tunnel."
        ::= { qtechIPSecTunnelEntry 26 }

    qtechIPSecTunSeqNum OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The sequence number of policy used by this IPSec tunnel."
        ::= { qtechIPSecTunnelEntry 27 }

    qtechIPSecTunStatus OBJECT-TYPE
        SYNTAX QtechIPSecTunnelState
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The status of the IPSec Tunnel."
        ::= { qtechIPSecTunnelEntry 28 }

-- ===============================================
-- Begin the table of qtechIPSecTunnelStatTable.
-- ===============================================

    qtechIPSecTunnelStatTable OBJECT-TYPE
        SYNTAX SEQUENCE OF QtechIPSecTunnelStatEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The IPSec Phase-2 Tunnel Statistics Table. "
        ::= { qtechIPSecObjects 2 }

    qtechIPSecTunnelStatEntry OBJECT-TYPE
        SYNTAX QtechIPSecTunnelStatEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Information about qtechIPSecTunnelStatTable."
        INDEX { qtechIPSecTunRemoteAddr }
        ::= { qtechIPSecTunnelStatTable 1 }

    QtechIPSecTunnelStatEntry ::=
        SEQUENCE {
            qtechIPSecTunInOctets
                Counter64,
            qtechIPSecTunInDecompOctets
                Counter64,
            qtechIPSecTunInPkts
                Counter64,
            qtechIPSecTunInSpeed
            	Counter64,
            qtechIPSecTunInDropPkts
                Counter64,
            qtechIPSecTunOutOctets
                Counter64,
            qtechIPSecTunOutUncompOctets
                Counter64,
            qtechIPSecTunOutPkts
                Counter64, 
            qtechIPSecTunOutSpeed
            	Counter64,
            qtechIPSecTunOutDropPkts
                Counter64        
        }

    qtechIPSecTunInOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of octets received by this IPSec Phase-2 Tunnel.
             This value is accumulated BEFORE determining whether or not the
             packet should be decompressed."
        ::= { qtechIPSecTunnelStatEntry 1 }

    qtechIPSecTunInDecompOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of decompressed octets received by this IPSec
             Phase-2 Tunnel. This value is accumulated AFTER the packet
             is decompressed."
        ::= { qtechIPSecTunnelStatEntry 2 }

    qtechIPSecTunInPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets received by this IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelStatEntry 3 } 
    
    qtechIPSecTunInSpeed OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Speed(bps) of packets received by this IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelStatEntry 4 }

    qtechIPSecTunInDropPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets dropped during receiving process
             by this IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelStatEntry 5 }

    qtechIPSecTunOutOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of octets sent by this IPSec Phase-2 Tunnel.
             This value is accumulated AFTER determining whether or not
             the packet should be compressed."
        ::= { qtechIPSecTunnelStatEntry 6 }

    qtechIPSecTunOutUncompOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of uncompressed octets sent by this IPSec Phase-2
             Tunnel.This value is accumulated BEFORE the packet is compressed."
        ::= { qtechIPSecTunnelStatEntry 7 }

    qtechIPSecTunOutPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets sent by this IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelStatEntry 8 }
    
    qtechIPSecTunOutSpeed OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Speed(bps) of packets sent by this IPSec Phase-2 Tunnel. "
        ::= { qtechIPSecTunnelStatEntry 9 }

    
    qtechIPSecTunOutDropPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets dropped during sending process
             by this IPSec Phase-2 Tunnel."
        ::= { qtechIPSecTunnelStatEntry 10 }

   
-- ===============================================
-- Begin the table of qtechIPSecSaTable.
-- ===============================================

    qtechIPSecSaTable OBJECT-TYPE
        SYNTAX SEQUENCE OF QtechIPSecSaEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The IPSec Phase-2 Security Protection Index Table.  This table
             contains an entry for each active and expiring security association."
        ::= { qtechIPSecObjects 3 }

    qtechIPSecSaEntry OBJECT-TYPE
        SYNTAX QtechIPSecSaEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Information about qtechIPSecSaTable."
        INDEX { qtechIPSecTunRemoteAddr }
        ::= { qtechIPSecSaTable 1 }

