summaryrefslogtreecommitdiff
path: root/MIBS/screenos
diff options
context:
space:
mode:
authorDavid Leutgeb <david.leutgeb@mannundmouse.com>2023-12-05 12:25:34 +0100
committerDavid Leutgeb <david.leutgeb@mannundmouse.com>2023-12-05 12:25:34 +0100
commit98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch)
tree9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/screenos
downloadmibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.tar.gz
mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.zip
Initial commitHEADmain
Diffstat (limited to 'MIBS/screenos')
-rw-r--r--MIBS/screenos/NETSCREEN-ADDR-MIB142
-rw-r--r--MIBS/screenos/NETSCREEN-BGP4-MIB784
-rw-r--r--MIBS/screenos/NETSCREEN-CERTIFICATE-MIB217
-rw-r--r--MIBS/screenos/NETSCREEN-CHASSIS-MIB272
-rw-r--r--MIBS/screenos/NETSCREEN-IDS-MIB880
-rw-r--r--MIBS/screenos/NETSCREEN-INTERFACE-MIB696
-rw-r--r--MIBS/screenos/NETSCREEN-IP-ARP-MIB184
-rw-r--r--MIBS/screenos/NETSCREEN-IPPOOL-MIB125
-rw-r--r--MIBS/screenos/NETSCREEN-NAT-MIB536
-rw-r--r--MIBS/screenos/NETSCREEN-NSRP-MIB1182
-rw-r--r--MIBS/screenos/NETSCREEN-OSPF-MIB2397
-rw-r--r--MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB444
-rw-r--r--MIBS/screenos/NETSCREEN-POLICY-MIB583
-rw-r--r--MIBS/screenos/NETSCREEN-PRODUCTS-MIB117
-rw-r--r--MIBS/screenos/NETSCREEN-QOS-MIB174
-rw-r--r--MIBS/screenos/NETSCREEN-RESOURCE-MIB299
-rw-r--r--MIBS/screenos/NETSCREEN-RIPv2-MIB567
-rw-r--r--MIBS/screenos/NETSCREEN-SCHEDULE-MIB253
-rw-r--r--MIBS/screenos/NETSCREEN-SERVICE-MIB323
-rw-r--r--MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB202
-rw-r--r--MIBS/screenos/NETSCREEN-SET-AUTH-MIB404
-rw-r--r--MIBS/screenos/NETSCREEN-SET-DHCP-MIB134
-rw-r--r--MIBS/screenos/NETSCREEN-SET-DNS-MIB90
-rw-r--r--MIBS/screenos/NETSCREEN-SET-EMAIL-MIB102
-rw-r--r--MIBS/screenos/NETSCREEN-SET-GEN-MIB130
-rw-r--r--MIBS/screenos/NETSCREEN-SET-GLB-MIB272
-rw-r--r--MIBS/screenos/NETSCREEN-SET-LOG-MIB197
-rw-r--r--MIBS/screenos/NETSCREEN-SET-SNMP-MIB176
-rw-r--r--MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB102
-rw-r--r--MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB133
-rw-r--r--MIBS/screenos/NETSCREEN-SET-WEB-MIB150
-rw-r--r--MIBS/screenos/NETSCREEN-SMI97
-rw-r--r--MIBS/screenos/NETSCREEN-TRAP-MIB548
-rw-r--r--MIBS/screenos/NETSCREEN-UAC-MIB124
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB240
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-IKE-MIB190
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-L2TP-MIB494
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB219
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-MON-MIB537
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB186
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB208
-rw-r--r--MIBS/screenos/NETSCREEN-VPN-USER-MIB466
-rw-r--r--MIBS/screenos/NETSCREEN-VR-BGP4-MIB787
-rw-r--r--MIBS/screenos/NETSCREEN-VR-MIB157
-rw-r--r--MIBS/screenos/NETSCREEN-VR-OSPF-MIB2410
-rw-r--r--MIBS/screenos/NETSCREEN-VR-RIPv2-MIB567
-rw-r--r--MIBS/screenos/NETSCREEN-VSYS-MIB98
-rw-r--r--MIBS/screenos/NETSCREEN-ZONE-MIB122
48 files changed, 19717 insertions, 0 deletions
diff --git a/MIBS/screenos/NETSCREEN-ADDR-MIB b/MIBS/screenos/NETSCREEN-ADDR-MIB
new file mode 100644
index 0000000..547ebe5
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-ADDR-MIB
@@ -0,0 +1,142 @@
+-- This module defines enterprise MIBs for address book
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-ADDR-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenAddr
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenAddrMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the entries in the Address Book"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenAddr 0 }
+
+NsAddrEntry ::= SEQUENCE
+{
+ nsAddrIndex Integer32,
+ nsAddrName DisplayString,
+ nsAddrVsys Integer32,
+ nsAddrZone Integer32,
+ nsAddrIpOrDomain DisplayString,
+ nsAddrNetmask IpAddress,
+ nsAddrComment DisplayString
+}
+
+nsAddrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsAddrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The NetScreen ScreenOS classifies the addresses of all other
+ devices by location and netmask. For example trusted addresses
+ are located behind the trusted interface. This table collects
+ all address items that exist in ScreenOS"
+ ::= { netscreenAddr 1 }
+
+nsAddrEntry OBJECT-TYPE
+ SYNTAX NsAddrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Address entry collects some attributes of the address item."
+ INDEX
+ { nsAddrIndex }
+ ::= { nsAddrTable 1 }
+
+nsAddrIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each address. Its value ranges between 0
+ and 65535 and may not be contiguous."
+ ::= { nsAddrEntry 1 }
+
+nsAddrName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Address item name."
+ ::= { nsAddrEntry 2 }
+
+nsAddrVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system name this address belongs to."
+ ::= { nsAddrEntry 3 }
+
+nsAddrZone OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Security zone name this address belongs to."
+ ::= { nsAddrEntry 4 }
+
+nsAddrIpOrDomain OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Address item's ip address or domain name."
+ ::= { nsAddrEntry 5 }
+
+nsAddrNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Subnet mask address use."
+ ::= { nsAddrEntry 6 }
+
+nsAddrComment OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Comments on this address."
+ ::= { nsAddrEntry 7 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-BGP4-MIB b/MIBS/screenos/NETSCREEN-BGP4-MIB
new file mode 100644
index 0000000..0cdae97
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-BGP4-MIB
@@ -0,0 +1,784 @@
+-- These MIBs were created on 1/2/2003
+-- This module defines enterprise MIBs for NS BGP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-BGP4-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
+ IpAddress, Integer32, Counter32, Gauge32
+ FROM SNMPv2-SMI
+ netscreenTrapDesc, netscreenTrapType
+ FROM NETSCREEN-TRAP-MIB
+ netscreenVR
+ FROM NETSCREEN-SMI;
+
+ nsBgp MODULE-IDENTITY
+ LAST-UPDATED "200506032022Z" -- June 20, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module for NS-BGP-4."
+ ::= { netscreenVR 3 }
+
+ -- BGP Info table. This table contains, one entry per
+ -- VR, information about the BGP's Version, LocalAs and Identifier.
+
+ nsBgpInfoTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsBgpInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "BGP info table. This table contains,
+ one entry per VR, information about
+ the BGP's Version, LocalAs and Identifier."
+ ::= { nsBgp 1 }
+
+ nsBgpInfoEntry OBJECT-TYPE
+ SYNTAX NsBgpInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Entry containing information about the
+ BGP's Version, LocalAs and Identifier"
+ INDEX { nsBgpInfoVRID }
+ ::= { nsBgpInfoTable 1 }
+
+ NsBgpInfoEntry ::= SEQUENCE {
+ nsBgpInfoVersion
+ OCTET STRING,
+ nsBgpInfoLocalAs
+ INTEGER,
+ nsBgpInfoIdentifier
+ IpAddress,
+ nsBgpInfoVRID
+ INTEGER
+ }
+
+ nsBgpInfoVersion OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (1..255))
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Vector of supported BGP protocol version
+ numbers. Each peer negotiates the version
+ from this vector. Versions are identified
+ via the string of bits contained within this
+ object. The first octet contains bits 0 to
+ 7, the second octet contains bits 8 to 15,
+ and so on, with the most significant bit
+ referring to the lowest bit number in the
+ octet (e.g., the MSB of the first octet
+ refers to bit 0). If a bit, i, is present
+ and set, then the version (i+1) of the BGP
+ is supported."
+ ::= { nsBgpInfoEntry 1 }
+
+ nsBgpInfoLocalAs OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The local autonomous system number."
+ ::= { nsBgpInfoEntry 2 }
+
+ nsBgpInfoIdentifier OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The BGP Identifier of local system."
+ ::= { nsBgpInfoEntry 3 }
+
+ nsBgpInfoVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsBgpInfoEntry 4 }
+
+ -- BGP Peer table. This table contains, one entry per
+ -- BGP peer, information about the BGP peer.
+
+ nsBgpPeerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsBgpPeerEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "BGP peer table. This table contains,
+ one entry per BGP peer, information about
+ the connections with BGP peers."
+ ::= { nsBgp 3 }
+
+ nsBgpPeerEntry OBJECT-TYPE
+ SYNTAX NsBgpPeerEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Entry containing information about the
+ connection with a BGP peer."
+ INDEX { nsBgpPeerRemoteAddr,
+ nsBgpPeerVRID }
+ ::= { nsBgpPeerTable 1 }
+
+ NsBgpPeerEntry ::= SEQUENCE {
+ nsBgpPeerIdentifier
+ IpAddress,
+ nsBgpPeerState
+ INTEGER,
+ nsBgpPeerAdminStatus
+ INTEGER,
+ nsBgpPeerNegotiatedVersion
+ Integer32,
+ nsBgpPeerLocalAddr
+ IpAddress,
+ nsBgpPeerLocalPort
+ INTEGER,
+ nsBgpPeerRemoteAddr
+ IpAddress,
+ nsBgpPeerRemotePort
+ INTEGER,
+ nsBgpPeerRemoteAs
+ INTEGER,
+ nsBgpPeerInUpdates
+ Counter32,
+ nsBgpPeerOutUpdates
+ Counter32,
+ nsBgpPeerInTotalMessages
+ Counter32,
+ nsBgpPeerOutTotalMessages
+ Counter32,
+ nsBgpPeerLastError
+ OCTET STRING,
+ nsBgpPeerFsmEstablishedTransitions
+ Counter32,
+ nsBgpPeerFsmEstablishedTime
+ Gauge32,
+ nsBgpPeerConnectRetryInterval
+ INTEGER,
+ nsBgpPeerHoldTime
+ INTEGER,
+ nsBgpPeerKeepAlive
+
+ INTEGER,
+ nsBgpPeerHoldTimeConfigured
+ INTEGER,
+ nsBgpPeerKeepAliveConfigured
+ INTEGER,
+ nsBgpPeerMinASOriginationInterval
+ INTEGER,
+ nsBgpPeerMinRouteAdvertisementInterval
+ INTEGER,
+ nsBgpPeerInUpdateElapsedTime
+ Gauge32,
+ nsBgpPeerVRID
+ INTEGER
+ }
+
+ nsBgpPeerIdentifier OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The BGP Identifier of this entry's BGP
+ peer."
+ ::= { nsBgpPeerEntry 1 }
+
+ nsBgpPeerState OBJECT-TYPE
+ SYNTAX INTEGER {
+ idle(1),
+ connect(2),
+ active(3),
+ opensent(4),
+ openconfirm(5),
+ established(6)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The BGP peer connection state."
+ ::= { nsBgpPeerEntry 2 }
+
+ nsBgpPeerAdminStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ stop(1),
+ start(2)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The desired state of the BGP connection.
+ A transition from 'stop' to 'start' will
+ cause the BGP Start Event to be generated.
+
+ A transition from 'start' to 'stop' will
+ cause the BGP Stop Event to be generated.
+ This parameter can be used to restart BGP
+ peer connections. Care should be used in
+ providing write access to this object
+ without adequate authentication."
+ ::= { nsBgpPeerEntry 3 }
+
+ nsBgpPeerNegotiatedVersion OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The negotiated version of BGP running
+ between the two peers."
+ ::= { nsBgpPeerEntry 4 }
+
+ nsBgpPeerLocalAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The local IP address of this entry's BGP
+ connection."
+ ::= { nsBgpPeerEntry 5 }
+
+ nsBgpPeerLocalPort OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The local port for the TCP connection
+ between the BGP peers."
+ ::= { nsBgpPeerEntry 6 }
+
+ nsBgpPeerRemoteAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The remote IP address of this entry's BGP
+ peer."
+ ::= { nsBgpPeerEntry 7 }
+
+ nsBgpPeerRemotePort OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+ DESCRIPTION
+ "The remote port for the TCP connection
+ between the BGP peers. Note that the
+ objects nsBgpPeerLocalAddr,
+ nsBgpPeerLocalPort, nsBgpPeerRemoteAddr and
+ nsBgpPeerRemotePort provide the appropriate
+ reference to the standard MIB TCP
+ connection table."
+ ::= { nsBgpPeerEntry 8 }
+
+ nsBgpPeerRemoteAs OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The remote autonomous system number."
+ ::= { nsBgpPeerEntry 9 }
+
+ nsBgpPeerInUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of BGP UPDATE messages
+ received on this connection. This object
+ should be initialized to zero (0) when the
+ connection is established."
+ ::= { nsBgpPeerEntry 10 }
+
+ nsBgpPeerOutUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of BGP UPDATE messages
+ transmitted on this connection. This
+ object should be initialized to zero (0)
+ when the connection is established."
+ ::= { nsBgpPeerEntry 11 }
+
+ nsBgpPeerInTotalMessages OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of messages received
+ from the remote peer on this connection.
+ This object should be initialized to zero
+
+ when the connection is established."
+ ::= { nsBgpPeerEntry 12 }
+
+ nsBgpPeerOutTotalMessages OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of messages transmitted to
+ the remote peer on this connection. This
+ object should be initialized to zero when
+ the connection is established."
+ ::= { nsBgpPeerEntry 13 }
+
+ nsBgpPeerLastError OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (2))
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The last error code and subcode seen by this
+ peer on this connection. If no error has
+ occurred, this field is zero. Otherwise, the
+ first byte of this two byte OCTET STRING
+ contains the error code, and the second byte
+ contains the subcode."
+ ::= { nsBgpPeerEntry 14 }
+
+ nsBgpPeerFsmEstablishedTransitions OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of times the BGP FSM
+ transitioned into the established state."
+ ::= { nsBgpPeerEntry 15 }
+
+ nsBgpPeerFsmEstablishedTime OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This timer indicates how long (in
+ seconds) this peer has been in the
+ Established state or how long
+ since this peer was last in the
+ Established state. It is set to zero when
+ a new peer is configured or the router is
+ booted."
+
+ ::= { nsBgpPeerEntry 16 }
+
+ nsBgpPeerConnectRetryInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the
+ ConnectRetry timer. The suggested value
+ for this timer is 120 seconds."
+ ::= { nsBgpPeerEntry 17 }
+
+ nsBgpPeerHoldTime OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 3..65535 )
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the Hold
+ Timer established with the peer. The
+ value of this object is calculated by this
+ BGP speaker by using the smaller of the
+ value in nsBgpPeerHoldTimeConfigured and the
+ Hold Time received in the OPEN message.
+ This value must be at lease three seconds
+ if it is not zero (0) in which case the
+ Hold Timer has not been established with
+ the peer, or, the value of
+ nsBgpPeerHoldTimeConfigured is zero (0)."
+ ::= { nsBgpPeerEntry 18 }
+
+ nsBgpPeerKeepAlive OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 1..21845 )
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the KeepAlive
+ timer established with the peer. The value
+ of this object is calculated by this BGP
+ speaker such that, when compared with
+ nsBgpPeerHoldTime, it has the same
+ proportion as what
+ nsBgpPeerKeepAliveConfigured has when
+ compared with nsBgpPeerHoldTimeConfigured.
+ If the value of this object is zero (0),
+ it indicates that the KeepAlive timer has
+ not been established with the peer, or,
+ the value of nsBgpPeerKeepAliveConfigured is
+ zero (0)."
+
+ ::= { nsBgpPeerEntry 19 }
+
+ nsBgpPeerHoldTimeConfigured OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 3..65535 )
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the Hold Time
+ configured for this BGP speaker with this
+ peer. This value is placed in an OPEN
+ message sent to this peer by this BGP
+ speaker, and is compared with the Hold
+ Time field in an OPEN message received
+ from the peer when determining the Hold
+ Time (nsBgpPeerHoldTime) with the peer.
+ This value must not be less than three
+ seconds if it is not zero (0) in which
+ case the Hold Time is NOT to be
+ established with the peer. The suggested
+ value for this timer is 90 seconds."
+ ::= { nsBgpPeerEntry 20 }
+
+ nsBgpPeerKeepAliveConfigured OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 1..21845 )
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the
+ KeepAlive timer configured for this BGP
+ speaker with this peer. The value of this
+ object will only determine the
+ KEEPALIVE messages' frequency relative to
+ the value specified in
+ nsBgpPeerHoldTimeConfigured; the actual
+ time interval for the KEEPALIVE messages
+ is indicated by nsBgpPeerKeepAlive. A
+ reasonable maximum value for this timer
+ would be configured to be one
+ third of that of
+ nsBgpPeerHoldTimeConfigured.
+ If the value of this object is zero (0),
+ no periodical KEEPALIVE messages are sent
+ to the peer after the BGP connection has
+ been established. The suggested value for
+ this timer is 30 seconds."
+ ::= { nsBgpPeerEntry 21 }
+
+ nsBgpPeerMinASOriginationInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the
+ MinASOriginationInterval timer.
+ The suggested value for this timer is 15
+ seconds."
+ ::= { nsBgpPeerEntry 22 }
+
+ nsBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Time interval in seconds for the
+ MinRouteAdvertisementInterval timer.
+ The suggested value for this timer is 30
+ seconds."
+ ::= { nsBgpPeerEntry 23 }
+
+ nsBgpPeerInUpdateElapsedTime OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Elapsed time in seconds since the last BGP
+ UPDATE message was received from the peer.
+ Each time nsBgpPeerInUpdates is incremented,
+ the value of this object is set to zero
+ (0)."
+ ::= { nsBgpPeerEntry 24 }
+
+ nsBgpPeerVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsBgpPeerEntry 25 }
+
+
+ -- BGP-4 Received Path Attribute Table. This table
+ -- contains, one entry per path to a network, path
+ -- attributes received from all peers running BGP-4.
+
+ nsBgp4PathAttrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsBgp4PathAttrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The BGP-4 Received Path Attribute Table
+ contains information about paths to
+ destination networks received from all
+ BGP4 peers."
+ ::= { nsBgp 6 }
+
+ nsBgp4PathAttrEntry OBJECT-TYPE
+ SYNTAX NsBgp4PathAttrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information about a path to a network."
+ INDEX { nsBgp4PathAttrIpAddrPrefix,
+ nsBgp4PathAttrIpAddrPrefixLen,
+ nsBgp4PathAttrPeer,
+ nsBgp4PathAttrVRID }
+ ::= { nsBgp4PathAttrTable 1 }
+
+ NsBgp4PathAttrEntry ::= SEQUENCE {
+ nsBgp4PathAttrPeer
+ IpAddress,
+ nsBgp4PathAttrIpAddrPrefixLen
+ INTEGER,
+ nsBgp4PathAttrIpAddrPrefix
+ IpAddress,
+ nsBgp4PathAttrOrigin
+ INTEGER,
+ nsBgp4PathAttrASPathSegment
+
+ OCTET STRING,
+ nsBgp4PathAttrNextHop
+ IpAddress,
+ nsBgp4PathAttrMultiExitDisc
+ INTEGER,
+ nsBgp4PathAttrLocalPref
+ INTEGER,
+ nsBgp4PathAttrAtomicAggregate
+ INTEGER,
+ nsBgp4PathAttrAggregatorAS
+ INTEGER,
+ nsBgp4PathAttrAggregatorAddr
+ IpAddress,
+ nsBgp4PathAttrCalcLocalPref
+ INTEGER,
+ nsBgp4PathAttrBest
+ INTEGER,
+ nsBgp4PathAttrUnknown
+ OCTET STRING,
+ nsBgp4PathAttrVRID
+ INTEGER
+
+ }
+
+ nsBgp4PathAttrPeer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address of the peer where the path
+ information was learned."
+ ::= { nsBgp4PathAttrEntry 1 }
+
+ nsBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE
+ SYNTAX INTEGER (0..32)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Length in bits of the IP address prefix
+ in the Network Layer Reachability
+ Information field."
+ ::= { nsBgp4PathAttrEntry 2 }
+
+ nsBgp4PathAttrIpAddrPrefix OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "An IP address prefix in the Network Layer
+ Reachability Information field. This object
+
+ is an IP address containing the prefix with
+ length specified by
+ nsBgp4PathAttrIpAddrPrefixLen.
+ Any bits beyond the length specified by
+ nsBgp4PathAttrIpAddrPrefixLen are zeroed."
+ ::= { nsBgp4PathAttrEntry 3 }
+
+ nsBgp4PathAttrOrigin OBJECT-TYPE
+ SYNTAX INTEGER {
+ igp(1),-- networks are interior
+ egp(2),-- networks learned
+ -- via EGP
+ incomplete(3) -- undetermined
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The ultimate origin of the path
+ information."
+ ::= { nsBgp4PathAttrEntry 4 }
+
+ nsBgp4PathAttrASPathSegment OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (2..255))
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The sequence of AS path segments. Each AS
+ path segment is represented by a triple
+ <type, length, value>.
+
+ The type is a 1-octet field which has two
+ possible values:
+ 1 AS_SET: unordered set of ASs a
+ route in the UPDATE
+ message has traversed
+ 2 AS_SEQUENCE: ordered set of ASs
+ a route in the UPDATE
+ message has traversed.
+
+ The length is a 1-octet field containing the
+ number of ASs in the value field.
+
+ The value field contains one or more AS
+ numbers, each AS is represented in the octet
+ string as a pair of octets according to the
+ following algorithm:
+
+ first-byte-of-pair = ASNumber / 256;
+ second-byte-of-pair = ASNumber & 255;"
+ ::= { nsBgp4PathAttrEntry 5 }
+
+ nsBgp4PathAttrNextHop OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The address of the border router that
+ should be used for the destination
+ network."
+ ::= { nsBgp4PathAttrEntry 6 }
+
+ nsBgp4PathAttrMultiExitDisc OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This metric is used to discriminate
+ between multiple exit points to an
+ adjacent autonomous system. A value of -1
+ indicates the absence of this attribute."
+ ::= { nsBgp4PathAttrEntry 7 }
+
+ nsBgp4PathAttrLocalPref OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The originating BGP4 speaker's degree of
+ preference for an advertised route. A
+ value of -1 indicates the absence of this
+ attribute."
+ ::= { nsBgp4PathAttrEntry 8 }
+
+ nsBgp4PathAttrAtomicAggregate OBJECT-TYPE
+ SYNTAX INTEGER {
+ lessSpecificRrouteNotSelected(1),
+ lessSpecificRouteSelected(2)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Whether or not the local system has
+ selected a less specific route without
+ selecting a more specific route."
+ ::= { nsBgp4PathAttrEntry 9 }
+
+ nsBgp4PathAttrAggregatorAS OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The AS number of the last BGP4 speaker that
+ performed route aggregation. A value of
+ zero (0) indicates the absence of this
+ attribute."
+ ::= { nsBgp4PathAttrEntry 10 }
+
+ nsBgp4PathAttrAggregatorAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address of the last BGP4 speaker
+ that performed route aggregation. A value
+ of 0.0.0.0 indicates the absence of this
+ attribute."
+ ::= { nsBgp4PathAttrEntry 11 }
+
+ nsBgp4PathAttrCalcLocalPref OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The degree of preference calculated by the
+ receiving BGP4 speaker for an advertised
+ route. A value of -1 indicates the
+ absence of this attribute."
+ ::= { nsBgp4PathAttrEntry 12 }
+
+ nsBgp4PathAttrBest OBJECT-TYPE
+ SYNTAX INTEGER {
+ false(1),-- not chosen as best route
+ true(2) -- chosen as best route
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "An indication of whether or not this route
+ was chosen as the best BGP4 route."
+ ::= { nsBgp4PathAttrEntry 13 }
+
+ nsBgp4PathAttrUnknown OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..255))
+ MAX-ACCESS read-only
+
+ STATUS deprecated
+ DESCRIPTION
+ "One or more path attributes not understood
+ by this BGP4 speaker. Size zero (0)
+ indicates the absence of such
+ attribute(s). Octets beyond the maximum
+ size, if any, are not recorded by this
+ object."
+ ::= { nsBgp4PathAttrEntry 14 }
+
+ nsBgp4PathAttrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsBgp4PathAttrEntry 15 }
+
+ -- Traps.
+
+ nsBgpTraps OBJECT IDENTIFIER ::= { nsBgp 7 }
+
+ nsBgpEstablished NOTIFICATION-TYPE
+ OBJECTS { netscreenTrapType,
+ netscreenTrapDesc,
+ nsBgpPeerIdentifier,
+ nsBgpPeerVRID,
+ nsBgpPeerLastError,
+ nsBgpPeerState }
+ STATUS deprecated
+ DESCRIPTION
+ "The BGP Established event is generated when
+ the BGP FSM enters the ESTABLISHED state."
+ ::= { nsBgpTraps 1 }
+
+
+END
+
diff --git a/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB b/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB
new file mode 100644
index 0000000..85d2a5e
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-CERTIFICATE-MIB
@@ -0,0 +1,217 @@
+-- This module defines enterprise MIBs for VPN certificate
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-CERTIFICATE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenCertificateMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ VPN certificates"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311120000Z" -- November 12, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No comment"
+ REVISION "200105150000Z" -- May 15, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 7 }
+
+NsVpnCertCfgEntry ::= SEQUENCE
+{
+ nsVpnCertCfgIndex Integer32,
+ nsVpnCertCfgType INTEGER,
+ nsVpnCertCfgSubject DisplayString,
+ nsVpnCertCfgExpire DisplayString,
+ nsVpnCertCfgIssuer DisplayString,
+ nsVpnCertCfgVsys Integer32
+}
+
+NsVpnCertDefEntry ::= SEQUENCE
+{
+ nsVpnCertDefIndex Integer32,
+ nsVpnCertDefLdap DisplayString,
+ nsVpnCertDefCrlUrl DisplayString,
+ nsVpnCertDefRefresh DisplayString,
+ nsVpnCertDefX509 INTEGER,
+ nsVpnCertDefVsys Integer32
+}
+
+nsVpnCert OBJECT IDENTIFIER ::= { netscreenVpn 7 }
+
+nsVpnCertDefTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnCertDefEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Certificate default setting table collects the default
+ certificates used when establish a secure VPN connection in
+ NetScreen device."
+ ::= { nsVpnCert 1 }
+
+nsVpnCertDefEntry OBJECT-TYPE
+ SYNTAX NsVpnCertDefEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes of a certificate"
+ INDEX
+ { nsVpnCertDefIndex }
+ ::= { nsVpnCertDefTable 1 }
+
+nsVpnCertDefIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Table index using as primary key when retrieving the table."
+ ::= { nsVpnCertDefEntry 1 }
+
+nsVpnCertDefLdap OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "LDAP server name."
+ ::= { nsVpnCertDefEntry 2 }
+
+nsVpnCertDefCrlUrl OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "URL of CRL."
+ ::= { nsVpnCertDefEntry 3 }
+
+nsVpnCertDefRefresh OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "CRL Refresh Frequency."
+ ::= { nsVpnCertDefEntry 4 }
+
+nsVpnCertDefX509 OBJECT-TYPE
+ SYNTAX INTEGER {
+ partial(0),
+ full(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "X509 Certificate Path Validation Level."
+ ::= { nsVpnCertDefEntry 5 }
+
+nsVpnCertDefVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys the cert setting belongs to."
+ ::= { nsVpnCertDefEntry 6 }
+
+nsVpnCertCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnCertCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table collects detail certificate information."
+ ::= { nsVpnCert 2 }
+
+nsVpnCertCfgEntry OBJECT-TYPE
+ SYNTAX NsVpnCertCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnCertCfgTable contains a set of
+ attributes for a certificate"
+ INDEX
+ { nsVpnCertCfgIndex }
+ ::= { nsVpnCertCfgTable 1 }
+
+nsVpnCertCfgIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for certification table. Its value ranges
+ between 0 and 65535 and may not be contiguous."
+ ::= { nsVpnCertCfgEntry 1 }
+
+nsVpnCertCfgType OBJECT-TYPE
+ SYNTAX INTEGER {
+ ca(0),
+ local(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Certificate type."
+ ::= { nsVpnCertCfgEntry 2 }
+
+nsVpnCertCfgSubject OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Certificate subject."
+ ::= { nsVpnCertCfgEntry 3 }
+
+nsVpnCertCfgExpire OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Certificate expire date."
+ ::= { nsVpnCertCfgEntry 4 }
+
+nsVpnCertCfgIssuer OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Certificate configuration details."
+ ::= { nsVpnCertCfgEntry 5 }
+
+nsVpnCertCfgVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Certificate's vsys."
+ ::= { nsVpnCertCfgEntry 6 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-CHASSIS-MIB b/MIBS/screenos/NETSCREEN-CHASSIS-MIB
new file mode 100644
index 0000000..8bcd39b
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-CHASSIS-MIB
@@ -0,0 +1,272 @@
+-- This module defines chassis MIBs for modular ScreenOS platforms
+-- Copyright (c) 1999-2007, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-CHASSIS-MIB DEFINITIONS ::= BEGIN
+IMPORTS
+ netscreen
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenChassis MODULE-IDENTITY
+ LAST-UPDATED "200705080000Z"
+-- May 8, 2007 by mxk
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the objects that are used to monitor
+ device status such as Battery, Fan, Power and Temperature"
+ ::= { netscreen 21}
+
+ NsPowerEntry ::=
+ SEQUENCE {
+ nsPowerId Integer32,
+ nsPowerStatus Integer32,
+ nsPowerDesc DisplayString
+ }
+
+ nsPowerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsPowerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing installed power supply modules and
+ their status"
+ ::= { netscreenChassis 1}
+
+ nsPowerEntry OBJECT-TYPE
+ SYNTAX NsPowerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing one power supply module and its status"
+ INDEX { nsPowerId }
+ ::= { nsPowerTable 1 }
+
+ nsPowerId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the power supply
+ id. For 5400, range is 1~3, For 5200, range is 1~2"
+ ::= { nsPowerEntry 1 }
+
+ nsPowerStatus OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ power supply module's status:
+ 0. Fail
+ 1. Good
+ 2. Not installed"
+ ::= { nsPowerEntry 2 }
+
+ nsPowerDesc OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A description for the power supply module"
+ ::= { nsPowerEntry 3 }
+
+ NsFanEntry ::=
+ SEQUENCE {
+ nsFanId Integer32,
+ nsFanStatus Integer32,
+ nsFanDesc DisplayString
+ }
+
+ nsFanTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsFanEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing the installed Fan modules and their status"
+ ::= { netscreenChassis 2}
+
+ nsFanEntry OBJECT-TYPE
+ SYNTAX NsFanEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing one installed Fan module and its status"
+ INDEX { nsFanId }
+ ::= { nsFanTable 1 }
+
+ nsFanId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the Fan id. At the time of
+ this writing."
+ ::= { nsFanEntry 1 }
+
+ nsFanStatus OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ Fan module's status:
+ 0. Fail
+ 1. Good
+ "
+ ::= { nsFanEntry 2 }
+
+ nsFanDesc OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A description for the Fan module"
+ ::= { nsFanEntry 3 }
+
+
+ sysBatteryStatus OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Information describing the installed Battery and its status:
+ 1. Good
+ 2. Error
+ "
+ ::= { netscreenChassis 3 }
+
+ NsTemperatureEntry ::=
+ SEQUENCE {
+ nsTemperatureId Integer32,
+ nsTemperatureSlotId Integer32,
+ nsTemperatureDesc DisplayString,
+ nsTemperatureCur Integer32,
+ }
+
+ nsTemperatureTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsTemperatureEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing the temperature measured by each module"
+ ::= { netscreenChassis 4}
+
+ nsTemperatureEntry OBJECT-TYPE
+ SYNTAX NsTemperatureEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The temperature measured by a module"
+ INDEX { nsTemperatureId }
+ ::= { nsTemperatureTable 1 }
+
+ nsTemperatureId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying temperature measured on a board or on a component e.g. CPU"
+ ::= { nsTemperatureEntry 1 }
+
+ nsTemperatureSlotId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the slot where the temperature is measured. "
+ ::= { nsTemperatureEntry 2 }
+
+ nsTemperatureCur OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The current temperature measured by the module, unit is Celsius"
+ ::= { nsTemperatureEntry 3 }
+
+ nsTemperatureDesc OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A description for the module"
+ ::= { nsTemperatureEntry 4 }
+
+
+ NsSlotEntry ::= SEQUENCE {
+ nsSlotId Integer32,
+ nsSlotType DisplayString,
+ nsSlotStatus Integer32,
+ nsSlotSN DisplayString,
+ }
+
+ nsSlotTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSlotEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing the installed management and traffic
+ processing modules and their status, built-in and internal module are also listed here.
+ "
+ ::= { netscreenChassis 5}
+
+ nsSlotEntry OBJECT-TYPE
+ SYNTAX NsSlotEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing one installed module and its status"
+ INDEX { nsSlotId,
+ nsSubSlotId }
+ ::= { nsSlotTable 1 }
+
+ nsSlotId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the slot id. The range
+ varies on different platforms "
+ ::= { nsSlotEntry 1 }
+
+ nsSlotType OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A description of the installed module"
+ ::= { nsSlotEntry 2 }
+
+ nsSlotStatus OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Slot status"
+ ::= { nsSlotEntry 3 }
+
+ nsSlotSN OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Serial Number of the module"
+ ::= { nsSlotEntry 4 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-IDS-MIB b/MIBS/screenos/NETSCREEN-IDS-MIB
new file mode 100644
index 0000000..9431c72
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-IDS-MIB
@@ -0,0 +1,880 @@
+-- This module defines enterprise MIBs DI Setting.
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-IDS-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenIDS
+ FROM NETSCREEN-SMI
+ Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ ;
+
+nsIdsProtect MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs DI Setting."
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200204260000Z" -- April 26, 2002
+ DESCRIPTION
+ "Screen option on zone setting, add new screen option (Zhong
+ Wang)"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200101080000Z" -- January 08, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenIDS 1 }
+
+NsIdsAttkMonEntry ::= SEQUENCE
+{
+ nsIdsAttkMonIfIdx Integer32,
+ nsIdsAttkMonVsys Integer32,
+ nsIdsAttkMonSynAttk Counter32,
+ nsIdsAttkMonTearDrop Counter32,
+ nsIdsAttkMonSrcRoute Counter32,
+ nsIdsAttkMonPingDeath Counter32,
+ nsIdsAttkMonAddrSpoof Counter32,
+ nsIdsAttkMonLand Counter32,
+ nsIdsAttkMonIcmpFlood Counter32,
+ nsIdsAttkMonUdpFlood Counter32,
+ nsIdsAttkMonWinnuke Counter32,
+ nsIdsAttkMonPortScan Counter32,
+ nsIdsAttkMonIpSweep Counter32,
+ nsAttkMonSynFrag Counter32,
+ nsAttkMonTcpNoFlag Counter32,
+ nsAttkMonIpUnknownProt Counter32,
+ nsAttkMonIpOptBad Counter32,
+ nsAttkMonIpOptRecord Counter32,
+ nsAttkMonIpOptTimestamp Counter32,
+ nsAttkMonIpOptSCHT Counter32,
+ nsAttkMonIpOptLSR Counter32,
+ nsAttkMonIpOptSSR Counter32,
+ nsAttkMonIpOptStream Counter32,
+ nsAttkMonIcmpFrag Counter32,
+ nsAttkMonIcmpLarge Counter32,
+ nsAttkMonTcpSynFin Counter32,
+ nsAttkMonTcpFinNoAck Counter32,
+ nsAttkMonHttpMalUrl Counter32,
+ nsAttkMonSessMalNum Counter32,
+ nsAttkMonSynAckAck Counter32,
+ nsAttkMonIpFrag Counter32,
+ nsIdsAttkMonIfInfo Integer32
+}
+
+NsIdsProtectSetEntry ::= SEQUENCE
+{
+ nsIdsProtectZoneIdx Integer32,
+ nsIdsDetectPingOfDeath INTEGER,
+ nsIdsDetectTearDrop INTEGER,
+ nsIdsDetectWinNuke INTEGER,
+ nsIdsFilterIpSrcRoute INTEGER,
+ nsIdsDetectPortScan INTEGER,
+ nsIdsDetectAddrSweep INTEGER,
+ nsIdsDetectLand INTEGER,
+ nsIdsBlockComponent INTEGER,
+ nsIdsDetectIpSpoof INTEGER,
+ nsIdsDetectSyn INTEGER,
+ nsIdsDetectIcmpFlood INTEGER,
+ nsIdsDetectUdpFlood INTEGER,
+ nsIdsDetectSynFrag INTEGER,
+ nsIdsDetectTcpNoFlag INTEGER,
+ nsIdsDetectIpUnknownProt INTEGER,
+ nsIdsDetectIpOptBad INTEGER,
+ nsIdsDetectIpOptRecord INTEGER,
+ nsIdsDetectIpOptTimestamp INTEGER,
+ nsIdsDetectIpOptSCHT INTEGER,
+ nsIdsDetectIpOptLSR INTEGER,
+ nsIdsDetectIpOptSSR INTEGER,
+ nsIdsDetectIpOptStream INTEGER,
+ nsIdsDetectIcmpFrag INTEGER,
+ nsIdsDetectIcmpLarge INTEGER,
+ nsIdsDetectTcpSynFin INTEGER,
+ nsIdsDetectTcpFinNoAck INTEGER,
+ nsIdsHttpMalUrl INTEGER,
+ nsIdsSessMalNum INTEGER,
+ nsIdsDetectSynAckAck INTEGER,
+ nsIdsDetectIpFrag INTEGER
+}
+
+NsIdsProtectThreshEntry ::= SEQUENCE
+{
+ nsIdsProtectThreshZoneIdx Integer32,
+ nsIdsSynAttackThresh Integer32,
+ nsIdsSynAttackTimeout Integer32,
+ nsIdsSynAttackAlmTh Integer32,
+ nsIdsSynAttackQueSize Integer32,
+ nsIdsSynAttackAgeTime Integer32,
+ nsIdsIcmpFloodThresh Integer32,
+ nsIdsUdpFloodThresh Integer32,
+ nsIdsPortScanThresh Integer32,
+ nsIdsIpSweepThresh Integer32,
+ nsIdsSynAckAckThres Integer32
+}
+
+nsIdsProtectSetTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIdsProtectSetEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen ScreenOS can allow DI protection on each of
+ NetScreen device's physical interface. This table collects the
+ DI protection configuration on each physical interface."
+ ::= { nsIdsProtect 1 }
+
+nsIdsProtectSetEntry OBJECT-TYPE
+ SYNTAX NsIdsProtectSetEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Hold the DI setting attribute."
+ INDEX
+ { nsIdsProtectZoneIdx }
+ ::= { nsIdsProtectSetTable 1 }
+
+nsIdsProtectZoneIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unique zone id."
+ ::= { nsIdsProtectSetEntry 1 }
+
+nsIdsDetectPingOfDeath OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Ping of Death."
+ ::= { nsIdsProtectSetEntry 2 }
+
+nsIdsDetectTearDrop OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Tear Drop Attack."
+ ::= { nsIdsProtectSetEntry 3 }
+
+nsIdsDetectWinNuke OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Win Nuke Attack."
+ ::= { nsIdsProtectSetEntry 4 }
+
+nsIdsFilterIpSrcRoute OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Filter IP Source Route Option attack."
+ ::= { nsIdsProtectSetEntry 5 }
+
+nsIdsDetectPortScan OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Port Scan Death attack."
+ ::= { nsIdsProtectSetEntry 6 }
+
+nsIdsDetectAddrSweep OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Address Sweep Attack."
+ ::= { nsIdsProtectSetEntry 7 }
+
+nsIdsDetectLand OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Land Attack."
+ ::= { nsIdsProtectSetEntry 8 }
+
+nsIdsBlockComponent OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Block Java/ActiveX/ZIP/EXE Component."
+ ::= { nsIdsProtectSetEntry 9 }
+
+nsIdsDetectIpSpoof OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP Spoofing attack."
+ ::= { nsIdsProtectSetEntry 10 }
+
+nsIdsDetectSyn OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect SYN attack."
+ ::= { nsIdsProtectSetEntry 11 }
+
+nsIdsDetectIcmpFlood OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect ICMP Flood attack."
+ ::= { nsIdsProtectSetEntry 12 }
+
+nsIdsDetectUdpFlood OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect UDP Flood attack."
+ ::= { nsIdsProtectSetEntry 13 }
+
+nsIdsDetectSynFrag OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect SYN fragment"
+ ::= { nsIdsProtectSetEntry 14 }
+
+nsIdsDetectTcpNoFlag OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP without flag set."
+ ::= { nsIdsProtectSetEntry 15 }
+
+nsIdsDetectIpUnknownProt OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Unknown protocol IP packet."
+ ::= { nsIdsProtectSetEntry 16 }
+
+nsIdsDetectIpOptBad OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP bad option."
+ ::= { nsIdsProtectSetEntry 17 }
+
+nsIdsDetectIpOptRecord OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP record option."
+ ::= { nsIdsProtectSetEntry 18 }
+
+nsIdsDetectIpOptTimestamp OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP timestamp option."
+ ::= { nsIdsProtectSetEntry 19 }
+
+nsIdsDetectIpOptSCHT OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP security option."
+ ::= { nsIdsProtectSetEntry 20 }
+
+nsIdsDetectIpOptLSR OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Loose source route."
+ ::= { nsIdsProtectSetEntry 21 }
+
+nsIdsDetectIpOptSSR OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect strict source route."
+ ::= { nsIdsProtectSetEntry 22 }
+
+nsIdsDetectIpOptStream OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP stream option."
+ ::= { nsIdsProtectSetEntry 23 }
+
+nsIdsDetectIcmpFrag OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect ICMP fragment."
+ ::= { nsIdsProtectSetEntry 24 }
+
+nsIdsDetectIcmpLarge OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect large ICMP packet."
+ ::= { nsIdsProtectSetEntry 25 }
+
+nsIdsDetectTcpSynFin OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP syn fin both set."
+ ::= { nsIdsProtectSetEntry 26 }
+
+nsIdsDetectTcpFinNoAck OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP fin set without ack bit set."
+ ::= { nsIdsProtectSetEntry 27 }
+
+nsIdsHttpMalUrl OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect malicious URL."
+ ::= { nsIdsProtectSetEntry 28 }
+
+nsIdsSessMalNum OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect malicious session connection."
+ ::= { nsIdsProtectSetEntry 29 }
+
+nsIdsDetectSynAckAck OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect SYN ACK ACK DoS."
+ ::= { nsIdsProtectSetEntry 30 }
+
+nsIdsDetectIpFrag OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Block IP fragment packet."
+ ::= { nsIdsProtectSetEntry 31 }
+
+nsIdsProtectThreshTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIdsProtectThreshEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen ScreenOS can allow DI protection on each of
+ NetScreen device's physical interface. This table collects the
+ DI protection configuration on each physical interface."
+ ::= { nsIdsProtect 2 }
+
+nsIdsProtectThreshEntry OBJECT-TYPE
+ SYNTAX NsIdsProtectThreshEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Hold the DI setting attribute."
+ INDEX
+ { nsIdsProtectThreshZoneIdx }
+ ::= { nsIdsProtectThreshTable 1 }
+
+nsIdsProtectThreshZoneIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unique zone id."
+ ::= { nsIdsProtectThreshEntry 1 }
+
+nsIdsSynAttackThresh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN attack threshold."
+ ::= { nsIdsProtectThreshEntry 2 }
+
+nsIdsSynAttackTimeout OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN attack timeout."
+ ::= { nsIdsProtectThreshEntry 3 }
+
+nsIdsSynAttackAlmTh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN attack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 4 }
+
+nsIdsSynAttackQueSize OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN attack queue size."
+ ::= { nsIdsProtectThreshEntry 5 }
+
+nsIdsSynAttackAgeTime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN flood age time."
+ ::= { nsIdsProtectThreshEntry 6 }
+
+nsIdsIcmpFloodThresh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ICMP attack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 7 }
+
+nsIdsUdpFloodThresh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "UDP attack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 8 }
+
+nsIdsPortScanThresh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ICMP attack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 9 }
+
+nsIdsIpSweepThresh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "UDP attack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 10 }
+
+nsIdsSynAckAckThres OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SYN ack ack alarm threshold."
+ ::= { nsIdsProtectThreshEntry 11 }
+
+nsIdsAttkMonTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIdsAttkMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The table monitors the intrusion attack attemps amount to
+ NetScreen Device."
+ ::= { netscreenIDS 2 }
+
+nsIdsAttkMonEntry OBJECT-TYPE
+ SYNTAX NsIdsAttkMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing intrusion attack couters."
+ INDEX
+ { nsIdsAttkMonIfIdx }
+ ::= { nsIdsAttkMonTable 1 }
+
+nsIdsAttkMonIfIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unique interface id."
+ ::= { nsIdsAttkMonEntry 1 }
+
+nsIdsAttkMonVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "according NetScreen's concepts. each interface belongs to one
+ virtual system. This attribute displays the virtual system name
+ an interface belongs to."
+ ::= { nsIdsAttkMonEntry 2 }
+
+nsIdsAttkMonSynAttk OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "sync attack packet counter."
+ ::= { nsIdsAttkMonEntry 3 }
+
+nsIdsAttkMonTearDrop OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "tear drop attack packet counter."
+ ::= { nsIdsAttkMonEntry 4 }
+
+nsIdsAttkMonSrcRoute OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "source route option attack packet counter."
+ ::= { nsIdsAttkMonEntry 5 }
+
+nsIdsAttkMonPingDeath OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ping of death attack packet counter."
+ ::= { nsIdsAttkMonEntry 6 }
+
+nsIdsAttkMonAddrSpoof OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "address spoofing attack packet counter."
+ ::= { nsIdsAttkMonEntry 7 }
+
+nsIdsAttkMonLand OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "land attack packet counter."
+ ::= { nsIdsAttkMonEntry 8 }
+
+nsIdsAttkMonIcmpFlood OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ICMP flood attack packet counter."
+ ::= { nsIdsAttkMonEntry 9 }
+
+nsIdsAttkMonUdpFlood OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "udp flood attack packet counter."
+ ::= { nsIdsAttkMonEntry 10 }
+
+nsIdsAttkMonWinnuke OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "weired netbios attack packet counter."
+ ::= { nsIdsAttkMonEntry 11 }
+
+nsIdsAttkMonPortScan OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "port scan attempt attack packet counter."
+ ::= { nsIdsAttkMonEntry 12 }
+
+nsIdsAttkMonIpSweep OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "address sweep attemp attack packet counter."
+ ::= { nsIdsAttkMonEntry 13 }
+
+nsAttkMonSynFrag OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect SYN fragment"
+ ::= { nsIdsAttkMonEntry 14 }
+
+nsAttkMonTcpNoFlag OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP without flag set."
+ ::= { nsIdsAttkMonEntry 15 }
+
+nsAttkMonIpUnknownProt OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Unknown protocol IP packet."
+ ::= { nsIdsAttkMonEntry 16 }
+
+nsAttkMonIpOptBad OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP bad option."
+ ::= { nsIdsAttkMonEntry 17 }
+
+nsAttkMonIpOptRecord OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP record option."
+ ::= { nsIdsAttkMonEntry 18 }
+
+nsAttkMonIpOptTimestamp OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP timestamp option."
+ ::= { nsIdsAttkMonEntry 19 }
+
+nsAttkMonIpOptSCHT OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP security option."
+ ::= { nsIdsAttkMonEntry 20 }
+
+nsAttkMonIpOptLSR OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect Loose source route."
+ ::= { nsIdsAttkMonEntry 21 }
+
+nsAttkMonIpOptSSR OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect strict source route."
+ ::= { nsIdsAttkMonEntry 22 }
+
+nsAttkMonIpOptStream OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect IP stream option."
+ ::= { nsIdsAttkMonEntry 23 }
+
+nsAttkMonIcmpFrag OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect ICMP fragment."
+ ::= { nsIdsAttkMonEntry 24 }
+
+nsAttkMonIcmpLarge OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect large ICMP packet."
+ ::= { nsIdsAttkMonEntry 25 }
+
+nsAttkMonTcpSynFin OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP syn fin both set."
+ ::= { nsIdsAttkMonEntry 26 }
+
+nsAttkMonTcpFinNoAck OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect TCP fin set without ack bit set."
+ ::= { nsIdsAttkMonEntry 27 }
+
+nsAttkMonHttpMalUrl OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect malicious URL."
+ ::= { nsIdsAttkMonEntry 28 }
+
+nsAttkMonSessMalNum OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect malicious session connection."
+ ::= { nsIdsAttkMonEntry 29 }
+
+nsAttkMonSynAckAck OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Detect SYN ACK ACK attack."
+ ::= { nsIdsAttkMonEntry 30 }
+
+nsAttkMonIpFrag OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Block IP fragment packet."
+ ::= { nsIdsAttkMonEntry 31 }
+
+nsIdsAttkMonIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsIdsAttkMonEntry 32 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-INTERFACE-MIB b/MIBS/screenos/NETSCREEN-INTERFACE-MIB
new file mode 100644
index 0000000..f6914c8
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-INTERFACE-MIB
@@ -0,0 +1,696 @@
+-- This module defines enterprise MIBs for interface configuration
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-INTERFACE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenInterface
+ FROM NETSCREEN-SMI
+ Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString,PhysAddress
+ FROM SNMPv2-TC
+ ;
+
+netscreenInterfaceMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor NS's
+ interface configuration"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105110000Z" -- May 11, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenInterface 0 }
+
+NsIfEntry ::= SEQUENCE
+{
+ nsIfIndex Integer32,
+ nsIfName DisplayString,
+ nsIfVsys Integer32,
+ nsIfZone Integer32,
+ nsIfStatus INTEGER,
+ nsIfIp IpAddress,
+ nsIfNetmask IpAddress,
+ nsIfGateway IpAddress,
+ nsIfMngIp IpAddress,
+ nsIfMode INTEGER,
+ nsIfMAC PhysAddress,
+ nsIfMngTelnet INTEGER,
+ nsIfMngSCS INTEGER,
+ nsIfMngWEB INTEGER,
+ nsIfMngSSL INTEGER,
+ nsIfMngSNMP INTEGER,
+ nsIfMngGlobal INTEGER,
+ nsIfMngGlobalPro INTEGER,
+ nsIfMngPing INTEGER,
+ nsIfMngIdentReset INTEGER,
+ nsIfInfo Integer32,
+ nsIfDescr DisplayString
+}
+
+NsIfFlowEntry ::= SEQUENCE
+{
+ nsIfFlowIfIdx Integer32,
+ nsIfFlowVsys Integer32,
+ nsIfFlowInByte Counter32,
+ nsIfFlowInPacket Counter32,
+ nsIfFlowOutByte Counter32,
+ nsIfFlowOutPacket Counter32,
+ nsIfFlowInVpn Counter32,
+ nsIfInVlan Counter32,
+ nsIfOutVlan Counter32,
+ nsIfFlowIfInfo Integer32
+}
+
+NsIfMonEntry ::= SEQUENCE
+{
+ nsIfMonIfIdx Integer32,
+ nsIfMonVsys Integer32,
+ nsIfMonPlyDeny Counter32,
+ nsIfMonAuthFail Counter32,
+ nsIfMonUrlBlock Counter32,
+ nsIfMonTrMngQueue Counter32,
+ nsIfMonTrMngDrop Counter32,
+ nsIfMonEncFail Counter32,
+ nsIfMonNoSa Counter32,
+ nsIfMonNoSaPly Counter32,
+ nsIfMonSaInactive Counter32,
+ nsIfMonSaPolicyDeny Counter32,
+ nsIfMonIfInfo Integer32
+}
+
+NsIfSecondaryIpEntry ::= SEQUENCE
+{
+ nsIfSecondaryIpIndex Integer32,
+ nsIfSecondaryIpIfIdx Integer32,
+ nsIfSecondaryIpVsys Integer32,
+ nsIfSecondaryIpZone Integer32,
+ nsIfSecondaryIpAddress IpAddress,
+ nsIfSecondaryIpNetmask IpAddress,
+ nsIfSecondaryIpIfInfo Integer32
+}
+
+nsIfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "All NetScreen devices have a trusted interface and an
+ untrusted interface. The NetScreen-10 and -100 also have a DMZ
+ interface. Additionally, on each of the virtual systems
+ supported by the NetScreen-1000 there can be on or more tursted
+ subinterfaces linking a particular virtual system to one or
+ more virtual LANs. Other interfaces-some physical, some
+ logical, and some virtual-provide exclusive channels for
+ administrative traffic, or for communication among member in a
+ redundant group. In this table, it will collect following
+ interface: tursted interface, untrusted interface, DMZ
+ interface, Management Interface and Subinterface."
