mibs/huawei/HUAWEI-ATK-MIB
-- =================================================================
-- Copyright (C) 2003 by HUAWEI TECHNOLOGIES. All rights reserved
--
-- Description: Huawei Attack defence MIB, this MIB is for firewall and router
-- Reference:
-- Version: V1.0
-- History:
--
-- V1.20 2005-05-30 Wei Rixi(22510) added mplsVpnVrfName as table index,
-- Added DEFVAL to hwAtkIcmpLength, hwAtkIPSynFloodSynSpeed.
-- V1.10 2004-06-30 Xin Jianfeng(37631) altered the region of
-- hwAtkZoneSynFloodSynSpeed, hwAtkIPSynFloodHalfMax to 0~1000000,
-- hwAtkZoneSynFloodHalfAge to 0~65535
-- V1.00 2003-03-18 Yang Yinzhu(28193) initial version
-- =================================================================
HUAWEI-ATK-MIB DEFINITIONS ::= BEGIN
IMPORTS
OBJECT-GROUP
FROM SNMPv2-CONF
IpAddress, Integer32, OBJECT-TYPE, MODULE-IDENTITY
FROM SNMPv2-SMI
TruthValue, RowStatus
FROM SNMPv2-TC
mplsVpnVrfName
FROM MPLS-VPN-MIB
hwDatacomm
FROM HUAWEI-MIB;
hwATKComm MODULE-IDENTITY
LAST-UPDATED "200304110900Z" -- April 11, 2003 at 09:00 GMT
ORGANIZATION
"Huawei Technologies co.,Ltd."
CONTACT-INFO
"
R&D BeiJing, Huawei Technologies co.,Ltd.
Huawei Bld.,NO.3 Xinxi Rd.,
Shang-Di Information Industry Base,
Hai-Dian District Beijing P.R. China
Zip:100085
Http://www.huawei.com
E-mail:support@huawei.com
"
DESCRIPTION
"
V1.00
The HUAWEI-ATK-MIB contains objects to
manage the ATCKDF(Attack Defence)
configuration for all products.
"
::= { hwATK 1 }
--
-- Node definitions
--
-- 1.3.6.1.4.1.2011.5.25.10
hwATK OBJECT IDENTIFIER ::= { hwDatacomm 10 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1
hwAtkGlobalMibObjects OBJECT IDENTIFIER ::= { hwATKComm 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.1
hwAtkIpSpoofingSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting IP spoofing attack."
::= { hwAtkGlobalMibObjects 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.2
hwAtkLandSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting Land attack."
::= { hwAtkGlobalMibObjects 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.3
hwAtkSmurfSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting Smurf attack."
::= { hwAtkGlobalMibObjects 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.4
hwAtkFraggleSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting Fraggle attack."
::= { hwAtkGlobalMibObjects 4 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.5
hwAtkWinNukeSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting WinNuke attack."
::= { hwAtkGlobalMibObjects 5 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.6
hwAtkIcmpRedirectSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking ICMP re-direction packets."
::= { hwAtkGlobalMibObjects 6 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.7
hwAtkIcmpUnReachSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking ICMP unreachable packets."
::= { hwAtkGlobalMibObjects 7 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.8
hwAtkSourceRouteSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking packets with source route option."
::= { hwAtkGlobalMibObjects 8 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.9
hwAtkRouteRecordSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking packets with route record option."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 9 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.10
hwAtkTracertSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking packets of tracert."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 10 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.11
hwAtkTcpFlagSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting the flag of TCP packets."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 11 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.12
hwAtkPingOfDeathSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting ping-of-death attack."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 12 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.13
hwAtkTeardropSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting teardrop attack."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 13 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.14
hwAtkFragFlagSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting the flag for fragment."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 14 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.15
hwAtkIPSweepSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting IP sweep attack."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 15 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.16
hwAtkIpSweepSpeed OBJECT-TYPE
SYNTAX Integer32 (0..10000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum speed of IP sweeping."
::= { hwAtkGlobalMibObjects 16 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.17
hwAtkIPSweepBlsTime OBJECT-TYPE
SYNTAX Integer32 (0..1000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time to add a host to blacklist when find it is sweeping."
::= { hwAtkGlobalMibObjects 17 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.18
hwAtkPortScanSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting port scan attack."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 18 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.19
hwAtkPortScanSpeed OBJECT-TYPE
SYNTAX Integer32 (0..10000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum speed of port scanning."
::= { hwAtkGlobalMibObjects 19 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.20
hwAtkPortScanBlsTime OBJECT-TYPE
SYNTAX Integer32 (0..1000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time to add a host to blacklist when find it is scanning port."
::= { hwAtkGlobalMibObjects 20 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.21
hwAtkLargeIcmpSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether blocking large icmp packets."
DEFVAL { 0 }
::= { hwAtkGlobalMibObjects 21 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.22
hwAtkIcmpLength OBJECT-TYPE
SYNTAX Integer32 (8..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum length of ICMP packets allowed to pass the system."
DEFVAL { 4000 }
::= { hwAtkGlobalMibObjects 22 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.23
hwAtkSynFloodSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting SYN flooding attack."
DEFVAL { false }
::= { hwAtkGlobalMibObjects 23 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.24
hwAtkUdpFloodSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting UDP flooding attack."
DEFVAL { false }
::= { hwAtkGlobalMibObjects 24 }
-- 1.3.6.1.4.1.2011.5.25.10.1.1.25
hwAtkIcmpFloodSw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The switch indicates whether inspecting ICMP flooding attack."
DEFVAL { false }
::= { hwAtkGlobalMibObjects 25 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2
hwAtkIPMibObjects OBJECT IDENTIFIER ::= { hwATKComm 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1
hwAtkSynFloodIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAtkSynFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table define the parameters of SYN flood defence for hosts."
::= { hwAtkIPMibObjects 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1
hwAtkSynFloodIPEntry OBJECT-TYPE
SYNTAX HwAtkSynFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" "
INDEX { mplsVpnVrfName, hwAtkSynFloodIP }
::= { hwAtkSynFloodIPTable 1 }
HwAtkSynFloodIPEntry ::=
SEQUENCE {
hwAtkSynFloodIP
IpAddress,
hwAtkIPSynFloodSynSpeed
Integer32,
hwAtkIPSynFloodHalfMax
Integer32,
hwAtkIPSynFloodHalfAge
Integer32,
hwAtkIPSynFloodProxy
INTEGER,
hwAtkIPSynFloodStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.1
hwAtkSynFloodIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP address of host to be protected."
::= { hwAtkSynFloodIPEntry 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.2
hwAtkIPSynFloodSynSpeed OBJECT-TYPE
SYNTAX Integer32 (0..1000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum speed of SYN packets to the host.
when the speed of SYN packets to the host reach the maximum,
system will start the TCP proxy."
DEFVAL { 1000 }
::= { hwAtkSynFloodIPEntry 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.3
hwAtkIPSynFloodHalfMax OBJECT-TYPE
SYNTAX Integer32 (0..10000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum incomplete connection for the host."
::= { hwAtkSynFloodIPEntry 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.4
hwAtkIPSynFloodHalfAge OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The age of TCP incomplete connections."
DEFVAL { 20 }
::= { hwAtkSynFloodIPEntry 4 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.5
hwAtkIPSynFloodProxy OBJECT-TYPE
SYNTAX INTEGER
{
auto(1),
on(2),
off(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The switch of TCP proxy, this switch decides the action of proxy.
The switch has three status: auto, on, off."
DEFVAL { auto }
::= { hwAtkSynFloodIPEntry 5 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.1.1.6
hwAtkIPSynFloodStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of a row, can be CreateAndGo or Destroy currently."
::= { hwAtkSynFloodIPEntry 6 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.2
hwAtkUdpFloodIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAtkUdpFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table define the parameters of UDP flood defence for hosts."
::= { hwAtkIPMibObjects 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.2.1
hwAtkUdpFloodIPEntry OBJECT-TYPE
SYNTAX HwAtkUdpFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" "
INDEX { mplsVpnVrfName, hwAtkUdpFloodIP }
::= { hwAtkUdpFloodIPTable 1 }
HwAtkUdpFloodIPEntry ::=
SEQUENCE {
hwAtkUdpFloodIP
IpAddress,
hwAtkIPUdpFloodSpeed
Integer32,
hwAtkIPUdpFloodStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.25.10.1.2.2.1.1
hwAtkUdpFloodIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP address of host to be protected."
::= { hwAtkUdpFloodIPEntry 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.2.1.2
hwAtkIPUdpFloodSpeed OBJECT-TYPE
SYNTAX Integer32 (0..1000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"
The maximum speed of UDP packets to the host.
when the speed of UDP packets to the host reach the maximum,
system will drop the subsequent UDP packets to this host,
until the speed decline to 80 percent of the maximum.
"
DEFVAL { 1000 }
::= { hwAtkUdpFloodIPEntry 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.2.1.3
hwAtkIPUdpFloodStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of a row, can be CreateAndGo or Destroy currently."
::= { hwAtkUdpFloodIPEntry 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.3
hwAtkIcmpFloodIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAtkIcmpFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table define the parameters of ICMP flood defence for hosts."
::= { hwAtkIPMibObjects 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.3.1
hwAtkIcmpFloodIPEntry OBJECT-TYPE
SYNTAX HwAtkIcmpFloodIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" "
INDEX { mplsVpnVrfName, hwAtkIcmpFloodIP }
::= { hwAtkIcmpFloodIPTable 1 }
HwAtkIcmpFloodIPEntry ::=
SEQUENCE {
hwAtkIcmpFloodIP
IpAddress,
hwAtkIPIcmpFloodSpeed
Integer32,
hwAtkIPIcmpFloodStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.25.10.1.2.3.1.1
hwAtkIcmpFloodIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP address of host to be protected."
::= { hwAtkIcmpFloodIPEntry 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.3.1.2
hwAtkIPIcmpFloodSpeed OBJECT-TYPE
SYNTAX Integer32 (0..1000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"
The maximum speed of ICMP packets to the host.
when the speed of ICMP packets to the host reach the maximum,
system will drop the subsequent ICMP packets to this host,
until the speed decline to 80 percent of the maximum.
"
DEFVAL { 1000 }
::= { hwAtkIcmpFloodIPEntry 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.2.3.1.3
hwAtkIPIcmpFloodStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of a row, can be CreateAndGo or Destroy currently."
::= { hwAtkIcmpFloodIPEntry 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3
hwAtkCommConformance OBJECT IDENTIFIER ::= { hwATKComm 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.1
hwAtkCommCompliance OBJECT IDENTIFIER ::= { hwAtkCommConformance 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.2
hwAtkCommMibGroups OBJECT IDENTIFIER ::= { hwAtkCommConformance 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.2.1
hwAtkGlobalCfgGroup OBJECT-GROUP
OBJECTS {
hwAtkIpSpoofingSw,
hwAtkLandSw,
hwAtkSmurfSw,
hwAtkFraggleSw,
hwAtkWinNukeSw,
hwAtkIcmpRedirectSw,
hwAtkIcmpUnReachSw,
hwAtkSourceRouteSw,
hwAtkRouteRecordSw,
hwAtkTracertSw,
hwAtkTcpFlagSw,
hwAtkPingOfDeathSw,
hwAtkTeardropSw,
hwAtkFragFlagSw,
hwAtkIPSweepSw,
hwAtkIpSweepSpeed,
hwAtkIPSweepBlsTime,
hwAtkPortScanSw,
hwAtkPortScanSpeed,
hwAtkPortScanBlsTime,
hwAtkLargeIcmpSw,
hwAtkIcmpLength,
hwAtkSynFloodSw,
hwAtkUdpFloodSw,
hwAtkIcmpFloodSw
}
STATUS current
DESCRIPTION
"Description."
::= { hwAtkCommMibGroups 1 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.2.2
hwAtkCommSynFloodGroup OBJECT-GROUP
OBJECTS {
hwAtkIPSynFloodSynSpeed,
hwAtkIPSynFloodHalfMax,
hwAtkIPSynFloodHalfAge,
hwAtkIPSynFloodProxy,
hwAtkIPSynFloodStatus
}
STATUS current
DESCRIPTION
"Description."
::= { hwAtkCommMibGroups 2 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.2.3
hwAtkCommUdpFloodGroup OBJECT-GROUP
OBJECTS {
hwAtkIPUdpFloodSpeed,
hwAtkIPUdpFloodStatus }
STATUS current
DESCRIPTION
"Description."
::= { hwAtkCommMibGroups 3 }
-- 1.3.6.1.4.1.2011.5.25.10.1.3.2.4
hwAtkCommIcmpFloodGroup OBJECT-GROUP
OBJECTS { hwAtkIPIcmpFloodSpeed, hwAtkIPIcmpFloodStatus }
STATUS current
DESCRIPTION
"Description."
::= { hwAtkCommMibGroups 4 }
END