    QtechIPSecSaEntry ::=
        SEQUENCE {
            qtechIPSecSaIndex
                Integer32,
            qtechIPSecSaDirection
                INTEGER,
            qtechIPSecSaValue
                Unsigned32,
            qtechIPSecSaProtocol
                QtechSaProtocol,
            qtechIPSecSaEncryptAlgo
                QtechEncryptAlgo,
            qtechIPSecSaAuthAlgo
                QtechAuthAlgo,
            qtechIPSecSaStatus
                QtechIPSecTunnelState
        }

    qtechIPSecSaIndex OBJECT-TYPE
        SYNTAX Integer32 (1..2147483647)
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The number of the Sa associated with the Phase-2 Tunnel
             Table.  The value of this index is a number which begins
             at one and is incremented with each Sa associated with
             an IPSec Phase-2 Tunnel.  The value of this object will
             wrap at 2,147,483,647."
        ::= { qtechIPSecSaEntry 1 }

    qtechIPSecSaDirection OBJECT-TYPE
        SYNTAX INTEGER {
            in(1),
            out(2)
        }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The direction of the SA."
        ::= { qtechIPSecSaEntry 2 }

    qtechIPSecSaValue OBJECT-TYPE
        SYNTAX Unsigned32 (1..4294967295)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The value of the SPI."
        ::= { qtechIPSecSaEntry 3 }

    qtechIPSecSaProtocol OBJECT-TYPE
        SYNTAX QtechSaProtocol
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The security protocol of the SA."
        ::= { qtechIPSecSaEntry 4 }

    qtechIPSecSaEncryptAlgo OBJECT-TYPE
        SYNTAX QtechEncryptAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The encryption algorithm used by the security association
             of the IPSec Phase-2 Tunnel."
        ::= { qtechIPSecSaEntry 5 }

    qtechIPSecSaAuthAlgo OBJECT-TYPE
        SYNTAX QtechAuthAlgo
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The authentication algorithm used by the SA."
        ::= { qtechIPSecSaEntry 6 }

    qtechIPSecSaStatus OBJECT-TYPE
        SYNTAX QtechIPSecTunnelState        
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The status of the SA."
        ::= { qtechIPSecSaEntry 7 }

-- ===============================================
-- Begin the table of qtechIPSecTrafficTable.
-- ===============================================

    qtechIPSecTrafficTable OBJECT-TYPE
        SYNTAX SEQUENCE OF QtechIPSecTrafficEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The IPSec Phase-2 Tunnel Traffic Table. "
        ::= { qtechIPSecObjects 4 }

    qtechIPSecTrafficEntry OBJECT-TYPE
        SYNTAX QtechIPSecTrafficEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Information about qtechIPSecTrafficTable."
        INDEX { qtechIPSecTunRemoteAddr }
        ::= { qtechIPSecTrafficTable 1 }

    QtechIPSecTrafficEntry ::=
        SEQUENCE {
            qtechIPSecTrafficLocalType
                QtechTrafficType,
            qtechIPSecTrafficLocalAddr1
                IpAddress,
            qtechIPSecTrafficLocalAddr2
                IpAddress,
            qtechIPSecTrafficLocalProtocol
                QtechTunnelProtocol,
            qtechIPSecTrafficLocalPort
                Integer32, 
            qtechIPSecTrafficLocalHostname
                DisplayString,
            qtechIPSecTrafficRemoteType
                QtechTrafficType,
            qtechIPSecTrafficRemoteAddr1
                IpAddress,
            qtechIPSecTrafficRemoteAddr2
                IpAddress,
            qtechIPSecTrafficRemoteProtocol
                QtechTunnelProtocol,
            qtechIPSecTrafficRemotePort
                Integer32,
            qtechIPSecTrafficRemoteHostname
                DisplayString
    }

    qtechIPSecTrafficLocalType OBJECT-TYPE
        SYNTAX QtechTrafficType
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The type of local peer. Possible values are: a single
             IP address, or an IP address range, or an IP subnet."
        ::= { qtechIPSecTrafficEntry 1 }

