-- These MIBs were created on 05/11/2001
-- This module defines enterprise MIBs for interface configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
---- MODULE-IDENTITY
-- OrgName
-- Juniper Networks, Inc.
-- ContactInfo
-- Customer Support
--
-- 1194 North Mathilda Avenue
-- Sunnyvale, California 94089-1206
-- USA
--
-- Tel: 1-800-638-8296
-- E-mail: customerservice@juniper.net
-- HTTP://www.juniper.net"
--
-- Descr
-- This module defines the object that are used to monitor
-- NS's interface configuration
--
-- Last modified date: 05/03/2004
-- Modified copyright and contact info
--
-- Last modified date: 09/28/2001
--NETSCREEN-INTERFACE-MIB DEFINITIONS::=BEGIN
IMPORTSDisplayString,PhysAddressFROM RFC1213-MIB
netscreenInterface FROM NETSCREEN-SMI;nsIfSecondaryIpTable OBJECT-TYPESYNTAXSEQUENCEOF NsIfSecondaryIpEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"In some ScreenOS, it supports multiple IP addresses and related subnets
based on the same interface. This table collects the multiple IP addresses
configuration on an interface. "::={ netscreenInterface 2}nsIfSecondaryIpEntry OBJECT-TYPESYNTAX NsIfSecondaryIpEntry
ACCESSnot-accessible
STATUSmandatoryDESCRIPTION"nsIfSecondaryIpEntry collects some attributes about multiple IP configurations
on an interface."INDEX{ nsIfSecondaryIpIndex }::={ nsIfSecondaryIpTable 1}
NsIfSecondaryIpEntry ::=SEQUENCE{
nsIfSecondaryIpIndex
INTEGER,
nsIfSecondaryIpIfIdx
INTEGER,
nsIfSecondaryIpVsys
INTEGER,
nsIfSecondaryIpZone
INTEGER,
nsIfSecondaryIpAddress
IpAddress,
nsIfSecondaryIpNetmask
IpAddress,
nsIfSecondaryIpIfInfo
INTEGER}nsIfSecondaryIpIndex OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"The table index used as primary key when retrieving the table."::={ nsIfSecondaryIpEntry 1}nsIfSecondaryIpIfIdx OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"The index value which uniquely identifies
an interface the secodary ip belongs to.
The interface identified by a particular value
of this index is the same interface as identified
by the same value of ifIndex."::={ nsIfSecondaryIpEntry 2}nsIfSecondaryIpVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"According NetScreen's concepts, each interface belongs to one virtual
system. This attribute displays the virtual system ID an interface
belongs to. If the device is device which doesn't support vsys such as
NS-100, we can logically think all the setting belongs to 'root' vsys."::={ nsIfSecondaryIpEntry 3}nsIfSecondaryIpZone OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"each interface belongs to one security zone. this attribute displays
the security zone name an interface belongs to."::={ nsIfSecondaryIpEntry 4}nsIfSecondaryIpAddress OBJECT-TYPESYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Ip Address value."::={ nsIfSecondaryIpEntry 5}nsIfSecondaryIpNetmask OBJECT-TYPE
SYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Subnet of a ip belongs to."::={ nsIfSecondaryIpEntry 6}nsIfSecondaryIpIfInfo OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Internal id assigned to this interface. Stays persistent across resets."::={ nsIfSecondaryIpEntry 7}nsIfTable OBJECT-TYPESYNTAXSEQUENCEOF NsIfEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"All NetScreen devices have a trusted interface and an untrusted interface. The
NetScreen-10 and -100 also have a DMZ interface. Additionally, on each of the
virtual systems supported by the NetScreen-1000 there can be on or more tursted
subinterfaces linking a particular virtual system to one or more virtual LANs.
Other interfaces-some physical, some logical, and some virtual-provide exclusive
channels for administrative traffic, or for communication among member in a
redundant group.
