smilint output for ./T11-FC-SP-POLICY-MIB
| Message Severities |
|---|
| Severity | Count |
|---|
| error | 1 |
| Message Types |
|---|
| Type | Count |
|---|
| object-identifier-not-prefix (error) | 1 |
Messages:
T11-FC-SP-POLICY-MIB
1: -- extracted from draft-kzm-imss-fc-fcsp-mib-00.txt
2: -- at Wed Jun 13 06:08:27 2007
3:
4: T11-FC-SP-POLICY-MIB DEFINITIONS ::= BEGIN
5:
6: IMPORTS
7: MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2,
8: Counter32, Unsigned32
9: FROM SNMPv2-SMI -- [RFC2578]
10: RowStatus, StorageType, TimeStamp,
11: TruthValue FROM SNMPv2-TC -- [RFC2579]
12: MODULE-COMPLIANCE, OBJECT-GROUP,
13: NOTIFICATION-GROUP
14: FROM SNMPv2-CONF -- [RFC2580]
15: SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411]
16: InetAddress,
17: InetAddressType FROM INET-ADDRESS-MIB -- [RFC4001]
18: fcmInstanceIndex,
19: FcNameIdOrZero,
20: FcDomainIdOrZero FROM FC-MGMT-MIB -- [RFC4044]
21: T11NsGs4RejectReasonCode
22: FROM T11-FC-NAME-SERVER-MIB -- [RFC4438]
23: T11FabricIndex FROM T11-TC-MIB -- [RFC4439]
24: T11FcSpAlphaNumName,
25: T11FcSpAlphaNumNameOrNull,
26: T11FcSpPolicyName,
27: T11FcSpPolicyNameType,
28: T11FcSpPolicyObjectType,
29: T11FcSpPolicyHashFormat,
30: T11FcSpPolicyHashValue FROM T11-FC-SP-TC-MIB;
31:
32: t11FcSpPolicyMIB MODULE-IDENTITY
33: LAST-UPDATED "200702190000Z"
34: ORGANIZATION "T11"
35: CONTACT-INFO
36: " Claudio DeSanti
37: Cisco Systems, Inc.
38: 170 West Tasman Drive
39: San Jose, CA 95134 USA
40: EMail: cds@cisco.com
41: Keith McCloghrie
42: Cisco Systems, Inc.
43: 170 West Tasman Drive
44: San Jose, CA 95134 USA
45: Email: kzm@cisco.com"
46: DESCRIPTION
47: "This MIB module specifies the management information
48: required to manage Fabric Policies as defined by Fibre
49: Channel's FC-SP specification.
50:
51: FC-SP uses the term 'Policy Objects', sometimes abbreviated
52: to just 'Objects', to refer to containers used to hold the
53: data by which Fabric Policies are specified/stored. This
54: obviously has the potential to cause confusion between
55: 'Policy Objects' and 'MIB objects'. The DESCRIPTIONs in
56: this MIB module attempt to avoid such confusion by the use
57: of different adjectives and capitalization, even though such
58: mechanisms are less effective when used in descriptors.
59:
60: Some types of Policy Objects contain multiple items of
61: information, each of which are held in the same format
62: within the Policy Object. In such cases, FC-SP uses the
63: term 'Entry' to describe each instance of the common format.
64: For example, FC-SP defines an Attribute Policy Object as
65: containing one or more 'Attribute Entries'. Again, this MIB
66: module attempts to avoid confusion by the use of adjectives
67: and capitalization to distinguish an Entry within a Policy
68: Object from an entry within a MIB table.
69:
70: A Fabric's database of Policy Objects consists of a set of
71: active Objects which are to be enforced by that Fabric, as
72: well as non-active Objects which are not enforced.
73: Operations defined (in FC-SP) for Policy Management are:
74:
75: - Add/Get/Remove operations on individual non-active
76: Policy Objects,
77: - Activate/Deactivate operations on a Policy Summary
78: Object, and
79: - Get operations on the active Policy Summary Object
80: and/or on individual active Policy Objects.
81:
82: This MIB module has five parts:
83:
84: 1) Active Policy Objects - read-only MIB objects
85: representing the set of active Policy Objects for
86: each Fabric,
87:
88: 2) Activate/Deactivate Operations
89: - a read-write MIB object to invoke an Activate
90: operation of the policies specified via a non-active
91: Policy Summary Object, and
92: - a read-write MIB object to invoke a Deactivate
93: operation.
94:
95: 3) Non-active Policy Objects
96: - read-create MIB objects to allow the creation of
97: non-active Policy Summary Objects (which reference
98: non-active Policy Objects), and
99: - read-create MIB objects representing non-active
100: Policy Objects.
101:
102: 4) Statistics
103:
104: 5) Control information and Notifications
105:
106: Copyright (C) The IETF Trust (2007). This version
107: of this MIB module is part of RFC yyyy; see the RFC
108: itself for full legal notices."
109: -- RFC Editor: replace yyyy with actual RFC number & remove this note
110: REVISION "200702190000Z"
111: DESCRIPTION
112: "Initial version of this MIB module, published as RFCyyyy."
113: -- RFC-Editor, replace yyyy with actual RFC number & remove this note
114: ::= { mib-2 nnn } -- to be assigned by IANA
114: error -
Object identifier element `nnn' name only allowed as first element
115: -- RFC Editor: replace nnn with IANA-assigned number & remove this note
116:
117: t11FcSpPoMIBObjects OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 1 }
118: t11FcSpPoMIBConformance OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 2 }
119: t11FcSpPoMIBNotifications OBJECT IDENTIFIER ::= { t11FcSpPolicyMIB 0 }
120: t11FcSpPoActive OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 1 }
121: t11FcSpPoOperations OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 2 }
122: t11FcSpPoNonActive OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 3 }
123: t11FcSpPoStatistics OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 4 }
124: t11FcSpPoControl OBJECT IDENTIFIER ::= { t11FcSpPoMIBObjects 5 }
125: --
126: -- Part 1 - Active Policy Objects
127: --
128:
129: t11FcSpPoTable OBJECT-TYPE
130: SYNTAX SEQUENCE OF T11FcSpPoEntry
131: MAX-ACCESS not-accessible
132: STATUS current
133: DESCRIPTION
134: "A table containing top-level information about active
135: FC-SP policies on various Fabrics."
136: ::= { t11FcSpPoActive 1 }
137:
138: t11FcSpPoEntry OBJECT-TYPE
139: SYNTAX T11FcSpPoEntry
140: MAX-ACCESS not-accessible
141: STATUS current
142: DESCRIPTION
143: "Each entry contains information about active FC-SP policies
144: for a particular Fabric, managed as part of the Fibre
145: Channel management instance identified by fcmInstanceIndex."
146: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex }
147: ::= { t11FcSpPoTable 1 }
148:
149: T11FcSpPoEntry ::= SEQUENCE {
150: t11FcSpPoFabricIndex T11FabricIndex,
151: t11FcSpPoPolicySummaryObjName T11FcSpAlphaNumName,
152: t11FcSpPoAdminFabricName FcNameIdOrZero,
153: t11FcSpPoActivatedTimeStamp TimeStamp
154: }
155:
156: t11FcSpPoFabricIndex OBJECT-TYPE
157: SYNTAX T11FabricIndex
158: MAX-ACCESS not-accessible
159: STATUS current
160: DESCRIPTION
161: "An index value which uniquely identifies a particular
162: Fabric."
163: ::= { t11FcSpPoEntry 1 }
164:
165: t11FcSpPoPolicySummaryObjName OBJECT-TYPE
166: SYNTAX T11FcSpAlphaNumName
167: MAX-ACCESS read-only
168: STATUS current
169: DESCRIPTION
170: "The name of this Fabric's (active) Policy Summary Object."
171: REFERENCE
172: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
173: Fibre Channel - Security Protocols (FC-SP),
174: 13 June 2006, section 7.1.3 and table 104."
175: ::= { t11FcSpPoEntry 2 }
176:
177: t11FcSpPoAdminFabricName OBJECT-TYPE
178: SYNTAX FcNameIdOrZero (SIZE (8))
179: MAX-ACCESS read-only
180: STATUS current
181: DESCRIPTION
182: "The administratively-specified name for this Fabric, as
183: specified in the active Switch Membership List Object.
184: This value is meaningful only when Static Domain_IDs are
185: in use in a Fabric (see FC-SW-4). Static Domain_IDs are
186: administratively enabled by a setting of the Switch Flags
187: in each Switch Entry in the Switch Membership List Object.
188: If Static Domain_IDs are not in use, this value might be
189: '0000000000000000'h.
190:
191: The t11FamEnable, t11FamFabricName and
192: t11FamConfigDomainIdType objects defined in the
193: T11-FC-FABRIC-ADDR-MGR-MIB module are also concerned with
194: the use of an administratively-specified name for a Fabric
195: and Static Domain_IDs. When FC-SP Policy is in use in a
196: Fabric, the values of t11FamEnable, t11FamFabricName and
197: t11FamConfigDomainIdType must be read-only and reflect the
198: active Policy Objects. For example, the value of
199: t11FamFabricName must reflect the value of
200: t11FcSpPoAdminFabricName."
201: REFERENCE
202: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
203: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
204: section 7.1.4.1 and table 108.
205: - Fibre Channel - Switch Fabric-4 (FC-SW-4),
206: ANSI INCITS 418-2006, April 2006, section 7.1.
207: - Fibre Channel Fabric Address Manager MIB', RFC 4439,
208: March 2006."
209: ::= { t11FcSpPoEntry 3 }
210:
211: t11FcSpPoActivatedTimeStamp OBJECT-TYPE
212: SYNTAX TimeStamp
213: MAX-ACCESS read-only
214: STATUS current
215: DESCRIPTION
216: "The value of sysUpTime at which this Fabric's Policy
217: Summary Object was last activated, or zero if the same
218: Policy Summary Object has been active since the last
219: restart of the management system."
220: ::= { t11FcSpPoEntry 4 }
221:
222: --
223: -- The table of Policy Summary Objects
224: --
225:
226: t11FcSpPoSummaryTable OBJECT-TYPE
227: SYNTAX SEQUENCE OF T11FcSpPoSummaryEntry
228: MAX-ACCESS not-accessible
229: STATUS current
230: DESCRIPTION
231: "A table of information about active Policy Objects listed
232: within FC-SP Policy Summary Objects."
233: ::= { t11FcSpPoActive 2 }
234:
235: t11FcSpPoSummaryEntry OBJECT-TYPE
236: SYNTAX T11FcSpPoSummaryEntry
237: MAX-ACCESS not-accessible
238: STATUS current
239: DESCRIPTION
240: "Each entry contains information about one of the active
241: Policy Objects listed within the Policy Summary Object for
242: the Fabric identified by t11FcSpPoFabricIndex and managed
243: within the Fibre Channel management instance identified by
244: fcmInstanceIndex.
245:
246: How many Policy Objects of a given type can be active at
247: any one time for a given Fabric depends on the type, as
248: specified in FC-SP. For some types, it is one per Fabric;
249: for other types, more than one can be active per Fabric.
250: In both of these cases, the absence of any entries in this
251: table for a particular type is equivalent to there being one
252: Policy Object of that type which is empty, e.g., a Switch
253: Membership List Object which identifies zero Switches."
254: REFERENCE
255: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
256: Fibre Channel - Security Protocols (FC-SP),
257: 13 June 2006, section 7.1.3 and table 104."
258: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
259: t11FcSpPoSummaryPolicyNameType,
260: t11FcSpPoSummaryPolicyName }
261: ::= { t11FcSpPoSummaryTable 1 }
262:
263: T11FcSpPoSummaryEntry ::= SEQUENCE {
264: t11FcSpPoSummaryPolicyNameType T11FcSpPolicyNameType,
265: t11FcSpPoSummaryPolicyName T11FcSpPolicyName,
266: t11FcSpPoSummaryPolicyType T11FcSpPolicyObjectType,
267: t11FcSpPoSummaryHashFormat T11FcSpPolicyHashFormat,
268: t11FcSpPoSummaryHashValue T11FcSpPolicyHashValue
269: }
270:
271: t11FcSpPoSummaryPolicyNameType OBJECT-TYPE
272: SYNTAX T11FcSpPolicyNameType {
273: nodeName(1),
274: alphaNumericName(7)
275: }
276: MAX-ACCESS not-accessible
277: STATUS current
278: DESCRIPTION
279: "The combination of t11FcSpPoSummaryPolicyNameType and
280: t11FcSpPoSummaryPolicyName specify the name of the Policy
281: Object contained in the Policy Summary Object.
282:
283: The type of name is 'nodeName' if the value of the
284: corresponding instance of t11FcSpPoSummaryPolicyType is
285: 'switchConnectivity', or 'alphaNumericName' otherwise."
286: ::= { t11FcSpPoSummaryEntry 1 }
287:
288: t11FcSpPoSummaryPolicyName OBJECT-TYPE
289: SYNTAX T11FcSpPolicyName
290: MAX-ACCESS not-accessible
291: STATUS current
292: DESCRIPTION
293: "The combination of t11FcSpPoSummaryPolicyNameType and
294: t11FcSpPoSummaryPolicyName specify the name of the Policy
295: Object contained in the Policy Summary Object."
296: ::= { t11FcSpPoSummaryEntry 2 }
297:
298: t11FcSpPoSummaryPolicyType OBJECT-TYPE
299: SYNTAX T11FcSpPolicyObjectType
300: MAX-ACCESS read-only
301: STATUS current
302: DESCRIPTION
303: "The 'Identifier' which specifies the type of this
304: Policy Object."
305:
306: REFERENCE
307: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
308: Fibre Channel - Security Protocols (FC-SP),
309: 13 June 2006, section 7.1.3.1 and table 104."
310: ::= { t11FcSpPoSummaryEntry 3 }
311:
312: t11FcSpPoSummaryHashFormat OBJECT-TYPE
313: SYNTAX T11FcSpPolicyHashFormat
314: MAX-ACCESS read-only
315: STATUS current
316: DESCRIPTION
317: "The format of this Policy Object's hash value as
318: contained in the corresponding instance of the
319: t11FcSpPoSummaryHashValue object."
320: ::= { t11FcSpPoSummaryEntry 4 }
321:
322: t11FcSpPoSummaryHashValue OBJECT-TYPE
323: SYNTAX T11FcSpPolicyHashValue
324: MAX-ACCESS read-only
325: STATUS current
326: DESCRIPTION
327: "The hash value of this Policy Object, in the format
328: identified by the corresponding instance of the
329: t11FcSpPoSummaryHashFormat object."
330: ::= { t11FcSpPoSummaryEntry 5 }
331:
332: --
333: -- Switch Entries in Active Switch Membership List Objects
334: --
335:
336: t11FcSpPoSwMembTable OBJECT-TYPE
337: SYNTAX SEQUENCE OF T11FcSpPoSwMembEntry
338: MAX-ACCESS not-accessible
339: STATUS current
340: DESCRIPTION
341: "A table of Switch Entries in active Switch Membership List
342: Objects.
343:
344: One Switch Membership List Object is represented by all
345: of the rows of this table which have the same values
346: of fcmInstanceIndex and t11FcSpPoFabricIndex."
347: REFERENCE
348: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
349: Fibre Channel - Security Protocols (FC-SP),
350: 13 June 2006, section 7.1.4.1 and table 110."
351: ::= { t11FcSpPoActive 3 }
352:
353: t11FcSpPoSwMembEntry OBJECT-TYPE
354: SYNTAX T11FcSpPoSwMembEntry
355: MAX-ACCESS not-accessible
356: STATUS current
357: DESCRIPTION
358: "Each entry contains information about one Switch Entry
359: within the active Switch Membership List Object for the
360: Fabric identified by t11FcSpPoFabricIndex and managed
361: within the Fibre Channel management instance identified
362: by fcmInstanceIndex."
363: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
364: t11FcSpPoSwMembSwitchNameType, t11FcSpPoSwMembSwitchName }
365: ::= { t11FcSpPoSwMembTable 1 }
366:
367: T11FcSpPoSwMembEntry ::= SEQUENCE {
368: t11FcSpPoSwMembSwitchNameType T11FcSpPolicyNameType,
369: t11FcSpPoSwMembSwitchName FcNameIdOrZero,
370: t11FcSpPoSwMembSwitchFlags BITS,
371: t11FcSpPoSwMembDomainID FcDomainIdOrZero,
372: t11FcSpPoSwMembPolicyDataRole INTEGER,
373: t11FcSpPoSwMembAuthBehaviour BITS,
374: t11FcSpPoSwMembAttribute T11FcSpAlphaNumNameOrNull
375: }
376: t11FcSpPoSwMembSwitchNameType OBJECT-TYPE
377: SYNTAX T11FcSpPolicyNameType {
378: nodeName(1),
379: restrictedNodeName(2),
380: wildcard(5),
381: restrictedWildcard(6)
382: }
383: MAX-ACCESS not-accessible
384: STATUS current
385: DESCRIPTION
386: "If the value of this object is 'nodeName' or
387: 'restrictedNodeName', then the combination of
388: this object and t11FcSpPoSwMembSwitchName specify the
389: Switch Name of this Switch Entry.
390:
391: The membership is restricted or unrestricted based on the
392: name type. Restricted membership means that the Switch is
393: not allowed to be part of the Fabric unless allowed by a
394: specific Switch Connectivity Object. Unrestricted
395: membership means that the Switch is allowed to be part of
396: the Fabric unless disallowed by a specific Switch
397: Connectivity Object.
398:
399: The values of 'wildcard' and 'restrictedWildcard' provide
400: the means to specify whether to allow/deny membership for
401: Switches not explicitly named in the Switch Membership
402: List Object."
403: REFERENCE
404: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
405: Fibre Channel - Security Protocols (FC-SP),
406: 13 June 2006, section 7.1.4.1 and table 110."
407: ::= { t11FcSpPoSwMembEntry 1 }
408:
409: t11FcSpPoSwMembSwitchName OBJECT-TYPE
410: SYNTAX FcNameIdOrZero (SIZE (8))
411: MAX-ACCESS not-accessible
412: STATUS current
413: DESCRIPTION
414: "When the value of t11FcSpPoSwMembSwitchNameType is
415: 'wildcard' or 'restrictedWildcard', this object has the
416: value '0000000000000000'h.
417:
418: Otherwise, the combination of t11FcSpPoSwMembSwitchNameType
419: and this object specify the Switch Name of this Switch
420: Entry."
421:
422: REFERENCE
423: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
424: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
425: section 7.1.4.1 and table 110."
426: ::= { t11FcSpPoSwMembEntry 2 }
427:
428: t11FcSpPoSwMembSwitchFlags OBJECT-TYPE
429: SYNTAX BITS {
430: staticDomainID(0),
431: insistentDomainID(1),
432: serialPortsAccess(2),
433: physicalPortsAccess(3),
434: managerRole(4)
435: }
436: MAX-ACCESS read-only
437: STATUS current
438: DESCRIPTION
439: "Configurable options in respect to the administration
440: of Policy Objects at this Switch:
441:
442: 'staticDomainID' - if this bit is set, the Switch
443: uses the 'Static Domain_IDs behavior' (as defined in
444: FC-SW-4). This bit needs to have the same setting for all
445: Switches in a Fabric's Switch Membership List Object, or
446: else the Fabric will partition. If this bit is set, the
447: Domain_ID for the Switch is given by the corresponding
448: instance of t11FcSpPoSwMembDomainID.
449:
450: 'insistentDomainID' - if this bit is set, the
451: Switch uses the 'Insistent Domain_ID behavior' (see
452: t11FamConfigDomainId of T11-FC-FABRIC-ADDR-MGR-MIB), the
453: Domain_ID for the Switch is given by the corresponding
454: instance of t11FcSpPoSwMembDomainID.
455:
456: 'serialPortsAccess' - the Switch allows management
457: through serial ports when and only when this bit is set.
458:
459: 'physicalPortsAccess' - the Switch allows management
460: through the physical panel when and only when this bit
461: is set.
462:
463: 'managerRole' - the Switch is allowed to change
464: the Fabric Policy configuration (on receipt of any of the
465: EACA, ESFC, EUFC, ACA, SFC, or UFC SW_ILSs) if and only if
466: this bit is set.
467: Whenever a Fabric has Active Policy Objects, the value of
468: the t11FamConfigDomainIdType object defined in the
469: T11-FC-FABRIC-ADDR-MGR-MIB module must be read-only and
470: reflect the values of the 'staticDomainID' and
471: 'insistentDomainID' bits of this object."
472: REFERENCE
473: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
474: Fibre Channel - Security Protocols (FC-SP),
475: 13 June 2006, section 7.1.4.1 and table 112.
476: - Fibre Channel - Switch Fabric-4 (FC-SW-4),
477: ANSI INCITS 418-2006, April 2006, section 7.1.
478: - t11FamConfigDomainIdType, T11-FC-FABRIC-ADDR-MGR-MIB,
479: Fibre Channel Fabric Address Manager MIB, RFC 4439."
480: ::= { t11FcSpPoSwMembEntry 3 }
481:
482: t11FcSpPoSwMembDomainID OBJECT-TYPE
483: SYNTAX FcDomainIdOrZero
484: MAX-ACCESS read-only
485: STATUS current
486: DESCRIPTION
487: "The specified Domain_ID value when either of the
488: 'staticDomainID' or 'insistentDomainID' bits are set in
489: the corresponding instance of t11FcSpPoSwMembSwitchFlags.
490:
491: Whenever a Fabric has Active Policy Objects, the value
492: of the t11FamConfigDomainId object defined in the
493: T11-FC-FABRIC-ADDR-MGR-MIB module must be read-only and
494: reflect the value of this object."
495: REFERENCE
496: " - INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
497: Fibre Channel - Security Protocols (FC-SP),
498: 13 June 2006, section 7.1.4.1 and tables 111 and 112.
499: - t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
500: Fibre Channel Fabric Address Manager MIB, RFC 4439."
501: ::= { t11FcSpPoSwMembEntry 4 }
502:
503: t11FcSpPoSwMembPolicyDataRole OBJECT-TYPE
504: SYNTAX INTEGER {
505: client(1),
506: autonomous(2),
507: server(3)
508: }
509: MAX-ACCESS read-only
510: STATUS current
511: DESCRIPTION
512: "The role of the Switch in terms of which Policy data
513: it retains/maintains:
514:
515: 'client' - the Switch operates as a Client Switch.
516: A Client Switch maintains its own Switch Connectivity
517: Object and all Fabric-wide List Objects. If FC-SP
518: Zoning is used, a Client Switch maintains only the
519: subset of the Active Zone Set that it requires to
520: enforce the current Fabric Zoning configuration.
521:
522: 'autonomous' - the Switch operates as an Autonomous
523: Switch. An Autonomous Switch maintains its own Switch
524: Connectivity Object and all Fabric-wide List Objects.
525: This is the same as 'client' except that if FC-SP Zoning
526: is used, an Autonomous Switch maintains a complete copy
527: of the Fabric Zoning Database.
528:
529: 'server' - the Switch operates as a Server Switch.
