-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Trend Micro, Inc.
-- Copyright information is in the DESCRIPTION section of the MODULE-IDENTITY.
-- 
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

TPT-TSE-MIB

DEFINITIONS ::= BEGIN

IMPORTS
  MODULE-IDENTITY, OBJECT-TYPE, 
  Unsigned32
    FROM SNMPv2-SMI

  TEXTUAL-CONVENTION
    FROM SNMPv2-TC

  tpt-tpa-objs
    FROM TPT-TPAMIBS-MIB
  ;

tpt-tse MODULE-IDENTITY
  LAST-UPDATED "201605251854Z" -- May 25, 2016
  ORGANIZATION "Trend Micro, Inc."
  CONTACT-INFO "www.trendmicro.com"
  DESCRIPTION
    "Threat Suppression Engine information.

     Copyright (C) 2016 Trend Micro Incorporated. All Rights Reserved.
     
     Trend Micro makes no warranty of any kind with regard to this material,
     including, but not limited to, the implied warranties of merchantability
     and fitness for a particular purpose. Trend Micro shall not be liable for
     errors contained herein or for incidental or consequential damages in
     connection with the furnishing, performance, or use of this material. This
     document contains proprietary information, which is protected by copyright. No
     part of this document may be photocopied, reproduced, or translated into
     another language without the prior written consent of Trend Micro. The
     information is provided 'as is' without warranty of any kind and is subject to
     change without notice. The only warranties for Trend Micro products and
     services are set forth in the express warranty statements accompanying such
     products and services. Nothing herein should be construed as constituting an
     additional warranty. Trend Micro shall not be liable for technical or editorial
     errors or omissions contained herein. TippingPoint(R), the TippingPoint logo, and
     Digital Vaccine(R) are registered trademarks of Trend Micro. All other company
     and product names may be trademarks of their respective holders. All rights
     reserved. This document contains confidential information, trade secrets or
     both, which are the property of Trend Micro. No part of this documentation may
     be reproduced in any form or by any means or used to make any derivative work
     (such as translation, transformation, or adaptation) without written permission
     from Trend Micro or one of its subsidiaries. All other company and product
     names may be trademarks of their respective holders.
    "

  REVISION "201605251854Z" -- May 25, 2016 
  DESCRIPTION "Updated copyright information. Minor MIB syntax fixes."
      
  ::= { tpt-tpa-objs 7 }

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
-- Textual conventions for statistical reports
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

PolicyState ::= TEXTUAL-CONVENTION
  STATUS      current
  DESCRIPTION 
    "A selection from a set of networking protocols detected by a policy."
  SYNTAX      INTEGER { invalid(0), normal(3), system-disabled(4)  }


-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
--
--  Variable definitions
--
-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


-- Adaptive filter configuration top ten list

topTenAdaptFilterTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF TopTenAdaptFilterEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Adaptive filter configuration top ten list."
  ::= { tpt-tse 1 } 

topTenAdaptFilterEntry OBJECT-TYPE
  SYNTAX      TopTenAdaptFilterEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the adaptive filter configuration top ten list.
     Rows cannot be created or deleted.
    "
  INDEX       { topTenAdaptFilterRank }
  ::= { topTenAdaptFilterTable 1 }

TopTenAdaptFilterEntry ::= SEQUENCE {
  topTenAdaptFilterRank      Unsigned32 (1..10),
  adaptFilterName            OCTET STRING (SIZE (0..80)),
  adaptFilterUUID            OCTET STRING (SIZE (0..40)),
  adaptFilterSegment         OCTET STRING (SIZE (0..80)),
  adaptFilterProfile         OCTET STRING (SIZE (0..128)),
  adaptFilterEnabledState    PolicyState,
  adaptFilterSigID           OCTET STRING (SIZE (0..40))
}

topTenAdaptFilterRank OBJECT-TYPE
  SYNTAX      Unsigned32 (1..10)
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The numerical ranking 1 through 10 in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 1 }

adaptFilterName OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..80))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The human-readable name of a filter in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 2 }

adaptFilterUUID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The global identifier of a filter in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 3 }

adaptFilterSegment OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..80))
  MAX-ACCESS  read-only
  STATUS      deprecated
  DESCRIPTION
    "The applicable segment of a filter in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 4 }

adaptFilterEnabledState OBJECT-TYPE
  SYNTAX      PolicyState
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The state of a filter in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 5 }

adaptFilterSigID OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The global identifier of a signature in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 7 }

adaptFilterProfile OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The profile name of a filter in the adaptive filter top ten list."
  ::= { topTenAdaptFilterEntry 8 }