+ ::= { netscreenInterface 1 }
+
+nsIfEntry OBJECT-TYPE
+ SYNTAX NsIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "nsIfEntry collects some attributes about NetScreen interface
+ settings."
+ INDEX
+ { nsIfIndex }
+ ::= { nsIfTable 1 }
+
+nsIfIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Interface number which uniquely identifies an interface."
+ ::= { nsIfEntry 1 }
+
+nsIfName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each interface has a readable name such as 'trust', 'trust/1',
+ etc."
+ ::= { nsIfEntry 2 }
+
+nsIfVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "According NetScreen's concepts, each interface belongs to one
+ virtual system. This attribute displays the virtual system name
+ an interface belongs to. If the device is device which doesn't
+ support vsys such as NS-100, we can logically think all the
+ setting belongs to 'root' vsys."
+ ::= { nsIfEntry 3 }
+
+nsIfZone OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each interface belongs to one security zone. This attribute
+ displays the security zone name an interface belongs to."
+ ::= { nsIfEntry 4 }
+
+nsIfStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ down(0),
+ up(1),
+ ready(2),
+ inactive(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The interface status which indicates interface's operational
+ status."
+ ::= { nsIfEntry 5 }
+
+nsIfIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each interface must be assigned an IP address."
+ ::= { nsIfEntry 6 }
+
+nsIfNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each interface must belong to a subnet represented by
+ netmask."
+ ::= { nsIfEntry 7 }
+
+nsIfGateway OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Default gateway ip address."
+ ::= { nsIfEntry 8 }
+
+nsIfMngIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Trusted, untrusted and DMZ interfaces can have two IP address:
+ an interface IP address that corresponds to the physical port
+ through which that interface connects to a network, and a
+ Manage IP address that can be used to receive administrative
+ traffic"
+ ::= { nsIfEntry 9 }
+
+nsIfMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ transparent(0),
+ nat(1),
+ route(2),
+ not-applicable(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetScreen interface can has three operation modes. They are
+ transparent, nat and route."
+ ::= { nsIfEntry 10 }
+
+nsIfMAC OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "MAC address the interface has."
+ ::= { nsIfEntry 11 }
+
+nsIfMngTelnet OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits telnet management."
+ ::= { nsIfEntry 12 }
+
+nsIfMngSCS OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits Secure Command Shell management."
+ ::= { nsIfEntry 13 }
+
+nsIfMngWEB OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits WEB UI management."
+ ::= { nsIfEntry 14 }
+
+nsIfMngSSL OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits SSL management."
+ ::= { nsIfEntry 15 }
+
+nsIfMngSNMP OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits SNMP management."
+ ::= { nsIfEntry 16 }
+
+nsIfMngGlobal OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits NS Global management."
+ ::= { nsIfEntry 17 }
+
+nsIfMngGlobalPro OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits NS Global Pro management."
+ ::= { nsIfEntry 18 }
+
+nsIfMngPing OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits Ping go-through."
+ ::= { nsIfEntry 19 }
+
+nsIfMngIdentReset OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This attribute is used to indicate whether the interface
+ permits ident reset."
+ ::= { nsIfEntry 20 }
+
+nsIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsIfEntry 21 }
+
+nsIfDescr OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each interface has a a configurable descriptor string."
+ ::= { nsIfEntry 22 }
+
+nsIfSecondaryIpTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIfSecondaryIpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "In some ScreenOS, it supports multiple IP addresses and
+ related subnets based on the same interface. This table
+ collects the multiple IP addresses configuration on an
+ interface."
+ ::= { netscreenInterface 2 }
+
+nsIfSecondaryIpEntry OBJECT-TYPE
+ SYNTAX NsIfSecondaryIpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "nsIfSecondaryIpEntry collects some attributes about multiple
+ IP configurations on an interface."
+ INDEX
+ { nsIfSecondaryIpIndex }
+ ::= { nsIfSecondaryIpTable 1 }
+
+nsIfSecondaryIpIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The table index used as primary key when retrieving the
+ table."
+ ::= { nsIfSecondaryIpEntry 1 }
+
+nsIfSecondaryIpIfIdx OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index value which uniquely identifies an interface the
+ secodary ip belongs to. The interface identified by a
+ particular value of this index is the same interface as
+ identified by the same value of ifIndex."
+ ::= { nsIfSecondaryIpEntry 2 }
+
+nsIfSecondaryIpVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "According NetScreen's concepts, each interface belongs to one
+ virtual system. This attribute displays the virtual system ID
+ an interface belongs to. If the device is device which doesn't
+ support vsys such as NS-100, we can logically think all the
+ setting belongs to 'root' vsys."
+ ::= { nsIfSecondaryIpEntry 3 }
+
+nsIfSecondaryIpZone OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "each interface belongs to one security zone. this attribute
+ displays the security zone name an interface belongs to."
+ ::= { nsIfSecondaryIpEntry 4 }
+
+nsIfSecondaryIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Ip Address value."
+ ::= { nsIfSecondaryIpEntry 5 }
+
+nsIfSecondaryIpNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Subnet of a ip belongs to."
+ ::= { nsIfSecondaryIpEntry 6 }
+
+nsIfSecondaryIpIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsIfSecondaryIpEntry 7 }
+
+nsIfFlowTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIfFlowEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "nsIfFlowTable is used to get flow statistical information of
+ the interface."
+ ::= { netscreenInterface 3 }
+
+nsIfFlowEntry OBJECT-TYPE
+ SYNTAX NsIfFlowEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Table entry collect some attributes about interface flow
+ counters."
+ INDEX
+ { nsIfFlowIfIdx }
+ ::= { nsIfFlowTable 1 }
+
+nsIfFlowIfIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Unique interface id, also used as table index."
+ ::= { nsIfFlowEntry 1 }
+
+nsIfFlowVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "According NetScreen's concepts. each interface belongs to one
+ virtual system. This attribute displays the virtual system name
+ an interface belongs to."
+ ::= { nsIfFlowEntry 2 }
+
+nsIfFlowInByte OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming byte number arriving at the this interface"
+ ::= { nsIfFlowEntry 3 }
+
+nsIfFlowInPacket OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming packet number arriving at the this interface"
+ ::= { nsIfFlowEntry 4 }
+
+nsIfFlowOutByte OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Outgoing byte number sending through this interface"
+ ::= { nsIfFlowEntry 5 }
+
+nsIfFlowOutPacket OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Outgoing packet number sending through this interface"
+ ::= { nsIfFlowEntry 6 }
+
+nsIfFlowInVpn OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VPN packet go through this interface"
+ ::= { nsIfFlowEntry 7 }
+
+nsIfInVlan OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming vlan packet"
+ ::= { nsIfFlowEntry 8 }
+
+nsIfOutVlan OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Outgoing vlan packet"
+ ::= { nsIfFlowEntry 9 }
+
+nsIfFlowIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsIfFlowEntry 10 }
+
+nsIfMonTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIfMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table collects some of dropped packet counters of
+ interface"
+ ::= { netscreenInterface 4 }
+
+nsIfMonEntry OBJECT-TYPE
+ SYNTAX NsIfMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing tunnel information"
+ INDEX
+ { nsIfMonIfIdx }
+ ::= { nsIfMonTable 1 }
+
+nsIfMonIfIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Unique interface id, also used as table index."
+ ::= { nsIfMonEntry 1 }
+
+nsIfMonVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "According NetScreen's concepts, each interface belongs to one
+ virtual system. This attribute displays the virtual system name
+ an interface belongs to."
+ ::= { nsIfMonEntry 2 }
+
+nsIfMonPlyDeny OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packet drop since denied by policy."
+ ::= { nsIfMonEntry 3 }
+
+nsIfMonAuthFail OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packet drop due to authentication failed."
+ ::= { nsIfMonEntry 4 }
+
+nsIfMonUrlBlock OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packet drop due to URL blocking."
+ ::= { nsIfMonEntry 5 }
+
+nsIfMonTrMngQueue OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packet queue up due to traffic management"
+ ::= { nsIfMonEntry 6 }
+
+nsIfMonTrMngDrop OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packet drop due to traffic management"
+ ::= { nsIfMonEntry 7 }
+
+nsIfMonEncFail OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IPSec enc failed due to sa not available, no ipak, etc"
+ ::= { nsIfMonEntry 8 }
+
+nsIfMonNoSa OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packet drop due to no sa found for incomig spi"
+ ::= { nsIfMonEntry 9 }
+
+nsIfMonNoSaPly OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packet drop due to no policy associated with found sa"
+ ::= { nsIfMonEntry 10 }
+
+nsIfMonSaInactive OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packet drop due to sa not active"
+ ::= { nsIfMonEntry 11 }
+
+nsIfMonSaPolicyDeny OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packet drop due to denial by sa policy"
+ ::= { nsIfMonEntry 12 }
+
+nsIfMonIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsIfMonEntry 13 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-IP-ARP-MIB b/MIBS/screenos/NETSCREEN-IP-ARP-MIB
new file mode 100644
index 0000000..a4999b9
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-IP-ARP-MIB
@@ -0,0 +1,184 @@
+-- This module defines enterprise MIBs for ARP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-IP-ARP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenIp
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString,PhysAddress
+ FROM SNMPv2-TC
+ ;
+
+nsIpArp MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for ARP"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105020000Z" -- May 02, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenIp 1 }
+
+NsIpArpEntry ::= SEQUENCE
+{
+ nsIpArpIndex Integer32,
+ nsIpArpIp IpAddress,
+ nsIpArpMac PhysAddress,
+ nsIpArpVsys Integer32,
+ nsIpArpIfIdx Integer32,
+ nsIpArpState INTEGER,
+ nsIpArpAge Integer32,
+ nsIpArpRetry Integer32,
+ nsIpArpPakQue Integer32
+}
+
+nsIpArpAOD OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "ARP always on destination."
+ ::= { nsIpArp 1 }
+
+nsIpArpCachUpdate OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "ARP cache update."
+ ::= { nsIpArp 2 }
+
+nsIpArpTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsIpArpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table collects all the ARP entries existing in NetScreen
+ device."
+ ::= { nsIpArp 3 }
+
+nsIpArpEntry OBJECT-TYPE
+ SYNTAX NsIpArpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes of arp info"
+ INDEX
+ { nsIpArpIndex }
+ ::= { nsIpArpTable 1 }
+
+nsIpArpIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for arp table. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsIpArpEntry 1 }
+
+nsIpArpIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IP address."
+ ::= { nsIpArpEntry 2 }
+
+nsIpArpMac OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "MAC address."
+ ::= { nsIpArpEntry 3 }
+
+nsIpArpVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system id this entry belongs to."
+ ::= { nsIpArpEntry 4 }
+
+nsIpArpIfIdx OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Interface location."
+ ::= { nsIpArpEntry 5 }
+
+nsIpArpState OBJECT-TYPE
+ SYNTAX INTEGER {
+ pending(1),
+ valid(2),
+ delete(3),
+ static(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ARP entry state."
+ ::= { nsIpArpEntry 6 }
+
+nsIpArpAge OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ARP entry age."
+ ::= { nsIpArpEntry 7 }
+
+nsIpArpRetry OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ARP entry retry time."
+ ::= { nsIpArpEntry 8 }
+
+nsIpArpPakQue OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ARP entry package queue."
+ ::= { nsIpArpEntry 9 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-IPPOOL-MIB b/MIBS/screenos/NETSCREEN-IPPOOL-MIB
new file mode 100644
index 0000000..e8cf13f
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-IPPOOL-MIB
@@ -0,0 +1,125 @@
+-- This module defines enterprise MIBs for VPN IP pool
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-IPPOOL-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenIppoolMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ VPN IP pool"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200008270000Z" -- August 27, 2000
+ DESCRIPTION
+ "Creation date"
+ ::= { netscreenVpnMibModule 9 }
+
+NsVpnIpPoolEntry ::= SEQUENCE
+{
+ nsVpnIpPoolIndex Integer32,
+ nsVpnIpPoolName DisplayString,
+ nsVpnIpPoolStartIp IpAddress,
+ nsVpnIpPoolEndIp IpAddress,
+ nsVpnIpPoolIpUsed Integer32
+}
+
+nsVpnIpPool OBJECT IDENTIFIER ::= { netscreenVpn 9 }
+
+nsVpnIpPoolTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnIpPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table collects all ip pool configuration in NetScreen
+ device."
+ ::= { nsVpnIpPool 1 }
+
+nsVpnIpPoolEntry OBJECT-TYPE
+ SYNTAX NsVpnIpPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnIpPoolEntry holds a set of
+ configuration parameters associated with an instance IP pool."
+ INDEX
+ { nsVpnIpPoolIndex }
+ ::= { nsVpnIpPoolTable 1 }
+
+nsVpnIpPoolIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for ip pool. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsVpnIpPoolEntry 1 }
+
+nsVpnIpPoolName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ip pool name"
+ ::= { nsVpnIpPoolEntry 2 }
+
+nsVpnIpPoolStartIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IP pool's start ip address."
+ ::= { nsVpnIpPoolEntry 3 }
+
+nsVpnIpPoolEndIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IP pool's end ip address."
+ ::= { nsVpnIpPoolEntry 4 }
+
+nsVpnIpPoolIpUsed OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total number of addresses in use from this pool."
+ ::= { nsVpnIpPoolEntry 5 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-NAT-MIB b/MIBS/screenos/NETSCREEN-NAT-MIB
new file mode 100644
index 0000000..b4fe7a7
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-NAT-MIB
@@ -0,0 +1,536 @@
+-- This module defines enterprise MIBs for NAT
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-NAT-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenNAT
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenNATMibModule MODULE-IDENTITY
+ LAST-UPDATED "200503032022Z" -- March 03, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "Added dip pool utilization attribute"
+ REVISION "200503030000Z" -- March 03, 2005
+ DESCRIPTION
+ "This module defines the managed objects for Netscreen NAT"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200306030000Z" -- June 03, 2003
+ DESCRIPTION
+ "Change VIP configuration per physical interface"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenNAT 0 }
+
+NsNatDipEntry ::= SEQUENCE
+{
+ nsNatDipIndex Integer32,
+ nsNatDipId Integer32,
+ nsNatDipLow IpAddress,
+ nsNatDipHigh IpAddress,
+ nsNatDipIfIp IpAddress,
+ nsNatDipIfNetmask IpAddress,
+ nsNatDipPTEnable INTEGER,
+ nsNatDipVsys Integer32,
+ nsNatDipUtil Integer32
+}
+
+NsNatDipPPortEntry ::= SEQUENCE
+{
+ nsNatDipPPortIndex Integer32,
+ nsNatDipAllPort Integer32,
+ nsNatDipAllocatedPort Integer32,
+ nsNatDipAvailablePort Integer32,
+ nsNatDipAllocatedPairedPort Integer32,
+ nsNatDipAvailablePairedPort Integer32,
+}
+
+NsNatMipEntry ::= SEQUENCE
+{
+ nsNatMipIndex Integer32,
+ nsNatMipIp IpAddress,
+ nsNatMipNetmask IpAddress,
+ nsNatMipHost IpAddress,
+ nsNatMipIfIp IpAddress,
+ nsNatMipIfNetmask IpAddress,
+ nsNatMipVsys Integer32
+}
+
+NsNatVipCfgEntry ::= SEQUENCE
+{
+ nsNatVipCfgIndex Integer32,
+ nsNatVipCfgIp IpAddress,
+ nsNatVipCfgPort Integer32,
+ nsNatVipCfgService DisplayString,
+ nsNatVipCfgStatus INTEGER,
+ nsNatVipCfgLoadBalance INTEGER
+}
+
+NsNatVipServerEntry ::= SEQUENCE
+{
+ nsNatVipServerIndex Integer32,
+ nsNatVipServerVIP IpAddress,
+ nsNatVipServerService Integer32,
+ nsNatVipServerLoadBalance INTEGER,
+ nsNatVipServerIp IpAddress,
+ nsNatVipServerWeight Integer32,
+ nsNatVipServerStatus INTEGER
+}
+
+nsNatMipTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsNatMipEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Mapped IP(MIP) is a direct one-to-one maping of traffic
+ destined for one IP address ot another IP address. On
+ NetScreen device, MIP addresses for tunnel and untrusted
+ interfaces can be created."
+ ::= { netscreenNAT 1 }
+
+nsNatMipEntry OBJECT-TYPE
+ SYNTAX NsNatMipEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes of a mip address"
+ INDEX
+ { nsNatMipIndex }
+ ::= { nsNatMipTable 1 }
+
+nsNatMipIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each address. Its value ranges between 0
+ and 65535 and may not be contingous."
+ ::= { nsNatMipEntry 1 }
+
+nsNatMipIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "mip address. A MIP must be in the same subnet as the tunnel
+ interface to which it is linked to; however, for the untrusted
+ interface, a MIP does not need to be in the same subnet. In
+ either case, a MIP must not be the same as the interface
+ address or be in any DIP pool that might also be on that
+ subnet."
+ ::= { nsNatMipEntry 2 }
+
+nsNatMipNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Subnet mask for this MIP."
+ ::= { nsNatMipEntry 3 }
+
+nsNatMipHost OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Host ip address mip mapping to."
+ ::= { nsNatMipEntry 4 }
+
+nsNatMipIfIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Interface's ip address that a MIP is linked to."
+ ::= { nsNatMipEntry 5 }
+
+nsNatMipIfNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Interface's netmask that a MIP is linked to."
+ ::= { nsNatMipEntry 6 }
+
+nsNatMipVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this mip belongs to."
+ ::= { nsNatMipEntry 7 }
+
+nsNatDipTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsNatDipEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A DIP(Dynamic IP) pool is a range of IP addresses from which
+ the NetScreen device can dynamically take addresses to use when
+ performing NAT on the source IP address of outgoing or incoming
+ IP packets."
+ ::= { netscreenNAT 2 }
+
+nsNatDipEntry OBJECT-TYPE
+ SYNTAX NsNatDipEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes of a dynamic address"
+ INDEX
+ { nsNatDipIndex }
+ ::= { nsNatDipTable 1 }
+
+nsNatDipIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each address. Its value ranges between 0
+ and 65535 and may not be contigous."
+ ::= { nsNatDipEntry 1 }
+
+nsNatDipId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DIP pool id."
+ ::= { nsNatDipEntry 2 }
+
+nsNatDipLow OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Start IP Address Range. The range of addresses in a DIP pool
+ must be in the same subnet as the interface IP address, but the
+ DIP pool should not contain the interface IP or any MIP or VIP
+ address that might on that subnet."
+ ::= { nsNatDipEntry 3 }
+
+nsNatDipHigh OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "End IP Address Range. The range of addresses in a DIP pool
+ must be in the same subnet as the interface IP address, but the
+ DIP pool should not contain the interface IP or any MIP or VIP
+ address that might on that subnet."
+ ::= { nsNatDipEntry 4 }
+
+nsNatDipIfIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Interface's ip address that a DIP is linked to."
+ ::= { nsNatDipEntry 5 }
+
+nsNatDipIfNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "interface's ip address that a DIP is linked to."
+ ::= { nsNatDipEntry 6 }
+
+nsNatDipPTEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Port Translation"
+ ::= { nsNatDipEntry 7 }
+
+nsNatDipVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "virtual system this dip belongs to"
+ ::= { nsNatDipEntry 8 }
+
+nsNatDipUtil OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "dip pool utilzation for this entry. Only applicable to fixed dip. If this is not a fixed dip this will return 0"
+ ::= { nsNatDipEntry 9 }
+
+nsNatDipPPortTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsNatDipPPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "show pseudo port allocated status of a dynamic address"
+ ::= { netscreenNAT 4 }
+
+nsNatDipPPortEntry OBJECT-TYPE
+ SYNTAX NsNatDipPPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry show pseudo port allocated status of a dynamic address"
+ INDEX
+ { nsNatDipPPortIndex }
+ ::= { nsNatDipPPortTable 1 }
+
+nsNatDipPPortIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each address. Its value ranges between 0
+ and 65535 and may not be contigous."
+ ::= { nsNatDipPPortEntry 1 }
+
+nsNatDipAllPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "All port of the dip"
+ ::= { nsNatDipPPortEntry 2 }
+
+nsNatDipAllocatedPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allocated port of the dip"
+ ::= { nsNatDipPPortEntry 3 }
+
+nsNatDipAvailablePort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Available port of the dip"
+ ::= { nsNatDipPPortEntry 4 }
+
+nsNatDipAllocatedPairedPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allocated paired port of the dip"
+ ::= { nsNatDipPPortEntry 5 }
+
+nsNatDipAvailablePairedPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Available paired port of the dip"
+ ::= { nsNatDipPPortEntry 6 }
+
+nsNatVip OBJECT IDENTIFIER ::= { netscreenNAT 3 }
+
+nsNatVipCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsNatVipCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "VIP(Virtual IP) allows you to map routable IP addresses to
+ internal servers, therby providing transparent connections for
+ a NAT networks to the Internet. This table collects all VIP
+ configurations in NetScreen device."
+ ::= { nsNatVip 1 }
+
+nsNatVipCfgEntry OBJECT-TYPE
+ SYNTAX NsNatVipCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsNatVipCfgTable holds a set of
+ configuration parameters associated with an instance of VIP."
+ INDEX
+ { nsNatVipCfgIndex }
+ ::= { nsNatVipCfgTable 1 }
+
+nsNatVipCfgIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each vip configuation. Its value ranges
+ between 1 and 65535 and may not be contingous."
+ ::= { nsNatVipCfgEntry 1 }
+
+nsNatVipCfgIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address for the VIP, which must be in the same subnet
+ as the untrusted interface and can even be the same address as
+ the untrusted interface."
+ ::= { nsNatVipCfgEntry 2 }
+
+nsNatVipCfgPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The port number for communication between the trusted server
+ and the untrusted interfce on the NetScreen device."
+ ::= { nsNatVipCfgEntry 3 }
+
+nsNatVipCfgService OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service for the server on the trusted interface."
+ ::= { nsNatVipCfgEntry 4 }
+
+nsNatVipCfgStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ not-available(0),
+ available(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The status of the server on the trusted/DMZ interface."
+ ::= { nsNatVipCfgEntry 5 }
+
+nsNatVipCfgLoadBalance OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ round-robin(1),
+ weighted-round-robin(2),
+ least-conns(3),
+ weighted-least-conns(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Load balance algorithm for the Virtual IP servers."
+ ::= { nsNatVipCfgEntry 6 }
+
+nsNatVipServerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsNatVipServerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Ballancing the loads on NetScreen servers allow traffic
+ intended for a server(one IP address on the untrusted network)
+ to be mapped to several different IP addresses on the DMZ or
+ trusted network. There can be up to eight servers in one load
+ balancing group, which apperas as a single virtual server.This
+ table collects all the server pool configurations for the
+ virtual ip server."
+ ::= { nsNatVip 2 }
+
+nsNatVipServerEntry OBJECT-TYPE
+ SYNTAX NsNatVipServerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes of a vip configuration's server
+ pool."
+ INDEX
+ { nsNatVipServerIndex }
+ ::= { nsNatVipServerTable 1 }
+
+nsNatVipServerIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each vip server configuation. Its value
+ ranges between 1 and 65535 and may not be contigous."
+ ::= { nsNatVipServerEntry 1 }
+
+nsNatVipServerVIP OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address for the VIP."
+ ::= { nsNatVipServerEntry 2 }
+
+nsNatVipServerService OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service provideing through the VIP."
+ ::= { nsNatVipServerEntry 3 }
+
+nsNatVipServerLoadBalance OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ round-robin(1),
+ weighted-round-robin(2),
+ least-conns(3),
+ weighted-least-conns(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Load balance algorithm for the vitural IP servers."
+ ::= { nsNatVipServerEntry 4 }
+
+nsNatVipServerIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual IP server's IP address."
+ ::= { nsNatVipServerEntry 5 }
+
+nsNatVipServerWeight OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Loadbalance algorithm weight."
+ ::= { nsNatVipServerEntry 6 }
+
+nsNatVipServerStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ down(0),
+ up(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual IP server's status."
+ ::= { nsNatVipServerEntry 7 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-NSRP-MIB b/MIBS/screenos/NETSCREEN-NSRP-MIB
new file mode 100644
index 0000000..7a52083
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-NSRP-MIB
@@ -0,0 +1,1182 @@
+-- This module defines enterprise MIBs for nsrp
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-NSRP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenNsrp
+ FROM NETSCREEN-SMI
+ Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString,PhysAddress
+ FROM SNMPv2-TC
+ ;
+
+netscreenNsrpMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are200 used for netscreen
+ redundancy protocol"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311140000Z" -- November 14, 2003
+ DESCRIPTION
+ "no comment"
+ REVISION "200306040000Z" -- June 04, 2003
+ DESCRIPTION
+ "no comment"
+ REVISION "200101080000Z" -- January 08, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenNsrp 0 }
+
+NsRpRtoCounterEntry ::= SEQUENCE
+{
+ nsrpRtoCounterIdx Integer32,
+ nsrpRtoCounterName DisplayString,
+ nsrpRtoCounterSend Counter32,
+ nsrpRtoCounterReceive Counter32,
+ nsrpRtoCounterDrop Counter32
+}
+
+NsRpRtoGroupEntry ::= SEQUENCE
+{
+ nsrpRtoGroupId Integer32,
+ nsrpRtoNumOfUnit Integer32
+}
+
+NsRpRtoUnitEntry ::= SEQUENCE
+{
+ nsrpRtoUnitGroupId Integer32,
+ nsrpRtoUnitId Integer32,
+ nsrpRtoUnitStatus INTEGER,
+ nsrpRtoUnitDirection INTEGER,
+ nsrpRtoUnitLostHeartbeat Counter32,
+ nsrpRtoUnitToActive Counter32,
+ nsrpRtoUnitToSet Counter32,
+ nsrpRtoUnitLostPeer Counter32,
+ nsrpRtoUnitGroupDetach Counter32
+}
+
+NsRpTrackEntry ::= SEQUENCE
+{
+ nsrpTrackIpIndex Integer32,
+ nsrpTrackIpAddr IpAddress,
+ nsrpTrackIpStatus INTEGER,
+ nsrpTrackIpTimestamp Integer32,
+ nsrpTrackIpInterval Integer32,
+ nsrpTrackIpThreshhold Integer32,
+ nsrpTrackIpMethod INTEGER,
+ nsrpTrackIpWeight Integer32,
+ nsrpTrackIpIfName DisplayString,
+ nsrpTrackIpTotalCheck Integer32,
+ nsrpTrackIpTotalFailedCheck Integer32
+}
+
+NsRpVsdInterfaceEntry ::= SEQUENCE
+{
+ nsrpVsdIfIndex Integer32,
+ nsrpVsdIfStatus INTEGER,
+ nsrpVsdIfGroupId Integer32,
+ nsrpVsdIfIp IpAddress,
+ nsrpVsdIfNetmask IpAddress,
+ nsrpVsdIfGateway IpAddress,
+ nsrpVsdIfName DisplayString,
+ nsrpVsdIfVLAN Integer32,
+ nsrpVsdIfMAC PhysAddress,
+ nsrpVsdIfVSys DisplayString,
+ nsrpVsdIfMngTelnet INTEGER,
+ nsrpVsdIfMngSCS INTEGER,
+ nsrpVsdIfMngWEB INTEGER,
+ nsrpVsdIfMngSSL INTEGER,
+ nsrpVsdIfMngSNMP INTEGER,
+ nsrpVsdIfMngGlobal INTEGER,
+ nsrpVsdIfMngGlobalPro INTEGER,
+ nsrpVsdIfMngPing INTEGER,
+ nsrpVsdIfMngIdentReset INTEGER
+}
+
+NsrpClusterEntry ::= SEQUENCE
+{
+ nsrpClusterTblIndex Integer32,
+ nsrpClusterUnitId Integer32,
+ nsrpClusterUnitCtrlMac PhysAddress,
+ nsrpClusterUnitDataMac PhysAddress
+}
+
+NsrpLinkInfoEntry ::= SEQUENCE
+{
+ nsrpLinkInfoIndex Integer32,
+ nsrpLinkInfoLinkType INTEGER,
+ nsrpLinkInfoChannel DisplayString,
+ nsrpLinkInfoMac PhysAddress,
+ nsrpLinkInfoState INTEGER
+}
+
+NsrpVsdGroupEntry ::= SEQUENCE
+{
+ nsrpVsdGroupID Integer32,
+ nsrpVsdGroupPriority Integer32,
+ nsrpVsdGroupPreempt Integer32,
+ nsrpVsdGroupHoldDownTime Integer32,
+ nsrpVsdGroupNumberOfUnit Integer32,
+ nsrpVsdGroupCntStateChange Integer32,
+ nsrpVsdGroupCntToInit Integer32,
+ nsrpVsdGroupCntToMaster Integer32,
+ nsrpVsdGroupCntToPBackup Integer32,
+ nsrpVsdGroupCntToBackup Integer32,
+ nsrpVsdGroupCntToIneligible Integer32,
+ nsrpVsdGroupCntToInoperable Integer32,
+ nsrpVsdGroupCntMasterConflict Integer32,
+ nsrpVsdGroupCntPbConfilict Integer32,
+ nsrpVsdGroupCntHeartbeatTx Integer32,
+ nsrpVsdGroupCntHeartbeatRx Integer32
+}
+
+NsrpVsdMemberEntry ::= SEQUENCE
+{
+ nsrpVsdMemberGroupId Integer32,
+ nsrpVsdMemberUnitId Integer32,
+ nsrpVsdMemberStatus INTEGER,
+ nsrpVsdMemberPriority Integer32,
+ nsrpVsdMemberPreempt Integer32
+}
+
+netscreenNsrpGeneral OBJECT IDENTIFIER ::= { netscreenNsrp 1 }
+
+nsrpGeneralClusterId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The cluster ID"
+ ::= { netscreenNsrpGeneral 1 }
+
+nsrpGeneralLocalUnitId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "local device's unit ID"
+ ::= { netscreenNsrpGeneral 2 }
+
+nsrpGeneralEncrypEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disabled(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NSRP encryption enabled"
+ ::= { netscreenNsrpGeneral 3 }
+
+nsrpGeneralAuthEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disabled(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NSRP authentication enabled"
+ ::= { netscreenNsrpGeneral 4 }
+
+nsrpGeneralIfMonitor OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "interface being monitored"
+ ::= { netscreenNsrpGeneral 5 }
+
+nsrpGeneralGratArps OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of gratuitious arps"
+ ::= { netscreenNsrpGeneral 6 }
+
+netscreenNsrpVSD OBJECT IDENTIFIER ::= { netscreenNsrp 2 }
+
+nsrpVsdGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsrpVsdGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of VSD groups on the device."
+ ::= { netscreenNsrpVSD 1 }
+
+nsrpVsdGroupEntry OBJECT-TYPE
+ SYNTAX NsrpVsdGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes for a track ip"
+ INDEX
+ { nsrpVsdGroupID }
+ ::= { nsrpVsdGroupTable 1 }
+
+nsrpVsdGroupID OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "one group ID the device belongs to."
+ ::= { nsrpVsdGroupEntry 1 }
+
+nsrpVsdGroupPriority OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "local unit in current group's priority."
+ ::= { nsrpVsdGroupEntry 2 }
+
+nsrpVsdGroupPreempt OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "local unit in current group's preempt."
+ ::= { nsrpVsdGroupEntry 3 }
+
+nsrpVsdGroupHoldDownTime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "TBD"
+ ::= { nsrpVsdGroupEntry 4 }
+
+nsrpVsdGroupNumberOfUnit OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unit quantity in this group."
+ ::= { nsrpVsdGroupEntry 5 }
+
+nsrpVsdGroupCntStateChange OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "total number of state transition events"
+ ::= { nsrpVsdGroupEntry 6 }
+
+nsrpVsdGroupCntToInit OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into init state, which is as out of
+ ineligible state`"
+ ::= { nsrpVsdGroupEntry 7 }
+
+nsrpVsdGroupCntToMaster OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into master state"
+ ::= { nsrpVsdGroupEntry 8 }
+
+nsrpVsdGroupCntToPBackup OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into primary backup state"
+ ::= { nsrpVsdGroupEntry 9 }
+
+nsrpVsdGroupCntToBackup OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into backup state."
+ ::= { nsrpVsdGroupEntry 10 }
+
+nsrpVsdGroupCntToIneligible OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into ineligible state."
+ ::= { nsrpVsdGroupEntry 11 }
+
+nsrpVsdGroupCntToInoperable OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of state transition into inoperable state."
+ ::= { nsrpVsdGroupEntry 12 }
+
+nsrpVsdGroupCntMasterConflict OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of times multiple masters exist while the local unit is
+ in master state."
+ ::= { nsrpVsdGroupEntry 13 }
+
+nsrpVsdGroupCntPbConfilict OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of times multiple primary backups exist while the local
+ unit is in primary backup state."
+ ::= { nsrpVsdGroupEntry 14 }
+
+nsrpVsdGroupCntHeartbeatTx OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of heart beat transfered by a group."
+ ::= { nsrpVsdGroupEntry 15 }
+
+nsrpVsdGroupCntHeartbeatRx OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "number of heart beat received by a group."
+ ::= { nsrpVsdGroupEntry 16 }
+
+nsrpVsdMemberTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsrpVsdMemberEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of devices within the VSD group."
+ ::= { netscreenNsrpVSD 2 }
+
+nsrpVsdMemberEntry OBJECT-TYPE
+ SYNTAX NsrpVsdMemberEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A entry containing attributes of one device in a group"
+ INDEX
+ { nsrpVsdMemberGroupId, nsrpVsdMemberUnitId }
+ ::= { nsrpVsdMemberTable 1 }
+
+nsrpVsdMemberGroupId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "indicate the Group it belong to"
+ ::= { nsrpVsdMemberEntry 1 }
+
+nsrpVsdMemberUnitId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VSD group member's unit id"
+ ::= { nsrpVsdMemberEntry 2 }
+
+nsrpVsdMemberStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ undefined(0),
+ init(1),
+ master(2),
+ primary-backup(3),
+ backup(4),
+ ineligible(5),
+ inoperable(6)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Undefined
+ 1 init
+ 2 Master
+ 3 Primary Backup
+ 4 Backup
+ 5 ineligible
+ 6 inoperable"
+ ::= { nsrpVsdMemberEntry 3 }
+
+nsrpVsdMemberPriority OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Priority of unit in this group"
+ ::= { nsrpVsdMemberEntry 4 }
+
+nsrpVsdMemberPreempt OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unit in current group's preempt"
+ ::= { nsrpVsdMemberEntry 5 }
+
+nsrpVsdInterfaceTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRpVsdInterfaceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of VSD interfaces on the device."
+ ::= { netscreenNsrpVSD 3 }
+
+nsrpVsdInterfaceEntry OBJECT-TYPE
+ SYNTAX NsRpVsdInterfaceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A track entry containing attributes for a track ip"
+ INDEX
+ { nsrpVsdIfIndex }
+ ::= { nsrpVsdInterfaceTable 1 }
+
+nsrpVsdIfIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A index."
+ ::= { nsrpVsdInterfaceEntry 1 }
+
+nsrpVsdIfStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ down(0),
+ inactive(1),
+ active(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "indicate the status of this vsi interface"
+ ::= { nsrpVsdInterfaceEntry 2 }
+
+nsrpVsdIfGroupId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "indicate the group it belong to"
+ ::= { nsrpVsdInterfaceEntry 3 }
+
+nsrpVsdIfIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ip ADDRESS"
+ ::= { nsrpVsdInterfaceEntry 4 }
+
+nsrpVsdIfNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "subnet mask"
+ ::= { nsrpVsdInterfaceEntry 5 }
+
+nsrpVsdIfGateway OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "gateway"
+ ::= { nsrpVsdInterfaceEntry 6 }
+
+nsrpVsdIfName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "trust/untrust/DMZ"
+ ::= { nsrpVsdInterfaceEntry 7 }
+
+nsrpVsdIfVLAN OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vlan -1 means no vlan"
+ ::= { nsrpVsdInterfaceEntry 8 }
+
+nsrpVsdIfMAC OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "mac address"
+ ::= { nsrpVsdInterfaceEntry 9 }
+
+nsrpVsdIfVSys OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "virtual system"
+ ::= { nsrpVsdInterfaceEntry 10 }
+
+nsrpVsdIfMngTelnet OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 11 }
+
+nsrpVsdIfMngSCS OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 12 }
+
+nsrpVsdIfMngWEB OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 13 }
+
+nsrpVsdIfMngSSL OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 14 }
+
+nsrpVsdIfMngSNMP OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 15 }
+
+nsrpVsdIfMngGlobal OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 16 }
+
+nsrpVsdIfMngGlobalPro OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 17 }
+
+nsrpVsdIfMngPing OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 18 }
+
+nsrpVsdIfMngIdentReset OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enable(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 Disable
+ 1 Enable"
+ ::= { nsrpVsdInterfaceEntry 19 }
+
+nsrpVsdGeneral OBJECT IDENTIFIER ::= { netscreenNsrpVSD 4 }
+
+nsrpVsdGeneralInitHoldTime OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VSD group init hold time (in second)"
+ ::= { nsrpVsdGeneral 1 }
+
+nsrpVsdGeneralHbInterval OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VSD heart beat interval.(in milisecond)"
+ ::= { nsrpVsdGeneral 2 }
+
+nsrpVsdGeneralHbLostThres OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsd heartbeat lost threshold"
+ ::= { nsrpVsdGeneral 3 }
+
+netscreenNsrpRTO OBJECT IDENTIFIER ::= { netscreenNsrp 3 }
+
+nsrpRtoGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRpRtoGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of RTO groups on the device."
+ ::= { netscreenNsrpRTO 1 }
+
+nsrpRtoGroupEntry OBJECT-TYPE
+ SYNTAX NsRpRtoGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes for RTO group"
+ INDEX
+ { nsrpRtoGroupId }
+ ::= { nsrpRtoGroupTable 1 }
+
+nsrpRtoGroupId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A RTO group ID.also used as table index"
+ ::= { nsrpRtoGroupEntry 1 }
+
+nsrpRtoNumOfUnit OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "how many units in this RTO group"
+ ::= { nsrpRtoGroupEntry 2 }
+
+nsrpRtoUnitTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRpRtoUnitEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of device status within a RTO group."
+ ::= { netscreenNsrpRTO 2 }
+
+nsrpRtoUnitEntry OBJECT-TYPE
+ SYNTAX NsRpRtoUnitEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A track entry containing attributes for a track ip"
+ INDEX
+ { nsrpRtoUnitGroupId, nsrpRtoUnitId }
+ ::= { nsrpRtoUnitTable 1 }
+
+nsrpRtoUnitGroupId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The RTO group id, a unit belongs to"
+ ::= { nsrpRtoUnitEntry 1 }
+
+nsrpRtoUnitId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "device's unit id."
+ ::= { nsrpRtoUnitEntry 2 }
+
+nsrpRtoUnitStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ undefined(0),
+ set(1),
+ active(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The RTO group id, a unit belongs to"
+ ::= { nsrpRtoUnitEntry 3 }
+
+nsrpRtoUnitDirection OBJECT-TYPE
+ SYNTAX INTEGER {
+ out(1),
+ in(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The RTO uint's dirction in the group"
+ ::= { nsrpRtoUnitEntry 4 }
+
+nsrpRtoUnitLostHeartbeat OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter of heartbeat"
+ ::= { nsrpRtoUnitEntry 5 }
+
+nsrpRtoUnitToActive OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter of active"
+ ::= { nsrpRtoUnitEntry 6 }
+
+nsrpRtoUnitToSet OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter of set"
+ ::= { nsrpRtoUnitEntry 7 }
+
+nsrpRtoUnitLostPeer OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter of lost peer"
+ ::= { nsrpRtoUnitEntry 8 }
+
+nsrpRtoUnitGroupDetach OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter of rto group detach"
+ ::= { nsrpRtoUnitEntry 9 }
+
+nsrpRtoCounter OBJECT IDENTIFIER ::= { netscreenNsrpRTO 3 }
+
+nsrpRtoCounterPakForwarded OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packets forwarded by rto."
+ ::= { nsrpRtoCounter 1 }
+
+nsrpRtoCounterPakReceived OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "packets received by rto."
+ ::= { nsrpRtoCounter 2 }
+
+nsrpRtoCounterTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRpRtoCounterEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of rto counter object entry."
+ ::= { nsrpRtoCounter 3 }
+
+nsrpRtoCounterEntry OBJECT-TYPE
+ SYNTAX NsRpRtoCounterEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A rto counter entry containing attributes for a rto counter
+ obj."
+ INDEX
+ { nsrpRtoCounterIdx }
+ ::= { nsrpRtoCounterTable 1 }
+
+nsrpRtoCounterIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "counter index."
+ ::= { nsrpRtoCounterEntry 1 }
+
+nsrpRtoCounterName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Name of a rto counter object."
+ ::= { nsrpRtoCounterEntry 2 }
+
+nsrpRtoCounterSend OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total number of message sent."
+ ::= { nsrpRtoCounterEntry 3 }
+
+nsrpRtoCounterReceive OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total number of message received."
+ ::= { nsrpRtoCounterEntry 4 }
+
+nsrpRtoCounterDrop OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total number of message dropped."
+ ::= { nsrpRtoCounterEntry 5 }
+
+nsrpRtoGeneral OBJECT IDENTIFIER ::= { netscreenNsrpRTO 4 }
+
+nsrpRtoGeneralHbInterval OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "rto heart beat interval."
+ ::= { nsrpRtoGeneral 1 }
+
+nsrpRtoGeneralHbLostThres OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "rto heartbeat lost threshold"
+ ::= { nsrpRtoGeneral 2 }
+
+nsrpRtoGeneralSessSyncEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disabled(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "session sync enabled."
+ ::= { nsrpRtoGeneral 3 }
+
+netscreenNsrpTrack OBJECT IDENTIFIER ::= { netscreenNsrp 4 }
+
+nsrpTrackEnable OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 means disable, 1 meams enable"
+ ::= { netscreenNsrpTrack 1 }
+
+nsrpTrackThreshold OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Failover Threshold"
+ ::= { netscreenNsrpTrack 2 }
+
+nsrpTrackFailoverEnalble OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Failover enable switch"
+ ::= { netscreenNsrpTrack 3 }
+
+nsrpTrackTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRpTrackEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of track ip entries."
+ ::= { netscreenNsrpTrack 4 }
+
+nsrpTrackEntry OBJECT-TYPE
+ SYNTAX NsRpTrackEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A track entry containing attributes for a track ip"
+ INDEX
+ { nsrpTrackIpIndex }
+ ::= { nsrpTrackTable 1 }
+
+nsrpTrackIpIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each track ip. Its value ranges between 1
+ and 65535 and may not be contigous. It has no other meaning
+ but a pure index."
+ ::= { nsrpTrackEntry 1 }
+
+nsrpTrackIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of the monitored device."
+ ::= { nsrpTrackEntry 2 }
+
+nsrpTrackIpStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ success(0),
+ fail(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Status"
+ ::= { nsrpTrackEntry 3 }
+
+nsrpTrackIpTimestamp OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Timestamp of status change. Reference 1970/1/1 0:0"
+ ::= { nsrpTrackEntry 4 }
+
+nsrpTrackIpInterval OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A frequecy how the track ip is checked. It is in unit of
+ seconds."
+ ::= { nsrpTrackEntry 5 }
+
+nsrpTrackIpThreshhold OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A number of consective failures to regard the device has
+ failed."
+ ::= { nsrpTrackEntry 6 }
+
+nsrpTrackIpMethod OBJECT-TYPE
+ SYNTAX INTEGER {
+ ping(0),
+ arp(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The method to track the device."
+ ::= { nsrpTrackEntry 7 }
+
+nsrpTrackIpWeight OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The weight of this failure contributing to the failover."
+ ::= { nsrpTrackEntry 8 }
+
+nsrpTrackIpIfName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The interface the track messages are sent to. Auto means the
+ actual interface is determined by the routing table."
+ ::= { nsrpTrackEntry 9 }
+
+nsrpTrackIpTotalCheck OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of ping/arp attempts."
+ ::= { nsrpTrackEntry 10 }
+
+nsrpTrackIpTotalFailedCheck OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of total failed attempts."
+ ::= { nsrpTrackEntry 11 }
+
+netscreenNsrpCluster OBJECT IDENTIFIER ::= { netscreenNsrp 5 }
+
+nsrpClusterTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsrpClusterEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of cluster on the device."
+ ::= { netscreenNsrpCluster 1 }
+
+nsrpClusterEntry OBJECT-TYPE
+ SYNTAX NsrpClusterEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes for nsrp cluster"
+ INDEX
+ { nsrpClusterTblIndex }
+ ::= { nsrpClusterTable 1 }
+
+nsrpClusterTblIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "table index"
+ ::= { nsrpClusterEntry 1 }
+
+nsrpClusterUnitId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Unit id in this cluster"
+ ::= { nsrpClusterEntry 2 }
+
+nsrpClusterUnitCtrlMac OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Unit id's control path mac address"
+ ::= { nsrpClusterEntry 3 }
+
+nsrpClusterUnitDataMac OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Unit id's data path mac address"
+ ::= { nsrpClusterEntry 4 }
+
+netscreenNsrpLinkInfo OBJECT IDENTIFIER ::= { netscreenNsrp 6 }
+
+nsrpLinkInfoTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsrpLinkInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of NSRP link info"
+ ::= { netscreenNsrpLinkInfo 1 }
+
+nsrpLinkInfoEntry OBJECT-TYPE
+ SYNTAX NsrpLinkInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes for nsrp link info"
+ INDEX
+ { nsrpLinkInfoIndex }
+ ::= { nsrpLinkInfoTable 1 }
+
+nsrpLinkInfoIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "table index"
+ ::= { nsrpLinkInfoEntry 1 }
+
+nsrpLinkInfoLinkType OBJECT-TYPE
+ SYNTAX INTEGER {
+ control(0),
+ data(1),
+ unused(2),
+ hapath2(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "link type"
+ ::= { nsrpLinkInfoEntry 2 }
+
+nsrpLinkInfoChannel OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "link channel's name"
+ ::= { nsrpLinkInfoEntry 3 }
+
+nsrpLinkInfoMac OBJECT-TYPE
+ SYNTAX PhysAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "link channel's mac address"
+ ::= { nsrpLinkInfoEntry 4 }
+
+nsrpLinkInfoState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down(0),
+ up(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "link channel's state"
+ ::= { nsrpLinkInfoEntry 5 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-OSPF-MIB b/MIBS/screenos/NETSCREEN-OSPF-MIB
new file mode 100644
index 0000000..401149c
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-OSPF-MIB
@@ -0,0 +1,2397 @@
+-- These MIBs were created on 1/7/2003
+-- This module defines enterprise MIBs for NS OSPF
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+
+NETSCREEN-OSPF-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32,
+ Integer32, IpAddress
+ FROM SNMPv2-SMI
+ TEXTUAL-CONVENTION, TruthValue, RowStatus
+ FROM SNMPv2-TC
+ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
+ mib-2 FROM RFC1213-MIB
+ netscreenVR FROM NETSCREEN-SMI;
+
+-- This MIB module uses the extended OBJECT-TYPE macro as
+-- defined in [9].
+
+nsOspf MODULE-IDENTITY
+ LAST-UPDATED "200506032022Z" -- June 20, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module to describe the NS-OSPF Version 2
+ Protocol"
+ ::= { netscreenVR 2 }
+
+-- The Area ID, in OSPF, has the same format as an IP Address,
+-- but has the function of defining a summarization point for
+-- Link State Advertisements
+
+AreaID ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "An OSPF Area Identifier."
+ SYNTAX IpAddress
+
+-- The Router ID, in OSPF, has the same format as an IP Address,
+
+-- but identifies the router independent of its IP Address.
+
+RouterID ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "A OSPF Router Identifier."
+ SYNTAX IpAddress
+
+-- The OSPF Metric is defined as an unsigned value in the range
+
+Metric ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Internal Metric."
+ SYNTAX Integer32 (0..'FFFF'H)
+
+BigMetric ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF External Metric."
+ SYNTAX Integer32 (0..'FFFFFF'H)
+
+-- Status Values
+
+Status ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The status of an interface: 'enabled' indicates that
+ it is willing to communicate with other OSPF Routers,
+ while 'disabled' indicates that it is not."
+ SYNTAX INTEGER { enabled (1), disabled (2) }
+
+-- Time Durations measured in seconds
+
+PositiveInteger ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "A positive integer. Values in excess are precluded as
+ unnecessary and prone to interoperability issues."
+ SYNTAX Integer32 (0..'7FFFFFFF'H)
+
+HelloRange ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The range of intervals on which hello messages are
+ exchanged."
+ SYNTAX Integer32 (1..'FFFF'H)
+
+UpToMaxAge ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The values that one might find or configure for
+ variables bounded by the maximum age of an LSA."
+ SYNTAX Integer32 (0..3600)
+
+-- The range of ifIndex
+
+InterfaceIndex ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The range of ifIndex."
+ SYNTAX Integer32
+
+-- Potential Priorities for the Designated Router Election
+
+DesignatedRouterPriority ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "The values defined for the priority of a system for
+ becoming the designated router."
+ SYNTAX Integer32 (0..'FF'H)
+
+TOSType ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "Type of Service is defined as a mapping to the IP Type of
+ Service Flags as defined in the IP Forwarding Table MIB
+
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | | | |
+ | PRECEDENCE | TYPE OF SERVICE | 0 |
+ | | | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+
+ IP TOS IP TOS
+ Field Policy Field Policy
+
+ Contents Code Contents Code
+ 0 0 0 0 ==> 0 0 0 0 1 ==> 2
+ 0 0 1 0 ==> 4 0 0 1 1 ==> 6
+ 0 1 0 0 ==> 8 0 1 0 1 ==> 10
+ 0 1 1 0 ==> 12 0 1 1 1 ==> 14
+ 1 0 0 0 ==> 16 1 0 0 1 ==> 18
+ 1 0 1 0 ==> 20 1 0 1 1 ==> 22
+
+ 1 1 0 0 ==> 24 1 1 0 1 ==> 26
+ 1 1 1 0 ==> 28 1 1 1 1 ==> 30
+
+ The remaining values are left for future definition."
+ SYNTAX Integer32 (0..30)
+
+-- OSPF General Variables
+
+-- These parameters apply globally to the Router's
+-- OSPF Process.
+
+ nsOspfGeneralTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfGeneralEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Ospf general information table per VR"
+ ::= { nsOspf 1 }
+
+ nsOspfGeneralEntry OBJECT-TYPE
+ SYNTAX NsOspfGeneralEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Ospf general information table per VR"
+ INDEX { nsOspfGeneralVRID }
+ ::= { nsOspfGeneralTable 1 }
+
+ NsOspfGeneralEntry ::=
+ SEQUENCE {
+ nsOspfRouterId
+ RouterID,
+ nsOspfAdminStat
+ Status,
+ nsOspfVersionNumber
+ INTEGER,
+ nsOspfAreaBdrRtrStatus
+ TruthValue,
+ nsOspfASBdrRtrStatus
+ TruthValue,
+ nsOspfExternLsaCount
+ Gauge32,
+ nsOspfAreaLsaCount
+ Gauge32,
+ nsOspfExternLsaCksumSum
+ Integer32,
+ nsOspfTOSSupport
+ TruthValue,
+ nsOspfOriginateNewLsas
+ Counter32,
+ nsOspfRxNewLsas
+ Counter32,
+ nsOspfExtLsdbLimit
+ Integer32,
+ nsOspfMulticastExtensions
+ Integer32,
+ nsOspfExitOverflowInterval
+ PositiveInteger,
+ nsOspfDemandExtensions
+ TruthValue,
+ nsOspfGeneralVRID
+ INTEGER
+ }
+
+ nsOspfRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ router in the Autonomous System.
+
+ By convention, to ensure uniqueness, this
+ should default to the value of one of the
+ router's IP interface addresses."