In this table, it will collect following interface: tursted interface, untrusted
interface, DMZ interface, Management Interface and Subinterface."::={ netscreenInterface 1}
nsIfEntry OBJECT-TYPESYNTAX NsIfEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"nsIfEntry collects some attributes about NetScreen interface settings."INDEX{ nsIfIndex }::={ nsIfTable 1}
NsIfEntry ::=SEQUENCE{
nsIfIndex
INTEGER,
nsIfName
DisplayString,
nsIfVsys
INTEGER,
nsIfZone
INTEGER,
nsIfStatus
INTEGER,
nsIfIp
IpAddress,
nsIfNetmask
IpAddress,
nsIfGateway
IpAddress,
nsIfMngIp
IpAddress,
nsIfMode
INTEGER,
nsIfMAC
PhysAddress,
nsIfMngTelnet
INTEGER,
nsIfMngSCS
INTEGER,
nsIfMngWEB
INTEGER,
nsIfMngSSL
INTEGER,
nsIfMngSNMP
INTEGER,
nsIfMngGlobal
INTEGER,
nsIfMngGlobalPro
INTEGER,
nsIfMngPing
INTEGER,
nsIfMngIdentReset
INTEGER,
nsIfInfo
INTEGER,
nsIfDescr
DisplayString}nsIfIndex OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Interface number which uniquely identifies an interface."::={ nsIfEntry 1}nsIfName OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))
ACCESSread-onlySTATUSmandatoryDESCRIPTION"Each interface has a readable name such as 'trust', 'trust/1', etc."::={ nsIfEntry 2}nsIfVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"According NetScreen's concepts, each interface belongs to one virtual
system. This attribute displays the virtual system name an interface
belongs to. If the device is device which doesn't support vsys such as
NS-100, we can logically think all the setting belongs to 'root' vsys."::={ nsIfEntry 3}nsIfZone OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Each interface belongs to one security zone. This attribute displays
the security zone name an interface belongs to."::={ nsIfEntry 4}nsIfStatus OBJECT-TYPESYNTAXINTEGER{down(0),up(1),
ready(2),inactive(3)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"The interface status which indicates interface's operational status. "::={ nsIfEntry 5}nsIfIp OBJECT-TYPESYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Each interface must be assigned an IP address."::={ nsIfEntry 6}
nsIfNetmask OBJECT-TYPESYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Each interface must belong to a subnet represented by netmask."::={ nsIfEntry 7}nsIfGateway OBJECT-TYPESYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Default gateway ip address."::={ nsIfEntry 8}nsIfMngIp OBJECT-TYPE
SYNTAXIpAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"Trusted, untrusted and DMZ interfaces can have two IP address: an interface
IP address that corresponds to the physical port through which that
interface connects to a network, and a Manage IP address that can be used to
receive administrative traffic"::={ nsIfEntry 9}nsIfMode OBJECT-TYPESYNTAXINTEGER{transparent(0),nat(1),route(2),
not-applicable(3)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"NetScreen interface can has three operation modes. They are transparent,
nat and route. "::={ nsIfEntry 10}nsIfMAC OBJECT-TYPESYNTAXPhysAddressACCESSread-onlySTATUSmandatoryDESCRIPTION"MAC address the interface has."::={ nsIfEntry 11}
nsIfMngTelnet OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits telnet
management."::={ nsIfEntry 12}nsIfMngSCS OBJECT-TYPESYNTAXINTEGER{disable(0),
enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits Secure
Command Shell management."::={ nsIfEntry 13}nsIfMngWEB OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-only
STATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits WEB UI
management."::={ nsIfEntry 14}nsIfMngSSL OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits SSL
management."::={ nsIfEntry 15}
nsIfMngSNMP OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits SNMP
management."::={ nsIfEntry 16}nsIfMngGlobal OBJECT-TYPESYNTAXINTEGER{
disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits NS Global
management."::={ nsIfEntry 17}nsIfMngGlobalPro OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}
ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits NS Global
Pro management."::={ nsIfEntry 18}nsIfMngPing OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits Ping go-through."::={ nsIfEntry 19}nsIfMngIdentReset OBJECT-TYPESYNTAXINTEGER{disable(0),enable(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"This attribute is used to indicate whether the interface permits ident reset."::={ nsIfEntry 20}nsIfInfo OBJECT-TYPESYNTAXINTEGER
ACCESSread-onlySTATUSmandatoryDESCRIPTION"Internal id assigned to this interface. Stays persistent across resets."::={ nsIfEntry 21}nsIfDescr OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Each interface has a configurable descriptor string."::={ nsIfEntry 22}