-- Table of connection blocks

connectionBlockTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF ConnectionBlockEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of connections corresponding to blocked streams."
  ::= { tpt-tse 2 } 

connectionBlockEntry OBJECT-TYPE
  SYNTAX      ConnectionBlockEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the connection block table.  
     Rows cannot be created or deleted.
    "
  INDEX       { connectionBlockIndex }
  ::= { connectionBlockTable 1 }

ConnectionBlockEntry ::= SEQUENCE {
  connectionBlockIndex      Unsigned32 (1..50),
  connectionBlockSrcAddr    OCTET STRING (SIZE (0..20)),
  connectionBlockSrcPort    Unsigned32,
  connectionBlockDestAddr   OCTET STRING (SIZE (0..20)),
  connectionBlockDestPort   Unsigned32,
  connectionBlockProtocol   OCTET STRING (SIZE (0..20)),
  connectionBlockPort       OCTET STRING (SIZE (0..128)),
  connectionBlockReason     OCTET STRING (SIZE (0..40)),
  connectionBlockSrcAddrV6  OCTET STRING (SIZE (0..60)),
  connectionBlockDestAddrV6 OCTET STRING (SIZE (0..60))
}

connectionBlockIndex OBJECT-TYPE
  SYNTAX      Unsigned32 (1..50)
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An index into the table of connections corresponding to blocked streams."
  ::= { connectionBlockEntry 1 }

connectionBlockSrcAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IP address of a connection."
  ::= { connectionBlockEntry 2 }

connectionBlockSrcAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IPv6 address of a connection."
  ::= { connectionBlockEntry 9 }

connectionBlockSrcPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source port of a connection."
  ::= { connectionBlockEntry 3 }

connectionBlockDestAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IP address of a connection."
  ::= { connectionBlockEntry 4 }

connectionBlockDestAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IPv6 address of a connection."
  ::= { connectionBlockEntry 10 }

connectionBlockDestPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination port of a connection."
  ::= { connectionBlockEntry 5 }

connectionBlockProtocol OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The transmission protocol of a connection."
  ::= { connectionBlockEntry 6 }

connectionBlockPort OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of the security zone pair whose incoming data caused the block."
  ::= { connectionBlockEntry 7 }

connectionBlockReason OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of the signature that caused the block."
  ::= { connectionBlockEntry 8 }


-- Other connection block information

connectionBlockTotalCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of connections corresponding to blocked streams.
     Only the first 50 are contained in the connection block table."
  ::= { tpt-tse 3 }


-- Table of rate limit streams

rateLimitStreamTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF RateLimitStreamEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of rate limit streams."
  ::= { tpt-tse 4 } 

rateLimitStreamEntry OBJECT-TYPE
  SYNTAX      RateLimitStreamEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the rate limit stream table.  
     Rows cannot be created or deleted.
    "
  INDEX       { rateLimitStreamIndex }
  ::= { rateLimitStreamTable 1 }

RateLimitStreamEntry ::= SEQUENCE {
  rateLimitStreamIndex      Unsigned32 (1..50),
  rateLimitStreamSrcAddr    OCTET STRING (SIZE (0..20)),
  rateLimitStreamSrcPort    Unsigned32,
  rateLimitStreamDestAddr   OCTET STRING (SIZE (0..20)),
  rateLimitStreamDestPort   Unsigned32,
  rateLimitStreamProtocol   OCTET STRING (SIZE (0..20)),
  rateLimitStreamPort       OCTET STRING (SIZE (0..8)),
  rateLimitStreamReason     OCTET STRING (SIZE (0..40)),
  rateLimitStreamSrcAddrV6  OCTET STRING (SIZE (0..60)),
  rateLimitStreamDestAddrV6 OCTET STRING (SIZE (0..60))
}

rateLimitStreamIndex OBJECT-TYPE
  SYNTAX      Unsigned32 (1..50)
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An index into the rate limit stream table."
  ::= { rateLimitStreamEntry 1 }

rateLimitStreamSrcAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IP address of a rate limit."
  ::= { rateLimitStreamEntry 2 }

rateLimitStreamSrcAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IPv6 address of a rate limit."
  ::= { rateLimitStreamEntry 9 }

rateLimitStreamSrcPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source port of a rate limit."
  ::= { rateLimitStreamEntry 3 }

rateLimitStreamDestAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IP address of a rate limit."
  ::= { rateLimitStreamEntry 4 }

rateLimitStreamDestAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IPv6 address of a rate limit."
  ::= { rateLimitStreamEntry 10 }

rateLimitStreamDestPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination port of a rate limit."
  ::= { rateLimitStreamEntry 5 }

rateLimitStreamProtocol OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The transmission protocol of a rate limit."
  ::= { rateLimitStreamEntry 6 }

rateLimitStreamPort OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..8))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The port on which the stream originated."
  ::= { rateLimitStreamEntry 7 }

rateLimitStreamReason OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of the rate limiter."
  ::= { rateLimitStreamEntry 8 }


-- Other rate limit stream information

rateLimitStreamTotalCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of rate limit streams.
     Only the first 50 are contained in the rate limit stream table."
  ::= { tpt-tse 5 }


-- Table of connection trusts

connectionTrustTable OBJECT-TYPE
  SYNTAX      SEQUENCE OF ConnectionTrustEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "Table of connections corresponding to trusted streams."
  ::= { tpt-tse 6 } 

connectionTrustEntry OBJECT-TYPE
  SYNTAX      ConnectionTrustEntry
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An entry in the connection trust table.  
     Rows cannot be created or deleted.
    "
  INDEX       { connectionTrustIndex }
  ::= { connectionTrustTable 1 }

ConnectionTrustEntry ::= SEQUENCE {
  connectionTrustIndex      Unsigned32 (1..50),
  connectionTrustSrcAddr    OCTET STRING (SIZE (0..20)),
  connectionTrustSrcPort    Unsigned32,
  connectionTrustDestAddr   OCTET STRING (SIZE (0..20)),
  connectionTrustDestPort   Unsigned32,
  connectionTrustProtocol   OCTET STRING (SIZE (0..20)),
  connectionTrustPort       OCTET STRING (SIZE (0..128)),
  connectionTrustReason     OCTET STRING (SIZE (0..40)),
  connectionTrustSrcAddrV6  OCTET STRING (SIZE (0..60)),
  connectionTrustDestAddrV6 OCTET STRING (SIZE (0..60))
}

connectionTrustIndex OBJECT-TYPE
  SYNTAX      Unsigned32 (1..50)
  MAX-ACCESS  not-accessible
  STATUS      current
  DESCRIPTION
    "An index into the table of connections corresponding to trusted streams."
  ::= { connectionTrustEntry 1 }

connectionTrustSrcAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IP address of a trusted connection."
  ::= { connectionTrustEntry 2 }

connectionTrustSrcAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source IPv6 address of a trusted connection."
  ::= { connectionTrustEntry 9 }

connectionTrustSrcPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The source port of a trusted connection."
  ::= { connectionTrustEntry 3 }

connectionTrustDestAddr OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IP address of a trusted connection."
  ::= { connectionTrustEntry 4 }

connectionTrustDestAddrV6 OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..60))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination IPv6 address of a trusted connection."
  ::= { connectionTrustEntry 10 }

connectionTrustDestPort OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The destination port of a trusted connection."
  ::= { connectionTrustEntry 5 }

connectionTrustProtocol OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..20))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The transmission protocol of a trusted connection."
  ::= { connectionTrustEntry 6 }

connectionTrustPort OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..128))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The name of the security zone pair whose incoming data caused the trust."
  ::= { connectionTrustEntry 7 }

connectionTrustReason OBJECT-TYPE
  SYNTAX      OCTET STRING (SIZE (0..40))
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The UUID of the signature that caused the trust."
  ::= { connectionTrustEntry 8 }


-- Other connection trust information

connectionTrustTotalCount OBJECT-TYPE
  SYNTAX      Unsigned32
  MAX-ACCESS  read-only
  STATUS      current
  DESCRIPTION
    "The total number of connections corresponding to trusted streams.
     Only the first 50 are contained in the connection trust table."
  ::= { tpt-tse 7 }


END