+ REFERENCE
+ "OSPF Version 2, C.1 Global parameters"
+ ::= { nsOspfGeneralEntry 1 }
+
+ nsOspfAdminStat OBJECT-TYPE
+ SYNTAX Status
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The administrative status of OSPF in the
+ router. The value 'enabled' denotes that the
+ OSPF Process is active on at least one inter-
+ face; 'disabled' disables it on all inter-
+ faces."
+ ::= { nsOspfGeneralEntry 2 }
+
+ nsOspfVersionNumber OBJECT-TYPE
+ SYNTAX INTEGER { version2 (2) }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+
+ "The deprecated version number of the OSPF proto-
+ col is 2."
+ REFERENCE
+ "OSPF Version 2, Title"
+ ::= { nsOspfGeneralEntry 3 }
+
+ nsOspfAreaBdrRtrStatus OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A flag to note whether this router is an area
+ border router."
+ REFERENCE
+ "OSPF Version 2, Section 3 Splitting the AS into
+ Areas"
+ ::= { nsOspfGeneralEntry 4 }
+
+ nsOspfASBdrRtrStatus OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A flag to note whether this router is config-
+ ured as an Autonomous System border router."
+ REFERENCE
+ "OSPF Version 2, Section 3.3 Classification of
+ routers"
+ ::= { nsOspfGeneralEntry 5 }
+
+ nsOspfExternLsaCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of external (LS type 5) link-state
+ advertisements in the link-state database."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.5 AS external link
+ advertisements"
+ ::= { nsOspfGeneralEntry 6 }
+
+ nsOspfExternLsaCksumSum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+
+ STATUS deprecated
+ DESCRIPTION
+ "The 32-bit unsigned sum of the LS checksums of
+ the external link-state advertisements con-
+ tained in the link-state database. This sum
+ can be used to determine if there has been a
+ change in a router's link state database, and
+ to compare the link-state database of two
+ routers."
+ ::= { nsOspfGeneralEntry 7 }
+
+ nsOspfTOSSupport OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The router's support for type-of-service rout-
+ ing."
+ REFERENCE
+ "OSPF Version 2, Appendix F.1.2 Optional TOS
+ support"
+ ::= { nsOspfGeneralEntry 8 }
+
+ nsOspfOriginateNewLsas OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of new link-state advertisements
+ that have been originated. This number is in-
+ cremented each time the router originates a new
+ LSA."
+ ::= { nsOspfGeneralEntry 9 }
+
+ nsOspfRxNewLsas OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of link-state advertisements re-
+ ceived determined to be new instantiations.
+ This number does not include newer instantia-
+ tions of self-originated link-state advertise-
+ ments."
+ ::= { nsOspfGeneralEntry 10 }
+
+ nsOspfExtLsdbLimit OBJECT-TYPE
+ SYNTAX Integer32 (-1..'7FFFFFFF'H)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The maximum number of non-default AS-
+ external-LSAs entries that can be stored in the
+ link-state database. If the value is -1, then
+ there is no limit.
+
+ When the number of non-default AS-external-LSAs
+ in a router's link-state database reaches
+ nsOspfExtLsdbLimit, the router enters Overflow-
+ State. The router never holds more than
+ nsOspfExtLsdbLimit non-default AS-external-LSAs
+ in its database. OspfExtLsdbLimit MUST be set
+ identically in all routers attached to the OSPF
+ backbone and/or any regular OSPF area. (i.e.,
+ OSPF stub areas and NSSAs are excluded)."
+ DEFVAL { -1 }
+ ::= { nsOspfGeneralEntry 11 }
+
+ nsOspfMulticastExtensions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A Bit Mask indicating whether the router is
+ forwarding IP multicast (Class D) datagrams
+ based on the algorithms defined in the Multi-
+ cast Extensions to OSPF.
+
+ Bit 0, if set, indicates that the router can
+ forward IP multicast datagrams in the router's
+ directly attached areas (called intra-area mul-
+ ticast routing).
+
+ Bit 1, if set, indicates that the router can
+ forward IP multicast datagrams between OSPF
+ areas (called inter-area multicast routing).
+
+ Bit 2, if set, indicates that the router can
+ forward IP multicast datagrams between Auto-
+ nomous Systems (called inter-AS multicast rout-
+ ing).
+
+ Only certain combinations of bit settings are
+ allowed, namely: 0 (no multicast forwarding is
+
+ enabled), 1 (intra-area multicasting only), 3
+ (intra-area and inter-area multicasting), 5
+ (intra-area and inter-AS multicasting) and 7
+ (multicasting everywhere). By default, no mul-
+ ticast forwarding is enabled."
+ DEFVAL { 0 }
+ ::= { nsOspfGeneralEntry 12 }
+
+ nsOspfExitOverflowInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of seconds that, after entering
+ OverflowState, a router will attempt to leave
+ OverflowState. This allows the router to again
+ originate non-default AS-external-LSAs. When
+ set to 0, the router will not leave Overflow-
+ State until restarted."
+ DEFVAL { 0 }
+ ::= { nsOspfGeneralEntry 13 }
+
+ nsOspfDemandExtensions OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The router's support for demand routing."
+ REFERENCE
+ "OSPF Version 2, Appendix on Demand Routing"
+ ::= { nsOspfGeneralEntry 14 }
+
+ nsOspfGeneralVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfGeneralEntry 15 }
+
+-- The OSPF Area Data Structure contains information
+-- regarding the various areas. The interfaces and
+-- virtual links are configured as part of these areas.
+-- Area 0.0.0.0, by definition, is the Backbone Area
+
+ nsOspfAreaTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information describing the configured parame-
+ ters and cumulative statistics of the router's
+ attached areas."
+
+ REFERENCE
+ "OSPF Version 2, Section 6 The Area Data Struc-
+ ture"
+ ::= { nsOspf 2 }
+
+ nsOspfAreaEntry OBJECT-TYPE
+ SYNTAX NsOspfAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information describing the configured parame-
+ ters and cumulative statistics of one of the
+ router's attached areas."
+ INDEX { nsOspfAreaId, nsOspfAreaVRID }
+ ::= { nsOspfAreaTable 1 }
+
+ NsOspfAreaEntry ::=
+ SEQUENCE {
+ nsOspfAreaId
+ AreaID,
+ nsOspfImportAsExtern
+ INTEGER,
+ nsOspfSpfRuns
+ Counter32,
+ nsOspfAreaBdrRtrCount
+ Gauge32,
+ nsOspfAsBdrRtrCount
+ Gauge32,
+ nsOspfAreaLsaCount
+ Gauge32,
+ nsOspfAreaLsaCksumSum
+ Integer32,
+ nsOspfAreaSummary
+ INTEGER,
+ nsOspfAreaStatus
+ RowStatus,
+ nsOspfAreaVRID
+ INTEGER
+ }
+
+ nsOspfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying an area.
+ Area ID 0.0.0.0 is used for the OSPF backbone."
+
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfAreaEntry 1 }
+
+ nsOspfImportAsExtern OBJECT-TYPE
+ SYNTAX INTEGER {
+ importExternal (1),
+ importNoExternal (2),
+ importNssa (3)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The area's support for importing AS external
+ link- state advertisements."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ DEFVAL { importExternal }
+ ::= { nsOspfAreaEntry 3 }
+
+ nsOspfSpfRuns OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of times that the intra-area route
+ table has been calculated using this area's
+ link-state database. This is typically done
+ using Dijkstra's algorithm."
+
+ ::= { nsOspfAreaEntry 4 }
+
+ nsOspfAreaBdrRtrCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of area border routers reach-
+ able within this area. This is initially zero,
+ and is calculated in each SPF Pass."
+ ::= { nsOspfAreaEntry 5 }
+
+ nsOspfAsBdrRtrCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of Autonomous System border
+ routers reachable within this area. This is
+ initially zero, and is calculated in each SPF
+ Pass."
+ ::= { nsOspfAreaEntry 6 }
+
+ nsOspfAreaLsaCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The total number of link-state advertisements
+ in this area's link-state database, excluding
+ AS External LSA's."
+ ::= { nsOspfAreaEntry 7 }
+
+ nsOspfAreaLsaCksumSum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The 32-bit unsigned sum of the link-state ad-
+ vertisements' LS checksums contained in this
+ area's link-state database. This sum excludes
+ external (LS type 5) link-state advertisements.
+ The sum can be used to determine if there has
+ been a change in a router's link state data-
+ base, and to compare the link-state database of
+
+ two routers."
+ DEFVAL { 0 }
+ ::= { nsOspfAreaEntry 8 }
+
+ nsOspfAreaSummary OBJECT-TYPE
+ SYNTAX INTEGER {
+ noAreaSummary (1),
+ sendAreaSummary (2)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The variable nsOspfAreaSummary controls the im-
+ port of summary LSAs into stub areas. It has
+ no effect on other areas.
+
+ If it is noAreaSummary, the router will neither
+ originate nor propagate summary LSAs into the
+ stub area. It will rely entirely on its de-
+ fault route.
+
+ If it is sendAreaSummary, the router will both
+ summarize and propagate summary LSAs."
+ DEFVAL { noAreaSummary }
+ ::= { nsOspfAreaEntry 9 }
+
+ nsOspfAreaStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfAreaEntry 10 }
+
+ nsOspfAreaVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfAreaEntry 11 }
+
+-- OSPF Area Default Metric Table
+
+-- The OSPF Area Default Metric Table describes the metrics
+-- that a default Area Border Router will advertise into a
+-- Stub area.
+
+ nsOspfStubAreaTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfStubAreaEntry
+
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The set of metrics that will be advertised by
+ a default Area Border Router into a stub area."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2, Area Parameters"
+ ::= { nsOspf 3 }
+
+ nsOspfStubAreaEntry OBJECT-TYPE
+ SYNTAX NsOspfStubAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The metric for a given Type of Service that
+ will be advertised by a default Area Border
+ Router into a stub area."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2, Area Parameters"
+ INDEX { nsOspfStubAreaId, nsOspfStubTOS, nsOspfStubVRID }
+ ::= { nsOspfStubAreaTable 1 }
+
+ NsOspfStubAreaEntry ::=
+ SEQUENCE {
+ nsOspfStubAreaId
+ AreaID,
+ nsOspfStubTOS
+ TOSType,
+ nsOspfStubMetric
+ BigMetric,
+ nsOspfStubStatus
+ RowStatus,
+ nsOspfStubMetricType
+ INTEGER,
+ nsOspfStubVRID
+ INTEGER
+ }
+
+ nsOspfStubAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The 32 bit identifier for the Stub Area. On
+ creation, this can be derived from the in-
+ stance."
+ ::= { nsOspfStubAreaEntry 1 }
+
+ nsOspfStubTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Type of Service associated with the
+ metric. On creation, this can be derived from
+ the instance."
+ ::= { nsOspfStubAreaEntry 2 }
+
+ nsOspfStubMetric OBJECT-TYPE
+ SYNTAX BigMetric
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The metric value applied at the indicated type
+ of service. By default, this equals the least
+ metric at the type of service among the inter-
+ faces to other areas."
+ ::= { nsOspfStubAreaEntry 3 }
+
+ nsOspfStubStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfStubAreaEntry 4 }
+
+ nsOspfStubMetricType OBJECT-TYPE
+ SYNTAX INTEGER {
+ nsOspfMetric (1), -- OSPF Metric
+ comparableCost (2), -- external type 1
+ nonComparable (3) -- external type 2
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the type of metric ad-
+ vertised as a default route."
+ DEFVAL { nsOspfMetric }
+ ::= { nsOspfStubAreaEntry 5 }
+
+ nsOspfStubVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfStubAreaEntry 6 }
+
+-- OSPF Link State Database
+
+-- The Link State Database contains the Link State
+-- Advertisements from throughout the areas that the
+-- device is attached to.
+
+ nsOspfLsdbTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Process's Link State Database."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsOspf 4 }
+
+ nsOspfLsdbEntry OBJECT-TYPE
+ SYNTAX NsOspfLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A single Link State Advertisement."
+ INDEX { nsOspfLsdbAreaId, nsOspfLsdbType,
+ nsOspfLsdbLsid, nsOspfLsdbRouterId, nsOspfLsdbVRID }
+ ::= { nsOspfLsdbTable 1 }
+
+ NsOspfLsdbEntry ::=
+ SEQUENCE {
+ nsOspfLsdbAreaId
+ AreaID,
+ nsOspfLsdbType
+ INTEGER,
+ nsOspfLsdbLsid
+ IpAddress,
+ nsOspfLsdbRouterId
+ RouterID,
+ nsOspfLsdbSequence
+ Integer32,
+ nsOspfLsdbAge
+ Integer32,
+ nsOspfLsdbChecksum
+ Integer32,
+ nsOspfLsdbAdvertisement
+ OCTET STRING,
+ nsOspfLsdbVRID
+ INTEGER
+ }
+
+ nsOspfLsdbAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The 32 bit identifier of the Area from which
+ the LSA was received."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfLsdbEntry 1 }
+
+-- External Link State Advertisements are permitted
+-- for backward compatibility, but should be displayed in
+-- the nsOspfExtLsdbTable rather than here.
+
+ nsOspfLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ routerLink (1),
+ networkLink (2),
+ summaryLink (3),
+ asSummaryLink (4),
+ asExternalLink (5), -- but see nsOspfExtLsdbTable
+ multicastLink (6),
+ nssaExternalLink (7)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The type of the link state advertisement.
+ Each link state type has a separate advertise-
+ ment format."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsOspfLsdbEntry 2 }
+
+ nsOspfLsdbLsid OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Link State ID is an LS Type Specific field
+ containing either a Router ID or an IP Address;
+ it identifies the piece of the routing domain
+ that is being described by the advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.4 Link State ID"
+ ::= { nsOspfLsdbEntry 3 }
+
+ nsOspfLsdbRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The 32 bit number that uniquely identifies the
+ originating router in the Autonomous System."
+ REFERENCE
+ "OSPF Version 2, Appendix C.1 Global parameters"
+ ::= { nsOspfLsdbEntry 4 }
+
+-- Note that the OSPF Sequence Number is a 32 bit signed
+-- integer. It starts with the value '80000001'h,
+-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h
+-- Thus, a typical sequence number will be very negative.
+
+ nsOspfLsdbSequence OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The sequence number field is a signed 32-bit
+ integer. It is used to detect old and dupli-
+ cate link state advertisements. The space of
+ sequence numbers is linearly ordered. The
+ larger the sequence number the more recent the
+ advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.6 LS sequence
+ number"
+ ::= { nsOspfLsdbEntry 5 }
+
+ nsOspfLsdbAge OBJECT-TYPE
+ SYNTAX Integer32 -- Should be 0..MaxAge
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This field is the age of the link state adver-
+ tisement in seconds."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.1 LS age"
+ ::= { nsOspfLsdbEntry 6 }
+
+ nsOspfLsdbChecksum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+ DESCRIPTION
+ "This field is the checksum of the complete
+ contents of the advertisement, excepting the
+ age field. The age field is excepted so that
+ an advertisement's age can be incremented
+ without updating the checksum. The checksum
+ used is the same that is used for ISO connec-
+ tionless datagrams; it is commonly referred to
+ as the Fletcher checksum."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.7 LS checksum"
+ ::= { nsOspfLsdbEntry 7 }
+
+ nsOspfLsdbAdvertisement OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (1..65535))
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The entire Link State Advertisement, including
+ its header."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsOspfLsdbEntry 8 }
+
+ nsOspfLsdbVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfLsdbEntry 9 }
+
+-- OSPF Host Table
+
+-- The Host/Metric Table indicates what hosts are directly
+
+-- attached to the Router, and what metrics and types of
+-- service should be advertised for them.
+
+ nsOspfHostTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfHostEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The list of Hosts, and their metrics, that the
+ router will advertise as host routes."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route param-
+ eters"
+ ::= { nsOspf 6 }
+
+ nsOspfHostEntry OBJECT-TYPE
+ SYNTAX NsOspfHostEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A metric to be advertised, for a given type of
+ service, when a given host is reachable."
+ INDEX { nsOspfHostIpAddress, nsOspfHostTOS, nsOspfHostVRID }
+ ::= { nsOspfHostTable 1 }
+
+ NsOspfHostEntry ::=
+ SEQUENCE {
+ nsOspfHostIpAddress
+ IpAddress,
+ nsOspfHostTOS
+ TOSType,
+ nsOspfHostMetric
+ Metric,
+ nsOspfHostStatus
+ RowStatus,
+ nsOspfHostAreaID
+ AreaID,
+ nsOspfHostVRID
+ INTEGER
+ }
+
+ nsOspfHostIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of the Host."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+
+ ters"
+ ::= { nsOspfHostEntry 1 }
+
+ nsOspfHostTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Type of Service of the route being config-
+ ured."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+ ters"
+ ::= { nsOspfHostEntry 2 }
+
+ nsOspfHostMetric OBJECT-TYPE
+ SYNTAX Metric
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The Metric to be advertised."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+ ters"
+ ::= { nsOspfHostEntry 3 }
+
+ nsOspfHostStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfHostEntry 4 }
+
+ nsOspfHostAreaID OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Area the Host Entry is to be found within.
+ By default, the area that a subsuming OSPF in-
+ terface is in, or 0.0.0.0"
+
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfHostEntry 5 }
+
+ nsOspfHostVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfHostEntry 6 }
+
+-- OSPF Interface Table
+
+-- The OSPF Interface Table augments the ipAddrTable
+-- with OSPF specific information.
+
+ nsOspfIfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfIfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Interface Table describes the inter-
+ faces from the viewpoint of OSPF."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ ::= { nsOspf 7 }
+
+ nsOspfIfEntry OBJECT-TYPE
+ SYNTAX NsOspfIfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Interface Entry describes one inter-
+ face from the viewpoint of OSPF."
+ INDEX { nsOspfIfIpAddress, nsOspfAddressLessIf, nsOspfIfVRID }
+ ::= { nsOspfIfTable 1 }
+
+ NsOspfIfEntry ::=
+ SEQUENCE {
+ nsOspfIfIpAddress
+ IpAddress,
+ nsOspfAddressLessIf
+ Integer32,
+ nsOspfIfAreaId
+ AreaID,
+ nsOspfIfType
+ INTEGER,
+ nsOspfIfAdminStat
+ Status,
+ nsOspfIfRtrPriority
+ DesignatedRouterPriority,
+ nsOspfIfTransitDelay
+
+ UpToMaxAge,
+ nsOspfIfRetransInterval
+ UpToMaxAge,
+ nsOspfIfHelloInterval
+ HelloRange,
+ nsOspfIfRtrDeadInterval
+ PositiveInteger,
+ nsOspfIfPollInterval
+ PositiveInteger,
+ nsOspfIfState
+ INTEGER,
+ nsOspfIfDesignatedRouter
+ IpAddress,
+ nsOspfIfBackupDesignatedRouter
+ IpAddress,
+ nsOspfIfEvents
+ Counter32,
+ nsOspfIfAuthType
+ INTEGER,
+ nsOspfIfAuthKey
+ OCTET STRING,
+ nsOspfIfStatus
+ RowStatus,
+ nsOspfIfMulticastForwarding
+ INTEGER,
+ nsOspfIfDemand
+ TruthValue,
+ nsOspfIfVRID
+ INTEGER
+ }
+
+ nsOspfIfIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address of this OSPF interface."
+ ::= { nsOspfIfEntry 1 }
+
+ nsOspfAddressLessIf OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "For the purpose of easing the instancing of
+ addressed and addressless interfaces; This
+ variable takes the value 0 on interfaces with
+ IP Addresses, and the corresponding value of
+ ifIndex for interfaces having no IP Address."
+ ::= { nsOspfIfEntry 2 }
+
+ nsOspfIfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the area
+ to which the interface connects. Area ID
+ 0.0.0.0 is used for the OSPF backbone."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsOspfIfEntry 3 }
+
+ nsOspfIfType OBJECT-TYPE
+ SYNTAX INTEGER {
+ broadcast (1),
+ nbma (2),
+ pointToPoint (3),
+ pointToMultipoint (5)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF interface type.
+
+ By way of a default, this field may be intuited
+ from the corresponding value of ifType. Broad-
+ cast LANs, such as Ethernet and IEEE 802.5,
+ take the value 'broadcast', X.25 and similar
+ technologies take the value 'nbma', and links
+ that are definitively point to point take the
+ value 'pointToPoint'."
+ ::= { nsOspfIfEntry 4 }
+
+ nsOspfIfAdminStat OBJECT-TYPE
+ SYNTAX Status
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF interface's administrative status.
+ The value formed on the interface, and the in-
+ terface will be advertised as an internal route
+ to some area. The value 'disabled' denotes
+ that the interface is external to OSPF."
+ DEFVAL { enabled }
+ ::= { nsOspfIfEntry 5 }
+
+ nsOspfIfRtrPriority OBJECT-TYPE
+ SYNTAX DesignatedRouterPriority
+
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The priority of this interface. Used in
+ multi-access networks, this field is used in
+ the designated router election algorithm. The
+ value 0 signifies that the router is not eligi-
+ ble to become the designated router on this
+ particular network. In the event of a tie in
+ this value, routers will use their Router ID as
+ a tie breaker."
+ DEFVAL { 1 }
+ ::= { nsOspfIfEntry 6 }
+
+ nsOspfIfTransitDelay OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The estimated number of seconds it takes to
+ transmit a link state update packet over this
+ interface."
+ DEFVAL { 1 }
+ ::= { nsOspfIfEntry 7 }
+
+ nsOspfIfRetransInterval OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The number of seconds between link-state ad-
+ vertisement retransmissions, for adjacencies
+ belonging to this interface. This value is
+ also used when retransmitting database descrip-
+ tion and link-state request packets."
+ DEFVAL { 5 }
+ ::= { nsOspfIfEntry 8 }
+
+ nsOspfIfHelloInterval OBJECT-TYPE
+ SYNTAX HelloRange
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The length of time, in seconds, between the
+ Hello packets that the router sends on the in-
+
+ terface. This value must be the same for all
+ routers attached to a common network."
+ DEFVAL { 10 }
+ ::= { nsOspfIfEntry 9 }
+
+ nsOspfIfRtrDeadInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The number of seconds that a router's Hello
+ packets have not been seen before it's neigh-
+ bors declare the router down. This should be
+ some multiple of the Hello interval. This
+ value must be the same for all routers attached
+ to a common network."
+ DEFVAL { 40 }
+ ::= { nsOspfIfEntry 10 }
+
+ nsOspfIfPollInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The larger time interval, in seconds, between
+ the Hello packets sent to an inactive non-
+ broadcast multi- access neighbor."
+ DEFVAL { 120 }
+ ::= { nsOspfIfEntry 11 }
+
+ nsOspfIfState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ loopback (2),
+ waiting (3),
+ pointToPoint (4),
+ designatedRouter (5),
+ backupDesignatedRouter (6),
+ otherDesignatedRouter (7)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Interface State."
+ DEFVAL { down }
+
+ ::= { nsOspfIfEntry 12 }
+
+ nsOspfIfDesignatedRouter OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of the Designated Router."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsOspfIfEntry 13 }
+
+ nsOspfIfBackupDesignatedRouter OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of the Backup Designated
+ Router."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsOspfIfEntry 14 }
+
+ nsOspfIfEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of times this OSPF interface has
+ changed its state, or an error has occurred."
+ ::= { nsOspfIfEntry 15 }
+
+ nsOspfIfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..256))
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The Authentication Key. If the Area's Author-
+ ization Type is simplePassword, and the key
+ length is shorter than 8 octets, the agent will
+ left adjust and zero fill to 8 octets.
+
+ Note that unauthenticated interfaces need no
+ authentication key, and simple password authen-
+ tication cannot use a key of more than 8 oc-
+ tets. Larger keys are useful only with authen-
+ tication mechanisms not specified in this docu-
+
+ ment.
+
+ When read, nsOspfIfAuthKey always returns an Oc-
+ tet String of length zero."
+ REFERENCE
+ "OSPF Version 2, Section 9 The Interface Data
+ Structure"
+ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0
+ ::= { nsOspfIfEntry 16 }
+
+ nsOspfIfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfIfEntry 17 }
+
+ nsOspfIfMulticastForwarding OBJECT-TYPE
+ SYNTAX INTEGER {
+ blocked (1), -- no multicast forwarding
+ multicast (2), -- using multicast address
+ unicast (3) -- to each OSPF neighbor
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The way multicasts should forwarded on this
+ interface; not forwarded, forwarded as data
+ link multicasts, or forwarded as data link uni-
+ casts. Data link multicasting is not meaning-
+ ful on point to point and NBMA interfaces, and
+ setting nsOspfMulticastForwarding to 0 effective-
+ ly disables all multicast forwarding."
+ DEFVAL { blocked }
+ ::= { nsOspfIfEntry 18 }
+
+ nsOspfIfDemand OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "Indicates whether Demand OSPF procedures (hel-
+
+ lo supression to FULL neighbors and setting the
+ DoNotAge flag on proogated LSAs) should be per-
+ formed on this interface."
+ DEFVAL { false }
+ ::= { nsOspfIfEntry 19 }
+
+ nsOspfIfAuthType OBJECT-TYPE
+ SYNTAX INTEGER (0..255)
+ -- none (0),
+ -- simplePassword (1)
+ -- md5 (2)
+ -- reserved for specification by IANA (> 2)
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The authentication type specified for an in-
+ terface. Additional authentication types may
+ be assigned locally."
+ REFERENCE
+ "OSPF Version 2, Appendix E Authentication"
+ DEFVAL { 0 } -- no authentication, by default
+ ::= { nsOspfIfEntry 20 }
+
+ nsOspfIfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfIfEntry 21 }
+
+-- OSPF Interface Metric Table
+
+-- The Metric Table describes the metrics to be advertised
+-- for a specified interface at the various types of service.
+-- As such, this table is an adjunct of the OSPF Interface
+-- Table.
+
+-- Types of service, as defined by RFC 791, have the ability
+-- to request low delay, high bandwidth, or reliable linkage.
+
+-- For the purposes of this specification, the measure of
+-- bandwidth
+
+-- Metric = 10^8 / ifSpeed
+
+-- is the default value. For multiple link interfaces, note
+-- that ifSpeed is the sum of the individual link speeds.
+-- This yields a number having the following typical values:
+
+-- Network Type/bit rate Metric
+
+-- >= 100 MBPS 1
+-- Ethernet/802.3 10
+
+-- E1 48
+-- T1 (ESF) 65
+-- 64 KBPS 1562
+-- 56 KBPS 1785
+-- 19.2 KBPS 5208
+-- 9.6 KBPS 10416
+
+-- Routes that are not specified use the default (TOS 0) metric
+
+ nsOspfIfMetricTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfIfMetricEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The TOS metrics for a non-virtual interface
+ identified by the interface index."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ ::= { nsOspf 8 }
+
+ nsOspfIfMetricEntry OBJECT-TYPE
+ SYNTAX NsOspfIfMetricEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A particular TOS metric for a non-virtual in-
+ terface identified by the interface index."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ INDEX { nsOspfIfMetricIpAddress,
+ nsOspfIfMetricAddressLessIf,
+ nsOspfIfMetricTOS,
+ nsOspfIfMetricVRID }
+ ::= { nsOspfIfMetricTable 1 }
+
+ NsOspfIfMetricEntry ::=
+ SEQUENCE {
+ nsOspfIfMetricIpAddress
+ IpAddress,
+ nsOspfIfMetricAddressLessIf
+ Integer32,
+ nsOspfIfMetricTOS
+ TOSType,
+ nsOspfIfMetricValue
+ Metric,
+ nsOspfIfMetricStatus
+ RowStatus,
+ nsOspfIfMetricVRID
+ INTEGER
+
+ }
+
+ nsOspfIfMetricIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address of this OSPF interface. On row
+ creation, this can be derived from the in-
+ stance."
+ ::= { nsOspfIfMetricEntry 1 }
+
+ nsOspfIfMetricAddressLessIf OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "For the purpose of easing the instancing of
+ addressed and addressless interfaces; This
+ variable takes the value 0 on interfaces with
+ IP Addresses, and the value of ifIndex for in-
+ terfaces having no IP Address. On row crea-
+ tion, this can be derived from the instance."
+ ::= { nsOspfIfMetricEntry 2 }
+
+ nsOspfIfMetricTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The type of service metric being referenced.
+ On row creation, this can be derived from the
+ instance."
+ ::= { nsOspfIfMetricEntry 3 }
+
+ nsOspfIfMetricValue OBJECT-TYPE
+ SYNTAX Metric
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The metric of using this type of service on
+ this interface. The default value of the TOS 0
+ Metric is 10^8 / ifSpeed."
+ ::= { nsOspfIfMetricEntry 4 }
+
+ nsOspfIfMetricStatus OBJECT-TYPE
+
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfIfMetricEntry 5 }
+
+ nsOspfIfMetricVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfIfMetricEntry 6 }
+
+-- OSPF Virtual Interface Table
+
+-- The Virtual Interface Table describes the virtual
+-- links that the OSPF Process is configured to
+-- carry on.
+
+ nsOspfVirtIfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfVirtIfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information about this router's virtual inter-
+ faces."
+ REFERENCE
+ "OSPF Version 2, Appendix C.4 Virtual link
+ parameters"
+ ::= { nsOspf 9 }
+
+ nsOspfVirtIfEntry OBJECT-TYPE
+ SYNTAX NsOspfVirtIfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information about a single Virtual Interface."
+ INDEX { nsOspfVirtIfAreaId, nsOspfVirtIfNeighbor, nsOspfVirtIfVRID }
+ ::= { nsOspfVirtIfTable 1 }
+
+ NsOspfVirtIfEntry ::=
+ SEQUENCE {
+ nsOspfVirtIfAreaId
+ AreaID,
+ nsOspfVirtIfNeighbor
+ RouterID,
+ nsOspfVirtIfTransitDelay
+ UpToMaxAge,
+ nsOspfVirtIfRetransInterval
+
+ UpToMaxAge,
+ nsOspfVirtIfHelloInterval
+ HelloRange,
+ nsOspfVirtIfRtrDeadInterval
+ PositiveInteger,
+ nsOspfVirtIfState
+ INTEGER,
+ nsOspfVirtIfEvents
+ Counter32,
+ nsOspfVirtIfAuthType
+ INTEGER,
+ nsOspfVirtIfAuthKey
+ OCTET STRING,
+ nsOspfVirtIfStatus
+ RowStatus,
+ nsOspfVirtIfVRID
+ INTEGER
+ }
+
+ nsOspfVirtIfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Transit Area that the Virtual Link
+ traverses. By definition, this is not 0.0.0.0"
+ ::= { nsOspfVirtIfEntry 1 }
+
+ nsOspfVirtIfNeighbor OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Router ID of the Virtual Neighbor."
+ ::= { nsOspfVirtIfEntry 2 }
+
+ nsOspfVirtIfTransitDelay OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The estimated number of seconds it takes to
+ transmit a link- state update packet over this
+ interface."
+ DEFVAL { 1 }
+ ::= { nsOspfVirtIfEntry 3 }
+
+ nsOspfVirtIfRetransInterval OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The number of seconds between link-state ad-
+ vertisement retransmissions, for adjacencies
+ belonging to this interface. This value is
+ also used when retransmitting database descrip-
+ tion and link-state request packets. This
+ value should be well over the expected round-
+ trip time."
+ DEFVAL { 5 }
+ ::= { nsOspfVirtIfEntry 4 }
+
+ nsOspfVirtIfHelloInterval OBJECT-TYPE
+ SYNTAX HelloRange
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The length of time, in seconds, between the
+ Hello packets that the router sends on the in-
+ terface. This value must be the same for the
+ virtual neighbor."
+ DEFVAL { 10 }
+ ::= { nsOspfVirtIfEntry 5 }
+
+ nsOspfVirtIfRtrDeadInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The number of seconds that a router's Hello
+ packets have not been seen before it's neigh-
+ bors declare the router down. This should be
+ some multiple of the Hello interval. This
+ value must be the same for the virtual neigh-
+ bor."
+ DEFVAL { 60 }
+ ::= { nsOspfVirtIfEntry 6 }
+
+ nsOspfVirtIfState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1), -- these use the same encoding
+ pointToPoint (4) -- as the nsOspfIfTable
+
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "OSPF virtual interface states."
+ DEFVAL { down }
+ ::= { nsOspfVirtIfEntry 7 }
+
+ nsOspfVirtIfEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of state changes or error events on
+ this Virtual Link"
+ ::= { nsOspfVirtIfEntry 8 }
+
+ nsOspfVirtIfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..256))
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "If Authentication Type is simplePassword, the
+ device will left adjust and zero fill to 8 oc-
+ tets.
+
+ Note that unauthenticated interfaces need no
+ authentication key, and simple password authen-
+ tication cannot use a key of more than 8 oc-
+ tets. Larger keys are useful only with authen-
+ tication mechanisms not specified in this docu-
+ ment.
+
+ When read, nsOspfVifAuthKey always returns a
+ string of length zero."
+ REFERENCE
+ "OSPF Version 2, Section 9 The Interface Data
+ Structure"
+ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0
+ ::= { nsOspfVirtIfEntry 9 }
+
+ nsOspfVirtIfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfVirtIfEntry 10 }
+
+ nsOspfVirtIfAuthType OBJECT-TYPE
+ SYNTAX INTEGER (0..255)
+ -- none (0),
+ -- simplePassword (1)
+ -- md5 (2)
+ -- reserved for specification by IANA (> 2)
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The authentication type specified for a virtu-
+ al interface. Additional authentication types
+ may be assigned locally."
+ REFERENCE
+ "OSPF Version 2, Appendix E Authentication"
+ DEFVAL { 0 } -- no authentication, by default
+ ::= { nsOspfVirtIfEntry 11 }
+
+ nsOspfVirtIfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfVirtIfEntry 12 }
+
+-- OSPF Neighbor Table
+
+-- The OSPF Neighbor Table describes all neighbors in
+-- the locality of the subject router.
+
+ nsOspfNbrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A table of non-virtual neighbor information."
+ REFERENCE
+ "OSPF Version 2, Section 10 The Neighbor Data
+ Structure"
+ ::= { nsOspf 10 }
+
+ nsOspfNbrEntry OBJECT-TYPE
+ SYNTAX NsOspfNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+
+ "The information regarding a single neighbor."
+ REFERENCE
+ "OSPF Version 2, Section 10 The Neighbor Data
+ Structure"
+ INDEX { nsOspfNbrIpAddr, nsOspfNbrAddressLessIndex, nsOspfNbrVRID }
+ ::= { nsOspfNbrTable 1 }
+
+ NsOspfNbrEntry ::=
+ SEQUENCE {
+ nsOspfNbrIpAddr
+ IpAddress,
+ nsOspfNbrAddressLessIndex
+ InterfaceIndex,
+ nsOspfNbrRtrId
+ RouterID,
+ nsOspfNbrOptions
+ Integer32,
+ nsOspfNbrPriority
+ DesignatedRouterPriority,
+ nsOspfNbrState
+ INTEGER,
+ nsOspfNbrEvents
+ Counter32,
+ nsOspfNbrLsRetransQLen
+ Gauge32,
+ nsOspfNbmaNbrStatus
+ RowStatus,
+ nsOspfNbmaNbrPermanence
+ INTEGER,
+ nsOspfNbrHelloSuppressed
+ TruthValue,
+ nsOspfNbrVRID
+ INTEGER
+ }
+
+ nsOspfNbrIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address this neighbor is using in its
+ IP Source Address. Note that, on addressless
+ links, this will not be 0.0.0.0, but the ad-
+ dress of another of the neighbor's interfaces."
+ ::= { nsOspfNbrEntry 1 }
+
+ nsOspfNbrAddressLessIndex OBJECT-TYPE
+ SYNTAX InterfaceIndex
+ MAX-ACCESS read-only
+
+ STATUS deprecated
+ DESCRIPTION
+ "On an interface having an IP Address, zero.
+ On addressless interfaces, the corresponding
+ value of ifIndex in the Internet Standard MIB.
+ On row creation, this can be derived from the
+ instance."
+ ::= { nsOspfNbrEntry 2 }
+
+ nsOspfNbrRtrId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A 32-bit integer (represented as a type IpAd-
+ dress) uniquely identifying the neighboring
+ router in the Autonomous System."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsOspfNbrEntry 3 }
+
+ nsOspfNbrOptions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A Bit Mask corresponding to the neighbor's op-
+ tions field.
+
+ Bit 0, if set, indicates that the system will
+ operate on Type of Service metrics other than
+ TOS 0. If zero, the neighbor will ignore all
+ metrics except the TOS 0 metric.
+
+ Bit 1, if set, indicates that the associated
+ area accepts and operates on external informa-
+ tion; if zero, it is a stub area.
+
+ Bit 2, if set, indicates that the system is ca-
+ pable of routing IP Multicast datagrams; i.e.,
+ that it implements the Multicast Extensions to
+ OSPF.
+
+ Bit 3, if set, indicates that the associated
+ area is an NSSA. These areas are capable of
+ carrying type 7 external advertisements, which
+ are translated into type 5 external advertise-
+
+ ments at NSSA borders."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.2 Options"
+ DEFVAL { 0 }
+ ::= { nsOspfNbrEntry 4 }
+
+ nsOspfNbrPriority OBJECT-TYPE
+ SYNTAX DesignatedRouterPriority
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The priority of this neighbor in the designat-
+ ed router election algorithm. The value 0 sig-
+ nifies that the neighbor is not eligible to be-
+ come the designated router on this particular
+ network."
+ DEFVAL { 1 }
+ ::= { nsOspfNbrEntry 5 }
+
+ nsOspfNbrState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ attempt (2),
+ init (3),
+ twoWay (4),
+ exchangeStart (5),
+ exchange (6),
+ loading (7),
+ full (8)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The State of the relationship with this Neigh-
+ bor."
+ REFERENCE
+ "OSPF Version 2, Section 10.1 Neighbor States"
+ DEFVAL { down }
+ ::= { nsOspfNbrEntry 6 }
+
+ nsOspfNbrEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+
+ "The number of times this neighbor relationship
+ has changed state, or an error has occurred."
+ ::= { nsOspfNbrEntry 7 }
+
+ nsOspfNbrLsRetransQLen OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The deprecated length of the retransmission
+ queue."
+ ::= { nsOspfNbrEntry 8 }
+
+ nsOspfNbmaNbrStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfNbrEntry 9 }
+
+ nsOspfNbmaNbrPermanence OBJECT-TYPE
+ SYNTAX INTEGER {
+ dynamic (1), -- learned through protocol
+ permanent (2) -- configured address
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. 'dynamic' and 'permanent' refer to how
+ the neighbor became known."
+ DEFVAL { permanent }
+ ::= { nsOspfNbrEntry 10 }
+
+ nsOspfNbrHelloSuppressed OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Indicates whether Hellos are being suppressed
+
+ to the neighbor"
+ ::= { nsOspfNbrEntry 11 }
+
+ nsOspfNbrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfNbrEntry 12 }
+
+-- OSPF Virtual Neighbor Table
+
+-- This table describes all virtual neighbors.
+-- Since Virtual Links are configured in the
+-- virtual interface table, this table is read-only.
+
+ nsOspfVirtNbrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfVirtNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A table of virtual neighbor information."
+ REFERENCE
+ "OSPF Version 2, Section 15 Virtual Links"
+ ::= { nsOspf 11 }
+
+ nsOspfVirtNbrEntry OBJECT-TYPE
+ SYNTAX NsOspfVirtNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual neighbor information."
+ INDEX { nsOspfVirtNbrArea, nsOspfVirtNbrRtrId, nsOspfVirtNbrVRID }
+ ::= { nsOspfVirtNbrTable 1 }
+
+ NsOspfVirtNbrEntry ::=
+ SEQUENCE {
+ nsOspfVirtNbrArea
+ AreaID,
+ nsOspfVirtNbrRtrId
+ RouterID,
+ nsOspfVirtNbrIpAddr
+ IpAddress,
+ nsOspfVirtNbrOptions
+ Integer32,
+ nsOspfVirtNbrState
+ INTEGER,
+ nsOspfVirtNbrEvents
+ Counter32,
+ nsOspfVirtNbrLsRetransQLen
+ Gauge32,
+ nsOspfVirtNbrHelloSuppressed
+ TruthValue,
+ nsOspfVirtNbrVRID
+ INTEGER
+
+ }
+
+ nsOspfVirtNbrArea OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Transit Area Identifier."
+ ::= { nsOspfVirtNbrEntry 1 }
+
+ nsOspfVirtNbrRtrId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ neighboring router in the Autonomous System."
+ ::= { nsOspfVirtNbrEntry 2 }
+
+ nsOspfVirtNbrIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP address this Virtual Neighbor is us-
+ ing."
+ ::= { nsOspfVirtNbrEntry 3 }
+
+ nsOspfVirtNbrOptions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "A Bit Mask corresponding to the neighbor's op-
+ tions field.
+
+ Bit 1, if set, indicates that the system will
+ operate on Type of Service metrics other than
+ TOS 0. If zero, the neighbor will ignore all
+ metrics except the TOS 0 metric.
+
+ Bit 2, if set, indicates that the system is
+ Network Multicast capable; ie, that it imple-
+ ments OSPF Multicast Routing."
+ ::= { nsOspfVirtNbrEntry 4 }
+
+ nsOspfVirtNbrState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ attempt (2),
+ init (3),
+ twoWay (4),
+ exchangeStart (5),
+ exchange (6),
+ loading (7),
+ full (8)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The state of the Virtual Neighbor Relation-
+ ship."
+ ::= { nsOspfVirtNbrEntry 5 }
+
+ nsOspfVirtNbrEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of times this virtual link has
+ changed its state, or an error has occurred."
+ ::= { nsOspfVirtNbrEntry 6 }
+
+ nsOspfVirtNbrLsRetransQLen OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The deprecated length of the retransmission
+ queue."
+ ::= { nsOspfVirtNbrEntry 7 }
+
+ nsOspfVirtNbrHelloSuppressed OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Indicates whether Hellos are being suppressed
+ to the neighbor"
+ ::= { nsOspfVirtNbrEntry 8 }
+
+ nsOspfVirtNbrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfVirtNbrEntry 9 }
+
+-- OSPF Link State Database, External
+
+-- The Link State Database contains the Link State
+-- Advertisements from throughout the areas that the
+-- device is attached to.
+
+-- This table is identical to the OSPF LSDB Table in
+-- format, but contains only External Link State
+-- Advertisements. The purpose is to allow external
+-- LSAs to be displayed once for the router rather
+-- than once in each non-stub area.
+
+ nsOspfExtLsdbTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfExtLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "The OSPF Process's Links State Database."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsOspf 12 }
+
+ nsOspfExtLsdbEntry OBJECT-TYPE
+ SYNTAX NsOspfExtLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A single Link State Advertisement."
+ INDEX { nsOspfExtLsdbType, nsOspfExtLsdbLsid, nsOspfExtLsdbRouterId, nsOspfExtLsdbVRID }
+ ::= { nsOspfExtLsdbTable 1 }
+
+ NsOspfExtLsdbEntry ::=
+ SEQUENCE {
+ nsOspfExtLsdbType
+ INTEGER,
+ nsOspfExtLsdbLsid
+ IpAddress,
+ nsOspfExtLsdbRouterId
+ RouterID,
+ nsOspfExtLsdbSequence
+ Integer32,
+ nsOspfExtLsdbAge
+ Integer32,
+ nsOspfExtLsdbChecksum
+ Integer32,
+ nsOspfExtLsdbAdvertisement
+ OCTET STRING,
+ nsOspfExtLsdbVRID
+ INTEGER
+ }
+
+ nsOspfExtLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ asExternalLink (5)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The type of the link state advertisement.
+ Each link state type has a separate advertise-
+ ment format."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsOspfExtLsdbEntry 1 }
+
+ nsOspfExtLsdbLsid OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Link State ID is an LS Type Specific field
+ containing either a Router ID or an IP Address;
+ it identifies the piece of the routing domain
+ that is being described by the advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.4 Link State ID"
+ ::= { nsOspfExtLsdbEntry 2 }
+
+ nsOspfExtLsdbRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The 32 bit number that uniquely identifies the
+ originating router in the Autonomous System."
+ REFERENCE
+ "OSPF Version 2, Appendix C.1 Global parameters"
+ ::= { nsOspfExtLsdbEntry 3 }
+
+-- Note that the OSPF Sequence Number is a 32 bit signed
+-- integer. It starts with the value '80000001'h,
+-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h
+-- Thus, a typical sequence number will be very negative.
+
+ nsOspfExtLsdbSequence OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The sequence number field is a signed 32-bit
+ integer. It is used to detect old and dupli-
+ cate link state advertisements. The space of
+ sequence numbers is linearly ordered. The
+ larger the sequence number the more recent the
+ advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.6 LS sequence
+ number"
+ ::= { nsOspfExtLsdbEntry 4 }
+
+ nsOspfExtLsdbAge OBJECT-TYPE
+ SYNTAX Integer32 -- Should be 0..MaxAge
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This field is the age of the link state adver-
+ tisement in seconds."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.1 LS age"
+ ::= { nsOspfExtLsdbEntry 5 }
+
+ nsOspfExtLsdbChecksum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "This field is the checksum of the complete
+ contents of the advertisement, excepting the
+ age field. The age field is excepted so that
+ an advertisement's age can be incremented
+ without updating the checksum. The checksum
+ used is the same that is used for ISO connec-
+ tionless datagrams; it is commonly referred to
+ as the Fletcher checksum."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.7 LS checksum"
+ ::= { nsOspfExtLsdbEntry 6 }
+
+ nsOspfExtLsdbAdvertisement OBJECT-TYPE
+
+ SYNTAX OCTET STRING (SIZE(36))
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The entire Link State Advertisement, including
+ its header."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsOspfExtLsdbEntry 7 }
+
+ nsOspfExtLsdbVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfExtLsdbEntry 8 }
+
+
+--
+-- The OSPF Area Aggregate Table
+--
+-- This table replaces the OSPF Area Summary Table, being an
+-- extension of that for CIDR routers.
+
+ nsOspfAreaAggregateTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsOspfAreaAggregateEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A range of IP addresses specified by an IP
+ address/IP network mask pair. For example,
+ class B address range of X.X.X.X with a network
+ mask of 255.255.0.0 includes all IP addresses
+ from X.X.0.0 to X.X.255.255. Note that if
+ ranges are configured such that one range sub-
+ sumes another range (e.g., 10.0.0.0 mask
+ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the
+ most specific match is the preferred one."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspf 14 }
+
+ nsOspfAreaAggregateEntry OBJECT-TYPE
+ SYNTAX NsOspfAreaAggregateEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A range of IP addresses specified by an IP
+ address/IP network mask pair. For example,
+ class B address range of X.X.X.X with a network
+ mask of 255.255.0.0 includes all IP addresses
+ from X.X.0.0 to X.X.255.255. Note that if
+ ranges are range configured such that one range
+ subsumes another range (e.g., 10.0.0.0 mask
+ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the
+
+ most specific match is the preferred one."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ INDEX { nsOspfAreaAggregateAreaID, nsOspfAreaAggregateLsdbType,
+ nsOspfAreaAggregateNet, nsOspfAreaAggregateMask, nsOspfAreaAggregateVRID }
+ ::= { nsOspfAreaAggregateTable 1 }
+
+ NsOspfAreaAggregateEntry ::=
+ SEQUENCE {
+ nsOspfAreaAggregateAreaID
+ AreaID,
+ nsOspfAreaAggregateLsdbType
+ INTEGER,
+ nsOspfAreaAggregateNet
+ IpAddress,
+ nsOspfAreaAggregateMask
+ IpAddress,
+ nsOspfAreaAggregateStatus
+ RowStatus,
+ nsOspfAreaAggregateEffect
+ INTEGER,
+ nsOspfAreaAggregateVRID
+ INTEGER
+ }
+
+ nsOspfAreaAggregateAreaID OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Area the Address Aggregate is to be found
+ within."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfAreaAggregateEntry 1 }
+
+ nsOspfAreaAggregateLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ summaryLink (3),
+ nssaExternalLink (7)
+ }
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The type of the Address Aggregate. This field
+ specifies the Lsdb type that this Address Ag-
+ gregate applies to."
+ REFERENCE
+
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsOspfAreaAggregateEntry 2 }
+
+ nsOspfAreaAggregateNet OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of the Net or Subnet indicated
+ by the range."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfAreaAggregateEntry 3 }
+
+ nsOspfAreaAggregateMask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The Subnet Mask that pertains to the Net or
+ Subnet."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsOspfAreaAggregateEntry 4 }
+
+ nsOspfAreaAggregateStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsOspfAreaAggregateEntry 5 }
+
+ nsOspfAreaAggregateEffect OBJECT-TYPE
+ SYNTAX INTEGER {
+ advertiseMatching (1),
+ doNotAdvertiseMatching (2)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+
+ DESCRIPTION
+ "Subnets subsumed by ranges either trigger the
+ advertisement of the indicated aggregate (ad-
+ vertiseMatching), or result in the subnet's not
+ being advertised at all outside the area."
+ DEFVAL { advertiseMatching }
+ ::= { nsOspfAreaAggregateEntry 6 }
+
+ nsOspfAreaAggregateVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsOspfAreaAggregateEntry 7 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB b/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB
new file mode 100644
index 0000000..e69ea73
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-OSPF-TRAP-MIB
@@ -0,0 +1,444 @@
+-- These MIBs were created on 1/7/2003
+-- This module defines enterprise MIBs for NS OSPF TRAP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-OSPF-TRAP-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, IpAddress
+ FROM SNMPv2-SMI
+ MODULE-COMPLIANCE, OBJECT-GROUP
+ FROM SNMPv2-CONF
+ netscreenTrapDesc, netscreenTrapType
+ FROM NETSCREEN-TRAP-MIB
+ nsOspfRouterId, nsOspfIfIpAddress, nsOspfAddressLessIf, nsOspfIfState,
+ nsOspfVirtIfAreaId, nsOspfVirtIfNeighbor, nsOspfVirtIfState,
+ nsOspfNbrIpAddr, nsOspfNbrAddressLessIndex, nsOspfNbrRtrId,
+ nsOspfNbrState, nsOspfVirtNbrArea, nsOspfVirtNbrRtrId, nsOspfVirtNbrState,
+ nsOspfLsdbType, nsOspfLsdbLsid, nsOspfLsdbRouterId, nsOspfLsdbAreaId,
+ nsOspfExtLsdbLimit, nsOspf
+ FROM NETSCREEN-OSPF-MIB;
+
+ nsOspfTrap MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module to describe traps for the OSPF
+ Version 2 Protocol."
+ ::= { nsOspf 16 }
+
+-- Trap Support Objects
+
+-- The following are support objects for the OSPF traps.
+
+nsOspfTrapControl OBJECT IDENTIFIER ::= { nsOspfTrap 1 }
+nsOspfTraps OBJECT IDENTIFIER ::= { nsOspfTrap 2 }
+
+ nsOspfSetTrap OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(4))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A four-octet string serving as a bit map for
+ the trap events defined by the OSPF traps. This
+ object is used to enable and disable specific
+ OSPF traps where a 1 in the bit field
+ represents enabled. The right-most bit (least
+ significant) represents trap 0."
+ ::= { nsOspfTrapControl 1 }
+
+ nsOspfConfigErrorType OBJECT-TYPE
+ SYNTAX INTEGER {
+ badVersion (1),
+ areaMismatch (2),
+ unknownNbmaNbr (3), -- Router is Dr eligible
+ unknownVirtualNbr (4),
+ authTypeMismatch(5),
+ authFailure (6),
+ netMaskMismatch (7),
+ helloIntervalMismatch (8),
+ deadIntervalMismatch (9),
+ optionMismatch (10) }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Potential types of configuration conflicts.
+ Used by the nsOspfConfigError and nsOspfConfigVir-
+ tError traps."
+ ::= { nsOspfTrapControl 2 }
+
+ nsOspfPacketType OBJECT-TYPE
+ SYNTAX INTEGER {
+ hello (1),
+ dbDescript (2),
+ lsReq (3),
+ lsUpdate (4),
+ lsAck (5) }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+
+ "OSPF packet types."
+ ::= { nsOspfTrapControl 3 }
+
+ nsOspfPacketSrc OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of an inbound packet that can-
+ not be identified by a neighbor instance."
+ ::= { nsOspfTrapControl 4 }
+
+-- Traps
+
+ nsOspfIfStateChange NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfIfIpAddress,
+ nsOspfAddressLessIf,
+ nsOspfIfState, -- The new state
+ nsOspfIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfStateChange trap signifies that there
+ has been a change in the state of a non-virtual
+ OSPF interface. This trap should be generated
+ when the interface state regresses (e.g., goes
+ from Dr to Down) or progresses to a terminal
+ state (i.e., Point-to-Point, DR Other, Dr, or
+ Backup)."
