
BAY-STACK-SOURCE-GUARD-MIB DEFINITIONS ::= BEGIN

IMPORTS
    OBJECT-TYPE, MODULE-IDENTITY
        FROM SNMPv2-SMI
    MacAddress
        FROM SNMPv2-TC
    InterfaceIndex
        FROM IF-MIB
    InetAddressType, InetAddress
        FROM INET-ADDRESS-MIB
    bayStackMibs
        FROM SYNOPTICS-ROOT-MIB;

bayStackSourceGuardMib MODULE-IDENTITY
      LAST-UPDATED "200705070000Z"
      ORGANIZATION "Nortel Ltd."
      CONTACT-INFO "nortel.com"
      DESCRIPTION
              "This MIB module is used for IP Source Guard
               settings in Nortel's software and products."

      REVISION     "200705070000Z"  -- May 07, 2007
      DESCRIPTION
              "Ver 2:  Fixed some DESCRIPTION clauses."

      REVISION     "200703230000Z"  -- March 23, 2007
      DESCRIPTION
              "Ver 1:  Initial version."
      ::= { bayStackMibs 20 }

bsSourceGuardNotifications OBJECT IDENTIFIER ::= { bayStackSourceGuardMib 0 }
bsSourceGuardObjects       OBJECT IDENTIFIER ::= { bayStackSourceGuardMib 1 }

--
-- configuration table
--

bsSourceGuardConfigTable   OBJECT-TYPE
    SYNTAX SEQUENCE OF BsSourceGuardConfigEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This table is used to configure IP Source Guard per port."
    ::= { bsSourceGuardObjects 1 }

bsSourceGuardConfigEntry OBJECT-TYPE
    SYNTAX       BsSourceGuardConfigEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry containing objects for configuring IP Source Guard
         settings for a port."
    INDEX { bsSourceGuardConfigIfIndex }
    ::= { bsSourceGuardConfigTable 1 }

BsSourceGuardConfigEntry ::=
    SEQUENCE {
        bsSourceGuardConfigIfIndex InterfaceIndex,
        bsSourceGuardConfigMode    INTEGER
    }

bsSourceGuardConfigIfIndex OBJECT-TYPE
    SYNTAX      InterfaceIndex
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The interface on which Source Guard configuration setting apply."
    ::= { bsSourceGuardConfigEntry 1 }

bsSourceGuardConfigMode OBJECT-TYPE
    SYNTAX       INTEGER {
                     disabled(1),
                     ip(2)
                 }
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
        "This object is used to control the Source Guard mode on an
         interface.  The values are as follows:

           disabled(1) - Source Guard is disabled on this interface.

           ip(2) - Source Guard only allows traffic from a list of IP
                   addresses on this interface."
    ::= { bsSourceGuardConfigEntry 2 }

--
-- address table
--

bsSourceGuardAddrTable   OBJECT-TYPE
    SYNTAX SEQUENCE OF BsSourceGuardAddrEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This table contains a list of internet and/or MAC addresses
         allowed by Source Guard on an interface.  An entry in this
         table must indicate either a valid internet address and/or
         a valid MAC address.  This means that an entry may not exist
         where the value of bsSourceGuardAddrType is unknown(0) and
         the value of bsSourceGuardAddrMACAddr is 00:00:00:00:00:00.

         If an entry indicates only an internet address, Source Guard
         will allow that address regardless of MAC address.

         Note that currently, MAC addresses are not supported.  This
         means that currently, the value of bsSourceGuardAddrMACAddr
         must always by 00:00:00:00:00:00, and the value of
         bsSourceGuardAddrType must not be unknown(0)."
    ::= { bsSourceGuardObjects 2 }

bsSourceGuardAddrEntry OBJECT-TYPE
    SYNTAX       BsSourceGuardAddrEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry containing an address allowed by Source Guard on
         an interface."
    INDEX { bsSourceGuardAddrIndex,
            bsSourceGuardAddrType,
            bsSourceGuardAddrAddress,
            bsSourceGuardAddrMACAddr }
    ::= { bsSourceGuardAddrTable 1 }

BsSourceGuardAddrEntry ::=
    SEQUENCE {
        bsSourceGuardAddrIndex     InterfaceIndex,
        bsSourceGuardAddrType      InetAddressType,
        bsSourceGuardAddrAddress   InetAddress,
        bsSourceGuardAddrMACAddr   MacAddress,
        bsSourceGuardAddrSource    INTEGER
    }

bsSourceGuardAddrIndex OBJECT-TYPE
    SYNTAX      InterfaceIndex
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The ifIndex value of the interface."
    ::= { bsSourceGuardAddrEntry 1 }

bsSourceGuardAddrType OBJECT-TYPE
    SYNTAX       InetAddressType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The type of internet address contained in the corresponding
         instance of bsSourceGuardAddrAddress.  If the value of this
         object is other(0), then the corresponding instance of
         bsSourceGuardAddrAddress must be a zero length value."
    ::= { bsSourceGuardAddrEntry 2 }

bsSourceGuardAddrAddress OBJECT-TYPE
    SYNTAX       InetAddress
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The internet address allowed by Source Guard on this interface.
         If this object contains a zero length value, then the Source
         Guard feature will not use the value."
    ::= { bsSourceGuardAddrEntry 3 }

bsSourceGuardAddrMACAddr OBJECT-TYPE
    SYNTAX       MacAddress
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The ethernet MAC address allowed by Source Guard on this interface.
         If this object contains the value 00:00:00:00:00:00, then the
         Source Guard feature will not use the value."
    ::= { bsSourceGuardAddrEntry 4 }

bsSourceGuardAddrSource OBJECT-TYPE
    SYNTAX       INTEGER {
                     dhcpSnooping(1)
                 }
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION
        "The source of the address(es).  Currently, the only source is
         from dhcp snooping.  In the future, static addresses will
         be allowed."
    ::= { bsSourceGuardAddrEntry 5 }

END

