smilint output for ./SSHTM-MIB
| Message Severities |
|---|
| Severity | Count |
|---|
| error | 7 |
| change recommended | 5 |
| warning | 3 |
| Message Types |
|---|
| Type | Count |
|---|
| basetype-not-imported (error) | 5 |
| group-membership (change recommended) | 5 |
| import-unused (warning) | 2 |
| index-exceeds-too-large (warning) | 1 |
| object-identifier-not-prefix (error) | 2 |
Messages:
SSHTM-MIB
1: -- extracted from draft-ietf-isms-secshell-05.txt
2: -- at Thu Oct 12 06:07:13 2006
3:
4: SSHTM-MIB DEFINITIONS ::= BEGIN
5:
6: IMPORTS
7: MODULE-IDENTITY, OBJECT-TYPE,
8: OBJECT-IDENTITY, mib-2, snmpDomains
9: FROM SNMPv2-SMI
10: TestAndIncr, TEXTUAL-CONVENTION,
11: StorageType, RowStatus
12: FROM SNMPv2-TC
13: MODULE-COMPLIANCE, OBJECT-GROUP
14: FROM SNMPv2-CONF
15: SnmpAdminString
16: FROM SNMP-FRAMEWORK-MIB
17: TransportAddress, TransportAddressType
17: warning -
warning: identifier `TransportAddress' imported from module `TRANSPORT-ADDRESS-MIB' is never used
17: warning -
warning: identifier `TransportAddressType' imported from module `TRANSPORT-ADDRESS-MIB' is never used
18: FROM TRANSPORT-ADDRESS-MIB
19: ;
20:
21: sshtmMIB MODULE-IDENTITY
22: LAST-UPDATED "200610050000Z"
23: ORGANIZATION "ISMS Working Group"
24: CONTACT-INFO "WG-EMail: isms@lists.ietf.org
25: Subscribe: isms-request@lists.ietf.org
26:
27: Chairs:
28: Juergen Quittek
29: NEC Europe Ltd.
30: Network Laboratories
31: Kurfuersten-Anlage 36
32: 69115 Heidelberg
33: Germany
34: +49 6221 90511-15
35: quittek@netlab.nec.de
36: Juergen Schoenwaelder
37: International University Bremen
38: Campus Ring 1
39: 28725 Bremen
40: Germany
41: +49 421 200-3587
42: j.schoenwaelder@iu-bremen.de
43:
44: Co-editors:
45: David Harrington
46: Huawei Technologies USA
47: 1700 Alma Drive
48: Plano Texas 75075
49: USA
50: +1 603-436-8634
51: ietfdbh@comcast.net
52:
53: Joseph Salowey
54: Cisco Systems
55: 2901 3rd Ave
56: Seattle, WA 98121
57: USA
58: jsalowey@cisco.com
59: "
60: DESCRIPTION "The Secure Shell Transport Model MIB
61:
62: Copyright (C) The Internet Society (2006). This
63: version of this MIB module is part of RFC XXXX;
64: see the RFC itself for full legal notices.
65: -- NOTE to RFC editor: replace XXXX with actual RFC number
66: -- for this document and remove this note
67: "
68:
69: REVISION "200610050000Z" -- 02 September 2005
70: DESCRIPTION "The initial version, published in RFC XXXX.
71: -- NOTE to RFC editor: replace XXXX with actual RFC number
72: -- for this document and remove this note
73: "
74:
75: ::= { mib-2 xxxx }
75: error -
Object identifier element `xxxx' name only allowed as first element
76: -- RFC Ed.: replace xxxx with IANA-assigned number and
77: -- remove this note
78:
79: -- ---------------------------------------------------------- --
80: -- subtrees in the SSHTM-MIB
81: -- ---------------------------------------------------------- --
82:
83: sshtmNotifications OBJECT IDENTIFIER ::= { sshtmMIB 0 }
84: sshtmMIBObjects OBJECT IDENTIFIER ::= { sshtmMIB 1 }
85: sshtmConformance OBJECT IDENTIFIER ::= { sshtmMIB 2 }
86:
87: -- -------------------------------------------------------------
88: -- Objects
89: -- -------------------------------------------------------------
90:
91: TransportAddressSSH ::= TEXTUAL-CONVENTION
92: DISPLAY-HINT "1a"
93: STATUS current
94: DESCRIPTION
95: "Represents either a hostname encoded in ASCII
96: using the IDNA protocol, as specified in RFC3490, followed by
97: a colon ':' (ASCII character 0x3A) and a decimal port number
98: in ASCII, or an IP address followed by a colon ':'
99: (ASCII character 0x3A) and a decimal port number in ASCII.