+ ::= { nsOspfTraps 16 }
+
+ nsOspfVirtIfStateChange NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtIfAreaId,
+ nsOspfVirtIfNeighbor,
+ nsOspfVirtIfState, -- The new state
+ nsOspfVirtIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfStateChange trap signifies that there
+ has been a change in the state of an OSPF vir-
+ tual interface.
+
+ This trap should be generated when the inter-
+ face state regresses (e.g., goes from Point-
+ to-Point to Down) or progresses to a terminal
+ state (i.e., Point-to-Point)."
+ ::= { nsOspfTraps 1 }
+
+ nsOspfNbrStateChange NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfNbrIpAddr,
+ nsOspfNbrAddressLessIndex,
+ nsOspfNbrRtrId,
+ nsOspfNbrState, -- The new state
+ nsOspfNbrVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfNbrStateChange trap signifies that
+ there has been a change in the state of a non-
+ virtual OSPF neighbor. This trap should be
+ generated when the neighbor state regresses
+ (e.g., goes from Attempt or Full to 1-Way or
+ Down) or progresses to a terminal state (e.g.,
+ 2-Way or Full). When an neighbor transitions
+ from or to Full on non-broadcast multi-access
+ and broadcast networks, the trap should be gen-
+ erated by the designated router. A designated
+ router transitioning to Down will be noted by
+ nsOspfIfStateChange."
+ ::= { nsOspfTraps 2 }
+
+ nsOspfVirtNbrStateChange NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtNbrArea,
+ nsOspfVirtNbrRtrId,
+ nsOspfVirtNbrState, -- The new state
+ nsOspfVirtNbrVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfStateChange trap signifies that there
+ has been a change in the state of an OSPF vir-
+ tual neighbor. This trap should be generated
+ when the neighbor state regresses (e.g., goes
+ from Attempt or Full to 1-Way or Down) or
+ progresses to a terminal state (e.g., Full)."
+ ::= { nsOspfTraps 3 }
+
+ nsOspfIfConfigError NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfIfIpAddress,
+ nsOspfAddressLessIf,
+ nsOspfPacketSrc, -- The source IP address
+ nsOspfConfigErrorType, -- Type of error
+ nsOspfPacketType,
+ nsOspfIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfConfigError trap signifies that a
+ packet has been received on a non-virtual in-
+ terface from a router whose configuration
+ parameters conflict with this router's confi-
+ guration parameters. Note that the event op-
+ tionMismatch should cause a trap only if it
+ prevents an adjacency from forming."
+ ::= { nsOspfTraps 4 }
+
+ nsOspfVirtIfConfigError NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtIfAreaId,
+ nsOspfVirtIfNeighbor,
+ nsOspfConfigErrorType, -- Type of error
+ nsOspfPacketType,
+ nsOspfVirtIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfConfigError trap signifies that a pack-
+ et has been received on a virtual interface
+ from a router whose configuration parameters
+ conflict with this router's configuration
+ parameters. Note that the event optionMismatch
+ should cause a trap only if it prevents an ad-
+ jacency from forming."
+ ::= { nsOspfTraps 5 }
+
+ nsOspfIfAuthFailure NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfIfIpAddress,
+ nsOspfAddressLessIf,
+ nsOspfPacketSrc, -- The source IP address
+ nsOspfConfigErrorType, -- authTypeMismatch or
+
+ -- authFailure
+ nsOspfPacketType,
+ nsOspfIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfAuthFailure trap signifies that a
+ packet has been received on a non-virtual in-
+ terface from a router whose authentication key
+ or authentication type conflicts with this
+ router's authentication key or authentication
+ type."
+ ::= { nsOspfTraps 6 }
+
+ nsOspfVirtIfAuthFailure NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtIfAreaId,
+ nsOspfVirtIfNeighbor,
+ nsOspfConfigErrorType, -- authTypeMismatch or
+ -- authFailure
+ nsOspfPacketType,
+ nsOspfVirtIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfVirtIfAuthFailure trap signifies that a
+ packet has been received on a virtual interface
+ from a router whose authentication key or au-
+ thentication type conflicts with this router's
+ authentication key or authentication type."
+ ::= { nsOspfTraps 7 }
+
+ nsOspfIfRxBadPacket NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfIfIpAddress,
+ nsOspfAddressLessIf,
+ nsOspfPacketSrc, -- The source IP address
+ nsOspfPacketType,
+ nsOspfIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfIfRxBadPacket trap signifies that an
+ OSPF packet has been received on a non-virtual
+ interface that cannot be parsed."
+ ::= { nsOspfTraps 8 }
+
+ nsOspfVirtIfRxBadPacket NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtIfAreaId,
+ nsOspfVirtIfNeighbor,
+ nsOspfPacketType,
+ nsOspfVirtIfVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfRxBadPacket trap signifies that an OSPF
+ packet has been received on a virtual interface
+ that cannot be parsed."
+ ::= { nsOspfTraps 9 }
+
+ nsOspfTxRetransmit NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfIfIpAddress,
+ nsOspfAddressLessIf,
+ nsOspfNbrRtrId, -- Destination
+ nsOspfPacketType,
+ nsOspfLsdbType,
+ nsOspfLsdbLsid,
+ nsOspfLsdbRouterId,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfTxRetransmit trap signifies than an
+ OSPF packet has been retransmitted on a non-
+ virtual interface. All packets that may be re-
+ transmitted are associated with an LSDB entry.
+ The LS type, LS ID, and Router ID are used to
+ identify the LSDB entry."
+ ::= { nsOspfTraps 10 }
+
+ nsOspfVirtIfTxRetransmit NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfVirtIfAreaId,
+ nsOspfVirtIfNeighbor,
+ nsOspfPacketType,
+ nsOspfLsdbType,
+ nsOspfLsdbLsid,
+ nsOspfLsdbRouterId,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+
+ DESCRIPTION
+ "An nsOspfTxRetransmit trap signifies than an
+ OSPF packet has been retransmitted on a virtual
+ interface. All packets that may be retransmit-
+ ted are associated with an LSDB entry. The LS
+ type, LS ID, and Router ID are used to identify
+ the LSDB entry."
+ ::= { nsOspfTraps 11 }
+
+ nsOspfOriginateLsa NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals
+ nsOspfLsdbType,
+ nsOspfLsdbLsid,
+ nsOspfLsdbRouterId,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfOriginateLsa trap signifies that a new
+ LSA has been originated by this router. This
+ trap should not be invoked for simple refreshes
+ of LSAs (which happesn every 30 minutes), but
+ instead will only be invoked when an LSA is
+ (re)originated due to a topology change. Addi-
+ tionally, this trap does not include LSAs that
+ are being flushed because they have reached
+ MaxAge."
+ ::= { nsOspfTraps 12 }
+
+ nsOspfMaxAgeLsa NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfLsdbAreaId, -- 0.0.0.0 for AS Externals
+ nsOspfLsdbType,
+ nsOspfLsdbLsid,
+ nsOspfLsdbRouterId,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfMaxAgeLsa trap signifies that one of
+ the LSA in the router's link-state database has
+ aged to MaxAge."
+ ::= { nsOspfTraps 13 }
+
+ nsOspfLsdbOverflow NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfExtLsdbLimit,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfLsdbOverflow trap signifies that the
+ number of LSAs in the router's link-state data-
+ base has exceeded nsOspfExtLsdbLimit."
+ ::= { nsOspfTraps 14 }
+
+ nsOspfLsdbApproachingOverflow NOTIFICATION-TYPE
+ OBJECTS {
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsOspfRouterId, -- The originator of the trap
+ nsOspfExtLsdbLimit,
+ nsOspfLsdbVRID
+ }
+ STATUS current
+ DESCRIPTION
+ "An nsOspfLsdbApproachingOverflow trap signifies
+ that the number of LSAs in the router's link-
+ state database has exceeded ninety percent of
+ nsOspfExtLsdbLimit."
+ ::= { nsOspfTraps 15 }
+
+END
diff --git a/MIBS/screenos/NETSCREEN-POLICY-MIB b/MIBS/screenos/NETSCREEN-POLICY-MIB
new file mode 100644
index 0000000..682d293
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-POLICY-MIB
@@ -0,0 +1,583 @@
+-- This module defines enterprise MIBs for Policy Monitoring
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-POLICY-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenPolicy
+ FROM NETSCREEN-SMI
+ Counter32, Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenPolicyMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for Policy
+ Monitoring"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200308130000Z" -- August 13, 2003
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenPolicy 0 }
+
+NsPlyEntry ::= SEQUENCE
+{
+ nsPlyId Integer32,
+ nsPlyVsys Integer32,
+ nsPlySrcZone DisplayString,
+ nsPlyDstZone DisplayString,
+ nsPlySrcAddr DisplayString,
+ nsPlyDstAddr DisplayString,
+ nsPlyService INTEGER,
+ nsPlyAction INTEGER,
+ nsPlyNat INTEGER,
+ nsPlyFixPort INTEGER,
+ nsPlyDipId Integer32,
+ nsPlyVpnTunnel DisplayString,
+ nsPlyL2tpTunnel DisplayString,
+ nsPlyAuth INTEGER,
+ nsPlyLogEnable INTEGER,
+ nsPlyCountEnable INTEGER,
+ nsPlyAlarmBPS Integer32,
+ nsPlyAlarmBPM Integer32,
+ nsPlySchedule DisplayString,
+ nsPlyTrafficShapeEnable INTEGER,
+ nsPlyTrafficPriority INTEGER,
+ nsPlyDSEnable INTEGER,
+ nsPlyActiveStatus INTEGER,
+ nsPlyName DisplayString,
+ nsPlyServiceName DisplayString
+}
+
+NsPlyMonEntry ::= SEQUENCE
+{
+ nsPlyMonId Integer32,
+ nsPlyMonVsys Integer32,
+ nsPlyMonPackPerSec Integer32,
+ nsPlyMonPackPerMin Integer32,
+ nsPlyMonTotalPacket Counter32,
+ nsPlyMonBytePerSec Integer32,
+ nsPlyMonBytePerMin Integer32,
+ nsPlyMonTotalByte Counter32,
+ nsPlyMonSessionPerSec Integer32,
+ nsPlyMonSessionPerMin Integer32,
+ nsPlyMonTotalSession Counter32
+}
+
+nsPlyTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsPlyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A firewall provides a network boundary with a single point of
+ entry and exit-a choke point.You can screen and direct all that
+ traffic through the implementation of a set of access policies.
+ Access policies allow you to permit, deny, encrypt,
+ authenticate, prioritize, schedule, and monitor the traffic
+ attemption to cross your firewall. This table collects all the
+ policy configuration information existing in NetScreen
+ Device."
+ ::= { netscreenPolicy 1 }
+
+-- applicable only to release before 6.3
+--nsPlyEntry OBJECT-TYPE
+-- SYNTAX NsPlyEntry
+-- MAX-ACCESS not-accessible
+-- STATUS current
+-- DESCRIPTION
+-- "Each entry in the nsPlyTable holds a set of configuration
+-- parameters associatied with an instance of policy."
+-- INDEX
+-- { nsPlyId, nsPlyVsys }
+-- ::= { nsPlyTable 1 }
+
+-- applicable since 6.3 release, for pr439626
+nsPlyEntry OBJECT-TYPE
+ SYNTAX NsPlyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsPlyTable holds a set of configuration
+ parameters associatied with an instance of policy."
+ INDEX
+ { nsPlyVsys, nsPlyId }
+ ::= { nsPlyTable 1 }
+
+
+
+nsPlyId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each policy is identified by a unique policy ID."
+ ::= { nsPlyEntry 1 }
+
+nsPlyVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Vitural system's name this polic entry belongs to."
+ ::= { nsPlyEntry 2 }
+
+nsPlySrcZone OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Traffic through a firewall means that traffic flows from one
+ security zone to another. This object describes the source zone
+ name traffic flow passes."
+ ::= { nsPlyEntry 3 }
+
+nsPlyDstZone OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Traffic through a firewall means that traffic flows from one
+ security zone to another. This object describes the destination
+ zone name traffic flow passes."
+ ::= { nsPlyEntry 4 }
+
+nsPlySrcAddr OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Addresses are objects that identify network devices such as
+ hosts and networks by their location in relation to the
+ firwall on which security zone.To create an access policy for
+ specific addresses, you must first create entries for the
+ relevant hosts and networks in the address book.Source IP
+ address indicates the address in source zone, 0.0.0.0 means any
+ address."
+ ::= { nsPlyEntry 5 }
+
+nsPlyDstAddr OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Addresses are objects that identify network devices such as
+ hosts and networks by their location in relation to the
+ firwall-on which security zone.To create an access policy for
+ specific addresses, you must first create entries for the
+ relevant hosts and networks in the address book.Source IP
+ address indicates the address in destination zone, 0.0.0.0
+ means any address."
+ ::= { nsPlyEntry 6 }
+
+nsPlyService OBJECT-TYPE
+ SYNTAX INTEGER {
+ any(0),
+ aol(1),
+ bgp(2),
+ dpcp-relay(3),
+ dns(4),
+ finger(5),
+ ftp(6),
+ ftp-get(7),
+ ftp-put(8),
+ gopher(9),
+ h323(10),
+ http(11),
+ https(12),
+ icmp-info(13),
+ icmp-timestamp(14),
+ ike(15),
+ imap(16),
+ internet-locator-service(17),
+ irc(18),
+ l2tp(19),
+ ldap(20),
+ mail(21),
+ netmeeting(22),
+ nfs(23),
+ nntp(24),
+ ns-global(25),
+ ns-global-pro(26),
+ ntp(27),
+ ospf(28),
+ pc-anywhere(29),
+ ping(30),
+ pop3(31),
+ pptp(32),
+ real-media(33),
+ rip(34),
+ rlogin(35),
+ snmp(36),
+ ssh(37),
+ syslog(38),
+ talk(39),
+ tcp-any(40),
+ telnet(41),
+ tftp(42),
+ traceroute(43),
+ udp-any(44),
+ uucp(45),
+ vdo-live(46),
+ wais(47),
+ winframe(48),
+ x-windows(49),
+ other(50)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Sevices are objects that identify application protocols using
+ layer 4 information such as standard and accepted TCP and UDP
+ port numbers for application services like Telnet, FTP, SMTP
+ and HTTP. This object indicates all the traffic service type
+ this policy allows. 'Any' means all this policy allows all
+ service go through. 'Other' could be a configured service or
+ not in the list. See nsPlyServiceName for service name."
+ ::= { nsPlyEntry 7 }
+
+nsPlyAction OBJECT-TYPE
+ SYNTAX INTEGER {
+ deny(0),
+ permit(1),
+ tunnel(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Actions objects that describe what the firewall does to the
+ traffic it receives. Permit allows the packet to pass the
+ firewall. Deny blocks the packet from traversing the firewall.
+ Tunnel encapsulates outgoing IP packets and decapsulates
+ incoming IP packets."
+ ::= { nsPlyEntry 8 }
+
+nsPlyNat OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "You can apply NAT at the interface level or at the policy
+ level. With policy-based NAT, you can translate the source
+ address on either incoming or outging network and VPN traffic.
+ This object indicates if this is a policy-based NAT."
+ ::= { nsPlyEntry 9 }
+
+nsPlyFixPort OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "When in policy-based NAT, the new secure address can come from
+ either a Dynamic IP or from a Mapped IP. This object indicates
+ if poliy-based NAT uses fix port when working on NAT mode."
+ ::= { nsPlyEntry 10 }
+
+nsPlyDipId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the Dynamic ID chosen for NAT policy."
+ ::= { nsPlyEntry 11 }
+
+nsPlyVpnTunnel OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VPN tunnel this access policy applies to."
+ ::= { nsPlyEntry 12 }
+
+nsPlyL2tpTunnel OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2TP tunnel this access policy applies to."
+ ::= { nsPlyEntry 13 }
+
+nsPlyAuth OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the selecting this option requires the
+ user at the source address to authenticate his/her identiry by
+ supplying a user name and password before traffic is allowed to
+ graverw the firewall or enter the VPN tunnel."
+ ::= { nsPlyEntry 14 }
+
+nsPlyLogEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "When you enable logging in an access policy, the NetScreen
+ device logs all connections to which that paticular access
+ policy applies."
+ ::= { nsPlyEntry 15 }
+
+nsPlyCountEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "When you enable counting in an access plicy, the NetScreen
+ device counts the total number of bytes of traffic to which
+ this access policy applies and records the informaiton in
+ historical graphs."
+ ::= { nsPlyEntry 16 }
+
+nsPlyAlarmBPS OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User can set a threshold that triggers an alarm when the
+ traffic permitted by the access policy exceeds a specified
+ number of bytes per second."
+ ::= { nsPlyEntry 17 }
+
+nsPlyAlarmBPM OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User can set a threshold that triggers an alarm when the
+ traffic permitted by the access policy exceeds a specified
+ number of bytes per Minute."
+ ::= { nsPlyEntry 18 }
+
+nsPlySchedule OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "By associating a schedule to an access policy, you can
+ determine when the access policy is in effect."
+ ::= { nsPlyEntry 19 }
+
+nsPlyTrafficShapeEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User can set parameters for the control and shaping of traffic
+ for each access policy."
+ ::= { nsPlyEntry 20 }
+
+nsPlyTrafficPriority OBJECT-TYPE
+ SYNTAX INTEGER {
+ high(0),
+ priority2nd(1),
+ priority3rd(2),
+ priority4th(3),
+ priority5th(4),
+ priority6th(5),
+ priority7th(6),
+ priorityLow(7)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Traffic priority for this policy."
+ ::= { nsPlyEntry 21 }
+
+nsPlyDSEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Differentiated Services is a system for tagging traffic at a
+ position within a hierarchy of priority."
+ ::= { nsPlyEntry 22 }
+
+nsPlyActiveStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ inactive(0),
+ inuse(1),
+ hidden(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Show the status of one policy entry."
+ ::= { nsPlyEntry 23 }
+
+nsPlyName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "policy name (optional)"
+ ::= { nsPlyEntry 24 }
+
+nsPlyServiceName OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Sevices name that identify application protocols using
+ layer 4 information such as standard and accepted TCP and UDP
+ port numbers for application services like Telnet, FTP, SMTP
+ and HTTP. This object indicates all the traffic service type
+ this policy allows. 'Any' means all this policy allows all
+ service go through."
+ ::= { nsPlyEntry 25 }
+
+nsPlyMonTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsPlyMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "traffic information for the policy-based traffic."
+ ::= { netscreenPolicy 2 }
+
+nsPlyMonEntry OBJECT-TYPE
+ SYNTAX NsPlyMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry holds a set of traffic counters of a specific
+ policy."
+ INDEX
+ { nsPlyMonId, nsPlyMonVsys }
+ ::= { nsPlyMonTable 1 }
+
+nsPlyMonId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Policy Id, also used as index in this table"
+ ::= { nsPlyMonEntry 1 }
+
+nsPlyMonVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this policy belongs to"
+ ::= { nsPlyMonEntry 2 }
+
+nsPlyMonPackPerSec OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packets go through this policy per second"
+ ::= { nsPlyMonEntry 3 }
+
+nsPlyMonPackPerMin OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Packets go through this policy per minute"
+ ::= { nsPlyMonEntry 4 }
+
+nsPlyMonTotalPacket OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "total packets go through this policy"
+ ::= { nsPlyMonEntry 5 }
+
+nsPlyMonBytePerSec OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Bytes go through this policy per second"
+ ::= { nsPlyMonEntry 6 }
+
+nsPlyMonBytePerMin OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Bytes go through this policy per minute"
+ ::= { nsPlyMonEntry 7 }
+
+nsPlyMonTotalByte OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total bytes go through this policy"
+ ::= { nsPlyMonEntry 8 }
+
+nsPlyMonSessionPerSec OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Sessions go through this policy per second"
+ ::= { nsPlyMonEntry 9 }
+
+nsPlyMonSessionPerMin OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Sessions go through this policy per minute"
+ ::= { nsPlyMonEntry 10 }
+
+nsPlyMonTotalSession OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total Sessions go through this policy"
+ ::= { nsPlyMonEntry 11 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-PRODUCTS-MIB b/MIBS/screenos/NETSCREEN-PRODUCTS-MIB
new file mode 100644
index 0000000..66ecd33
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-PRODUCTS-MIB
@@ -0,0 +1,117 @@
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-PRODUCTS-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenProducts
+ FROM NETSCREEN-SMI
+ MODULE-IDENTITY
+ FROM SNMPv2-SMI
+ ;
+
+netscreenProductsMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object identifiers that are assigned
+ to various hardware platforms, and hence are returned as values
+ for sysObjectID"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200401200000Z" -- January 20, 2004
+ DESCRIPTION
+ "Add netscreenHardwareSecurity Client"
+ REVISION "200008020000Z" -- August 02, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenProducts 0 }
+
+netscreenGeneric OBJECT IDENTIFIER ::= { netscreenProducts 1 }
+
+netscreenNs5 OBJECT IDENTIFIER ::= { netscreenProducts 2 }
+
+netscreenNs10 OBJECT IDENTIFIER ::= { netscreenProducts 3 }
+
+netscreenNs100 OBJECT IDENTIFIER ::= { netscreenProducts 4 }
+
+netscreenNs1000 OBJECT IDENTIFIER ::= { netscreenProducts 5 }
+
+netscreenNs500 OBJECT IDENTIFIER ::= { netscreenProducts 6 }
+
+netscreenNs50 OBJECT IDENTIFIER ::= { netscreenProducts 7 }
+
+netscreenNs25 OBJECT IDENTIFIER ::= { netscreenProducts 8 }
+
+netscreenNs204 OBJECT IDENTIFIER ::= { netscreenProducts 9 }
+
+netscreenNs208 OBJECT IDENTIFIER ::= { netscreenProducts 10 }
+
+netscreenNs5XT OBJECT IDENTIFIER ::= { netscreenProducts 11 }
+
+netscreenNs5XP OBJECT IDENTIFIER ::= { netscreenProducts 12 }
+
+netscreenNs5000 OBJECT IDENTIFIER ::= { netscreenProducts 13 }
+
+netscreenNs5GT OBJECT IDENTIFIER ::= { netscreenProducts 14 }
+
+netscreenHardwareSecurityClient OBJECT IDENTIFIER ::= { netscreenProducts 15 }
+
+netscreenISG2000 OBJECT IDENTIFIER ::= { netscreenProducts 16 }
+
+netscreen-5GT-ADSL-AnnexA OBJECT IDENTIFIER ::= { netscreenProducts 17 }
+
+netscreen-5GT-ADSL-AnnexB OBJECT IDENTIFIER ::= { netscreenProducts 19 }
+
+netscreen-5GT-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 21 }
+
+netscreen-5GT-ADSL-AnnexA-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 23 }
+
+netscreen-5GT-ADSL-AnnexB-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 25 }
+
+netscreenISG1000 OBJECT IDENTIFIER ::= { netscreenProducts 28 }
+
+netscreenSSG5 OBJECT IDENTIFIER ::= { netscreenProducts 29 }
+
+netscreenSSG5-ISDN OBJECT IDENTIFIER ::= { netscreenProducts 30 }
+
+netscreenSSG5-v92 OBJECT IDENTIFIER ::= { netscreenProducts 31 }
+
+netscreenSSG5-Serial-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 32 }
+
+netscreenSSG5-ISDN-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 33 }
+
+netscreenSSG5-v92-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 34 }
+
+netscreenSSG20 OBJECT IDENTIFIER ::= { netscreenProducts 35 }
+
+netscreenSSG20-WLAN OBJECT IDENTIFIER ::= { netscreenProducts 36 }
+
+netscreenSSG520 OBJECT IDENTIFIER ::= { netscreenProducts 50 }
+
+netscreenSSG550 OBJECT IDENTIFIER ::= { netscreenProducts 51 }
+
+netscreenSSG140 OBJECT IDENTIFIER ::= { netscreenProducts 52 }
+
+netscreenSSG320 OBJECT IDENTIFIER ::= { netscreenProducts 54 }
+
+netscreenSSG350 OBJECT IDENTIFIER ::= { netscreenProducts 55 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-QOS-MIB b/MIBS/screenos/NETSCREEN-QOS-MIB
new file mode 100644
index 0000000..05c6819
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-QOS-MIB
@@ -0,0 +1,174 @@
+-- This module defines enterprise MIBs for QoS
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-QOS-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenQos
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ ;
+
+netscreenQosMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor QoS"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105150000Z" -- May 15, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenQos 0 }
+
+NsQosPlyEntry ::= SEQUENCE
+{
+ nsQosPlyId Integer32,
+ nsQosPlyVsys Integer32,
+ nsQosPlyQosEnable INTEGER,
+ nsQosPlyGanBW Integer32,
+ nsQosPlyMaxBW Integer32,--,
+ nsQosPlyTraffPriority Integer32,
+ nsQosPlyDSEnable INTEGER
+}
+
+nsQosUsrShapingMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1),
+ on-off(2),
+ off-on(3),
+ auto(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "QoS mode set by user"
+ ::= { netscreenQos 1 }
+
+nsQosSysShapingMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1),
+ on-off(2),
+ off-on(3),
+ auto(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "QoS mode currently set by the system"
+ ::= { netscreenQos 2 }
+
+nsQosPly OBJECT IDENTIFIER ::= { netscreenQos 3 }
+
+nsQosPlyTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsQosPlyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "QoS is the allocation of the appropriate amount of
+ network bandwidth to every user and application on an interface.
+ This table collects all the QoS configuration
+ setting on each physical interface."
+ ::= { nsQosPly 1 }
+
+nsQosPlyEntry OBJECT-TYPE
+ SYNTAX NsQosPlyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry holds a set of attributes for QoS"
+ INDEX
+ { nsQosPlyId }
+ ::= { nsQosPlyTable 1 }
+
+nsQosPlyId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique policy id, also used as table index."
+ ::= { nsQosPlyEntry 1 }
+
+nsQosPlyVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VSYS this policy belongs to."
+ ::= { nsQosPlyEntry 2 }
+
+nsQosPlyQosEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable QoS on this policy."
+ ::= { nsQosPlyEntry 3 }
+
+nsQosPlyGanBW OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Guaranteed Bandwidth (in bytes per second). When Qos Enable
+ is off, the value has no meaning."
+ ::= { nsQosPlyEntry 4 }
+
+nsQosPlyMaxBW OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Maxium Bandwidth (in bytes per second). When Qos Enable is
+ off, the value has no meaning. Negative value means it is not
+ set yet."
+ ::= { nsQosPlyEntry 5 }
+
+nsQosPlyTraffPriority OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Traffic priority for this policy. Zero is the highest
+ priority and seven is the lowest."
+ ::= { nsQosPlyEntry 6 }
+
+nsQosPlyDSEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable DiffServ codepoint marking on this policy."
+ ::= { nsQosPlyEntry 7 }
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-RESOURCE-MIB b/MIBS/screenos/NETSCREEN-RESOURCE-MIB
new file mode 100644
index 0000000..d969fab
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-RESOURCE-MIB
@@ -0,0 +1,299 @@
+-- This module defines enterprise MIBs for monitoring resources
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-RESOURCE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenResource
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ ;
+
+netscreenResourceMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ resource in netscreen box"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200205050000Z" -- May 05, 2002
+ DESCRIPTION
+ "Remove active session"
+ REVISION "200104300000Z" -- April 30, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenResource 0 }
+
+nsResCPU OBJECT IDENTIFIER ::= { netscreenResource 1 }
+
+nsResCpuAvg OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Average System CPU utilization in percentage."
+ ::= { nsResCPU 1 }
+
+nsResCpuLast1Min OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Last one minute CPU utilization in percentage."
+ ::= { nsResCPU 2 }
+
+nsResCpuLast5Min OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Last five minutes CPU utilization in percentage."
+ ::= { nsResCPU 3 }
+
+nsResCpuLast15Min OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Last fifteen minutes CPU utilization in percentage."
+ ::= { nsResCPU 4 }
+
+nsResMem OBJECT IDENTIFIER ::= { netscreenResource 2 }
+
+nsResMemAllocate OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Memory allocated."
+ ::= { nsResMem 1 }
+
+nsResMemLeft OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Memory left."
+ ::= { nsResMem 2 }
+
+nsResMemFrag OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Memory fragment."
+ ::= { nsResMem 3 }
+
+nsResSession OBJECT IDENTIFIER ::= { netscreenResource 3 }
+
+nsResSessAllocate OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allocate session number."
+ ::= { nsResSession 2 }
+
+nsResSessMaxium OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Maxium session number system can afford."
+ ::= { nsResSession 3 }
+
+nsResSessFailed OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Failed session allocation counters."
+ ::= { nsResSession 4 }
+
+nsResModTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsResModEntry
+ ACCESS not-accessible
+ STATUS mandatory
+ DESCRIPTION
+ "System status for multiple modules."
+ ::= { netscreenResource 4 }
+
+nsResModEntry OBJECT-TYPE
+ SYNTAX NsResModEntry
+ ACCESS not-accessible
+ STATUS mandatory
+ DESCRIPTION
+ "Each entry in the table holds a session status parameters associated
+ with an instance of security module."
+ INDEX { nsResModModId, nsResModCpuId}
+ ::= { nsResModTable 1 }
+
+NsResModEntry ::=
+ SEQUENCE {
+ nsResModModId
+ Integer32,
+ nsResModCpuId
+ Integer32,
+ nsResModCpuCurr
+ Integer32,
+ nsResModCpuLast1Min
+ Integer32,
+ nsResModCpuLast5Min
+ Integer32,
+ nsResModCpuLast15Min
+ Integer32,
+ nsResModMemAllocated
+ Integer32,
+ nsResModMemLeft
+ Integer32,
+ nsResModSessAllocated
+ Integer32,
+ nsResModSessMaximum
+ Integer32,
+ nsResModSessFailed
+ Integer32,
+ nsResModThresholdMem
+ Integer32,
+ nsResModThresholdCpu
+ Integer32,
+ nsResModThresholdSession
+ Integer32
+ }
+
+nsResModModId OBJECT-TYPE
+ SYNTAX Integer32 (1..32)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Module ID for security module. Each ID uniquely identifies a single Security Module."
+ ::= { nsResModEntry 1 }
+
+nsResModCpuId OBJECT-TYPE
+ SYNTAX Integer32 (1..2)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "CPU Identifier. Each ID uniquely identifies a single CPU residing on a Security Module."
+ ::= { nsResModEntry 2 }
+
+nsResModCpuCurr OBJECT-TYPE
+ SYNTAX Integer32 (1..100)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Current System CPU utilization in percentage."
+ ::= { nsResModEntry 3 }
+
+nsResModCpuLast1Min OBJECT-TYPE
+ SYNTAX Integer32 (1..100)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Last one minute CPU utilization in percentage."
+ ::= { nsResModEntry 4 }
+
+nsResModCpuLast5Min OBJECT-TYPE
+ SYNTAX Integer32 (1..100)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Last five minutes CPU utilization in percentage."
+ ::= { nsResModEntry 5 }
+
+nsResModCpuLast15Min OBJECT-TYPE
+ SYNTAX Integer32 (1..100)
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Last fifteen minutes CPU utilization in percentage."
+ ::= { nsResModEntry 6 }
+
+nsResModMemAllocated OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Current memory allocated for this cpu"
+ ::= { nsResModEntry 7 }
+
+nsResModMemLeft OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Current free memory for this security module. Since this is shared memory the same value is returned for both the cpus."
+ ::= { nsResModEntry 8 }
+
+nsResModSessAllocated OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Number of sessions currently allocated for this Security Module's cpu."
+ ::= { nsResModEntry 9 }
+
+nsResModSessMaximum OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Maximum number of sessions supported by this Security Module's cpu."
+ ::= { nsResModEntry 10 }
+
+nsResModSessFailed OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Number of sessions failed for this Security Module's cpu."
+ ::= { nsResModEntry 11 }
+
+nsResModThresholdMem OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Memory utilization of the security module exceeds the threshold pre-defined."
+ ::= { nsResModEntry 12 }
+
+nsResModThresholdCpu OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "CPU utilization of the security module exceeds the threshold pre-defined."
+ ::= { nsResModEntry 13 }
+
+nsResModThresholdSession OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Session number of the security module exceeds the threshold pre-defined."
+ ::= { nsResModEntry 14 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-RIPv2-MIB b/MIBS/screenos/NETSCREEN-RIPv2-MIB
new file mode 100644
index 0000000..436f968
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-RIPv2-MIB
@@ -0,0 +1,567 @@
+-- These MIBs were created on 1/2/2003
+-- This module defines enterprise MIBs for NS RIP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+--
+-- MODULE-IDENTITY
+-- OrgName
+-- Juniper Networks, Inc.
+-- ContactInfo
+-- Customer Support
+--
+-- 1194 North Mathilda Avenue
+-- Sunnyvale, California 94089-1206
+-- USA
+--
+-- Tel: 1-800-638-8296
+-- E-mail: customerservice@juniper.net
+-- HTTP://www.juniper.net"
+--
+-- Descr
+-- This module defines the object that are used to monitor
+-- NS's RIP configuration
+--
+-- Last modified date: 01/16/2003
+-- Last modified date: 11/10/2003
+--
+
+NETSCREEN-RIPv2-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, Counter32,
+ TimeTicks, IpAddress FROM SNMPv2-SMI
+ TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC
+ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
+ netscreenVR FROM NETSCREEN-SMI;
+
+ -- This MIB module uses the extended OBJECT-TYPE macro as
+ -- defined in [9].
+
+ nsRip2 MODULE-IDENTITY
+ LAST-UPDATED "200506032022Z" -- June 20, 2005
+ ORGANIZATION "IETF RIP-II Working Group"
+ CONTACT-INFO
+ " Fred Baker
+ Postal: Cisco Systems
+ 519 Lado Drive
+ Santa Barbara, California 93111
+ Tel: +1 805 681 0115
+ E-Mail: fbaker@cisco.com
+
+ Postal: Gary Malkin
+ Xylogics, Inc.
+ 53 Third Avenue
+ Burlington, MA 01803
+
+ Phone: (617) 272-8140
+ EMail: gmalkin@Xylogics.COM"
+ DESCRIPTION
+ "The MIB module to describe the RIP2 Version 2 Protocol"
+ ::= { netscreenVR 4 }
+
+ -- RIP-2 Management Information Base
+
+ -- the RouteTag type represents the contents of the
+ -- Route Domain field in the packet header or route entry.
+ -- The use of the Route Domain is deprecated.
+
+ RouteTag ::= TEXTUAL-CONVENTION
+ STATUS deprecated
+ DESCRIPTION
+ "the RouteTag type represents the contents of the Route Domain
+ field in the packet header or route entry"
+ SYNTAX OCTET STRING (SIZE (2))
+
+--4.1 Global Counters
+
+-- The RIP-2 Globals Group.
+-- Implementation of this group is mandatory for systems
+-- which implement RIP-2.
+
+-- These counters are intended to facilitate debugging quickly
+-- changing routes or failing neighbors
+
+-- nsRip2Globals OBJECT IDENTIFIER ::= { nsRip2 1 }
+
+-- nsRip2GlobalRouteChanges OBJECT-TYPE
+-- SYNTAX Counter32
+-- MAX-ACCESS read-only
+-- STATUS deprecated
+-- DESCRIPTION
+-- "The number of route changes made to the IP Route
+-- Database by RIP. This does not include the refresh
+-- of a route's age."
+-- ::= { nsRip2Globals 1 }
+
+-- nsRip2GlobalQueries OBJECT-TYPE
+-- SYNTAX Counter32
+-- MAX-ACCESS read-only
+-- STATUS deprecated
+-- DESCRIPTION
+-- "The number of responses sent to RIP queries
+-- from other systems."
+-- ::= { nsRip2Globals 2 }
+
+ nsRip2GlobalsTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRip2GlobalsEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A list of RIP2 Globals per VR."
+ ::= { nsRip2 1 }
+
+ nsRip2GlobalsEntry OBJECT-TYPE
+
+ SYNTAX NsRip2GlobalsEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "One VR's Globals."
+ INDEX { nsRip2GlobalVRID }
+ ::= { nsRip2GlobalsTable 1 }
+
+ NsRip2GlobalsEntry ::=
+ SEQUENCE {
+ nsRip2GlobalRouteChanges
+ Counter32,
+ nsRip2GlobalQueries
+ Counter32,
+ nsRip2GlobalVRID
+ INTEGER
+ }
+
+ nsRip2GlobalRouteChanges OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of route changes made to the IP Route
+ Database by RIP. This does not include the refresh
+ of a route's age."
+ ::= { nsRip2GlobalsEntry 1 }
+
+ nsRip2GlobalQueries OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of responses sent to RIP queries
+ from other systems."
+ ::= { nsRip2GlobalsEntry 2 }
+
+ nsRip2GlobalVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsRip2GlobalsEntry 3 }
+
+
+--4.2 RIP Interface Tables
+
+-- RIP Interfaces Groups
+-- Implementation of these Groups is mandatory for systems
+-- which implement RIP-2.
+
+-- The RIP Interface Status Table.
+
+ nsRip2IfStatTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRip2IfStatEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A list of subnets which require separate
+ status monitoring in RIP."
+ ::= { nsRip2 2 }
+
+ nsRip2IfStatEntry OBJECT-TYPE
+
+ SYNTAX NsRip2IfStatEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A Single Routing Domain in a single Subnet."
+ INDEX { nsRip2IfStatAddress, nsRip2IfStatVRID }
+ ::= { nsRip2IfStatTable 1 }
+
+ NsRip2IfStatEntry ::=
+ SEQUENCE {
+ nsRip2IfStatAddress
+ IpAddress,
+ nsRip2IfStatRcvBadPackets
+ Counter32,
+ nsRip2IfStatRcvBadRoutes
+ Counter32,
+ nsRip2IfStatSentUpdates
+ Counter32,
+ nsRip2IfStatStatus
+ RowStatus,
+ nsRip2IfStatVRID
+ INTEGER
+ }
+
+ nsRip2IfStatAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of this system on the indicated
+ subnet. For unnumbered interfaces, the value 0.0.0.N,
+ where the least significant 24 bits (N) is the ifIndex
+ for the IP Interface in network byte order."
+ ::= { nsRip2IfStatEntry 1 }
+
+ nsRip2IfStatRcvBadPackets OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of RIP response packets received by
+ the RIP process which were subsequently discarded
+ for any reason (e.g. a version 0 packet, or an
+ unknown command type)."
+ ::= { nsRip2IfStatEntry 2 }
+
+ nsRip2IfStatRcvBadRoutes OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+
+ DESCRIPTION
+ "The number of routes, in valid RIP packets,
+ which were ignored for any reason (e.g. unknown
+ address family, or invalid metric)."
+ ::= { nsRip2IfStatEntry 3 }
+
+ nsRip2IfStatSentUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of triggered RIP updates actually
+ sent on this interface. This explicitly does
+ NOT include full updates sent containing new
+ information."
+ ::= { nsRip2IfStatEntry 4 }
+
+ nsRip2IfStatStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "Writing invalid has the effect of deleting
+ this interface."
+ ::= { nsRip2IfStatEntry 5 }
+
+ nsRip2IfStatVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsRip2IfStatEntry 6 }
+
+-- The RIP Interface Configuration Table.
+
+ nsRip2IfConfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRip2IfConfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A list of subnets which require separate
+ configuration in RIP."
+ ::= { nsRip2 3 }
+
+ nsRip2IfConfEntry OBJECT-TYPE
+ SYNTAX NsRip2IfConfEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A Single Routing Domain in a single Subnet."
+ INDEX { nsRip2IfConfAddress, nsRip2IfConfVRID }
+ ::= { nsRip2IfConfTable 1 }
+
+ NsRip2IfConfEntry ::=
+ SEQUENCE {
+
+ nsRip2IfConfAddress
+ IpAddress,
+ nsRip2IfConfDomain
+ RouteTag,
+ nsRip2IfConfAuthType
+ INTEGER,
+ nsRip2IfConfAuthKey
+ OCTET STRING,
+ nsRip2IfConfSend
+ INTEGER,
+ nsRip2IfConfReceive
+ INTEGER,
+ nsRip2IfConfDefaultMetric
+ INTEGER,
+ nsRip2IfConfStatus
+ RowStatus,
+ nsRip2IfConfSrcAddress
+ IpAddress,
+ nsRip2IfConfVRID
+ INTEGER
+ }
+
+ nsRip2IfConfAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address of this system on the indicated
+ subnet. For unnumbered interfaces, the value 0.0.0.N,
+ where the least significant 24 bits (N) is the ifIndex
+ for the IP Interface in network byte order."
+ ::= { nsRip2IfConfEntry 1 }
+
+ nsRip2IfConfDomain OBJECT-TYPE
+ SYNTAX RouteTag
+ MAX-ACCESS read-create
+ STATUS obsolete
+ DESCRIPTION
+ "Value inserted into the Routing Domain field
+ of all RIP packets sent on this interface."
+ DEFVAL { '0000'H }
+ ::= { nsRip2IfConfEntry 2 }
+
+ nsRip2IfConfAuthType OBJECT-TYPE
+ SYNTAX INTEGER {
+ noAuthentication (1),
+ simplePassword (2),
+ md5 (3)
+ }
+ MAX-ACCESS read-create
+
+ STATUS deprecated
+ DESCRIPTION
+ "The type of Authentication used on this
+ interface."
+ DEFVAL { noAuthentication }
+ ::= { nsRip2IfConfEntry 3 }
+
+ nsRip2IfConfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..16))
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "The value to be used as the Authentication Key
+ whenever the corresponding instance of
+ nsRip2IfConfAuthType has a value other than
+ noAuthentication. A modification of the corresponding
+ instance of nsRip2IfConfAuthType does not modify
+ the nsRip2IfConfAuthKey value. If a string shorter
+ than 16 octets is supplied, it will be left-
+ justified and padded to 16 octets, on the right,
+ with nulls (0x00).
+
+ Reading this object always results in an OCTET
+ STRING of length zero; authentication may not
+ be bypassed by reading the MIB object."
+ DEFVAL { ''H }
+ ::= { nsRip2IfConfEntry 4 }
+
+ nsRip2IfConfSend OBJECT-TYPE
+ SYNTAX INTEGER {
+ doNotSend (1),
+ ripVersion1 (2),
+ rip1Compatible (3),
+ ripVersion2 (4),
+ ripV1Demand (5),
+ ripV2Demand (6)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "What the router sends on this interface.
+ ripVersion1 implies sending RIP updates compliant
+ with RFC 1058. rip1Compatible implies
+ broadcasting RIP-2 updates using RFC 1058 route
+ subsumption rules. ripVersion2 implies
+ multicasting RIP-2 updates. ripV1Demand indicates
+ the use of Demand RIP on a WAN interface under RIP
+ Version 1 rules. ripV2Demand indicates the use of
+
+ Demand RIP on a WAN interface under Version 2 rules."
+ DEFVAL { rip1Compatible }
+ ::= { nsRip2IfConfEntry 5 }
+
+ nsRip2IfConfReceive OBJECT-TYPE
+ SYNTAX INTEGER {
+ rip1 (1),
+ rip2 (2),
+ rip1OrRip2 (3),
+ doNotRecieve (4)
+ }
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This indicates which version of RIP updates
+ are to be accepted. Note that rip2 and
+ rip1OrRip2 implies reception of multicast
+ packets."
+ DEFVAL { rip1OrRip2 }
+ ::= { nsRip2IfConfEntry 6 }
+
+ nsRip2IfConfDefaultMetric OBJECT-TYPE
+ SYNTAX INTEGER ( 0..15 )
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "This variable indicates the metric that is to
+ be used for the default route entry in RIP updates
+ originated on this interface. A value of zero
+ indicates that no default route should be
+ originated; in this case, a default route via
+ another router may be propagated."
+ ::= { nsRip2IfConfEntry 7 }
+
+ nsRip2IfConfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+ "Writing invalid has the effect of deleting
+ this interface."
+ ::= { nsRip2IfConfEntry 8 }
+
+ nsRip2IfConfSrcAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS deprecated
+ DESCRIPTION
+
+ "The IP Address this system will use as a source
+ address on this interface. If it is a numbered
+ interface, this MUST be the same value as
+ nsRip2IfConfAddress. On unnumbered interfaces,
+ it must be the value of nsRip2IfConfAddress for
+ some interface on the system."
+ ::= { nsRip2IfConfEntry 9 }
+
+ nsRip2IfConfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsRip2IfConfEntry 10 }
+
+--4.3 Peer Table
+
+-- Peer Table
+
+-- The RIP Peer Group
+-- Implementation of this Group is Optional
+
+-- This group provides information about active peer
+-- relationships intended to assist in debugging. An
+-- active peer is a router from which a valid RIP
+-- updated has been heard in the last 180 seconds.
+
+ nsRip2PeerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsRip2PeerEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "A list of RIP Peers."
+ ::= { nsRip2 4 }
+
+ nsRip2PeerEntry OBJECT-TYPE
+ SYNTAX NsRip2PeerEntry
+ MAX-ACCESS not-accessible
+ STATUS deprecated
+ DESCRIPTION
+ "Information regarding a single routing peer."
+ INDEX { nsRip2PeerAddress, nsRip2PeerDomain, nsRip2PeerVRID }
+ ::= { nsRip2PeerTable 1 }
+
+ NsRip2PeerEntry ::=
+ SEQUENCE {
+ nsRip2PeerAddress
+ IpAddress,
+ nsRip2PeerDomain
+ RouteTag,
+ nsRip2PeerLastUpdate
+ TimeTicks,
+ nsRip2PeerVersion
+ INTEGER,
+ nsRip2PeerRcvBadPackets
+
+ Counter32,
+ nsRip2PeerRcvBadRoutes
+ Counter32,
+ nsRip2PeerVRID
+ INTEGER
+ }
+
+ nsRip2PeerAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The IP Address that the peer is using as its source
+ address. Note that on an unnumbered link, this may
+ not be a member of any subnet on the system."
+ ::= { nsRip2PeerEntry 1 }
+
+ nsRip2PeerDomain OBJECT-TYPE
+ SYNTAX RouteTag
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The value in the Routing Domain field in RIP
+ packets received from the peer. As domain suuport
+ is deprecated, this must be zero."
+ ::= { nsRip2PeerEntry 2 }
+
+ nsRip2PeerLastUpdate OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The value of sysUpTime when the most recent
+ RIP update was received from this system."
+ ::= { nsRip2PeerEntry 3 }
+
+ nsRip2PeerVersion OBJECT-TYPE
+ SYNTAX INTEGER ( 0..255 )
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The RIP version number in the header of the
+ last RIP packet received."
+ ::= { nsRip2PeerEntry 4 }
+
+ nsRip2PeerRcvBadPackets OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+
+ "The number of RIP response packets from this
+ peer discarded as invalid."
+ ::= { nsRip2PeerEntry 5 }
+
+ nsRip2PeerRcvBadRoutes OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "The number of routes from this peer that were
+ ignored because the entry format was invalid."
+ ::= { nsRip2PeerEntry 6 }
+
+ nsRip2PeerVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS deprecated
+ DESCRIPTION
+ "Virtual Router ID"
+ ::= { nsRip2PeerEntry 7 }
+
+END
diff --git a/MIBS/screenos/NETSCREEN-SCHEDULE-MIB b/MIBS/screenos/NETSCREEN-SCHEDULE-MIB
new file mode 100644
index 0000000..f0cc10f
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SCHEDULE-MIB
@@ -0,0 +1,253 @@
+-- This module defines enterprise MIBs for Schedule
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SCHEDULE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSchedule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenScheduleMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ scheduled entries"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSchedule 0 }
+
+NsSchOnceEntry ::= SEQUENCE
+{
+ nsSchOnceIndex Integer32,
+ nsSchOnceName DisplayString,
+ nsSchOnceStartTime DisplayString,
+ nsSchOnceStopTime DisplayString,
+ nsSchOnceComments DisplayString,
+ nsSchOnceVsys Integer32
+}
+
+NsSchRecurEntry ::= SEQUENCE
+{
+ nsSchRecurIndex Integer32,
+ nsSchRecurName DisplayString,
+ nsSchRecurWeekday INTEGER,
+ nsSchRecurStartTime1 DisplayString,
+ nsSchRecurStopTime1 DisplayString,
+ nsSchRecurStartTime2 DisplayString,
+ nsSchRecurStopTime2 DisplayString,
+ nsSchRecurComments DisplayString,
+ nsSchRecurVsys Integer32
+}
+
+nsSchOnceTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSchOnceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "By associating a schedule to a NetScreen device setting, user
+ can determine when that setting is in effect. This table
+ specifies the configuration of schedules as a one-time
+ event."
+ ::= { netscreenSchedule 1 }
+
+nsSchOnceEntry OBJECT-TYPE
+ SYNTAX NsSchOnceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsSchOnceTable holds a set of configuration
+ parameters associated with an instance of one-time schedule."
+ INDEX
+ { nsSchOnceIndex }
+ ::= { nsSchOnceTable 1 }
+
+nsSchOnceIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for schedule. Its value ranges between 1 and
+ 65535 and may not be contiguous. The index has no other
+ meaning but a pure index"
+ ::= { nsSchOnceEntry 1 }
+
+nsSchOnceName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's name."
+ ::= { nsSchOnceEntry 2 }
+
+nsSchOnceStartTime OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's start time."
+ ::= { nsSchOnceEntry 3 }
+
+nsSchOnceStopTime OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's stop time."
+ ::= { nsSchOnceEntry 4 }
+
+nsSchOnceComments OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Comments for this schedule."
+ ::= { nsSchOnceEntry 5 }
+
+nsSchOnceVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Vsys this entry belongs to"
+ ::= { nsSchOnceEntry 6 }
+
+nsSchRecurTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSchRecurEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "By associating a schedule to a NetScreen device setting, user
+ can determine when that setting is in effect. This table
+ specifies the configuration of schedules on a recurring
+ basis."
+ ::= { netscreenSchedule 2 }
+
+nsSchRecurEntry OBJECT-TYPE
+ SYNTAX NsSchRecurEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsSchOnceTable holds a set of configuration
+ parameters associated with an instance of re-occurring
+ schedule."
+ INDEX
+ { nsSchRecurIndex }
+ ::= { nsSchRecurTable 1 }
+
+nsSchRecurIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for schedule. Its value ranges between 1 and
+ 65535 and may not be contiguous. The index has no other
+ meaning but a pure index"
+ ::= { nsSchRecurEntry 1 }
+
+nsSchRecurName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's name"
+ ::= { nsSchRecurEntry 2 }
+
+nsSchRecurWeekday OBJECT-TYPE
+ SYNTAX INTEGER {
+ sun(0),
+ mon(1),
+ tue(2),
+ wed(3),
+ thu(4),
+ fri(5),
+ sat(6)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's starts date, using week day to determine."
+ ::= { nsSchRecurEntry 3 }
+
+nsSchRecurStartTime1 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's start time one."
+ ::= { nsSchRecurEntry 4 }
+
+nsSchRecurStopTime1 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule's stop time one."
+ ::= { nsSchRecurEntry 5 }
+
+nsSchRecurStartTime2 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule start time two."
+ ::= { nsSchRecurEntry 6 }
+
+nsSchRecurStopTime2 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "schedule stop time two."
+ ::= { nsSchRecurEntry 7 }
+
+nsSchRecurComments OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "comments for the schedule."
+ ::= { nsSchRecurEntry 8 }
+
+nsSchRecurVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The vsys this entry belongs to"
+ ::= { nsSchRecurEntry 9 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SERVICE-MIB b/MIBS/screenos/NETSCREEN-SERVICE-MIB
new file mode 100644
index 0000000..54a54ea
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SERVICE-MIB
@@ -0,0 +1,323 @@
+-- This module defines enterprise MIBs for Services
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SERVICE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenService
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenServiceMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ service configuration in NetScreen device."
