diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/screenos/NETSCREEN-POLICY-MIB | |
| download | mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.tar.gz mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.zip | |
Diffstat (limited to 'MIBS/screenos/NETSCREEN-POLICY-MIB')
| -rw-r--r-- | MIBS/screenos/NETSCREEN-POLICY-MIB | 583 |
1 files changed, 583 insertions, 0 deletions
diff --git a/MIBS/screenos/NETSCREEN-POLICY-MIB b/MIBS/screenos/NETSCREEN-POLICY-MIB new file mode 100644 index 0000000..682d293 --- /dev/null +++ b/MIBS/screenos/NETSCREEN-POLICY-MIB @@ -0,0 +1,583 @@ +-- This module defines enterprise MIBs for Policy Monitoring +-- +-- Copyright (c) 1999-2004, Juniper Networks, Inc. +-- All rights reserved. + +NETSCREEN-POLICY-MIB DEFINITIONS ::= BEGIN + +IMPORTS + netscreenPolicy + FROM NETSCREEN-SMI + Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE + FROM SNMPv2-SMI + DisplayString + FROM SNMPv2-TC + ; + +netscreenPolicyMibModule MODULE-IDENTITY + LAST-UPDATED "200405032022Z" -- May 03, 2004 + ORGANIZATION + "Juniper Networks, Inc." + CONTACT-INFO + "Customer Support + + 1194 North Mathilda Avenue + Sunnyvale, California 94089-1206 + USA + + Tel: 1-800-638-8296 + E-mail: customerservice@juniper.net + HTTP://www.juniper.net" + DESCRIPTION + "This module defines NetScreen private MIBs for Policy + Monitoring" + REVISION "200405030000Z" -- May 03, 2004 + DESCRIPTION + "Modified copyright and contact information" + REVISION "200403030000Z" -- March 03, 2004 + DESCRIPTION + "Converted to SMIv2 by Longview Software" + REVISION "200308130000Z" -- August 13, 2003 + DESCRIPTION + "No Comment" + REVISION "200105140000Z" -- May 14, 2001 + DESCRIPTION + "Creation Date" + ::= { netscreenPolicy 0 } + +NsPlyEntry ::= SEQUENCE +{ + nsPlyId Integer32, + nsPlyVsys Integer32, + nsPlySrcZone DisplayString, + nsPlyDstZone DisplayString, + nsPlySrcAddr DisplayString, + nsPlyDstAddr DisplayString, + nsPlyService INTEGER, + nsPlyAction INTEGER, + nsPlyNat INTEGER, + nsPlyFixPort INTEGER, + nsPlyDipId Integer32, + nsPlyVpnTunnel DisplayString, + nsPlyL2tpTunnel DisplayString, + nsPlyAuth INTEGER, + nsPlyLogEnable INTEGER, + nsPlyCountEnable INTEGER, + nsPlyAlarmBPS Integer32, + nsPlyAlarmBPM Integer32, + nsPlySchedule DisplayString, + nsPlyTrafficShapeEnable INTEGER, + nsPlyTrafficPriority INTEGER, + nsPlyDSEnable INTEGER, + nsPlyActiveStatus INTEGER, + nsPlyName DisplayString, + nsPlyServiceName DisplayString +} + +NsPlyMonEntry ::= SEQUENCE +{ + nsPlyMonId Integer32, + nsPlyMonVsys Integer32, + nsPlyMonPackPerSec Integer32, + nsPlyMonPackPerMin Integer32, + nsPlyMonTotalPacket Counter32, + nsPlyMonBytePerSec Integer32, + nsPlyMonBytePerMin Integer32, + nsPlyMonTotalByte Counter32, + nsPlyMonSessionPerSec Integer32, + nsPlyMonSessionPerMin Integer32, + nsPlyMonTotalSession Counter32 +} + +nsPlyTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A firewall provides a network boundary with a single point of + entry and exit-a choke point.You can screen and direct all that + traffic through the implementation of a set of access policies. + Access policies allow you to permit, deny, encrypt, + authenticate, prioritize, schedule, and monitor the traffic + attemption to cross your firewall. This table collects all the + policy configuration information existing in NetScreen + Device." + ::= { netscreenPolicy 1 } + +-- applicable only to release before 6.3 +--nsPlyEntry OBJECT-TYPE +-- SYNTAX NsPlyEntry +-- MAX-ACCESS not-accessible +-- STATUS current +-- DESCRIPTION +-- "Each entry in the nsPlyTable holds a set of configuration +-- parameters associatied with an instance of policy." +-- INDEX +-- { nsPlyId, nsPlyVsys } +-- ::= { nsPlyTable 1 } + +-- applicable since 6.3 release, for pr439626 +nsPlyEntry OBJECT-TYPE + SYNTAX NsPlyEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry in the nsPlyTable holds a set of configuration + parameters associatied with an instance of policy." + INDEX + { nsPlyVsys, nsPlyId } + ::= { nsPlyTable 1 } + + + +nsPlyId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Each policy is identified by a unique policy ID." + ::= { nsPlyEntry 1 } + +nsPlyVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Vitural system's name this polic entry belongs to." + ::= { nsPlyEntry 2 } + +nsPlySrcZone OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic through a firewall means that traffic flows from one + security zone to another. This object describes the source zone + name traffic flow passes." + ::= { nsPlyEntry 3 } + +nsPlyDstZone OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic through a firewall means that traffic flows from one + security zone to another. This object describes the destination + zone name traffic flow passes." + ::= { nsPlyEntry 4 } + +nsPlySrcAddr OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Addresses are objects that identify network devices such as + hosts and networks by their location in relation to the + firwall on which security zone.To create an access policy for + specific addresses, you must first create entries for the + relevant hosts and networks in the address book.Source IP + address indicates the address in source zone, 0.0.0.0 means any + address." + ::= { nsPlyEntry 5 } + +nsPlyDstAddr OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Addresses are objects that identify network devices such as + hosts and networks by their location in relation to the + firwall-on which security zone.To create an access policy for + specific addresses, you must first create entries for the + relevant hosts and networks in the address book.Source IP + address indicates the address in destination zone, 0.0.0.0 + means any address." + ::= { nsPlyEntry 6 } + +nsPlyService OBJECT-TYPE + SYNTAX INTEGER { + any(0), + aol(1), + bgp(2), + dpcp-relay(3), + dns(4), + finger(5), + ftp(6), + ftp-get(7), + ftp-put(8), + gopher(9), + h323(10), + http(11), + https(12), + icmp-info(13), + icmp-timestamp(14), + ike(15), + imap(16), + internet-locator-service(17), + irc(18), + l2tp(19), + ldap(20), + mail(21), + netmeeting(22), + nfs(23), + nntp(24), + ns-global(25), + ns-global-pro(26), + ntp(27), + ospf(28), + pc-anywhere(29), + ping(30), + pop3(31), + pptp(32), + real-media(33), + rip(34), + rlogin(35), + snmp(36), + ssh(37), + syslog(38), + talk(39), + tcp-any(40), + telnet(41), + tftp(42), + traceroute(43), + udp-any(44), + uucp(45), + vdo-live(46), + wais(47), + winframe(48), + x-windows(49), + other(50) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sevices are objects that identify application protocols using + layer 4 information such as standard and accepted TCP and UDP + port numbers for application services like Telnet, FTP, SMTP + and HTTP. This object indicates all the traffic service type + this policy allows. 'Any' means all this policy allows all + service go through. 'Other' could be a configured service or + not in the list. See nsPlyServiceName for service name." + ::= { nsPlyEntry 7 } + +nsPlyAction OBJECT-TYPE + SYNTAX INTEGER { + deny(0), + permit(1), + tunnel(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Actions objects that describe what the firewall does to the + traffic it receives. Permit allows the packet to pass the + firewall. Deny blocks the packet from traversing the firewall. + Tunnel encapsulates outgoing IP packets and decapsulates + incoming IP packets." + ::= { nsPlyEntry 8 } + +nsPlyNat OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "You can apply NAT at the interface level or at the policy + level. With policy-based NAT, you can translate the source + address on either incoming or outging network and VPN traffic. + This object indicates if this is a policy-based NAT." + ::= { nsPlyEntry 9 } + +nsPlyFixPort OBJECT-TYPE + SYNTAX INTEGER { + no(0), + yes(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When in policy-based NAT, the new secure address can come from + either a Dynamic IP or from a Mapped IP. This object indicates + if poliy-based NAT uses fix port when working on NAT mode." + ::= { nsPlyEntry 10 } + +nsPlyDipId OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the Dynamic ID chosen for NAT policy." + ::= { nsPlyEntry 11 } + +nsPlyVpnTunnel OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "VPN tunnel this access policy applies to." + ::= { nsPlyEntry 12 } + +nsPlyL2tpTunnel OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "L2TP tunnel this access policy applies to." + ::= { nsPlyEntry 13 } + +nsPlyAuth OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the selecting this option requires the + user at the source address to authenticate his/her identiry by + supplying a user name and password before traffic is allowed to + graverw the firewall or enter the VPN tunnel." + ::= { nsPlyEntry 14 } + +nsPlyLogEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When you enable logging in an access policy, the NetScreen + device logs all connections to which that paticular access + policy applies." + ::= { nsPlyEntry 15 } + +nsPlyCountEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "When you enable counting in an access plicy, the NetScreen + device counts the total number of bytes of traffic to which + this access policy applies and records the informaiton in + historical graphs." + ::= { nsPlyEntry 16 } + +nsPlyAlarmBPS OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set a threshold that triggers an alarm when the + traffic permitted by the access policy exceeds a specified + number of bytes per second." + ::= { nsPlyEntry 17 } + +nsPlyAlarmBPM OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set a threshold that triggers an alarm when the + traffic permitted by the access policy exceeds a specified + number of bytes per Minute." + ::= { nsPlyEntry 18 } + +nsPlySchedule OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "By associating a schedule to an access policy, you can + determine when the access policy is in effect." + ::= { nsPlyEntry 19 } + +nsPlyTrafficShapeEnable OBJECT-TYPE + SYNTAX INTEGER { + off(0), + on(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "User can set parameters for the control and shaping of traffic + for each access policy." + ::= { nsPlyEntry 20 } + +nsPlyTrafficPriority OBJECT-TYPE + SYNTAX INTEGER { + high(0), + priority2nd(1), + priority3rd(2), + priority4th(3), + priority5th(4), + priority6th(5), + priority7th(6), + priorityLow(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Traffic priority for this policy." + ::= { nsPlyEntry 21 } + +nsPlyDSEnable OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enabled(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Differentiated Services is a system for tagging traffic at a + position within a hierarchy of priority." + ::= { nsPlyEntry 22 } + +nsPlyActiveStatus OBJECT-TYPE + SYNTAX INTEGER { + inactive(0), + inuse(1), + hidden(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Show the status of one policy entry." + ::= { nsPlyEntry 23 } + +nsPlyName OBJECT-TYPE + SYNTAX DisplayString (SIZE(0..32)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "policy name (optional)" + ::= { nsPlyEntry 24 } + +nsPlyServiceName OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sevices name that identify application protocols using + layer 4 information such as standard and accepted TCP and UDP + port numbers for application services like Telnet, FTP, SMTP + and HTTP. This object indicates all the traffic service type + this policy allows. 'Any' means all this policy allows all + service go through." + ::= { nsPlyEntry 25 } + +nsPlyMonTable OBJECT-TYPE + SYNTAX SEQUENCE OF NsPlyMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "traffic information for the policy-based traffic." + ::= { netscreenPolicy 2 } + +nsPlyMonEntry OBJECT-TYPE + SYNTAX NsPlyMonEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry holds a set of traffic counters of a specific + policy." + INDEX + { nsPlyMonId, nsPlyMonVsys } + ::= { nsPlyMonTable 1 } + +nsPlyMonId OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Policy Id, also used as index in this table" + ::= { nsPlyMonEntry 1 } + +nsPlyMonVsys OBJECT-TYPE + SYNTAX Integer32 (0..2147483647) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "vsys this policy belongs to" + ::= { nsPlyMonEntry 2 } + +nsPlyMonPackPerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packets go through this policy per second" + ::= { nsPlyMonEntry 3 } + +nsPlyMonPackPerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Packets go through this policy per minute" + ::= { nsPlyMonEntry 4 } + +nsPlyMonTotalPacket OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "total packets go through this policy" + ::= { nsPlyMonEntry 5 } + +nsPlyMonBytePerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Bytes go through this policy per second" + ::= { nsPlyMonEntry 6 } + +nsPlyMonBytePerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Bytes go through this policy per minute" + ::= { nsPlyMonEntry 7 } + +nsPlyMonTotalByte OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total bytes go through this policy" + ::= { nsPlyMonEntry 8 } + +nsPlyMonSessionPerSec OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sessions go through this policy per second" + ::= { nsPlyMonEntry 9 } + +nsPlyMonSessionPerMin OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Sessions go through this policy per minute" + ::= { nsPlyMonEntry 10 } + +nsPlyMonTotalSession OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total Sessions go through this policy" + ::= { nsPlyMonEntry 11 } + +END + + |