100: The name SHOULD be fully qualified whenever possible.
101:
102: Values of this textual convention are not directly useable
103: as transport-layer addressing information, and require
104: runtime resolution. As such, applications that write them
105: must be prepared for handling errors if such values are
106: not supported, or cannot be resolved (if resolution occurs
107: at the time of the management operation).
108:
109: The DESCRIPTION clause of TransportAddress objects that may
110: have TransportAddressSSH values must fully describe how (and
111: when) such names are to be resolved to IP addresses and vice
112: versa.
113:
114: This textual convention SHOULD NOT be used directly in
115: object definitions since it restricts addresses to a
116: specific format. However, if it is used, it MAY be used
117: either on its own or in conjunction with
118: TransportAddressType or TransportDomain as a pair.
119:
120: When this textual convention is used as a syntax of an
121: index object, there may be issues with the limit of 128
122: sub-identifiers specified in SMIv2, STD 58. In this case,
123: the OBJECT-TYPE declaration MUST include a 'SIZE' clause
124: to limit the number of potential instance sub-identifiers."
125: SYNTAX OCTET STRING (SIZE (1..255))
126:
127:
128: transportDomainSSH OBJECT-IDENTITY
129: STATUS current
130: DESCRIPTION
131: "The SSH transport domain. The corresponding transport
132: address is of type TransportAddressSSH.
133:
134: When an SNMP entity uses the transportDomainSSH transport
135: model, it must be capable of accepting messages up to
136: and including 8192 octets in size. Implementation of
137: larger values is encouraged whenever possible."
138: ::= { snmpDomains yy }
138: error -
Object identifier element `yy' name only allowed as first element
139: -- RFC Ed.: replace yy with IANA-assigned number and
140: -- remove this note
141:
142:
143: -- The sshtmSession Group
144:
145: sshtmSession OBJECT IDENTIFIER ::= { sshtmMIBObjects 1 }
146:
147: sshtmSessionCurrent OBJECT-TYPE
147: change recommended -
warning: node `sshtmSessionCurrent' must be contained in at least one conformance group
148: SYNTAX Gauge32
149: MAX-ACCESS read-only
149: error -
SMIv2 base type `Gauge32' must be imported from SNMPv2-SMI
150: STATUS current
151: DESCRIPTION "The current number of open sessions.
152: "
153: ::= { sshtmSession 1 }
154:
155: sshtmSessionMaxSupported OBJECT-TYPE
155: change recommended -
warning: node `sshtmSessionMaxSupported' must be contained in at least one conformance group
156: SYNTAX Unsigned32
157: MAX-ACCESS read-only
157: error -
SMIv2 base type `Unsigned32' must be imported from SNMPv2-SMI
158: STATUS current
159: DESCRIPTION "The maximum number of open sessions supported.
160: The value zero indicates the maximum is dynamic.
161: "
162: ::= { sshtmSession 2 }
163:
164: sshtmSessionOpenErrors OBJECT-TYPE
164: change recommended -
warning: node `sshtmSessionOpenErrors' must be contained in at least one conformance group
165: SYNTAX Counter32
166: MAX-ACCESS read-only
166: error -
SMIv2 base type `Counter32' must be imported from SNMPv2-SMI
167: STATUS current
168: DESCRIPTION "The number of times an openSession() request
169: failed to open a Session.
170: "
171: ::= { sshtmSession 3 }
172:
173: sshtmSessionSecurityLevelNotAvailableErrors OBJECT-TYPE
173: change recommended -
warning: node `sshtmSessionSecurityLevelNotAvailableErrors' must be contained in at least one conformance group
174: SYNTAX Counter32
175: MAX-ACCESS read-only
175: error -
SMIv2 base type `Counter32' must be imported from SNMPv2-SMI
176: STATUS current
177: DESCRIPTION "The number of times an outgoing message was
178: discarded because a requested securityLevel could not
179: provided.