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenService 0 }
+
+NsServiceEntry ::= SEQUENCE
+{
+ nsServiceIndex Integer32,
+ nsServiceName DisplayString,
+ nsServiceCategory INTEGER,
+ nsServiceTransProto INTEGER,
+ nsServiceSrcPortLow Integer32,
+ nsServiceSrcPortHigh Integer32,
+ nsServiceDstPortLow Integer32,
+ nsServiceDstPortHigh Integer32,
+ nsServiceFlag INTEGER,
+ nsServiceVsys Integer32
+}
+
+NsServiceGroupEntry ::= SEQUENCE
+{
+ nsServiceGroupIndex Integer32,
+ nsServiceGroupName DisplayString,
+ nsServiceGroupMember Integer32,
+ nsServiceGroupComment DisplayString,
+ nsServiceGroupVsys Integer32
+}
+
+NsServiceGrpMemberEntry ::= SEQUENCE
+{
+ nsServiceGrpMemberIndex Integer32,
+ nsServiceGrpName DisplayString,
+ nsServiceGroupMemberName DisplayString,
+ nsServiceGroupMemberVsys Integer32
+}
+
+nsServiceTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsServiceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Services are types of IP traffic for which protocol standards
+ exist. This table collects all the service configurations
+ existing in NetScreen device."
+ ::= { netscreenService 1 }
+
+nsServiceEntry OBJECT-TYPE
+ SYNTAX NsServiceEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each enry in the nsServiceTable holds a set of configuration
+ parameters associated with an instance of service."
+ INDEX
+ { nsServiceIndex }
+ ::= { nsServiceTable 1 }
+
+nsServiceIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each address. Its value ranges between 0
+ and 65535 and may not be contiguous."
+ ::= { nsServiceEntry 1 }
+
+nsServiceName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service name."
+ ::= { nsServiceEntry 2 }
+
+nsServiceCategory OBJECT-TYPE
+ SYNTAX INTEGER {
+ remote(1),
+ email(2),
+ infoseek(3),
+ security(4),
+ other(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Category this service belongs to."
+ ::= { nsServiceEntry 3 }
+
+nsServiceTransProto OBJECT-TYPE
+ SYNTAX INTEGER {
+ other(0),
+ icmp(1),
+ tcp(6),
+ udp(17),
+ egp(8),
+ igp(9),
+ udp(17),
+ rsvp(46),
+ gre(47),
+ ospf(89)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service trans protocol.
+ 6 means tcp
+ 17 means udp"
+ ::= { nsServiceEntry 4 }
+
+nsServiceSrcPortLow OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The low source port number associated with service."
+ ::= { nsServiceEntry 5 }
+
+nsServiceSrcPortHigh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The high source port number associated with service."
+ ::= { nsServiceEntry 6 }
+
+nsServiceDstPortLow OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The low destination port number associated with service."
+ ::= { nsServiceEntry 7 }
+
+nsServiceDstPortHigh OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The high source port number associated with service."
+ ::= { nsServiceEntry 8 }
+
+nsServiceFlag OBJECT-TYPE
+ SYNTAX INTEGER {
+ pre-define(0),
+ usr-define(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service flag used to indicate if the service is a pre-defined
+ one or a custom one."
+ ::= { nsServiceEntry 9 }
+
+nsServiceVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this configuration belongs to."
+ ::= { nsServiceEntry 10 }
+
+nsServiceGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsServiceGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Services can be organized into service group for convenience.
+ This table collects all service group entries in NetScreen
+ device."
+ ::= { netscreenService 2 }
+
+nsServiceGroupEntry OBJECT-TYPE
+ SYNTAX NsServiceGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsServiceGroupTable holds a set of
+ information about service group."
+ INDEX
+ { nsServiceGroupIndex }
+ ::= { nsServiceGroupTable 1 }
+
+nsServiceGroupIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each group. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsServiceGroupEntry 1 }
+
+nsServiceGroupName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service group name."
+ ::= { nsServiceGroupEntry 2 }
+
+nsServiceGroupMember OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Service member number in service group."
+ ::= { nsServiceGroupEntry 3 }
+
+nsServiceGroupComment OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Comments for service group."
+ ::= { nsServiceGroupEntry 4 }
+
+nsServiceGroupVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this group belongs to."
+ ::= { nsServiceGroupEntry 5 }
+
+nsServiceGrpMemberTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsServiceGrpMemberEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Service group membership info table will show detail
+ information of a service group."
+ ::= { netscreenService 3 }
+
+nsServiceGrpMemberEntry OBJECT-TYPE
+ SYNTAX NsServiceGrpMemberEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing attributes service group's member info"
+ INDEX
+ { nsServiceGrpMemberIndex }
+ ::= { nsServiceGrpMemberTable 1 }
+
+nsServiceGrpMemberIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each group. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsServiceGrpMemberEntry 1 }
+
+nsServiceGrpName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Specific service group name"
+ ::= { nsServiceGrpMemberEntry 2 }
+
+nsServiceGroupMemberName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Specific service name in the service group."
+ ::= { nsServiceGrpMemberEntry 3 }
+
+nsServiceGroupMemberVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this configuration belongs to"
+ ::= { nsServiceGrpMemberEntry 4 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB b/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB
new file mode 100644
index 0000000..94e7fe2
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-ADMIN-USR-MIB
@@ -0,0 +1,202 @@
+-- This module defines enterprise MIBs for NS admin setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-ADMIN-USR-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetAdminUsrMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor admin
+ user"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 11 }
+
+NsSetAdminUserClientEntry ::= SEQUENCE
+{
+ nsAdminUserClientIndex Integer32,
+ nsAdminUserClientIp IpAddress,
+ nsAdminUserClientNetmask IpAddress,
+ nsAdminUserVSYS Integer32
+}
+
+NsSetAdminUserLocalEntry ::= SEQUENCE
+{
+ nsAdminUserLocalIndex Integer32,
+ nsAdminUserLocalName DisplayString,
+ nsAdminUserLocalPriv Integer32,
+ nsAdminUserLocalRole Integer32
+}
+
+nsSetAdminUser OBJECT IDENTIFIER ::= { netscreenSetting 11 }
+
+nsSetAdminUserLocalTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetAdminUserLocalEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table collects all administration user information stored
+ in local user database."
+ ::= { nsSetAdminUser 1 }
+
+nsSetAdminUserLocalEntry OBJECT-TYPE
+ SYNTAX NsSetAdminUserLocalEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Local database administration user attributes."
+ INDEX
+ { nsAdminUserLocalIndex }
+ ::= { nsSetAdminUserLocalTable 1 }
+
+nsAdminUserLocalIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for user info table. Its value ranges between
+ 0 and 65535 and may not be contiguous."
+ ::= { nsSetAdminUserLocalEntry 1 }
+
+nsAdminUserLocalName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Administration user name."
+ ::= { nsSetAdminUserLocalEntry 2 }
+
+nsAdminUserLocalPriv OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Administration user's privileges. The smaller the value, the
+ higher the privileges."
+ ::= { nsSetAdminUserLocalEntry 3 }
+
+nsAdminUserLocalRole OBJECT-TYPE
+ SYNTAX Integer32 {
+ not-assigned(0),
+ crypto(1),
+ security(2),
+ audit(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Administration user's role attributes."
+ ::= { nsSetAdminUserLocalEntry 4 }
+
+nsAdminUserRadius OBJECT IDENTIFIER ::= { nsSetAdminUser 2 }
+
+nsAdminUserRadiusEnabled OBJECT-TYPE
+ SYNTAX INTEGER {
+ disabled(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable external radius server to authenticate admin user"
+ ::= { nsAdminUserRadius 1 }
+
+nsAdminUserRadiusServer OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "External radius server name"
+ ::= { nsAdminUserRadius 2 }
+
+nsSetAdminUserClientTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetAdminUserClientEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Management Client IP addresses is used to restrict the
+ administration ability from one or multiple addresses of a
+ subnet."
+ ::= { nsSetAdminUser 3 }
+
+nsSetAdminUserClientEntry OBJECT-TYPE
+ SYNTAX NsSetAdminUserClientEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing admin client ip information"
+ INDEX
+ { nsAdminUserClientIndex }
+ ::= { nsSetAdminUserClientTable 1 }
+
+nsAdminUserClientIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for client ip table. Its value ranges between
+ 0 and 65535 and may not be contiguous."
+ ::= { nsSetAdminUserClientEntry 1 }
+
+nsAdminUserClientIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Management client ip"
+ ::= { nsSetAdminUserClientEntry 2 }
+
+nsAdminUserClientNetmask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Management client ip netmask"
+ ::= { nsSetAdminUserClientEntry 3 }
+
+nsAdminUserVSYS OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Vsys ID of the admin user"
+ ::= { nsSetAdminUserClientEntry 4 }
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-AUTH-MIB b/MIBS/screenos/NETSCREEN-SET-AUTH-MIB
new file mode 100644
index 0000000..95254ba
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-AUTH-MIB
@@ -0,0 +1,404 @@
+-- This module defines enterprise MIBs for Authentication
+-- Configuration
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-AUTH-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetAuthMibModule MODULE-IDENTITY
+ LAST-UPDATED "200411102022Z" -- Nov 10, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the configuration info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Added nsSetAuthCfgEntry attributes"
+ REVISION "200411102022Z" -- Nov 10, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200204270000Z" -- April 27, 2002
+ DESCRIPTION
+ "More than one auth setting allowed in one system"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 2 }
+
+NsSetAuthCfgEntry ::= SEQUENCE
+{
+ nsSetAuthCfgIdx Integer32,
+ nsSetAuthCfgVsys Integer32,
+ nsSetAuthCfgName DisplayString,
+ nsSetAuthCfgPrimary DisplayString,
+ nsSetAuthCfgBackup1 DisplayString,
+ nsSetAuthCfgBackup2 DisplayString,
+ nsSetAuthCfgConnIdleTimeout Integer32,
+ nsSetAuthCfgAuthAccount INTEGER,
+ nsSetAuthCfgIkeAccount INTEGER,
+ nsSetAuthCfgL2tpAccount INTEGER,
+ nsSetAuthCfgAdminAccount INTEGER,
+ nsSetAuthCfgXauthAccount INTEGER,
+ nsSetAuthCfgMethod INTEGER,
+ nsSetAuthCfgPort Integer32,
+ nsSetAuthCfgSecCliRetry Integer32,
+ nsSetAuthCfgSecCliTimeout Integer32,
+ nsSetAuthCfgSecEncType INTEGER,
+ nsSetAuthCfgSecUseDuress INTEGER,
+ nsSetAuthCfgLDAPCni DisplayString,
+ nsSetAuthCfgLDAPDn DisplayString,
+ nsSetAuthCfgSepChar DisplayString,
+ nsSetAuthCfgSepNumber Integer32,
+ nsSetAuthCfgRevInterval Integer32,
+ nsSetAuthCfgRadRetries Integer32,
+ nsSetAuthCfgEnableStnID INTEGER,
+ nsSetAuthCfgDomainName DisplayString,
+ nsSetAuthCfgAcctSessIdLen Integer32,
+ nsSetAuthCfgRFC2138Compatibility INTEGER,
+ nsSetAuthCfgSourceIfName DisplayString,
+ nsSetAuthCfgAcctPort Integer32,
+ nsSetAuthCfgAcctListActn INTEGER,
+ nsSetAuthCfgSourceIfInfo Integer32
+}
+
+nsSetAuth OBJECT IDENTIFIER ::= { netscreenSetting 2 }
+
+nsSetAuthCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetAuthCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The authentication configuration of NetScreen device."
+ ::= { nsSetAuth 1 }
+
+nsSetAuthCfgEntry OBJECT-TYPE
+ SYNTAX NsSetAuthCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen admin user authentication setting table."
+ INDEX
+ { nsSetAuthCfgIdx }
+ ::= { nsSetAuthCfgTable 1 }
+
+nsSetAuthCfgIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Authentication server config index."
+ ::= { nsSetAuthCfgEntry 1 }
+
+nsSetAuthCfgVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtural system the setting belongs to."
+ ::= { nsSetAuthCfgEntry 2 }
+
+nsSetAuthCfgName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Authentication server setting entry name."
+ ::= { nsSetAuthCfgEntry 3 }
+
+nsSetAuthCfgPrimary OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Primary authentication server IP or domain name."
+ ::= { nsSetAuthCfgEntry 4 }
+
+nsSetAuthCfgBackup1 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "First backup authentication server IP or domain name.It's
+ optional."
+ ::= { nsSetAuthCfgEntry 5 }
+
+nsSetAuthCfgBackup2 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secondary backup authentication server IP or domain name.It's
+ optional."
+ ::= { nsSetAuthCfgEntry 6 }
+
+nsSetAuthCfgConnIdleTimeout OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "connection timeout threshold setting. 0 means no timeout
+ setting."
+ ::= { nsSetAuthCfgEntry 7 }
+
+nsSetAuthCfgAuthAccount OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allow authentication account."
+ ::= { nsSetAuthCfgEntry 8 }
+
+nsSetAuthCfgIkeAccount OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allow IKE account."
+ ::= { nsSetAuthCfgEntry 9 }
+
+nsSetAuthCfgL2tpAccount OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allow L2tp account."
+ ::= { nsSetAuthCfgEntry 10 }
+
+nsSetAuthCfgAdminAccount OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allow administration account."
+ ::= { nsSetAuthCfgEntry 11 }
+
+nsSetAuthCfgXauthAccount OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Allow Xauth account."
+ ::= { nsSetAuthCfgEntry 12 }
+
+nsSetAuthCfgMethod OBJECT-TYPE
+ SYNTAX INTEGER {
+ build-in-user-db(0),
+ radius-server(1),
+ secureId-server(2),
+ ldap-server(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetScreen device admin user authentication method."
+ ::= { nsSetAuthCfgEntry 13 }
+
+nsSetAuthCfgPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Server listening port number."
+ ::= { nsSetAuthCfgEntry 14 }
+
+nsSetAuthCfgSecCliRetry OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SecureID client client retry times"
+ ::= { nsSetAuthCfgEntry 15 }
+
+nsSetAuthCfgSecCliTimeout OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SecureID client timeout threshold."
+ ::= { nsSetAuthCfgEntry 16 }
+
+nsSetAuthCfgSecEncType OBJECT-TYPE
+ SYNTAX INTEGER {
+ sdi(0),
+ des(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SecureID traffic encryption type."
+ ::= { nsSetAuthCfgEntry 17 }
+
+nsSetAuthCfgSecUseDuress OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Use duress in SecureID authentication."
+ ::= { nsSetAuthCfgEntry 18 }
+
+nsSetAuthCfgLDAPCni OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..2))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "LDAP server common name identifier"
+ ::= { nsSetAuthCfgEntry 19 }
+
+nsSetAuthCfgLDAPDn OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "LDAP server distinguished name"
+ ::= { nsSetAuthCfgEntry 20 }
+
+nsSetAuthCfgSepChar OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..2))
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Seperator character for this entry"
+ ::= { nsSetAuthCfgEntry 21 }
+
+nsSetAuthCfgSepNumber OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Seperator number for this entry"
+ ::= { nsSetAuthCfgEntry 22 }
+
+nsSetAuthCfgRevInterval OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Revert interval for this entry"
+ ::= { nsSetAuthCfgEntry 23 }
+nsSetAuthCfgRadRetries OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Radius retries for this entries"
+ ::= { nsSetAuthCfgEntry 24 }
+nsSetAuthCfgEnableStnID OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Enable/Disable call station ID for this entry."
+ ::= { nsSetAuthCfgEntry 25 }
+
+nsSetAuthCfgDomainName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Domain name for this entry"
+ ::= { nsSetAuthCfgEntry 26 }
+
+nsSetAuthCfgAcctSessIdLen OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Acct session identifier length for this entry"
+ ::= { nsSetAuthCfgEntry 27 }
+nsSetAuthCfgRFC2138Compatibility OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Is RFC2138 compatible for this entry"
+ ::= { nsSetAuthCfgEntry 28 }
+
+nsSetAuthCfgSourceIfName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Source interface name for this entry"
+ ::= { nsSetAuthCfgEntry 29 }
+
+nsSetAuthCfgAcctPort OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Radius accounting port for this entry"
+ ::= { nsSetAuthCfgEntry 30 }
+
+nsSetAuthCfgAcctListActn OBJECT-TYPE
+ SYNTAX INTEGER {
+ none(0),
+ cleanup-sess(1)
+ }
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Radius accounting action for this entry"
+ ::= { nsSetAuthCfgEntry 31 }
+
+nsSetAuthCfgSourceIfInfo OBJECT-TYPE
+ SYNTAX Integer32
+ ACCESS read-only
+ STATUS mandatory
+ DESCRIPTION
+ "Source interface info for this entry. Returns -1 if no interface is selected"
+ ::= { nsSetAuthCfgEntry 32 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-DHCP-MIB b/MIBS/screenos/NETSCREEN-SET-DHCP-MIB
new file mode 100644
index 0000000..7f41788
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-DHCP-MIB
@@ -0,0 +1,134 @@
+-- This module defines enterprise MIBs for DHCP Configuration
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-DHCP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetDhcpMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the configuration info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct wrong title"
+ REVISION "200112120000Z" -- December 12, 2001
+ DESCRIPTION
+ "change dhcp configuration per physical interface"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 5 }
+
+NsSetDhcpEntry ::= SEQUENCE
+{
+ nsSetDhcpIfIdx Integer32,
+ nsSetDHCPService INTEGER,
+ nsSetDHCPRelayServer DisplayString,
+ nsSetDHCPVpnEncryp INTEGER,
+ nsSetDhcpIfInfo Integer32
+}
+
+nsSetDHCP OBJECT IDENTIFIER ::= { netscreenSetting 5 }
+
+nsSetDhcpTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetDhcpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen ScreenOS can allow dhcp service on each of NetScreen
+ device's physical interface. This table collects the dhcp
+ configuration on each physical interface."
+ ::= { nsSetDHCP 1 }
+
+nsSetDhcpEntry OBJECT-TYPE
+ SYNTAX NsSetDhcpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Hold the firewall setting attribute."
+ INDEX
+ { nsSetDhcpIfIdx }
+ ::= { nsSetDhcpTable 1 }
+
+nsSetDhcpIfIdx OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "unique interface id."
+ ::= { nsSetDhcpEntry 1 }
+
+nsSetDHCPService OBJECT-TYPE
+ SYNTAX INTEGER {
+ none(0),
+ dhcp-relay-agent(1),
+ dhcp-server(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DHCP service type for trusted network."
+ ::= { nsSetDhcpEntry 2 }
+
+nsSetDHCPRelayServer OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..128))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DHCP relay agent server name."
+ ::= { nsSetDhcpEntry 3 }
+
+nsSetDHCPVpnEncryp OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure DHCP relay agent traffic via VPN encryption."
+ ::= { nsSetDhcpEntry 4 }
+
+nsSetDhcpIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsSetDhcpEntry 5 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-DNS-MIB b/MIBS/screenos/NETSCREEN-SET-DNS-MIB
new file mode 100644
index 0000000..3d41b41
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-DNS-MIB
@@ -0,0 +1,90 @@
+-- This module defines enterprise MIBs for DNS Configuration
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-DNS-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetDnsMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the configuration info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct wrong title"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 3 }
+
+nsSetDNS OBJECT IDENTIFIER ::= { netscreenSetting 3 }
+
+nsConfigDnsPriSer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Primary DNS server ip address"
+ ::= { nsSetDNS 1 }
+
+nsConfigDnsSecSer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secondary DNS server ip address"
+ ::= { nsSetDNS 2 }
+
+nsConfigDnsRefEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable refresh DNS every day."
+ ::= { nsSetDNS 3 }
+
+nsConfigDnsRefTime OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(6))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DNS refresh time."
+ ::= { nsSetDNS 4 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB b/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB
new file mode 100644
index 0000000..6939a09
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-EMAIL-MIB
@@ -0,0 +1,102 @@
+-- This module defines enterprise MIBs for email notification
+-- setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-EMAIL-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetEmailMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ the email notification setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct wrong title"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 7 }
+
+nsSetEmail OBJECT IDENTIFIER ::= { netscreenSetting 7 }
+
+nsSetEmailEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable E-mail Notification for Alarms"
+ ::= { nsSetEmail 1 }
+
+nsSetEmailSMTP OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SMTP server name"
+ ::= { nsSetEmail 2 }
+
+nsSetEmailLog OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Include Traffic Log in email"
+ ::= { nsSetEmail 3 }
+
+nsSetEmailAddr1 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "E-mail receiver address one"
+ ::= { nsSetEmail 4 }
+
+nsSetEmailAddr2 OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "E-mail receiver address two"
+ ::= { nsSetEmail 5 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-GEN-MIB b/MIBS/screenos/NETSCREEN-SET-GEN-MIB
new file mode 100644
index 0000000..db5b921
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-GEN-MIB
@@ -0,0 +1,130 @@
+-- This module defines enterprise MIBs for Configuration monitoring
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-GEN-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetGenMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "obsolete nsSetGenSysIp"
+ REVISION "200508120000Z" -- Aug 12, 2005
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the configuration info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 1 }
+
+nsSetGeneral OBJECT IDENTIFIER ::= { netscreenSetting 1 }
+
+nsSetGenSysIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS obsolete
+ DESCRIPTION
+ "System Ip address"
+ ::= { nsSetGeneral 1 }
+
+nsSetGenHostName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Host name of NetScreen device."
+ ::= { nsSetGeneral 2 }
+
+nsSetGenDomain OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Domain name of NetScreen device."
+ ::= { nsSetGeneral 3 }
+
+nsSetGenOpMode OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetScreen device can work in one of the tree mode:
+ transparent, NAT and route. This attribute indicates which
+ operation mode it use."
+ ::= { nsSetGeneral 4 }
+
+nsSetGenSwVer OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..128))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetSceen OS version."
+ ::= { nsSetGeneral 5 }
+
+nsSetGenLicInfo OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetScreen OS license information."
+ ::= { nsSetGeneral 6 }
+
+nsSetGenSCSAdminEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "enable Command Security Shell"
+ ::= { nsSetGeneral 7 }
+
+nsSetGenDropSelfLogPac OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Log Packets to Self that are dropped"
+ ::= { nsSetGeneral 8 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-GLB-MIB b/MIBS/screenos/NETSCREEN-SET-GLB-MIB
new file mode 100644
index 0000000..9c01c8e
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-GLB-MIB
@@ -0,0 +1,272 @@
+-- This module defines enterprise MIBs for Global, Global-Pro and NSM setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-GLB-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetGlbMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ Global, Global-Pro and NSM setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 10 }
+
+nsSetGlbMng OBJECT IDENTIFIER ::= { netscreenSetting 10 }
+
+nsSetGlbMngVPNEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure NS Global Manager/PRO traffic via VPN encryption."
+ ::= { nsSetGlbMng 1 }
+
+nsSetGlbMngEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Global Manager service on NetScreen device."
+ ::= { nsSetGlbMng 2 }
+
+nsSetGlbProEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Global Pro Management service on NetScreen device."
+ ::= { nsSetGlbMng 3 }
+
+nsSetGlbManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 4 }
+
+nsSetGlbMngSerName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Server Name of Global Manager service."
+ ::= { nsSetGlbManagerSetting 1 }
+
+nsSetGlbMngSerTCP OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "TCP port number of Global Manager service."
+ ::= { nsSetGlbManagerSetting 2 }
+
+nsSetGlbMngSerUDP OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "UDP port number of Global Manager service."
+ ::= { nsSetGlbManagerSetting 3 }
+
+nsSetGlbMngLocal OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Global Manager service listening port number(NS device
+ side)."
+ ::= { nsSetGlbManagerSetting 4 }
+
+nsSetGlbProManagerSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 5 }
+
+nsSetGlbProPriSer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Primary IP Address of Global PRO Server."
+ ::= { nsSetGlbProManagerSetting 1 }
+
+nsSetGlbProSecSer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secondary IP Address of Global PRO Server"
+ ::= { nsSetGlbProManagerSetting 2 }
+
+nsSetGlbMngSetting OBJECT IDENTIFIER ::= { nsSetGlbMng 6 }
+
+nsSetGlbMngProtDist OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Protocol Distribution in global management service."
+ ::= { nsSetGlbMngSetting 1 }
+
+nsSetGlbMngEthStatis OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Ethernet Statistics in global management service."
+ ::= { nsSetGlbMngSetting 2 }
+
+nsSetGlbMngAttStatis OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Attack Statistics in global management service."
+ ::= { nsSetGlbMngSetting 3 }
+
+nsSetGlbMngPlyStatis OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Policy Statistics in global management service."
+ ::= { nsSetGlbMngSetting 4 }
+
+nsSetGlbMngFlowStatis OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Flow Statistics in global management service."
+ ::= { nsSetGlbMngSetting 5 }
+
+nsSetGlbMngTrafAlm OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Traffic Alarms in global management service."
+ ::= { nsSetGlbMngSetting 6 }
+
+nsSetGlbMngAttAlm OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Attack Alarms in global management service."
+ ::= { nsSetGlbMngSetting 7 }
+
+nsSetGlbMngEvtAlm OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Event Alarms in global management service."
+ ::= { nsSetGlbMngSetting 8 }
+
+nsSetGlbMngCfgLog OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Configuration Logs in global management service."
+ ::= { nsSetGlbMngSetting 9 }
+
+nsSetGlbMngTrafLog OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Traffic Logs in global management service."
+ ::= { nsSetGlbMngSetting 10 }
+
+nsSetGlbMngInfoLog OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Information Logs in global management service."
+ ::= { nsSetGlbMngSetting 11 }
+
+nsSetGlbMngSelfLog OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Self Logs in global management service."
+ ::= { nsSetGlbMngSetting 12 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-LOG-MIB b/MIBS/screenos/NETSCREEN-SET-LOG-MIB
new file mode 100644
index 0000000..83c3c78
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-LOG-MIB
@@ -0,0 +1,197 @@
+-- This module defines enterprise MIBs for syslog setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-LOG-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetLogMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ syslog setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 8 }
+
+nsSetLog OBJECT IDENTIFIER ::= { netscreenSetting 8 }
+
+nsSetLogEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Syslog messages"
+ ::= { nsSetLog 1 }
+
+nsSetLogVPNEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure syslog message traffic using VPN encryption"
+ ::= { nsSetLog 2 }
+
+nsSetLogTraffic OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Including traffic log when recording administration log"
+ ::= { nsSetLog 3 }
+
+nsSetLogHostName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "syslog server name or ip address"
+ ::= { nsSetLog 4 }
+
+nsSetLogPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "syslog server port number"
+ ::= { nsSetLog 5 }
+
+nsSetLogSecFacility OBJECT-TYPE
+ SYNTAX INTEGER {
+ local0(16),
+ local1(17),
+ local2(18),
+ local3(19),
+ local4(20),
+ local5(21),
+ local6(22),
+ local7(23),
+ auth-sec(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Security Facility of syslog server"
+ ::= { nsSetLog 6 }
+
+nsSetLogFacility OBJECT-TYPE
+ SYNTAX INTEGER {
+ local0(16),
+ local1(17),
+ local2(18),
+ local3(19),
+ local4(20),
+ lcoal5(21),
+ local6(22),
+ loca7(23),
+ auth-sec(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Facility of syslog server"
+ ::= { nsSetLog 7 }
+
+nsSetLogLevel OBJECT-TYPE
+ SYNTAX INTEGER {
+ emergency(0),
+ aleart(1),
+ critical(2),
+ error(3),
+ warning(4),
+ notice(5),
+ info(6),
+ debug(7)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Only log messages with a priority level of
+ EMERGENCY/ALERT/CRITICAL/ERROR/WARNING/NOTICE/INFO/DEBUG or
+ higher"
+ ::= { nsSetLog 8 }
+
+nsSetLogWebTrendsEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable WebTrends Firewall syslog report."
+ ::= { nsSetLog 9 }
+
+nsSetLogWebTrendsVPNEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure WebTrends message via VPN encryption"
+ ::= { nsSetLog 10 }
+
+nsSetLogWebTrendsHostName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "WebTrends Host Name"
+ ::= { nsSetLog 11 }
+
+nsSetLogWebTrendsPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "WebTrends Host Port"
+ ::= { nsSetLog 12 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-SNMP-MIB b/MIBS/screenos/NETSCREEN-SET-SNMP-MIB
new file mode 100644
index 0000000..46bf1bd
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-SNMP-MIB
@@ -0,0 +1,176 @@
+-- This module defines enterprise MIBs for SNMP setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-SNMP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetSnmpMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ SNMP setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311100000Z" -- November 10, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 9 }
+
+NsSetSnmpCommHostEntry ::= SEQUENCE
+{
+ nsSetSnmpCommHostIndex Integer32,
+ nsSetSnmpCommunity DisplayString,
+ nsSetSnmpHostInComm IpAddress,
+ nsSetSnmpWritePermit INTEGER,
+ nsSetSnmpTrapPermit INTEGER,
+ nsSetSnmpTrafficAlarmPermit INTEGER
+}
+
+nsSetSNMP OBJECT IDENTIFIER ::= { netscreenSetting 9 }
+
+nsSetSnmpSysName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SNMP agent's sysname."
+ ::= { nsSetSNMP 1 }
+
+nsSetSnmpContact OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "contact name."
+ ::= { nsSetSNMP 2 }
+
+nsSetSnmpLocation OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SNMP agent Location."
+ ::= { nsSetSNMP 3 }
+
+nsSetSnmpVPNEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure SNMP traffic via VPN encryption"
+ ::= { nsSetSNMP 4 }
+
+nsSetSnmpCommHostTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetSnmpCommHostEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The snmp community and host table"
+ ::= { nsSetSNMP 5 }
+
+nsSetSnmpCommHostEntry OBJECT-TYPE
+ SYNTAX NsSetSnmpCommHostEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing community and hosts information"
+ INDEX
+ { nsSetSnmpCommHostIndex }
+ ::= { nsSetSnmpCommHostTable 1 }
+
+nsSetSnmpCommHostIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for snmp community & host table. Its value
+ ranges between 0 and 65535 and may not be contiguous."
+ ::= { nsSetSnmpCommHostEntry 1 }
+
+nsSetSnmpCommunity OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SNMP community name."
+ ::= { nsSetSnmpCommHostEntry 2 }
+
+nsSetSnmpHostInComm OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SNMP host ip address."
+ ::= { nsSetSnmpCommHostEntry 3 }
+
+nsSetSnmpWritePermit OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Permission to write."
+ ::= { nsSetSnmpCommHostEntry 4 }
+
+nsSetSnmpTrapPermit OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Permission to receive trap."
+ ::= { nsSetSnmpCommHostEntry 5 }
+
+nsSetSnmpTrafficAlarmPermit OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Permission of including traffic alarm in trap."
+ ::= { nsSetSnmpCommHostEntry 6 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB b/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB
new file mode 100644
index 0000000..bcde7d4
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-SYSTIME-MIB
@@ -0,0 +1,102 @@
+-- This module defines enterprise MIBs for time and NTP setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-SYSTIME-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ ;
+
+netscreenSetSystimeMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ NTP setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311120000Z" -- November 12, 2003
+ DESCRIPTION
+ "Correct wrong title"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 6 }
+
+nsSetSysTime OBJECT IDENTIFIER ::= { netscreenSetting 6 }
+
+nsSetSysTimeGmtOffset OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "GMT time offset of system time"
+ ::= { nsSetSysTime 1 }
+
+nsSetSysTimeDaySaving OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "enable daylight time saving method."
+ ::= { nsSetSysTime 2 }
+
+nsSetSysTimeNTP OBJECT IDENTIFIER ::= { nsSetSysTime 3 }
+
+nsSetNtpEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Network Time Protocol"
+ ::= { nsSetSysTimeNTP 1 }
+
+nsSetNtpServer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Network Time Server ip"
+ ::= { nsSetSysTimeNTP 2 }
+
+nsSetNtpUpdateInterval OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "If NetScreen device use NTP to get system time. This object
+ indicate the update system clock time interval."
+ ::= { nsSetSysTimeNTP 3 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB b/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB
new file mode 100644
index 0000000..f8326ec
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-URL-FILTER-MIB
@@ -0,0 +1,133 @@
+-- This module defines enterprise MIBs for URL filtering
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-URL-FILTER-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetUrlFilterMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the configuration info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311120000Z" -- November 12, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No Comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 4 }
+
+nsSetURLFilter OBJECT IDENTIFIER ::= { netscreenSetting 4 }
+
+nsSetUrlFilterViaWebsense OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable URL Filtering via Websense Server."
+ ::= { nsSetURLFilter 1 }
+
+nsSetUrlServerName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Websense Server Name."
+ ::= { nsSetURLFilter 2 }
+
+nsSetUrlServerPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Websense Server Port."
+ ::= { nsSetURLFilter 3 }
+
+nsSetUrlCommTimeout OBJECT-TYPE
+ SYNTAX INTEGER (0..240)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Communication timeout threshold of url filtering."
+ ::= { nsSetURLFilter 4 }
+
+nsSetUrlServerStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ not-applicable(0),
+ running(1),
+ down(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Current server status."
+ ::= { nsSetURLFilter 5 }
+
+nsSetUrlSerLostHdlWay OBJECT-TYPE
+ SYNTAX INTEGER {
+ block-all(0),
+ permit-all(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "If connectivity to the Websense server is lost, the way of
+ handling HTTP requests."
+ ::= { nsSetURLFilter 6 }
+
+nsSetUrlBlockMsgType OBJECT-TYPE
+ SYNTAX INTEGER {
+ websense(0),
+ netscreen(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "URL filter block message type."
+ ::= { nsSetURLFilter 7 }
+
+nsSetUrlNsBlockMsg OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..220))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "NetScreen device block message."
+ ::= { nsSetURLFilter 8 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SET-WEB-MIB b/MIBS/screenos/NETSCREEN-SET-WEB-MIB
new file mode 100644
index 0000000..ddec597
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SET-WEB-MIB
@@ -0,0 +1,150 @@
+-- This module defines enterprise MIBs for NS web setting
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SET-WEB-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenSetting, netscreenSettingMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenSetWebMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ NS web setting"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311120000Z" -- November 12, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No comment"
+ REVISION "200105270000Z" -- May 27, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenSettingMibModule 12 }
+
+NsSetWebUICfgEntry ::= SEQUENCE
+{
+ nsSetWebVsys Integer32,
+ nsSetWebIdleTimeout INTEGER,
+ nsSetWebTimeout Integer32,
+ nsSetWebPort Integer32,
+ nsSetWebSSLPort Integer32,
+ nsSetWebSSLCertificate DisplayString,
+ nsSetWebSSLCipher INTEGER
+}
+
+nsSetWebUI OBJECT IDENTIFIER ::= { netscreenSetting 12 }
+
+nsSetWebUICfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsSetWebUICfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen devices provide WebUI for easy administration. This
+ table collects admin settings relating to WebUI."
+ ::= { nsSetWebUI 1 }
+
+nsSetWebUICfgEntry OBJECT-TYPE
+ SYNTAX NsSetWebUICfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing WebUI admin configuration."
+ INDEX
+ { nsSetWebVsys }
+ ::= { nsSetWebUICfgTable 1 }
+
+nsSetWebVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system name the configuration belongs to. Also used as
+ table index."
+ ::= { nsSetWebUICfgEntry 1 }
+
+nsSetWebIdleTimeout OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Web Management Idle Timeout"
+ ::= { nsSetWebUICfgEntry 2 }
+
+nsSetWebTimeout OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Web Management Idle Timeout Setting"
+ ::= { nsSetWebUICfgEntry 3 }
+
+nsSetWebPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Web Management Http port number setting."
+ ::= { nsSetWebUICfgEntry 4 }
+
+nsSetWebSSLPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Web Management http ssl port number setting."
+ ::= { nsSetWebUICfgEntry 5 }
+
+nsSetWebSSLCertificate OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SSL certificate web management."
+ ::= { nsSetWebUICfgEntry 6 }
+
+nsSetWebSSLCipher OBJECT-TYPE
+ SYNTAX INTEGER {
+ rc4-md5(0),
+ rc4-40-md5(1),
+ des-sha(2),
+ triple-des-sha(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Web Management via SSL cipher algorithm"
+ ::= { nsSetWebUICfgEntry 7 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-SMI b/MIBS/screenos/NETSCREEN-SMI
new file mode 100644
index 0000000..7b17d9a
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-SMI
@@ -0,0 +1,97 @@
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-SMI DEFINITIONS ::= BEGIN
+
+IMPORTS
+ MODULE-IDENTITY, enterprises
+ FROM SNMPv2-SMI
+ ;
+
+-- netscreenSmiMibModule MODULE-IDENTITY
+
+ netscreen MODULE-IDENTITY
+ LAST-UPDATED "200408310000Z" -- Aug 31, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "Modified SMI Mib Module"
+ REVISION "200408310000Z" -- Aug 31, 2004
+ DESCRIPTION
+ "SMI Mib"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No comment"
+ REVISION "200008020000Z" -- August 02, 2000
+ DESCRIPTION
+ "Creation Date"
+-- ::= { netscreen 50 }
+ ::= { enterprises 3224 }
+
+-- netscreen OBJECT IDENTIFIER ::= { enterprises 3224 }
+
+netscreenTrap OBJECT IDENTIFIER ::= { netscreen 0 }
+
+netscreenProducts OBJECT IDENTIFIER ::= { netscreen 1 }
+
+netscreenTrapInfo OBJECT IDENTIFIER ::= { netscreen 2 }
+
+netscreenIDS OBJECT IDENTIFIER ::= { netscreen 3 }
+
+netscreenVpn OBJECT IDENTIFIER ::= { netscreen 4 }
+
+netscreenQos OBJECT IDENTIFIER ::= { netscreen 5 }
+
+netscreenNsrp OBJECT IDENTIFIER ::= { netscreen 6 }
+
+netscreenSetting OBJECT IDENTIFIER ::= { netscreen 7 }
+
+netscreenZone OBJECT IDENTIFIER ::= { netscreen 8 }
+
+netscreenInterface OBJECT IDENTIFIER ::= { netscreen 9 }
+
+netscreenPolicy OBJECT IDENTIFIER ::= { netscreen 10 }
+
+netscreenNAT OBJECT IDENTIFIER ::= { netscreen 11 }
+
+netscreenAddr OBJECT IDENTIFIER ::= { netscreen 12 }
+
+netscreenService OBJECT IDENTIFIER ::= { netscreen 13 }
+
+netscreenSchedule OBJECT IDENTIFIER ::= { netscreen 14 }
+
+netscreenVsys OBJECT IDENTIFIER ::= { netscreen 15 }
+
+netscreenResource OBJECT IDENTIFIER ::= { netscreen 16 }
+
+netscreenIp OBJECT IDENTIFIER ::= { netscreen 17 }
+
+netscreenVR OBJECT IDENTIFIER ::= { netscreen 18 }
+
+netscreenChassis OBJECT IDENTIFIER ::= { netscreen 21 }
+
+netscreenUAC OBJECT IDENTIFIER ::= { netscreen 22 }
+
+netscreenSettingMibModule OBJECT IDENTIFIER ::= { netscreenSetting 0 }
+
+netscreenVpnMibModule OBJECT IDENTIFIER ::= { netscreenVpn 0 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-TRAP-MIB b/MIBS/screenos/NETSCREEN-TRAP-MIB
new file mode 100644
index 0000000..f649398
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-TRAP-MIB
@@ -0,0 +1,548 @@
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-TRAP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenTrap, netscreenTrapInfo
+ FROM NETSCREEN-SMI
+ MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenTrapMibModule MODULE-IDENTITY
+ LAST-UPDATED "200503032022Z" -- March 03, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "Added trap types 15, it is still in use"
+ REVISION "200803170000Z" -- Mar 17, 2008
+ DESCRIPTION
+ "Added 5 new trap types - 800-804. Removed 1000."
+ REVISION "200510170000Z" -- Oct 17, 2005
+ DESCRIPTION
+ "Added 4 new trap types - ipv6 ip conflicts(101), dip util raise(102) and clear(103),
+ ids-icmp-ping-id-zero(441)."
+ REVISION "200503030000Z" -- March 03, 2005
+ DESCRIPTION
+ "Trap MIB"
+ REVISION "200409100000Z" -- Sep 10, 2004
+ DESCRIPTION
+ "Removed nsTrapType 3, 15,18,19 and 1000"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200401230000Z" -- January 23, 2004
+ DESCRIPTION
+ "Add new traps (430~434)"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "Add global-report manager specific trap"
+ REVISION "200008020000Z" -- August 02, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenTrapInfo 0 }
+
+netscreenTrapHw NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that some kind of hardware problem has
+ occured."
+ ::= { netscreenTrap 100 }
+
+netscreenTrapFw NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that some kind of firewall functions has
+ been triggered."
+ ::= { netscreenTrap 200 }
+
+netscreenTrapSw NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that some kind of software problem has
+ occured."
+ ::= { netscreenTrap 300 }
+
+netscreenTrapTrf NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that some kind of traffic conditions has
+ been triggered."
+ ::= { netscreenTrap 400 }
+
+netscreenTrapVpn NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that VPN tunnel status has occured."
+ ::= { netscreenTrap 500 }
+
+netscreenTrapNsrp NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that NSRP status has occured."
+ ::= { netscreenTrap 600 }
+
+netscreenTrapGPRO NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that some kind of Global PRO problems has
+ occurred."
+ ::= { netscreenTrap 700 }
+
+netscreenTrapDrp NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that Drp status has occured."
+ ::= { netscreenTrap 800 }
+
+netscreenTrapIFFailover NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that interface fail over status has
+ occured."
+ ::= { netscreenTrap 900 }
+
+netscreenTrapIDPAttack NOTIFICATION-TYPE
+ OBJECTS
+ { netscreenTrapType, netscreenTrapDesc }
+ STATUS current
+ DESCRIPTION
+ "This trap indicates that IDP attack status has occured."
+ ::= { netscreenTrap 1000 }
+
+netscreenTrapType OBJECT-TYPE
+ SYNTAX INTEGER {
+
+ -- Traffic per-second threshold
+ traffic-sec(1),
+ -- Traffic per-minute threshold
+ traffic-min(2),
+ -- Multiple user auth fail alarm type
+ multi-auth-fail(3),
+ -- Winnuke pak
+ winnuke(4),
+ -- Syn attack
+ syn-attack(5),
+ -- tear-drop attack
+ tear-drop(6),
+ -- Ping of Death attack
+ ping-death(7),
+ -- IP spoofing attack
+ ip-spoofing(8),
+ -- IP source routing attack
+ ip-src-route(9),
+ -- land attack
+ land(10),
+ -- ICMP flooding attack
+ icmp-flood(11),
+ -- UDP flooding attack
+ udp-flood(12),
+ -- Illegal server IP to connect to CMS port
+ illegal-cms-svr(13),
+ -- URL blocking server connection alarm
+ url-block-srv(14),
+ -- high availability
+ high-availability(15),
+ -- Port Scan attack
+ port-scan(16),
+ -- address sweep attack
+ addr-sweep(17),
+ -- deny by policy attack
+ deny-policy(18),
+ -- device is dead
+ device-dead(19)
+ -- memory low
+ low-memory(20),
+ -- DNS server unreachable
+ dns-srv-down(21),
+ -- Fan, Power Supply failure
+ generic-HW-fail(22),
+ -- Load balance server unreachable
+ lb-srv-down(23),
+ -- log buffer overflow
+ log-full(24),
+ -- X509 related
+ x509(25),
+ -- VPN and IKE related
+ vpn-ike(26),
+ -- admin realted
+ admin(27),
+ -- Illegal src ip to connect to sme port
+ sme(28),
+ -- DHCP related
+ dhcp(29),
+ -- CPU usage is high
+ cpu-usage-high(30),
+ -- Interface IP conflict
+ ip-conflict(31),
+ -- Microsoft IIS server vulnerability
+ attact-malicious-url(32),
+ -- session threshold is exceeded
+ session-threshold(33),
+ -- SSH related alarms
+ ssh-alarm(34),
+ -- Audit storage related alarms
+ audit-storage(35),
+ -- memory normal
+ memory-normal(36),
+ -- cpu usage normal
+ cpu-usage-normal(37)
+ -- driver's rx bd shortage
+ rxbd-low-alarm(39),
+ -- VPN tunnel from down to up
+ vpn-tunnel-up(40),
+ -- VPN tunnel from up to down
+ vpn-tunnel-down(41),
+ -- VPN replay detected
+ vpn-replay-attack(42),
+ -- VPN tunnel removed
+ vpn-l2tp-tunnel-remove(43),
+ -- VPN tunnel removed and error detected
+ vpn-l2tp-tunnel-remove-err(44),
+ -- VPN call removed
+ vpn-l2tp-call-remove(45),
+ -- VPN call removed and error detected
+ vpn-l2tp-call-remove-err(46),
+ -- Number of IAS exceeds configured maximum
+ vpn-ias-too-many(47),
+ -- Number of IAS crossed configured upper threshold
+ vpn-ias-over-threshold(48),
+ -- Number of IAS crossed configured lower threshold
+ vpn-ias-under-threshold(49),
+ -- IKE error occured for the IAS session
+ vpn-ias-ike-error(50),
+ -- allocated session exceed threshold
+ allocated-session-threshold(51),
+ -- av-csp related alarm
+ av-csp-alarm(52),
+ -- av related alarm
+ av-alarm(53),
+ -- apppry related alarm
+ apppry-alarm(54),
+ -- NSRP rto self unit status change from up to down
+ nsrp-rto-up(60),
+ -- NSRP rto self unit status change from down to up
+ nsrp-rto-down(61),
+ -- NSRP track ip successed
+ nsrp-trackip-success(62),
+ -- NSRP track ip failed
+ nsrp-trackip-failed(63),
+ -- NSRP track ip fail over
+ nsrp-trackip-failover(64),
+ -- NSRP inconsistent configuration between master and backup
+ nsrp-inconsistent-configuration(65),
+ -- track ip status related alarm
+ trackip-status(66),
+ -- NSRP vsd group status change to elect
+ nsrp-vsd-init(70),
+ -- NSRP vsd group status change to master
+ nsrp-vsd-master(71),
+ -- NSRP vsd group status change to primary backup
+ nsrp-vsd-pbackup(72),
+ -- NSRP vsd group status change to backup
+ nsrp-vsd-backup(73),
+ -- NSRP vsd group status change to ineligible
+ nsrp-vsd-ineligible(74),
+ -- NSRP VSD group status change to inoperable
+ nsrp-vsd-inoperable(75),
+ -- NSRP VSD request heartbeat from 2nd HA path
+ nsrp-vsd-req-hearbeat-2nd(76),
+ -- NSRP VSD reply to 2nd path request
+ nsrp-vsd-reply-2nd(77),
+ -- NSRP duplicated RTO group found
+ nsrp-rto-duplicated(78),
+ -- NSRP duplicated VSD group master
+ ip-dup-master(79),
+ -- MEM cannot find usable memory for current pool
+ di-heap-create-fail(80),
+ -- MEM cannot find usable in any pool
+ mem-alloc-fail(81),
+ -- VRRP status related alarm
+ vrrp-status-alarm(82),
+ -- SCCP related alarm
+ sccp-alarm(83),
+ -- MGCP related alarm
+ mgcp-reinit(84),
+ -- MLFR related alarm
+ mlfr-alarm(85),
+ -- FR related alarm
+ fr-alarm(86),
+ -- CISCO HDLC related alarm
+ cisco-hdlc-alarm(87),
+ -- PPPOW related alarm
+ pppow-alarm(88),
+ -- H323 related alarm
+ h323-alarm(89),
+ -- ISDN related alarm
+ isdn-alarm(90),
+ -- interface backup
+ interface-backup(91),
+ -- Card function is abnormal
+ wan-card-function(92),
+ -- A USB key is plug/unplug from USB port
+ usb-device-operation(93),
+ -- interface failure
+ interface-failure(94),
+ -- No ppp IP pool configured
+ ppp-no-ip-cfg(95),
+ -- IP pool exhausted. No ip to assign
+ ppp-no-ip-in-pool(96),
+ -- Any change to interface IP address can use the type
+ ip-addr-event(101),
+ -- DIP utilization reaches raised threshold limit
+ dip-util-raise(102),
+ -- DIP utilization reaches clear threshold limit
+ dip-util-clear(103),
+ -- DOT1X related alarm
+ dot1x-alarm(105),
+ -- VPN IAS radius error
+ vpn-ias-radius-error(110),
+ -- VPN IKEID enum attack
+ vpn-ikeid-enum-attack(111),
+ -- VPN soft limit reached
+ vpn-softlimit-reached(112),
+ -- VPN IKE dos attack
+ vpn-ikedos-attack(113),
+ -- VPN acvpn profile error
+ vpn-acvpn-profile-error(114),
+ -- exceed maximum routing entry allowed for the system
+ route-sys-entry-ex(200),
+ -- exceed maximum routing entry allowed for a vr
+ route-vr-entry-ex(201),
+ -- exceed the hello packet threshold per hello interval
+ route-ospf-hello-flood(202),
+ -- exceed the lsa packet threshold per lsa threshold
+ route-ospf-lsa-flood(203),
+ -- exceed the update4 packet threshold per update time in rip
+ route-rip-update-flood(204),
+ -- Errors in route module (exceed limit, malloc failure, add-perfix failure etc)
+ route-alarm(205),
+ -- LSA/Hello packets flood in OSPF, route redistribution exceed limit,
+ ospf-flood(206),
+ -- Update packet floods in RIP
+ rip-flood(207),
+ -- Peer forms adjacency completely
+ bgp-established(208),
+ -- Peer's adjacency is torn down, goes to Idle state
+ bgp-backwardtransition(209),
+ -- change in virtual link's state (down, point-to-point etc)
+ ospf-virtifstatechange(210),
+ -- change in neighbor's state on regular interface (down, 2way, full etc)
+ ospf-nbrstatechange(211),
+ -- change in neighbor's state on virtual link (down, full etc)
+ ospf-virtnbrstatechange(212),
+ -- authentication mismatch/area mismatch etc on regular interface
+ ospf-ifconfigerror(213),
+ -- authentication mismatch/area mismatch etc on virtual link
+ ospf-virtifconfigerror(214),
+ -- Authentication eror on regular interface
+ ospf-ifauthfailure(215),
+ -- Authentication eror on virtual link
+ ospf-virtifauthfailure(216),
+ -- lsa received with invalid lsa-type on regular interface
+ ospf-ifrxbadpacket(217),
+ -- lsa received with invalid lsa-type on virtual link
+ ospf-virtifrxbadpacket(218),
+ -- retransmission to neighbor on regular interface
+ ospf-txretransmit(219),
+ -- retransmission to neighbor on virtual link
+ ospf-virtiftxretransmit(220),
+ -- new LSA generated by local router
+ ospf-originatelsa(221),
+ -- LSA aged out
+ ospf-maxagelsa(222),
+ -- when total LSAs in database exceed predefined limit
+ ospf-lsdboverflow(223),
+ -- when total LSAs in database approach predefined limit
+ ospf-lsdbapproachingoverflow(224),
+ -- change in regular interface state (up/down, dr/bdr etc)
+ ospf-ifstatechange(225),
+ -- BGP related alarm
+ bgp-alarm(226),
+ -- packet floods in RIPng
+ ripng-flood(227),
+ -- exceed the update4 packet threshold per update time in ripng
+ route-ripng-update-flood(228),
+ -- PBR related alarm
+ pbr-alarm(229),
+ -- NHRP related alarm
+ nhrp-alarm(230),
+ -- OSPFV3 related alarm
+ ospfv3-alarm(231),
+ -- block java/active-x component
+ ids-component(400),
+ -- icmp flood attack
+ ids-icmp-flood(401),
+ -- udp flood attack
+ ids-udp-flood(402),
+ -- winnuke attack
+ ids-winnuke(403),
+ -- port scan attack
+ ids-port-scan(404),
+ -- address sweep attack
+ ids-addr-sweep(405),
+ -- tear drop attack
+ ids-tear-drop(406),
+ -- syn flood attack
+ ids-syn(407),
+ -- ip spoofing attack
+ ids-ip-spoofing(408),
+ -- ping of death attack
+ ids-ping-death(409),
+ -- filter ip packet with source route option
+ ids-ip-source-route(410),
+ -- land attack
+ ids-land(411),
+ -- screen syn fragment attack
+ syn-frag-attack(412),
+ -- screen tcp packet without flag attack
+ tcp-without-flag(413),
+ -- screen unknown ip packet
+ unknow-ip-packet(414),
+ -- screen bad ip option
+ bad-ip-option(415),
+ -- screen ip option record
+ ip-option-record(416),
+ -- screen ip option timestamp
+ ip-option-timestamp(417),
+ -- screen ip option scht
+ ip-option-scht(418),
+ -- screen ip option lsr
+ ip-option-lsr(419),
+ -- screen ip option ssr
+ ip-option-ssr(420),
+ -- screen ip option stream
+ ip-option-stream(421),
+ -- screen icmp fragment packet
+ icmp-fragment(422),
+ -- screen too large icmp packet
+ too-large-icmp(423),
+ -- screen tcp flag syn-fin set
+ tcp-syn-fin(424),
+ -- screen tcp fin without ack
+ tcp-fin-no-ack(425),
+ -- screen mal url
+ tcp-mal-url(426),
+ -- screen sess mal num
+ tcp-sess-mal-num(427),
+ -- avoid replying to syns after excessive 3 way TCP handshakes from
+ -- same src ip but not proceeding with user auth. (not replying to
+ -- username/password)..
