--MibName=rcPortsecurity
-- *****************************************************************
-- switch-portsecurity-mib.smi:  Raisecom port security MIB file
--
-- 3 2008, chenweiliang
--
-- Copyright (c) 1994-2000, 2001 by Raisecom, Inc.
-- All rights reserved.
-- 
-- *****************************************************************
SWITCH-PORTSECURITY-MIB  DEFINITIONS ::= BEGIN

IMPORTS
	iscomSwitch
		FROM RAISECOM-BASE-MIB
        
	EnableVar
		FROM SWITCH-TC
                
	RowStatus,MacAddress
		FROM SNMPv2-TC;
        
	rcPortsecurity MODULE-IDENTITY
		LAST-UPDATED    "200412200000Z"
		ORGANIZATION    "Raisecom, Inc."
		CONTACT-INFO
                "       Raise Systems
                        
                Postal: Beijing,
                        China

                   Tel: 86-010-82884499

                E-mail: chenweiliang@raisecom.com"
        DESCRIPTION
                "description of port security mac manage object."
                ::= { iscomSwitch 49} 
                
  rcPortSecCfg OBJECT IDENTIFIER ::= { rcPortsecurity 1 }
  rcPortSecTrapGroup OBJECT IDENTIFIER ::= { rcPortsecurity 4 }
-- -------------------------------------------------------------
-- groups in the rcPortsecurity MIB     rcPortSecCfg
-- -------------------------------------------------------------
rcPortSecMacAgingTime OBJECT-TYPE
        SYNTAX INTEGER(0..1440)
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The interval in which the interface is secured.
            After the expiration of the time, the corresponding 
            SecureMacAddress will be removed. If the value of this object is 0, 
            the aging mechanism is disabled."
        ::= { rcPortSecCfg 1}
        
-- -------------------------------------------------------------
-- groups in the rcPortsecurity MIB     rcPortSecTable
-- -------------------------------------------------------------
rcPortSecTable OBJECT-TYPE
		SYNTAX SEQUENCE OF RcPortSecEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "A table of security mac for port and associated properties."
        ::= { rcPortsecurity 2}

rcPortSecEntry OBJECT-TYPE
        SYNTAX RcPortSecEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Table entry for security of port and status information."
        INDEX { rcPortSecIndx }
        ::= { rcPortSecTable 1 }

RcPortSecEntry ::= SEQUENCE {
        rcPortSecIndx								INTEGER,
        rcPortSecEnable							EnableVar,
        rcPortSecMaxAllowedMac			INTEGER,
        rcPortSecMacViolationAction	INTEGER,
        rcPortSecShutUp							INTEGER,
        rcPortSecMacStickyEnable		EnableVar,
        rcPortSecTrapEnable					EnableVar,
        rcPortSecMacDel							INTEGER,
        rcPortSecCurMacNum					INTEGER,
        rcPortSecMaxMacs						INTEGER,
        rcPortSecMacViolations			INTEGER,
        rcPortSecViolationStatus		INTEGER,
        rcPortSecLastAccessMacAddress		MacAddress,
        rcPortSecLastAccessMacVlan			INTEGER,
        rcPortSecLastAgingMacAddress		MacAddress,
        rcPortSecLastAgingMacVlan   		INTEGER,  
        rcPortSecLastDelMacAddress          MacAddress,
        rcPortSecLastDelMacVlan             INTEGER,
        rcPortSecLastDelMacFlag             INTEGER
}

rcPortSecIndx OBJECT-TYPE
          SYNTAX    INTEGER 
          ACCESS    not-accessible
          STATUS    current
          DESCRIPTION
                 "The index port number."
          ::= { rcPortSecEntry 1 } 

rcPortSecEnable OBJECT-TYPE
          SYNTAX    EnableVar 
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "The port security status."
          ::= { rcPortSecEntry 2 } 
          
rcPortSecMaxAllowedMac OBJECT-TYPE
          SYNTAX    INTEGER (1..1024)
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "The maximum number of MAC addresses to be secured on the interface.
                 when  configuration value is larger than rcPortSecCurMacNum, 
                 the result return wrong,so please check the rcPortSecCurMacNum firstly."
          ::= { rcPortSecEntry 3 } 
          
rcPortSecMacViolationAction OBJECT-TYPE
          SYNTAX    INTEGER (1..3)
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "Determines the action that the device will take if the traffic matches 
                 the port security violation."
          ::= { rcPortSecEntry 4 } 