180: "
181: ::= { sshtmSession 4 }
182:
183: sshtmSessionNoAvailableSessions OBJECT-TYPE
183: change recommended -
warning: node `sshtmSessionNoAvailableSessions' must be contained in at least one conformance group
184: SYNTAX Counter32
185: MAX-ACCESS read-only
185: error -
SMIv2 base type `Counter32' must be imported from SNMPv2-SMI
186: STATUS current
187: DESCRIPTION "The number of times a Response message
188: was dropped because the corresponding
189: session was no longer available.
190: "
191: ::= { sshtmSession 5 }
192:
193:
194: -- The sshtmUser Group ********************************************
195:
196: sshtmUser OBJECT IDENTIFIER ::= { sshtmMIBObjects 2 }
197:
198: sshtmUserSpinLock OBJECT-TYPE
199: SYNTAX TestAndIncr
200: MAX-ACCESS read-write
201: STATUS current
202: DESCRIPTION "An advisory lock used to allow several cooperating
203: Command Generator Applications to coordinate their
204: use of facilities to alter the sshtmUserTable.
205: "
206: ::= { sshtmUser 1 }
207:
208: -- The table of valid users for the SSH Transport Model ********
209:
210: sshtmUserTable OBJECT-TYPE
211: SYNTAX SEQUENCE OF SshtmUserEntry
212: MAX-ACCESS not-accessible
213: STATUS current
214: DESCRIPTION "The table of users configured in the SNMP engine's
215: Local Configuration Datastore (LCD).
216:
217: Most configuration of this table is expected to be
218: done by an agent dynamically. It is possible for an
219: SNMP management application to pre-configure the
220: table with static information useful for translating
221: from an SSH-specific user to a model-independent
222: securityName, or for statically configuring the only
223: entities authorized to receive notifications.
224:
225: To create a new user (i.e., to instantiate a new
226: conceptual row in this table), it is recommended to
227: follow this procedure:
228: 1) GET(sshtmUserSpinLock.0) and save in sValue.
229: 2) SET(sshtmUserSpinLock.0=sValue,
230: sshtmUserStatus=createAndWait)
231: 3) configure the entry
232: 4) SET(sshtmUserStatus=active)
233:
234: The new user should now be available and ready to be
235: used for SNMPv3 communication.
236:
237: The use of sshtmUserSpinlock is to avoid conflicts
238: with another SNMP command generator application which
239: may also be acting on the sshtmUserTable.
240: "
241: ::= { sshtmUser 2 }
242:
243: sshtmUserEntry OBJECT-TYPE
243: warning -
warning: index of row `sshtmUserEntry' can exceed OID size limit by 167 subidentifier(s)
244: SYNTAX SshtmUserEntry
245: MAX-ACCESS not-accessible
246: STATUS current
247: DESCRIPTION "A user configured in the SNMP engine's Local
248: Configuration Datastore (LCD) for the SSH
249: Transport Model.
250: "
251: INDEX { sshtmUserAddress,
252: sshtmUserName
253: }
254: ::= { sshtmUserTable 1 }
255:
256: SshtmUserEntry ::= SEQUENCE
257: {
258: sshtmUserAddress TransportAddressSSH,
259: sshtmUserSecurityName SnmpAdminString,
260: sshtmUserName SnmpAdminString,
261: sshtmUserStorageType StorageType,
262: sshtmUserStatus RowStatus
263: }
264:
265: sshtmUserAddress OBJECT-TYPE
266: SYNTAX TransportAddressSSH
267: MAX-ACCESS not-accessible
268: STATUS current
269: DESCRIPTION "A remote SNMP engine's SSH address.
270: "
271: ::= { sshtmUserEntry 1 }
272:
273:
274: sshtmUserSecurityName OBJECT-TYPE
275: SYNTAX SnmpAdminString
276: MAX-ACCESS read-only
277: STATUS current
278: DESCRIPTION "A human readable string representing the user in
279: Transport Model independent format.
280:
281: The default transformation of the sshtmUserName to
282: the sshtmUserSecurityName and vice versa is the
283: identity function so that the sshtmUserSecurityName
284: is usually the same as the sshtmUserName.