    qtechIPSecTrafficLocalAddr1 OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The first specification of local peer's IP address. If
             the local peer type is single IP address, then this is the
             value of the IP address. If the local peer type is IP subnet,
             then this is the value of the subnet. If the local peer type
             is IP address range, then this is the value of beginning IP
             address of the range."
        ::= { qtechIPSecTrafficEntry 2 }

    qtechIPSecTrafficLocalAddr2 OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The second specification of local peer's IP address. If the local
             peer type is single IP address, then this is the value of the
             IP address. If the local peer type is IP subnet, then this is
             the value of the subnet mask. If the local peer type is IP
             address range, then this is the value of ending IP address of
             the range."
        ::= { qtechIPSecTrafficEntry 3 }
        
    qtechIPSecTrafficLocalProtocol OBJECT-TYPE
        SYNTAX QtechTunnelProtocol
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The protocol number of the local peer's traffic."
        ::= { qtechIPSecTrafficEntry 4 }

    qtechIPSecTrafficLocalPort OBJECT-TYPE
        SYNTAX Integer32 (0..65535)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The port number of the local peer's traffic."
        ::= { qtechIPSecTrafficEntry 5 }
    
    qtechIPSecTrafficLocalHostname OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Hostname of local peer's IP address."
        ::= { qtechIPSecTrafficEntry 6 }

    
    qtechIPSecTrafficRemoteType OBJECT-TYPE
        SYNTAX QtechTrafficType
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The type of remote peer. Possible values are: a single
             IP address, or an IP address range, or an IP subnet."
        ::= { qtechIPSecTrafficEntry 7 }

    qtechIPSecTrafficRemoteAddr1 OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The first specification of remote peer's IP address.
             If the remote peer type is single IP address, then
             this is the value of the IP address. If the remote
             peer type is IP subnet, then this is the value
             of the subnet. If the remote peer type is IP
             address range, then this is the value of beginning
             IP address of the range."
        ::= { qtechIPSecTrafficEntry 8 }

    qtechIPSecTrafficRemoteAddr2 OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Single IP address, then this is the value of the IP
             address. If the remote peer type is IP subnet,
             then this is the value of the subnet mask. If the
             remote peer type is IP address range, then this
             is the value of ending IP address of the range."
        ::= { qtechIPSecTrafficEntry 9 }
          
    qtechIPSecTrafficRemoteProtocol OBJECT-TYPE
        SYNTAX QtechTunnelProtocol
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The protocol number of the remote peer's traffic."
        ::= { qtechIPSecTrafficEntry 10 }

    qtechIPSecTrafficRemotePort OBJECT-TYPE
        SYNTAX Integer32 (0..65535)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The port number of the remote peer's traffic."
        ::= { qtechIPSecTrafficEntry 11 }
    
    qtechIPSecTrafficRemoteHostname OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The Hostname of remote peer's IP address."
        ::= { qtechIPSecTrafficEntry 12 }

-- ===============================================
-- Begin the qtechIPSecGlobalStats.
-- ===============================================

    qtechIPSecGlobalStats OBJECT IDENTIFIER ::= { qtechIPSecObjects 5 }

    qtechIPSecGlobalActiveTunnels OBJECT-TYPE
        SYNTAX Gauge32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of currently active  IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 1 }

    qtechIPSecGlobalActiveSas OBJECT-TYPE
        SYNTAX Gauge32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of currently active or expiring IPSec Phase-2 SA."
        ::= { qtechIPSecGlobalStats 2 }

    qtechIPSecGlobalInOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of octets received by all current and previous
             IPSec Phase-2 Tunnels. This value is accumulated BEFORE determining
             whether or not the packet should be decompressed."
        ::= { qtechIPSecGlobalStats 3 }

    qtechIPSecGlobalInPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets received by all current and
             previous IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 4 }
    
    qtechIPSecGlobalInSpeed OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total speed(bps) of packets received by all current and
             previous IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 5 }
    
    qtechIPSecGlobalInDrops OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets dropped during receiving
             process by all current and previous IPSec Phase-2
             Tunnels. "
        ::= { qtechIPSecGlobalStats 6 }
            
    qtechIPSecGlobalOutOctets OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of octets sent by all current and previous
             IPSec Phase-2 Tunnels. This value is accumulated AFTER
             determining whether or not the packet should be compressed."
        ::= { qtechIPSecGlobalStats 7 }


    qtechIPSecGlobalOutPkts OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets sent by all current and previous
             IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 8 }
      
    qtechIPSecGlobalOutSpeed OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total speed(bps) of packets sent by all current and previous
             IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 9 }
 
     
    qtechIPSecGlobalOutDrops OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The total number of packets dropped during sending process
             by all current and previous IPSec Phase-2 Tunnels."
        ::= { qtechIPSecGlobalStats 10 }