530: A Server Switch maintains all Fabric-wide List Objects
531: and the Switch Connectivity Objects of each Switch in
532: the Fabric. If FC-SP Zoning is used, a Server Switch
533: maintains a complete copy of the Fabric Zoning Database."
534: REFERENCE
535: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
536: Fibre Channel - Security Protocols (FC-SP),
537: 13 June 2006, section 7.1.4.1 and table 113."
538: ::= { t11FcSpPoSwMembEntry 5 }
539:
540: t11FcSpPoSwMembAuthBehaviour OBJECT-TYPE
541: SYNTAX BITS {
542: mustAuthenticate(0),
543: rejectIsFailure(1)
544: }
545: MAX-ACCESS read-only
546: STATUS current
547: DESCRIPTION
548: "The authentication behaviour of the Switch:
549:
550: 'mustAuthenticate' - if this bit is set, all connections
551: between this Switch and neighbour Switches must be
552: authenticated.
553:
554: 'rejectIsFailure' - if this bit is set, the rejection of
555: an AUTH_Negotiate message must be considered as an
556: authentication failure by this Switch."
557:
558: REFERENCE
559: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
560: Fibre Channel - Security Protocols (FC-SP),
561: 13 June 2006, section 7.1.4.1 and table 114."
562: ::= { t11FcSpPoSwMembEntry 6 }
563:
564: t11FcSpPoSwMembAttribute OBJECT-TYPE
565: SYNTAX T11FcSpAlphaNumNameOrNull
566: MAX-ACCESS read-only
567: STATUS current
568: DESCRIPTION
569: "The name of an active Attribute Policy Object which is
570: defined for this Switch, or the zero-length string. The
571: zero-length string indicates that no Attribute Policy
572: Object is defined for this Switch."
573: REFERENCE
574: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
575: Fibre Channel - Security Protocols (FC-SP),
576: 13 June 2006, section 7.1.4.1 and table 110."
577: ::= { t11FcSpPoSwMembEntry 7 }
578:
579:
580: --
581: -- Node Entries in Active Node Membership List Objects
582: --
583:
584: t11FcSpPoNoMembTable OBJECT-TYPE
585: SYNTAX SEQUENCE OF T11FcSpPoNoMembEntry
586: MAX-ACCESS not-accessible
587: STATUS current
588: DESCRIPTION
589: "A table of Node Entries in active Node Membership List
590: Objects.
591:
592: One Node Membership List Object is represented by all
593: of the rows of this table which have the same values
594: of fcmInstanceIndex and t11FcSpPoFabricIndex."
595: ::= { t11FcSpPoActive 4 }
596:
597: t11FcSpPoNoMembEntry OBJECT-TYPE
598: SYNTAX T11FcSpPoNoMembEntry
599: MAX-ACCESS not-accessible
600: STATUS current
601: DESCRIPTION
602: "Each entry contains information about one Node Entry
603: within the active Node Membership List Object for the
604: Fabric identified by t11FcSpPoFabricIndex and managed
605: within the Fibre Channel management instance identified
606: by fcmInstanceIndex."
607: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
608: t11FcSpPoNoMembNodeNameType, t11FcSpPoNoMembNodeName }
609: ::= { t11FcSpPoNoMembTable 1 }
610:
611: T11FcSpPoNoMembEntry ::= SEQUENCE {
612: t11FcSpPoNoMembNodeNameType T11FcSpPolicyNameType,
613: t11FcSpPoNoMembNodeName FcNameIdOrZero,
614: t11FcSpPoNoMembFlags BITS,
615: t11FcSpPoNoMembCtAccessIndex Unsigned32,
616: t11FcSpPoNoMembAttribute T11FcSpAlphaNumNameOrNull
617: }
618:
619: t11FcSpPoNoMembNodeNameType OBJECT-TYPE
620: SYNTAX T11FcSpPolicyNameType {
621: nodeName(1),
622: restrictedNodeName(2),
623: portName(3),
624: restrictedPortName(4),
625: wildcard(5),
626: restrictedWildcard(6)
627: }
628: MAX-ACCESS not-accessible
629: STATUS current
630: DESCRIPTION
631: "If the value of this object is 'wildcard' or
632: 'restrictedWildcard', this Node Entry applies to Nodes not
633: explicitly named in the Node Membership List Object.
634:
635: Otherwise, the combination of this object and
636: t11FcSpPoNoMembNodeName specify the name of this Node Entry
637: in the active Node Membership List Object. A Node is
638: identified by its Node Name or by one or more of its Port
639: Names.
640:
641: Restricted membership means that a Node is not allowed to be
642: connected to the Fabric unless allowed by a specific Switch
643: Connectivity Object. Unrestricted membership means that a
644: Node is allowed to be connected to the Fabric unless
645: disallowed by a specific Switch Connectivity Object."
646: REFERENCE
647: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
648: Fibre Channel - Security Protocols (FC-SP),
649: 13 June 2006, section 7.1.4.1 and table 116."
650: ::= { t11FcSpPoNoMembEntry 1 }
651:
652: t11FcSpPoNoMembNodeName OBJECT-TYPE
653: SYNTAX FcNameIdOrZero (SIZE (8))
654: MAX-ACCESS not-accessible
655: STATUS current
656: DESCRIPTION
657: "If the value of t11FcSpPoNoMembNodeNameType is
658: 'wildcard' or 'restrictedWildcard', this object has the
659: value '0000000000000000'h.
660:
661: Otherwise, the combination of t11FcSpPoNoMembNodeNameType
662: and this object specify the name of this Node Entry is the
663: active Node Membership List Object."
664: REFERENCE
665: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
666: Fibre Channel - Security Protocols (FC-SP),
667: 13 June 2006, section 7.1.4.1 and table 116."
668: ::= { t11FcSpPoNoMembEntry 2 }
669:
670: t11FcSpPoNoMembFlags OBJECT-TYPE
671: SYNTAX BITS {
672: scsiEnclosureAccess(0),
673: authenticationRequired(1)
674: }
675: MAX-ACCESS read-only
676: STATUS current
677: DESCRIPTION
678: "Configurable options in respect to the administration
679: of Policy Objects at this Node:
680:
681: 'scsiEnclosureAccess' - the Node is allowed to
682: control any Switch through SCSI Enclosure Services if this
683: bit is set. If a Switch does not support SCSI Enclosure
684: Services, this bit is ignored.
685:
686: 'authenticationRequired' - the Node is required to
687: authenticate itself to any Switch to which it is connected
688: if and only if this bit is set."
689: REFERENCE
690: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
691: Fibre Channel - Security Protocols (FC-SP),
692: 13 June 2006, section 7.1.4.1 and table 118."
693: ::= { t11FcSpPoNoMembEntry 3 }
694:
695: t11FcSpPoNoMembCtAccessIndex OBJECT-TYPE
696: SYNTAX Unsigned32 (0..4294967295)
697: MAX-ACCESS read-only
698: STATUS current
699: DESCRIPTION
700: "If the value of this object is zero, then access by this
701: Node to Generic Services is not limited by a Common
702: Transport Access Specifier.
703:
704: Otherwise, the limits are specified by the set of Common
705: Transport Access Descriptors contained in those rows of
706: the t11FcSpPoCtDescrTable for the same Fabric and for which
707: the value of t11FcSpPoCtDescrSpecifierIndex is the same as
708: the value of this object."
709: REFERENCE
710: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
711: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
712: section 7.1.4.1 and tables 118/119/120/121."
713: ::= { t11FcSpPoNoMembEntry 4 }
714:
715: t11FcSpPoNoMembAttribute OBJECT-TYPE
716: SYNTAX T11FcSpAlphaNumNameOrNull
717: MAX-ACCESS read-only
718: STATUS current
719: DESCRIPTION
720: "The name of an active Attribute Policy Object which is
721: defined for this Node, or the zero-length string. The
722: zero-length string indicates that no Attribute Policy
723: Object is defined for this Node."
724: REFERENCE
725: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
726: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
727: section 7.1.4.1 and table 116."
728: ::= { t11FcSpPoNoMembEntry 5 }
729:
730:
731: --
732: --
733: -- Common Transport Access Descriptors
734: --
735:
736: t11FcSpPoCtDescrTable OBJECT-TYPE
737: SYNTAX SEQUENCE OF T11FcSpPoCtDescrEntry
738: MAX-ACCESS not-accessible
739: STATUS current
740: DESCRIPTION
741: "A table of Common Transport Access Descriptors being used
742: within active Policy Objects.
743:
744: A Common Transport Access Specifier is a list of Common
745: Transport Access Descriptors which specify whether a Node
746: is allowed to access a Generic Service or Sub-Server.
747:
748: An active Common Transport Access Specifier is represented
749: by all rows of this table which have the same values of
750: fcmInstanceIndex, t11FcSpPoFabricIndex, and
751: t11FcSpPoCtDescrSpecifierIndex."
752: ::= { t11FcSpPoActive 5 }
753:
754: t11FcSpPoCtDescrEntry OBJECT-TYPE
755: SYNTAX T11FcSpPoCtDescrEntry
756: MAX-ACCESS not-accessible
757: STATUS current
758: DESCRIPTION
759: "Each entry contains information about one Common
760: Transport Access Descriptor of an active Common Transport
761: Access Specifier used within the Fabric identified by
762: t11FcSpPoFabricIndex and managed within the Fibre Channel
763: management instance identified by fcmInstanceIndex."
764: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
765: t11FcSpPoCtDescrSpecifierIndex, t11FcSpPoCtDescrIndex }
766: ::= { t11FcSpPoCtDescrTable 1 }
767:
768: T11FcSpPoCtDescrEntry ::= SEQUENCE {
769: t11FcSpPoCtDescrSpecifierIndex Unsigned32,
770: t11FcSpPoCtDescrIndex Unsigned32,
771: t11FcSpPoCtDescrFlags BITS,
772: t11FcSpPoCtDescrGsType OCTET STRING,
773: t11FcSpPoCtDescrGsSubType OCTET STRING
774: }
775:
776: t11FcSpPoCtDescrSpecifierIndex OBJECT-TYPE
777: SYNTAX Unsigned32 (1..4294967295)
778: MAX-ACCESS not-accessible
779: STATUS current
780: DESCRIPTION
781: "An index value which uniquely identifies a particular
782: Common Transport Access Specifier within a Fabric."
783: ::= { t11FcSpPoCtDescrEntry 1 }
784:
785: t11FcSpPoCtDescrIndex OBJECT-TYPE
786: SYNTAX Unsigned32 (1..4294967295)
787: MAX-ACCESS not-accessible
788: STATUS current
789: DESCRIPTION
790: "An index value which uniquely identifies a particular
791: Common Transport Access Descriptor within a Common Transport
792: Access Specifier."
793: ::= { t11FcSpPoCtDescrEntry 2 }
794:
795: t11FcSpPoCtDescrFlags OBJECT-TYPE
796: SYNTAX BITS {
797: allow(0),
798: gsTypeWildcard(1),
799: gsSubTypeWildcard(2),
800: readOnly(3)
801: }
802: MAX-ACCESS read-only
803: STATUS current
804: DESCRIPTION
805: "The flag bits which specify how access is to be limited by
806: this Common Transport Access Descriptor:
807:
808: - allow -- access to the specified Generic Service and
809: Server is allowed if this bit is set, and to be denied if
810: this bit is not set.
811:
812: - gsTypeWildcard -- if this bit is set, the Generic Service
813: to be allowed/denied is specified by the value of
814: t11FcSpPoCtDescrGsType. If this bit is set, then the
815: gsSubTypeWildcard bit must not be set.
816:
817: - gsSubTypeWildcard -- if this bit is set, the Generic
818: Service to be allowed/denied is specified by the value of
819: t11FcSpPoCtDescrGsSubType. If this bit is set, then the
820: gsTypeWildcard bit must not be set.
821:
822: - readOnly -- if this bit is set then access is to be
823: granted only for reading."
824: ::= { t11FcSpPoCtDescrEntry 3 }
825:
826: t11FcSpPoCtDescrGsType OBJECT-TYPE
827: SYNTAX OCTET STRING (SIZE (1))
828: MAX-ACCESS read-only
829: STATUS current
830: DESCRIPTION
831: "The GS_Type of the Generic Service (e.g., the FC-GS-5
832: Management Service) which is subject to access control.
833: This value is ignored if the gsTypeWildcard bit is not set
834: in the corresponding value of t11FcSpPoCtDescrFlags."
835: REFERENCE
836: "Fibre Channel - Generic Services-5 (FC-GS-5),
837: ANSI INCITS 427-2006, section 4.3.2.4."
838: ::= { t11FcSpPoCtDescrEntry 4 }
839:
840: t11FcSpPoCtDescrGsSubType OBJECT-TYPE
841: SYNTAX OCTET STRING (SIZE (1))
842: MAX-ACCESS read-only
843: STATUS current
844: DESCRIPTION
845: "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
846: Server) which is subject to access control. This value is
847: ignored if the gsSubTypeWildcard bit is not set in the
848: corresponding value of t11FcSpPoCtDescrFlags."
849: REFERENCE
850: "Fibre Channel - Generic Services-5 (FC-GS-5),
851: ANSI INCITS 427-2006, section 4.3.2.5."
852: ::= { t11FcSpPoCtDescrEntry 5 }
853:
854: --
855: --
856: -- Switches/Nodes in Active Switch Connectivity Objects
857: --
858:
859: t11FcSpPoSwConnTable OBJECT-TYPE
860: SYNTAX SEQUENCE OF T11FcSpPoSwConnEntry
861: MAX-ACCESS not-accessible
862: STATUS current
863: DESCRIPTION
864: "A table of active Switch Connectivity Objects.
865:
866: A Switch Connectivity Object defines to which other
867: Switches or Nodes a particular Switch may/may not be
868: connected at the Node level and/or at the Port level."
869: REFERENCE
870: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
871: Fibre Channel - Security Protocols (FC-SP),
872: 13 June 2006, section 7.1.6.1, tables 123/124."
873: ::= { t11FcSpPoActive 6 }
874:
875: t11FcSpPoSwConnEntry OBJECT-TYPE
876: SYNTAX T11FcSpPoSwConnEntry
877: MAX-ACCESS not-accessible
878: STATUS current
879: DESCRIPTION
880: "Each entry contains the name of either a Switch or a Node
881: with which any port of a particular Switch, or a particular
882: port of that Switch, is allowed or not allowed to be
883: connected.
884:
885: The particular Switch is on the Fabric identified by
886: t11FcSpPoFabricIndex and managed within the Fibre Channel
887: management instance identified by fcmInstanceIndex."
888: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
889: t11FcSpPoSwConnSwitchName, t11FcSpPoSwConnAllowedType,
890: t11FcSpPoSwConnPortNameOrAll,
891: t11FcSpPoSwConnAllowedIndex }
892: ::= { t11FcSpPoSwConnTable 1 }
893:
894: T11FcSpPoSwConnEntry ::= SEQUENCE {
895: t11FcSpPoSwConnSwitchName FcNameIdOrZero,
896: t11FcSpPoSwConnAllowedType INTEGER,
897: t11FcSpPoSwConnPortNameOrAll FcNameIdOrZero,
898: t11FcSpPoSwConnAllowedIndex Unsigned32,
899: t11FcSpPoSwConnAllowedNameType T11FcSpPolicyNameType,
900: t11FcSpPoSwConnAllowedName T11FcSpPolicyName
901: }
902:
903: t11FcSpPoSwConnSwitchName OBJECT-TYPE
904: SYNTAX FcNameIdOrZero (SIZE (8))
905: MAX-ACCESS not-accessible
906: STATUS current
907: DESCRIPTION
908: "The name of the particular Switch for which this Switch
909: Connectivity Object specifies topology restrictions."
910: ::= { t11FcSpPoSwConnEntry 1 }
911:
912: t11FcSpPoSwConnAllowedType OBJECT-TYPE
913: SYNTAX INTEGER { switch(1), node(2) }
914: MAX-ACCESS not-accessible
915: STATUS current
916: DESCRIPTION
917: "This object specifies whether this row refers to
918: Switch-to-Switch or Switch-to-Node connectivity, i.e.,
919: whether the corresponding instance of
920: t11FcSpPoSwConnAllowedName specifies the name of a Switch
921: or the name of a Node."
922: ::= { t11FcSpPoSwConnEntry 2 }
923:
924: t11FcSpPoSwConnPortNameOrAll OBJECT-TYPE
925: SYNTAX FcNameIdOrZero (SIZE(0 | 8))
926: MAX-ACCESS not-accessible
927: STATUS current
928: DESCRIPTION
929: "This object specifies either the particular port to which
930: this topology restriction applies, or if the value is the
931: zero-length string, that the topology restriction applies
932: to all ports on the particular Switch.
933:
934: In the FC-SP Policy Database, restrictions for a particular
935: port are formatted within a Port Connectivity Entry of a
936: Switch Connectivity Object, whereas restrictions for all
937: ports on the Switch are specified in the main part of a
938: Switch Connectivity Object, i.e., not in a Port Connectivity
939: Entry."
940: REFERENCE
941: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
942: Fibre Channel - Security Protocols (FC-SP),
943: 13 June 2006, section 7.1.6.1, tables 123/124."
944: ::= { t11FcSpPoSwConnEntry 3 }
945:
946: t11FcSpPoSwConnAllowedIndex OBJECT-TYPE
947: SYNTAX Unsigned32 (1..4294967295)
948: MAX-ACCESS not-accessible
949: STATUS current
950: DESCRIPTION
951: "When multiple rows in this table apply to the same
952: port(s) in the same Switch's Switch Connectivity Object,
953: this object provides a unique index value to distinguish
954: between such rows."
955: ::= { t11FcSpPoSwConnEntry 4 }
956:
957: t11FcSpPoSwConnAllowedNameType OBJECT-TYPE
958: SYNTAX T11FcSpPolicyNameType {
959: nodeName(1),
960: restrictedNodeName(2),
961: portName(3),
962: restrictedPortName(4),
963: wildcard(5),
964: restrictedWildcard(6)
965: }
966: MAX-ACCESS read-only
967: STATUS current
968: DESCRIPTION
969: "If the value of this object is 'wildcard' or
970: 'restrictedWildcard', this row specifies whether
971: connectivity is allowed/not allowed with entities not
972: explicitly named by other rows.
973:
974: Otherwise, the combination of t11FcSpPoSwConnAllowedNameType
975: and t11FcSpPoSwConnAllowedName specify the name of:
976:
977: - a Switch (if t11FcSpPoSwConnAllowedType = 'switch'), or
978: - a Node (if t11FcSpPoSwConnAllowedType = 'node')
979:
980: to which connectivity is:
981:
982: - allowed by 'nodeName' and 'portname',
983: - not allowed by 'restrictedNodeName' and
984: 'restrictedPortName'."
985: ::= { t11FcSpPoSwConnEntry 5 }
986:
987: t11FcSpPoSwConnAllowedName OBJECT-TYPE
988: SYNTAX T11FcSpPolicyName
989: MAX-ACCESS read-only
990: STATUS current
991: DESCRIPTION
992: "If the value of t11FcSpPoSwConnAllowedNameType is
993: 'wildcard' or 'restrictedWildcard', this object has the
994: value '0000000000000000'h.
995:
996: Otherwise, the combination of t11FcSpPoSwConnAllowedNameType
997: and t11FcSpPoSwConnAllowedName specify the name of:
998:
999: - a Switch (if t11FcSpPoSwConnAllowedType = 'switch'), or
1000: - a Node (if t11FcSpPoSwConnAllowedType = 'node')
1001:
1002: to which connectivity is allowed/restricted."
1003: ::= { t11FcSpPoSwConnEntry 6 }
1004:
1005:
1006: --
1007: -- IP Management Entries in Active IP Management List Objects
1008: --
1009:
1010: t11FcSpPoIpMgmtTable OBJECT-TYPE
1011: SYNTAX SEQUENCE OF T11FcSpPoIpMgmtEntry
1012: MAX-ACCESS not-accessible
1013: STATUS current
1014: DESCRIPTION
1015: "A table of IP Management Entries in active IP Management
1016: List Objects. A IP Management List Object is a
1017: Fabric-wide Policy Object that describes which IP hosts
1018: are allowed to manage a Fabric.
1019:
1020: One IP Management List Object is represented by all
1021: of the rows of this table which have the same values
1022: of fcmInstanceIndex and t11FcSpPoFabricIndex."
1023: REFERENCE
1024: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1025: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1026: section 7.1.7"
1027: ::= { t11FcSpPoActive 7 }
1028:
1029: t11FcSpPoIpMgmtEntry OBJECT-TYPE
1030: SYNTAX T11FcSpPoIpMgmtEntry
1031: MAX-ACCESS not-accessible
1032: STATUS current
1033: DESCRIPTION
1034: "Each entry contains information about one IP Management
1035: Entry within the active IP Management List Object for the
1036: Fabric identified by t11FcSpPoFabricIndex and managed
1037: within the Fibre Channel management instance identified
1038: by fcmInstanceIndex.
1039:
1040: The Policy Object Name of an IP Management Entry Policy
1041: Object is either an IPv6 Address Range or an IPv4 Address
1042: Range, where in each case, the range is specified as two
1043: addresses: the low and high ends of the range. In
1044: particular, since the Policy Object Name in this situation
1045: can only be an IPv6 Address Range or an IPv4 Address Range,
1046: it is represented here by three MIB objects defined as a
1047: (InetAddressType, InetAddress, InetAddress) tuple, in which
1048: the first address is the low end of the range, the second
1049: address is the high end of the range, and both addresses are
1050: of the type designated by InetAddressType.
1051:
1052: In theory, the use of t11FcSpPoIpMgmtEntryNameLow and
1053: t11FcSpPoIpMgmtEntryNameHigh (which both have the syntax
1054: of InetAddress) in the INDEX could cause the need for
1055: excessively-long OIDs. In practice, this can't happen
1056: because FC-SP doesn't allow these objects to be specified
1057: as DNS names."
1058: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1059: t11FcSpPoIpMgmtEntryNameType,
1060: t11FcSpPoIpMgmtEntryNameLow,
1061: t11FcSpPoIpMgmtEntryNameHigh }
1062: ::= { t11FcSpPoIpMgmtTable 1 }
1063:
1064: T11FcSpPoIpMgmtEntry ::= SEQUENCE {
1065: t11FcSpPoIpMgmtEntryNameType InetAddressType,
1066: t11FcSpPoIpMgmtEntryNameLow InetAddress,
1067: t11FcSpPoIpMgmtEntryNameHigh InetAddress,
1068: t11FcSpPoIpMgmtWkpIndex Unsigned32,
1069: t11FcSpPoIpMgmtAttribute T11FcSpAlphaNumNameOrNull
1070: }
1071:
1072: t11FcSpPoIpMgmtEntryNameType OBJECT-TYPE
1073: SYNTAX InetAddressType
1074: MAX-ACCESS not-accessible
1075: STATUS current
1076: DESCRIPTION
1077: "The combination of t11FcSpPoIpMgmtNameType,
1078: t11FcSpPoIpMgmtNameLow and t11FcSpPoIpMgmtNameHigh
1079: specify the IP Address range of this IP Management
1080: Entry in the IP Management List Object.