285: "
286: ::= { sshtmUserEntry 2 }
287:
288: sshtmUserName OBJECT-TYPE
289: SYNTAX SnmpAdminString (SIZE(1..32))
290: MAX-ACCESS not-accessible
291: STATUS current
292: DESCRIPTION "This is the user name used in the
293: SSH_MSG_USERAUTH_REQUEST to authenticate the client.
294: "
295: ::= { sshtmUserEntry 3 }
296:
297: sshtmUserStorageType OBJECT-TYPE
298: SYNTAX StorageType
299: MAX-ACCESS read-create
300: STATUS current
301: DESCRIPTION "The storage type for this conceptual row.
302:
303: It is an implementation issue to decide if a SET for
304: a readOnly or permanent row is accepted at all. In some
305: contexts this may make sense, in others it may not. If
306: a SET for a readOnly or permanent row is not accepted
307: at all, then a 'wrongValue' error must be returned.
308: "
309: DEFVAL { nonVolatile }
310: ::= { sshtmUserEntry 4 }
311:
312: sshtmUserStatus OBJECT-TYPE
313: SYNTAX RowStatus
314: MAX-ACCESS read-create
315: STATUS current
316: DESCRIPTION "The status of this conceptual row.
317:
318: Until instances of all corresponding columns are
319: appropriately configured, the value of the
320: corresponding instance of the sshtmUserStatus column
321: is 'notReady'.
322:
323: The value of this object has no effect on whether
324: other objects in this conceptual row can be modified.
325: "
326: ::= { sshtmUserEntry 5 }
327:
328:
329: -- ************************************************
330: -- sshtmMIB - Conformance Information
331: -- ************************************************
332:
333: sshtmGroups OBJECT IDENTIFIER ::= { sshtmConformance 1 }
334:
335: sshtmCompliances OBJECT IDENTIFIER ::= { sshtmConformance 2 }
336:
337: -- ************************************************
338: -- Units of conformance
339: -- ************************************************
340: sshtmGroup OBJECT-GROUP
341: OBJECTS {
342: sshtmUserSpinLock,
343: sshtmUserSecurityName,
344: sshtmUserStorageType,
345: sshtmUserStatus
346: }
347: STATUS current
348: DESCRIPTION "A collection of objects for maintaining
349: information of an SNMP engine which implements the
350: SNMP Secure Shell Transport Model.
351: "
352:
353: ::= { sshtmGroups 2 }
354:
355: -- ************************************************
356: -- Compliance statements
357: -- ************************************************
358:
359: sshtmCompliance MODULE-COMPLIANCE
360: STATUS current
361: DESCRIPTION
362: "The compliance statement for SNMP engines that support the
363: SSHTM-MIB"
364: MODULE
365: MANDATORY-GROUPS { sshtmGroup }
366: ::= { sshtmCompliances 1 }
367:
368: END
369:
370: --
371: -- Copyright (C) The Internet Society (2006).
372: --
373: -- This document is subject to the rights, licenses and restrictions
374: -- contained in BCP 78, and except as set forth therein, the authors
375: -- retain all their rights.
376: --
377: -- This document and the information contained herein are provided on an
378: -- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
379: -- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
380: -- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
381: -- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
382: -- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
383: -- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
384: --
385: -- Intellectual Property
386: --
387: -- The IETF takes no position regarding the validity or scope of any
388: -- Intellectual Property Rights or other rights that might be claimed to
389: -- pertain to the implementation or use of the technology described in
390: -- this document or the extent to which any license under such rights
391: -- might or might not be available; nor does it represent that it has
392: -- made any independent effort to identify any such rights. Information
393: -- on the procedures with respect to rights in RFC documents can be
394: -- found in BCP 78 and BCP 79.
395: --
396: -- Copies of IPR disclosures made to the IETF Secretariat and any
397: -- assurances of licenses to be made available, or the result of an
398: -- attempt made to obtain a general license or permission for the use of
399: -- such proprietary rights by implementers or users of this
400: -- specification can be obtained from the IETF on-line IPR repository at
401: -- http://www.ietf.org/ipr.
402: --
403: -- The IETF invites any interested party to bring to its attention any
404: -- copyrights, patents or patent applications, or other proprietary
405: -- rights that may cover technology that may be required to implement
406: -- this standard. Please address the information to the IETF at
407: -- ietf-ipr@ietf.org.
408: --
409: