-- *****************************************************************
-- CISCO-802-TAP-MIB.my: Cisco intercept ("tap") MIB
--
-- September 2003, Srinivas Dhulipala
--
-- Copyright (c) 2003-2006 by Cisco Systems, Inc.
-- All rights reserved.
--
-- *****************************************************************
--CISCO-802-TAP-MIB DEFINITIONS::=BEGINIMPORTSInteger32,MODULE-IDENTITY,OBJECT-TYPE,Unsigned32FROM SNMPv2-SMI
MODULE-COMPLIANCE,OBJECT-GROUPFROM SNMPv2-CONF
MacAddress,RowStatusFROM SNMPv2-TC
cTap2MediationContentId,cTap2StreamIndex
FROM CISCO-TAP2-MIB
ciscoMgmt
FROM CISCO-SMI;cisco802TapMIB MODULE-IDENTITYLAST-UPDATED"200403110000Z"
ORGANIZATION"Cisco Systems, Inc."CONTACT-INFO" Cisco Systems
Customer Service
Postal:170 W. Tasman Drive
San Jose, CA 95134
USA
Tel:+1 800 553-NETS
E-mail:cs-li@cisco.com"DESCRIPTION"This module manages Cisco's intercept feature for
802 (layer 2) streams.
This MIB is used along with CISCO-TAP2-MIB to
intercept 802 traffic. CISCO-TAP2-MIB along with
specific filter MIBs like this MIB replace
CISCO-TAP-MIB.
To create an 802 intercept, an entry c802tapStreamEntry
is created which contains the filter details. An entry
cTap2StreamEntry of CISCO-TAP2-MIB is created which
is the common stream information for all kinds of
intercepts and type of the specific stream is set to
mac in this entry."REVISION"200403110000Z"DESCRIPTION"Initial version of this MIB module."::={ ciscoMgmt 395}
cisco802TapMIBNotifs OBJECTIDENTIFIER::={ cisco802TapMIB 0}cisco802TapMIBObjects OBJECTIDENTIFIER::={ cisco802TapMIB 1}cisco802TapMIBConform OBJECTIDENTIFIER::={ cisco802TapMIB 2}c802tapStreamEncodePacket OBJECTIDENTIFIER::={ cisco802TapMIBObjects
1}--
-- The filter specifics for intercepting 802 traffic.
--c802tapStreamCapabilities OBJECT-TYPESYNTAXBITS{tapEnable(0),interface(1),dstMacAddr(2),srcMacAddr(3),
ethernetPid(4),dstLlcSap(5),srcLlcSap(6)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"This object displays what types of intercept streams can be
configured on this type of device. This may be dependent on
hardware capabilities, software capabilities. The following
fields may be supported:
tapEnable: set if table entries with
cTap2StreamInterceptEnable set to 'false'
are used to pre-screen packets for intercept;
otherwise these entries are ignored.
interface: SNMP ifIndex Value may be used to select
interception of all data crossing an
interface or set of interfaces.
dstMacAddr: Destination MAC Address may be used to select
traffic to be intercepted.
srcMacAddr: Source MAC Address may be used to select
traffic to be intercepted.
ethernetPid: Ethernet Protocol Identifier may be used to
select traffic to be intercepted.
dstLlcSap: IEEE 802.2 Destination SAP may be used to
select traffic to be intercepted.
srcLlcSap: IEEE 802.2 Source SAP may be used to select
traffic to be intercepted."::={ c802tapStreamEncodePacket 1}--
-- The "access list" for intercepting data at the IEEE 802
-- link layer
--c802tapStreamTable OBJECT-TYPESYNTAXSEQUENCEOF C802tapStreamEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The Intercept Stream 802 Table lists the IEEE 802 data streams
to be intercepted. The same data stream may be required by
multiple taps, and one might assume that often the intercepted
stream is a small subset of the traffic that could be
intercepted.
This essentially provides options for packet selection, only
some of which might be used. For example, if all traffic to or
from a given interface is to be intercepted, one would
configure an entry which lists the interface, and wild-card
everything else. If all traffic to or from a given MAC Address
is to be intercepted, one would configure two such entries
listing the MAC Address as source and destination respectively,
and wild-card everything else.
The first index indicates which Mediation Device the
intercepted traffic will be diverted to. The second index
permits multiple classifiers to be used together, such as
having a MAC address as source or destination.
Entries are added to this table via c802tapStreamStatus in
accordance with the RowStatus convention."::={ c802tapStreamEncodePacket 2}c802tapStreamEntry OBJECT-TYPESYNTAX C802tapStreamEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"A stream entry indicates a single data stream to be
intercepted to a Mediation Device. Many selected data
streams may go to the same application interface, and many
application interfaces are supported."INDEX{ cTap2MediationContentId, cTap2StreamIndex }::={ c802tapStreamTable 1}
C802tapStreamEntry ::=SEQUENCE{
c802tapStreamFields BITS,
c802tapStreamInterface Integer32,
c802tapStreamDestinationAddress MacAddress,
c802tapStreamSourceAddress MacAddress,
c802tapStreamEthernetPid Unsigned32,
c802tapStreamSourceLlcSap Unsigned32,
c802tapStreamDestinationLlcSap Unsigned32,
c802tapStreamStatus RowStatus}c802tapStreamFields OBJECT-TYPESYNTAXBITS{interface(0),dstMacAddress(1),srcMacAddress(2),ethernetPid(3),dstLlcSap(4),
srcLlcSap(5)}MAX-ACCESSread-createSTATUScurrentDESCRIPTION"This object displays what attributes must be tested to
identify traffic which requires interception. The packet
matches if all flagged fields match.
interface: indicates that traffic on the stated
interface is to be intercepted
dstMacAddress: indicates that traffic destined to a
given address should be intercepted
srcMacAddress: indicates that traffic sourced from a
given address should be intercepted
ethernetPid: indicates that traffic with a stated
Ethernet Protocol Identifier should be
intercepted
dstLlcSap: indicates that traffic with an certain
802.2 LLC Destination SAP should be
intercepted
srcLlcSap: indicates that traffic with an certain
802.2 LLC Source SAP should be
intercepted
At least one of the bits has to be set in order to activate an
entry. If the bit is not on, the corresponding MIB object
value has no effect, and need not be specified when creating
the entry."::={ c802tapStreamEntry 1}c802tapStreamInterface OBJECT-TYPESYNTAXInteger32(-1 | 0 | 1..2147483647)MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The ifIndex value of the interface over which traffic to be
intercepted is received or transmitted. The interface may be
physical or virtual. If this is the only parameter specified,
and it is other than -1 or 0, all traffic on the selected
interface will be chosen.
If the value is zero, matching traffic may be received or
transmitted on any interface. Additional selection parameters
must be selected to limit the scope of traffic intercepted.
This is most useful on non-routing platforms or on intercepts
placed elsewhere than a subscriber interface.
If the value is -1, one or both of
c802tapStreamDestinationAddress and c802tapStreamSourceAddress
must be specified. Matching traffic on the interface pointed
to by the dot1dTpFdbPort values associated with those values is
intercepted, whichever is specified. If dot1dTpFdbPort
changes, either by operator action or by protocol events, the
interface will change with it. This is primarily intended for
use on subscriber interfaces and other places where routing is
guaranteed to be symmetrical.
In both of these cases, it is possible to have the same packet
selected for intersection on both its ingress and egress
interface. Nonetheless, only one instance of the packet is
sent to the Mediation Device.
This value must be set when creating a stream entry, either to
select an interface, to select all interfaces, or to select the
interface that bridging learns. Some platforms may not
implement the entire range of options."REFERENCE"RFC 1493"::={ c802tapStreamEntry 2}c802tapStreamDestinationAddress OBJECT-TYPESYNTAXMacAddressMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The Destination address used in packet selection."
::={ c802tapStreamEntry 3}c802tapStreamSourceAddress OBJECT-TYPESYNTAXMacAddressMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The Source Address used in packet selection."::={ c802tapStreamEntry 4}c802tapStreamEthernetPid OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The value of the Ethernet Protocol Identifier, which may be
found on Ethernet traffic or IEEE 802.2 SNAP traffic."::={ c802tapStreamEntry 5}c802tapStreamDestinationLlcSap OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSread-createSTATUScurrent
DESCRIPTION"The value of the IEEE 802.2 Destination SAP."::={ c802tapStreamEntry 6}c802tapStreamSourceLlcSap OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The value of the IEEE 802.2 Source SAP."::={ c802tapStreamEntry 7}c802tapStreamStatus OBJECT-TYPESYNTAXRowStatusMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The status of this conceptual row. This object manages
creation, modification, and deletion of rows in this table.
When any rows must be changed, c802tapStreamStatus must
be first set to 'notInService'."::={ c802tapStreamEntry 8}-- conformance information
cisco802TapMIBCompliances OBJECTIDENTIFIER::={ cisco802TapMIBConform
1}cisco802TapMIBGroups OBJECTIDENTIFIER::={ cisco802TapMIBConform
2}-- compliance statementcisco802TapMIBCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for entities which implement the
Cisco Intercept MIB for 802 streams."MODULE-- this moduleMANDATORY-GROUPS{
cisco802TapStreamGroup
}::={cisco802TapMIBCompliances 1}-- units of conformancecisco802TapStreamGroup OBJECT-GROUPOBJECTS{
c802tapStreamCapabilities,
c802tapStreamFields,
c802tapStreamInterface,
c802tapStreamDestinationAddress,
c802tapStreamSourceAddress,
c802tapStreamEthernetPid,
c802tapStreamSourceLlcSap,
c802tapStreamDestinationLlcSap,
c802tapStreamStatus
}STATUScurrentDESCRIPTION"These objects are necessary for a description of IEEE 802
packets to select for interception."::={ cisco802TapMIBGroups 1}END