rcPortSecShutUp OBJECT-TYPE
          SYNTAX    INTEGER (0..1)
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "This object indicates the shut up of security port.."
          ::= { rcPortSecEntry 5 } 
          
rcPortSecMacStickyEnable OBJECT-TYPE
          SYNTAX    EnableVar 
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "Set to 'true' to enable and 'false' to disable Sticky port security feature on this interface.  
                 Enabling this feature allows the device to secure learned MAC addresses on this interface permanently. 
                 In order to remove the sticky addresses on this interface, 
                 user has to manually delete the sticky MAC address(es) or disable the sticky feature itself."
          ::= { rcPortSecEntry 6 } 
          
rcPortSecTrapEnable OBJECT-TYPE
          SYNTAX    EnableVar 
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "This object indicates the VLAN where the last MAC address that is seen on this interface. 
                 This object is also used as a variable in the cpsIfVlanSecureMacAddrViolation notification 
                 to contain the value of the VLAN received the mac address which caused the violation."
          ::= { rcPortSecEntry 7 } 
          
rcPortSecMacDel OBJECT-TYPE
          SYNTAX    INTEGER(1..4) 
          ACCESS    read-write
          STATUS    current
          DESCRIPTION
                 "It indicates that it can delete security mac address.
                 1 indicates configuration security mac,
                 2 indicates dynamic security mac,
                 3 indicates sticky security mac.
                 4 indicates all security mac,"
          ::= { rcPortSecEntry 8 }          

rcPortSecCurMacNum OBJECT-TYPE
          SYNTAX    INTEGER (1..1024)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "The current number of MAC addresses secured on this interface."
          ::= { rcPortSecEntry 9 } 

rcPortSecMaxMacs OBJECT-TYPE
          SYNTAX    INTEGER (1..1024)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "The history mac max of MAC addresses secured on this interface."
          ::= { rcPortSecEntry 10 } 
          
rcPortSecMacViolations OBJECT-TYPE
          SYNTAX    INTEGER (1..65535)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the number of violations occurred on a secure interface.  
                 The counter will be initialized to zero when the port security feature is enabled on an interface."
          ::= { rcPortSecEntry 11 } 
          
rcPortSecViolationStatus OBJECT-TYPE
          SYNTAX    INTEGER (1..2)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object represents the operational status of the port security feature on an interface. 
									secureup(1) - This indicates port security is operational.
									shutdown(2) - This indicates that the port is shutdown due to port security violation 
											when the object rcPortSecMacViolationAction is of type 'shutdown'."
          ::= { rcPortSecEntry 12 } 
          
rcPortSecLastAccessMacAddress OBJECT-TYPE
          SYNTAX    MacAddress 
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the last MAC address that is seen on this interface. 
                 This object is also used as a variable to contain the value of the MAC address 
                 which caused the violation."
          ::= { rcPortSecEntry 13 } 
          
rcPortSecLastAccessMacVlan OBJECT-TYPE
          SYNTAX    INTEGER (1..4094)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the VLAN where the last MAC address that is seen on this interface. 
                 This object is also used as a variable in the cpsIfVlanSecureMacAddrViolation notification
                  to contain the value of the VLAN received the mac address which caused the violation."
          ::= { rcPortSecEntry 14 }   
          
rcPortSecLastAgingMacAddress OBJECT-TYPE
          SYNTAX    MacAddress 
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the last aging MAC address that is seen on this interface.
                 This object is also used as a variable in the rcPortSecAgingTrap notification to 
                 contain the value of the MAC address which caused the aging trap. "
          ::= { rcPortSecEntry 15 } 

rcPortSecLastAgingMacVlan OBJECT-TYPE
          SYNTAX    INTEGER (1..4094)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the VLAN where the last aging MAC address that is seen on this interface. 
                 This object is also used as a variable in the rcPortSecAgingTrap notification to contain the
                  value of the VLAN related to the mac address which caused the aging."
          ::= { rcPortSecEntry 16 }  
          
rcPortSecLastDelMacAddress OBJECT-TYPE
          SYNTAX    MacAddress 
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the last deleted MAC address that is seen on this interface.
                 This object is also used as a variable in the rcPortSecDelTrap notification to 
                 contain the value of the MAC address which caused the deletion trap. "
          ::= { rcPortSecEntry 17 }   
          
rcPortSecLastDelMacVlan OBJECT-TYPE
          SYNTAX    INTEGER (1..4094)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the VLAN where the last deleted MAC address that is seen on this interface. 
                 This object is also used as a variable in the rcPortSecDelTrap notification to contain the
                  value of the VLAN related to the mac address which caused the deletion."
          ::= { rcPortSecEntry 18 } 
          
rcPortSecLastDelMacFlag OBJECT-TYPE
          SYNTAX    INTEGER {
                    static(1),
                    dynamic(2),
                    sticky(3)
                    }
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates if the last deleted secure MAC address is a configured 'static' or 
                 learned 'dynamic' or learned and retained across reboots 'sticky'."
          ::= { rcPortSecEntry 19 } 
        
