-- Port Security MIB overview:
-- Port Security MIB falls under fastPath MIB node of the private subtree.

NETGEAR-PORTSECURITY-PRIVATE-MIB DEFINITIONS ::= BEGIN

-- Broadcom Corporation FASTPATH Port Security MIB
-- Copyright Broadcom Corporation(2004-2007) All rights reserved.

-- This SNMP Management Information Specification
-- embodies Broadcom Corporation's confidential and proprietary
-- intellectual property.  Broadcom Corporation retains all title
-- and ownership in the Specification including any revisions.

-- This Specification is supplied "AS IS", Broadcom Corporation
-- makes no warranty, either expressed or implied,
-- as to the use, operation, condition, or performance of the
-- Specification.



IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
    Unsigned32                          FROM SNMPv2-SMI
    TEXTUAL-CONVENTION,RowStatus,
    MacAddress                          FROM SNMPv2-TC
    ifIndex                             FROM IF-MIB

    DisplayString                       FROM RFC1213-MIB
    ng7000managedswitch                 FROM NETGEAR-REF-MIB;

    fastPathPortSecurity MODULE-IDENTITY
           LAST-UPDATED "200705230000Z" -- 23 May 2007 12:00:00 GMT
           ORGANIZATION "Netgear"
           CONTACT-INFO
           ""
 
     DESCRIPTION
          "The Netgear Private MIB for FASTPATH Port Security Feature."

      -- Revision history.
      REVISION
          "200705230000Z" -- 23 May 2007 12:00:00 GMT
      DESCRIPTION
          "Netgear branding related changes."

      ::= { ng7000managedswitch 20 }


     --**************************************************************************************
    -- agentPortSecurityGroup -> contains MIB objects displaying Port Security
    -- and associated Functionality 
    --
    --**************************************************************************************

agentPortSecurityGroup OBJECT IDENTIFIER ::= { fastPathPortSecurity 1}

agentGlobalPortSecurityMode OBJECT-TYPE
    SYNTAX      INTEGER {
                enable(1),
                disable(2)
                }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
                "Mode showing whether at the global level, port security is enabled or not." 
    DEFVAL { disable }
        ::={ agentPortSecurityGroup 1 }
        
agentPortSecurityTable OBJECT-TYPE
        SYNTAX       SEQUENCE OF AgentPortSecurityEntry
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION "A table for Port Security and associated functionality."
        ::= { agentPortSecurityGroup 2 }

agentPortSecurityEntry OBJECT-TYPE
        SYNTAX AgentPortSecurityEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION "Represents entry for port security table"
        INDEX       { ifIndex }
        ::={ agentPortSecurityTable 1}

        AgentPortSecurityEntry ::=
                SEQUENCE {
                agentPortSecurityMode
                        INTEGER,
                agentPortSecurityDynamicLimit
                        Unsigned32,
                agentPortSecurityStaticLimit
                        Unsigned32,
                agentPortSecurityViolationTrapMode
                        INTEGER,
                agentPortSecurityStaticMACs
                        DisplayString,
                agentPortSecurityLastDiscardedMAC
                        DisplayString,
                agentPortSecurityMACAddressAdd
                        DisplayString,
                agentPortSecurityMACAddressRemove
                        DisplayString,
                agentPortSecurityMACAddressMove
                        INTEGER                         
                }

        agentPortSecurityMode OBJECT-TYPE
          SYNTAX      INTEGER {
                enable(1),
                disable(2)
                }
          MAX-ACCESS read-write
          STATUS current
          DESCRIPTION
                "Mode showing whether at port level security is enabled or not." 
          DEFVAL { disable }
          ::={ agentPortSecurityEntry 1 }
        
        agentPortSecurityDynamicLimit OBJECT-TYPE
        SYNTAX  Unsigned32(0..600)
                MAX-ACCESS read-write
                STATUS current
                DESCRIPTION
                        "This variable signifies the limit of dynamically locked MAC addresses 
                         allowed on a specific port."
            DEFVAL { 600 }
        ::={ agentPortSecurityEntry 2 } 
                
        agentPortSecurityStaticLimit OBJECT-TYPE
        SYNTAX  Unsigned32(0..20)
                MAX-ACCESS read-write
                STATUS current
                DESCRIPTION
                        "This variable signifies the limit of statically locked MAC addresses 
                         allowed on a specific port."
            DEFVAL { 20 }
                ::={ agentPortSecurityEntry 3 }
                