nsIfFlowTable OBJECT-TYPESYNTAXSEQUENCEOF NsIfFlowEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"nsIfFlowTable is used to get flow statistical information of the interface."::={ netscreenInterface 3}nsIfFlowEntry OBJECT-TYPESYNTAX NsIfFlowEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"Table entry collect some attributes about interface flow counters."INDEX{ nsIfFlowIfIdx }
::={ nsIfFlowTable 1}
NsIfFlowEntry ::=SEQUENCE{
nsIfFlowIfIdx
INTEGER,
nsIfFlowVsys
INTEGER,
nsIfFlowInByte
Counter,
nsIfFlowInPacket
Counter,
nsIfFlowOutByte
Counter,
nsIfFlowOutPacket
Counter,
nsIfFlowInVpn
Counter,
nsIfInVlan
Counter,
nsIfOutVlan
Counter,
nsIfFlowIfInfo
INTEGER}nsIfFlowIfIdx OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Unique interface id, also used as table index."::={ nsIfFlowEntry 1}nsIfFlowVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"According NetScreen's concepts. each interface belongs to one virtual
system. This attribute displays the virtual system name an interface
belongs to."::={ nsIfFlowEntry 2}nsIfFlowInByte OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Incoming byte number arriving at the this interface"::={ nsIfFlowEntry 3}nsIfFlowInPacket OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Incoming packet number arriving at the this interface"::={ nsIfFlowEntry 4}
nsIfFlowOutByte OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Outgoing byte number sending through this interface"::={ nsIfFlowEntry 5}nsIfFlowOutPacket OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Outgoing packet number sending through this interface"::={ nsIfFlowEntry 6}nsIfFlowInVpn OBJECT-TYPESYNTAXCounter
ACCESSread-onlySTATUSmandatoryDESCRIPTION"VPN packet go through this interface"::={ nsIfFlowEntry 7}nsIfInVlan OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Incoming vlan packet"::={ nsIfFlowEntry 8}nsIfOutVlan OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatory
DESCRIPTION"Outgoing vlan packet"::={ nsIfFlowEntry 9}nsIfFlowIfInfo OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Internal id assigned to this interface. Stays persistent across resets."::={ nsIfFlowEntry 10}nsIfMonTable OBJECT-TYPESYNTAXSEQUENCEOF NsIfMonEntry
ACCESSnot-accessibleSTATUSmandatory
DESCRIPTION"This table collects some of dropped packet counters of interface"::={ netscreenInterface 4}nsIfMonEntry OBJECT-TYPESYNTAX NsIfMonEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"An entry containing tunnel information"INDEX{ nsIfMonIfIdx }::={ nsIfMonTable 1}
NsIfMonEntry ::=SEQUENCE{
nsIfMonIfIdx
INTEGER,
nsIfMonVsys
INTEGER,
nsIfMonPlyDeny
Counter,
nsIfMonAuthFail
Counter,
nsIfMonUrlBlock
Counter,
nsIfMonTrMngQueue
Counter,
nsIfMonTrMngDrop
Counter,
nsIfMonEncFail
Counter,
nsIfMonNoSa
Counter,
nsIfMonNoSaPly
Counter,
nsIfMonSaInactive
Counter,
nsIfMonSaPolicyDeny
Counter,
nsIfMonIfInfo
INTEGER}
nsIfMonIfIdx OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Unique interface id, also used as table index."::={ nsIfMonEntry 1}nsIfMonVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"According NetScreen's concepts, each interface belongs to one virtual
system. This attribute displays the virtual system name an interface
belongs to."::={ nsIfMonEntry 2}nsIfMonPlyDeny OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Packet drop since denied by policy."::={ nsIfMonEntry 3}nsIfMonAuthFail OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"Packet drop due to authentication failed."::={ nsIfMonEntry 4}nsIfMonUrlBlock OBJECT-TYPESYNTAXCounter
ACCESSread-onlySTATUSmandatoryDESCRIPTION"Packet drop due to URL blocking."::={ nsIfMonEntry 5}nsIfMonTrMngQueue OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"packet queue up due to traffic management"::={ nsIfMonEntry 6}nsIfMonTrMngDrop OBJECT-TYPESYNTAXCounterACCESSread-only
STATUSmandatoryDESCRIPTION"Packet drop due to traffic management"::={ nsIfMonEntry 7}nsIfMonEncFail OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"IPSec enc failed due to sa not available, no ipak, etc"::={ nsIfMonEntry 8}nsIfMonNoSa OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION
"packet drop due to no sa found for incomig spi"::={ nsIfMonEntry 9}nsIfMonNoSaPly OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"packet drop due to no policy associated with found sa"::={ nsIfMonEntry 10}nsIfMonSaInactive OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"packet drop due to sa not active"
::={ nsIfMonEntry 11}nsIfMonSaPolicyDeny OBJECT-TYPESYNTAXCounterACCESSread-onlySTATUSmandatoryDESCRIPTION"packet drop due to denial by sa policy"::={ nsIfMonEntry 12}nsIfMonIfInfo OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Internal id assigned to this interface. Stays persistent across resets."::={ nsIfMonEntry 13}
END