+ ids-tcp-syn-ack-ack(428),
+ -- ip fragment
+ ids-ip-block-frag(429),
+ -- Dst IP-based session limiting
+ dst-ip-session-limit(430),
+ -- HTTP component blocking for .zip files
+ ids-block-zip(431),
+ -- HTTP component blocking for Java applets
+ ids-block-jar(432),
+ -- HTTP component blocking for .exe files
+ ids-block-exe(433),
+ -- HTTP component blocking for ActiveX controls
+ ids-block-activex(434),
+ -- screenos tcp syn mac
+ tcp-syn-mac(435),
+ -- screenos nac attack
+ ids-nac-attack(436),
+ -- icmp ping id 0
+ ids-icmp-ping-id-zero(441),
+ -- tcp sweep
+ tcp-sweep(442),
+ -- udp sweep
+ udp-sweep(443),
+ -- AV Scan Manager Alarm, sofeware trap
+ av-scan-mgr(554),
+ -- starting value for multicast alarm
+ mcast-base(600),
+ -- mcore related alarm
+ mcore-alarm(601),
+ -- spim related alarm
+ spim-alarm(602),
+ -- starting value for Security Module alarm
+ sm-base(700),
+ -- Security Module down detected
+ sm-down(701),
+ -- Security Module packet droped detected
+ sm-packet-drop(702),
+ -- Security Module memory, CPU and session detected
+ sm-overload(703),
+ -- Security Module CPU unresponsive detected
+ sm-cpu-unresponsive(704),
+ -- Security Module Engine unresponisve
+ sm-cpu-unresponsive(705),
+ -- Secruity Module Policy Abnormal
+ sm-policy-abnormal(706),
+ -- switch alarm
+ switch(751),
+ -- sfp alarm
+ sfp(752),
+ --Shared to fair transition forced
+ cpu-limit-s2f-forced(800),
+ --Shared to fair transition auto
+ cpu-limit-s2f-auto(801),
+ --Fair to shared transition forced
+ cpu-limit-f2s-forced(802),
+ --Fair to shared transition because of timeout
+ cpu-limit-f2s-timeout(803),
+ --Fair to shared transition auto
+ cpu-limit-f2s-auto(804),
+ --Flow potential violation
+ sec-potential-voilation(805),
+ --Flow session cache alarm
+ flow-sess-cache(806),
+ --vsys session limit alarm
+ vsys-session-limit(850)
+ }
+ MAX-ACCESS accessible-for-notify
+ STATUS current
+ DESCRIPTION
+ "The integer value of the raised alarm type. Note that the type
+ should be interpreted within a specific trap"
+ ::= { netscreenTrapInfo 1 }
+
+netscreenTrapDesc OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..255))
+ MAX-ACCESS accessible-for-notify
+ STATUS current
+ DESCRIPTION
+ "The textual description of the alarm"
+ ::= { netscreenTrapInfo 3 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-UAC-MIB b/MIBS/screenos/NETSCREEN-UAC-MIB
new file mode 100644
index 0000000..e7de1fd
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-UAC-MIB
@@ -0,0 +1,124 @@
+-- This module defines enterprise MIBs for UACs
+--
+-- Copyright (c) 1999-2010, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-UAC-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenUAC
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenUACMibModule MODULE-IDENTITY
+ LAST-UPDATED "201004140000Z" -- Apr 14, 2010
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ UAC"
+ REVISION "201004140000Z" -- Apr 14, 2010
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenUAC 0 }
+
+
+nsUACActiveUsers OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Active users on this box, base on auth entry from UAC controler"
+ ::= { netscreenUAC 1 }
+
+
+NsUACControlerStatusEntry ::= SEQUENCE
+{
+ nsUACControlerId Integer32,
+ nsUACControlerName DisplayString,
+ nsUACControlerHost DisplayString,
+ nsUACConnectionStatus Integer32
+}
+
+nsUACControlerStatusTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsUACControlerStatusEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen UAC controler status table"
+ ::= { netscreenUAC 2}
+
+nsUACControlerStatusEntry OBJECT-TYPE
+ SYNTAX NsUACControlerStatusEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the table holds a set of configuration
+ parameters associated with an instance of secure UAC."
+ INDEX
+ { nsUACControlerID}
+ ::= { nsUACControlerStatusTable 1 }
+
+nsUACControlerId OBJECT-TYPE
+ SYNTAX Integer32 (1..8)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for UAC table. Its value ranges between 1 and
+ 65535 and may not be contiguous. the index has no other
+ meaning but a pure index"
+ ::= { nsUACControlerStatusEntry 1 }
+
+nsUACControlerName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure UAC name."
+ ::= { nsUACControlerStatusEntry 2 }
+
+
+nsUACControlerHost OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure UAC name."
+ ::= { nsUACControlerStatusEntry 3 }
+
+nsUACConnectionStatus OBJECT-TYPE
+ SYNTAX Integer32 {
+ disconnected(0),
+ connected(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "UAC controler status table"
+ ::= { nsUACControlerStatusEntry 4 }
+
+nsUACGlobalStatus OBJECT-TYPE
+ SYNTAX Integer32 {
+ disconnected(0),
+ connected(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "To indicate whether there is at least one heathy IC-IE connection"
+ ::= { netscreenUAC 3 }
+END
diff --git a/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB b/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB
new file mode 100644
index 0000000..96096bb
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-GATEWAY-MIB
@@ -0,0 +1,240 @@
+-- This module defines enterprise MIBs for Gateway VPN
+-- configuration
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-GATEWAY-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnGatewayMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for Gateway VPN
+ configuration"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation date"
+ ::= { netscreenVpnMibModule 4 }
+
+NsVpnGwEntry ::= SEQUENCE
+{
+ nsVpnGwIndex Integer32,
+ nsVpnGwName DisplayString,
+ nsVpnGwRemoteType INTEGER,
+ nsVpnGwRemoteStaticIp IpAddress,
+ nsVpnGwRemotePeerId DisplayString,
+ nsVpnGwDialup DisplayString,
+ nsVpnGwInitMode INTEGER,
+ nsVpnGwPhOnePropOne DisplayString,
+ nsVpnGwPhOnePropTwo DisplayString,
+ nsVpnGwPhOnePropThree DisplayString,
+ nsVpnGwPhOnePropFour DisplayString,
+ nsVpnGwCertLocal DisplayString,
+ nsVpnGwPeerCa DisplayString,
+ nsVpnGwPeerType INTEGER,
+ nsVpnGwVsys Integer32
+}
+
+nsVpnGateway OBJECT IDENTIFIER ::= { netscreenVpn 4 }
+
+nsVpnGwTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnGwEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Remote tunnel gateway table collects tunnel gateway
+ configurations."
+ ::= { nsVpnGateway 1 }
+
+nsVpnGwEntry OBJECT-TYPE
+ SYNTAX NsVpnGwEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnGwTable holds a set of configuration
+ parameters associated with an instance of tunnel gateway."
+ INDEX
+ { nsVpnGwIndex }
+ ::= { nsVpnGwTable 1 }
+
+nsVpnGwIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for ike gateway table. Its value ranges
+ between 0 and 65535 and may not be contiguous."
+ ::= { nsVpnGwEntry 1 }
+
+nsVpnGwName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Tunnel gateway name."
+ ::= { nsVpnGwEntry 2 }
+
+nsVpnGwRemoteType OBJECT-TYPE
+ SYNTAX INTEGER {
+ static-ip(0),
+ dynamic-ip(1),
+ dialup-user(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote tunnel gateway type.It shows whether the gateway use
+ static ip, dynamic ip or dialup user."
+ ::= { nsVpnGwEntry 3 }
+
+nsVpnGwRemoteStaticIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ip address of static-ip gateway."
+ ::= { nsVpnGwEntry 4 }
+
+nsVpnGwRemotePeerId OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote gateway peer id, which can be used for static-ip and
+ dynamic ip gateway. This is optional for the static-ip
+ gateway."
+ ::= { nsVpnGwEntry 5 }
+
+nsVpnGwDialup OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote gateway dialup user or group"
+ ::= { nsVpnGwEntry 6 }
+
+nsVpnGwInitMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ main(0),
+ aggressive(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 1 can take place in either Main mode or Aggressive
+ mode."
+ ::= { nsVpnGwEntry 7 }
+
+nsVpnGwPhOnePropOne OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 1 Proposal one."
+ ::= { nsVpnGwEntry 8 }
+
+nsVpnGwPhOnePropTwo OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 1 Proposal two."
+ ::= { nsVpnGwEntry 9 }
+
+nsVpnGwPhOnePropThree OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 1 Proposal three."
+ ::= { nsVpnGwEntry 10 }
+
+nsVpnGwPhOnePropFour OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 1 Proposal four."
+ ::= { nsVpnGwEntry 11 }
+
+nsVpnGwCertLocal OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Local Certificate configuration for preferred
+ certification.(optional)"
+ ::= { nsVpnGwEntry 12 }
+
+nsVpnGwPeerCa OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Preferred Peer CA(optional)"
+ ::= { nsVpnGwEntry 13 }
+
+nsVpnGwPeerType OBJECT-TYPE
+ SYNTAX INTEGER {
+ none(0),
+ pkcs7(1),
+ pgp(2),
+ dns(3),
+ x509-sig(4),
+ x509-ke(5),
+ keerberos(6),
+ crl(7),
+ arl(8),
+ spki(9),
+ x509-att(10)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Peer Type(optional)"
+ ::= { nsVpnGwEntry 14 }
+
+nsVpnGwVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this gateway configuration belongs to."
+ ::= { nsVpnGwEntry 15 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-IKE-MIB b/MIBS/screenos/NETSCREEN-VPN-IKE-MIB
new file mode 100644
index 0000000..fb8851a
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-IKE-MIB
@@ -0,0 +1,190 @@
+-- This module defines enterprise MIBs for VPN IKE info
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-IKE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnIkeMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor
+ VPN IKE info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "No comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 3 }
+
+NsVpnIkeEntry ::= SEQUENCE
+{
+ nsVpnIkeIndex Integer32,
+ nsVpnIkeName DisplayString,
+ nsVpnIkeReplayProc INTEGER,
+ nsVpnIkeGWTun DisplayString,
+ nsVpnIkePh2ProOne DisplayString,
+ nsVpnIkePh2ProTwo DisplayString,
+ nsVpnIkePh2ProThree DisplayString,
+ nsVpnIkePh2ProFour DisplayString,
+ nsVpnIkeMonitorEnable INTEGER,
+ nsVpnIkeTransMode INTEGER,
+ nsVpnIkeVsys Integer32
+}
+
+nsVpnIke OBJECT IDENTIFIER ::= { netscreenVpn 3 }
+
+nsVpnIkeTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnIkeEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "IPSec supports the automated generation and negotiation of
+ keys and security associations using the Internet Key
+ Exchange(IKE) protocol. This table collects the IKE
+ configuration in NetScreen device."
+ ::= { nsVpnIke 1 }
+
+nsVpnIkeEntry OBJECT-TYPE
+ SYNTAX NsVpnIkeEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnIkeTable holds a set of configuration
+ parameters associated with an IKE."
+ INDEX
+ { nsVpnIkeIndex }
+ ::= { nsVpnIkeTable 1 }
+
+nsVpnIkeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for ike table. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsVpnIkeEntry 1 }
+
+nsVpnIkeName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Each IKE configuration can have a readable name."
+ ::= { nsVpnIkeEntry 2 }
+
+nsVpnIkeReplayProc OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable Replay Protection"
+ ::= { nsVpnIkeEntry 3 }
+
+nsVpnIkeGWTun OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote Gateway Tunnel Name"
+ ::= { nsVpnIkeEntry 4 }
+
+nsVpnIkePh2ProOne OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 2 Proposal one"
+ ::= { nsVpnIkeEntry 5 }
+
+nsVpnIkePh2ProTwo OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 2 Proposal two"
+ ::= { nsVpnIkeEntry 6 }
+
+nsVpnIkePh2ProThree OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 2 Proposal three"
+ ::= { nsVpnIkeEntry 7 }
+
+nsVpnIkePh2ProFour OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase 2 Proposal four"
+ ::= { nsVpnIkeEntry 8 }
+
+nsVpnIkeMonitorEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable to monitor VPN tunnel's link status."
+ ::= { nsVpnIkeEntry 9 }
+
+nsVpnIkeTransMode OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Transport Mode Enable (For L2TP-over-IPSec only)"
+ ::= { nsVpnIkeEntry 10 }
+
+nsVpnIkeVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys the configuration belongs to."
+ ::= { nsVpnIkeEntry 11 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB b/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB
new file mode 100644
index 0000000..5ffbb9d
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-L2TP-MIB
@@ -0,0 +1,494 @@
+-- This module defines enterprise MIBs for L2tp configuration.
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-L2TP-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnL2tpMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for L2tp
+ configuration."
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200008270000Z" -- August 27, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 8 }
+
+NsVpnL2tpDefEntry ::= SEQUENCE
+{
+ nsVpnL2tpDefVsys Integer32,
+ nsVpnL2tpDefPool DisplayString,
+ nsVpnL2tpDefAuthDb INTEGER,
+ nsVpnL2tpDefPPPAuth INTEGER,
+ nsVpnL2tpDefRadServer DisplayString,
+ nsVpnL2tpDefPriDns IpAddress,
+ nsVpnL2tpDefSecDns IpAddress,
+ nsVpnL2tpDefPriWins IpAddress,
+ nsVpnL2tpDefSecWins IpAddress
+}
+
+NsVpnL2tpTunnelEntry ::= SEQUENCE
+{
+ nsVpnL2tpTunIndex Integer32,
+ nsVpnL2tpTunId Integer32,
+ nsVpnL2tpTunName DisplayString,
+ nsVpnL2tpTunUsrOrGroup DisplayString,
+ nsVpnL2tpTunPeerIp IpAddress,
+ nsVpnL2tpTunHost DisplayString,
+ nsVpnL2tpTunKeepAlive Integer32,
+ nsVpnL2tpTunVsys Integer32
+}
+
+nsVpnL2TP OBJECT IDENTIFIER ::= { netscreenVpn 8 }
+
+nsVpnL2tpDefTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnL2tpDefEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the configuration attributes for
+ NetScreen L2TP tunnel."
+ ::= { nsVpnL2TP 1 }
+
+nsVpnL2tpDefEntry OBJECT-TYPE
+ SYNTAX NsVpnL2tpDefEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnL2tpDefEntry holds a set of
+ configuration parameters associated with an instance of L2TP
+ configuration."
+ INDEX
+ { nsVpnL2tpDefVsys }
+ ::= { nsVpnL2tpDefTable 1 }
+
+nsVpnL2tpDefVsys OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "virtual system id"
+ ::= { nsVpnL2tpDefEntry 1 }
+
+nsVpnL2tpDefPool OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IP pool used by the default L2TP setting."
+ ::= { nsVpnL2tpDefEntry 2 }
+
+nsVpnL2tpDefAuthDb OBJECT-TYPE
+ SYNTAX INTEGER {
+ local(0),
+ radius(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "l2tp authentication database."
+ ::= { nsVpnL2tpDefEntry 3 }
+
+nsVpnL2tpDefPPPAuth OBJECT-TYPE
+ SYNTAX INTEGER {
+ pap(1),
+ chap(2),
+ any(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "l2tp PPP authentication algorithm."
+ ::= { nsVpnL2tpDefEntry 4 }
+
+nsVpnL2tpDefRadServer OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "l2tp RADIUS Server's IP address or name."
+ ::= { nsVpnL2tpDefEntry 5 }
+
+nsVpnL2tpDefPriDns OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DNS Primary Server's IP address."
+ ::= { nsVpnL2tpDefEntry 6 }
+
+nsVpnL2tpDefSecDns OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DNS Secondary Server's IP address."
+ ::= { nsVpnL2tpDefEntry 7 }
+
+nsVpnL2tpDefPriWins OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "WINS Primary Server's IP address."
+ ::= { nsVpnL2tpDefEntry 8 }
+
+nsVpnL2tpDefSecWins OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "WINS Secondary Server's IP address."
+ ::= { nsVpnL2tpDefEntry 9 }
+
+nsVpnL2tpTunnelTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnL2tpTunnelEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the configuration attributes for
+ NetScreen L2TP tunnel."
+ ::= { nsVpnL2TP 2 }
+
+nsVpnL2tpTunnelEntry OBJECT-TYPE
+ SYNTAX NsVpnL2tpTunnelEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnL2tpTunnelTable holds a set of
+ configuration parameters associated with an instance of L2TP
+ tunnel."
+ INDEX
+ { nsVpnL2tpTunIndex }
+ ::= { nsVpnL2tpTunnelTable 1 }
+
+nsVpnL2tpTunIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for l2tp tunnel table. Its value ranges
+ between 0 and 65535 and may not be contigous."
+ ::= { nsVpnL2tpTunnelEntry 1 }
+
+nsVpnL2tpTunId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "l2tp tunnel id."
+ ::= { nsVpnL2tpTunnelEntry 2 }
+
+nsVpnL2tpTunName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "l2tp tunnel name."
+ ::= { nsVpnL2tpTunnelEntry 3 }
+
+nsVpnL2tpTunUsrOrGroup OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Dialup user or group using this l2tp tunnel."
+ ::= { nsVpnL2tpTunnelEntry 4 }
+
+nsVpnL2tpTunPeerIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel peer's IP address."
+ ::= { nsVpnL2tpTunnelEntry 5 }
+
+nsVpnL2tpTunHost OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel's host name."
+ ::= { nsVpnL2tpTunnelEntry 6 }
+
+nsVpnL2tpTunKeepAlive OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Keep alive time threshold for a l2tp tunnel."
+ ::= { nsVpnL2tpTunnelEntry 7 }
+
+nsVpnL2tpTunVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this tunnel belongs to"
+ ::= { nsVpnL2tpTunnelEntry 8 }
+
+ -- VPN L2tp Monitoring Tunnel Table
+
+nsVpnL2tpMonTunnelTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnL2tpMonTunnelEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the monitoring attributes for NetScreen
+ L2TP tunnel."
+ ::= { nsVpnL2TP 3 }
+
+nsVpnL2tpMonTunnelEntry OBJECT-TYPE
+ SYNTAX NsVpnL2tpMonTunnelEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnL2tpMonTunnelTable holds a set of monitoring
+ parameters associated with an instance of L2TP tunnel."
+ INDEX
+ { nsVpnL2tpMonTunId }
+ ::= { nsVpnL2tpMonTunnelTable 1 }
+
+NsVpnL2tpMonTunnelEntry ::= SEQUENCE
+{
+ nsVpnL2tpMonTunId Integer32,
+ nsVpnL2tpMonTunPeerId Integer32,
+ nsVpnL2tpMonTunName DisplayString,
+ nsVpnL2tpMonTunPeerIp IpAddress,
+ nsVpnL2tpMonTunPort Integer32,
+ nsVpnL2tpMonTunPeerHost DisplayString,
+ nsVpnL2tpMonTunCalls Integer32,
+ nsVpnL2tpMonTunState INTEGER,
+ nsVpnL2tpMonTunVsys Integer32
+}
+
+nsVpnL2tpMonTunId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel id. Its value ranges between 1 and 65535 and may
+ not be contigous."
+ ::= { nsVpnL2tpMonTunnelEntry 1 }
+
+nsVpnL2tpMonTunPeerId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel peer id."
+ ::= { nsVpnL2tpMonTunnelEntry 2 }
+
+nsVpnL2tpMonTunName OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel name."
+ ::= { nsVpnL2tpMonTunnelEntry 3 }
+
+nsVpnL2tpMonTunPeerIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel peer's IP address."
+ ::= { nsVpnL2tpMonTunnelEntry 4 }
+
+nsVpnL2tpMonTunPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel port number."
+ ::= { nsVpnL2tpMonTunnelEntry 5 }
+
+nsVpnL2tpMonTunPeerHost OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel peer's host name."
+ ::= { nsVpnL2tpMonTunnelEntry 6 }
+
+nsVpnL2tpMonTunCalls OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Total calls for this tunnel."
+ ::= { nsVpnL2tpMonTunnelEntry 7 }
+
+nsVpnL2tpMonTunState OBJECT-TYPE
+ SYNTAX INTEGER {
+ idle(1),
+ wait-reply(2),
+ wait-conn(3),
+ establish(4),
+ dead(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel state."
+ ::= { nsVpnL2tpMonTunnelEntry 8 }
+
+nsVpnL2tpMonTunVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this tunnel belongs to"
+ ::= { nsVpnL2tpMonTunnelEntry 9 }
+
+
+-- VPN L2tp Monitoring Call Table
+
+nsVpnL2tpMonCallTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnL2tpMonCallEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the monitoring attributes for NetScreen
+ L2TP calls."
+ ::= { nsVpnL2TP 4 }
+
+nsVpnL2tpMonCallEntry OBJECT-TYPE
+ SYNTAX NsVpnL2tpMonCallEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnL2tpMonCallTable holds a set of monitoring
+ parameters associated with an instance of L2TP tunnel and call id."
+ INDEX
+ { nsVpnL2tpMonCallTunId, nsVpnL2tpMonCallId }
+ ::= { nsVpnL2tpMonCallTable 1 }
+
+NsVpnL2tpMonCallEntry ::= SEQUENCE
+{
+ nsVpnL2tpMonCallTunId Integer32,
+ nsVpnL2tpMonCallId Integer32,
+ nsVpnL2tpMonCallPeerId Integer32,
+ nsVpnL2tpMonCallIp IpAddress,
+ nsVpnL2tpMonCallUser DisplayString,
+ nsVpnL2tpMonCallType INTEGER,
+ nsVpnL2tpMonCallState INTEGER,
+ nsVpnL2tpMonCallEstTime TimeTicks,
+ nsVpnL2tpMonCallVsys Integer32
+}
+
+nsVpnL2tpMonCallTunId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp tunnel id. Its value ranges between 1 and 65535 and may not
+ be contigous."
+ ::= { nsVpnL2tpMonCallEntry 1 }
+
+nsVpnL2tpMonCallId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call id."
+ ::= { nsVpnL2tpMonCallEntry 2 }
+
+nsVpnL2tpMonCallPeerId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call peer id."
+ ::= { nsVpnL2tpMonCallEntry 3 }
+
+nsVpnL2tpMonCallIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call assigned IP address."
+ ::= { nsVpnL2tpMonCallEntry 4 }
+
+nsVpnL2tpMonCallUser OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call user name."
+ ::= { nsVpnL2tpMonCallEntry 5 }
+
+nsVpnL2tpMonCallType OBJECT-TYPE
+ SYNTAX INTEGER {
+ none(1),
+ incoming(2),
+ outgoing(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Call type."
+ ::= { nsVpnL2tpMonCallEntry 6 }
+
+nsVpnL2tpMonCallState OBJECT-TYPE
+ SYNTAX INTEGER {
+ idle(1),
+ wait-conn(2),
+ establish(3),
+ wait-tunnel(4),
+ wait-reply(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call state."
+ ::= { nsVpnL2tpMonCallEntry 7 }
+
+nsVpnL2tpMonCallEstTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2tp call establish time. This is the sysUptime when
+ the call was established"
+ ::= { nsVpnL2tpMonCallEntry 8 }
+
+nsVpnL2tpMonCallVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual system this tunnel belongs to"
+ ::= { nsVpnL2tpMonCallEntry 9 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB b/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB
new file mode 100644
index 0000000..0392b30
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-MANUAL-MIB
@@ -0,0 +1,219 @@
+-- This module defines enterprise MIBs for VPN Manual Key
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-MANUAL-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnManualMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for VPN Manual
+ Key"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200205210000Z" -- May 21, 2002
+ DESCRIPTION
+ "Zwang add sha-256 in nsVpnManualKeyEspAuthAlg"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 2 }
+
+NsVpnManualKeyEntry ::= SEQUENCE
+{
+ nsVpnManualKeyIndex Integer32,
+ nsVpnManualKeyTunName DisplayString,
+ nsVpnManualKeyGW IpAddress,
+ nsVpnManualKeySILocal Integer32,
+ nsVpnManualKeySIRemote Integer32,
+ nsVpnManualKeyTunnelType INTEGER,
+ nsVpnManualKeyEspEncAlg INTEGER,
+ nsVpnManualKeyEspAuthAlg INTEGER,
+ nsVpnManualKeyAhHash INTEGER,
+ nsVpnManualKeyMonitorEnable INTEGER,
+ nsVpnManualKeyTunToTrust INTEGER,
+ nsVpnManualKeyVsys Integer32
+}
+
+nsVpnManualKey OBJECT IDENTIFIER ::= { netscreenVpn 2 }
+
+nsVpnManualKeyTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnManualKeyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the configuration attributes for
+ NetScreen device's manual key setting."
+ ::= { nsVpnManualKey 1 }
+
+nsVpnManualKeyEntry OBJECT-TYPE
+ SYNTAX NsVpnManualKeyEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnManualKeyTable holds a set of
+ configuration parameters associated with an instance of manual
+ key."
+ INDEX
+ { nsVpnManualKeyIndex }
+ ::= { nsVpnManualKeyTable 1 }
+
+nsVpnManualKeyIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for manual key table. Its value ranges between
+ 0 and 65535 and may not be contiguous."
+ ::= { nsVpnManualKeyEntry 1 }
+
+nsVpnManualKeyTunName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VPN tunnel name that uses this manual key configuration."
+ ::= { nsVpnManualKeyEntry 2 }
+
+nsVpnManualKeyGW OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VPN tunnel peer gateway IP address."
+ ::= { nsVpnManualKeyEntry 3 }
+
+nsVpnManualKeySILocal OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Local Security Index."
+ ::= { nsVpnManualKeyEntry 4 }
+
+nsVpnManualKeySIRemote OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote Security Index."
+ ::= { nsVpnManualKeyEntry 5 }
+
+nsVpnManualKeyTunnelType OBJECT-TYPE
+ SYNTAX INTEGER {
+ esp(0),
+ ah(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VPN tunnel type."
+ ::= { nsVpnManualKeyEntry 6 }
+
+nsVpnManualKeyEspEncAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ des-cbc(1),
+ tripple-des-cbc(2),
+ aes-cbc(3),
+ aes-192(4),
+ aes-256(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ESP Encryption Algorithm when manual key vpn tunnel type is
+ ESP."
+ ::= { nsVpnManualKeyEntry 7 }
+
+nsVpnManualKeyEspAuthAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2),
+ sha256(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ESP Authentication Algorithm when manual key vpn tunnel type
+ is ESP."
+ ::= { nsVpnManualKeyEntry 8 }
+
+nsVpnManualKeyAhHash OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "AH Hash Algorithm when manual key vpn tunnel type is AH."
+ ::= { nsVpnManualKeyEntry 9 }
+
+nsVpnManualKeyMonitorEnable OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable monitor vpn tunnel's link status."
+ ::= { nsVpnManualKeyEntry 10 }
+
+nsVpnManualKeyTunToTrust OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Tunnel to Trusted Interface"
+ ::= { nsVpnManualKeyEntry 11 }
+
+nsVpnManualKeyVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this vpn manual key setting belongs to."
+ ::= { nsVpnManualKeyEntry 12 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-MON-MIB b/MIBS/screenos/NETSCREEN-VPN-MON-MIB
new file mode 100644
index 0000000..ea6644c
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-MON-MIB
@@ -0,0 +1,537 @@
+-- This module defines enterprise MIBs for VPN tunnel monitoring
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-MON-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Counter32, Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE,
+ TimeTicks
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnMonMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor VPN
+ tunnels"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200008270000Z" -- August 27, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 1 }
+
+NsVpnMonEntry ::= SEQUENCE
+{
+ nsVpnMonIndex Integer32,
+ nsVpnMonInPlyId Integer32,
+ nsVpnMonOutPlyId Integer32,
+ nsVpnMonVpnName DisplayString,
+ nsVpnMonVsysName DisplayString,
+ nsVpnMonTunnelType INTEGER,
+ nsVpnMonEspEncAlg INTEGER,
+ nsVpnMonEspAuthAlg INTEGER,
+ nsVpnMonAhAlg INTEGER,
+ nsVpnMonKeyType INTEGER,
+ nsVpnMonP1Auth INTEGER,
+ nsVpnMonVpnType INTEGER,
+ nsVpnMonRmtGwIp IpAddress,
+ nsVpnMonRmtGwId DisplayString,
+ nsVpnMonMyGwIp IpAddress,
+ nsVpnMonMyGwId DisplayString,
+ nsVpnMonOutSpi Integer32,
+ nsVpnMonInSpi Integer32,
+ nsVpnMonMonState INTEGER,
+ nsVpnMonTunnelState INTEGER,
+ nsVpnMonP1State INTEGER,
+ nsVpnMonP1LifeTime Integer32,
+ nsVpnMonP2State INTEGER,
+ nsVpnMonP2LifeTime Integer32,
+ nsVpnMonP2LifeBytes Integer32,
+ nsVpnMonDelayAvg Integer32,
+ nsVpnMonDelayLast Integer32,
+ nsVpnMonAvail Integer32,
+ nsVpnMonSaId Integer32,
+ nsVpnMonGroupId Integer32,
+ nsVpnMonUsrId Integer32,
+ nsVpnMonStartSessRequestTime TimeTicks,
+ nsVpnMonStartSessEstTime TimeTicks,
+ nsVpnMonEndSessTime TimeTicks,
+ nsVpnMonBytesIn Counter32,
+ nsVpnMonBytesOut Counter32,
+ nsVpnMonPacketsIn Counter32,
+ nsVpnMonPacketsOut Counter32,
+ nsVpnMonIfIndex Integer32,
+ nsVpnMonUpdateTime TimeTicks,
+ nsVpnMonDN DisplayString,
+ nsVpnMonIfInfo Integer32
+}
+
+netscreenVpnMon OBJECT IDENTIFIER ::= { netscreenVpn 1 }
+
+nsVpnMonTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of active VPN tunnel entries."
+ ::= { netscreenVpnMon 1 }
+
+nsVpnMonEntry OBJECT-TYPE
+ SYNTAX NsVpnMonEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A VPN tunnel entry containing attributes for both IKE Phase 1
+ and Phase 2 as well as associated policy"
+ INDEX
+ { nsVpnMonIndex }
+ ::= { nsVpnMonTable 1 }
+
+nsVpnMonIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for each active VPN tunnel. Its value ranges
+ between 1 and 65535 and may not be contiguous. Due to the
+ dynamic nature of active VPN tunnels, the index has no other
+ meaning but a pure index"
+ ::= { nsVpnMonEntry 1 }
+
+nsVpnMonInPlyId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The incoming policy ID for which this tunnel is created for.
+ -1 means no policy associates with this SA."
+ ::= { nsVpnMonEntry 2 }
+
+nsVpnMonOutPlyId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The outgoing policy ID for which this tunnel is created for.
+ -1 means no policy associates with this SA."
+ ::= { nsVpnMonEntry 3 }
+
+nsVpnMonVpnName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A textual string contains information about the VPN entity
+ from which this tunnel was derived."
+ ::= { nsVpnMonEntry 4 }
+
+nsVpnMonVsysName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A textual string contains the Virtual system to which this
+ tunnel belongs."
+ ::= { nsVpnMonEntry 5 }
+
+nsVpnMonTunnelType OBJECT-TYPE
+ SYNTAX INTEGER {
+ reserved(0),
+ proto-isakmp(1),
+ proto-ipsec-ah(2),
+ proto-ipsec-esp(3),
+ proto-ipcomp(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Protocol type used for the tunnel"
+ ::= { nsVpnMonEntry 6 }
+
+nsVpnMonEspEncAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ reserved(0),
+ esp-des-iv64(1),
+ esp-des(2),
+ esp-3des(3),
+ esp-rc5(4),
+ esp-idea(5),
+ esp-cast(6),
+ esp-blowfish(7),
+ esp-3idea(8),
+ esp-des-iv32(9),
+ esp-rc4(10),
+ esp-null(11),
+ esp-aes(12),
+ esp-aes192(20),
+ esp-aes256(21)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "a value which identifies a particular algorithm to be used to
+ provide secrecy protection for ESP."
+ ::= { nsVpnMonEntry 7 }
+
+nsVpnMonEspAuthAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ reserved(0),
+ hmac-md5(1),
+ hmac-sha(2),
+ des-mac(3),
+ ipdk(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The ESP Authentication Algorithm used in the IPsec."
+ ::= { nsVpnMonEntry 8 }
+
+nsVpnMonAhAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ reserved(0),
+ ah-md5(2),
+ ah-sha(3),
+ ah-des(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "a value which identifies a particular algorithm to be used to
+ provide integrity protection for AH."
+ ::= { nsVpnMonEntry 9 }
+
+nsVpnMonKeyType OBJECT-TYPE
+ SYNTAX INTEGER {
+ manual(0),
+ auto-ike(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "a value which identifies a key exchange protocol to be used
+ for the negotiation"
+ ::= { nsVpnMonEntry 10 }
+
+nsVpnMonP1Auth OBJECT-TYPE
+ SYNTAX INTEGER {
+ unused(0),
+ preshared-key(1),
+ dss-Signature(2),
+ rsa-Signature(3),
+ rsa-Encryption1(4),
+ rsa-Encryption2(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "a value which identifies Phase 1 authentication method"
+ ::= { nsVpnMonEntry 11 }
+
+nsVpnMonVpnType OBJECT-TYPE
+ SYNTAX INTEGER {
+ reserved(0),
+ dialup(1),
+ site-to-site(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of this VPN tunnel, either a dialup or site-to-site"
+ ::= { nsVpnMonEntry 12 }
+
+nsVpnMonRmtGwIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The peer Gateway's IP address"
+ ::= { nsVpnMonEntry 13 }
+
+nsVpnMonRmtGwId OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The peer Gateway's ID"
+ ::= { nsVpnMonEntry 14 }
+
+nsVpnMonMyGwIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The local Gateway's IP address"
+ ::= { nsVpnMonEntry 15 }
+
+nsVpnMonMyGwId OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The local Gateway's ID"
+ ::= { nsVpnMonEntry 16 }
+
+nsVpnMonOutSpi OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The SPI for outgoing packets"
+ ::= { nsVpnMonEntry 17 }
+
+nsVpnMonInSpi OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The SPI for incoming packets"
+ ::= { nsVpnMonEntry 18 }
+
+nsVpnMonMonState OBJECT-TYPE
+ SYNTAX INTEGER {
+ off(0),
+ on(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The monitoring status, if it is on, an icmp ping will be sent
+ over the tunnel periodically to test the connectivity and
+ latency"
+ ::= { nsVpnMonEntry 19 }
+
+nsVpnMonTunnelState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down(0),
+ up(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The current tunnel status determined by the icmp ping if The
+ monitoring status is on."
+ ::= { nsVpnMonEntry 20 }
+
+nsVpnMonP1State OBJECT-TYPE
+ SYNTAX INTEGER {
+ inactive(0),
+ active(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IKE's Phase 1 status"
+ ::= { nsVpnMonEntry 21 }
+
+nsVpnMonP1LifeTime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "an active Phase 1 sa's time left before re-key. -1 means
+ unlimited lifetime."
+ ::= { nsVpnMonEntry 22 }
+
+nsVpnMonP2State OBJECT-TYPE
+ SYNTAX INTEGER {
+ inactive(0),
+ active(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IKE's Phase 2 status"
+ ::= { nsVpnMonEntry 23 }
+
+nsVpnMonP2LifeTime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "an active Phase 2 sa's time left before re-key. -1 means
+ unlimited life time."
+ ::= { nsVpnMonEntry 24 }
+
+nsVpnMonP2LifeBytes OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "an active Phase 2 sa's bytes left before re-key. -1 means
+ unlimited life bytes."
+ ::= { nsVpnMonEntry 25 }
+
+nsVpnMonDelayAvg OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "a kind of rolling average of latency, in milliseconds. -1 has
+ no meaning here, which means nsVpnMonDelayAvg has not been
+ calculated yet."
+ ::= { nsVpnMonEntry 26 }
+
+nsVpnMonDelayLast OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "latency in last sample, in milliseconds.
+ -1 means either vpn tunnel is inactive or vpn tunnel monitor is
+ not turned on."
+ ::= { nsVpnMonEntry 27 }
+
+nsVpnMonAvail OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "percentage over 30 samples"
+ ::= { nsVpnMonEntry 28 }
+
+nsVpnMonSaId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "SA identifier, also used as table index"
+ ::= { nsVpnMonEntry 29 }
+
+nsVpnMonGroupId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Group Identifier"
+ ::= { nsVpnMonEntry 30 }
+
+nsVpnMonUsrId OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User Identifier"
+ ::= { nsVpnMonEntry 31 }
+
+nsVpnMonStartSessRequestTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Start Session request timestamp"
+ ::= { nsVpnMonEntry 32 }
+
+nsVpnMonStartSessEstTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Start Session establish timestamp"
+ ::= { nsVpnMonEntry 33 }
+
+nsVpnMonEndSessTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "End Session timestamp [when session terminates]"
+ ::= { nsVpnMonEntry 34 }
+
+nsVpnMonBytesIn OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming bytes through this sa."
+ ::= { nsVpnMonEntry 35 }
+
+nsVpnMonBytesOut OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Outgoing bytes through this sa."
+ ::= { nsVpnMonEntry 36 }
+
+nsVpnMonPacketsIn OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Incoming packets through this sa."
+ ::= { nsVpnMonEntry 37 }
+
+nsVpnMonPacketsOut OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Outgoing packets through this sa."
+ ::= { nsVpnMonEntry 38 }
+
+nsVpnMonIfIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "interface index."
+ ::= { nsVpnMonEntry 39 }
+
+nsVpnMonUpdateTime OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Timestamp [Whenever any member of the row gets updated, the
+ timestamp is updated]"
+ ::= { nsVpnMonEntry 40 }
+
+nsVpnMonDN OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..64))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "DN name"
+ ::= { nsVpnMonEntry 41 }
+
+nsVpnMonIfInfo OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Internal id assigned to this interface. Stays persistent across resets."
+ ::= { nsVpnMonEntry 42 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB b/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB
new file mode 100644
index 0000000..70734c9
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-PHASEONE-MIB
@@ -0,0 +1,186 @@
+-- This module defines enterprise MIBs for VPN Phase 1
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-PHASEONE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnPhaseoneMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for VPN Phase 1"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 5 }
+
+NsVpnPhOneEntry ::= SEQUENCE
+{
+ nsVpnPhOneIndex Integer32,
+ nsVpnPhOneName DisplayString,
+ nsVpnPhOneAuthMethod INTEGER,
+ nsVpnPhOneDhGroup Integer32,
+ nsVpnPhOneEncryp INTEGER,
+ nsVpnPhOneHash INTEGER,
+ nsVpnPhOneLifetime Integer32,
+ nsVpnPhOneLifetimeMeasure INTEGER,
+ nsVpnPhOneVsys Integer32
+}
+
+nsVpnPhaseOneCfg OBJECT IDENTIFIER ::= { netscreenVpn 5 }
+
+nsVpnPhOneTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnPhOneEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "To establish an IKE IPSec tunnel, two phases of negotiation
+ are required. This table specifies the configuration attributes
+ for Phase One negotiation. In Phase 1, the participants
+ establish a secure channel in which to negotiate the IPSec
+ SAs."
+ ::= { nsVpnPhaseOneCfg 1 }
+
+nsVpnPhOneEntry OBJECT-TYPE
+ SYNTAX NsVpnPhOneEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnPhOneTable holds a set of configuration
+ parameters associated with an instance of Phase 1 setting."
+ INDEX
+ { nsVpnPhOneIndex }
+ ::= { nsVpnPhOneTable 1 }
+
+nsVpnPhOneIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for phase one table. Its value ranges between
+ 1 and 65535 and may not be contiguous. The index has no other
+ meaning but a pure index"
+ ::= { nsVpnPhOneEntry 1 }
+
+nsVpnPhOneName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase one proposal name."
+ ::= { nsVpnPhOneEntry 2 }
+
+nsVpnPhOneAuthMethod OBJECT-TYPE
+ SYNTAX INTEGER {
+ preshare(0),
+ rsa-sig(1),
+ dsa-sig(2),
+ rsa-enc(3),
+ rsa-rev(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase one proposal authentication method."
+ ::= { nsVpnPhOneEntry 3 }
+
+nsVpnPhOneDhGroup OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase one proposal Diffie-Hellman exchange group id."
+ ::= { nsVpnPhOneEntry 4 }
+
+nsVpnPhOneEncryp OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ des(1),
+ des3(2),
+ aes(3),
+ aes-192(4),
+ aes-256(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase one proposal encryption exchange id."
+ ::= { nsVpnPhOneEntry 5 }
+
+nsVpnPhOneHash OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase one proposal hash algorithm."
+ ::= { nsVpnPhOneEntry 6 }
+
+nsVpnPhOneLifetime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Lifetime of this phase one setting."
+ ::= { nsVpnPhOneEntry 7 }
+
+nsVpnPhOneLifetimeMeasure OBJECT-TYPE
+ SYNTAX INTEGER {
+ second(0),
+ minute(1),
+ hours(2),
+ days(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "life time measurement."
+ ::= { nsVpnPhOneEntry 8 }
+
+nsVpnPhOneVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this phase one proposal configuration belongs to."
+ ::= { nsVpnPhOneEntry 9 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB b/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB
new file mode 100644
index 0000000..583df99
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-PHASETWO-MIB
@@ -0,0 +1,208 @@
+-- This module defines enterprise MIBs for VPN Phase two
+-- negotiation.
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-PHASETWO-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVpnPhasetwoMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for VPN Phase two
+ negotiation."
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 6 }
+
+NsVpnPhTwoEntry ::= SEQUENCE
+{
+ nsVpnPhTwoIndex Integer32,
+ nsVpnPhTwoName DisplayString,
+ nsVpnPhTwoPFS Integer32,
+ nsVpnPhTwoEncapMethod INTEGER,
+ nsVpnPhTwoESPEncryp INTEGER,
+ nsVpnPhTwoESPAuth INTEGER,
+ nsVpnPhTwoAhAuth INTEGER,
+ nsVpnPhTwoLifetime Integer32,
+ nsVpnPhTwoLifetimeMeasure INTEGER,
+ nsVpnPhTwoLifetimeKb Integer32,
+ nsVpnPhTwoVsys Integer32
+}
+
+nsVpnPhaseTwoCfg OBJECT IDENTIFIER ::= { netscreenVpn 6 }
+
+nsVpnPhTwoTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnPhTwoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "To establish an IKE IPSec tunnel, two phases of negotiation
+ are required. This table specifies the configuration attributes
+ for Phase Two negotiation. In Phase 2, the participants
+ negotiate the IPSec SAs for encrypting and authenticating the
+ ensuing exchanges of user data."
+ ::= { nsVpnPhaseTwoCfg 1 }
+
+nsVpnPhTwoEntry OBJECT-TYPE
+ SYNTAX NsVpnPhTwoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnPhTwoTable holds a set of configuration
+ parameters associated with an instance of Phase 2 setting."
+ INDEX
+ { nsVpnPhTwoIndex }
+ ::= { nsVpnPhTwoTable 1 }
+
+nsVpnPhTwoIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for phase Two table. Its value ranges between
+ 1 and 65535 and may not be contiguous. The index has no other
+ meaning but a pure index"
+ ::= { nsVpnPhTwoEntry 1 }
+
+nsVpnPhTwoName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase two proposal name."
+ ::= { nsVpnPhTwoEntry 2 }
+
+nsVpnPhTwoPFS OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Perfect Forward Secrecy - Diffie-Hellman exchange group."
+ ::= { nsVpnPhTwoEntry 3 }
+
+nsVpnPhTwoEncapMethod OBJECT-TYPE
+ SYNTAX INTEGER {
+ ah(0),
+ esp(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase two proposal encapsulation method."
+ ::= { nsVpnPhTwoEntry 4 }
+
+nsVpnPhTwoESPEncryp OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ des(1),
+ triple-des(2),
+ aes(3),
+ aes-192(4),
+ aes-256(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase two proposal ESP encryption algorithm."
+ ::= { nsVpnPhTwoEntry 5 }
+
+nsVpnPhTwoESPAuth OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2),
+ sha-256(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase two proposal ESP authentication Algorithm."
+ ::= { nsVpnPhTwoEntry 6 }
+
+nsVpnPhTwoAhAuth OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Phase two proposal AH authentication Algorithm."
+ ::= { nsVpnPhTwoEntry 7 }
+
+nsVpnPhTwoLifetime OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Lifetime in time"
+ ::= { nsVpnPhTwoEntry 8 }
+
+nsVpnPhTwoLifetimeMeasure OBJECT-TYPE
+ SYNTAX INTEGER {
+ second(0),
+ minute(1),
+ hours(2),
+ days(3)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "life time measurement."
+ ::= { nsVpnPhTwoEntry 9 }
+
+nsVpnPhTwoLifetimeKb OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Lifetime in KBytes"
+ ::= { nsVpnPhTwoEntry 10 }
+
+nsVpnPhTwoVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this proposal configuration belongs to."
+ ::= { nsVpnPhTwoEntry 11 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VPN-USER-MIB b/MIBS/screenos/NETSCREEN-VPN-USER-MIB
new file mode 100644
index 0000000..f4ae6b6
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VPN-USER-MIB
@@ -0,0 +1,466 @@
+-- This module defines enterprise MIBs for VPN User
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VPN-USER-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVpn, netscreenVpnMibModule
+ FROM NETSCREEN-SMI
+ Integer32, IpAddress, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenUserMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines NetScreen private MIBs for VPN User"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200205050000Z" -- May 05, 2002
+ DESCRIPTION
+ "Add dial-up group type"
+ REVISION "200105140000Z" -- May 14, 2001
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVpnMibModule 10 }
+
+NsVpnAILUsrEntry ::= SEQUENCE
+{
+ nsVpnAILUsrIndex Integer32,
+ nsVpnAILUsrName DisplayString,
+ nsVpnAILUsrGrp DisplayString,
+ nsVpnAILUsrStatus INTEGER,
+ nsVpnAILUsrIKE INTEGER,
+ nsVpnAILUsrIKEIdType INTEGER,
+ nsVpnAILUsrIKEId DisplayString,
+ nsVpnAILUsrAuth INTEGER,
+ nsVpnAILUsrL2TP INTEGER,
+ nsVpnAILUsrL2tpRemoteIp IpAddress,
+ nsVpnAILUsrL2tpIpPool DisplayString,
+ nsVpnAILUsrL2tpIp IpAddress,
+ nsVpnAILUsrL2tpPriDnsIp IpAddress,
+ nsVpnAILUsrL2tpSecDnsIp IpAddress,
+ nsVpnAILUsrL2tpPriWinsIp IpAddress,
+ nsVpnAILUsrL2tpSecWinsIp IpAddress,
+ nsVpnAILUsrVsys Integer32
+}
+
+NsVpnManualKeyUsrEntry ::= SEQUENCE
+{
+ nsVpnManualKeyUsrIndex Integer32,
+ nsVpnManualKeyUsrName DisplayString,
+ nsVpnManualKeyUsrGrp DisplayString,
+ nsVpnManualKeyUsrSILocal Integer32,
+ nsVpnManualKeyUsrSIRemote Integer32,
+ nsVpnManualKeyUsrTunnelType INTEGER,
+ nsVpnManualKeyUsrEspEncAlg INTEGER,
+ nsVpnManualKeyUsrEspAuthAlg INTEGER,
+ nsVpnManualKeyUsrAhHash INTEGER,
+ nsVpnManualKeyUsrVsys Integer32
+}
+
+NsVpnUsrDialupGrpEntry ::= SEQUENCE
+{
+ nsVpnUsrDialupGrpIndex Integer32,
+ nsVpnUsrDialupGrpName DisplayString,
+ nsVpnUsrDialupGrpType INTEGER,
+ nsVpnUsrDialupGrpVsys Integer32
+}
+
+nsVpnUser OBJECT IDENTIFIER ::= { netscreenVpn 10 }
+
+nsVpnUsrDialupGrpTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnUsrDialupGrpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen supports using dialup group to organize vpn
+ user.This table collects the information of dialup group in
+ NetScreen device."
+ ::= { nsVpnUser 1 }
+
+nsVpnUsrDialupGrpEntry OBJECT-TYPE
+ SYNTAX NsVpnUsrDialupGrpEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in this table holds a set of configuration
+ information about dialup group."
+ INDEX
+ { nsVpnUsrDialupGrpIndex }
+ ::= { nsVpnUsrDialupGrpTable 1 }
+
+nsVpnUsrDialupGrpIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for schedule. Its value ranges between 0 and
+ 65535 and may not be contiguous."
+ ::= { nsVpnUsrDialupGrpEntry 1 }
+
+nsVpnUsrDialupGrpName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "dialup user group name."
+ ::= { nsVpnUsrDialupGrpEntry 2 }
+
+nsVpnUsrDialupGrpType OBJECT-TYPE
+ SYNTAX INTEGER {
+ undefined(0),
+ manual(1),
+ ike(2),
+ l2tp(3),
+ xauth(4),
+ auth(5),
+ external(6)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "dial up group type."
+ ::= { nsVpnUsrDialupGrpEntry 3 }
+
+nsVpnUsrDialupGrpVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this group belongs to."
+ ::= { nsVpnUsrDialupGrpEntry 4 }
+
+nsVpnManualKeyUsrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnManualKeyUsrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the configuration attributes for manual
+ key user."
+ ::= { nsVpnUser 2 }
+
+nsVpnManualKeyUsrEntry OBJECT-TYPE
+ SYNTAX NsVpnManualKeyUsrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnManualkeyUsrTable holds a set of
+ configuration parameters associated with an instance of manual
+ key user."
+ INDEX
+ { nsVpnManualKeyUsrIndex }
+ ::= { nsVpnManualKeyUsrTable 1 }
+
+nsVpnManualKeyUsrIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for manual key user table. Its value ranges
+ between 0 and 65535 and may not be contiguous."
+ ::= { nsVpnManualKeyUsrEntry 1 }
+
+nsVpnManualKeyUsrName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User name."
+ ::= { nsVpnManualKeyUsrEntry 2 }
+
+nsVpnManualKeyUsrGrp OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "group this user belongs to."
+ ::= { nsVpnManualKeyUsrEntry 3 }
+
+nsVpnManualKeyUsrSILocal OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Local Security Index"
+ ::= { nsVpnManualKeyUsrEntry 4 }
+
+nsVpnManualKeyUsrSIRemote OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Remote Security Index"
+ ::= { nsVpnManualKeyUsrEntry 5 }
+
+nsVpnManualKeyUsrTunnelType OBJECT-TYPE
+ SYNTAX INTEGER {
+ esp(0),
+ ah(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vpn tunnel type."
+ ::= { nsVpnManualKeyUsrEntry 6 }
+
+nsVpnManualKeyUsrEspEncAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ des-cbc(1),
+ triple-des-cbc(2),
+ aes(3),
+ aes-192(4),
+ aes-256(5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ESP Encryption Algorithm."
+ ::= { nsVpnManualKeyUsrEntry 7 }
+
+nsVpnManualKeyUsrEspAuthAlg OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ESP Authentication Algorithm."
+ ::= { nsVpnManualKeyUsrEntry 8 }
+
+nsVpnManualKeyUsrAhHash OBJECT-TYPE
+ SYNTAX INTEGER {
+ null(0),
+ md5(1),
+ sha(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "AH Hash Algorithm."
+ ::= { nsVpnManualKeyUsrEntry 9 }
+
+nsVpnManualKeyUsrVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this user belongs to."
+ ::= { nsVpnManualKeyUsrEntry 10 }
+
+nsVpnAILUsrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVpnAILUsrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table specifies the configuration attributes for
+ AUTH/IKE/L2TP user."
+ ::= { nsVpnUser 3 }
+
+nsVpnAILUsrEntry OBJECT-TYPE
+ SYNTAX NsVpnAILUsrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the nsVpnManualkeyUsrTable holds a set of
+ configuration parameters associated with an instance of
+ AUTH/IKE/L2TP user."
+ INDEX
+ { nsVpnAILUsrIndex }
+ ::= { nsVpnAILUsrTable 1 }
+
+nsVpnAILUsrIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for Auth/Ike/l2tp user table. Its value ranges
+ between 1 and 65535 and may not be contiguous."
+ ::= { nsVpnAILUsrEntry 1 }
+
+nsVpnAILUsrName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User name."
+ ::= { nsVpnAILUsrEntry 2 }
+
+nsVpnAILUsrGrp OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "group this user belongs to."
+ ::= { nsVpnAILUsrEntry 3 }
+
+nsVpnAILUsrStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ disable(0),
+ enabled(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "User status"
+ ::= { nsVpnAILUsrEntry 4 }
+
+nsVpnAILUsrIKE OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Since Authentication, IKE L2TP can be combined together. This
+ attribute is used to indicate if this user is an IKE user."
+ ::= { nsVpnAILUsrEntry 5 }
+
+nsVpnAILUsrIKEIdType OBJECT-TYPE
+ SYNTAX INTEGER {
+ not-set(0),
+ ipv4-addr(1),
+ fqdn(2),
+ usr-fqdn(3),
+ ipv4-addr-subnet(4),
+ ipv6-addr(5),
+ ipv6-addr-subnet(6),
+ ipv4-addr-addr-range(7),
+ ipv6-addr-addr-range(8),
+ der-asn1-dn(9),
+ der-asn1-gn(10)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IKE user type 1 means auto, other values are undefined."
+ ::= { nsVpnAILUsrEntry 6 }
+
+nsVpnAILUsrIKEId OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "IKE id."
+ ::= { nsVpnAILUsrEntry 7 }
+
+nsVpnAILUsrAuth OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Since Authentication, IKE L2TP can be combined together. This
+ attribute is used to indicate if this user is an Authentication
+ user."
+ ::= { nsVpnAILUsrEntry 8 }
+
+nsVpnAILUsrL2TP OBJECT-TYPE
+ SYNTAX INTEGER {
+ no(0),
+ yes(1)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Since Authentication, IKE L2TP can be combined together. This
+ attribute is used to indicate if this user is a L2TP user. The
+ NetScreen-1000 does not support L2TP."
+ ::= { nsVpnAILUsrEntry 9 }
+
+nsVpnAILUsrL2tpRemoteIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2TP remote peer ip address."
+ ::= { nsVpnAILUsrEntry 10 }
+
+nsVpnAILUsrL2tpIpPool OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "ip pool entity name."
+ ::= { nsVpnAILUsrEntry 11 }
+
+nsVpnAILUsrL2tpIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "L2TP local ip address."
+ ::= { nsVpnAILUsrEntry 12 }
+
+nsVpnAILUsrL2tpPriDnsIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "primary DNS server IP address for L2TP user."
+ ::= { nsVpnAILUsrEntry 13 }
+
+nsVpnAILUsrL2tpSecDnsIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "secondary DNS server IP address for L2TP user."
+ ::= { nsVpnAILUsrEntry 14 }
+
+nsVpnAILUsrL2tpPriWinsIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "primary WINS server IP address for L2TP user."
+ ::= { nsVpnAILUsrEntry 15 }
+
+nsVpnAILUsrL2tpSecWinsIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "secondary WINS server IP address for L2TP user."
+ ::= { nsVpnAILUsrEntry 16 }
+
+nsVpnAILUsrVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "vsys this user belongs to."
+ ::= { nsVpnAILUsrEntry 17 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VR-BGP4-MIB b/MIBS/screenos/NETSCREEN-VR-BGP4-MIB
new file mode 100644
index 0000000..f61f13c
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VR-BGP4-MIB
@@ -0,0 +1,787 @@
+-- These MIBs were created on 1/2/2003
+-- This module defines enterprise MIBs for NS BGP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VR-BGP4-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
+ IpAddress, Integer32, Counter32, Gauge32
+ FROM SNMPv2-SMI
+ netscreenTrapDesc, netscreenTrapType
+ FROM NETSCREEN-TRAP-MIB
+ netscreenVR
+ FROM NETSCREEN-SMI;
+
+ nsVrBgp MODULE-IDENTITY
+ LAST-UPDATED "200506202022Z" -- June 20, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module for NS-BGP-4."
+ ::= { netscreenVR 6 }
+
+ -- BGP Info table. This table contains, one entry per
+ -- VR, information about the BGP's Version, LocalAs and Identifier.
+
+ nsVrBgpInfoTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrBgpInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "BGP info table. This table contains,
+ one entry per VR, information about
+ the BGP's Version, LocalAs and Identifier."
+ ::= { nsVrBgp 1 }
+
+ nsVrBgpInfoEntry OBJECT-TYPE
+ SYNTAX NsVrBgpInfoEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Entry containing information about the
+ BGP's Version, LocalAs and Identifier"
+ INDEX { nsVrBgpInfoVRID }
+ ::= { nsVrBgpInfoTable 1 }
+
+ NsVrBgpInfoEntry ::= SEQUENCE {
+ nsVrBgpInfoVersion
+ OCTET STRING,
+ nsVrBgpInfoLocalAs
+ INTEGER,
+ nsVrBgpInfoIdentifier
+ IpAddress,
+ nsVrBgpInfoVRID
+ INTEGER
+ }
+
+ nsVrBgpInfoVersion OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (1..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Vector of supported BGP protocol version
+ numbers. Each peer negotiates the version
+ from this vector. Versions are identified
+ via the string of bits contained within this
+ object. The first octet contains bits 0 to
+ 7, the second octet contains bits 8 to 15,
+ and so on, with the most significant bit
+ referring to the lowest bit number in the
+ octet (e.g., the MSB of the first octet
+ refers to bit 0). If a bit, i, is present
+ and set, then the version (i+1) of the BGP
+ is supported."
+ ::= { nsVrBgpInfoEntry 1 }
+
+ nsVrBgpInfoLocalAs OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The local autonomous system number."
+ ::= { nsVrBgpInfoEntry 2 }
+
+ nsVrBgpInfoIdentifier OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The BGP Identifier of local system."
+ ::= { nsVrBgpInfoEntry 3 }
+
+ nsVrBgpInfoVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrBgpInfoEntry 4 }
+
+ -- BGP Peer table. This table contains, one entry per
+ -- BGP peer, information about the BGP peer.
+
+ nsVrBgpPeerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrBgpPeerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "BGP peer table. This table contains,
+ one entry per BGP peer, information about
+ the connections with BGP peers."
+ ::= { nsVrBgp 3 }
+
+ nsVrBgpPeerEntry OBJECT-TYPE
+ SYNTAX NsVrBgpPeerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Entry containing information about the
+ connection with a BGP peer."
+ INDEX { nsVrBgpPeerVRID,
+ nsVrBgpPeerRemoteAddr }
+ ::= { nsVrBgpPeerTable 1 }
+
+ NsVrBgpPeerEntry ::= SEQUENCE {
+ nsVrBgpPeerIdentifier
+ IpAddress,
+ nsVrBgpPeerState
+ INTEGER,
+ nsVrBgpPeerAdminStatus
+ INTEGER,
+ nsVrBgpPeerNegotiatedVersion
+ Integer32,
+ nsVrBgpPeerLocalAddr
+ IpAddress,
+ nsVrBgpPeerLocalPort
+ INTEGER,
+ nsVrBgpPeerRemoteAddr
+ IpAddress,
+ nsVrBgpPeerRemotePort
+ INTEGER,
+ nsVrBgpPeerRemoteAs
+ INTEGER,
+ nsVrBgpPeerInUpdates
+ Counter32,
+ nsVrBgpPeerOutUpdates
+ Counter32,
+ nsVrBgpPeerInTotalMessages
+ Counter32,
+ nsVrBgpPeerOutTotalMessages
+ Counter32,
+ nsVrBgpPeerLastError
+ OCTET STRING,
+ nsVrBgpPeerFsmEstablishedTransitions
+ Counter32,
+ nsVrBgpPeerFsmEstablishedTime
+ Gauge32,
+ nsVrBgpPeerConnectRetryInterval
+ INTEGER,
+ nsVrBgpPeerHoldTime
+ INTEGER,
+ nsVrBgpPeerKeepAlive
+
+ INTEGER,
+ nsVrBgpPeerHoldTimeConfigured
+ INTEGER,
+ nsVrBgpPeerKeepAliveConfigured
+ INTEGER,
+ nsVrBgpPeerMinASOriginationInterval
+ INTEGER,
+ nsVrBgpPeerMinRouteAdvertisementInterval
+ INTEGER,
+ nsVrBgpPeerInUpdateElapsedTime
+ Gauge32,
+ nsVrBgpPeerVRID
+ INTEGER
+ }
+
+ nsVrBgpPeerIdentifier OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The BGP Identifier of this entry's BGP
+ peer."
+ ::= { nsVrBgpPeerEntry 1 }
+
+ nsVrBgpPeerState OBJECT-TYPE
+ SYNTAX INTEGER {
+ idle(1),
+ connect(2),
+ active(3),
+ opensent(4),
+ openconfirm(5),
+ established(6)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The BGP peer connection state."
+ ::= { nsVrBgpPeerEntry 2 }
+
+ nsVrBgpPeerAdminStatus OBJECT-TYPE
+ SYNTAX INTEGER {
+ stop(1),
+ start(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The desired state of the BGP connection.
+ A transition from 'stop' to 'start' will
+ cause the BGP Start Event to be generated.
+
+ A transition from 'start' to 'stop' will
+ cause the BGP Stop Event to be generated.
+ This parameter can be used to restart BGP
+ peer connections. Care should be used in
+ providing write access to this object
+ without adequate authentication."
+ ::= { nsVrBgpPeerEntry 3 }
+
+ nsVrBgpPeerNegotiatedVersion OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The negotiated version of BGP running
+ between the two peers."
+ ::= { nsVrBgpPeerEntry 4 }
+
+ nsVrBgpPeerLocalAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The local IP address of this entry's BGP
+ connection."
+ ::= { nsVrBgpPeerEntry 5 }
+
+ nsVrBgpPeerLocalPort OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The local port for the TCP connection
+ between the BGP peers."
+ ::= { nsVrBgpPeerEntry 6 }
+
+ nsVrBgpPeerRemoteAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The remote IP address of this entry's BGP
+ peer."
+ ::= { nsVrBgpPeerEntry 7 }
+
+ nsVrBgpPeerRemotePort OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+
+ DESCRIPTION
+ "The remote port for the TCP connection
+ between the BGP peers. Note that the
+ objects nsVrBgpPeerLocalAddr,
+ nsVrBgpPeerLocalPort, nsVrBgpPeerRemoteAddr and
+ nsVrBgpPeerRemotePort provide the appropriate
+ reference to the standard MIB TCP
+ connection table."
+ ::= { nsVrBgpPeerEntry 8 }
+
+ nsVrBgpPeerRemoteAs OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The remote autonomous system number."
+ ::= { nsVrBgpPeerEntry 9 }
+
+ nsVrBgpPeerInUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of BGP UPDATE messages
+ received on this connection. This object
+ should be initialized to zero (0) when the
+ connection is established."
+ ::= { nsVrBgpPeerEntry 10 }
+
+ nsVrBgpPeerOutUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of BGP UPDATE messages
+ transmitted on this connection. This
+ object should be initialized to zero (0)
+ when the connection is established."
+ ::= { nsVrBgpPeerEntry 11 }
+
+ nsVrBgpPeerInTotalMessages OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of messages received
+ from the remote peer on this connection.
+ This object should be initialized to zero
+
+ when the connection is established."
+ ::= { nsVrBgpPeerEntry 12 }
+
+ nsVrBgpPeerOutTotalMessages OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of messages transmitted to
+ the remote peer on this connection. This
+ object should be initialized to zero when
+ the connection is established."
+ ::= { nsVrBgpPeerEntry 13 }
+
+ nsVrBgpPeerLastError OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (2))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The last error code and subcode seen by this
+ peer on this connection. If no error has
+ occurred, this field is zero. Otherwise, the
+ first byte of this two byte OCTET STRING
+ contains the error code, and the second byte
+ contains the subcode."
+ ::= { nsVrBgpPeerEntry 14 }
+
+ nsVrBgpPeerFsmEstablishedTransitions OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of times the BGP FSM
+ transitioned into the established state."
+ ::= { nsVrBgpPeerEntry 15 }
+
+ nsVrBgpPeerFsmEstablishedTime OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This timer indicates how long (in
+ seconds) this peer has been in the
+ Established state or how long
+ since this peer was last in the
+ Established state. It is set to zero when
+ a new peer is configured or the router is
+ booted."
+
+ ::= { nsVrBgpPeerEntry 16 }
+
+ nsVrBgpPeerConnectRetryInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the
+ ConnectRetry timer. The suggested value
+ for this timer is 120 seconds."
+ ::= { nsVrBgpPeerEntry 17 }
+
+ nsVrBgpPeerHoldTime OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 3..65535 )
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the Hold
+ Timer established with the peer. The
+ value of this object is calculated by this
+ BGP speaker by using the smaller of the
+ value in nsVrBgpPeerHoldTimeConfigured and the
+ Hold Time received in the OPEN message.
+ This value must be at lease three seconds
+ if it is not zero (0) in which case the
+ Hold Timer has not been established with
+ the peer, or, the value of
+ nsVrBgpPeerHoldTimeConfigured is zero (0)."
+ ::= { nsVrBgpPeerEntry 18 }
+
+ nsVrBgpPeerKeepAlive OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 1..21845 )
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the KeepAlive
+ timer established with the peer. The value
+ of this object is calculated by this BGP
+ speaker such that, when compared with
+ nsVrBgpPeerHoldTime, it has the same
+ proportion as what
+ nsVrBgpPeerKeepAliveConfigured has when
+ compared with nsVrBgpPeerHoldTimeConfigured.
+ If the value of this object is zero (0),
+ it indicates that the KeepAlive timer has
+ not been established with the peer, or,
+ the value of nsVrBgpPeerKeepAliveConfigured is
+ zero (0)."
+
+ ::= { nsVrBgpPeerEntry 19 }
+
+ nsVrBgpPeerHoldTimeConfigured OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 3..65535 )
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the Hold Time
+ configured for this BGP speaker with this
+ peer. This value is placed in an OPEN
+ message sent to this peer by this BGP
+ speaker, and is compared with the Hold
+ Time field in an OPEN message received
+ from the peer when determining the Hold
+ Time (nsVrBgpPeerHoldTime) with the peer.
+ This value must not be less than three
+ seconds if it is not zero (0) in which
+ case the Hold Time is NOT to be
+ established with the peer. The suggested
+ value for this timer is 90 seconds."
+ ::= { nsVrBgpPeerEntry 20 }
+
+ nsVrBgpPeerKeepAliveConfigured OBJECT-TYPE
+ SYNTAX INTEGER ( 0 | 1..21845 )
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the
+ KeepAlive timer configured for this BGP
+ speaker with this peer. The value of this
+ object will only determine the
+ KEEPALIVE messages' frequency relative to
+ the value specified in
+ nsVrBgpPeerHoldTimeConfigured; the actual
+ time interval for the KEEPALIVE messages
+ is indicated by nsVrBgpPeerKeepAlive. A
+ reasonable maximum value for this timer
+ would be configured to be one
+ third of that of
+ nsVrBgpPeerHoldTimeConfigured.
+ If the value of this object is zero (0),
+ no periodical KEEPALIVE messages are sent
+ to the peer after the BGP connection has
+ been established. The suggested value for
+ this timer is 30 seconds."
+ ::= { nsVrBgpPeerEntry 21 }
+
+ nsVrBgpPeerMinASOriginationInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the
+ MinASOriginationInterval timer.
+ The suggested value for this timer is 15
+ seconds."
+ ::= { nsVrBgpPeerEntry 22 }
+
+ nsVrBgpPeerMinRouteAdvertisementInterval OBJECT-TYPE
+ SYNTAX INTEGER (1..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Time interval in seconds for the
+ MinRouteAdvertisementInterval timer.
+ The suggested value for this timer is 30
+ seconds."
+ ::= { nsVrBgpPeerEntry 23 }
+
+ nsVrBgpPeerInUpdateElapsedTime OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Elapsed time in seconds since the last BGP
+ UPDATE message was received from the peer.
+ Each time nsVrBgpPeerInUpdates is incremented,
+ the value of this object is set to zero
+ (0)."
+ ::= { nsVrBgpPeerEntry 24 }
+
+ nsVrBgpPeerVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrBgpPeerEntry 25 }
+
+
+ -- BGP-4 Received Path Attribute Table. This table
+ -- contains, one entry per path to a network, path
+ -- attributes received from all peers running BGP-4.
+
+ nsVrBgp4PathAttrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrBgp4PathAttrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The BGP-4 Received Path Attribute Table
+ contains information about paths to
+ destination networks received from all
+ BGP4 peers."
+ ::= { nsVrBgp 6 }
+
+ nsVrBgp4PathAttrEntry OBJECT-TYPE
+ SYNTAX NsVrBgp4PathAttrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information about a path to a network."
+ INDEX { nsVrBgp4PathAttrVRID,
+ nsVrBgp4PathAttrIpAddrPrefix,
+ nsVrBgp4PathAttrIpAddrPrefixLen,
+ nsVrBgp4PathAttrPeer }
+ ::= { nsVrBgp4PathAttrTable 1 }
+
+ NsVrBgp4PathAttrEntry ::= SEQUENCE {
+ nsVrBgp4PathAttrPeer
+ IpAddress,
+ nsVrBgp4PathAttrIpAddrPrefixLen
+ INTEGER,
+ nsVrBgp4PathAttrIpAddrPrefix
+ IpAddress,
+ nsVrBgp4PathAttrOrigin
+ INTEGER,
+ nsVrBgp4PathAttrASPathSegment
+
+ OCTET STRING,
+ nsVrBgp4PathAttrNextHop
+ IpAddress,
+ nsVrBgp4PathAttrMultiExitDisc
+ INTEGER,
+ nsVrBgp4PathAttrLocalPref
+ INTEGER,
+ nsVrBgp4PathAttrAtomicAggregate
+ INTEGER,
+ nsVrBgp4PathAttrAggregatorAS
+ INTEGER,
+ nsVrBgp4PathAttrAggregatorAddr
+ IpAddress,
+ nsVrBgp4PathAttrCalcLocalPref
+ INTEGER,
+ nsVrBgp4PathAttrBest
+ INTEGER,
+ nsVrBgp4PathAttrUnknown
+ OCTET STRING,
+ nsVrBgp4PathAttrVRID
+ INTEGER
+
+ }
+
+ nsVrBgp4PathAttrPeer OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of the peer where the path
+ information was learned."
+ ::= { nsVrBgp4PathAttrEntry 1 }
+
+ nsVrBgp4PathAttrIpAddrPrefixLen OBJECT-TYPE
+ SYNTAX INTEGER (0..32)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Length in bits of the IP address prefix
+ in the Network Layer Reachability
+ Information field."
+ ::= { nsVrBgp4PathAttrEntry 2 }
+
+ nsVrBgp4PathAttrIpAddrPrefix OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "An IP address prefix in the Network Layer
+ Reachability Information field. This object
+
+ is an IP address containing the prefix with
+ length specified by
+ nsVrBgp4PathAttrIpAddrPrefixLen.
+ Any bits beyond the length specified by
+ nsVrBgp4PathAttrIpAddrPrefixLen are zeroed."
+ ::= { nsVrBgp4PathAttrEntry 3 }
+
+ nsVrBgp4PathAttrOrigin OBJECT-TYPE
+ SYNTAX INTEGER {
+ igp(1),-- networks are interior
+ egp(2),-- networks learned
+ -- via EGP
+ incomplete(3) -- undetermined
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The ultimate origin of the path
+ information."
+ ::= { nsVrBgp4PathAttrEntry 4 }
+
+ nsVrBgp4PathAttrASPathSegment OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (2..255))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The sequence of AS path segments. Each AS
+ path segment is represented by a triple
+ <type, length, value>.
+
+ The type is a 1-octet field which has two
+ possible values:
+ 1 AS_SET: unordered set of ASs a
+ route in the UPDATE
+ message has traversed
+ 2 AS_SEQUENCE: ordered set of ASs
+ a route in the UPDATE
+ message has traversed.
+
+ The length is a 1-octet field containing the
+ number of ASs in the value field.
+
+ The value field contains one or more AS
+ numbers, each AS is represented in the octet
+ string as a pair of octets according to the
+ following algorithm:
+
+ first-byte-of-pair = ASNumber / 256;
+ second-byte-of-pair = ASNumber & 255;"
+ ::= { nsVrBgp4PathAttrEntry 5 }
+
+ nsVrBgp4PathAttrNextHop OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The address of the border router that
+ should be used for the destination
+ network."
+ ::= { nsVrBgp4PathAttrEntry 6 }
+
+ nsVrBgp4PathAttrMultiExitDisc OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This metric is used to discriminate
+ between multiple exit points to an
+ adjacent autonomous system. A value of -1
+ indicates the absence of this attribute."
+ ::= { nsVrBgp4PathAttrEntry 7 }
+
+ nsVrBgp4PathAttrLocalPref OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The originating BGP4 speaker's degree of
+ preference for an advertised route. A
+ value of -1 indicates the absence of this
+ attribute."
+ ::= { nsVrBgp4PathAttrEntry 8 }
+
+ nsVrBgp4PathAttrAtomicAggregate OBJECT-TYPE
+ SYNTAX INTEGER {
+ lessSpecificRrouteNotSelected(1),
+ lessSpecificRouteSelected(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Whether or not the local system has
+ selected a less specific route without
+ selecting a more specific route."
+ ::= { nsVrBgp4PathAttrEntry 9 }
+
+ nsVrBgp4PathAttrAggregatorAS OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The AS number of the last BGP4 speaker that
+ performed route aggregation. A value of
+ zero (0) indicates the absence of this
+ attribute."
+ ::= { nsVrBgp4PathAttrEntry 10 }
+
+ nsVrBgp4PathAttrAggregatorAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of the last BGP4 speaker
+ that performed route aggregation. A value
+ of 0.0.0.0 indicates the absence of this
+ attribute."
+ ::= { nsVrBgp4PathAttrEntry 11 }
+
+ nsVrBgp4PathAttrCalcLocalPref OBJECT-TYPE
+ SYNTAX INTEGER (-1..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The degree of preference calculated by the
+ receiving BGP4 speaker for an advertised
+ route. A value of -1 indicates the
+ absence of this attribute."
+ ::= { nsVrBgp4PathAttrEntry 12 }
+
+ nsVrBgp4PathAttrBest OBJECT-TYPE
+ SYNTAX INTEGER {
+ false(1),-- not chosen as best route
+ true(2) -- chosen as best route
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "An indication of whether or not this route
+ was chosen as the best BGP4 route."
+ ::= { nsVrBgp4PathAttrEntry 13 }
+
+ nsVrBgp4PathAttrUnknown OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..255))
+ MAX-ACCESS read-only
+
+ STATUS current
+ DESCRIPTION
+ "One or more path attributes not understood
+ by this BGP4 speaker. Size zero (0)
+ indicates the absence of such
+ attribute(s). Octets beyond the maximum
+ size, if any, are not recorded by this
+ object."
+ ::= { nsVrBgp4PathAttrEntry 14 }
+
+ nsVrBgp4PathAttrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrBgp4PathAttrEntry 15 }
+
+ -- Traps.
+
+ nsVrBgpTraps OBJECT IDENTIFIER ::= { nsVrBgp 7 }
+
+ nsVrBgpEstablished NOTIFICATION-TYPE
+ OBJECTS { nsVrBgp4PathAttrVRID,
+ netscreenTrapType,
+ netscreenTrapDesc,
+ nsVrBgpPeerIdentifier,
+ nsVrBgpPeerLastError,
+ nsVrBgpPeerState }
+ STATUS current
+ DESCRIPTION
+ "The BGP Established event is generated when
+ the BGP FSM enters the ESTABLISHED state."
+ ::= { nsVrBgpTraps 1 }
+
+
+END
+
diff --git a/MIBS/screenos/NETSCREEN-VR-MIB b/MIBS/screenos/NETSCREEN-VR-MIB
new file mode 100644
index 0000000..c4a3cb0
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VR-MIB
@@ -0,0 +1,157 @@
+-- These MIBs were created on 1/9/2003
+-- This module defines enterprise MIBs for virtual router
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VR-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ OBJECT-TYPE
+ FROM SNMPv2-SMI
+ netscreenVR
+ FROM NETSCREEN-SMI;
+
+netscreenVRMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor VR
+ info"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200109010000Z" -- September 1, 2003
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVR 0 }
+
+
+vrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF VrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "VR table. This table contains VR info."
+ ::= { netscreenVR 1 }
+
+vrEntry OBJECT-TYPE
+ SYNTAX VrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Entry containing information about the
+ BGP's Version, LocalAs and Identifier"
+ INDEX { vrId }
+ ::= { vrTable 1 }
+
+VrEntry ::= SEQUENCE {
+ vrName
+ OCTET STRING,
+ vrId
+ INTEGER,
+ vrVsysName
+ OCTET STRING,
+ vrRouteId
+ INTEGER,
+ vrMaxRoutes
+ INTEGER,
+ vrNumRoutes
+ INTEGER,
+ vrSharable
+ INTEGER,
+ vrOspfRipBgpEnabled
+ INTEGER,
+ vrTrapPrivate
+ INTEGER
+}
+
+vrName OBJECT-TYPE
+ SYNTAX OCTET STRING
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Name of the VR."
+ ::= { vrEntry 1 }
+
+vrId OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Id for the VR. It will be used in all other
+ private MIBs so that cross reference can be made."
+ ::= { vrEntry 2 }
+
+vrVsysName OBJECT-TYPE
+ SYNTAX OCTET STRING
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Id of the vsys which owns this VR."
+ ::= { vrEntry 3 }
+
+vrRouteId OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Router id, used by OSFP and BGP."
+ ::= { vrEntry 4 }
+
+vrMaxRoutes OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Maximum routes allowed for this VR."
+ ::= { vrEntry 5 }
+
+vrNumRoutes OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of routes currently the VR has."
+ ::= { vrEntry 6 }
+
+vrSharable OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The VR is sharable or not."
+ ::= { vrEntry 7 }
+
+vrOspfRipBgpEnabled OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Enable OSPF, RIP, BGP."
+ ::= { vrEntry 8 }
+
+vrTrapPrivate OBJECT-TYPE
+ SYNTAX INTEGER
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "0 private, 1 public. This only applies to
+ root system' default VR. If private trap is
+ enabled, a private trap is sent, otherwise,
+ the standard trap is sent. For other VRs, By
+ default, the public trap is supported."
+ ::= { vrEntry 9 }
+END
+
diff --git a/MIBS/screenos/NETSCREEN-VR-OSPF-MIB b/MIBS/screenos/NETSCREEN-VR-OSPF-MIB
new file mode 100644
index 0000000..3fbd9ba
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VR-OSPF-MIB
@@ -0,0 +1,2410 @@
+-- These MIBs were created on 1/7/2003
+-- This module defines enterprise MIBs for NS OSPF
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+
+NETSCREEN-VR-OSPF-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, Counter32, Gauge32,
+ Integer32, IpAddress
+ FROM SNMPv2-SMI
+ TEXTUAL-CONVENTION, TruthValue, RowStatus
+ FROM SNMPv2-TC
+ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
+ mib-2 FROM RFC1213-MIB
+ netscreenVR FROM NETSCREEN-SMI;
+
+-- This MIB module uses the extended OBJECT-TYPE macro as
+-- defined in [9].
+
+nsVrOspf MODULE-IDENTITY
+ LAST-UPDATED "200506202022Z" -- June 20, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module to describe the NS-OSPF Version 2
+ Protocol"
+ ::= { netscreenVR 5 }
+
+-- The Area ID, in OSPF, has the same format as an IP Address,
+-- but has the function of defining a summarization point for
+-- Link State Advertisements
+
+AreaID ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "An OSPF Area Identifier."
+ SYNTAX IpAddress
+
+-- The Router ID, in OSPF, has the same format as an IP Address,
+
+-- but identifies the router independent of its IP Address.
+
+RouterID ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "A OSPF Router Identifier."
+ SYNTAX IpAddress
+
+-- The OSPF Metric is defined as an unsigned value in the range
+
+Metric ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The OSPF Internal Metric."
+ SYNTAX Integer32 (0..'FFFF'H)
+
+BigMetric ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The OSPF External Metric."
+ SYNTAX Integer32 (0..'FFFFFF'H)
+
+-- Status Values
+
+Status ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The status of an interface: 'enabled' indicates that
+ it is willing to communicate with other OSPF Routers,
+ while 'disabled' indicates that it is not."
+ SYNTAX INTEGER { enabled (1), disabled (2) }
+
+-- Time Durations measured in seconds
+
+PositiveInteger ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "A positive integer. Values in excess are precluded as
+ unnecessary and prone to interoperability issues."
+ SYNTAX Integer32 (0..'7FFFFFFF'H)
+
+HelloRange ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The range of intervals on which hello messages are
+ exchanged."
+ SYNTAX Integer32 (1..'FFFF'H)
+
+UpToMaxAge ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The values that one might find or configure for
+ variables bounded by the maximum age of an LSA."
+ SYNTAX Integer32 (0..3600)
+
+-- The range of ifIndex
+
+InterfaceIndex ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The range of ifIndex."
+ SYNTAX Integer32
+
+-- Potential Priorities for the Designated Router Election
+
+DesignatedRouterPriority ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "The values defined for the priority of a system for
+ becoming the designated router."
+ SYNTAX Integer32 (0..'FF'H)
+
+TOSType ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "Type of Service is defined as a mapping to the IP Type of
+ Service Flags as defined in the IP Forwarding Table MIB
+
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | | | |
+ | PRECEDENCE | TYPE OF SERVICE | 0 |
+ | | | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+
+ IP TOS IP TOS
+ Field Policy Field Policy
+
+ Contents Code Contents Code
+ 0 0 0 0 ==> 0 0 0 0 1 ==> 2
+ 0 0 1 0 ==> 4 0 0 1 1 ==> 6
+ 0 1 0 0 ==> 8 0 1 0 1 ==> 10
+ 0 1 1 0 ==> 12 0 1 1 1 ==> 14
+ 1 0 0 0 ==> 16 1 0 0 1 ==> 18
+ 1 0 1 0 ==> 20 1 0 1 1 ==> 22
+
+ 1 1 0 0 ==> 24 1 1 0 1 ==> 26
+ 1 1 1 0 ==> 28 1 1 1 1 ==> 30
+
+ The remaining values are left for future definition."
+ SYNTAX Integer32 (0..30)
+
+-- OSPF General Variables
+
+-- These parameters apply globally to the Router's
+-- OSPF Process.
+
+ nsVrOspfGeneralTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfGeneralEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Ospf general information table per VR"
+ ::= { nsVrOspf 1 }
+
+ nsVrOspfGeneralEntry OBJECT-TYPE
+ SYNTAX NsVrOspfGeneralEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Ospf general information table per VR"
+ INDEX { nsVrOspfGeneralVRID }
+ ::= { nsVrOspfGeneralTable 1 }
+
+ NsVrOspfGeneralEntry ::=
+ SEQUENCE {
+ nsVrOspfRouterId
+ RouterID,
+ nsVrOspfAdminStat
+ Status,
+ nsVrOspfVersionNumber
+ INTEGER,
+ nsVrOspfAreaBdrRtrStatus
+ TruthValue,
+ nsVrOspfASBdrRtrStatus
+ TruthValue,
+ nsVrOspfExternLsaCount
+ Gauge32,
+ nsVrOspfAreaLsaCount
+ Gauge32,
+ nsVrOspfExternLsaCksumSum
+ Integer32,
+ nsVrOspfTOSSupport
+ TruthValue,
+ nsVrOspfOriginateNewLsas
+ Counter32,
+ nsVrOspfRxNewLsas
+ Counter32,
+ nsVrOspfExtLsdbLimit
+ Integer32,
+ nsVrOspfMulticastExtensions
+ Integer32,
+ nsVrOspfExitOverflowInterval
+ PositiveInteger,
+ nsVrOspfDemandExtensions
+ TruthValue,
+ nsVrOspfGeneralVRID
+ INTEGER
+ }
+
+ nsVrOspfRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ router in the Autonomous System.
+
+ By convention, to ensure uniqueness, this
+ should default to the value of one of the
+ router's IP interface addresses."
+ REFERENCE
+ "OSPF Version 2, C.1 Global parameters"
+ ::= { nsVrOspfGeneralEntry 1 }
+
+ nsVrOspfAdminStat OBJECT-TYPE
+ SYNTAX Status
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The administrative status of OSPF in the
+ router. The value 'enabled' denotes that the
+ OSPF Process is active on at least one inter-
+ face; 'disabled' disables it on all inter-
+ faces."
+ ::= { nsVrOspfGeneralEntry 2 }
+
+ nsVrOspfVersionNumber OBJECT-TYPE
+ SYNTAX INTEGER { version2 (2) }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+
+ "The current version number of the OSPF proto-
+ col is 2."
+ REFERENCE
+ "OSPF Version 2, Title"
+ ::= { nsVrOspfGeneralEntry 3 }
+
+ nsVrOspfAreaBdrRtrStatus OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A flag to note whether this router is an area
+ border router."
+ REFERENCE
+ "OSPF Version 2, Section 3 Splitting the AS into
+ Areas"
+ ::= { nsVrOspfGeneralEntry 4 }
+
+ nsVrOspfASBdrRtrStatus OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A flag to note whether this router is config-
+ ured as an Autonomous System border router."
+ REFERENCE
+ "OSPF Version 2, Section 3.3 Classification of
+ routers"
+ ::= { nsVrOspfGeneralEntry 5 }
+
+ nsVrOspfExternLsaCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of external (LS type 5) link-state
+ advertisements in the link-state database."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.5 AS external link
+ advertisements"
+ ::= { nsVrOspfGeneralEntry 6 }
+
+ nsVrOspfExternLsaCksumSum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+
+ STATUS current
+ DESCRIPTION
+ "The 32-bit unsigned sum of the LS checksums of
+ the external link-state advertisements con-
+ tained in the link-state database. This sum
+ can be used to determine if there has been a
+ change in a router's link state database, and
+ to compare the link-state database of two
+ routers."
+ ::= { nsVrOspfGeneralEntry 7 }
+
+ nsVrOspfTOSSupport OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The router's support for type-of-service rout-
+ ing."
+ REFERENCE
+ "OSPF Version 2, Appendix F.1.2 Optional TOS
+ support"
+ ::= { nsVrOspfGeneralEntry 8 }
+
+ nsVrOspfOriginateNewLsas OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of new link-state advertisements
+ that have been originated. This number is in-
+ cremented each time the router originates a new
+ LSA."
+ ::= { nsVrOspfGeneralEntry 9 }
+
+ nsVrOspfRxNewLsas OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of link-state advertisements re-
+ ceived determined to be new instantiations.
+ This number does not include newer instantia-
+ tions of self-originated link-state advertise-
+ ments."
+ ::= { nsVrOspfGeneralEntry 10 }
+
+ nsVrOspfExtLsdbLimit OBJECT-TYPE
+ SYNTAX Integer32 (-1..'7FFFFFFF'H)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The maximum number of non-default AS-
+ external-LSAs entries that can be stored in the
+ link-state database. If the value is -1, then
+ there is no limit.
+
+ When the number of non-default AS-external-LSAs
+ in a router's link-state database reaches
+ nsVrOspfExtLsdbLimit, the router enters Overflow-
+ State. The router never holds more than
+ nsVrOspfExtLsdbLimit non-default AS-external-LSAs
+ in its database. OspfExtLsdbLimit MUST be set
+ identically in all routers attached to the OSPF
+ backbone and/or any regular OSPF area. (i.e.,
+ OSPF stub areas and NSSAs are excluded)."
+ DEFVAL { -1 }
+ ::= { nsVrOspfGeneralEntry 11 }
+
+ nsVrOspfMulticastExtensions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A Bit Mask indicating whether the router is
+ forwarding IP multicast (Class D) datagrams
+ based on the algorithms defined in the Multi-
+ cast Extensions to OSPF.
+
+ Bit 0, if set, indicates that the router can
+ forward IP multicast datagrams in the router's
+ directly attached areas (called intra-area mul-
+ ticast routing).
+
+ Bit 1, if set, indicates that the router can
+ forward IP multicast datagrams between OSPF
+ areas (called inter-area multicast routing).
+
+ Bit 2, if set, indicates that the router can
+ forward IP multicast datagrams between Auto-
+ nomous Systems (called inter-AS multicast rout-
+ ing).
+
+ Only certain combinations of bit settings are
+ allowed, namely: 0 (no multicast forwarding is
+
+ enabled), 1 (intra-area multicasting only), 3
+ (intra-area and inter-area multicasting), 5
+ (intra-area and inter-AS multicasting) and 7
+ (multicasting everywhere). By default, no mul-
+ ticast forwarding is enabled."
+ DEFVAL { 0 }
+ ::= { nsVrOspfGeneralEntry 12 }
+
+ nsVrOspfExitOverflowInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of seconds that, after entering
+ OverflowState, a router will attempt to leave
+ OverflowState. This allows the router to again
+ originate non-default AS-external-LSAs. When
+ set to 0, the router will not leave Overflow-
+ State until restarted."
+ DEFVAL { 0 }
+ ::= { nsVrOspfGeneralEntry 13 }
+
+ nsVrOspfDemandExtensions OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The router's support for demand routing."
+ REFERENCE
+ "OSPF Version 2, Appendix on Demand Routing"
+ ::= { nsVrOspfGeneralEntry 14 }
+
+ nsVrOspfGeneralVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfGeneralEntry 15 }
+
+-- The OSPF Area Data Structure contains information
+-- regarding the various areas. The interfaces and
+-- virtual links are configured as part of these areas.
+-- Area 0.0.0.0, by definition, is the Backbone Area
+
+ nsVrOspfAreaTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing the configured parame-
+ ters and cumulative statistics of the router's
+ attached areas."
+
+ REFERENCE
+ "OSPF Version 2, Section 6 The Area Data Struc-
+ ture"
+ ::= { nsVrOspf 2 }
+
+ nsVrOspfAreaEntry OBJECT-TYPE
+ SYNTAX NsVrOspfAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information describing the configured parame-
+ ters and cumulative statistics of one of the
+ router's attached areas."
+ INDEX { nsVrOspfAreaVRID, nsVrOspfAreaId }
+ ::= { nsVrOspfAreaTable 1 }
+
+ NsVrOspfAreaEntry ::=
+ SEQUENCE {
+ nsVrOspfAreaId
+ AreaID,
+ nsVrOspfImportAsExtern
+ INTEGER,
+ nsVrOspfSpfRuns
+ Counter32,
+ nsVrOspfAreaBdrRtrCount
+ Gauge32,
+ nsVrOspfAsBdrRtrCount
+ Gauge32,
+ nsVrOspfAreaLsaCount
+ Gauge32,
+ nsVrOspfAreaLsaCksumSum
+ Integer32,
+ nsVrOspfAreaSummary
+ INTEGER,
+ nsVrOspfAreaStatus
+ RowStatus,
+ nsVrOspfAreaVRID
+ INTEGER
+ }
+
+ nsVrOspfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying an area.
+ Area ID 0.0.0.0 is used for the OSPF backbone."
+
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfAreaEntry 1 }
+
+ nsVrOspfImportAsExtern OBJECT-TYPE
+ SYNTAX INTEGER {
+ importExternal (1),
+ importNoExternal (2),
+ importNssa (3)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The area's support for importing AS external
+ link- state advertisements."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ DEFVAL { importExternal }
+ ::= { nsVrOspfAreaEntry 3 }
+
+ nsVrOspfSpfRuns OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of times that the intra-area route
+ table has been calculated using this area's
+ link-state database. This is typically done
+ using Dijkstra's algorithm."
+
+ ::= { nsVrOspfAreaEntry 4 }
+
+ nsVrOspfAreaBdrRtrCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of area border routers reach-
+ able within this area. This is initially zero,
+ and is calculated in each SPF Pass."
+ ::= { nsVrOspfAreaEntry 5 }
+
+ nsVrOspfAsBdrRtrCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of Autonomous System border
+ routers reachable within this area. This is
+ initially zero, and is calculated in each SPF
+ Pass."
+ ::= { nsVrOspfAreaEntry 6 }
+
+ nsVrOspfAreaLsaCount OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of link-state advertisements
+ in this area's link-state database, excluding
+ AS External LSA's."
+ ::= { nsVrOspfAreaEntry 7 }
+
+ nsVrOspfAreaLsaCksumSum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The 32-bit unsigned sum of the link-state ad-
+ vertisements' LS checksums contained in this
+ area's link-state database. This sum excludes
+ external (LS type 5) link-state advertisements.
+ The sum can be used to determine if there has
+ been a change in a router's link state data-
+ base, and to compare the link-state database of
+
+ two routers."
+ DEFVAL { 0 }
+ ::= { nsVrOspfAreaEntry 8 }
+
+ nsVrOspfAreaSummary OBJECT-TYPE
+ SYNTAX INTEGER {
+ noAreaSummary (1),
+ sendAreaSummary (2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The variable nsVrOspfAreaSummary controls the im-
+ port of summary LSAs into stub areas. It has
+ no effect on other areas.
+
+ If it is noAreaSummary, the router will neither
+ originate nor propagate summary LSAs into the
+ stub area. It will rely entirely on its de-
+ fault route.
+
+ If it is sendAreaSummary, the router will both
+ summarize and propagate summary LSAs."
+ DEFVAL { noAreaSummary }
+ ::= { nsVrOspfAreaEntry 9 }
+
+ nsVrOspfAreaStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfAreaEntry 10 }
+
+ nsVrOspfAreaVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfAreaEntry 11 }
+
+-- OSPF Area Default Metric Table
+
+-- The OSPF Area Default Metric Table describes the metrics
+-- that a default Area Border Router will advertise into a
+-- Stub area.
+
+ nsVrOspfStubAreaTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfStubAreaEntry
+
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The set of metrics that will be advertised by
+ a default Area Border Router into a stub area."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2, Area Parameters"
+ ::= { nsVrOspf 3 }
+
+ nsVrOspfStubAreaEntry OBJECT-TYPE
+ SYNTAX NsVrOspfStubAreaEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The metric for a given Type of Service that
+ will be advertised by a default Area Border
+ Router into a stub area."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2, Area Parameters"
+ INDEX { nsVrOspfStubVRID, nsVrOspfStubAreaId, nsVrOspfStubTOS }
+ ::= { nsVrOspfStubAreaTable 1 }
+
+ NsVrOspfStubAreaEntry ::=
+ SEQUENCE {
+ nsVrOspfStubAreaId
+ AreaID,
+ nsVrOspfStubTOS
+ TOSType,
+ nsVrOspfStubMetric
+ BigMetric,
+ nsVrOspfStubStatus
+ RowStatus,
+ nsVrOspfStubMetricType
+ INTEGER,
+ nsVrOspfStubVRID
+ INTEGER
+ }
+
+ nsVrOspfStubAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The 32 bit identifier for the Stub Area. On
+ creation, this can be derived from the in-
+ stance."
+ ::= { nsVrOspfStubAreaEntry 1 }
+
+ nsVrOspfStubTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Type of Service associated with the
+ metric. On creation, this can be derived from
+ the instance."
+ ::= { nsVrOspfStubAreaEntry 2 }
+
+ nsVrOspfStubMetric OBJECT-TYPE
+ SYNTAX BigMetric
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The metric value applied at the indicated type
+ of service. By default, this equals the least
+ metric at the type of service among the inter-
+ faces to other areas."
+ ::= { nsVrOspfStubAreaEntry 3 }
+
+ nsVrOspfStubStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfStubAreaEntry 4 }
+
+ nsVrOspfStubMetricType OBJECT-TYPE
+ SYNTAX INTEGER {
+ nsVrOspfMetric (1), -- OSPF Metric
+ comparableCost (2), -- external type 1
+ nonComparable (3) -- external type 2
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the type of metric ad-
+ vertised as a default route."
+ DEFVAL { nsVrOspfMetric }
+ ::= { nsVrOspfStubAreaEntry 5 }
+
+ nsVrOspfStubVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfStubAreaEntry 6 }
+
+-- OSPF Link State Database
+
+-- The Link State Database contains the Link State
+-- Advertisements from throughout the areas that the
+-- device is attached to.
+
+ nsVrOspfLsdbTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The OSPF Process's Link State Database."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsVrOspf 4 }
+
+ nsVrOspfLsdbEntry OBJECT-TYPE
+ SYNTAX NsVrOspfLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A single Link State Advertisement."
+ INDEX { nsVrOspfLsdbVRID, nsVrOspfLsdbAreaId, nsVrOspfLsdbType,
+ nsVrOspfLsdbLsid, nsVrOspfLsdbRouterId }
+ ::= { nsVrOspfLsdbTable 1 }
+
+ NsVrOspfLsdbEntry ::=
+ SEQUENCE {
+ nsVrOspfLsdbAreaId
+ AreaID,
+ nsVrOspfLsdbType
+ INTEGER,
+ nsVrOspfLsdbLsid
+ IpAddress,
+ nsVrOspfLsdbRouterId
+ RouterID,
+ nsVrOspfLsdbSequence
+ Integer32,
+ nsVrOspfLsdbAge
+ Integer32,
+ nsVrOspfLsdbChecksum
+ Integer32,
+ nsVrOspfLsdbAdvertisement
+ OCTET STRING,
+ nsVrOspfLsdbVRID
+ INTEGER
+ }
+
+ nsVrOspfLsdbAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The 32 bit identifier of the Area from which
+ the LSA was received."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfLsdbEntry 1 }
+
+-- External Link State Advertisements are permitted
+-- for backward compatibility, but should be displayed in
+-- the nsVrOspfExtLsdbTable rather than here.
+
+ nsVrOspfLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ routerLink (1),
+ networkLink (2),
+ summaryLink (3),
+ asSummaryLink (4),
+ asExternalLink (5), -- but see nsVrOspfExtLsdbTable
+ multicastLink (6),
+ nssaExternalLink (7)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of the link state advertisement.
+ Each link state type has a separate advertise-
+ ment format."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsVrOspfLsdbEntry 2 }
+
+ nsVrOspfLsdbLsid OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Link State ID is an LS Type Specific field
+ containing either a Router ID or an IP Address;
+ it identifies the piece of the routing domain
+ that is being described by the advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.4 Link State ID"
+ ::= { nsVrOspfLsdbEntry 3 }
+
+ nsVrOspfLsdbRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The 32 bit number that uniquely identifies the
+ originating router in the Autonomous System."
+ REFERENCE
+ "OSPF Version 2, Appendix C.1 Global parameters"
+ ::= { nsVrOspfLsdbEntry 4 }
+
+-- Note that the OSPF Sequence Number is a 32 bit signed
+-- integer. It starts with the value '80000001'h,
+-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h
+-- Thus, a typical sequence number will be very negative.
+
+ nsVrOspfLsdbSequence OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The sequence number field is a signed 32-bit
+ integer. It is used to detect old and dupli-
+ cate link state advertisements. The space of
+ sequence numbers is linearly ordered. The
+ larger the sequence number the more recent the
+ advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.6 LS sequence
+ number"
+ ::= { nsVrOspfLsdbEntry 5 }
+
+ nsVrOspfLsdbAge OBJECT-TYPE
+ SYNTAX Integer32 -- Should be 0..MaxAge
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This field is the age of the link state adver-
+ tisement in seconds."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.1 LS age"
+ ::= { nsVrOspfLsdbEntry 6 }
+
+ nsVrOspfLsdbChecksum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+
+ DESCRIPTION
+ "This field is the checksum of the complete
+ contents of the advertisement, excepting the
+ age field. The age field is excepted so that
+ an advertisement's age can be incremented
+ without updating the checksum. The checksum
+ used is the same that is used for ISO connec-
+ tionless datagrams; it is commonly referred to
+ as the Fletcher checksum."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.7 LS checksum"
+ ::= { nsVrOspfLsdbEntry 7 }
+
+ nsVrOspfLsdbAdvertisement OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (1..65535))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The entire Link State Advertisement, including
+ its header."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsVrOspfLsdbEntry 8 }
+
+ nsVrOspfLsdbVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfLsdbEntry 9 }
+
+-- OSPF Host Table
+
+-- The Host/Metric Table indicates what hosts are directly
+
+-- attached to the Router, and what metrics and types of
+-- service should be advertised for them.
+
+ nsVrOspfHostTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfHostEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The list of Hosts, and their metrics, that the
+ router will advertise as host routes."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route param-
+ eters"
+ ::= { nsVrOspf 6 }
+
+ nsVrOspfHostEntry OBJECT-TYPE
+ SYNTAX NsVrOspfHostEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A metric to be advertised, for a given type of
+ service, when a given host is reachable."
+ INDEX { nsVrOspfHostVRID, nsVrOspfHostIpAddress, nsVrOspfHostTOS }
+ ::= { nsVrOspfHostTable 1 }
+
+ NsVrOspfHostEntry ::=
+ SEQUENCE {
+ nsVrOspfHostIpAddress
+ IpAddress,
+ nsVrOspfHostTOS
+ TOSType,
+ nsVrOspfHostMetric
+ Metric,
+ nsVrOspfHostStatus
+ RowStatus,
+ nsVrOspfHostAreaID
+ AreaID,
+ nsVrOspfHostVRID
+ INTEGER
+ }
+
+ nsVrOspfHostIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of the Host."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+
+ ters"
+ ::= { nsVrOspfHostEntry 1 }
+
+ nsVrOspfHostTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Type of Service of the route being config-
+ ured."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+ ters"
+ ::= { nsVrOspfHostEntry 2 }
+
+ nsVrOspfHostMetric OBJECT-TYPE
+ SYNTAX Metric
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The Metric to be advertised."
+ REFERENCE
+ "OSPF Version 2, Appendix C.6 Host route parame-
+ ters"
+ ::= { nsVrOspfHostEntry 3 }
+
+ nsVrOspfHostStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfHostEntry 4 }
+
+ nsVrOspfHostAreaID OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Area the Host Entry is to be found within.
+ By default, the area that a subsuming OSPF in-
+ terface is in, or 0.0.0.0"
+
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfHostEntry 5 }
+
+ nsVrOspfHostVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfHostEntry 6 }
+
+-- OSPF Interface Table
+
+-- The OSPF Interface Table augments the ipAddrTable
+-- with OSPF specific information.
+
+ nsVrOspfIfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The OSPF Interface Table describes the inter-
+ faces from the viewpoint of OSPF."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ ::= { nsVrOspf 7 }
+
+ nsVrOspfIfEntry OBJECT-TYPE
+ SYNTAX NsVrOspfIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The OSPF Interface Entry describes one inter-
+ face from the viewpoint of OSPF."
+ INDEX { nsVrOspfIfVRID, nsVrOspfIfIpAddress, nsVrOspfAddressLessIf }
+ ::= { nsVrOspfIfTable 1 }
+
+ NsVrOspfIfEntry ::=
+ SEQUENCE {
+ nsVrOspfIfIpAddress
+ IpAddress,
+ nsVrOspfAddressLessIf
+ Integer32,
+ nsVrOspfIfAreaId
+ AreaID,
+ nsVrOspfIfType
+ INTEGER,
+ nsVrOspfIfAdminStat
+ Status,
+ nsVrOspfIfRtrPriority
+ DesignatedRouterPriority,
+ nsVrOspfIfTransitDelay
+
+ UpToMaxAge,
+ nsVrOspfIfRetransInterval
+ UpToMaxAge,
+ nsVrOspfIfHelloInterval
+ HelloRange,
+ nsVrOspfIfRtrDeadInterval
+ PositiveInteger,
+ nsVrOspfIfPollInterval
+ PositiveInteger,
+ nsVrOspfIfState
+ INTEGER,
+ nsVrOspfIfDesignatedRouter
+ IpAddress,
+ nsVrOspfIfBackupDesignatedRouter
+ IpAddress,
+ nsVrOspfIfEvents
+ Counter32,
+ nsVrOspfIfAuthType
+ INTEGER,
+ nsVrOspfIfAuthKey
+ OCTET STRING,
+ nsVrOspfIfStatus
+ RowStatus,
+ nsVrOspfIfMulticastForwarding
+ INTEGER,
+ nsVrOspfIfDemand
+ TruthValue,
+ nsVrOspfIfVRID
+ INTEGER
+ }
+
+ nsVrOspfIfIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of this OSPF interface."
+ ::= { nsVrOspfIfEntry 1 }
+
+ nsVrOspfAddressLessIf OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "For the purpose of easing the instancing of
+ addressed and addressless interfaces; This
+ variable takes the value 0 on interfaces with
+ IP Addresses, and the corresponding value of
+ ifIndex for interfaces having no IP Address."
+ ::= { nsVrOspfIfEntry 2 }
+
+ nsVrOspfIfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the area
+ to which the interface connects. Area ID
+ 0.0.0.0 is used for the OSPF backbone."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsVrOspfIfEntry 3 }
+
+ nsVrOspfIfType OBJECT-TYPE
+ SYNTAX INTEGER {
+ broadcast (1),
+ nbma (2),
+ pointToPoint (3),
+ pointToMultipoint (5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The OSPF interface type.
+
+ By way of a default, this field may be intuited
+ from the corresponding value of ifType. Broad-
+ cast LANs, such as Ethernet and IEEE 802.5,
+ take the value 'broadcast', X.25 and similar
+ technologies take the value 'nbma', and links
+ that are definitively point to point take the
+ value 'pointToPoint'."
+ ::= { nsVrOspfIfEntry 4 }
+
+ nsVrOspfIfAdminStat OBJECT-TYPE
+ SYNTAX Status
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The OSPF interface's administrative status.
+ The value formed on the interface, and the in-
+ terface will be advertised as an internal route
+ to some area. The value 'disabled' denotes
+ that the interface is external to OSPF."
+ DEFVAL { enabled }
+ ::= { nsVrOspfIfEntry 5 }
+
+ nsVrOspfIfRtrPriority OBJECT-TYPE
+ SYNTAX DesignatedRouterPriority
+
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The priority of this interface. Used in
+ multi-access networks, this field is used in
+ the designated router election algorithm. The
+ value 0 signifies that the router is not eligi-
+ ble to become the designated router on this
+ particular network. In the event of a tie in
+ this value, routers will use their Router ID as
+ a tie breaker."
+ DEFVAL { 1 }
+ ::= { nsVrOspfIfEntry 6 }
+
+ nsVrOspfIfTransitDelay OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The estimated number of seconds it takes to
+ transmit a link state update packet over this
+ interface."
+ DEFVAL { 1 }
+ ::= { nsVrOspfIfEntry 7 }
+
+ nsVrOspfIfRetransInterval OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The number of seconds between link-state ad-
+ vertisement retransmissions, for adjacencies
+ belonging to this interface. This value is
+ also used when retransmitting database descrip-
+ tion and link-state request packets."
+ DEFVAL { 5 }
+ ::= { nsVrOspfIfEntry 8 }
+
+ nsVrOspfIfHelloInterval OBJECT-TYPE
+ SYNTAX HelloRange
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The length of time, in seconds, between the
+ Hello packets that the router sends on the in-
+
+ terface. This value must be the same for all
+ routers attached to a common network."
+ DEFVAL { 10 }
+ ::= { nsVrOspfIfEntry 9 }
+
+ nsVrOspfIfRtrDeadInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The number of seconds that a router's Hello
+ packets have not been seen before it's neigh-
+ bors declare the router down. This should be
+ some multiple of the Hello interval. This
+ value must be the same for all routers attached
+ to a common network."
+ DEFVAL { 40 }
+ ::= { nsVrOspfIfEntry 10 }
+
+ nsVrOspfIfPollInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The larger time interval, in seconds, between
+ the Hello packets sent to an inactive non-
+ broadcast multi- access neighbor."
+ DEFVAL { 120 }
+ ::= { nsVrOspfIfEntry 11 }
+
+ nsVrOspfIfState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ loopback (2),
+ waiting (3),
+ pointToPoint (4),
+ designatedRouter (5),
+ backupDesignatedRouter (6),
+ otherDesignatedRouter (7)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The OSPF Interface State."
+ DEFVAL { down }
+
+ ::= { nsVrOspfIfEntry 12 }
+
+ nsVrOspfIfDesignatedRouter OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of the Designated Router."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsVrOspfIfEntry 13 }
+
+ nsVrOspfIfBackupDesignatedRouter OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of the Backup Designated
+ Router."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsVrOspfIfEntry 14 }
+
+ nsVrOspfIfEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of times this OSPF interface has
+ changed its state, or an error has occurred."
+ ::= { nsVrOspfIfEntry 15 }
+
+ nsVrOspfIfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..256))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The Authentication Key. If the Area's Author-
+ ization Type is simplePassword, and the key
+ length is shorter than 8 octets, the agent will
+ left adjust and zero fill to 8 octets.
+
+ Note that unauthenticated interfaces need no
+ authentication key, and simple password authen-
+ tication cannot use a key of more than 8 oc-
+ tets. Larger keys are useful only with authen-
+ tication mechanisms not specified in this docu-
+
+ ment.
+
+ When read, nsVrOspfIfAuthKey always returns an Oc-
+ tet String of length zero."
+ REFERENCE
+ "OSPF Version 2, Section 9 The Interface Data
+ Structure"
+ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0
+ ::= { nsVrOspfIfEntry 16 }
+
+ nsVrOspfIfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfIfEntry 17 }
+
+ nsVrOspfIfMulticastForwarding OBJECT-TYPE
+ SYNTAX INTEGER {
+ blocked (1), -- no multicast forwarding
+ multicast (2), -- using multicast address
+ unicast (3) -- to each OSPF neighbor
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The way multicasts should forwarded on this
+ interface; not forwarded, forwarded as data
+ link multicasts, or forwarded as data link uni-
+ casts. Data link multicasting is not meaning-
+ ful on point to point and NBMA interfaces, and
+ setting nsVrOspfMulticastForwarding to 0 effective-
+ ly disables all multicast forwarding."
+ DEFVAL { blocked }
+ ::= { nsVrOspfIfEntry 18 }
+
+ nsVrOspfIfDemand OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Indicates whether Demand OSPF procedures (hel-
+
+ lo supression to FULL neighbors and setting the
+ DoNotAge flag on proogated LSAs) should be per-
+ formed on this interface."
+ DEFVAL { false }
+ ::= { nsVrOspfIfEntry 19 }
+
+ nsVrOspfIfAuthType OBJECT-TYPE
+ SYNTAX INTEGER (0..255)
+ -- none (0),
+ -- simplePassword (1)
+ -- md5 (2)
+ -- reserved for specification by IANA (> 2)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The authentication type specified for an in-
+ terface. Additional authentication types may
+ be assigned locally."
+ REFERENCE
+ "OSPF Version 2, Appendix E Authentication"
+ DEFVAL { 0 } -- no authentication, by default
+ ::= { nsVrOspfIfEntry 20 }
+
+ nsVrOspfIfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfIfEntry 21 }
+
+-- OSPF Interface Metric Table
+
+-- The Metric Table describes the metrics to be advertised
+-- for a specified interface at the various types of service.
+-- As such, this table is an adjunct of the OSPF Interface
+-- Table.
+
+-- Types of service, as defined by RFC 791, have the ability
+-- to request low delay, high bandwidth, or reliable linkage.
+
+-- For the purposes of this specification, the measure of
+-- bandwidth
+
+-- Metric = 10^8 / ifSpeed
+
+-- is the default value. For multiple link interfaces, note
+-- that ifSpeed is the sum of the individual link speeds.
+-- This yields a number having the following typical values:
+
+-- Network Type/bit rate Metric
+
+-- >= 100 MBPS 1
+-- Ethernet/802.3 10
+
+-- E1 48
+-- T1 (ESF) 65
+-- 64 KBPS 1562
+-- 56 KBPS 1785
+-- 19.2 KBPS 5208
+-- 9.6 KBPS 10416
+
+-- Routes that are not specified use the default (TOS 0) metric
+
+ nsVrOspfIfMetricTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfIfMetricEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The TOS metrics for a non-virtual interface
+ identified by the interface index."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ ::= { nsVrOspf 8 }
+
+ nsVrOspfIfMetricEntry OBJECT-TYPE
+ SYNTAX NsVrOspfIfMetricEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A particular TOS metric for a non-virtual in-
+ terface identified by the interface index."
+ REFERENCE
+ "OSPF Version 2, Appendix C.3 Router interface
+ parameters"
+ INDEX { nsVrOspfIfMetricVRID,
+ nsVrOspfIfMetricIpAddress,
+ nsVrOspfIfMetricAddressLessIf,
+ nsVrOspfIfMetricTOS,
+ nsVrOspfIfMetricVRID }
+ ::= { nsVrOspfIfMetricTable 1 }
+
+ NsVrOspfIfMetricEntry ::=
+ SEQUENCE {
+ nsVrOspfIfMetricIpAddress
+ IpAddress,
+ nsVrOspfIfMetricAddressLessIf
+ Integer32,
+ nsVrOspfIfMetricTOS
+ TOSType,
+ nsVrOspfIfMetricValue
+ Metric,
+ nsVrOspfIfMetricStatus
+ RowStatus,
+ nsVrOspfIfMetricVRID
+ INTEGER
+
+ }
+
+ nsVrOspfIfMetricIpAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address of this OSPF interface. On row
+ creation, this can be derived from the in-
+ stance."
+ ::= { nsVrOspfIfMetricEntry 1 }
+
+ nsVrOspfIfMetricAddressLessIf OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "For the purpose of easing the instancing of
+ addressed and addressless interfaces; This
+ variable takes the value 0 on interfaces with
+ IP Addresses, and the value of ifIndex for in-
+ terfaces having no IP Address. On row crea-
+ tion, this can be derived from the instance."
+ ::= { nsVrOspfIfMetricEntry 2 }
+
+ nsVrOspfIfMetricTOS OBJECT-TYPE
+ SYNTAX TOSType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of service metric being referenced.
+ On row creation, this can be derived from the
+ instance."
+ ::= { nsVrOspfIfMetricEntry 3 }
+
+ nsVrOspfIfMetricValue OBJECT-TYPE
+ SYNTAX Metric
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The metric of using this type of service on
+ this interface. The default value of the TOS 0
+ Metric is 10^8 / ifSpeed."
+ ::= { nsVrOspfIfMetricEntry 4 }
+
+ nsVrOspfIfMetricStatus OBJECT-TYPE
+
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfIfMetricEntry 5 }
+
+ nsVrOspfIfMetricVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfIfMetricEntry 6 }
+
+-- OSPF Virtual Interface Table
+
+-- The Virtual Interface Table describes the virtual
+-- links that the OSPF Process is configured to
+-- carry on.
+
+ nsVrOspfVirtIfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfVirtIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information about this router's virtual inter-
+ faces."
+ REFERENCE
+ "OSPF Version 2, Appendix C.4 Virtual link
+ parameters"
+ ::= { nsVrOspf 9 }
+
+ nsVrOspfVirtIfEntry OBJECT-TYPE
+ SYNTAX NsVrOspfVirtIfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information about a single Virtual Interface."
+ INDEX { nsVrOspfVirtIfVRID, nsVrOspfVirtIfAreaId, nsVrOspfVirtIfNeighbor }
+ ::= { nsVrOspfVirtIfTable 1 }
+
+ NsVrOspfVirtIfEntry ::=
+ SEQUENCE {
+ nsVrOspfVirtIfAreaId
+ AreaID,
+ nsVrOspfVirtIfNeighbor
+ RouterID,
+ nsVrOspfVirtIfTransitDelay
+ UpToMaxAge,
+ nsVrOspfVirtIfRetransInterval
+
+ UpToMaxAge,
+ nsVrOspfVirtIfHelloInterval
+ HelloRange,
+ nsVrOspfVirtIfRtrDeadInterval
+ PositiveInteger,
+ nsVrOspfVirtIfState
+ INTEGER,
+ nsVrOspfVirtIfEvents
+ Counter32,
+ nsVrOspfVirtIfAuthType
+ INTEGER,
+ nsVrOspfVirtIfAuthKey
+ OCTET STRING,
+ nsVrOspfVirtIfStatus
+ RowStatus,
+ nsVrOspfVirtIfVRID
+ INTEGER
+ }
+
+ nsVrOspfVirtIfAreaId OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Transit Area that the Virtual Link
+ traverses. By definition, this is not 0.0.0.0"
+ ::= { nsVrOspfVirtIfEntry 1 }
+
+ nsVrOspfVirtIfNeighbor OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Router ID of the Virtual Neighbor."
+ ::= { nsVrOspfVirtIfEntry 2 }
+
+ nsVrOspfVirtIfTransitDelay OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The estimated number of seconds it takes to
+ transmit a link- state update packet over this
+ interface."
+ DEFVAL { 1 }
+ ::= { nsVrOspfVirtIfEntry 3 }
+
+ nsVrOspfVirtIfRetransInterval OBJECT-TYPE
+ SYNTAX UpToMaxAge
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The number of seconds between link-state ad-
+ vertisement retransmissions, for adjacencies
+ belonging to this interface. This value is
+ also used when retransmitting database descrip-
+ tion and link-state request packets. This
+ value should be well over the expected round-
+ trip time."
+ DEFVAL { 5 }
+ ::= { nsVrOspfVirtIfEntry 4 }
+
+ nsVrOspfVirtIfHelloInterval OBJECT-TYPE
+ SYNTAX HelloRange
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The length of time, in seconds, between the
+ Hello packets that the router sends on the in-
+ terface. This value must be the same for the
+ virtual neighbor."
+ DEFVAL { 10 }
+ ::= { nsVrOspfVirtIfEntry 5 }
+
+ nsVrOspfVirtIfRtrDeadInterval OBJECT-TYPE
+ SYNTAX PositiveInteger
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The number of seconds that a router's Hello
+ packets have not been seen before it's neigh-
+ bors declare the router down. This should be
+ some multiple of the Hello interval. This
+ value must be the same for the virtual neigh-
+ bor."
+ DEFVAL { 60 }
+ ::= { nsVrOspfVirtIfEntry 6 }
+
+ nsVrOspfVirtIfState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1), -- these use the same encoding
+ pointToPoint (4) -- as the nsVrOspfIfTable
+
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "OSPF virtual interface states."
+ DEFVAL { down }
+ ::= { nsVrOspfVirtIfEntry 7 }
+
+ nsVrOspfVirtIfEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of state changes or error events on
+ this Virtual Link"
+ ::= { nsVrOspfVirtIfEntry 8 }
+
+ nsVrOspfVirtIfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..256))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "If Authentication Type is simplePassword, the
+ device will left adjust and zero fill to 8 oc-
+ tets.
+
+ Note that unauthenticated interfaces need no
+ authentication key, and simple password authen-
+ tication cannot use a key of more than 8 oc-
+ tets. Larger keys are useful only with authen-
+ tication mechanisms not specified in this docu-
+ ment.
+
+ When read, nsVrOspfVifAuthKey always returns a
+ string of length zero."
+ REFERENCE
+ "OSPF Version 2, Section 9 The Interface Data
+ Structure"
+ DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0
+ ::= { nsVrOspfVirtIfEntry 9 }
+
+ nsVrOspfVirtIfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfVirtIfEntry 10 }
+
+ nsVrOspfVirtIfAuthType OBJECT-TYPE
+ SYNTAX INTEGER (0..255)
+ -- none (0),
+ -- simplePassword (1)
+ -- md5 (2)
+ -- reserved for specification by IANA (> 2)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The authentication type specified for a virtu-
+ al interface. Additional authentication types
+ may be assigned locally."
+ REFERENCE
+ "OSPF Version 2, Appendix E Authentication"
+ DEFVAL { 0 } -- no authentication, by default
+ ::= { nsVrOspfVirtIfEntry 11 }
+
+ nsVrOspfVirtIfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfVirtIfEntry 12 }
+
+-- OSPF Neighbor Table
+
+-- The OSPF Neighbor Table describes all neighbors in
+-- the locality of the subject router.
+
+ nsVrOspfNbrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of non-virtual neighbor information."
+ REFERENCE
+ "OSPF Version 2, Section 10 The Neighbor Data
+ Structure"
+ ::= { nsVrOspf 10 }
+
+ nsVrOspfNbrEntry OBJECT-TYPE
+ SYNTAX NsVrOspfNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+
+ "The information regarding a single neighbor."
+ REFERENCE
+ "OSPF Version 2, Section 10 The Neighbor Data
+ Structure"
+ INDEX { nsVrOspfNbrVRID, nsVrOspfNbrIpAddr, nsVrOspfNbrAddressLessIndex }
+ ::= { nsVrOspfNbrTable 1 }
+
+ NsVrOspfNbrEntry ::=
+ SEQUENCE {
+ nsVrOspfNbrIpAddr
+ IpAddress,
+ nsVrOspfNbrAddressLessIndex
+ InterfaceIndex,
+ nsVrOspfNbrRtrId
+ RouterID,
+ nsVrOspfNbrOptions
+ Integer32,
+ nsVrOspfNbrPriority
+ DesignatedRouterPriority,
+ nsVrOspfNbrState
+ INTEGER,
+ nsVrOspfNbrEvents
+ Counter32,
+ nsVrOspfNbrLsRetransQLen
+ Gauge32,
+ nsVrOspfNbmaNbrStatus
+ RowStatus,
+ nsVrOspfNbmaNbrPermanence
+ INTEGER,
+ nsVrOspfNbrHelloSuppressed
+ TruthValue,
+ nsVrOspfNbrVRID
+ INTEGER
+ }
+
+ nsVrOspfNbrIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address this neighbor is using in its
+ IP Source Address. Note that, on addressless
+ links, this will not be 0.0.0.0, but the ad-
+ dress of another of the neighbor's interfaces."
+ ::= { nsVrOspfNbrEntry 1 }
+
+ nsVrOspfNbrAddressLessIndex OBJECT-TYPE
+ SYNTAX InterfaceIndex
+ MAX-ACCESS read-only
+
+ STATUS current
+ DESCRIPTION
+ "On an interface having an IP Address, zero.
+ On addressless interfaces, the corresponding
+ value of ifIndex in the Internet Standard MIB.
+ On row creation, this can be derived from the
+ instance."
+ ::= { nsVrOspfNbrEntry 2 }
+
+ nsVrOspfNbrRtrId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer (represented as a type IpAd-
+ dress) uniquely identifying the neighboring
+ router in the Autonomous System."
+ DEFVAL { '00000000'H } -- 0.0.0.0
+ ::= { nsVrOspfNbrEntry 3 }
+
+ nsVrOspfNbrOptions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A Bit Mask corresponding to the neighbor's op-
+ tions field.
+
+ Bit 0, if set, indicates that the system will
+ operate on Type of Service metrics other than
+ TOS 0. If zero, the neighbor will ignore all
+ metrics except the TOS 0 metric.
+
+ Bit 1, if set, indicates that the associated
+ area accepts and operates on external informa-
+ tion; if zero, it is a stub area.
+
+ Bit 2, if set, indicates that the system is ca-
+ pable of routing IP Multicast datagrams; i.e.,
+ that it implements the Multicast Extensions to
+ OSPF.
+
+ Bit 3, if set, indicates that the associated
+ area is an NSSA. These areas are capable of
+ carrying type 7 external advertisements, which
+ are translated into type 5 external advertise-
+
+ ments at NSSA borders."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.2 Options"
+ DEFVAL { 0 }
+ ::= { nsVrOspfNbrEntry 4 }
+
+ nsVrOspfNbrPriority OBJECT-TYPE
+ SYNTAX DesignatedRouterPriority
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The priority of this neighbor in the designat-
+ ed router election algorithm. The value 0 sig-
+ nifies that the neighbor is not eligible to be-
+ come the designated router on this particular
+ network."
+ DEFVAL { 1 }
+ ::= { nsVrOspfNbrEntry 5 }
+
+ nsVrOspfNbrState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ attempt (2),
+ init (3),
+ twoWay (4),
+ exchangeStart (5),
+ exchange (6),
+ loading (7),
+ full (8)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The State of the relationship with this Neigh-
+ bor."
+ REFERENCE
+ "OSPF Version 2, Section 10.1 Neighbor States"
+ DEFVAL { down }
+ ::= { nsVrOspfNbrEntry 6 }
+
+ nsVrOspfNbrEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+
+ "The number of times this neighbor relationship
+ has changed state, or an error has occurred."
+ ::= { nsVrOspfNbrEntry 7 }
+
+ nsVrOspfNbrLsRetransQLen OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The current length of the retransmission
+ queue."
+ ::= { nsVrOspfNbrEntry 8 }
+
+ nsVrOspfNbmaNbrStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfNbrEntry 9 }
+
+ nsVrOspfNbmaNbrPermanence OBJECT-TYPE
+ SYNTAX INTEGER {
+ dynamic (1), -- learned through protocol
+ permanent (2) -- configured address
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. 'dynamic' and 'permanent' refer to how
+ the neighbor became known."
+ DEFVAL { permanent }
+ ::= { nsVrOspfNbrEntry 10 }
+
+ nsVrOspfNbrHelloSuppressed OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates whether Hellos are being suppressed
+
+ to the neighbor"
+ ::= { nsVrOspfNbrEntry 11 }
+
+ nsVrOspfNbrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfNbrEntry 12 }
+
+-- OSPF Virtual Neighbor Table
+
+-- This table describes all virtual neighbors.
+-- Since Virtual Links are configured in the
+-- virtual interface table, this table is read-only.
+
+ nsVrOspfVirtNbrTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfVirtNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of virtual neighbor information."
+ REFERENCE
+ "OSPF Version 2, Section 15 Virtual Links"
+ ::= { nsVrOspf 11 }
+
+ nsVrOspfVirtNbrEntry OBJECT-TYPE
+ SYNTAX NsVrOspfVirtNbrEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Virtual neighbor information."
+ INDEX { nsVrOspfVirtNbrVRID, nsVrOspfVirtNbrArea, nsVrOspfVirtNbrRtrId }
+ ::= { nsVrOspfVirtNbrTable 1 }
+
+ NsVrOspfVirtNbrEntry ::=
+ SEQUENCE {
+ nsVrOspfVirtNbrArea
+ AreaID,
+ nsVrOspfVirtNbrRtrId
+ RouterID,
+ nsVrOspfVirtNbrIpAddr
+ IpAddress,
+ nsVrOspfVirtNbrOptions
+ Integer32,
+ nsVrOspfVirtNbrState
+ INTEGER,
+ nsVrOspfVirtNbrEvents
+ Counter32,
+ nsVrOspfVirtNbrLsRetransQLen
+ Gauge32,
+ nsVrOspfVirtNbrHelloSuppressed
+ TruthValue,
+ nsVrOspfVirtNbrVRID
+ INTEGER
+
+ }
+
+ nsVrOspfVirtNbrArea OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Transit Area Identifier."
+ ::= { nsVrOspfVirtNbrEntry 1 }
+
+ nsVrOspfVirtNbrRtrId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A 32-bit integer uniquely identifying the
+ neighboring router in the Autonomous System."
+ ::= { nsVrOspfVirtNbrEntry 2 }
+
+ nsVrOspfVirtNbrIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP address this Virtual Neighbor is us-
+ ing."
+ ::= { nsVrOspfVirtNbrEntry 3 }
+
+ nsVrOspfVirtNbrOptions OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A Bit Mask corresponding to the neighbor's op-
+ tions field.
+
+ Bit 1, if set, indicates that the system will
+ operate on Type of Service metrics other than
+ TOS 0. If zero, the neighbor will ignore all
+ metrics except the TOS 0 metric.
+
+ Bit 2, if set, indicates that the system is
+ Network Multicast capable; ie, that it imple-
+ ments OSPF Multicast Routing."
+ ::= { nsVrOspfVirtNbrEntry 4 }
+
+ nsVrOspfVirtNbrState OBJECT-TYPE
+ SYNTAX INTEGER {
+ down (1),
+ attempt (2),
+ init (3),
+ twoWay (4),
+ exchangeStart (5),
+ exchange (6),
+ loading (7),
+ full (8)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The state of the Virtual Neighbor Relation-
+ ship."
+ ::= { nsVrOspfVirtNbrEntry 5 }
+
+ nsVrOspfVirtNbrEvents OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of times this virtual link has
+ changed its state, or an error has occurred."
+ ::= { nsVrOspfVirtNbrEntry 6 }
+
+ nsVrOspfVirtNbrLsRetransQLen OBJECT-TYPE
+ SYNTAX Gauge32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The current length of the retransmission
+ queue."
+ ::= { nsVrOspfVirtNbrEntry 7 }
+
+ nsVrOspfVirtNbrHelloSuppressed OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates whether Hellos are being suppressed
+ to the neighbor"
+ ::= { nsVrOspfVirtNbrEntry 8 }
+
+ nsVrOspfVirtNbrVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfVirtNbrEntry 9 }
+
+-- OSPF Link State Database, External
+
+-- The Link State Database contains the Link State
+-- Advertisements from throughout the areas that the
+-- device is attached to.
+
+-- This table is identical to the OSPF LSDB Table in
+-- format, but contains only External Link State
+-- Advertisements. The purpose is to allow external
+-- LSAs to be displayed once for the router rather
+-- than once in each non-stub area.
+
+ nsVrOspfExtLsdbTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfExtLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The OSPF Process's Links State Database."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsVrOspf 12 }
+
+ nsVrOspfExtLsdbEntry OBJECT-TYPE
+ SYNTAX NsVrOspfExtLsdbEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A single Link State Advertisement."
+ INDEX { nsVrOspfExtLsdbVRID, nsVrOspfExtLsdbType, nsVrOspfExtLsdbLsid, nsVrOspfExtLsdbRouterId }
+ ::= { nsVrOspfExtLsdbTable 1 }
+
+ NsVrOspfExtLsdbEntry ::=
+ SEQUENCE {
+ nsVrOspfExtLsdbType
+ INTEGER,
+ nsVrOspfExtLsdbLsid
+ IpAddress,
+ nsVrOspfExtLsdbRouterId
+ RouterID,
+ nsVrOspfExtLsdbSequence
+ Integer32,
+ nsVrOspfExtLsdbAge
+ Integer32,
+ nsVrOspfExtLsdbChecksum
+ Integer32,
+ nsVrOspfExtLsdbAdvertisement
+ OCTET STRING,
+ nsVrOspfExtLsdbVRID
+ INTEGER
+ }
+
+ nsVrOspfExtLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ asExternalLink (5)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of the link state advertisement.
+ Each link state type has a separate advertise-
+ ment format."
+ REFERENCE
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsVrOspfExtLsdbEntry 1 }
+
+ nsVrOspfExtLsdbLsid OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Link State ID is an LS Type Specific field
+ containing either a Router ID or an IP Address;
+ it identifies the piece of the routing domain
+ that is being described by the advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.4 Link State ID"
+ ::= { nsVrOspfExtLsdbEntry 2 }
+
+ nsVrOspfExtLsdbRouterId OBJECT-TYPE
+ SYNTAX RouterID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The 32 bit number that uniquely identifies the
+ originating router in the Autonomous System."
+ REFERENCE
+ "OSPF Version 2, Appendix C.1 Global parameters"
+ ::= { nsVrOspfExtLsdbEntry 3 }
+
+-- Note that the OSPF Sequence Number is a 32 bit signed
+-- integer. It starts with the value '80000001'h,
+-- or -'7FFFFFFF'h, and increments until '7FFFFFFF'h
+-- Thus, a typical sequence number will be very negative.
+
+ nsVrOspfExtLsdbSequence OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The sequence number field is a signed 32-bit
+ integer. It is used to detect old and dupli-
+ cate link state advertisements. The space of
+ sequence numbers is linearly ordered. The
+ larger the sequence number the more recent the
+ advertisement."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.6 LS sequence
+ number"
+ ::= { nsVrOspfExtLsdbEntry 4 }
+
+ nsVrOspfExtLsdbAge OBJECT-TYPE
+ SYNTAX Integer32 -- Should be 0..MaxAge
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This field is the age of the link state adver-
+ tisement in seconds."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.1 LS age"
+ ::= { nsVrOspfExtLsdbEntry 5 }
+
+ nsVrOspfExtLsdbChecksum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This field is the checksum of the complete
+ contents of the advertisement, excepting the
+ age field. The age field is excepted so that
+ an advertisement's age can be incremented
+ without updating the checksum. The checksum
+ used is the same that is used for ISO connec-
+ tionless datagrams; it is commonly referred to
+ as the Fletcher checksum."
+ REFERENCE
+ "OSPF Version 2, Section 12.1.7 LS checksum"
+ ::= { nsVrOspfExtLsdbEntry 6 }
+
+ nsVrOspfExtLsdbAdvertisement OBJECT-TYPE
+
+ SYNTAX OCTET STRING (SIZE(36))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The entire Link State Advertisement, including
+ its header."
+ REFERENCE
+ "OSPF Version 2, Section 12 Link State Adver-
+ tisements"
+ ::= { nsVrOspfExtLsdbEntry 7 }
+
+ nsVrOspfExtLsdbVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfExtLsdbEntry 8 }
+
+
+--
+-- The OSPF Area Aggregate Table
+--
+-- This table replaces the OSPF Area Summary Table, being an
+-- extension of that for CIDR routers.
+
+ nsVrOspfAreaAggregateTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrOspfAreaAggregateEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A range of IP addresses specified by an IP
+ address/IP network mask pair. For example,
+ class B address range of X.X.X.X with a network
+ mask of 255.255.0.0 includes all IP addresses
+ from X.X.0.0 to X.X.255.255. Note that if
+ ranges are configured such that one range sub-
+ sumes another range (e.g., 10.0.0.0 mask
+ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the
+ most specific match is the preferred one."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspf 14 }
+
+ nsVrOspfAreaAggregateEntry OBJECT-TYPE
+ SYNTAX NsVrOspfAreaAggregateEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A range of IP addresses specified by an IP
+ address/IP network mask pair. For example,
+ class B address range of X.X.X.X with a network
+ mask of 255.255.0.0 includes all IP addresses
+ from X.X.0.0 to X.X.255.255. Note that if
+ ranges are range configured such that one range
+ subsumes another range (e.g., 10.0.0.0 mask
+ 255.0.0.0 and 10.1.0.0 mask 255.255.0.0), the
+
+ most specific match is the preferred one."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ INDEX { nsVrOspfAreaAggregateVRID, nsVrOspfAreaAggregateAreaID, nsVrOspfAreaAggregateLsdbType,
+ nsVrOspfAreaAggregateNet, nsVrOspfAreaAggregateMask }
+ ::= { nsVrOspfAreaAggregateTable 1 }
+
+ NsVrOspfAreaAggregateEntry ::=
+ SEQUENCE {
+ nsVrOspfAreaAggregateAreaID
+ AreaID,
+ nsVrOspfAreaAggregateLsdbType
+ INTEGER,
+ nsVrOspfAreaAggregateNet
+ IpAddress,
+ nsVrOspfAreaAggregateMask
+ IpAddress,
+ nsVrOspfAreaAggregateStatus
+ RowStatus,
+ nsVrOspfAreaAggregateEffect
+ INTEGER,
+ nsVrOspfAreaAggregateVRID
+ INTEGER
+ }
+
+ nsVrOspfAreaAggregateAreaID OBJECT-TYPE
+ SYNTAX AreaID
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Area the Address Aggregate is to be found
+ within."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfAreaAggregateEntry 1 }
+
+ nsVrOspfAreaAggregateLsdbType OBJECT-TYPE
+ SYNTAX INTEGER {
+ summaryLink (3),
+ nssaExternalLink (7)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of the Address Aggregate. This field
+ specifies the Lsdb type that this Address Ag-
+ gregate applies to."
+ REFERENCE
+
+ "OSPF Version 2, Appendix A.4.1 The Link State
+ Advertisement header"
+ ::= { nsVrOspfAreaAggregateEntry 2 }
+
+ nsVrOspfAreaAggregateNet OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of the Net or Subnet indicated
+ by the range."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfAreaAggregateEntry 3 }
+
+ nsVrOspfAreaAggregateMask OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Subnet Mask that pertains to the Net or
+ Subnet."
+ REFERENCE
+ "OSPF Version 2, Appendix C.2 Area parameters"
+ ::= { nsVrOspfAreaAggregateEntry 4 }
+
+ nsVrOspfAreaAggregateStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable displays the status of the en-
+ try. Setting it to 'invalid' has the effect of
+ rendering it inoperative. The internal effect
+ (row removal) is implementation dependent."
+ ::= { nsVrOspfAreaAggregateEntry 5 }
+
+ nsVrOspfAreaAggregateEffect OBJECT-TYPE
+ SYNTAX INTEGER {
+ advertiseMatching (1),
+ doNotAdvertiseMatching (2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+
+ DESCRIPTION
+ "Subnets subsumed by ranges either trigger the
+ advertisement of the indicated aggregate (ad-
+ vertiseMatching), or result in the subnet's not
+ being advertised at all outside the area."
+ DEFVAL { advertiseMatching }
+ ::= { nsVrOspfAreaAggregateEntry 6 }
+
+ nsVrOspfAreaAggregateVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrOspfAreaAggregateEntry 7 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB b/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB
new file mode 100644
index 0000000..2e1806f
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VR-RIPv2-MIB
@@ -0,0 +1,567 @@
+-- These MIBs were created on 1/2/2003
+-- This module defines enterprise MIBs for NS RIP
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+--
+-- MODULE-IDENTITY
+-- OrgName
+-- Juniper Networks, Inc.
+-- ContactInfo
+-- Customer Support
+--
+-- 1194 North Mathilda Avenue
+-- Sunnyvale, California 94089-1206
+-- USA
+--
+-- Tel: 1-800-638-8296
+-- E-mail: customerservice@juniper.net
+-- HTTP://www.juniper.net"
+--
+-- Descr
+-- This module defines the object that are used to monitor
+-- NS's RIP configuration
+--
+-- Last modified date: 06/20/2005
+-- Created from NS-RIP.MIB with modified VR table index
+--
+
+NETSCREEN-VR-RIPv2-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ MODULE-IDENTITY, OBJECT-TYPE, Counter32,
+ TimeTicks, IpAddress FROM SNMPv2-SMI
+ TEXTUAL-CONVENTION, RowStatus FROM SNMPv2-TC
+ MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
+ netscreenVR FROM NETSCREEN-SMI;
+
+ -- This MIB module uses the extended OBJECT-TYPE macro as
+ -- defined in [9].
+
+ nsVrRip2 MODULE-IDENTITY
+ LAST-UPDATED "200506202022Z" -- June 20, 2005
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "The MIB module to describe the RIP2 Version 2 Protocol"
+ ::= { netscreenVR 7 }
+
+ -- RIP-2 Management Information Base
+
+ -- the RouteTag type represents the contents of the
+ -- Route Domain field in the packet header or route entry.
+ -- The use of the Route Domain is deprecated.
+
+ RouteTag ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION
+ "the RouteTag type represents the contents of the Route Domain
+ field in the packet header or route entry"
+ SYNTAX OCTET STRING (SIZE (2))
+
+--4.1 Global Counters
+
+-- The RIP-2 Globals Group.
+-- Implementation of this group is mandatory for systems
+-- which implement RIP-2.
+
+-- These counters are intended to facilitate debugging quickly
+-- changing routes or failing neighbors
+
+-- nsVrRip2Globals OBJECT IDENTIFIER ::= { nsVrRip2 1 }
+
+-- nsVrRip2GlobalRouteChanges OBJECT-TYPE
+-- SYNTAX Counter32
+-- MAX-ACCESS read-only
+-- STATUS current
+-- DESCRIPTION
+-- "The number of route changes made to the IP Route
+-- Database by RIP. This does not include the refresh
+-- of a route's age."
+-- ::= { nsVrRip2Globals 1 }
+
+-- nsVrRip2GlobalQueries OBJECT-TYPE
+-- SYNTAX Counter32
+-- MAX-ACCESS read-only
+-- STATUS current
+-- DESCRIPTION
+-- "The number of responses sent to RIP queries
+-- from other systems."
+-- ::= { nsVrRip2Globals 2 }
+
+ nsVrRip2GlobalsTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrRip2GlobalsEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of RIP2 Globals per VR."
+ ::= { nsVrRip2 1 }
+
+ nsVrRip2GlobalsEntry OBJECT-TYPE
+
+ SYNTAX NsVrRip2GlobalsEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "One VR's Globals."
+ INDEX { nsVrRip2GlobalVRID }
+ ::= { nsVrRip2GlobalsTable 1 }
+
+ NsVrRip2GlobalsEntry ::=
+ SEQUENCE {
+ nsVrRip2GlobalRouteChanges
+ Counter32,
+ nsVrRip2GlobalQueries
+ Counter32,
+ nsVrRip2GlobalVRID
+ INTEGER
+ }
+
+ nsVrRip2GlobalRouteChanges OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of route changes made to the IP Route
+ Database by RIP. This does not include the refresh
+ of a route's age."
+ ::= { nsVrRip2GlobalsEntry 1 }
+
+ nsVrRip2GlobalQueries OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of responses sent to RIP queries
+ from other systems."
+ ::= { nsVrRip2GlobalsEntry 2 }
+
+ nsVrRip2GlobalVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrRip2GlobalsEntry 3 }
+
+
+--4.2 RIP Interface Tables
+
+-- RIP Interfaces Groups
+-- Implementation of these Groups is mandatory for systems
+-- which implement RIP-2.
+
+-- The RIP Interface Status Table.
+
+ nsVrRip2IfStatTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrRip2IfStatEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of subnets which require separate
+ status monitoring in RIP."
+ ::= { nsVrRip2 2 }
+
+ nsVrRip2IfStatEntry OBJECT-TYPE
+
+ SYNTAX NsVrRip2IfStatEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A Single Routing Domain in a single Subnet."
+ INDEX { nsVrRip2IfStatVRID, nsVrRip2IfStatAddress }
+ ::= { nsVrRip2IfStatTable 1 }
+
+ NsVrRip2IfStatEntry ::=
+ SEQUENCE {
+ nsVrRip2IfStatAddress
+ IpAddress,
+ nsVrRip2IfStatRcvBadPackets
+ Counter32,
+ nsVrRip2IfStatRcvBadRoutes
+ Counter32,
+ nsVrRip2IfStatSentUpdates
+ Counter32,
+ nsVrRip2IfStatStatus
+ RowStatus,
+ nsVrRip2IfStatVRID
+ INTEGER
+ }
+
+ nsVrRip2IfStatAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of this system on the indicated
+ subnet. For unnumbered interfaces, the value 0.0.0.N,
+ where the least significant 24 bits (N) is the ifIndex
+ for the IP Interface in network byte order."
+ ::= { nsVrRip2IfStatEntry 1 }
+
+ nsVrRip2IfStatRcvBadPackets OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of RIP response packets received by
+ the RIP process which were subsequently discarded
+ for any reason (e.g. a version 0 packet, or an
+ unknown command type)."
+ ::= { nsVrRip2IfStatEntry 2 }
+
+ nsVrRip2IfStatRcvBadRoutes OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+
+ DESCRIPTION
+ "The number of routes, in valid RIP packets,
+ which were ignored for any reason (e.g. unknown
+ address family, or invalid metric)."
+ ::= { nsVrRip2IfStatEntry 3 }
+
+ nsVrRip2IfStatSentUpdates OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of triggered RIP updates actually
+ sent on this interface. This explicitly does
+ NOT include full updates sent containing new
+ information."
+ ::= { nsVrRip2IfStatEntry 4 }
+
+ nsVrRip2IfStatStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Writing invalid has the effect of deleting
+ this interface."
+ ::= { nsVrRip2IfStatEntry 5 }
+
+ nsVrRip2IfStatVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrRip2IfStatEntry 6 }
+
+-- The RIP Interface Configuration Table.
+
+ nsVrRip2IfConfTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrRip2IfConfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of subnets which require separate
+ configuration in RIP."
+ ::= { nsVrRip2 3 }
+
+ nsVrRip2IfConfEntry OBJECT-TYPE
+ SYNTAX NsVrRip2IfConfEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A Single Routing Domain in a single Subnet."
+ INDEX { nsVrRip2IfConfVRID, nsVrRip2IfConfAddress }
+ ::= { nsVrRip2IfConfTable 1 }
+
+ NsVrRip2IfConfEntry ::=
+ SEQUENCE {
+
+ nsVrRip2IfConfAddress
+ IpAddress,
+ nsVrRip2IfConfDomain
+ RouteTag,
+ nsVrRip2IfConfAuthType
+ INTEGER,
+ nsVrRip2IfConfAuthKey
+ OCTET STRING,
+ nsVrRip2IfConfSend
+ INTEGER,
+ nsVrRip2IfConfReceive
+ INTEGER,
+ nsVrRip2IfConfDefaultMetric
+ INTEGER,
+ nsVrRip2IfConfStatus
+ RowStatus,
+ nsVrRip2IfConfSrcAddress
+ IpAddress,
+ nsVrRip2IfConfVRID
+ INTEGER
+ }
+
+ nsVrRip2IfConfAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address of this system on the indicated
+ subnet. For unnumbered interfaces, the value 0.0.0.N,
+ where the least significant 24 bits (N) is the ifIndex
+ for the IP Interface in network byte order."
+ ::= { nsVrRip2IfConfEntry 1 }
+
+ nsVrRip2IfConfDomain OBJECT-TYPE
+ SYNTAX RouteTag
+ MAX-ACCESS read-create
+ STATUS obsolete
+ DESCRIPTION
+ "Value inserted into the Routing Domain field
+ of all RIP packets sent on this interface."
+ DEFVAL { '0000'H }
+ ::= { nsVrRip2IfConfEntry 2 }
+
+ nsVrRip2IfConfAuthType OBJECT-TYPE
+ SYNTAX INTEGER {
+ noAuthentication (1),
+ simplePassword (2),
+ md5 (3)
+ }
+ MAX-ACCESS read-create
+
+ STATUS current
+ DESCRIPTION
+ "The type of Authentication used on this
+ interface."
+ DEFVAL { noAuthentication }
+ ::= { nsVrRip2IfConfEntry 3 }
+
+ nsVrRip2IfConfAuthKey OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE(0..16))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value to be used as the Authentication Key
+ whenever the corresponding instance of
+ nsVrRip2IfConfAuthType has a value other than
+ noAuthentication. A modification of the corresponding
+ instance of nsVrRip2IfConfAuthType does not modify
+ the nsVrRip2IfConfAuthKey value. If a string shorter
+ than 16 octets is supplied, it will be left-
+ justified and padded to 16 octets, on the right,
+ with nulls (0x00).
+
+ Reading this object always results in an OCTET
+ STRING of length zero; authentication may not
+ be bypassed by reading the MIB object."
+ DEFVAL { ''H }
+ ::= { nsVrRip2IfConfEntry 4 }
+
+ nsVrRip2IfConfSend OBJECT-TYPE
+ SYNTAX INTEGER {
+ doNotSend (1),
+ ripVersion1 (2),
+ rip1Compatible (3),
+ ripVersion2 (4),
+ ripV1Demand (5),
+ ripV2Demand (6)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "What the router sends on this interface.
+ ripVersion1 implies sending RIP updates compliant
+ with RFC 1058. rip1Compatible implies
+ broadcasting RIP-2 updates using RFC 1058 route
+ subsumption rules. ripVersion2 implies
+ multicasting RIP-2 updates. ripV1Demand indicates
+ the use of Demand RIP on a WAN interface under RIP
+ Version 1 rules. ripV2Demand indicates the use of
+
+ Demand RIP on a WAN interface under Version 2 rules."
+ DEFVAL { rip1Compatible }
+ ::= { nsVrRip2IfConfEntry 5 }
+
+ nsVrRip2IfConfReceive OBJECT-TYPE
+ SYNTAX INTEGER {
+ rip1 (1),
+ rip2 (2),
+ rip1OrRip2 (3),
+ doNotRecieve (4)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This indicates which version of RIP updates
+ are to be accepted. Note that rip2 and
+ rip1OrRip2 implies reception of multicast
+ packets."
+ DEFVAL { rip1OrRip2 }
+ ::= { nsVrRip2IfConfEntry 6 }
+
+ nsVrRip2IfConfDefaultMetric OBJECT-TYPE
+ SYNTAX INTEGER ( 0..15 )
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This variable indicates the metric that is to
+ be used for the default route entry in RIP updates
+ originated on this interface. A value of zero
+ indicates that no default route should be
+ originated; in this case, a default route via
+ another router may be propagated."
+ ::= { nsVrRip2IfConfEntry 7 }
+
+ nsVrRip2IfConfStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Writing invalid has the effect of deleting
+ this interface."
+ ::= { nsVrRip2IfConfEntry 8 }
+
+ nsVrRip2IfConfSrcAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+
+ "The IP Address this system will use as a source
+ address on this interface. If it is a numbered
+ interface, this MUST be the same value as
+ nsVrRip2IfConfAddress. On unnumbered interfaces,
+ it must be the value of nsVrRip2IfConfAddress for
+ some interface on the system."
+ ::= { nsVrRip2IfConfEntry 9 }
+
+ nsVrRip2IfConfVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrRip2IfConfEntry 10 }
+
+--4.3 Peer Table
+
+-- Peer Table
+
+-- The RIP Peer Group
+-- Implementation of this Group is Optional
+
+-- This group provides information about active peer
+-- relationships intended to assist in debugging. An
+-- active peer is a router from which a valid RIP
+-- updated has been heard in the last 180 seconds.
+
+ nsVrRip2PeerTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVrRip2PeerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A list of RIP Peers."
+ ::= { nsVrRip2 4 }
+
+ nsVrRip2PeerEntry OBJECT-TYPE
+ SYNTAX NsVrRip2PeerEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Information regarding a single routing peer."
+ INDEX { nsVrRip2PeerVRID, nsVrRip2PeerAddress, nsVrRip2PeerDomain }
+ ::= { nsVrRip2PeerTable 1 }
+
+ NsVrRip2PeerEntry ::=
+ SEQUENCE {
+ nsVrRip2PeerAddress
+ IpAddress,
+ nsVrRip2PeerDomain
+ RouteTag,
+ nsVrRip2PeerLastUpdate
+ TimeTicks,
+ nsVrRip2PeerVersion
+ INTEGER,
+ nsVrRip2PeerRcvBadPackets
+
+ Counter32,
+ nsVrRip2PeerRcvBadRoutes
+ Counter32,
+ nsVrRip2PeerVRID
+ INTEGER
+ }
+
+ nsVrRip2PeerAddress OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The IP Address that the peer is using as its source
+ address. Note that on an unnumbered link, this may
+ not be a member of any subnet on the system."
+ ::= { nsVrRip2PeerEntry 1 }
+
+ nsVrRip2PeerDomain OBJECT-TYPE
+ SYNTAX RouteTag
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The value in the Routing Domain field in RIP
+ packets received from the peer. As domain suuport
+ is deprecated, this must be zero."
+ ::= { nsVrRip2PeerEntry 2 }
+
+ nsVrRip2PeerLastUpdate OBJECT-TYPE
+ SYNTAX TimeTicks
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The value of sysUpTime when the most recent
+ RIP update was received from this system."
+ ::= { nsVrRip2PeerEntry 3 }
+
+ nsVrRip2PeerVersion OBJECT-TYPE
+ SYNTAX INTEGER ( 0..255 )
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The RIP version number in the header of the
+ last RIP packet received."
+ ::= { nsVrRip2PeerEntry 4 }
+
+ nsVrRip2PeerRcvBadPackets OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+
+ "The number of RIP response packets from this
+ peer discarded as invalid."
+ ::= { nsVrRip2PeerEntry 5 }
+
+ nsVrRip2PeerRcvBadRoutes OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of routes from this peer that were
+ ignored because the entry format was invalid."
+ ::= { nsVrRip2PeerEntry 6 }
+
+ nsVrRip2PeerVRID OBJECT-TYPE
+ SYNTAX INTEGER (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Virtual Router ID. VRID range for system created
+ VRs: [1-1024] and for user created VRs: [1025-2048]"
+ ::= { nsVrRip2PeerEntry 7 }
+
+END
diff --git a/MIBS/screenos/NETSCREEN-VSYS-MIB b/MIBS/screenos/NETSCREEN-VSYS-MIB
new file mode 100644
index 0000000..e7f5c34
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-VSYS-MIB
@@ -0,0 +1,98 @@
+-- This module defines enterprise MIBs for Virtual Systems
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-VSYS-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenVsys
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenVsysMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are use to monitor all the
+ virtual systems"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200005080000Z" -- May 08, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenVsys 0 }
+
+NsVsysCfgEntry ::= SEQUENCE
+{
+ nsVsysCfgId Integer32,
+ nsVsysCfgName DisplayString
+}
+
+nsVsysCfg OBJECT IDENTIFIER ::= { netscreenVsys 1 }
+
+nsVsysCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsVsysCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen-500, NetScreen-1000 and above series support virtual
+ system. This table collects the vsys configuration in NetScreen
+ device."
+ ::= { nsVsysCfg 1 }
+
+nsVsysCfgEntry OBJECT-TYPE
+ SYNTAX NsVsysCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the table holds a set of configuration
+ parameters associated with an instance of virtual system."
+ INDEX
+ { nsVsysCfgId }
+ ::= { nsVsysCfgTable 1 }
+
+nsVsysCfgId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique ID for each virtual system."
+ ::= { nsVsysCfgEntry 1 }
+
+nsVsysCfgName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "virtual system name."
+ ::= { nsVsysCfgEntry 2 }
+
+END
+
+
diff --git a/MIBS/screenos/NETSCREEN-ZONE-MIB b/MIBS/screenos/NETSCREEN-ZONE-MIB
new file mode 100644
index 0000000..2fe41e5
--- /dev/null
+++ b/MIBS/screenos/NETSCREEN-ZONE-MIB
@@ -0,0 +1,122 @@
+-- This module defines enterprise MIBs for security zones
+--
+-- Copyright (c) 1999-2004, Juniper Networks, Inc.
+-- All rights reserved.
+
+NETSCREEN-ZONE-MIB DEFINITIONS ::= BEGIN
+
+IMPORTS
+ netscreenZone
+ FROM NETSCREEN-SMI
+ Integer32, MODULE-IDENTITY, OBJECT-TYPE
+ FROM SNMPv2-SMI
+ DisplayString
+ FROM SNMPv2-TC
+ ;
+
+netscreenZoneMibModule MODULE-IDENTITY
+ LAST-UPDATED "200405032022Z" -- May 03, 2004
+ ORGANIZATION
+ "Juniper Networks, Inc."
+ CONTACT-INFO
+ "Customer Support
+
+ 1194 North Mathilda Avenue
+ Sunnyvale, California 94089-1206
+ USA
+
+ Tel: 1-800-638-8296
+ E-mail: customerservice@juniper.net
+ HTTP://www.juniper.net"
+ DESCRIPTION
+ "This module defines the object that are used to monitor all
+ the security zones"
+ REVISION "200405030000Z" -- May 03, 2004
+ DESCRIPTION
+ "Modified copyright and contact information"
+ REVISION "200403030000Z" -- March 03, 2004
+ DESCRIPTION
+ "Converted to SMIv2 by Longview Software"
+ REVISION "200311130000Z" -- November 13, 2003
+ DESCRIPTION
+ "Correct spelling mistake"
+ REVISION "200109280000Z" -- September 28, 2001
+ DESCRIPTION
+ "no comment"
+ REVISION "200005080000Z" -- May 08, 2000
+ DESCRIPTION
+ "Creation Date"
+ ::= { netscreenZone 0 }
+
+NsZoneCfgEntry ::= SEQUENCE
+{
+ nsZoneCfgId Integer32,
+ nsZoneCfgName DisplayString,
+ nsZoneCfgType INTEGER,
+ nsZoneCfgVsys Integer32
+}
+
+nsZoneCfg OBJECT IDENTIFIER ::= { netscreenZone 1 }
+
+nsZoneCfgTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF NsZoneCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "NetScreen device can have lots of secure zone. This table
+ collects the zones exiting in NetScreen device."
+ ::= { nsZoneCfg 1 }
+
+nsZoneCfgEntry OBJECT-TYPE
+ SYNTAX NsZoneCfgEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry in the table holds a set of configuration
+ parameters associated with an instance of secure zone."
+ INDEX
+ { nsZoneCfgId }
+ ::= { nsZoneCfgTable 1 }
+
+nsZoneCfgId OBJECT-TYPE
+ SYNTAX Integer32 (0..2147483647)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "A unique value for zone table. Its value ranges between 1 and
+ 65535 and may not be contiguous. the index has no other
+ meaning but a pure index"
+ ::= { nsZoneCfgEntry 1 }
+
+nsZoneCfgName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE(0..32))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure zone name."
+ ::= { nsZoneCfgEntry 2 }
+
+nsZoneCfgType OBJECT-TYPE
+ SYNTAX INTEGER {
+ regular(0),
+ layer2(1),
+ tunnel(2),
+ null(3),
+ func(4)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Secure zone type. Regular is sec(L3) and layer2 is sec(L2) type"
+ ::= { nsZoneCfgEntry 3 }
+
+nsZoneCfgVsys OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "VSYS this security zone belongs to."
+ ::= { nsZoneCfgEntry 4 }
+END
+
+
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-26 08:12:00 +0000