1081: The FC-SP specification does not allow the use of a
1082: DNS domain name to specify the address at the lower end
1083: or at the higher end of the IP Address range, nor does it
1084: allow the specification of a zone index. Therefore, the
1085: type of address must be one of: 'ipv4', or 'ipv6'."
1086: REFERENCE
1087: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1088: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1089: sections 7.1.7.1 & 7.1.2, tables 103/126."
1090: ::= { t11FcSpPoIpMgmtEntry 1 }
1091:
1092: t11FcSpPoIpMgmtEntryNameLow OBJECT-TYPE
1093: SYNTAX InetAddress (SIZE(4 | 16))
1094: MAX-ACCESS not-accessible
1095: STATUS current
1096: DESCRIPTION
1097: "The lower end of an Internet address range. The type
1098: of this address is given by the corresponding instance
1099: of t11FcSpPoIpMgmtEntryNameType.
1100:
1101: The combination of t11FcSpPoIpMgmtNameType,
1102: t11FcSpPoIpMgmtNameLow and t11FcSpPoIpMgmtNameHigh
1103: specify the IP Address range of this IP Management
1104: Entry in the IP Management List Object."
1105: REFERENCE
1106: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1107: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1108: sections 7.1.7.1 & 7.1.2, tables 103/126."
1109: ::= { t11FcSpPoIpMgmtEntry 2 }
1110:
1111: t11FcSpPoIpMgmtEntryNameHigh OBJECT-TYPE
1112: SYNTAX InetAddress (SIZE(4 | 16))
1113: MAX-ACCESS not-accessible
1114: STATUS current
1115: DESCRIPTION
1116: "The higher end of an Internet address range. The type
1117: of this address is given by the corresponding instance
1118: of t11FcSpPoIpMgmtEntryNameType.
1119:
1120: The combination of t11FcSpPoIpMgmtNameType,
1121: t11FcSpPoIpMgmtNameLow and t11FcSpPoIpMgmtNameHigh
1122: specify the IP Address range of this IP Management
1123: Entry in the IP Management List Object."
1124: REFERENCE
1125: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1126: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1127: sections 7.1.7.1 & 7.1.2, tables 103/126."
1128: ::= { t11FcSpPoIpMgmtEntry 3 }
1129:
1130: t11FcSpPoIpMgmtWkpIndex OBJECT-TYPE
1131: SYNTAX Unsigned32 (0..4294967295)
1132: MAX-ACCESS read-only
1133: STATUS current
1134: DESCRIPTION
1135: "This object identifies the restrictions for IP management
1136: access by IP hosts in this range of IP addresses, specified
1137: as the set of Well Known Protocols Access Descriptors
1138: contained in those rows of the t11FcSpPoWkpDescrTable for
1139: which the value of t11FcSpPoWkpDescrSpecifierIndex is the
1140: same as the value of this object. A value of zero indicates
1141: that this IP Management Entry does not identify a Well Known
1142: Protocols Access Specifier."
1143: REFERENCE
1144: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1145: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1146: section 7.1.7.1 and tables 127/129."
1147: ::= { t11FcSpPoIpMgmtEntry 4 }
1148:
1149: t11FcSpPoIpMgmtAttribute OBJECT-TYPE
1150: SYNTAX T11FcSpAlphaNumNameOrNull
1151: MAX-ACCESS read-only
1152: STATUS current
1153: DESCRIPTION
1154: "The name of an active Attribute Policy Object which is
1155: defined for this IP Management entry, or the zero-length
1156: string. The zero-length string indicates that no Attribute
1157: Policy Object is defined for this IP Management entry."
1158: REFERENCE
1159: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1160: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1161: section 7.1.7.1 and table 128."
1162: ::= { t11FcSpPoIpMgmtEntry 5 }
1163:
1164: --
1165: -- Well-Known Protocol Access Descriptors
1166: --
1167:
1168: t11FcSpPoWkpDescrTable OBJECT-TYPE
1169: SYNTAX SEQUENCE OF T11FcSpPoWkpDescrEntry
1170: MAX-ACCESS not-accessible
1171: STATUS current
1172: DESCRIPTION
1173: "A table of the Well-Known Protocol Access Descriptors
1174: being used within active Policy Objects.
1175:
1176: A Well-Known Protocol Access Specifier is a list of
1177: Well-Known Protocol Access Descriptors each of which
1178: specifies a protocol number, a port number and/or various
1179: flags specifying how IP management access is restricted.
1180:
1181: A Well-Known Protocol Transport Access Specifier is
1182: represented by all rows of this table which have the
1183: same values of fcmInstanceIndex, t11FcSpPoFabricIndex,
1184: and t11FcSpPoWkpDescrSpecifierIndex."
1185: ::= { t11FcSpPoActive 8 }
1186:
1187: t11FcSpPoWkpDescrEntry OBJECT-TYPE
1188: SYNTAX T11FcSpPoWkpDescrEntry
1189: MAX-ACCESS not-accessible
1190: STATUS current
1191: DESCRIPTION
1192: "Each entry contains information about one Well-Known
1193: Protocol Access Descriptor of a Well-Known Protocol
1194: Access Specifier used within the Fabric identified by
1195: t11FcSpPoFabricIndex and managed within the Fibre Channel
1196: management instance identified by fcmInstanceIndex."
1197: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1198: t11FcSpPoWkpDescrSpecifierIndex, t11FcSpPoWkpDescrIndex }
1199: ::= { t11FcSpPoWkpDescrTable 1 }
1200:
1201: T11FcSpPoWkpDescrEntry ::= SEQUENCE {
1202: t11FcSpPoWkpDescrSpecifierIndex Unsigned32,
1203: t11FcSpPoWkpDescrIndex Unsigned32,
1204: t11FcSpPoWkpDescrFlags BITS,
1205: t11FcSpPoWkpDescrWkpNumber Unsigned32,
1206: t11FcSpPoWkpDescrDestPort Unsigned32
1207: }
1208: t11FcSpPoWkpDescrSpecifierIndex OBJECT-TYPE
1209: SYNTAX Unsigned32 (1..4294967295)
1210: MAX-ACCESS not-accessible
1211: STATUS current
1212: DESCRIPTION
1213: "An index value which uniquely identifies a particular
1214: Well-Known Protocol Access Specifier within a Fabric."
1215: ::= { t11FcSpPoWkpDescrEntry 1 }
1216:
1217: t11FcSpPoWkpDescrIndex OBJECT-TYPE
1218: SYNTAX Unsigned32 (1..4294967295)
1219: MAX-ACCESS not-accessible
1220: STATUS current
1221: DESCRIPTION
1222: "An index value which uniquely identifies a particular
1223: Well-Known Protocol Access Descriptor within a Well-Known
1224: Protocol Access Specifier."
1225: ::= { t11FcSpPoWkpDescrEntry 2 }
1226:
1227: t11FcSpPoWkpDescrFlags OBJECT-TYPE
1228: SYNTAX BITS {
1229: allow(0),
1230: wkpWildcard(1),
1231: destPortWildcard(2),
1232: readOnly(3)
1233: }
1234: MAX-ACCESS read-only
1235: STATUS current
1236: DESCRIPTION
1237: "The flag bits which specify how access is to be limited by
1238: this Well-Known Protocol Access Descriptor:
1239:
1240: - allow -- IP management access using this protocol/port
1241: is allowed if this bit is set, and to be denied if this
1242: bit is not set.
1243:
1244: - wkpWildcard -- if this bit is set, the IP Protocol number
1245: of the Well-Known Protocol to be allowed/denied is
1246: specified by the value of t11FcSpPoWkpDescrWkpNumber.
1247:
1248: - destPortWildcard -- if this bit is set, the Destination
1249: (TCP/UDP) Port number of the Well-Known Protocol to be
1250: allowed/denied is specified by the value of
1251: t11FcSpPoWkpDescrDestPort.
1252:
1253: - readOnly -- if this bit is set then access is to be
1254: granted only for reading."
1255: REFERENCE
1256: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1257: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1258: section 7.1.7.1 and table 131."
1259: ::= { t11FcSpPoWkpDescrEntry 3 }
1260:
1261: t11FcSpPoWkpDescrWkpNumber OBJECT-TYPE
1262: SYNTAX Unsigned32 (0..255)
1263: MAX-ACCESS read-only
1264: STATUS current
1265: DESCRIPTION
1266: "When the 'wkpWildcard' bit is set in the corresponding
1267: instance of t11FcSpPoWkpDescrFlags, this object specifies
1268: the IP protocol number of the Well-Known Protocol."
1269: REFERENCE
1270: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1271: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1272: section 7.1.7.1 and table 131.
1273: - http://www.iana.org/assignments/protocol-numbers."
1274: ::= { t11FcSpPoWkpDescrEntry 4 }
1275:
1276: t11FcSpPoWkpDescrDestPort OBJECT-TYPE
1277: SYNTAX Unsigned32 (0..65535)
1278: MAX-ACCESS read-only
1279: STATUS current
1280: DESCRIPTION
1281: "When the 'destPortWildcard' bit is set in the corresponding
1282: instance of t11FcSpPoWkpDescrFlags, this object specifies
1283: the Destination (TCP/UDP) Port number of the Well-Known
1284: Protocol."
1285: REFERENCE
1286: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1287: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1288: section 7.1.7.1 and table 131.
1289: - http://www.iana.org/assignments/port-numbers."
1290: ::= { t11FcSpPoWkpDescrEntry 5 }
1291:
1292: --
1293: -- Attribute Entries in Active Attribute Policy Objects
1294: --
1295:
1296: t11FcSpPoAttribTable OBJECT-TYPE
1297: SYNTAX SEQUENCE OF T11FcSpPoAttribEntry
1298: MAX-ACCESS not-accessible
1299: STATUS current
1300: DESCRIPTION
1301: "A table of the Attribute Policy Objects being used within
1302: active Policy Objects. In the FC-SP Policy Database, each
1303: Attribute Policy Object consists of an Attribute Object Name
1304: and a set of Attribute Entries.
1305:
1306: An active Attribute Policy Object is represented by all the
1307: Attribute Entries in this table which have the same value
1308: of t11FcSpPoAttribName."
1309: ::= { t11FcSpPoActive 9 }
1310:
1311: t11FcSpPoAttribEntry OBJECT-TYPE
1312: SYNTAX T11FcSpPoAttribEntry
1313: MAX-ACCESS not-accessible
1314: STATUS current
1315: DESCRIPTION
1316: "Each row contains information specific to an Attribute
1317: Entry contained within an Attribute Policy Object which is
1318: active within the Fabric identified by t11FcSpPoFabricIndex
1319: and managed within the Fibre Channel management instance
1320: identified by fcmInstanceIndex.
1321:
1322: For some types of Attribute Policy Objects, it is valuable
1323: to break-out some semantically-significant parts of the
1324: Policy Object's value into their own individual MIB
1325: objects; for example, to extract the one or more individual
1326: Authentication Protocol Identifiers and associated
1327: Authentication Protocol Parameters out of an Attribute
1328: Object containing a 'AUTH_Negotiate Message Payload'.
1329: For such types, another MIB table is defined to hold the
1330: extracted values in MIB objects specific to the Attribute
1331: Policy Object's type. In such cases, the
1332: t11FcSpPoAttribExtension object in this table points to the
1333: other MIB table.
1334:
1335: If the value of one Attribute Entry is too large (more than
1336: 256 bytes) to be contained within the value of one instance
1337: of t11FcSpPoAttribValue, then one row in this table contains
1338: the first 256 bytes, and one (or more) other row(s) in this
1339: table contain the rest of the value."
1340: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1341: t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
1342: t11FcSpPoAttribPartIndex }
1343: ::= { t11FcSpPoAttribTable 1 }
1344:
1345: T11FcSpPoAttribEntry ::= SEQUENCE {
1346: t11FcSpPoAttribName T11FcSpAlphaNumName,
1347: t11FcSpPoAttribEntryIndex Unsigned32,
1348: t11FcSpPoAttribPartIndex Unsigned32,
1349: t11FcSpPoAttribType Unsigned32,
1350: t11FcSpPoAttribValue OCTET STRING,
1351: t11FcSpPoAttribExtension OBJECT IDENTIFIER
1352: }
1353:
1354: t11FcSpPoAttribName OBJECT-TYPE
1355: SYNTAX T11FcSpAlphaNumName
1356: MAX-ACCESS not-accessible
1357: STATUS current
1358: DESCRIPTION
1359: "The name of the Attribute Policy Object containing one
1360: or more Attribute Entries."
1361: REFERENCE
1362: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1363: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1364: section 7.1.8.1 and table 133."
1365: ::= { t11FcSpPoAttribEntry 1 }
1366:
1367: t11FcSpPoAttribEntryIndex OBJECT-TYPE
1368: SYNTAX Unsigned32 (1..4294967295)
1369: MAX-ACCESS not-accessible
1370: STATUS current
1371: DESCRIPTION
1372: "A unique value to distinguish this Attribute Entry
1373: from other Attribute Entries contained in the same
1374: Attribute Policy Object."
1375: REFERENCE
1376: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1377: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1378: section 7.1.8.1, tables 133/134."
1379: ::= { t11FcSpPoAttribEntry 2 }
1380:
1381: t11FcSpPoAttribPartIndex OBJECT-TYPE
1382: SYNTAX Unsigned32 (1..4294967295)
1383: MAX-ACCESS not-accessible
1384: STATUS current
1385: DESCRIPTION
1386: "When the value of an Attribute Entry is shorter than 257
1387: bytes, the whole value is contained in one instance of
1388: t11FcSpPoAttribValue, and the value of this object is 1.
1389:
1390: If the value of an Attribute Entry is longer than 256 bytes,
1391: then that value is divided up on 256 byte boundaries such
1392: that all parts are 256 bytes long except the last part which
1393: is shorter if necessary, with each such part contained in
1394: a separate row of this table, and the value of this object
1395: is set to the part number. That is, this object has the
1396: value of 1 for bytes 0-255, the value of 2 for bytes
1397: 256-511, ... etc."
1398: REFERENCE
1399: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1400: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1401: section 7.1.8.1, tables 134/135."
1402: ::= { t11FcSpPoAttribEntry 3 }
1403:
1404: t11FcSpPoAttribType OBJECT-TYPE
1405: SYNTAX Unsigned32 (1..4294967295)
1406: MAX-ACCESS read-only
1407: STATUS current
1408: DESCRIPTION
1409: "The type of attribute. The first type to be defined is:
1410:
1411: t11FcSpPoAttribType t11FcSpPoAttribValue
1412: =================== ====================
1413: '00000001'h The AUTH_Negotiate Message Payload
1414: "
1415: REFERENCE
1416: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1417: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1418: section 7.1.8.1, tables 134/135 and table 10."
1419: ::= { t11FcSpPoAttribEntry 4 }
1420:
1421: t11FcSpPoAttribValue OBJECT-TYPE
1422: SYNTAX OCTET STRING (SIZE (0..256))
1423: MAX-ACCESS read-only
1424: STATUS current
1425: DESCRIPTION
1426: "The value of an Attribute Entry is divided up on 256 byte
1427: boundaries such that all parts are 256 bytes long except the
1428: last part which is shorter if necessary, and each such part
1429: is contained in a separate instance of this object.
1430:
1431: The value of this object is independent of whether some
1432: parts of its value are broken-out into separate MIB objects
1433: pointed to by the corresponding instance of
1434: t11FcSpPoAttribExtension."
1435: REFERENCE
1436: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1437: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1438: section 7.1.8.1, tables 134/135 and table 10."
1439: ::= { t11FcSpPoAttribEntry 5 }
1440:
1441: t11FcSpPoAttribExtension OBJECT-TYPE
1442: SYNTAX OBJECT IDENTIFIER
1443: MAX-ACCESS read-only
1444: STATUS current
1445: DESCRIPTION
1446: "For some types of Attribute Policy Object, the value of
1447: this MIB object points to type-specific MIB objects which
1448: contain individual/broken-out parts of the Attribute Policy
1449: Object's value. If this object doesn't point to such
1450: type-specific MIB objects, then it contains the value:
1451: zeroDotZero.
1452:
1453: In particular, when the value of t11FcSpPoAttribType
1454: indicates 'AUTH_Negotiate Message Payload', one or more
1455: Authentication Protocol Identifiers and their associated
1456: Authentication Protocol Parameters are embedded within the
1457: value of the corresponding instance of t11FcSpPoAttribValue;
1458: MIB objects to contain these individual values are defined
1459: in the t11FcSpPoAuthProtTable. Thus, for an 'AUTH_Negotiate
1460: Message Payload' Attribute, the value of this object
1461: contains the OID of t11FcSpPoAuthProtTable."
1462: ::= { t11FcSpPoAttribEntry 6 }
1463:
1464: --
1465: -- Auth. Protocol Parameters in Active Attribute Policy Objects
1466: --
1467:
1468: t11FcSpPoAuthProtTable OBJECT-TYPE
1469: SYNTAX SEQUENCE OF T11FcSpPoAuthProtEntry
1470: MAX-ACCESS not-accessible
1471: STATUS current
1472: DESCRIPTION
1473: "A table of Authentication Protocol Identifier and
1474: Authentication Protocol Parameters which are embedded in
1475: Attribute Policy Objects being used within active Policy
1476: Objects.
1477:
1478: This table is used for Attribute Entries of Attribute Policy
1479: Objects for which the value of t11FcSpPoAttribType indicates
1480: 'AUTH_Negotiate Message Payload' and the value of
1481: t11FcSpPoAttribExtension contains the OID of this table."
1482: REFERENCE
1483: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1484: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1485: sections 5.3.2 & 7.1.8.1, tables 134/135 and tables 10/11."
1486: ::= { t11FcSpPoActive 10 }
1487:
1488: t11FcSpPoAuthProtEntry OBJECT-TYPE
1489: SYNTAX T11FcSpPoAuthProtEntry
1490: MAX-ACCESS not-accessible
1491: STATUS current
1492: DESCRIPTION
1493: "Each entry contains information about an Authentication
1494: Protocol which is extracted out of the Attribute Entry
1495: (identified by t11FcSpPoAttribEntryIndex) of the Policy
1496: Attribute Object (identified by t11FcSpPoAttribName) which is
1497: active within the Fabric identified by t11FcSpPoFabricIndex
1498: and managed within the Fibre Channel management instance
1499: identified by fcmInstanceIndex.
1500:
1501: If the value of one Attribute Protocol Parameters string is
1502: too large (more than 256 bytes) to be contained within the
1503: value of one instance of t11FcSpPoAuthProtParams, then one
1504: row in this table contains the first 256 bytes, and one (or
1505: more) other row(s) in this table contain the rest of the
1506: value."
1507: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1508: t11FcSpPoAttribName, t11FcSpPoAttribEntryIndex,
1509: t11FcSpPoAuthProtIdentifier,
1510: t11FcSpPoAuthProtPartIndex }
1511: ::= { t11FcSpPoAuthProtTable 1 }
1512:
1513: T11FcSpPoAuthProtEntry ::= SEQUENCE {
1514: t11FcSpPoAuthProtIdentifier Unsigned32,
1515: t11FcSpPoAuthProtPartIndex Unsigned32,
1516: t11FcSpPoAuthProtParams OCTET STRING
1517: }
1518:
1519: t11FcSpPoAuthProtIdentifier OBJECT-TYPE
1520: SYNTAX Unsigned32
1521: MAX-ACCESS not-accessible
1522: STATUS current
1523: DESCRIPTION
1524: "The Authentication Protocol Identifier:
1525:
1526: 1 = DH-CHAP
1527: 2 = FCAP
1528: 3 = FCPAP
1529: 4 = IKEv2
1530: 5 = IKEv2-AUTH
1531: 240 thru 255 = Vendor Specific Protocols
1532:
1533: all other values are 'Reserved' (by T11)."
1534: REFERENCE
1535: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1536: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1537: section 5.3.2, table 11."
1538: ::= { t11FcSpPoAuthProtEntry 1 }
1539:
1540: t11FcSpPoAuthProtPartIndex OBJECT-TYPE
1541: SYNTAX Unsigned32 (1..4294967295)
1542: MAX-ACCESS not-accessible
1543: STATUS current
1544: DESCRIPTION
1545: "When the value of an Attribute Protocol Parameters string
1546: is shorter than 257 bytes, the whole value is contained in
1547: one instance of t11FcSpPoAuthProtParams, and the value of
1548: this object is 1. (This includes the case when the Attribute
1549: Protocol Parameters string is zero bytes in length.)
1550:
1551: If the value of an Authentication Protocol Parameters string
1552: is longer than 256 bytes, then that value is divided up on
1553: 256 byte boundaries such that all parts are 256 bytes long
1554: except the last part which is shorter if necessary, with
1555: each such part contained in a separate row of this table,
1556: and the value of this object is set to the part number.
1557: That is, this object has the value of 1 for bytes 0-255,
1558: the value of 2 for bytes 256-511, ... etc."
1559: REFERENCE
1560: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1561: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1562: section 5.3.2, table 10."
1563: ::= { t11FcSpPoAuthProtEntry 2 }
1564:
1565: t11FcSpPoAuthProtParams OBJECT-TYPE
1566: SYNTAX OCTET STRING (SIZE (0..256))
1567: MAX-ACCESS read-only
1568: STATUS current
1569: DESCRIPTION
1570: "The value of an Authentication Protocol Parameters string
1571: is divided up on 256 byte boundaries such that all parts
1572: are 256 bytes long except the last part which is shorter
1573: if necessary, and each such part is contained in a
1574: separate instance of this object."
1575: REFERENCE
1576: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1577: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
1578: section 5.3.2, table 10."
1579: ::= { t11FcSpPoAuthProtEntry 3 }
1580:
1581: --
1582: -- Part 2 - Activate/De-Activate Operations
1583: --
1584:
1585: --
1586: -- Objects to Invoke Activate/De-Activate Operations
1587: --
1588:
1589: t11FcSpPoOperTable OBJECT-TYPE
1590: SYNTAX SEQUENCE OF T11FcSpPoOperEntry
1591: MAX-ACCESS not-accessible
1592: STATUS current
1593: DESCRIPTION
1594: "A table which allows Activate and Deactivate operations
1595: to be invoked for FC-SP Policies on various Fabrics.
1596:
1597: Activating a new policy configuration is a two-step
1598: process:
1599:
1600: 1) create a single Policy Summary Object as a set of rows
1601: in the t11FcSpPoNaSummaryTable specifying a set of
1602: Policy Objects which describe the new configuration; and
1603: 2) activate that Policy Summary Object using the
1604: t11FcSpPoOperActivate object defined in this table.
1605:
1606: Deactivating the current policy configuration is a one step
1607: process: the current Policy Summary Object is deactivated
1608: using the t11FcSpPoOperDeActivate object."
1609: ::= { t11FcSpPoOperations 1 }
1610:
1611: t11FcSpPoOperEntry OBJECT-TYPE
1612: SYNTAX T11FcSpPoOperEntry
1613: MAX-ACCESS not-accessible
1614: STATUS current
1615: DESCRIPTION
1616: "Each entry allows an Activate and/or Deactivate operation
1617: to be invoked on a particular Fabric, which is managed as
1618: part of the Fibre Channel management instance identified
1619: by fcmInstanceIndex."