                
        agentPortSecurityViolationTrapMode OBJECT-TYPE
                SYNTAX      INTEGER {
                    enable(1),
                    disable(2)
                    }
                MAX-ACCESS read-write
                STATUS current
                DESCRIPTION
                        "This variable is used to enable or disable the sending of new violation 
                         traps designating when a packet with a disallowed MAC address is 
                         received on a locked port."
                ::={agentPortSecurityEntry 4 }
                
        agentPortSecurityStaticMACs OBJECT-TYPE
                SYNTAX      DisplayString
                MAX-ACCESS read-only
                STATUS current
                DESCRIPTION
                        "This variable displays the statically locked MAC addresses for port.
                         The list displayed in a particular fashion :
                         2 a0:b1:c2:d1:e3:a1,11 a0:b1:c2:d3:e4:f5 
                         (i.e., VLAN MAC pairs separated by commas)."
                ::={agentPortSecurityEntry 6 }
                
        agentPortSecurityLastDiscardedMAC OBJECT-TYPE
                SYNTAX      DisplayString
                MAX-ACCESS read-only
                STATUS current
                DESCRIPTION
                        "This variable displays the vlan-id and source MAC address of the last packet that was
                         discarded on a locked port."
                ::={agentPortSecurityEntry 7 }
                
        
        agentPortSecurityMACAddressAdd OBJECT-TYPE
                SYNTAX      DisplayString
                MAX-ACCESS  read-write 
                STATUS current
                DESCRIPTION
                "This MIB variable accepts a VLAN id and MAC address to be added to the list
                 of statically locked MAC addresses on a port. The VLAN id and MAC address combination 
                 would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
                 MAC address separated by a blank-space)." 
                ::={ agentPortSecurityEntry 8 }
    
        agentPortSecurityMACAddressRemove OBJECT-TYPE
                SYNTAX      DisplayString
                MAX-ACCESS  read-write 
                STATUS current
                DESCRIPTION
                "This MIB variable accepts a VLAN id and MAC address to be removed from the list
                 of statically locked MAC addresses on a port.. The VLAN id and MAC address combination 
                 would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
                 MAC address separated by a blank-space)." 
                ::={ agentPortSecurityEntry 9 }
    
        agentPortSecurityMACAddressMove OBJECT-TYPE
                SYNTAX      INTEGER {
                enable(1),
                disable(2)
                }
                MAX-ACCESS  read-write
                STATUS current
                DESCRIPTION
                "When this object is enabled, all the dynamically locked MAC addresses will
                 be moved to statically locked addresses on a port. GET operation on this object will display 
                 disable." 
                 ::={ agentPortSecurityEntry 10 }
 --**********************************************************************--

        agentPortSecurityDynamicTable OBJECT-TYPE
            SYNTAX       SEQUENCE OF AgentPortSecurityDynamicEntry
            MAX-ACCESS   not-accessible
            STATUS       current
            DESCRIPTION "A table for Port Security Dynamic and associated functionality."
            ::= { agentPortSecurityGroup 3 }

        agentPortSecurityDynamicEntry OBJECT-TYPE
            SYNTAX AgentPortSecurityDynamicEntry
            MAX-ACCESS not-accessible
            STATUS current
            DESCRIPTION "Represents entry for port MAC Locking table"
            INDEX       { ifIndex,agentPortSecurityDynamicVLANId,agentPortSecurityDynamicMACAddress }
            ::={ agentPortSecurityDynamicTable 1}

        AgentPortSecurityDynamicEntry ::=
                SEQUENCE {
                agentPortSecurityDynamicVLANId
                        Unsigned32,
                agentPortSecurityDynamicMACAddress
                        MacAddress
                }

        
        agentPortSecurityDynamicVLANId OBJECT-TYPE
                SYNTAX      Unsigned32
                MAX-ACCESS read-only
                STATUS current
                DESCRIPTION
                        "Source VLAN id of the packet that is received on the dynamically locked port."
                ::={agentPortSecurityDynamicEntry 1 }
                
        
        agentPortSecurityDynamicMACAddress OBJECT-TYPE
                SYNTAX  MacAddress
                MAX-ACCESS read-only
                STATUS current
                DESCRIPTION
                        "Source MAC address of the packet that is received on the dynamically locked port."
            ::={ agentPortSecurityDynamicEntry 2 }

                 
    --**************************************************************************************
    -- agentPortSecurity   Traps
    --
    --**************************************************************************************

    agentPortSecurityTraps                           OBJECT IDENTIFIER ::= { fastPathPortSecurity 2 }

    agentPortSecurityViolation NOTIFICATION-TYPE
        OBJECTS {
                 ifIndex,
                 agentPortSecurityLastDiscardedMAC
                }
        STATUS  current
        DESCRIPTION
            "Sent when a packet is received on a locked port with a source MAC address 
             that is not allowed."
         ::= { agentPortSecurityTraps 1 }



END

