diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/dlink/DLINKSW-DAI-MIB | |
| download | mibs-main.tar.gz mibs-main.zip | |
Diffstat (limited to 'MIBS/dlink/DLINKSW-DAI-MIB')
| -rw-r--r-- | MIBS/dlink/DLINKSW-DAI-MIB | 1057 |
1 files changed, 1057 insertions, 0 deletions
diff --git a/MIBS/dlink/DLINKSW-DAI-MIB b/MIBS/dlink/DLINKSW-DAI-MIB new file mode 100644 index 0000000..6c7ab29 --- /dev/null +++ b/MIBS/dlink/DLINKSW-DAI-MIB @@ -0,0 +1,1057 @@ +-- *****************************************************************
+-- DLINKSW-DAI-MIB: Dynamic ARP inspection MIB
+--
+-- Copyright (c) 2013 D-Link Corporation, all rights reserved.
+--
+-- *****************************************************************
+
+DLINKSW-DAI-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ MODULE-IDENTITY,
+ Gauge32,
+ Integer32,
+ Unsigned32,
+ Counter64,
+ IpAddress,
+ OBJECT-TYPE
+ FROM SNMPv2-SMI
+
+ MODULE-COMPLIANCE,
+ OBJECT-GROUP
+ FROM SNMPv2-CONF
+
+ TruthValue,
+ MacAddress,
+ DateAndTime,
+ RowStatus,
+ DisplayString,
+ TEXTUAL-CONVENTION
+ FROM SNMPv2-TC
+
+ ifIndex,
+ InterfaceIndex
+ FROM IF-MIB
+
+ InetAddressIPv4
+ FROM INET-ADDRESS-MIB
+
+ VlanId,
+ VlanIdOrNone
+ FROM Q-BRIDGE-MIB
+
+ Dlink2kVlanList
+ FROM DLINKSW-TC-MIB
+
+ dlinkIndustrialCommon
+ FROM DLINK-ID-REC-MIB;
+
+dlinkSwDynamicArpInspectionMIB MODULE-IDENTITY
+ LAST-UPDATED "201307180000Z"
+ ORGANIZATION "D-Link Corp."
+ CONTACT-INFO
+ " D-Link Corporation
+
+ Postal: No. 289, Sinhu 3rd Rd., Neihu District,
+ Taipei City 114, Taiwan, R.O.C
+ Tel: +886-2-66000123
+ E-mail: tsd@dlink.com.tw
+ "
+ DESCRIPTION
+ "This MIB module defines objects for Dynamic ARP Inspection."
+ REVISION "201307180000Z"
+ DESCRIPTION
+ "This is the first version of the MIB file.
+ "
+ ::= { dlinkIndustrialCommon 130 }
+
+
+--
+-- Rule Type textual convention
+--
+ DaiRuleType ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The action type when the packets match the access profile.
+
+ permit(1)- Indicates that packets that match the access profile are
+ permitted to be forwarded by the switch.
+ deny(2) - Indicates that packets that match the access profile
+ are not permitted to be forwarded by the switch and will be filtered.
+ "
+ SYNTAX INTEGER {
+ permit(1),
+ deny(2)
+ }
+
+-- -----------------------------------------------------------------------------
+ dDaiNotifications OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 0 }
+ dDaiObjects OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 1 }
+ dDaiConformance OBJECT IDENTIFIER ::= { dlinkSwDynamicArpInspectionMIB 2 }
+
+-- -----------------------------------------------------------------------------
+ dDaiGlobal OBJECT IDENTIFIER ::= { dDaiObjects 1 }
+ dDaiVlan OBJECT IDENTIFIER ::= { dDaiObjects 2 }
+ dDaiInterface OBJECT IDENTIFIER ::= { dDaiObjects 3 }
+ dDaiStatistics OBJECT IDENTIFIER ::= { dDaiObjects 4 }
+
+ dDaiAclCfg OBJECT IDENTIFIER ::= { dDaiObjects 5 }
+
+
+-- -----------------------------------------------------------------------------
+ dDaiAddressValidate OBJECT-TYPE
+ SYNTAX BITS {
+ srcMacAddress(0),
+ dstMacAddress(1),
+ ip(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object specifies address validation criteria
+ used by Dynamic ARP Inspection feature.