-- -------------------------------------------------------------
-- groups in the rcPortsecurity MIB     rcPortSecMacTable
-- -------------------------------------------------------------
rcPortSecMacTable OBJECT-TYPE
		SYNTAX SEQUENCE OF RcPortSecMacEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "A table of security mac for mac and vlan."
        ::= { rcPortsecurity 3}
        
rcPortSecMacEntry OBJECT-TYPE
        SYNTAX RcPortSecMacEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Table entry for security mac information."
        INDEX {rcPortSecVlan , rcPortSecMac}
        ::= { rcPortSecMacTable 1 }

RcPortSecMacEntry ::= SEQUENCE {
        rcPortSecVlan								INTEGER,
        rcPortSecMac 								MacAddress,
        rcPortSecPort								INTEGER,
        rcPortSecFlag								INTEGER, 
        rcPortSecAgingTm						INTEGER, 
        rcPortSecRowStatus					RowStatus
}

rcPortSecVlan OBJECT-TYPE
          SYNTAX    INTEGER (1..4094)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the vlan configured on an interface."
          ::= { rcPortSecMacEntry 1 } 
          
rcPortSecMac OBJECT-TYPE
          SYNTAX    MacAddress
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates the mac configured on an interface."
          ::= { rcPortSecMacEntry 2 } 
          
rcPortSecPort OBJECT-TYPE
          SYNTAX    INTEGER
          ACCESS    read-create
          STATUS    current
          DESCRIPTION
                 "This object indicates on which port a secure MAC address configured or learned."
          ::= { rcPortSecMacEntry 3 } 
          
rcPortSecFlag OBJECT-TYPE
          SYNTAX    INTEGER 
          			{
                    static(1),
                    dynamic(2),
                    sticky(3)
                    }
          ACCESS    read-create
          STATUS    current
          DESCRIPTION
                 "This object indicates if the secure MAC address is a configured 'static' or 
                 learned 'dynamic' or learned and retained across reboots 'sticky'."
          ::= { rcPortSecMacEntry 4 } 
          
rcPortSecAgingTm OBJECT-TYPE
          SYNTAX    INTEGER (0..1440)
          ACCESS    read-only
          STATUS    current
          DESCRIPTION
                 "This object indicates that this MAC should be delate after 'rcPortSecAgingTm' vaule."
          ::= { rcPortSecMacEntry 5 } 
          
rcPortSecRowStatus OBJECT-TYPE
          SYNTAX    RowStatus
          ACCESS    read-create
          STATUS    current
          DESCRIPTION
                 "The status of this entry."
          ::= { rcPortSecMacEntry 6 } 

-- -------------------------------------------------------------
-- groups in the rcPortsecurity MIB     rcPortSecTrapGroup
-- -------------------------------------------------------------
rcPortSecLearningTrap  NOTIFICATION-TYPE
				OBJECTS { rcPortSecVlan,rcPortSecMac,rcPortSecPort,rcPortSecFlag }
				STATUS  current
				DESCRIPTION
					"Port security learning trap."
				::= { rcPortSecTrapGroup 1 } 
				
rcPortSecViolationTrap   NOTIFICATION-TYPE
				OBJECTS { rcPortSecLastAccessMacAddress,rcPortSecLastAccessMacVlan }
				STATUS  current
				DESCRIPTION
					"Security mac violation trap."
				::= { rcPortSecTrapGroup 2 } 		

rcPortSecAgingTrap   NOTIFICATION-TYPE
				OBJECTS { rcPortSecLastAgingMacAddress,rcPortSecLastAgingMacVlan }
				STATUS  current
				DESCRIPTION
					"Mac aging happens."
				::= { rcPortSecTrapGroup 3 }    
				
rcPortSecDelTrap   NOTIFICATION-TYPE
				OBJECTS { rcPortSecLastDelMacAddress,rcPortSecLastDelMacVlan,rcPortSecLastDelMacFlag }
				STATUS  current
				DESCRIPTION
					"Mac deletion happens."
				::= { rcPortSecTrapGroup 4 }  

END