-- ===============================================
-- Begin the qtechIPSecTrapObject.
-- ===============================================

    qtechIPSecTrapObject OBJECT IDENTIFIER ::= { qtechIPSecObjects 6 }

    qtechIPSecMapName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The IPSec map name with a trap."
        ::= { qtechIPSecTrapObject 1 }

    qtechIPSecSeqNum OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The IPSec map sequence number with a trap."
        ::= { qtechIPSecTrapObject 2 }

    qtechIPSecSpiValue OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The SPI value associated with a trap."
        ::= { qtechIPSecTrapObject 3 }


-- ===============================================
-- definition of traps.
-- ===============================================

    qtechIPSecTrap OBJECT IDENTIFIER ::= { qtechIPSecObjects 7 }

    qtechIPSecNotifications OBJECT IDENTIFIER ::= { qtechIPSecTrap 1 }

    qtechIPSecTunnelStart NOTIFICATION-TYPE
        OBJECTS { qtechIPSecTunLocalAddr,
                  qtechIPSecTunRemoteAddr, 
                  qtechIPSecTunLocalHostname,
                  qtechIPSecTunRemoteHostname,
                  qtechIPSecTunLifeTime,
                  qtechIPSecTunLifeSize
                }
        STATUS     current
        DESCRIPTION
            "This notification is generated when an IPSec Phase-2
             Tunnel is created."
        ::= { qtechIPSecNotifications 1 }

    qtechIPSecTunnelStop NOTIFICATION-TYPE
        OBJECTS { qtechIPSecTunLocalAddr,
                  qtechIPSecTunRemoteAddr,
                  qtechIPSecTunLocalHostname,
                  qtechIPSecTunRemoteHostname,
                  qtechIPSecTunActiveTime
                }
        STATUS     current
        DESCRIPTION
            "This notification is generated when an IPSec Phase-2
             Tunnel is deleted."
        ::= { qtechIPSecNotifications 2 }
        
-- ===============================================
-- Conformance Information
-- ===============================================
    qtechIPSecConformance   OBJECT IDENTIFIER
        ::= { qtechIPSecMonitor 2 }
    qtechIPSecCompliances   OBJECT IDENTIFIER
        ::= { qtechIPSecConformance 1 }
    qtechIPSecGroups        OBJECT IDENTIFIER
        ::= { qtechIPSecConformance 2 }

-- ===============================================
-- Compliance Statements
-- ===============================================
    qtechIPSecCompliance MODULE-COMPLIANCE
        STATUS current
        DESCRIPTION
            " "
        MODULE -- this module
        MANDATORY-GROUPS
            {
                qtechIPSecTunnelTableGroup,
                qtechIPSecTunnelStatGroup,
                qtechIPSecSaGroup,
                qtechIPSecTrafficTableGroup,
                qtechIPSecGlobalStatsGroup,
                qtechIPSecTrapObjectGroup,
                qtechIPSecTrapGroup
            }
        ::= { qtechIPSecCompliances 1 }

    qtechIPSecTunnelTableGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecTunIKETunnelIndex,
                    qtechIPSecTunLocalAddr,
                    qtechIPSecTunRemoteAddr,
                    qtechIPSecTunLocalHostname,
                    qtechIPSecTunRemoteHostname,
                    qtechIPSecTunKeyType,
                    qtechIPSecTunEncapMode,
                    qtechIPSecTunInitiator,
                    qtechIPSecTunLifeSize,
                    qtechIPSecTunLifeTime,
                    qtechIPSecTunRemainTime,
                    qtechIPSecTunActiveTime,
                    qtechIPSecTunRemainSize,
                    qtechIPSecTunTotalRefreshes,
                    qtechIPSecTunCurrentSaInstances,
                    qtechIPSecTunInSaEncryptAlgo,
                    qtechIPSecTunInSaAhAuthAlgo,
                    qtechIPSecTunInSaEspAuthAlgo,
                    qtechIPSecTunDiffHellmanGrp,
                    qtechIPSecTunOutSaEncryptAlgo,
                    qtechIPSecTunOutSaAhAuthAlgo,
                    qtechIPSecTunOutSaEspAuthAlgo,
                    --qtechIPSecTunPolicyName,
                    --qtechIPSecTunPolicyNum,
                    qtechIPSecTunStatus
                }
        STATUS current
        DESCRIPTION
            "The group contains the IPSec tunnel's property information."
        ::= { qtechIPSecGroups 1 }

    qtechIPSecTunnelStatGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecTunInOctets,
                    qtechIPSecTunInDecompOctets,
                    qtechIPSecTunInPkts,
                    qtechIPSecTunInSpeed,
                    qtechIPSecTunInDropPkts,
                    qtechIPSecTunOutOctets,
                    qtechIPSecTunOutUncompOctets,
                    qtechIPSecTunOutPkts, 
                    qtechIPSecTunOutSpeed,
                    qtechIPSecTunOutDropPkts     
        		}
        STATUS current
        DESCRIPTION
            "The group contains the IPSec tunnel's statistic information."
        ::= { qtechIPSecGroups 2 }

    qtechIPSecSaGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecSaDirection,
                    qtechIPSecSaValue,
                    qtechIPSecSaProtocol,
                    qtechIPSecSaEncryptAlgo,
                    qtechIPSecSaAuthAlgo,
                    qtechIPSecSaStatus
                }
        STATUS current
        DESCRIPTION
            "The group contains the SA's property information."
        ::= { qtechIPSecGroups 3 }

    qtechIPSecTrafficTableGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecTrafficLocalType,
                    qtechIPSecTrafficLocalAddr1,
                    qtechIPSecTrafficLocalAddr2,
                    qtechIPSecTrafficLocalProtocol,
                    qtechIPSecTrafficLocalPort,
                    qtechIPSecTrafficLocalHostname,
                    qtechIPSecTrafficRemoteType,
                    qtechIPSecTrafficRemoteAddr1,
                    qtechIPSecTrafficRemoteAddr2,
                    qtechIPSecTrafficRemoteProtocol,
                    qtechIPSecTrafficRemotePort,
                    qtechIPSecTrafficRemoteHostname
                }
        STATUS current
        DESCRIPTION
            "The group contains the property information of the
             data flow protected by IPSec tunnel."
        ::= { qtechIPSecGroups 4 }

    qtechIPSecGlobalStatsGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecGlobalActiveTunnels,
                    qtechIPSecGlobalActiveSas,
                    qtechIPSecGlobalInOctets,
                    qtechIPSecGlobalInPkts,
                    qtechIPSecGlobalInDrops,
                    qtechIPSecGlobalInSpeed,                    
                    qtechIPSecGlobalOutOctets,
                    qtechIPSecGlobalOutPkts,
                    qtechIPSecGlobalOutDrops, 
                    qtechIPSecGlobalOutSpeed
                }
        STATUS current
        DESCRIPTION
            "The group contains all of the IPSec tunnel's statistic
             information."
        ::= { qtechIPSecGroups 5 }

    qtechIPSecTrapObjectGroup OBJECT-GROUP
        OBJECTS {
                    qtechIPSecMapName,
                    qtechIPSecSeqNum,
                    qtechIPSecSpiValue
                }
        STATUS current
        DESCRIPTION
            "The group contains all of trap objects of IPSec tunnels."
        ::= { qtechIPSecGroups 6 }

    qtechIPSecTrapGroup NOTIFICATION-GROUP
        NOTIFICATIONS {
                          qtechIPSecTunnelStart,
                          qtechIPSecTunnelStop
                      }
        STATUS current
        DESCRIPTION
            "The group contains all of trap of IPSec tunnels."
        ::= { qtechIPSecGroups 7 }


END