+
+ 'srcMacAddress' - indicates that source MAC address in
+ ethernet header is checked against the sender MAC address
+ in ARP packet. When this bit is on, packets with different
+ MAC addresses are classified as invalid packets and are
+ dropped. This checking is done for both ARP request and
+ ARP response packet.
+
+ 'dstMacAddress' indicates that the destination MAC address
+ in ethernet header is checked against the target MAC address
+ in ARP packet. When this bit is on, packets with different
+ addresses are classified as invalid packets and are dropped.
+ This checking is done for ARP response packet only.
+
+ 'ip' indicates that the IP addresses in ARP packet are checked
+ for invalid or unexpected IP addresses. Addresses such as
+ 0.0.0.0, 255.255.255.255 and all IP multicast addresses are
+ considered invalid. When this bit is on, both the sender
+ and target IP addresses in the ARP packet are checked. This
+ checking is done for both ARP request and response packet.
+ "
+ ::= { dDaiGlobal 1 }
+
+ dDaiLogBufferSize OBJECT-TYPE
+ SYNTAX Unsigned32
+ UNITS "entries"
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object specifies the buffer entry number."
+ ::= { dDaiGlobal 2 }
+
+ dDaiClearLogBuffer OBJECT-TYPE
+ SYNTAX INTEGER {
+ clear(1),
+ noOp(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object clears all entries in dDaiLoggingBufferTable
+ , when set to 'clear'.
+ No action is taken if this object is set to 'noOp'.
+ When read, the value 'noOp' is returned."
+ ::= { dDaiGlobal 3 }
+
+
+-- -----------------------------------------------------------------------------
+ dDaiLogBufferTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiLogBufferEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table provides the information of logged ARP flows
+ for system message generation."
+ ::= { dDaiGlobal 4 }
+
+ dDaiLogBufferEntry OBJECT-TYPE
+ SYNTAX DDaiLogBufferEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry contains logged ARP flow data for system
+ message generation. Entries in the log are cleared once
+ system messages are generated on their behalf.
+ A special entry will be populated for accounting drops of
+ all flows that result in exceeding the number of entries
+ of the log buffer. This special entry only contains packets
+ counter and timestamps information."
+ INDEX { dDaiLogBufferIndex }
+ ::= { dDaiLogBufferTable 1 }
+
+ DDaiLogBufferEntry ::= SEQUENCE {
+ dDaiLogBufferIndex Unsigned32,
+ dDaiLogBufferInterface InterfaceIndex,
+ dDaiLogBufferVlan VlanIdOrNone,
+ dDaiLogBufferSenderMacAddress MacAddress,
+ dDaiLogBufferSenderIpAddress InetAddressIPv4,
+ dDaiLogBufferLastUpdate DateAndTime,
+ dDaiLogBufferPacketsCount Gauge32
+ }
+
+ dDaiLogBufferIndex OBJECT-TYPE
+ SYNTAX Unsigned32 (1..65535)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This object uniquely identifies a logged ARP flow in the buffer."
+ ::= { dDaiLogBufferEntry 1 }
+
+ dDaiLogBufferInterface OBJECT-TYPE
+ SYNTAX InterfaceIndex
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the interface which sent the logged
+ ARP flow."
+ ::= { dDaiLogBufferEntry 2 }
+
+ dDaiLogBufferVlan OBJECT-TYPE
+ SYNTAX VlanIdOrNone
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the VLAN ID which the logged
+ ARP flow belongs to."
+ ::= { dDaiLogBufferEntry 3 }
+
+ dDaiLogBufferSenderMacAddress OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the sender MAC address of the logged
+ ARP flow. All zeros MAC address value indicates the
+ special entry."
+ ::= { dDaiLogBufferEntry 4 }
+
+ dDaiLogBufferSenderIpAddress OBJECT-TYPE
+ SYNTAX InetAddressIPv4
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the sender Internet address
+ of the logged ARP flow. The type of this address is
+ determined by the value of dDaiLogBufferSenderAddressType
+ object. All zeros IP address value indicates the
+ special entry."
+ ::= { dDaiLogBufferEntry 5 }
+
+ dDaiLogBufferLastUpdate OBJECT-TYPE
+ SYNTAX DateAndTime
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the timestamp when the last packet
+ of this flow was accounted by the system."
+ ::= { dDaiLogBufferEntry 6 }
+
+ dDaiLogBufferPacketsCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of packets of this ARP flow
+ was accounted by the system."
+ ::= { dDaiLogBufferEntry 7 }
+
+-- -----------------------------------------------------------------------------
+ dDaiVlanCrlFirst2K OBJECT-TYPE
+ SYNTAX Dlink2kVlanList
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object specifies the Dynamic ARP Inspection enabled VLAN in a
+ string of octets containing one bit per VLAN for VLANs 1 to 2048.
+ If the bit is set to '1', then the VLAN is enabled for Dynamic ARP
+ Inspection."
+ ::= { dDaiVlan 1 }
+
+ dDaiVlanCrlSecond2K OBJECT-TYPE
+ SYNTAX Dlink2kVlanList
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object specifies the Dynamic ARP Inspection enabled VLAN in a
+ string of octets containing one bit per VLAN for VLANs 2049 to 4094.
+ If the bit is set to '1', then the VLAN is enabled for Dynamic ARP
+ Inspection."
+ ::= { dDaiVlan 2 }
+
+-- -----------------------------------------------------------------------------
+ dDaiVlanCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiVlanCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table contains a list of configuration for Dynamic ARP
+ Inspection per VLAN. "
+ ::= { dDaiVlan 3 }
+
+ dDaiVlanCfgEntry OBJECT-TYPE
+ SYNTAX DDaiVlanCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A row instance contains the Dynamic ARP inspection
+ configuration for a specific VLAN in the device."
+ INDEX { dDaiVlanCfgId }
+ ::= { dDaiVlanCfgTable 1 }
+
+ DDaiVlanCfgEntry ::= SEQUENCE {
+ dDaiVlanCfgId VlanId,
+ dDaiVlanFilterArpAclName DisplayString,
+ dDaiVlanFilterArpAclStatic TruthValue,
+ dDaiVlanAclLogging BITS,
+ dDaiVlanDhcpBindingLogging BITS,
+ dDaiVlanCfgRowStatus RowStatus
+ }
+
+ dDaiVlanCfgId OBJECT-TYPE
+ SYNTAX VlanId
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This object indicates the VLAN ID of the entry."
+ ::= { dDaiVlanCfgEntry 1 }
+
+ dDaiVlanFilterArpAclName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object specifies an ARP ACL name that is used to check
+ the validity of the bindings information in ARP body.
+ An empty string indicates that the ARP ACL is not configured
+ on the VLAN."
+ DEFVAL { "" }
+ ::= { dDaiVlanCfgEntry 2 }
+
+ dDaiVlanFilterArpAclStatic OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates whether drop the packet if the
+ IP-to-Ethernet MAC binding pair is not permitted by the arp ACL.
+ This object does not take effect if value of
+ dDaiVlanFilterArpAclName on the row is an empty string.
+
+ 'true' indicates the implicit denied packet is dropped and ARP packet
+ is not compared against DHCP bindings information.
+
+ 'false' indicates if ARP packet is not explicitly classified by ARP
+ ACL, it will be compared against DHCP bindings information."
+ DEFVAL { false }
+ ::= { dDaiVlanCfgEntry 3 }
+
+ dDaiVlanAclLogging OBJECT-TYPE
+ SYNTAX BITS {
+ permit(0),
+ deny(1)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the logging criteria for packets that are
+ dropped or permitted based on ACL matches.
+
+ 'permit' - indicates that logging is performed when packets
+ is permitted by the configured ACL.
+
+ 'deny' - indicates that logging is performed when packets
+ is denied by the configured ACL.
+ "
+ DEFVAL { {deny} }
+ ::= { dDaiVlanCfgEntry 4 }
+
+ dDaiVlanDhcpBindingLogging OBJECT-TYPE
+ SYNTAX BITS {
+ permit(0),
+ deny(1)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object specifies the logging criteria when
+ ARP packets is compared against DHCP bindings information.
+
+ 'permit' - indicates that logging is performed for packets that
+ are permitted as a result of comparing with DHCP bindings
+ information.
+
+ 'deny' - indicates that logging is performed for packets that
+ are denied as a result of comparing with DHCP bindings
+ information.
+ "
+ DEFVAL { { deny } }
+ ::= { dDaiVlanCfgEntry 5 }
+
+ dDaiVlanCfgRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The status of this conceptual row entry. This object
+ is used to manage creation and deletion of rows in this
+ table."
+ ::= { dDaiVlanCfgEntry 99 }
+
+-- -----------------------------------------------------------------------------
+ dDaiIfConfigTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiIfConfigEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table provides the mechanism to configure the trust
+ state for Dynamic ARP Inspection purpose at each
+ interface capable of this feature.
+ "
+ ::= { dDaiInterface 1 }
+
+ dDaiIfConfigEntry OBJECT-TYPE
+ SYNTAX DDaiIfConfigEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A row instance contains the configuration to enable or
+ disable trust state for Dynamic ARP Inspection at each
+ interface capable of this feature."
+ INDEX { ifIndex }
+ ::= { dDaiIfConfigTable 1 }
+
+ DDaiIfConfigEntry ::= SEQUENCE {
+ dDaiIfTrustEnabled TruthValue
+ }
+
+ dDaiIfTrustEnabled OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object indicates whether the interface is trusted for
+ Dynamic ARP Inspection purpose.
+
+ If this object is set to 'true', the interface is trusted.
+ ARP packets coming to this interface will be forwarded
+ without Dynamic ARP inspection.
+
+ If this object is set to 'false', the interface is not
+ trusted. ARP packets coming to this interface will be
+ subjected to ARP inspection."
+ ::= { dDaiIfConfigEntry 1 }
+
+-- -----------------------------------------------------------------------------
+ dDaiIfRateLimitTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiIfRateLimitEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table provides the mechanism to configure the rate limit
+ for Dynamic ARP Inspection purpose at each interface
+ capable of this feature."
+ ::= { dDaiInterface 2 }
+
+ dDaiIfRateLimitEntry OBJECT-TYPE
+ SYNTAX DDaiIfRateLimitEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A row instance contains the configuration of rate limit
+ Dynamic ARP Inspection at each interface capable
+ of this feature."
+ INDEX { ifIndex }
+ ::= { dDaiIfRateLimitTable 1 }
+
+ DDaiIfRateLimitEntry ::= SEQUENCE {
+ dDaiIfRateLimit Unsigned32,
+ dDaiIfBurstInterval Unsigned32
+ }
+
+ dDaiIfRateLimit OBJECT-TYPE
+ SYNTAX Unsigned32
+ UNITS "packet per second"
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object indicates rate limit value for Dynamic ARP
+ Inspection purpose. If the incoming rate of ARP packets
+ exceeds the value of this object, ARP packets will be
+ dropped. "
+ ::= { dDaiIfRateLimitEntry 1 }
+
+ dDaiIfBurstInterval OBJECT-TYPE
+ SYNTAX Unsigned32
+ UNITS "second"
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object indicates the length of the burst duration
+ of the ARP packets that is allowed.
+ When the rate of ARP packet per second exceeds the limitation
+ and the condition sustain for the configured burst duration,
+ the interface will be put in error disable state.
+ "
+ ::= { dDaiIfRateLimitEntry 2 }
+
+-- -----------------------------------------------------------------------------
+ dDaiVlanStatsTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiVlanStatsEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table lists the Dynamic Arp Inspection statistics per VLAN."
+ ::= { dDaiStatistics 1 }
+
+ dDaiVlanStatsEntry OBJECT-TYPE
+ SYNTAX DDaiVlanStatsEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A row instance contains Dynamic ARP Inspection statistics
+ information for each VLAN."
+ INDEX { dDaiVlanStatsIndex }
+ ::= { dDaiVlanStatsTable 1 }
+
+ DDaiVlanStatsEntry ::= SEQUENCE {
+ dDaiVlanStatsIndex VlanId,
+ dDaiVlanForwarded Counter64,
+ dDaiVlanDropped Counter64,
+ dDaiVlanAclPermitted Counter64,
+ dDaiVlanDhcpBindingsPermitted Counter64,
+ dDaiVlanAclDenied Counter64,
+ dDaiVlanDhcpBindingDenied Counter64,
+ dDaiVlanSrcMacValidationFailures Counter64,
+ dDaiVlanDstMacValidationFailures Counter64,
+ dDaiVlanIpValidationFailures Counter64,
+ dDaiVlanStatsClear INTEGER
+ }
+
+ dDaiVlanStatsIndex OBJECT-TYPE
+ SYNTAX VlanId
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This object indicates the VLAN ID of the entry."
+ ::= { dDaiVlanStatsEntry 1 }
+
+ dDaiVlanForwarded OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets forwarded by
+ Dynamic Arp Inspection feature."
+ ::= { dDaiVlanStatsEntry 2 }
+
+ dDaiVlanDropped OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets dropped by
+ Dynamic ARP Inspection feature."
+ ::= { dDaiVlanStatsEntry 3 }
+
+ dDaiVlanAclPermitted OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets permitted by
+ the configured ACL."
+ ::= { dDaiVlanStatsEntry 4 }
+
+ dDaiVlanDhcpBindingsPermitted OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets that are permitted
+ by DHCP snooping binding database."
+ ::= { dDaiVlanStatsEntry 5 }
+
+ dDaiVlanAclDenied OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets denied by the
+ associating ACL."
+ ::= { dDaiVlanStatsEntry 6 }
+
+ dDaiVlanDhcpBindingDenied OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets that are dropped by
+ DHCP snooping binding database."
+ ::= { dDaiVlanStatsEntry 7 }
+
+ dDaiVlanSrcMacValidationFailures OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets that fail
+ source MAC address validation."
+ ::= { dDaiVlanStatsEntry 8 }
+
+ dDaiVlanDstMacValidationFailures OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets that fail
+ destination MAC address validation."
+ ::= { dDaiVlanStatsEntry 9 }
+
+ dDaiVlanIpValidationFailures OBJECT-TYPE
+ SYNTAX Counter64
+ UNITS "packets"
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of ARP packets that fail
+ IP validation."
+ ::= { dDaiVlanStatsEntry 10 }
+
+ dDaiVlanStatsClear OBJECT-TYPE
+ SYNTAX INTEGER {
+ clear(1),
+ noOp(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object clears the counters in the same row when set to
+ 'clear'.
+ No action is taken if this object is set to 'noOp'.
+ When read, the value 'noOp' is returned."
+ ::= { dDaiVlanStatsEntry 99 }
+
+ dDaiVlanStatsClearAll OBJECT-TYPE
+ SYNTAX INTEGER {
+ clear(1),
+ noOp(2)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "This object clears the counters of all entries in
+ dDaiVlanStatsTable, when set to 'clear'.
+ No action is taken if this object is set to 'noOp'.
+ When read, the value 'noOp' is returned."
+ ::= { dDaiStatistics 2 }
+
+-- -----------------------------------------------------------------------------
+ dDaiArpAccessListNumber OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of entries present in the ARP
+ access list table."
+ ::= { dDaiAclCfg 1 }
+
+ dDaiArpAccessListTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiArpAccessListEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The table contains information about ARP access list."
+ ::= { dDaiAclCfg 2 }
+
+ dDaiArpAccessListEntry OBJECT-TYPE
+ SYNTAX DDaiArpAccessListEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry defined in dDaiArpAccessListTable. An entry is
+ created/removed when an ARP access list is created/deleted."
+ INDEX { dDaiArpAccessListName }
+ ::= { dDaiArpAccessListTable 1 }
+
+ DDaiArpAccessListEntry ::= SEQUENCE {
+ dDaiArpAccessListName DisplayString,
+ dDaiArpAccessListRowStatus RowStatus
+ }
+
+ dDaiArpAccessListName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE (1..32))
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The name of the ARP access list."
+ ::= { dDaiArpAccessListEntry 1 }
+
+ dDaiArpAccessListRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object allows the dynamic creation and deletion of an ARP
+ access list."
+ ::= { dDaiArpAccessListEntry 99 }
+
+
+-- -----------------------------------------------------------------------------
+ dDaiArpAccessRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF DDaiArpAccessRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table consists of a list of rules for the ARP access list."
+ ::= { dDaiAclCfg 3 }
+
+ dDaiArpAccessRuleEntry OBJECT-TYPE
+ SYNTAX DDaiArpAccessRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry is defined dDaiArpAccessRuleTable.
+ The first instance identifier index value identifies the
+ dDaiArpAccessListEntry that a ARP access rule (dDaiArpAccessRuleEntry)
+ belongs to. An entry is removed from this table when its
+ corresponding dDaiArpAccessListEntry is deleted."
+ INDEX {
+ dDaiArpAccessListName,
+ dDaiArpAccessRuleSn
+ }
+ ::= { dDaiArpAccessRuleTable 1 }
+
+ DDaiArpAccessRuleEntry ::= SEQUENCE {
+ dDaiArpAccessRuleSn Integer32,
+ dDaiArpAccessRuleRowStatus RowStatus,
+ dDaiArpAccessRuleAction DaiRuleType,
+ dDaiArpAccessRuleSenderMacAddr MacAddress,
+ dDaiArpAccessRuleSenderMacMask MacAddress,
+ dDaiArpAccessRuleSenderAddr IpAddress,
+ dDaiArpAccessRuleSenderAddrMask IpAddress
+ }
+
+ dDaiArpAccessRuleSn OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Specifies the sequence number of the rule. A lower number represents
+ a higher priority.
+ The special value of 0 means the priority will be automatically determined
+ by the agent."
+ ::= { dDaiArpAccessRuleEntry 1 }
+
+ dDaiArpAccessRuleRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The row status variable, used according to installation
+ and removal conventions for conceptual rows."
+ ::= { dDaiArpAccessRuleEntry 2 }
+
+ dDaiArpAccessRuleAction OBJECT-TYPE
+ SYNTAX DaiRuleType
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the result of the packet examination is to permit or deny.
+ "
+ ::= { dDaiArpAccessRuleEntry 3 }
+
+ dDaiArpAccessRuleSenderMacAddr OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the ARP sender MAC address of the entry."
+ ::= { dDaiArpAccessRuleEntry 4 }
+
+ dDaiArpAccessRuleSenderMacMask OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object is a mask bitmap to specify a group of source
+ MAC addresses. The bit value 1 indicates the corresponding bit will
+ be checked. The bit value 0 indicates the corresponding bit will be
+ ignored. In other words, when the value of all '00'Hs indicates any ARP
+ sender MAC address is specified. When the value of all 'ff'Hs indicates
+ host ARP sender MAC address is specified."
+ ::= { dDaiArpAccessRuleEntry 5 }
+
+ dDaiArpAccessRuleSenderAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the ARP sender IP address of the entry."
+ ::= { dDaiArpAccessRuleEntry 6 }
+
+ dDaiArpAccessRuleSenderAddrMask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object is a mask bitmap to specify a group of source IP
+ addresses. The bit value 1 indicates the corresponding bit will
+ be checked. The bit value 0 indicates the corresponding bit will be
+ ignored. In other words, when the value of all '00'Hs indicates any
+ ARP sender address is specified. When the value of all 'ff'Hs indicates
+ host ARP sender address is specified."
+ ::= { dDaiArpAccessRuleEntry 7 }
+
+
+-- Conformance
+
+dDaiMIBCompliances
+ OBJECT IDENTIFIER ::= { dDaiConformance 1 }
+
+dDaiMIBGroups
+ OBJECT IDENTIFIER ::= { dDaiConformance 2 }
+
+dDaiMIBCompliance MODULE-COMPLIANCE
+ STATUS current
+ DESCRIPTION
+ "The compliance statement for DLINKSW-DAI-MIB"
+ MODULE
+ MANDATORY-GROUPS {
+ dDaiIfConfigGroup
+ }
+
+ GROUP dDaiVlanCtrlGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ enabling Dynamic ARP Inspection per VLAN."
+
+ GROUP dDaiVlanCfgGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ enabling Dynamic ARP Inspection per VLAN."
+
+ GROUP dDaiLoggingConfigGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ enabling Dynamic ARP Inspection logging at the device level."
+
+ GROUP dDaiIfRateLimitGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ Dynamic ARP Inspection rate limit per interface."
+
+ GROUP dDaiAddressValidationGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ address validation configuration."
+
+ GROUP dDaiLogBufferGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ log buffer information for Dynamic ARP Inspection feature."
+
+ GROUP dDaiVlanStatisticsGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ Dynamic ARP Inspection statistics per VLAN."
+
+ GROUP dDaiAclGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ static ARP inspection configuration."
+
+ GROUP dDaiClearStatsGroup
+ DESCRIPTION
+ "This group is mandatory only for the platform which supports
+ clear ARP inspection statistics."
+
+ OBJECT dDaiVlanFilterArpAclName
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ OBJECT dDaiVlanFilterArpAclStatic
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ OBJECT dDaiVlanCfgRowStatus
+ SYNTAX INTEGER {
+ active(1)
+ }
+ WRITE-SYNTAX INTEGER {
+ createAndGo(4),
+ destroy(6)
+ }
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Read-create access is not required."
+
+ OBJECT dDaiIfTrustEnabled
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ OBJECT dDaiLogBufferSize
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ OBJECT dDaiAddressValidate
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ OBJECT dDaiClearLogBuffer
+ MIN-ACCESS read-only
+ DESCRIPTION
+ "Write access is not required."
+
+ ::= { dDaiMIBCompliances 1 }
+
+-- Units of Conformance
+
+-- dDaiGlobalGroup
+
+dDaiVlanCtrlGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiVlanCrlFirst2K,
+ dDaiVlanCrlSecond2K
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing configuration regarding the Dynamic
+ ARP Inspection feature per VLAN."
+ ::= { dDaiMIBGroups 1 }
+
+dDaiIfConfigGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiIfTrustEnabled
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects which are used to configure as
+ well as show information regarding the interface trust
+ state for Dynamic ARP Inspection purpose."
+ ::= { dDaiMIBGroups 2 }
+
+dDaiIfRateLimitGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiIfRateLimit,
+ dDaiIfBurstInterval
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects which are used to configure as
+ well as show information regarding the rate limit per
+ interface for Dynamic ARP Inspection purpose."
+ ::= { dDaiMIBGroups 3 }
+
+dDaiLoggingConfigGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiLogBufferSize
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing logging configuration
+ for Dynamic ARP Inspection feature."
+ ::= { dDaiMIBGroups 4 }
+
+dDaiAddressValidationGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiAddressValidate
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing address validation
+ configuration for Dynamic ARP Inspection feature."
+ ::= { dDaiMIBGroups 5 }
+
+dDaiVlanCfgGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiVlanFilterArpAclName,
+ dDaiVlanFilterArpAclStatic,
+ dDaiVlanAclLogging,
+ dDaiVlanDhcpBindingLogging,
+ dDaiVlanCfgRowStatus
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing additional VLAN
+ configuration for Dynamic ARP Inspection feature."
+ ::= { dDaiMIBGroups 6 }
+
+dDaiVlanStatisticsGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiVlanForwarded,
+ dDaiVlanDropped,
+ dDaiVlanAclPermitted,
+ dDaiVlanDhcpBindingsPermitted,
+ dDaiVlanAclDenied,
+ dDaiVlanDhcpBindingDenied,
+ dDaiVlanSrcMacValidationFailures,
+ dDaiVlanDstMacValidationFailures,
+ dDaiVlanIpValidationFailures
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing Dynamic ARP Inspection
+ statistics per VLAN."
+ ::= { dDaiMIBGroups 7 }
+
+dDaiLogBufferGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiClearLogBuffer,
+ dDaiLogBufferInterface,
+ dDaiLogBufferVlan,
+ dDaiLogBufferSenderMacAddress,
+ dDaiLogBufferSenderIpAddress,
+ dDaiLogBufferLastUpdate,
+ dDaiLogBufferPacketsCount
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing logging information or control
+ for Dynamic ARP Inspection feature."
+ ::= { dDaiMIBGroups 8 }
+
+dDaiAclGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiArpAccessListNumber,
+ dDaiArpAccessListRowStatus,
+ dDaiArpAccessRuleRowStatus,
+ dDaiArpAccessRuleAction,
+ dDaiArpAccessRuleSenderMacAddr,
+ dDaiArpAccessRuleSenderMacMask,
+ dDaiArpAccessRuleSenderAddr,
+ dDaiArpAccessRuleSenderAddrMask
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing ARP access-list configuration."
+ ::= { dDaiMIBGroups 9 }
+
+dDaiClearStatsGroup OBJECT-GROUP
+ OBJECTS {
+ dDaiVlanStatsClear,
+ dDaiVlanStatsClearAll
+ }
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing clear the Dynamic Arp Inspection statistics."
+ ::= { dDaiMIBGroups 10 }
+
+END
+
+
|