1620: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex }
1621: ::= { t11FcSpPoOperTable 1 }
1622:
1623: T11FcSpPoOperEntry ::= SEQUENCE {
1624: t11FcSpPoOperActivate T11FcSpAlphaNumName,
1625: t11FcSpPoOperDeActivate T11FcSpAlphaNumName,
1626: t11FcSpPoOperResult INTEGER,
1627: t11FcSpPoOperFailCause SnmpAdminString
1628: }
1629:
1630: t11FcSpPoOperActivate OBJECT-TYPE
1631: SYNTAX T11FcSpAlphaNumName
1632: MAX-ACCESS read-write
1633: STATUS current
1634: DESCRIPTION
1635: "Writing the name of a Policy Summary Object into this
1636: object is a request to activate the policy configuration
1637: described by the combination of all rows in
1638: t11FcSpPoNaSummaryTable which have that name as their
1639: value of t11FcSpPoNaSummaryName and are for the same
1640: Fabric.
1641:
1642: Before issuing such a request, the relevant rows in the
1643: t11FcSpPoNaSummaryTable must exist and represent a complete
1644: and consistent Policy Summary Object. If they do not, the
1645: request will fail with t11FcSpPoOperResult having the
1646: 'badSummaryObject' value.
1647:
1648: When read, the value of this object is always the zero-
1649: length string.
1650:
1651: Writing to this object does not delete (or in any way
1652: affect) any rows in the MIB tables for non-active
1653: Policy Objects."
1654: REFERENCE
1655: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1656: Fibre Channel - Security Protocols (FC-SP),
1657: 13 June 2006, section 7.3.6.2"
1658: ::= { t11FcSpPoOperEntry 1 }
1659:
1660: t11FcSpPoOperDeActivate OBJECT-TYPE
1661: SYNTAX T11FcSpAlphaNumName
1662: MAX-ACCESS read-write
1663: STATUS current
1664: DESCRIPTION
1665: "Writing the current value of i11FcSpPoPolicySummaryObjName
1666: into this object (for a particular Fabric) is a request
1667: to deactivate that Fabric's current policy configuration.
1668: Writing any other value into this object is a
1669: ('wrongValue') error.
1670: When read, the value of this object is always the zero-
1671: length string."
1672: REFERENCE
1673: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1674: Fibre Channel - Security Protocols (FC-SP),
1675: 13 June 2006, section 7.3.6.3"
1676: ::= { t11FcSpPoOperEntry 2 }
1677:
1678: t11FcSpPoOperResult OBJECT-TYPE
1679: SYNTAX INTEGER {
1680: activateSuccess(1),
1681: badSummaryObject(2),
1682: activateFailure(3),
1683: deactivateSuccess(4),
1684: deactivateFailure(5),
1685: inProgress(6),
1686: none(7)
1687: }
1688: MAX-ACCESS read-only
1689: STATUS current
1690: DESCRIPTION
1691: "This object indicates the status/result of the last
1692: activation/deactivation which was invoked via the
1693: corresponding instance of t11FcSpPoOperActivate or
1694: t11FcSpPoOperDeActivate.
1695:
1696: When the value of this object is 'inProgress', the
1697: values of the corresponding instances of
1698: t11FcSpPoOperActivate and t11FcSpPoOperDeActivate
1699: cannot be modified.
1700:
1701: The value 'badSummaryObject' indicates an activation
1702: request which did not name a complete and consistent
1703: Policy Summary Object.
1704:
1705: The value 'none' indicates activation/de-activation
1706: has not been attempted since the last restart of
1707: the management system."
1708: ::= { t11FcSpPoOperEntry 3 }
1709:
1710: t11FcSpPoOperFailCause OBJECT-TYPE
1711: SYNTAX SnmpAdminString (SIZE (0..64))
1712: MAX-ACCESS read-only
1713: STATUS current
1714: DESCRIPTION
1715: "A textual message indicating the reason for the
1716: most recent activation/de-activation failure, or the
1717: zero-length string if no information is available
1718: (e.g., because the corresponding instance of
1719: t11FcSpPoOperResult has the value 'none').
1720:
1721: When the corresponding instance of
1722: t11FcSpPoOperResult is either 'activateFailure'
1723: or 'deactivateFailure', the value of this object
1724: indicates the reason for that failure."
1725: ::= { t11FcSpPoOperEntry 4 }
1726:
1727: --
1728: -- Part 3 - Non-Active Policy Objects
1729: --
1730:
1731: --
1732: -- Non-Active Policy Summary Objects Available for Activation
1733: --
1734:
1735: t11FcSpPoNaSummaryTable OBJECT-TYPE
1736: SYNTAX SEQUENCE OF T11FcSpPoNaSummaryEntry
1737: MAX-ACCESS not-accessible
1738: STATUS current
1739: DESCRIPTION
1740: "A table of non-active Policy Summary Objects available
1741: to be activated.
1742:
1743: The functionality of this table deviates slightly from FC-SP
1744: in that FC-SP specifies that the only Policy Summary Object
1745: is the Active one, i.e., FC-SP does not store non-active
1746: Policy Summary Objects in the Policy Database. Instead,
1747: FC-SP requires a new Policy Summary Object to be created
1748: for, and embedded within, every Activate (APS) request.
1749: Thus, the newly-created Policy Summary Object outlasts the
1750: APS request only as the new active Policy Summary Object and
1751: only if the APS succeeds. In contrast, the Activate
1752: operation provided by this MIB module consists of two steps:
1753:
1754: 1) create a non-active Policy Summary Object as a set of
1755: entries in this table describing a new configuration;
1756: 2) activate a Policy Summary Object (stored as a set of
1757: entries in this table) using t11FcSpPoOperActivate.
1758:
1759: These two steps are only loosely connected, i.e., the result
1760: of the first operation is a non-active Policy Summary Object
1761: which is retained (in this table) even if it isn't
1762: immediately activated. Even after an attempt to activate
1763: it succeeds or fails, a non-active Policy Summary Object
1764: is not deleted, but is retained and still available for
1765: subsequent modification/re-use."
1766: ::= { t11FcSpPoNonActive 1 }
1767:
1768: t11FcSpPoNaSummaryEntry OBJECT-TYPE
1769: SYNTAX T11FcSpPoNaSummaryEntry
1770: MAX-ACCESS not-accessible
1771: STATUS current
1772: DESCRIPTION
1773: "Each entry contains information about one non-active
1774: Policy Object within a non-active Policy Summary Object
1775: defined for potential use on the Fabric identified by
1776: t11FcSpPoFabricIndex, and managed within the Fibre Channel
1777: management instance identified by fcmInstanceIndex.
1778:
1779: A non-active Policy Summary Object is described by a set
1780: of entries in this table which have the same value of
1781: t11FcSpPoNaSummaryName.
1782:
1783: As and when a Policy Summary Object is activated using the
1784: t11FcSpPoOperActivate object, if the activation is
1785: successful, existing rows (if any) in MIB tables for active
1786: Policy Objects are deleted and replaced by the appropriate
1787: new set of rows. Existing rows in this table and/or in
1788: other tables for non-active Policy Objects are not
1789: affected by the activate operation.
1790:
1791: The StorageType of a row in this table is specified by the
1792: instance of t11FcSpPoStorageType which is INDEX-ed by the
1793: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
1794: REFERENCE
1795: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1796: Fibre Channel - Security Protocols (FC-SP),
1797: 13 June 2006, section 7.1.3 and table 104."
1798: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1799: t11FcSpPoNaSummaryName, t11FcSpPoNaSummaryPolicyType,
1800: t11FcSpPoNaSummaryPolicyIndex }
1801: ::= { t11FcSpPoNaSummaryTable 1 }
1802:
1803: T11FcSpPoNaSummaryEntry ::= SEQUENCE {
1804: t11FcSpPoNaSummaryName T11FcSpAlphaNumName,
1805: t11FcSpPoNaSummaryPolicyType T11FcSpPolicyObjectType,
1806: t11FcSpPoNaSummaryPolicyIndex Unsigned32,
1807: t11FcSpPoNaSummaryPolicyNameType T11FcSpPolicyNameType,
1808: t11FcSpPoNaSummaryPolicyName T11FcSpPolicyName,
1809: t11FcSpPoNaSummaryHashStatus INTEGER,
1810: t11FcSpPoNaSummaryHashFormat T11FcSpPolicyHashFormat,
1811: t11FcSpPoNaSummaryHashValue T11FcSpPolicyHashValue,
1812: t11FcSpPoNaSummaryRowStatus RowStatus
1813: }
1814:
1815: t11FcSpPoNaSummaryName OBJECT-TYPE
1816: SYNTAX T11FcSpAlphaNumName
1817: MAX-ACCESS not-accessible
1818: STATUS current
1819: DESCRIPTION
1820: "The name of the non-active Policy Summary Object which
1821: contains this Policy Object."
1822: ::= { t11FcSpPoNaSummaryEntry 1 }
1823:
1824: t11FcSpPoNaSummaryPolicyType OBJECT-TYPE
1825: SYNTAX T11FcSpPolicyObjectType
1826: MAX-ACCESS not-accessible
1827: STATUS current
1828: DESCRIPTION
1829: "The 'Identifier' which specifies the type of this Policy
1830: Object."
1831: REFERENCE
1832: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1833: Fibre Channel - Security Protocols (FC-SP),
1834: 13 June 2006, section 7.1.3.1 and table 104."
1835: ::= { t11FcSpPoNaSummaryEntry 2 }
1836:
1837: t11FcSpPoNaSummaryPolicyIndex OBJECT-TYPE
1838: SYNTAX Unsigned32 (1..4294967295)
1839: MAX-ACCESS not-accessible
1840: STATUS current
1841: DESCRIPTION
1842: "A unique integer value to distinguish this Policy Object
1843: from any others which have the same type and which are
1844: contained in the same Policy Summary Object."
1845: ::= { t11FcSpPoNaSummaryEntry 3 }
1846:
1847: t11FcSpPoNaSummaryPolicyNameType OBJECT-TYPE
1848: SYNTAX T11FcSpPolicyNameType {
1849: nodeName(1),
1850: alphaNumericName(7)
1851: }
1852: MAX-ACCESS read-create
1853: STATUS current
1854: DESCRIPTION
1855: "The combination of t11FcSpPoNaSummaryPolicyNameType and
1856: t11FcSpPoNaSummaryPolicyName specify the name of the
1857: non-active Policy Object identified by this row.
1858:
1859: The type of name must be 'nodeName' if the value of the
1860: corresponding instance of t11FcSpPoNaSummaryPolicyType is
1861: 'switchConnectivity', or 'alphaNumericName' otherwise."
1862: ::= { t11FcSpPoNaSummaryEntry 4 }
1863:
1864: t11FcSpPoNaSummaryPolicyName OBJECT-TYPE
1865: SYNTAX T11FcSpPolicyName
1866: MAX-ACCESS read-create
1867: STATUS current
1868: DESCRIPTION
1869: "The combination of t11FcSpPoNaSummaryPolicyNameType and
1870: t11FcSpPoNaSummaryPolicyName specify the name of the
1871: non-active Policy Object identified by this row."
1872: ::= { t11FcSpPoNaSummaryEntry 5 }
1873:
1874: t11FcSpPoNaSummaryHashStatus OBJECT-TYPE
1875: SYNTAX INTEGER {
1876: calculate(1),
1877: correct(2),
1878: stale(3)
1879: }
1880: MAX-ACCESS read-create
1881: STATUS current
1882: DESCRIPTION
1883: "When read, the value of this object is either:
1884:
1885: correct -- the corresponding instance of
1886: t11FcSpPoNaSummaryHashValue contains
1887: the correct value; or
1888: stale -- the corresponding instance of
1889: t11FcSpPoNaSummaryHashValue contains
1890: a stale (possibly incorrect) value;
1891:
1892: Writing a value of 'calculate' is a request to re-calculate
1893: and update the value of the corresponding instance of
1894: t11FcSpPoNaSummaryHashValue. Writing a value of 'correct'
1895: or 'stale' to this object is a ('wrongValue') error."
1896: DEFVAL { stale }
1897: ::= { t11FcSpPoNaSummaryEntry 6 }
1898:
1899: t11FcSpPoNaSummaryHashFormat OBJECT-TYPE
1900: SYNTAX T11FcSpPolicyHashFormat
1901: MAX-ACCESS read-only
1902: STATUS current
1903: DESCRIPTION
1904: "The format of this Policy Object's hash value as
1905: contained in the corresponding instance of the
1906: t11FcSpPoNaSummaryHashValue object."
1907:
1908: DEFVAL { '00000001'h }
1909: ::= { t11FcSpPoNaSummaryEntry 7 }
1910:
1911: t11FcSpPoNaSummaryHashValue OBJECT-TYPE
1912: SYNTAX T11FcSpPolicyHashValue
1913: MAX-ACCESS read-only
1914: STATUS current
1915: DESCRIPTION
1916: "The hash value of this Policy Object, in the format
1917: identified by the corresponding instance of the
1918: t11FcSpPoNaSummaryHashFormat object."
1919: DEFVAL { "" }
1920: ::= { t11FcSpPoNaSummaryEntry 8 }
1921:
1922: t11FcSpPoNaSummaryRowStatus OBJECT-TYPE
1923: SYNTAX RowStatus
1924: MAX-ACCESS read-create
1925: STATUS current
1926: DESCRIPTION
1927: "The status of this row.
1928:
1929: Before a row in this table can have 'active' status,
1930: a non-Active Policy Object must already be represented
1931: in the table corresponding to the value of
1932: t11FcSpPoNaSummaryPolicyType with the name given by the
1933: combination of t11FcSpPoNaSummaryPolicyNameType and
1934: t11FcSpPoNaSummaryPolicyName. If such Policy Object gets
1935: deleted from the relevant table, the row in this table must
1936: also get deleted.
1937:
1938: When a row has 'active' status, the only write-able MIB
1939: objects in this table are t11FcSpPoNaSummaryHashStatus and
1940: t11FcSpPoNaSummaryRowStatus."
1941: ::= { t11FcSpPoNaSummaryEntry 9 }
1942:
1943: --
1944: -- Non-Active Switch Membership List Objects
1945: --
1946:
1947: t11FcSpPoNaSwListTable OBJECT-TYPE
1948: SYNTAX SEQUENCE OF T11FcSpPoNaSwListEntry
1949: MAX-ACCESS not-accessible
1950: STATUS current
1951: DESCRIPTION
1952: "A table of non-active Switch Membership List Objects."
1953: REFERENCE
1954: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1955: Fibre Channel - Security Protocols (FC-SP),
1956: 13 June 2006, section 7.1.4.1 and table 108."
1957: ::= { t11FcSpPoNonActive 2 }
1958:
1959: t11FcSpPoNaSwListEntry OBJECT-TYPE
1960: SYNTAX T11FcSpPoNaSwListEntry
1961: MAX-ACCESS not-accessible
1962: STATUS current
1963: DESCRIPTION
1964: "Each entry contains information about one non-active
1965: Switch Membership List Object for the Fabric identified
1966: by t11FcSpPoFabricIndex and managed within the Fibre
1967: Channel management instance identified by
1968: fcmInstanceIndex.
1969:
1970: The StorageType of a row in this table is specified by the
1971: instance of t11FcSpPoStorageType which is INDEX-ed by the
1972: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
1973: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
1974: t11FcSpPoNaSwListName }
1975: ::= { t11FcSpPoNaSwListTable 1 }
1976:
1977: T11FcSpPoNaSwListEntry ::= SEQUENCE {
1978: t11FcSpPoNaSwListName T11FcSpAlphaNumName,
1979: t11FcSpPoNaSwListFabricName FcNameIdOrZero,
1980: t11FcSpPoNaSwListRowStatus RowStatus
1981: }
1982:
1983: t11FcSpPoNaSwListName OBJECT-TYPE
1984: SYNTAX T11FcSpAlphaNumName
1985: MAX-ACCESS not-accessible
1986: STATUS current
1987: DESCRIPTION
1988: "The name of the Switch Membership List Object."
1989: REFERENCE
1990: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
1991: Fibre Channel - Security Protocols (FC-SP),
1992: 13 June 2006, section 7.1.4.1 and table 108."
1993: ::= { t11FcSpPoNaSwListEntry 1 }
1994:
1995: t11FcSpPoNaSwListFabricName OBJECT-TYPE
1996: SYNTAX FcNameIdOrZero
1997: MAX-ACCESS read-create
1998: STATUS current
1999: DESCRIPTION
2000: "The administratively-specified Fabric_Name. This value
2001: is meaningful only when static Domain_IDs are used in a
2002: Fabric. If Static Domain_IDs are not used, the Fabric_Name
2003: is dynamically determined, in which case the value of this
2004: object can be '0000000000000000'h or the zero-length
2005: string."
2006: REFERENCE
2007: "- t11FamConfigDomainId, T11-FC-FABRIC-ADDR-MGR-MIB,
2008: Fibre Channel Fabric Address Manager MIB, RFC 4439;
2009: - INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2010: Fibre Channel - Security Protocols (FC-SP),
2011: 13 June 2006, table 108."
2012: ::= { t11FcSpPoNaSwListEntry 2 }
2013:
2014: t11FcSpPoNaSwListRowStatus OBJECT-TYPE
2015: SYNTAX RowStatus
2016: MAX-ACCESS read-create
2017: STATUS current
2018: DESCRIPTION
2019: "The status of this row. Values of object instances
2020: within the row can be modified at any time.
2021:
2022: If a row in this table is deleted, any row in the
2023: t11FcSpPoNaSwMembTable for the same Switch Membership
2024: List Object will also get deleted."
2025: ::= { t11FcSpPoNaSwListEntry 3 }
2026:
2027: --
2028: -- Switch Entries in Non-Active Switch Membership List Objects
2029: --
2030:
2031: t11FcSpPoNaSwMembTable OBJECT-TYPE
2032: SYNTAX SEQUENCE OF T11FcSpPoNaSwMembEntry
2033: MAX-ACCESS not-accessible
2034: STATUS current
2035: DESCRIPTION
2036: "A table of Switch Entries in non-active Switch Membership
2037: List Objects."
2038: REFERENCE
2039: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2040: Fibre Channel - Security Protocols (FC-SP),
2041: 13 June 2006, section 7.1.4.1 and table 110."
2042: ::= { t11FcSpPoNonActive 3 }
2043:
2044: t11FcSpPoNaSwMembEntry OBJECT-TYPE
2045: SYNTAX T11FcSpPoNaSwMembEntry
2046: MAX-ACCESS not-accessible
2047: STATUS current
2048: DESCRIPTION
2049: "Each entry contains information about one Switch which
2050: is listed in a Switch Entry of a non-active Switch Membership
2051: List Object for the Fabric identified by t11FcSpPoFabricIndex
2052: and managed within the Fibre Channel management instance
2053: identified by fcmInstanceIndex.
2054:
2055: A row cannot exist unless there is a row in
2056: t11FcSpPoNaSwListTable for the given Switch Membership List
2057: Object, i.e., the row in t11FcSpPoNaSwListTable for a
2058: Switch Membership List Object must be created before (or
2059: simultaneously) with a row in this table for a Switch
2060: Entry in that Switch Membership List Object, and when a
2061: row in t11FcSpPoNaSwListTable is deleted all rows in this
2062: table for Switch Entries in that Switch Membership List
2063: Object also get deleted.
2064:
2065: The StorageType of a row in this table is specified by the
2066: instance of t11FcSpPoStorageType which is INDEX-ed by the
2067: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
2068: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
2069: t11FcSpPoNaSwListName,
2070: t11FcSpPoNaSwMembSwitchNameType,
2071: t11FcSpPoNaSwMembSwitchName }
2072: ::= { t11FcSpPoNaSwMembTable 1 }
2073:
2074: T11FcSpPoNaSwMembEntry ::= SEQUENCE {
2075: t11FcSpPoNaSwMembSwitchNameType T11FcSpPolicyNameType,
2076: t11FcSpPoNaSwMembSwitchName FcNameIdOrZero,
2077: t11FcSpPoNaSwMembFlags BITS,
2078: t11FcSpPoNaSwMembDomainID FcDomainIdOrZero,
2079: t11FcSpPoNaSwMembPolicyDataRole INTEGER,
2080: t11FcSpPoNaSwMembAuthBehaviour BITS,
2081: t11FcSpPoNaSwMembAttribute T11FcSpAlphaNumNameOrNull,
2082: t11FcSpPoNaSwMembRowStatus RowStatus
2083: }
2084:
2085: t11FcSpPoNaSwMembSwitchNameType OBJECT-TYPE
2086: SYNTAX T11FcSpPolicyNameType {
2087: nodeName(1),
2088: restrictedNodeName(2),
2089: wildcard(5),
2090: restrictedWildcard(6)
2091: }
2092: MAX-ACCESS not-accessible
2093: STATUS current
2094: DESCRIPTION
2095: "If the value of this object is 'nodeName' or
2096: 'restrictedNodeName', then the combination of
2097: this object and t11FcSpPoNaSwMembSwitchName specify the
2098: Switch Name of this Switch Entry.
2099:
2100: The membership is restricted or unrestricted based on the
2101: name type. Restricted membership means that the Switch is
2102: not allowed to be part of the Fabric unless allowed by a
2103: specific Switch Connectivity Object. Unrestricted
2104: membership means that the Switch is allowed to be part of
2105: the Fabric unless disallowed by a specific Switch
2106: Connectivity Object.
2107:
2108: The values of 'wildcard' and 'restrictedWildcard' provide
2109: the means to specify whether to allow/deny membership for
2110: Switches not explicitly named in the Switch Membership
2111: List Object."
2112: REFERENCE
2113: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2114: Fibre Channel - Security Protocols (FC-SP),
2115: 13 June 2006, section 7.1.4.1 and table 110."
2116: ::= { t11FcSpPoNaSwMembEntry 1 }
2117:
2118: t11FcSpPoNaSwMembSwitchName OBJECT-TYPE
2119: SYNTAX FcNameIdOrZero (SIZE (8))
2120: MAX-ACCESS not-accessible
2121: STATUS current
2122: DESCRIPTION
2123: "If the value of t11FcSpPoSwMembSwitchNameType is
2124: 'wildcard' or 'restrictedWildcard', this object has the
2125: value '0000000000000000'h.
2126:
2127: Otherwise, the combination of
2128: t11FcSpPoNaSwMembSwitchNameType and this object specify the
2129: Switch Name of this Switch Entry."
2130: REFERENCE
2131: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2132: Fibre Channel - Security Protocols (FC-SP),
2133: 13 June 2006, section 7.1.4.1 and table 110."
2134: ::= { t11FcSpPoNaSwMembEntry 2 }
2135:
2136: t11FcSpPoNaSwMembFlags OBJECT-TYPE
2137: SYNTAX BITS {
2138: staticDomainID(0),
2139: insistentDomainID(1),
2140: serialPortsAccess(2),
2141: physicalPortsAccess(3),
2142: managerRole(4)
2143: }
2144: MAX-ACCESS read-create
2145: STATUS current
2146: DESCRIPTION
2147: "Configurable options in respect to the administration
2148: of Policy Objects at this Switch:
2149:
2150: 'staticDomainID' - the Switch uses the 'Static
2151: Domain_IDs behavior' (as defined in FC-SW-4) when this bit
2152: is set. This bit should have the same setting for all
2153: Switches in a Fabric's Switch Membership List Object, or
2154: else the Fabric will partition. If this bit is set,
2155: the 'insistentDomainID' bit must not be set.
2156:
2157: 'insistentDomainID' - if this bit is set, the Switch
2158: uses the 'Insistent Domain_IDs behavior' (as defined in
2159: FC-SW-4), and the 'staticDomainID' bit must not be set.
2160:
2161: 'serialPortsAccess' - the Switch allows management
2162: through serial ports when and only when this bit is set.
2163: 'physicalPortsAccess' - the Switch allows management
2164: through the physical panel when and only when this bit
2165: is set.
2166:
2167: 'managerRole' - the Switch is allowed to change
2168: the Fabric Policy configuration (on receipt of any of the
2169: EACA, ESFC, EUFC, ACA, SFC, or UFC SW_ILSs) if this bit is
2170: set."
2171: REFERENCE
2172: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2173: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2174: section 7.1.4.1 and table 112." ::= {
2175: t11FcSpPoNaSwMembEntry 3 }
2176:
2177: t11FcSpPoNaSwMembDomainID OBJECT-TYPE
2178: SYNTAX FcDomainIdOrZero
2179: MAX-ACCESS read-create
2180: STATUS current
2181: DESCRIPTION
2182: "The Domain_ID to be used when either the 'staticDomainID'
2183: bit or the 'insistentDomainID' bit is set in the
2184: corresponding value of t11FcSpPoNaSwMembFlags."
2185: REFERENCE
2186: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2187: Fibre Channel - Security Protocols (FC-SP),
2188: 13 June 2006, section 7.1.4.1 and tables 111 and 112."
2189: ::= { t11FcSpPoNaSwMembEntry 4 }
2190:
2191:
2192: t11FcSpPoNaSwMembPolicyDataRole OBJECT-TYPE
2193: SYNTAX INTEGER {
2194: client(1),
2195: autonomous(2),
2196: server(3)
2197: }
2198: MAX-ACCESS read-create
2199: STATUS current
2200: DESCRIPTION
2201: "The role of the Switch in terms of which Policy data
2202: it retains/maintains:
2203:
2204: 'client' - the Switch operates as a Client Switch.
2205: A Client Switch maintains its own Switch Connectivity
2206: Object and all Fabric-wide List Objects. If FC-SP
2207: Zoning is used, a Client Switch maintains only the
2208: subset of the Active Zone Set that it requires to
2209: enforce the current Fabric Zoning configuration.
2210:
2211: 'autonomous' - the Switch operates as an Autonomous
2212: Switch. An Autonomous Switch maintains its own Switch
2213: Connectivity Object and all Fabric-wide List Objects.
2214: This is the same as 'client' except that if FC-SP Zoning
2215: is used, an Autonomous Switch maintains a complete copy
2216: of the Fabric Zoning Database.
2217:
2218: 'server' - the Switch operates as a Server Switch.
2219: A Server Switch maintains all Fabric-wide List Objects
2220: and the Switch Connectivity Objects of each Switch in
2221: the Fabric. If FC-SP Zoning is used, a Server Switch
2222: maintains a complete copy of the Fabric Zoning Database."
2223: REFERENCE
2224: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2225: Fibre Channel - Security Protocols (FC-SP),
2226: 13 June 2006, section 7.1.4.1 and table 113."
2227: ::= { t11FcSpPoNaSwMembEntry 5 }
2228:
2229: t11FcSpPoNaSwMembAuthBehaviour OBJECT-TYPE
2230: SYNTAX BITS {
2231: mustAuthenticate(0),
2232: rejectIsFailure(1)
2233: }
2234: MAX-ACCESS read-create
2235: STATUS current
2236: DESCRIPTION
2237: "The authentication behaviour of the Switch:
2238:
2239: 'mustAuthenticate' - if this bit is set, all connections
2240: between this Switch and neighbour Switches must be
2241: authenticated.
2242:
2243: 'rejectIsFailure' - if this bit is set, the rejection of
2244: an AUTH_Negotiate message must be considered as an
2245: authentication failure by this Switch."
2246: REFERENCE
2247: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2248: Fibre Channel - Security Protocols (FC-SP),
2249: 13 June 2006, section 7.1.4.1 and table 114."
2250: ::= { t11FcSpPoNaSwMembEntry 6 }
2251:
2252: t11FcSpPoNaSwMembAttribute OBJECT-TYPE
2253: SYNTAX T11FcSpAlphaNumNameOrNull
2254: MAX-ACCESS read-create
2255: STATUS current
2256: DESCRIPTION
2257: "The name of a non-active Attribute Policy Object which
2258: is defined for this Switch. The zero-length string
2259: indicates that no non-active Attribute Policy Object is
2260: defined for this Switch.
2261:
2262: The effect of having no rows in the t11FcSpPoNaAttribTable
2263: for which the value of t11FcSpPoNaAttribName is the
2264: same as the value of this object, is the same as
2265: this object's value being the zero-length string."
2266: REFERENCE
2267: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2268: Fibre Channel - Security Protocols (FC-SP),
2269: 13 June 2006, section 7.1.4.1 and table 110."
2270: ::= { t11FcSpPoNaSwMembEntry 7 }
2271:
2272: t11FcSpPoNaSwMembRowStatus OBJECT-TYPE
2273: SYNTAX RowStatus
2274: MAX-ACCESS read-create
2275: STATUS current
2276: DESCRIPTION
2277: "The status of this row. Values of object instances
2278: within the row can be modified at any time.
2279:
2280: A row cannot exist unless there is a row in the
2281: t11FcSpPoNaSwListTable for the Switch Membership List
2282: Object containing the Switch Entry for this Switch, i.e.,
2283: the row in t11FcSpPoNaSwListTable for a Switch Membership
2284: List Object must be created before (or simultaneously)
2285: with a row in this table for a Switch Entry in that
2286: Switch Membership List Object; and when a row in
2287: t11FcSpPoNaSwListTable is deleted, any row in this
2288: table for a Switch Entry in that Switch Membership
2289: List Object also gets deleted."
2290: ::= { t11FcSpPoNaSwMembEntry 8 }
2291:
2292: --
2293: -- Node Entries in Non-Active Node Membership List Objects
2294: --
2295:
2296: t11FcSpPoNaNoMembTable OBJECT-TYPE
2297: SYNTAX SEQUENCE OF T11FcSpPoNaNoMembEntry
2298: MAX-ACCESS not-accessible
2299: STATUS current
2300: DESCRIPTION
2301: "A table of Node Entries in non-active Node Membership List
2302: Objects.
2303:
2304: One Node Membership List Object is represented by all
2305: the rows in this table which have the same value of
2306: t11FcSpPoNaNoMembListName."
2307: ::= { t11FcSpPoNonActive 4 }
2308:
2309: t11FcSpPoNaNoMembEntry OBJECT-TYPE
2310: SYNTAX T11FcSpPoNaNoMembEntry
2311: MAX-ACCESS not-accessible
2312: STATUS current
2313: DESCRIPTION
2314: "Each entry contains information about one Node Entry of
2315: a non-active Node Membership List Object for the Fabric
2316: identified by t11FcSpPoFabricIndex and managed within
2317: the Fibre Channel management instance identified by
2318: fcmInstanceIndex.
2319:
2320: The StorageType of a row in this table is specified by the
2321: instance of t11FcSpPoStorageType which is INDEX-ed by the
2322: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
2323: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
2324: t11FcSpPoNaNoMembListName,
2325: t11FcSpPoNaNoMembNodeNameType,
2326: t11FcSpPoNaNoMembNodeName }
2327: ::= { t11FcSpPoNaNoMembTable 1 }
2328:
2329: T11FcSpPoNaNoMembEntry ::= SEQUENCE {
2330: t11FcSpPoNaNoMembListName T11FcSpAlphaNumName,
2331: t11FcSpPoNaNoMembNodeNameType T11FcSpPolicyNameType,
2332: t11FcSpPoNaNoMembNodeName FcNameIdOrZero,
2333: t11FcSpPoNaNoMembFlags BITS,
2334: t11FcSpPoNaNoMembCtAccessIndex Unsigned32,
2335: t11FcSpPoNaNoMembAttribute T11FcSpAlphaNumNameOrNull,
2336: t11FcSpPoNaNoMembRowStatus RowStatus
2337:
2338: }
2339:
2340: t11FcSpPoNaNoMembListName OBJECT-TYPE
2341: SYNTAX T11FcSpAlphaNumName
2342: MAX-ACCESS not-accessible
2343: STATUS current
2344: DESCRIPTION
2345: "The name of the non-active Node Membership List Object."
2346: REFERENCE
2347: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2348: Fibre Channel - Security Protocols (FC-SP),
2349: 13 June 2006, section 7.1.4.1 and table 116."
2350: ::= { t11FcSpPoNaNoMembEntry 1 }
2351:
2352: t11FcSpPoNaNoMembNodeNameType OBJECT-TYPE
2353: SYNTAX T11FcSpPolicyNameType {
2354: nodeName(1),
2355: restrictedNodeName(2),
2356: portName(3),
2357: restrictedPortName(4),
2358: wildcard(5),
2359: restrictedWildcard(6)
2360: }
2361: MAX-ACCESS not-accessible
2362: STATUS current
2363: DESCRIPTION
2364: "If the value of this object is 'wildcard' or
2365: 'restrictedWildcard', this Node Entry applies to Nodes not
2366: explicitly named in the Node Membership List Object.
2367:
2368: Otherwise, the combination of this object and
2369: t11FcSpPoNaNoMembNodeName specify the name of this Node Entry
2370: in the active Node Membership List Object. A Node is
2371: identified by its Node Name or by one or more of its Port
2372: Names.
2373:
2374: Restricted membership means that a Node is not allowed to be
2375: connected to the Fabric unless allowed by a specific Switch
2376: Connectivity Object. Unrestricted membership means that a
2377: Node is allowed to be connected to the Fabric unless
2378: disallowed by a specific Switch Connectivity Object."
2379: REFERENCE
2380: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2381: Fibre Channel - Security Protocols (FC-SP),
2382: 13 June 2006, section 7.1.4.1 and table 116."
2383: ::= { t11FcSpPoNaNoMembEntry 2 }
2384:
2385: t11FcSpPoNaNoMembNodeName OBJECT-TYPE
2386: SYNTAX FcNameIdOrZero (SIZE (8))
2387: MAX-ACCESS not-accessible
2388: STATUS current
2389: DESCRIPTION
2390: "If the value of t11FcSpPoNaNoMembNodeNameType is
2391: 'wildcard' or 'restrictedWildcard', this object has the
2392: value '0000000000000000'h.
2393:
2394: Otherwise, the combination of t11FcSpPoNaNoMembNodeNameType
2395: and this object specify the name of this Node Entry is the
2396: active Node Membership List Object."
2397: REFERENCE
2398: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2399: Fibre Channel - Security Protocols (FC-SP),
2400: 13 June 2006, section 7.1.4.1 and table 116."
2401: ::= { t11FcSpPoNaNoMembEntry 3 }
2402:
2403: t11FcSpPoNaNoMembFlags OBJECT-TYPE
2404: SYNTAX BITS {
2405: scsiEnclosureAccess(0),
2406: authenticationRequired(1)
2407: }
2408: MAX-ACCESS read-create
2409: STATUS current
2410: DESCRIPTION
2411: "Configurable options in respect to the administration
2412: of Policy Objects at this Node:
2413:
2414: 'scsiEnclosureAccess' - the Node is allowed to
2415: control any Switch through SCSI Enclosure Services if this
2416: bit is set. If a Switch does not support SCSI Enclosure
2417: Services, this bit is ignored.
2418:
2419: 'authenticationRequired' - the Node is required to
2420: authenticate itself to any Switch to which it is connected
2421: if and only if this bit is set."
2422: REFERENCE
2423: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2424: Fibre Channel - Security Protocols (FC-SP),
2425: 13 June 2006, section 7.1.4.1 and table 118."
2426: ::= { t11FcSpPoNaNoMembEntry 4 }
2427:
2428: t11FcSpPoNaNoMembCtAccessIndex OBJECT-TYPE
2429: SYNTAX Unsigned32 (0..4294967295)
2430: MAX-ACCESS read-create
2431: STATUS current
2432: DESCRIPTION
2433: "If the value of this object is zero, then access by this
2434: Node to Generic Services is not limited by a Common
2435: Transport Access Specifier.
2436:
2437: Otherwise, the limits are specified by the set of Common
2438: Transport Access Descriptors contained in those rows of
2439: the t11FcSpPoNaCtDescrTable for which the value of
2440: t11FcSpPoNaCtDescrSpecifierIndex is the same as the value
2441: of this object. No such rows in t11FcSpPoNaCtDescrTable
2442: has the same effect as this object's value being zero."
2443: REFERENCE
2444: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2445: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2446: section 7.1.4.1 and tables 118/119/120/121."
2447: ::= { t11FcSpPoNaNoMembEntry 5 }
2448:
2449: t11FcSpPoNaNoMembAttribute OBJECT-TYPE
2450: SYNTAX T11FcSpAlphaNumNameOrNull
2451: MAX-ACCESS read-create
2452: STATUS current
2453: DESCRIPTION
2454: "The name of a non-active Attribute Policy Object which
2455: is defined for this Node. The zero-length string indicates
2456: that no non-active Attribute Policy Object is defined for
2457: this Node.
2458:
2459: The effect of having no rows in the t11FcSpPoNaAttribTable
2460: for which the value of t11FcSpPoNaAttribName is the
2461: same as the value of this object, is the same as
2462: this object's value being the zero-length string."
2463: REFERENCE
2464: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2465: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2466: section 7.1.4.1 and table 116."
2467: ::= { t11FcSpPoNaNoMembEntry 6 }
2468:
2469: t11FcSpPoNaNoMembRowStatus OBJECT-TYPE
2470: SYNTAX RowStatus
2471: MAX-ACCESS read-create
2472: STATUS current
2473: DESCRIPTION
2474: "The status of this row. Values of object instances
2475: within the row can be modified at any time."
2476: ::= { t11FcSpPoNaNoMembEntry 7 }
2477:
2478: --
2479: --
2480: -- Non-Active Common Transport Access Descriptors
2481: --
2482:
2483: t11FcSpPoNaCtDescrTable OBJECT-TYPE
2484: SYNTAX SEQUENCE OF T11FcSpPoNaCtDescrEntry
2485: MAX-ACCESS not-accessible
2486: STATUS current
2487: DESCRIPTION
2488: "A table of Common Transport Access Descriptors referenced
2489: by non-active Policy Objects.
2490:
2491: A Common Transport Access Specifier is a list of Common
2492: Transport Access Descriptors which specify whether a Node
2493: is allowed to access a Generic Service or Sub-Server.
2494:
2495: A non-active Common Transport Access Specifier is
2496: represented by all rows of this table which have the same
2497: values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
2498: t11FcSpPoNaCtDescrSpecifierIndex."
2499: REFERENCE
2500: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2501: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2502: section 7.1.5"
2503: ::= { t11FcSpPoNonActive 5 }
2504:
2505: t11FcSpPoNaCtDescrEntry OBJECT-TYPE
2506: SYNTAX T11FcSpPoNaCtDescrEntry
2507: MAX-ACCESS not-accessible
2508: STATUS current
2509: DESCRIPTION
2510: "Each entry contains information about one Common Transport
2511: Access Descriptor of an non-active Common Transport Access
2512: Specifier used within the Fabric identified by
2513: t11FcSpPoFabricIndex and managed within the Fibre Channel
2514: management instance identified by fcmInstanceIndex.
2515:
2516: The StorageType of a row in this table is specified by the
2517: instance of t11FcSpPoStorageType which is INDEX-ed by the
2518: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
2519: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
2520: t11FcSpPoNaCtDescrSpecifierIndex, t11FcSpPoNaCtDescrIndex }
2521: ::= { t11FcSpPoNaCtDescrTable 1 }
2522:
2523: T11FcSpPoNaCtDescrEntry ::= SEQUENCE {
2524: t11FcSpPoNaCtDescrSpecifierIndex Unsigned32,
2525: t11FcSpPoNaCtDescrIndex Unsigned32,
2526: t11FcSpPoNaCtDescrFlags BITS,
2527: t11FcSpPoNaCtDescrGsType OCTET STRING,
2528: t11FcSpPoNaCtDescrGsSubType OCTET STRING,
2529: t11FcSpPoNaCtDescrRowStatus RowStatus
2530: }
2531:
2532: t11FcSpPoNaCtDescrSpecifierIndex OBJECT-TYPE
2533: SYNTAX Unsigned32 (1..4294967295)
2534: MAX-ACCESS not-accessible
2535: STATUS current
2536: DESCRIPTION
2537: "An index value which uniquely identifies a particular
2538: Common Transport Access Specifier within a Fabric."
2539: ::= { t11FcSpPoNaCtDescrEntry 1 }
2540:
2541: t11FcSpPoNaCtDescrIndex OBJECT-TYPE
2542: SYNTAX Unsigned32 (1..4294967295)
2543: MAX-ACCESS not-accessible
2544: STATUS current
2545: DESCRIPTION
2546: "An index value which uniquely identifies a particular
2547: Common Transport Access Descriptor within a Common Transport
2548: Access Specifier."
2549: ::= { t11FcSpPoNaCtDescrEntry 2 }
2550:
2551: t11FcSpPoNaCtDescrFlags OBJECT-TYPE
2552: SYNTAX BITS {
2553: allow(0),
2554: gsTypeWildcard(1),
2555: gsSubTypeWildcard(2),
2556: readOnly(3)
2557: }
2558: MAX-ACCESS read-create
2559: STATUS current
2560: DESCRIPTION
2561: "The flag bits which specify how access is to be limited by
2562: this Common Transport Access Descriptor:
2563: - allow -- access to the specified Generic Service and
2564: Server is allowed if this bit is set, and to be denied if
2565: this bit is not set.
2566:
2567: - gsTypeWildcard -- if this bit is set, the Generic Service
2568: to be allowed/denied is specified by the value of
2569: t11FcSpPoNaCtDescrGsType, and the gsSubTypeWildcard bit
2570: must not also be set.
2571:
2572: - gsSubTypeWildcard -- if this bit is set, the Generic
2573: Service to be allowed/denied is specified by the value of
2574: t11FcSpPoNaCtDescrGsSubType, and the gsTypeWildcard bit
2575: must not also be set.
2576:
2577: - readOnly -- if this bit is set then access is to be
2578: granted only for reading."
2579: REFERENCE
2580: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2581: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2582: section 7.1.5.1, and tables 117, 118, and 120."
2583: ::= { t11FcSpPoNaCtDescrEntry 3 }
2584:
2585: t11FcSpPoNaCtDescrGsType OBJECT-TYPE
2586: SYNTAX OCTET STRING (SIZE (1))
2587: MAX-ACCESS read-create
2588: STATUS current
2589: DESCRIPTION
2590: "The GS_Type of the Generic Service (e.g., the FC-GS-5
2591: Management Service) which is subject to access control.
2592: This value is ignored if the gsTypeWildcard bit is not set
2593: in the corresponding value of t11FcSpPoNaCtDescrFlags."
2594: REFERENCE
2595: "- ANSI INCITS 427-2006,
2596: Fibre Channel - Generic Services-5 (FC-GS-5),
2597: section 4.3.2.4.
2598: - INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2599: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2600: section 7.1.5.1 and table 120."
2601: ::= { t11FcSpPoNaCtDescrEntry 4 }
2602:
2603: t11FcSpPoNaCtDescrGsSubType OBJECT-TYPE
2604: SYNTAX OCTET STRING (SIZE (1))
2605: MAX-ACCESS read-create
2606: STATUS current
2607: DESCRIPTION
2608: "The GS_Subtype of the Generic Server (e.g., the Fabric Zone
2609: Server) which is subject to access control. This value is
2610: ignored if the gsSubTypeWildcard bit is not set in the
2611: corresponding value of t11FcSpPoNaCtDescrFlags."
2612: REFERENCE
2613: "- ANSI INCITS 427-2006,
2614: Fibre Channel - Generic Services-5 (FC-GS-5),
2615: section 4.3.2.5.
2616: - INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2617: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2618: section 7.1.5.1 and table 120."
2619: ::= { t11FcSpPoNaCtDescrEntry 5 }
2620:
2621: t11FcSpPoNaCtDescrRowStatus OBJECT-TYPE
2622: SYNTAX RowStatus
2623: MAX-ACCESS read-create
2624: STATUS current
2625: DESCRIPTION
2626: "The status of this row. Values of object instances
2627: within the row can be modified at any time."
2628: ::= { t11FcSpPoNaCtDescrEntry 6 }
2629:
2630:
2631: --
2632: -- Switches/Nodes in Non-Active Switch Connectivity Objects
2633: --
2634:
2635: t11FcSpPoNaSwConnTable OBJECT-TYPE
2636: SYNTAX SEQUENCE OF T11FcSpPoNaSwConnEntry
2637: MAX-ACCESS not-accessible
2638: STATUS current
2639: DESCRIPTION
2640: "A table of non-active Switch Connectivity Objects.
2641:
2642: A Switch Connectivity Object defines to which other
2643: Switches or Nodes a particular Switch may/may not be
2644: connected at the Node level and/or at the Port level."
2645: REFERENCE
2646: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2647: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2648: section 7.1.6."
2649: ::= { t11FcSpPoNonActive 6 }
2650:
2651: t11FcSpPoNaSwConnEntry OBJECT-TYPE
2652: SYNTAX T11FcSpPoNaSwConnEntry
2653: MAX-ACCESS not-accessible
2654: STATUS current
2655: DESCRIPTION
2656: "Each entry contains the name of a Switch/Node with which
2657: any port of a particular Switch on a particular Fabric, or
2658: a particular port on that Switch, is allowed or not allowed
2659: to be connected.
2660:
2661: The particular Fabric is identified by t11FcSpPoFabricIndex
2662: and managed within the Fibre Channel management instance
2663: identified by fcmInstanceIndex.
2664:
2665: The StorageType of a row in this table is specified by the
2666: instance of t11FcSpPoStorageType which is INDEX-ed by the
2667: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
2668: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
2669: t11FcSpPoNaSwConnSwitchName,
2670: t11FcSpPoNaSwConnAllowedType,
2671: t11FcSpPoNaSwConnPortNameOrAll,
2672: t11FcSpPoNaSwConnAllowedIndex }
2673: ::= { t11FcSpPoNaSwConnTable 1 }
2674:
2675: T11FcSpPoNaSwConnEntry ::= SEQUENCE {
2676: t11FcSpPoNaSwConnSwitchName FcNameIdOrZero,
2677: t11FcSpPoNaSwConnAllowedType INTEGER,
2678: t11FcSpPoNaSwConnPortNameOrAll FcNameIdOrZero,
2679: t11FcSpPoNaSwConnAllowedIndex Unsigned32,
2680: t11FcSpPoNaSwConnAllowedNameType T11FcSpPolicyNameType,
2681: t11FcSpPoNaSwConnAllowedName FcNameIdOrZero,
2682: t11FcSpPoNaSwConnRowStatus RowStatus
2683: }
2684:
2685: t11FcSpPoNaSwConnSwitchName OBJECT-TYPE
2686: SYNTAX FcNameIdOrZero (SIZE (8))
2687: MAX-ACCESS not-accessible
2688: STATUS current
2689: DESCRIPTION
2690: "The name of the Switch for which this Switch Connectivity
2691: Object specifies topology restrictions."
2692: REFERENCE
2693: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2694: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2695: section 7.1.6.1 and table 123."
2696: ::= { t11FcSpPoNaSwConnEntry 1 }
2697:
2698: t11FcSpPoNaSwConnAllowedType OBJECT-TYPE
2699: SYNTAX INTEGER { switch(1), node(2) }
2700: MAX-ACCESS not-accessible
2701: STATUS current
2702: DESCRIPTION
2703: "This object specifies whether this row refers to an
2704: 'Allowed Switch' which concerns Switch-to-Switch
2705: connectivity, or an 'Allowed Node' which concerns
2706: Switch-to-Node connectivity. Consequently, this object's
2707: value indicates whether the corresponding instance of
2708: t11FcSpPoNaSwConnAllowedName specifies the name of a Switch
2709: or the name of a Node."
2710: REFERENCE
2711: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2712: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2713: section 7.1.6.1 and table 123."
2714: ::= { t11FcSpPoNaSwConnEntry 2 }
2715:
2716: t11FcSpPoNaSwConnPortNameOrAll OBJECT-TYPE
2717: SYNTAX FcNameIdOrZero (SIZE(0 | 8))
2718: MAX-ACCESS not-accessible
2719: STATUS current
2720: DESCRIPTION
2721: "This object specifies either the particular port on which
2722: this topology restriction applies, or if the value is the
2723: zero-length string, that the topology restriction applies
2724: to all ports of the Switch.
2725:
2726: In other words, if this object's value contains the name of
2727: a port, then this row represents a 'Port Connectivity Entry'
2728: (as described in FC-SP) within a Switch Connectivity Object."
2729: REFERENCE
2730: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2731: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2732: section 7.1.6.1 and tables 123/124."
2733: ::= { t11FcSpPoNaSwConnEntry 3 }
2734:
2735: t11FcSpPoNaSwConnAllowedIndex OBJECT-TYPE
2736: SYNTAX Unsigned32 (1..4294967295)
2737: MAX-ACCESS not-accessible
2738: STATUS current
2739: DESCRIPTION
2740: "When multiple rows in this table refer to different
2741: 'Allowed Switches' or to different 'Allowed Nodes' for the
2742: same port(s) in the same Switch Connectivity Object, this
2743: object provides a unique index value to distinguish between
2744: such rows."
2745: ::= { t11FcSpPoNaSwConnEntry 4 }
2746:
2747: t11FcSpPoNaSwConnAllowedNameType OBJECT-TYPE
2748: SYNTAX T11FcSpPolicyNameType {
2749: nodeName(1),
2750: restrictedNodeName(2),
2751: portName(3),
2752: restrictedPortName(4),
2753: wildcard(5),
2754: restrictedWildcard(6)
2755: }
2756: MAX-ACCESS read-create
2757: STATUS current
2758: DESCRIPTION
2759: "If the value of this object is 'wildcard' or
2760: 'restrictedWildcard', this row specifies whether
2761: connectivity is allowed/not allowed with entities not
2762: explicitly named by other rows.
2763:
2764: Otherwise, the combination of
2765: t11FcSpPoNaSwConnAllowedNameType and
2766: t11FcSpPoNaSwConnAllowedName specify the name of:
2767:
2768: - a Switch (if t11FcSpPoNaSwConnAllowedType = 'switch'), or
2769: - a Node (if t11FcSpPoNaSwConnAllowedType = 'node')
2770:
2771: to which connectivity is allowed/not allowed."
2772: REFERENCE
2773: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2774: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2775: section 7.1.6.1 and tables 123/124."
2776: ::= { t11FcSpPoNaSwConnEntry 5 }
2777:
2778: t11FcSpPoNaSwConnAllowedName OBJECT-TYPE
2779: SYNTAX FcNameIdOrZero (SIZE (8))
2780: MAX-ACCESS read-create
2781: STATUS current
2782: DESCRIPTION
2783: "If t11FcSpPoNaSwConnAllowedNameType has the value
2784: 'wildcard' or 'restrictedWildcard', this object has the
2785: value '0000000000000000'h.
2786:
2787: Otherwise, the combination of
2788: t11FcSpPoNaSwConnAllowedNameType and
2789: t11FcSpPoNaSwConnAllowedName specify the name of:
2790:
2791: - a Switch (if t11FcSpPoNaSwConnAllowedType = 'switch'), or
2792: - a Node (if t11FcSpPoNaSwConnAllowedType = 'node')
2793:
2794: to which connectivity is allowed/not allowed."
2795: REFERENCE
2796: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2797: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2798: section 7.1.6.1 and tables 123/124."
2799: ::= { t11FcSpPoNaSwConnEntry 6 }
2800:
2801: t11FcSpPoNaSwConnRowStatus OBJECT-TYPE
2802: SYNTAX RowStatus
2803: MAX-ACCESS read-create
2804: STATUS current
2805: DESCRIPTION
2806: "The status of this row. Values of object instances
2807: within the row can be modified at any time."
2808: ::= { t11FcSpPoNaSwConnEntry 7 }
2809:
2810:
2811: --
2812: -- IP Management Entries in Non-Active IP Management List Objects
2813: --
2814:
2815: t11FcSpPoNaIpMgmtTable OBJECT-TYPE
2816: SYNTAX SEQUENCE OF T11FcSpPoNaIpMgmtEntry
2817: MAX-ACCESS not-accessible
2818: STATUS current
2819: DESCRIPTION
2820: "A table of IP Management Entries in non-active IP
2821: Management List Objects. The IP Management List Object is a
2822: Fabric-wide Policy Object that describes which IP hosts are
2823: allowed to manage a Fabric.
2824:
2825: One non-active IP Management List Object is represented by
2826: all rows of this table which have the same values of
2827: fcmInstanceIndex and t11FcSpPoFabricIndex."
2828: ::= { t11FcSpPoNonActive 7 }
2829:
2830: t11FcSpPoNaIpMgmtEntry OBJECT-TYPE
2831: SYNTAX T11FcSpPoNaIpMgmtEntry
2832: MAX-ACCESS not-accessible
2833: STATUS current
2834: DESCRIPTION
2835: "Each entry contains information about one IP Management
2836: entry within a non-active IP Management List Object for the
2837: Fabric identified by t11FcSpPoFabricIndex and managed
2838: within the Fibre Channel management instance identified
2839: by fcmInstanceIndex.
2840:
2841: The Policy Object Name of an IP Management Entry Policy
2842: Object is either an IPv6 Address Range or an IPv4 Address
2843: Range. In a Fabric's database of Policy Objects, every
2844: Policy Object Name, including these IP address ranges, is
2845: represented as a (T11FcSpPolicyNameType, T11FcSpPolicyName)
2846: tuple. In contrast, this MIB module uses the conventional
2847: MIB syntax for IP addresses, and therefore represents the
2848: Policy Object Name of an IP Management Entry Policy Object
2849: as a (InetAddressType, InetAddress, InetAddress) tuple.
2850:
2851: In theory, the use of t11FcSpPoNaIpMgmtEntryNameLow and
2852: t11FcSpPoNaIpMgmtEntryNameHigh, which have the syntax of
2853: InetAddress, in the INDEX could cause the need for
2854: excessively-long OIDs. In practice, this can't happen
2855: because FC-SP doesn't allow these objects to be specified
2856: as DNS names.
2857:
2858: The StorageType of a row in this table is specified by the
2859: instance of t11FcSpPoStorageType which is INDEX-ed by the
2860: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
2861: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
2862: t11FcSpPoNaIpMgmtListName,
2863: t11FcSpPoNaIpMgmtEntryNameType,
2864: t11FcSpPoNaIpMgmtEntryNameLow,
2865: t11FcSpPoNaIpMgmtEntryNameHigh }
2866: ::= { t11FcSpPoNaIpMgmtTable 1 }
2867:
2868: T11FcSpPoNaIpMgmtEntry ::= SEQUENCE {
2869: t11FcSpPoNaIpMgmtListName T11FcSpAlphaNumName,
2870: t11FcSpPoNaIpMgmtEntryNameType InetAddressType,
2871: t11FcSpPoNaIpMgmtEntryNameLow InetAddress,
2872: t11FcSpPoNaIpMgmtEntryNameHigh InetAddress,
2873: t11FcSpPoNaIpMgmtWkpIndex Unsigned32,
2874: t11FcSpPoNaIpMgmtAttribute T11FcSpAlphaNumNameOrNull,
2875: t11FcSpPoNaIpMgmtRowStatus RowStatus
2876: }
2877: t11FcSpPoNaIpMgmtListName OBJECT-TYPE
2878: SYNTAX T11FcSpAlphaNumName
2879: MAX-ACCESS not-accessible
2880: STATUS current
2881: DESCRIPTION
2882: "The name of a non-active Node Membership List Object."
2883: REFERENCE
2884: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2885: Fibre Channel - Security Protocols (FC-SP),
2886: 13 June 2006, section 7.1.7.1 and table 125."
2887: ::= { t11FcSpPoNaIpMgmtEntry 1 }
2888:
2889: t11FcSpPoNaIpMgmtEntryNameType OBJECT-TYPE
2890: SYNTAX InetAddressType
2891: -- INTEGER { ipv4(1), ipv6(2) }
2892: MAX-ACCESS not-accessible
2893: STATUS current
2894: DESCRIPTION
2895: "The combination of t11FcSpPoNaIpMgmtEntryNameType,
2896: t11FcSpPoNaIpMgmtNameLow and t11FcSpPoNaIpMgmtNameHigh
2897: specify the IP Address range of this IP Management
2898: Entry in the IP Management List Object.
2899:
2900: The FC-SP specification does not allow this address to
2901: be specified using a DNS domain name, nor does it allow
2902: the specification of zone indexes. Therefore, the
2903: type of address must be one of: 'ipv4', or 'ipv6'."
2904: REFERENCE
2905: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2906: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2907: sections 7.1.7.1 and table 126."
2908: ::= { t11FcSpPoNaIpMgmtEntry 2 }
2909:
2910: t11FcSpPoNaIpMgmtEntryNameLow OBJECT-TYPE
2911: SYNTAX InetAddress (SIZE(4 | 16))
2912: MAX-ACCESS not-accessible
2913: STATUS current
2914: DESCRIPTION
2915: "The lower end of an Internet address range. The type
2916: of this address is given by the corresponding instance
2917: of t11FcSpPoNaIpMgmtEntryNameType.
2918:
2919: The combination of t11FcSpPoNaIpMgmtEntryNameType,
2920: t11FcSpPoNaIpMgmtNameLow and t11FcSpPoIpMgmtNameHigh
2921: specify the IP Address range of this IP Management
2922: Entry in the IP Management List Object."
2923: REFERENCE
2924: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2925: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2926: sections 7.1.7.1 and table 126."
2927: ::= { t11FcSpPoNaIpMgmtEntry 3 }
2928:
2929: t11FcSpPoNaIpMgmtEntryNameHigh OBJECT-TYPE
2930: SYNTAX InetAddress (SIZE(4 | 16))
2931: MAX-ACCESS not-accessible
2932: STATUS current
2933: DESCRIPTION
2934: "The higher end of an Internet address range. The type
2935: of this address is given by the corresponding instance
2936: of t11FcSpPoNaIpMgmtEntryNameType.
2937:
2938: The combination of t11FcSpPoNaIpMgmtEntryNameType,
2939: t11FcSpPoNaIpMgmtNameLow and t11FcSpPoNaIpMgmtNameHigh
2940: specify the IP Address range of this IP Management
2941: Entry in the IP Management List Object."
2942: REFERENCE
2943: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2944: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2945: sections 7.1.7.1 and table 126."
2946: ::= { t11FcSpPoNaIpMgmtEntry 4 }
2947:
2948: t11FcSpPoNaIpMgmtWkpIndex OBJECT-TYPE
2949: SYNTAX Unsigned32 (0..4294967295)
2950: MAX-ACCESS read-create
2951: STATUS current
2952: DESCRIPTION
2953: "This object identifies the restrictions for IP management
2954: access by IP hosts in this range of IP addresses.
2955:
2956: The restrictions are specified as the set of Well Known
2957: Protocols Access Descriptors contained in those rows of the
2958: t11FcSpPoNaWkpDescrTable for which the value of
2959: t11FcSpPoNaWkpDescrSpecifierIndx is the same as the value
2960: of this object. If there are no such rows or if the value
2961: of this object is zero, then this IP Management Entry does
2962: not identify any Well Known Protocols Access restrictions."
2963: REFERENCE
2964: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2965: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2966: section 7.1.7.1 and tables 127/129."
2967: ::= { t11FcSpPoNaIpMgmtEntry 5 }
2968:
2969: t11FcSpPoNaIpMgmtAttribute OBJECT-TYPE
2970: SYNTAX T11FcSpAlphaNumNameOrNull
2971: MAX-ACCESS read-create
2972: STATUS current
2973: DESCRIPTION
2974: "The name of a non-active Attribute Policy Object which
2975: is defined for this IP Management entry. The zero-length
2976: string indicates that no non-active Attribute Policy Object
2977: is defined for it.
2978:
2979: The effect of having no rows in the t11FcSpPoNaAttribTable
2980: for which the value of t11FcSpPoNaAttribName is the same
2981: as the value of this object, is the same as this object's
2982: value being the zero-length string."
2983: REFERENCE
2984: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
2985: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
2986: section 7.1.7.1 and table 128."
2987: ::= { t11FcSpPoNaIpMgmtEntry 6 }
2988:
2989: t11FcSpPoNaIpMgmtRowStatus OBJECT-TYPE
2990: SYNTAX RowStatus
2991: MAX-ACCESS read-create
2992: STATUS current
2993: DESCRIPTION
2994: "The status of this row. Values of object instances
2995: within the row can be modified at any time."
2996: ::= { t11FcSpPoNaIpMgmtEntry 7 }
2997:
2998: --
2999: -- Non-Active Well-Known Protocol Access Descriptors
3000: --
3001:
3002: t11FcSpPoNaWkpDescrTable OBJECT-TYPE
3003: SYNTAX SEQUENCE OF T11FcSpPoNaWkpDescrEntry
3004: MAX-ACCESS not-accessible
3005: STATUS current
3006: DESCRIPTION
3007: "A table of the Well-Known Protocol Access Descriptors
3008: referenced from non-active Policy Objects.
3009:
3010: A Well-Known Protocol Access Specifier is a list of
3011: Well-Known Protocol Access Descriptors each of which
3012: specifies a protocol number, a port number and/or various
3013: flags specifying how IP management access is restricted.
3014:
3015: A non-active Well-Known Protocol Transport Access Specifier
3016: is represented by all rows of this table which have the same
3017: values of fcmInstanceIndex, t11FcSpPoFabricIndex, and
3018: t11FcSpPoNaWkpDescrSpecifierIndx."
3019: ::= { t11FcSpPoNonActive 8 }
3020:
3021: t11FcSpPoNaWkpDescrEntry OBJECT-TYPE
3022: SYNTAX T11FcSpPoNaWkpDescrEntry
3023: MAX-ACCESS not-accessible
3024: STATUS current
3025: DESCRIPTION
3026: "Each entry contains information about one Well-Known
3027: Protocol Access Descriptor of a non-active Well-Known
3028: Protocol Access Specifier used within the Fabric identified
3029: by t11FcSpPoFabricIndex and managed within the Fibre Channel
3030: management instance identified by fcmInstanceIndex.
3031:
3032: The StorageType of a row in this table is specified by the
3033: instance of t11FcSpPoStorageType which is INDEX-ed by the
3034: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
3035: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
3036: t11FcSpPoNaWkpDescrSpecifierIndx,
3037: t11FcSpPoNaWkpDescrIndex }
3038: ::= { t11FcSpPoNaWkpDescrTable 1 }
3039:
3040: T11FcSpPoNaWkpDescrEntry ::= SEQUENCE {
3041: t11FcSpPoNaWkpDescrSpecifierIndx Unsigned32,
3042: t11FcSpPoNaWkpDescrIndex Unsigned32,
3043: t11FcSpPoNaWkpDescrFlags BITS,
3044: t11FcSpPoNaWkpDescrWkpNumber Unsigned32,
3045: t11FcSpPoNaWkpDescrDestPort Unsigned32,
3046: t11FcSpPoNaWkpDescrRowStatus RowStatus
3047: }
3048:
3049: t11FcSpPoNaWkpDescrSpecifierIndx OBJECT-TYPE
3050: SYNTAX Unsigned32 (1..4294967295)
3051: MAX-ACCESS not-accessible
3052: STATUS current
3053: DESCRIPTION
3054: "An index value which uniquely identifies a particular
3055: non-active Well-Known Protocol Access Specifier within
3056: a Fabric."
3057: ::= { t11FcSpPoNaWkpDescrEntry 1 }
3058:
3059: t11FcSpPoNaWkpDescrIndex OBJECT-TYPE
3060: SYNTAX Unsigned32 (1..4294967295)
3061: MAX-ACCESS not-accessible
3062: STATUS current
3063: DESCRIPTION
3064: "An index value which uniquely identifies a particular
3065: Well-Known Protocol Access Descriptor within a
3066: non-active Well-Known Protocol Access Specifier."
3067: ::= { t11FcSpPoNaWkpDescrEntry 2 }
3068:
3069: t11FcSpPoNaWkpDescrFlags OBJECT-TYPE
3070: SYNTAX BITS {
3071: allow(0),
3072: wkpWildcard(1),
3073: destPortWildcard(2),
3074: readOnly(3)
3075: }
3076: MAX-ACCESS read-create
3077: STATUS current
3078: DESCRIPTION
3079: "The flag bits which specify how access is to be limited by
3080: this Well-Known Protocol Access Descriptor:
3081:
3082: - allow -- IP management access using this protocol/port
3083: is allowed if this bit is set, and to be denied if this
3084: bit is not set.
3085:
3086: - wkpWildcard -- if this bit is set, the IP Protocol number
3087: of the Well-Known Protocol to be allowed/denied is
3088: specified by the value of t11FcSpPoNaWkpDescrWkpNumber.
3089:
3090: - destPortWildcard -- if this bit is set, the Destination
3091: (TCP/UDP) Port number of the Well-Known Protocol to be
3092: allowed/denied is specified by the value of
3093: t11FcSpPoNaWkpDescrDestPort.
3094:
3095: - readOnly -- if this bit is set then access is to be
3096: granted only for reading."
3097: REFERENCE
3098: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3099: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3100: section 7.1.7.1 and table 131."
3101: ::= { t11FcSpPoNaWkpDescrEntry 3 }
3102:
3103: t11FcSpPoNaWkpDescrWkpNumber OBJECT-TYPE
3104: SYNTAX Unsigned32 (0..255)
3105: MAX-ACCESS read-create
3106: STATUS current
3107: DESCRIPTION
3108: "When the 'wkpWildcard' bit is set in the corresponding
3109: instance of t11FcSpPoNaWkpDescrFlags, this object specifies
3110: the IP protocol number of the Well-Known Protocol."
3111: REFERENCE
3112: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3113: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3114: section 7.1.7.1 and table 131.
3115: - http://www.iana.org/assignments/protocol-numbers."
3116: ::= { t11FcSpPoNaWkpDescrEntry 4 }
3117:
3118: t11FcSpPoNaWkpDescrDestPort OBJECT-TYPE
3119: SYNTAX Unsigned32 (0..65535)
3120: MAX-ACCESS read-create
3121: STATUS current
3122: DESCRIPTION
3123: "When the 'destPortWildcard' bit is set in the corresponding
3124: instance of t11FcSpPoNaWkpDescrFlags, this object specifies
3125: the Destination (TCP/UDP) Port number of the Well-Known
3126: Protocol."
3127: REFERENCE
3128: "- INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3129: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3130: section 7.1.7.1 and table 131.
3131: - http://www.iana.org/assignments/port-numbers."
3132: ::= { t11FcSpPoNaWkpDescrEntry 5 }
3133:
3134: t11FcSpPoNaWkpDescrRowStatus OBJECT-TYPE
3135: SYNTAX RowStatus
3136: MAX-ACCESS read-create
3137: STATUS current
3138: DESCRIPTION
3139: "The status of this row. Values of object instances
3140: within the row can be modified at any time."
3141: ::= { t11FcSpPoNaWkpDescrEntry 6 }
3142:
3143:
3144: --
3145: -- Attribute Entries in Non-Active Attribute Policy Objects
3146: --
3147:
3148: t11FcSpPoNaAttribTable OBJECT-TYPE
3149: SYNTAX SEQUENCE OF T11FcSpPoNaAttribEntry
3150: MAX-ACCESS not-accessible
3151: STATUS current
3152: DESCRIPTION
3153: "A table of the Attribute Policy Objects being used within
3154: non-active Policy Objects.
3155:
3156: A non-active Attribute Policy Object is represented by all
3157: the Attribute Entries in this table which have the same
3158: value of t11FcSpPoNaAttribName."
3159: ::= { t11FcSpPoNonActive 9 }
3160:
3161: t11FcSpPoNaAttribEntry OBJECT-TYPE
3162: SYNTAX T11FcSpPoNaAttribEntry
3163: MAX-ACCESS not-accessible
3164: STATUS current
3165: DESCRIPTION
3166: "Each entry contains information about one Attribute
3167: Entry contained within an Attribute Policy Object
3168: which is non-active within the Fabric identified by
3169: t11FcSpPoFabricIndex and managed within the Fibre Channel
3170: management instance identified by fcmInstanceIndex.
3171:
3172: For some types of Attribute Policy Objects, it is valuable
3173: to break-out some semantically-significant parts of the
3174: Policy Object's value into their own individual MIB
3175: objects; for example, to extract the one or more individual
3176: Authentication Protocol Identifiers and associated
3177: Authentication Protocol Parameters out of an Attribute
3178: containing a 'AUTH_Negotiate Message Payload'. For such
3179: types, another MIB table is defined to hold the extracted
3180: values in MIB objects specific to the Attribute Policy
3181: Object's type. In such cases, the
3182: t11FcSpPoNaAttribExtension object in this table points to
3183: the other MIB table.
3184:
3185: If the value of one Attribute Entry is too large (more than
3186: 256 bytes) to be contained within the value of one instance
3187: of t11FcSpPoNaAttribValue, then one row in this table
3188: contains the first 256 bytes, and one (or more) other row(s)
3189: in this table contain the rest of the value.
3190:
3191: The StorageType of a row in this table is specified by the
3192: instance of t11FcSpPoStorageType which is INDEX-ed by the
3193: same values of fcmInstanceIndex and t11FcSpPoFabricIndex."
3194: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
3195: t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
3196: t11FcSpPoNaAttribPartIndex }
3197: ::= { t11FcSpPoNaAttribTable 1 }
3198:
3199: T11FcSpPoNaAttribEntry ::= SEQUENCE {
3200: t11FcSpPoNaAttribName T11FcSpAlphaNumName,
3201: t11FcSpPoNaAttribEntryIndex Unsigned32,
3202: t11FcSpPoNaAttribPartIndex Unsigned32,
3203: t11FcSpPoNaAttribType Unsigned32,
3204: t11FcSpPoNaAttribValue OCTET STRING,
3205: t11FcSpPoNaAttribExtension OBJECT IDENTIFIER,
3206: t11FcSpPoNaAttribRowStatus RowStatus
3207: }
3208:
3209: t11FcSpPoNaAttribName OBJECT-TYPE
3210: SYNTAX T11FcSpAlphaNumName
3211: MAX-ACCESS not-accessible
3212: STATUS current
3213: DESCRIPTION
3214: "The name of the Attribute Policy Object containing one
3215: or more Attribute Entries."
3216: REFERENCE
3217: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3218: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3219: section 7.1.8.1 and table 133."
3220: ::= { t11FcSpPoNaAttribEntry 1 }
3221:
3222: t11FcSpPoNaAttribEntryIndex OBJECT-TYPE
3223: SYNTAX Unsigned32 (1..4294967295)
3224: MAX-ACCESS not-accessible
3225: STATUS current
3226: DESCRIPTION
3227: "A unique value to distinguish this Attribute Entry
3228: from other Attribute Entries contained in the same
3229: Attribute Policy Object."
3230: REFERENCE
3231: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3232: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3233: section 7.1.8.1, tables 133/134."
3234: ::= { t11FcSpPoNaAttribEntry 2 }
3235:
3236: t11FcSpPoNaAttribPartIndex OBJECT-TYPE
3237: SYNTAX Unsigned32 (1..4294967295)
3238: MAX-ACCESS not-accessible
3239: STATUS current
3240: DESCRIPTION
3241: "When the value of an Attribute Entry is shorter than 257
3242: bytes, the whole value is contained in one instance of
3243: t11FcSpPoNaAttribValue, and the value of this object is 1.
3244:
3245: If the value of an Attribute Entry is longer than 256 bytes,
3246: then that value is divided up on 256 byte boundaries such
3247: that all parts are 256 bytes long except the last part which
3248: is shorter if necessary, with each such part contained in
3249: a separate row of this table, and the value of this object
3250: is set to the part number. That is, this object has the
3251: value of 1 for bytes 0-255, the value of 2 for bytes
3252: 256-511, ... etc."
3253: REFERENCE
3254: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3255: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3256: section 7.1.8.1, tables 134/135."
3257: ::= { t11FcSpPoNaAttribEntry 3 }
3258:
3259: t11FcSpPoNaAttribType OBJECT-TYPE
3260: SYNTAX Unsigned32 (1..4294967295)
3261: MAX-ACCESS read-create
3262: STATUS current
3263: DESCRIPTION
3264: "The type of attribute. The first type to be defined is:
3265:
3266: t11FcSpPoNaAttribType t11FcSpPoNaAttribValue
3267: =================== ====================
3268: '00000001'h The AUTH_Negotiate Message Payload
3269:
3270: "
3271: REFERENCE
3272: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3273: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3274: section 7.1.8.1, tables 134/135 and table 10."
3275: ::= { t11FcSpPoNaAttribEntry 4 }
3276:
3277: t11FcSpPoNaAttribValue OBJECT-TYPE
3278: SYNTAX OCTET STRING (SIZE (0..256))
3279: MAX-ACCESS read-create
3280: STATUS current
3281: DESCRIPTION
3282: "The value of an Attribute Entry is divided up on 256 byte
3283: boundaries such that all parts are 256 bytes long except the
3284: last part which is shorter if necessary, and each such part
3285: is contained in a separate instance of this object.
3286:
3287: When the value of the corresponding instance of
3288: t11FcSpPoNaAttribExtension is not zeroDotZero, then the same
3289: underlying management data has its value contained both in
3290: this object and in the individual/broken-out parts pointed
3291: to by t11FcSpPoNaAttribExtension. Thus, after any
3292: modification of the underlying management data, e.g., after
3293: a Set operation to the value of either MIB representation,
3294: then that modification is reflected in the values of both
3295: MIB representations."
3296: REFERENCE
3297: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3298: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3299: section 7.1.8.1, tables 134/135 and table 10."
3300: ::= { t11FcSpPoNaAttribEntry 5 }
3301:
3302: t11FcSpPoNaAttribExtension OBJECT-TYPE
3303: SYNTAX OBJECT IDENTIFIER
3304: MAX-ACCESS read-only
3305: STATUS current
3306: DESCRIPTION
3307: "For some types of Attribute Policy Object, the value of
3308: this MIB object points to type-specific MIB objects which
3309: contain individual/broken-out parts of the Attribute Policy
3310: Object's value. If this object doesn't point to such
3311: type-specific MIB objects, then it contains the value:
3312: zeroDotZero.
3313:
3314: In particular, when the value of t11FcSpPoNaAttribType
3315: indicates 'AUTH_Negotiate Message Payload', one or more
3316: Authentication Protocol Identifiers and their associated
3317: Authentication Protocol Parameters are embedded within
3318: the value of the corresponding instance of
3319: t11FcSpPoNaAttribValue; MIB objects to contain these
3320: individual values are defined in the
3321: t11FcSpPoAuthProtTable. Thus, for an 'AUTH_Negotiate
3322: Message Payload' Attribute, the value of this object would
3323: contain the OID of t11FcSpPoNaAuthProtTable.
3324:
3325: When the value of this object is not zeroDotZero, then the
3326: same underlying management data has its value contained in
3327: both the individual/broken-out parts pointed to by this
3328: object and in the corresponding instance of
3329: t11FcSpPoNaAttribValue. Thus, after any modification of the
3330: underlying management data, e.g., after a Set operation to
3331: the value of either MIB representation, then that
3332: modification is reflected in the values of both MIB
3333: representations."
3334: ::= { t11FcSpPoNaAttribEntry 6 }
3335:
3336: t11FcSpPoNaAttribRowStatus OBJECT-TYPE
3337: SYNTAX RowStatus
3338: MAX-ACCESS read-create
3339: STATUS current
3340: DESCRIPTION
3341: "The status of this row. Values of object instances
3342: within the row can be modified at any time."
3343: ::= { t11FcSpPoNaAttribEntry 7 }
3344:
3345: --
3346: -- Auth. Protocol Parameters in Non-Active Attribute Policy Objects
3347: --
3348:
3349: t11FcSpPoNaAuthProtTable OBJECT-TYPE
3350: SYNTAX SEQUENCE OF T11FcSpPoNaAuthProtEntry
3351: MAX-ACCESS not-accessible
3352: STATUS current
3353: DESCRIPTION
3354: "A table of Authentication Protocol Identifier and
3355: Authentication Protocol Parameters which are embedded in
3356: Attribute Policy Objects being used within non-active
3357: Policy Objects.
3358:
3359: This table is used for Attribute Entries of Attribute Policy
3360: Objects for which the value of t11FcSpPoNaAttribType
3361: indicates 'AUTH_Negotiate Message Payload' and the value of
3362: t11FcSpPoNaAttribExtension contains the OID of this table."
3363: REFERENCE
3364: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3365: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3366: sections 5.3.2 & 7.1.8.1, tables 134/135 and tables 10/11."
3367: ::= { t11FcSpPoNonActive 10 }
3368:
3369: t11FcSpPoNaAuthProtEntry OBJECT-TYPE
3370: SYNTAX T11FcSpPoNaAuthProtEntry
3371: MAX-ACCESS not-accessible
3372: STATUS current
3373: DESCRIPTION
3374: "Each row contains information about an Authentication
3375: Protocol which is extracted out of the Attribute Entry
3376: (identified by t11FcSpPoNaAttribEntryIndex) of the
3377: non-active Policy Attribute Object (identified by
3378: t11FcSpPoNaAttribName) for the Fabric identified by
3379: t11FcSpPoFabricIndex and managed within the Fibre Channel
3380: management instance identified by fcmInstanceIndex.
3381:
3382: If the value of one Attribute Protocol Parameters string is
3383: too large (more than 256 bytes) to be contained within the
3384: value of one instance of t11FcSpPoNaAuthProtParams, then
3385: one row in this table contains the first 256 bytes, and
3386: one (or more) other row(s) in this table contain the rest
3387: of the value.
3388:
3389: The same underlying management data which is represented in
3390: rows of this table is also represented by the corresponding
3391: instances of t11FcSpPoNaAttribValue. Thus, after any
3392: modification of the underlying management data, e.g., after
3393: a Set operation to the value of either MIB representation,
3394: then that modification is reflected in the values of both
3395: MIB representations."
3396: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex,
3397: t11FcSpPoNaAttribName, t11FcSpPoNaAttribEntryIndex,
3398: t11FcSpPoNaAuthProtIdentifier,
3399: t11FcSpPoNaAuthProtPartIndex }
3400: ::= { t11FcSpPoNaAuthProtTable 1 }
3401:
3402: T11FcSpPoNaAuthProtEntry ::= SEQUENCE {
3403: t11FcSpPoNaAuthProtIdentifier Unsigned32,
3404: t11FcSpPoNaAuthProtPartIndex Unsigned32,
3405: t11FcSpPoNaAuthProtParams OCTET STRING,
3406: t11FcSpPoNaAuthProtRowStatus RowStatus
3407: }
3408:
3409: t11FcSpPoNaAuthProtIdentifier OBJECT-TYPE
3410: SYNTAX Unsigned32
3411: MAX-ACCESS not-accessible
3412: STATUS current
3413: DESCRIPTION
3414: "The Authentication Protocol Identifier:
3415:
3416: 1 = DH-CHAP
3417: 3 = FCPAP
3418: 4 = IKEv2
3419: 5 = IKEv2-AUTH
3420: 240 thru 255 = Vendor Specific Protocols
3421:
3422: all other values are 'Reserved' (by T11)."
3423: REFERENCE
3424: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3425: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3426: section 5.3.2, table 11."
3427: ::= { t11FcSpPoNaAuthProtEntry 1 }
3428:
3429: t11FcSpPoNaAuthProtPartIndex OBJECT-TYPE
3430: SYNTAX Unsigned32 (1..4294967295)
3431: MAX-ACCESS not-accessible
3432: STATUS current
3433: DESCRIPTION
3434: "When the value of an Attribute Protocol Parameters string
3435: is shorter than 257 bytes, the whole value is contained in
3436: one instance of t11FcSpPoNaAuthProtParams, and the value of
3437: this object is 1. (This includes the case when the Attribute
3438: Protocol Parameters string is zero bytes in length.)
3439:
3440: If the value of an Authentication Protocol Parameters string
3441: is longer than 256 bytes, then that value is divided up on
3442: 256 byte boundaries such that all parts are 256 bytes long
3443: except the last part which is shorter if necessary, with
3444: each such part contained in a separate row of this table,
3445: and the value of this object is set to the part number.
3446: That is, this object has the value of 1 for bytes 0-255,
3447: the value of 2 for bytes 256-511, ... etc."
3448: REFERENCE
3449: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3450: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3451: section 5.3.2, table 10."
3452: ::= { t11FcSpPoNaAuthProtEntry 2 }
3453:
3454: t11FcSpPoNaAuthProtParams OBJECT-TYPE
3455: SYNTAX OCTET STRING (SIZE (0..256))
3456: MAX-ACCESS read-create
3457: STATUS current
3458: DESCRIPTION
3459: "The value of an Authentication Protocol Parameters string
3460: is divided up on 256 byte boundaries such that all parts
3461: are 256 bytes long except the last part which is shorter
3462: if necessary, and each such part is contained in a
3463: separate instance of this object."
3464: REFERENCE
3465: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3466: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3467: section 5.3.2, table 10."
3468: ::= { t11FcSpPoNaAuthProtEntry 3 }
3469:
3470: t11FcSpPoNaAuthProtRowStatus OBJECT-TYPE
3471: SYNTAX RowStatus
3472: MAX-ACCESS read-create
3473: STATUS current
3474: DESCRIPTION
3475: "The status of this row. Values of object instances
3476: within the row can be modified at any time."
3477: ::= { t11FcSpPoNaAuthProtEntry 4 }
3478:
3479: --
3480: -- Part 4 - Statistics
3481: --
3482:
3483: t11FcSpPoStatsTable OBJECT-TYPE
3484: SYNTAX SEQUENCE OF T11FcSpPoStatsEntry
3485: MAX-ACCESS not-accessible
3486: STATUS current
3487: DESCRIPTION
3488: "A table of statistics maintained by FC-SP Security
3489: Policy Servers."
3490: ::= { t11FcSpPoStatistics 1 }
3491:
3492: t11FcSpPoStatsEntry OBJECT-TYPE
3493: SYNTAX T11FcSpPoStatsEntry
3494: MAX-ACCESS not-accessible
3495: STATUS current
3496: DESCRIPTION
3497: "A set of statistics for the FC-SP Security Policy Server on
3498: the Fabric identified by the value of t11FcSpPoFabricIndex,
3499: and managed within the Fibre Channel management instance
3500: identified by fcmInstanceIndex."
3501: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex }
3502: ::= { t11FcSpPoStatsTable 1 }
3503:
3504: T11FcSpPoStatsEntry ::= SEQUENCE {
3505: t11FcSpPoInRequests Counter32,
3506: t11FcSpPoInAccepts Counter32,
3507: t11FcSpPoInRejects Counter32
3508: }
3509:
3510: t11FcSpPoInRequests OBJECT-TYPE
3511: SYNTAX Counter32
3512: MAX-ACCESS read-only
3513: STATUS current
3514: DESCRIPTION
3515: "The number of FC-SP Policy Management Requests
3516: (e.g., GPS, APS, etc.) received by this FC-SP
3517: Security Policy Server on this Fabric.
3518:
3519: This counter has no discontinuities other than those
3520: which all Counter32's have when sysUpTime=0."
3521: REFERENCE
3522: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3523: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3524: section 7.3."
3525: ::= { t11FcSpPoStatsEntry 1 }
3526:
3527: t11FcSpPoInAccepts OBJECT-TYPE
3528: SYNTAX Counter32
3529: MAX-ACCESS read-only
3530: STATUS current
3531: DESCRIPTION
3532: "The number of times that this FC-SP Security Policy Server
3533: sent an Accept CT_IU on this Fabric in response to a
3534: received FC-SP Policy Management Request (e.g., GPS, APS,
3535: etc.).
3536:
3537: This counter has no discontinuities other than those
3538: which all Counter32's have when sysUpTime=0."
3539: REFERENCE
3540: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3541: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3542: section 7.3."
3543: ::= { t11FcSpPoStatsEntry 2 }
3544:
3545: t11FcSpPoInRejects OBJECT-TYPE
3546: SYNTAX Counter32
3547: MAX-ACCESS read-only
3548: STATUS current
3549: DESCRIPTION
3550: "The number of times that this FC-SP Security Policy Server
3551: sent a Reject CT_IU on this Fabric in response to a
3552: received FC-SP Policy Management Request (e.g., GPS, APS,
3553: etc.).
3554:
3555: This counter has no discontinuities other than those
3556: which all Counter32's have when sysUpTime=0."
3557: REFERENCE
3558: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3559: Fibre Channel - Security Protocols (FC-SP), 13 June 2006,
3560: section 7.3."
3561: ::= { t11FcSpPoStatsEntry 3 }
3562:
3563: --
3564: -- Part 5 - Control Information & Notifications
3565: --
3566:
3567: --
3568: -- Control Information
3569: --
3570:
3571: t11FcSpPoServerAddress OBJECT-TYPE
3572: SYNTAX FcNameIdOrZero
3573: MAX-ACCESS accessible-for-notify
3574: STATUS current
3575: DESCRIPTION
3576: "The WWN of the FC-SP Security Policy Server which
3577: received a request which is referenced in a
3578: notification."
3579: ::= { t11FcSpPoControl 1 }
3580:
3581:
3582: t11FcSpPoControlTable OBJECT-TYPE
3583: SYNTAX SEQUENCE OF T11FcSpPoControlEntry
3584: MAX-ACCESS not-accessible
3585: STATUS current
3586: DESCRIPTION
3587: "A table of control information, including the memory
3588: realization of FC-SP Policy Databases, and concerning
3589: the generation of notifications due to FC-SP
3590: Policy-related events."
3591: ::= { t11FcSpPoControl 2 }
3592:
3593: t11FcSpPoControlEntry OBJECT-TYPE
3594: SYNTAX T11FcSpPoControlEntry
3595: MAX-ACCESS not-accessible
3596: STATUS current
3597: DESCRIPTION
3598: "Each entry contains control information specific to FC-SP
3599: Policy and Policy-related events for the Fabric identified
3600: by the value of t11FcSpPoFabricIndex, and managed within
3601: the Fibre Channel management instance identified by
3602: fcmInstanceIndex."
3603: INDEX { fcmInstanceIndex, t11FcSpPoFabricIndex }
3604: ::= { t11FcSpPoControlTable 1 }
3605:
3606: T11FcSpPoControlEntry ::= SEQUENCE {
3607: t11FcSpPoStorageType StorageType,
3608: t11FcSpPoNotificationEnable TruthValue,
3609: t11FcSpPoLastNotifyType INTEGER,
3610: t11FcSpPoRequestSource FcNameIdOrZero,
3611: t11FcSpPoReasonCode T11NsGs4RejectReasonCode,
3612: t11FcSpPoCtCommandString OCTET STRING,
3613: t11FcSpPoReasonCodeExp Unsigned32,
3614: t11FcSpPoReasonVendorCode OCTET STRING
3615: }
3616:
3617: t11FcSpPoStorageType OBJECT-TYPE
3618: SYNTAX StorageType
3619: MAX-ACCESS read-write
3620: STATUS current
3621: DESCRIPTION
3622: "This object specifies the memory realization of FC-SP
3623: Policy Objects and related information for a particular
3624: Fabric; specifically, for:
3625:
3626: - rows created and/or modified for the particular
3627: Fabric in these tables:
3628:
3629: t11FcSpPoNaSummaryTable
3630: t11FcSpPoNaSwListTable
3631: t11FcSpPoNaSwMembTable
3632: t11FcSpPoNaNoMembTable
3633: t11FcSpPoNaCtDescrTable
3634: t11FcSpPoNaSwConnTable
3635: t11FcSpPoNaIpMgmtTable
3636: t11FcSpPoNaWkpDescrTable
3637: t11FcSpPoNaAttribTable
3638:
3639: - the activate and deactivate actions invoked through
3640: the t11FcSpPoOperActivate and t11FcSpPoOperDeActivate
3641: objects for the particular Fabric; and
3642:
3643: - modified information contained in the same row
3644: as an instance of this object.
3645:
3646: Even if an instance of this object has the value
3647: 'permanent(4)', none of the information defined in
3648: this MIB module for the given Fabric needs to be
3649: writable."
3650: ::= { t11FcSpPoControlEntry 1 }
3651:
3652: t11FcSpPoNotificationEnable OBJECT-TYPE
3653: SYNTAX TruthValue
3654: MAX-ACCESS read-write
3655: STATUS current
3656: DESCRIPTION
3657: "This object specifies whether the following types of
3658: notifications:
3659:
3660: t11FcSpPoNotifyActivation,
3661: t11FcSpPoNotifyActivateFail,
3662: t11FcSpPoNotifyDeactivation and
3663: t11FcSpPoNotifyDeactivateFail
3664:
3665: should be generated for this Fabric."
3666: ::= { t11FcSpPoControlEntry 2 }
3667:
3668: t11FcSpPoLastNotifyType OBJECT-TYPE
3669: SYNTAX INTEGER {
3670: none(1),
3671: activation(2),
3672: activateFail(3),
3673: deactivation(4),
3674: deactivateFail(5)
3675: }
3676: MAX-ACCESS read-only
3677: STATUS current
3678: DESCRIPTION
3679: "An indication of which of the following types of
3680: notification is currently being/was most recently
3681: generated for the Fabric:
3682:
3683: 'activation' -- t11FcSpPoNotifyActivation
3684: 'activateFail' -- t11FcSpPoNotifyActivateFail
3685: 'deactivation' -- t11FcSpPoNotifyDeactivation
3686: 'deactivateFail' -- t11FcSpPoNotifyDeactivateFail
3687:
3688: The value 'none' indicates that none of these types of
3689: notifications have been generated since the last restart
3690: of the network management system, and therefore that the
3691: corresponding instances of: t11FcSpPoRequestSource,
3692: t11FcSpPoReasonCode, t11FcSpPoCtCommandString,
3693: t11FcSpPoReasonCodeExp and
3694: t11FcSpPoReasonVendorCode are irrelevant."
3695: ::= { t11FcSpPoControlEntry 3 }
3696:
3697: t11FcSpPoRequestSource OBJECT-TYPE
3698: SYNTAX FcNameIdOrZero
3699: MAX-ACCESS read-only
3700: STATUS current
3701: DESCRIPTION
3702: "The WWN of the source of the (Activate Policy Summary
3703: or Deactivate Policy Summary) request for which the
3704: current/most recent notification of the type indicated by
3705: the corresponding instance of t11FcSpPoLastNotifyType
3706: is being/was generated.
3707:
3708: If no source is available, the value of this object is
3709: the zero-length string."
3710: DEFVAL { "" }
3711: ::= { t11FcSpPoControlEntry 4 }
3712:
3713: t11FcSpPoReasonCode OBJECT-TYPE
3714: SYNTAX T11NsGs4RejectReasonCode
3715: MAX-ACCESS read-only
3716: STATUS current
3717: DESCRIPTION
3718: "The reason code associated with the failure which is
3719: indicated when the value of the corresponding instance
3720: of t11FcSpPoLastNotifyType is 'activateFail' or
3721: 'deactivateFail'.
3722:
3723: For other values of t11FcSpPoLastNotifyType, the value
3724: of this object is 'none(1)'."
3725: REFERENCE
3726: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3727: Fibre Channel - Security Protocols (FC-SP),
3728: 13 June 2006, section 7.3.6.2 & 7.3.6.3"
3729: ::= { t11FcSpPoControlEntry 5 }
3730:
3731: t11FcSpPoCtCommandString OBJECT-TYPE
3732: SYNTAX OCTET STRING (SIZE (0..255))
3733: MAX-ACCESS read-only
3734: STATUS current
3735: DESCRIPTION
3736: "The binary content of the failed request which is
3737: indicated when the value of the corresponding instance of
3738: t11FcSpPoLastNotifyType is 'activateFail' or
3739: 'deactivateFail'. The content of the request is formatted
3740: as an octet string (in network byte order) containing the
3741: CT_IU, as described in Table 2 of [FC-GS-5] (including the
3742: preamble).
3743:
3744: For other values of t11FcSpPoLastNotifyType, or if the
3745: CT_IU's content is unavailable, the value of this object
3746: is the zero-length string.
3747:
3748: When the length of this object is 255 octets, it
3749: contains the first 255 octets of the CT_IU (in
3750: network-byte order)."
3751: ::= { t11FcSpPoControlEntry 6 }
3752:
3753: t11FcSpPoReasonCodeExp OBJECT-TYPE
3754: SYNTAX Unsigned32 (0..255)
3755: MAX-ACCESS read-only
3756: STATUS current
3757: DESCRIPTION
3758: "The reason code explanation associated with the failure
3759: which is indicated when the value of the corresponding
3760: instance of t11FcSpPoLastNotifyType is 'activateFail' or
3761: 'deactivateFail'.
3762:
3763: For other values of t11FcSpPoLastNotifyType, the value
3764: of this object is zero."
3765: REFERENCE
3766: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3767: Fibre Channel - Security Protocols (FC-SP),
3768: 13 June 2006, section 7.3.6.2 & 7.3.6.3"
3769: ::= { t11FcSpPoControlEntry 7 }
3770:
3771: t11FcSpPoReasonVendorCode OBJECT-TYPE
3772: SYNTAX OCTET STRING (SIZE (0 | 1))
3773: MAX-ACCESS read-only
3774: STATUS current
3775: DESCRIPTION
3776: "The vendor-specific reason code associated with the failure
3777: which is indicated when the value of the corresponding
3778: instance of t11FcSpPoLastNotifyType is 'activateFail' or
3779: 'deactivateFail'.
3780:
3781: For other values of t11FcSpPoLastNotifyType, or if no
3782: vendor-specific reason code is available, the value
3783: of this object is the zero-length string."
3784: REFERENCE
3785: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3786: Fibre Channel - Security Protocols (FC-SP),
3787: 13 June 2006, section 7.3.6.2 & 7.3.6.3"
3788: ::= { t11FcSpPoControlEntry 8 }
3789:
3790:
3791: --
3792: -- Notification definitions
3793: --
3794:
3795: t11FcSpPoNotifyActivation NOTIFICATION-TYPE
3796: OBJECTS { t11FcSpPoServerAddress,
3797: t11FcSpPoPolicySummaryObjName,
3798: t11FcSpPoRequestSource }
3799: STATUS current
3800: DESCRIPTION
3801: "This notification is generated whenever a Security
3802: Policy Server (indicated by the value of
3803: t11FcSpPoServerAddress) successfully completes the
3804: execution of an Activate Policy Summary request.
3805: The value of t11FcSpPoRequestSource indicates
3806: the source of the APS request. The value of
3807: t11FcSpPoPolicySummaryObjName indicates the name of
3808: the activated Policy Summary Object."
3809: ::= { t11FcSpPoMIBNotifications 1 }
3810:
3811: t11FcSpPoNotifyActivateFail NOTIFICATION-TYPE
3812: OBJECTS { t11FcSpPoServerAddress,
3813: t11FcSpPoRequestSource,
3814: t11FcSpPoCtCommandString,
3815: t11FcSpPoReasonCode,
3816: t11FcSpPoReasonCodeExp,
3817: t11FcSpPoReasonVendorCode }
3818: STATUS current
3819: DESCRIPTION
3820: "This notification is generated whenever a Security Policy
3821: Server (indicated by the value of t11FcSpPoServerAddress)
3822: fails to complete the execution of an Activate Policy
3823: Summary request.
3824:
3825: The value of t11FcSpPoCtCommandString indicates the
3826: rejected request, and the values of t11FcSpPoReasonCode,
3827: t11FcSpPoReasonCodeExp and t11FcSpPoReasonVendorCode
3828: indicate the reason for the rejection. The value of
3829: t11FcSpPoRequestSource indicates the source of the
3830: request."
3831: REFERENCE
3832: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3833: Fibre Channel - Security Protocols (FC-SP),
3834: 13 June 2006, section 7.3.6.2."
3835: ::= { t11FcSpPoMIBNotifications 2 }
3836:
3837: t11FcSpPoNotifyDeactivation NOTIFICATION-TYPE
3838: OBJECTS { t11FcSpPoServerAddress,
3839: t11FcSpPoRequestSource }
3840: STATUS current
3841: DESCRIPTION
3842: "This notification is generated whenever a Security
3843: Policy Server (indicated by the value of
3844: t11FcSpPoServerAddress) successfully completes the
3845: execution of a Deactivate Policy Summary request.
3846: The value of t11FcSpPoRequestSource indicates
3847: the source of the DPS request."
3848: REFERENCE
3849: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
3850: Fibre Channel - Security Protocols (FC-SP),
3851: 13 June 2006, section 7.3.6.3."
3852: ::= { t11FcSpPoMIBNotifications 3 }
3853:
3854: t11FcSpPoNotifyDeactivateFail NOTIFICATION-TYPE
3855: OBJECTS { t11FcSpPoServerAddress,
3856: t11FcSpPoRequestSource,
3857: t11FcSpPoCtCommandString,
3858: t11FcSpPoReasonCode,
3859: t11FcSpPoReasonCodeExp,
3860: t11FcSpPoReasonVendorCode }
3861: STATUS current
3862: DESCRIPTION
3863: "This notification is generated whenever a Security Policy
3864: Server (indicated by the value of t11FcSpPoServerAddress)
3865: fails to complete the execution of a Deactivate Policy
3866: Summary request.
3867:
3868: The value of t11FcSpPoCtCommandString indicates the
3869: rejected request, and the values of t11FcSpPoReasonCode,
3870: t11FcSpPoReasonCodeExp and t11FcSpPoReasonVendorCode
3871: indicate the reason for the rejection. The value of
3872: t11FcSpPoRequestSource indicates the source of the
3873: request."
3874: ::= { t11FcSpPoMIBNotifications 4 }
3875:
3876: --
3877: -- Conformance
3878: --
3879:
3880: t11FcSpPoMIBCompliances
3881: OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 1 }
3882: t11FcSpPoMIBGroups OBJECT IDENTIFIER ::= { t11FcSpPoMIBConformance 2 }
3883:
3884: t11FcSpPoMIBCompliance MODULE-COMPLIANCE
3885: STATUS current
3886: DESCRIPTION
3887: "The compliance statement for entities which
3888: support the Fabric Policies defined in FC-SP,"
3889:
3890: MODULE -- this module
3891: MANDATORY-GROUPS { t11FcSpPoActiveObjectsGroup }
3892:
3893: GROUP t11FcSpPoNonActiveObjectsGroup
3894: DESCRIPTION
3895: "These objects are mandatory for FC-SP Security Policy
3896: Servers."
3897:
3898: GROUP t11FcSpPoNotifyObjectsGroup
3899: DESCRIPTION
3900: "These objects are mandatory for FC-SP Security Policy
3901: Servers."
3902:
3903: GROUP t11FcSpPoNotificationGroup
3904: DESCRIPTION
3905: "These notifications are mandatory for FC-SP Security
3906: Policy Servers."
3907:
3908: GROUP t11FcSpPoOperationsObjectsGroup
3909: DESCRIPTION
3910: "These objects are mandatory only for FC-SP Security
3911: Policy Servers which support the activation/deactivation
3912: of policies via SNMP."
3913:
3914: GROUP t11FcSpPoStatsObjectsGroup
3915: DESCRIPTION
3916: "These objects are optional."
3917:
3918: -- Write access is not required for any objects in this MIB module:
3919:
3920: OBJECT t11FcSpPoOperActivate
3921: MIN-ACCESS read-only
3922: DESCRIPTION
3923: "Write access is not required."
3924:
3925: OBJECT t11FcSpPoOperDeActivate
3926: MIN-ACCESS read-only
3927: DESCRIPTION
3928: "Write access is not required."
3929:
3930: OBJECT t11FcSpPoStorageType
3931: MIN-ACCESS read-only
3932: DESCRIPTION
3933: "Write access is not required."
3934:
3935: OBJECT t11FcSpPoNotificationEnable
3936: MIN-ACCESS read-only
3937: DESCRIPTION
3938: "Write access is not required."
3939:
3940: OBJECT t11FcSpPoNaSummaryPolicyNameType
3941: MIN-ACCESS read-only
3942: DESCRIPTION
3943: "Write access is not required."
3944:
3945: OBJECT t11FcSpPoNaSummaryPolicyName
3946: MIN-ACCESS read-only
3947: DESCRIPTION
3948: "Write access is not required."
3949:
3950: OBJECT t11FcSpPoNaSummaryHashStatus
3951: MIN-ACCESS read-only
3952: DESCRIPTION
3953: "Write access is not required."
3954:
3955: OBJECT t11FcSpPoNaSummaryRowStatus
3956: MIN-ACCESS read-only
3957: DESCRIPTION
3958: "Write access is not required."
3959:
3960: OBJECT t11FcSpPoNaSwListFabricName
3961: MIN-ACCESS read-only
3962: DESCRIPTION
3963: "Write access is not required."
3964:
3965: OBJECT t11FcSpPoNaSwListRowStatus
3966: MIN-ACCESS read-only
3967: DESCRIPTION
3968: "Write access is not required."
3969:
3970: OBJECT t11FcSpPoNaSwMembFlags
3971: MIN-ACCESS read-only
3972: DESCRIPTION
3973: "Write access is not required."
3974:
3975: OBJECT t11FcSpPoNaSwMembDomainID
3976: MIN-ACCESS read-only
3977: DESCRIPTION
3978: "Write access is not required."
3979:
3980: OBJECT t11FcSpPoNaSwMembPolicyDataRole
3981: MIN-ACCESS read-only
3982: DESCRIPTION
3983: "Write access is not required."
3984:
3985: OBJECT t11FcSpPoNaSwMembAuthBehaviour
3986: MIN-ACCESS read-only
3987: DESCRIPTION
3988: "Write access is not required."
3989:
3990: OBJECT t11FcSpPoNaSwMembAttribute
3991: MIN-ACCESS read-only
3992: DESCRIPTION
3993: "Write access is not required."
3994:
3995: OBJECT t11FcSpPoNaSwMembRowStatus
3996: MIN-ACCESS read-only
3997: DESCRIPTION
3998: "Write access is not required."
3999:
4000: OBJECT t11FcSpPoNaNoMembFlags
4001: MIN-ACCESS read-only
4002: DESCRIPTION
4003: "Write access is not required."
4004:
4005: OBJECT t11FcSpPoNaNoMembCtAccessIndex
4006: MIN-ACCESS read-only
4007: DESCRIPTION
4008: "Write access is not required."
4009:
4010: OBJECT t11FcSpPoNaNoMembAttribute
4011: MIN-ACCESS read-only
4012: DESCRIPTION
4013: "Write access is not required."
4014:
4015: OBJECT t11FcSpPoNaNoMembRowStatus
4016: MIN-ACCESS read-only
4017: DESCRIPTION
4018: "Write access is not required."
4019:
4020: OBJECT t11FcSpPoNaCtDescrFlags
4021: MIN-ACCESS read-only
4022: DESCRIPTION
4023: "Write access is not required."
4024:
4025: OBJECT t11FcSpPoNaCtDescrGsType
4026: MIN-ACCESS read-only
4027: DESCRIPTION
4028: "Write access is not required."
4029:
4030: OBJECT t11FcSpPoNaCtDescrGsSubType
4031: MIN-ACCESS read-only
4032: DESCRIPTION
4033: "Write access is not required."
4034:
4035: OBJECT t11FcSpPoNaCtDescrRowStatus
4036: MIN-ACCESS read-only
4037: DESCRIPTION
4038: "Write access is not required."
4039:
4040: OBJECT t11FcSpPoNaSwConnAllowedNameType
4041: MIN-ACCESS read-only
4042: DESCRIPTION
4043: "Write access is not required."
4044:
4045: OBJECT t11FcSpPoNaSwConnAllowedName
4046: MIN-ACCESS read-only
4047: DESCRIPTION
4048: "Write access is not required."
4049:
4050: OBJECT t11FcSpPoNaSwConnRowStatus
4051: MIN-ACCESS read-only
4052: DESCRIPTION
4053: "Write access is not required."
4054:
4055: OBJECT t11FcSpPoNaIpMgmtWkpIndex
4056: MIN-ACCESS read-only
4057: DESCRIPTION
4058: "Write access is not required."
4059:
4060: OBJECT t11FcSpPoNaIpMgmtAttribute
4061: MIN-ACCESS read-only
4062: DESCRIPTION
4063: "Write access is not required."
4064:
4065: OBJECT t11FcSpPoNaIpMgmtRowStatus
4066: MIN-ACCESS read-only
4067: DESCRIPTION
4068: "Write access is not required."
4069:
4070: OBJECT t11FcSpPoNaWkpDescrFlags
4071: MIN-ACCESS read-only
4072: DESCRIPTION
4073: "Write access is not required."
4074:
4075: OBJECT t11FcSpPoNaWkpDescrWkpNumber
4076: MIN-ACCESS read-only
4077: DESCRIPTION
4078: "Write access is not required."
4079:
4080: OBJECT t11FcSpPoNaWkpDescrDestPort
4081: MIN-ACCESS read-only
4082: DESCRIPTION
4083: "Write access is not required."
4084:
4085: OBJECT t11FcSpPoNaWkpDescrRowStatus
4086: MIN-ACCESS read-only
4087: DESCRIPTION
4088: "Write access is not required."
4089:
4090: OBJECT t11FcSpPoNaAttribType
4091: MIN-ACCESS read-only
4092: DESCRIPTION
4093: "Write access is not required."
4094:
4095: OBJECT t11FcSpPoNaAttribValue
4096: MIN-ACCESS read-only
4097: DESCRIPTION
4098: "Write access is not required."
4099:
4100: OBJECT t11FcSpPoNaAttribRowStatus
4101: MIN-ACCESS read-only
4102: DESCRIPTION
4103: "Write access is not required."
4104:
4105: OBJECT t11FcSpPoNaAuthProtParams
4106: MIN-ACCESS read-only
4107: DESCRIPTION
4108: "Write access is not required."
4109:
4110: OBJECT t11FcSpPoNaAuthProtRowStatus
4111: MIN-ACCESS read-only
4112: DESCRIPTION
4113: "Write access is not required."
4114:
4115: ::= { t11FcSpPoMIBCompliances 1 }
4116:
4117: -- Units of Conformance
4118:
4119: t11FcSpPoActiveObjectsGroup OBJECT-GROUP
4120: OBJECTS { t11FcSpPoPolicySummaryObjName,
4121: t11FcSpPoAdminFabricName,
4122: t11FcSpPoActivatedTimeStamp,
4123: t11FcSpPoSummaryPolicyType,
4124: t11FcSpPoSummaryHashFormat,
4125: t11FcSpPoSummaryHashValue,
4126: t11FcSpPoSwMembSwitchFlags,
4127: t11FcSpPoSwMembDomainID,
4128: t11FcSpPoSwMembPolicyDataRole,
4129: t11FcSpPoSwMembAuthBehaviour,
4130: t11FcSpPoSwMembAttribute,
4131: t11FcSpPoNoMembFlags,
4132: t11FcSpPoNoMembCtAccessIndex,
4133: t11FcSpPoNoMembAttribute,
4134: t11FcSpPoCtDescrFlags,
4135: t11FcSpPoCtDescrGsType,
4136: t11FcSpPoCtDescrGsSubType,
4137: t11FcSpPoSwConnAllowedNameType,
4138: t11FcSpPoSwConnAllowedName,
4139: t11FcSpPoIpMgmtWkpIndex,
4140: t11FcSpPoIpMgmtAttribute,
4141: t11FcSpPoWkpDescrFlags,
4142: t11FcSpPoWkpDescrWkpNumber,
4143: t11FcSpPoWkpDescrDestPort,
4144: t11FcSpPoAttribType,
4145: t11FcSpPoAttribValue,
4146: t11FcSpPoAttribExtension,
4147: t11FcSpPoAuthProtParams
4148: }
4149: STATUS current
4150: DESCRIPTION
4151: "A collection of MIB objects which contain information
4152: about active Policy Objects which express Fibre Channel
4153: Security (FC-SP) policy."
4154: ::= { t11FcSpPoMIBGroups 1 }
4155:
4156: t11FcSpPoOperationsObjectsGroup OBJECT-GROUP
4157: OBJECTS { t11FcSpPoOperActivate,
4158: t11FcSpPoOperDeActivate,
4159: t11FcSpPoOperResult,
4160: t11FcSpPoOperFailCause
4161: }
4162: STATUS current
4163: DESCRIPTION
4164: "A collection of MIB objects which allow a new set of
4165: Fibre Channel Security (FC-SP) policies to be activated
4166: or an existing set to be deactivated."
4167: ::= { t11FcSpPoMIBGroups 2 }
4168:
4169: t11FcSpPoNonActiveObjectsGroup OBJECT-GROUP
4170: OBJECTS { t11FcSpPoStorageType,
4171: t11FcSpPoNaSummaryPolicyNameType,
4172: t11FcSpPoNaSummaryPolicyName,
4173: t11FcSpPoNaSummaryHashStatus,
4174: t11FcSpPoNaSummaryHashFormat,
4175: t11FcSpPoNaSummaryHashValue,
4176: t11FcSpPoNaSummaryRowStatus,
4177: t11FcSpPoNaSwListFabricName,
4178: t11FcSpPoNaSwListRowStatus,
4179: t11FcSpPoNaSwMembFlags,
4180: t11FcSpPoNaSwMembDomainID,
4181: t11FcSpPoNaSwMembPolicyDataRole,
4182: t11FcSpPoNaSwMembAuthBehaviour,
4183: t11FcSpPoNaSwMembAttribute,
4184: t11FcSpPoNaSwMembRowStatus,
4185: t11FcSpPoNaNoMembFlags,
4186: t11FcSpPoNaNoMembCtAccessIndex,
4187: t11FcSpPoNaNoMembAttribute,
4188: t11FcSpPoNaNoMembRowStatus,
4189: t11FcSpPoNaCtDescrFlags,
4190: t11FcSpPoNaCtDescrGsType,
4191: t11FcSpPoNaCtDescrGsSubType,
4192: t11FcSpPoNaCtDescrRowStatus,
4193: t11FcSpPoNaSwConnAllowedNameType,
4194: t11FcSpPoNaSwConnAllowedName,
4195: t11FcSpPoNaSwConnRowStatus,
4196: t11FcSpPoNaIpMgmtWkpIndex,
4197: t11FcSpPoNaIpMgmtAttribute,
4198: t11FcSpPoNaIpMgmtRowStatus,
4199: t11FcSpPoNaWkpDescrFlags,
4200: t11FcSpPoNaWkpDescrWkpNumber,
4201: t11FcSpPoNaWkpDescrDestPort,
4202: t11FcSpPoNaWkpDescrRowStatus,
4203: t11FcSpPoNaAttribType,
4204: t11FcSpPoNaAttribValue,
4205: t11FcSpPoNaAttribExtension,
4206: t11FcSpPoNaAttribRowStatus,
4207: t11FcSpPoNaAuthProtParams,
4208: t11FcSpPoNaAuthProtRowStatus
4209: }
4210: STATUS current
4211: DESCRIPTION
4212: "A collection of MIB objects which contain information
4213: about non-active Policy Objects available for activation
4214: in order to change Fibre Channel Security (FC-SP) policy."
4215: ::= { t11FcSpPoMIBGroups 3 }
4216:
4217: t11FcSpPoStatsObjectsGroup OBJECT-GROUP
4218: OBJECTS { t11FcSpPoInRequests,
4219: t11FcSpPoInAccepts,
4220: t11FcSpPoInRejects
4221: }
4222: STATUS current
4223: DESCRIPTION
4224: "A collection of MIB objects which contain statistics
4225: which can be maintained by FC-SP Security Policy Servers."
4226: ::= { t11FcSpPoMIBGroups 4 }
4227:
4228: t11FcSpPoNotifyObjectsGroup OBJECT-GROUP
4229: OBJECTS { t11FcSpPoNotificationEnable,
4230: t11FcSpPoServerAddress,
4231: t11FcSpPoLastNotifyType,
4232: t11FcSpPoRequestSource,
4233: t11FcSpPoReasonCode,
4234: t11FcSpPoCtCommandString,
4235: t11FcSpPoReasonCodeExp,
4236: t11FcSpPoReasonVendorCode
4237: }
4238: STATUS current
4239: DESCRIPTION
4240: "A collection of MIB objects to control the generation of
4241: notifications concerning Fibre Channel Security (FC-SP)
4242: policy, and to hold information contained in such
4243: notifications."
4244: ::= { t11FcSpPoMIBGroups 5 }
4245:
4246: t11FcSpPoNotificationGroup NOTIFICATION-GROUP
4247: NOTIFICATIONS { t11FcSpPoNotifyActivation,
4248: t11FcSpPoNotifyActivateFail,
4249: t11FcSpPoNotifyDeactivation,
4250: t11FcSpPoNotifyDeactivateFail
4251: }
4252: STATUS current
4253: DESCRIPTION
4254: "A collection of notifications of events concerning
4255: Fibre Channel Security (FC-SP) policy."
4256: ::= { t11FcSpPoMIBGroups 6 }
4257:
4258: END
4259:
4260: --
4261: -- Copyright (C) The IETF Trust (2007). This document is subject to the
4262: -- rights, licenses and restrictions contained in BCP 78, and except as
4263: -- set forth therein, the authors retain all their rights.
4264: --
4265: -- This document and the information contained herein are provided on an
4266: -- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
4267: -- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
4268: -- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
4269: -- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
4270: -- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
4271: -- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
4272: --
4273: -- Disclaimer of validity
4274: --
4275: -- The IETF takes no position regarding the validity or scope of any
4276: -- Intellectual Property Rights or other rights that might be claimed to
4277: -- pertain to the implementation or use of the technology described in
4278: -- this document or the extent to which any license under such rights
4279: -- might or might not be available; nor does it represent that it has
4280: -- made any independent effort to identify any such rights. Information
4281: -- on the procedures with respect to rights in RFC documents can be
4282: -- found in BCP 78 and BCP 79.
4283: --
4284: -- Copies of IPR disclosures made to the IETF Secretariat and any
4285: -- assurances of licenses to be made available, or the result of an
4286: -- attempt made to obtain a general license or permission for the use of
4287: -- such proprietary rights by implementers or users of this
4288: -- specification can be obtained from the IETF on-line IPR repository at
4289: -- http://www.ietf.org/ipr.
4290: --
4291: -- The IETF invites any interested party to bring to its attention any
4292: -- copyrights, patents or patent applications, or other proprietary
4293: -- rights that may cover technology that may be required to implement
4294: -- this standard. Please address the information to the IETF at
4295: -- ietf-ipr@ietf.org.
4296: --
4297: -- Acknowledgment
4298: --
4299: -- Funding for the RFC Editor function is currently provided by the
4300: -- Internet Society.
4301: