claudio/VSC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Issue

Browse Source 
Code backup
This commit is contained in:
Claudio
2026-05-10 16:59:01 +02:00
commit 368d6fafea
796 changed files with 315310 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Icinga2/_Test/WatchGuard File/WatchGuard MIB/IPSEC-ISAKMP-IKE-DOI-TC.txt
+712
View File
@@ -0,0 +1,712 @@
IPSEC-ISAKMP-IKE-DOI-TC DEFINITIONS ::= BEGIN
IMPORTS
-- make this mib a temporary watchguard extension before it becomes RFC
watchguard
FROM WATCHGUARD-SMI
-- delete next line before release
experimental,
MODULE-IDENTITY, Unsigned32 FROM SNMPv2-SMI
-- uncomment next line before release
mib-2 FROM RFC1213-MIB
TEXTUAL-CONVENTION FROM SNMPv2-TC;
ipsecIsakmpIkeDoiTC MODULE-IDENTITY
LAST-UPDATED "9907132145Z"
ORGANIZATION "Shiva"
CONTACT-INFO "John Shriver
Intel Corporation
28 Crosby Drive
Bedford, MA 01730
Phone:
+1-781-687-1329
E-mail:
John.Shriver@intel.com"
DESCRIPTION "The MIB module which defines the textual conventions
used in IPSEC MIBs. This includes Internet DOI
numbers defined in RFC 2407, ISAKMP numbers defined
in RFC 2408, and IKE numbers defined in RFC 2409.
These Textual Conventions are defined in a seperate
MIB module since they are protocol numbers managed
by the IANA. Revision control after publication
will be under the authority of the IANA."
REVISION "9902181705Z"
DESCRIPTION "Added IsakmpDOI TEXTUAL-CONVENTION."
REVISION "9903051545Z"
DESCRIPTION "Changed CONTACT-INFO."
REVISION "9907132145Z"
DESCRIPTION "Put in real experimental branch number for module."
REVISION "9910051705Z"
DESCRIPTION "Added exchange types, tracked IKE standard. Split
IkeNotifyMessageType off of IsakmpNotifyMessageType."
REVISION "9910151950Z"
DESCRIPTION "Removed stray comma in IsakmpNotifyMessageType."
-- replace xxx in next line before release, uncomment before release
-- ::= { mib-2 xxx }
-- delete next line before release
-- ::= { experimental 100 }
::= { watchguard 100 }
-- The first group of textual conventions are based on definitions
-- in the IPSEC DOI, RFC 2407.
IpsecDoiSituation ::= TEXTUAL-CONVENTION
DISPLAY-HINT "x"
STATUS current
DESCRIPTION "The IPSEC DOI Situation provides information that
can be used by the responder to make a policy
determination about how to process the incoming
Security Association request.
It is a four (4) octet bitmask, with the following
values:
sitIdentityOnly 0x01
sitSecrecy 0x02
sitIntegrity 0x04
The upper two bits (0x80000000 and 0x40000000) are
reserved for private use amongst cooperating
systems."
REFERENCE "RFC 2407 sections 4.2 and 6.2"
SYNTAX Unsigned32 (0..4294967295)
-- The syntax is not BITS, because we want the representation
-- to be the same here as it is in the ISAKMP/IKE protocols.
IpsecDoiSecProtocolId ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the IPSEC DOI values for the Protocol-Id
field in an ISAKMP Proposal Payload, and in all
Notification Payloads.
They are also used as the Protocol-ID In the
Notification Payload and the Delete Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 section 4.4.1"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
protoIsakmp(1), -- message protection
-- required during Phase I
-- of the IKE protocol
protoIpsecAh(2), -- IP packet authentication
-- via Authentication Header
protoIpsecEsp(3), -- IP packet confidentiality
-- via Encapsulating
-- Security Payload
protoIpcomp(4) -- IP payload compression
}
IpsecDoiTransformIdent ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPSEC DOI ISAKMP Transform Identifier is an
8-bit value which identifies a key exchange protocol
to be used for the negotiation. It is used in the
Transform-Id field of an IKE Phase I Transform
Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.2 and 6.3"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
keyIke(1) -- the hybrid ISAKMP/Oakley
-- Diffie-Hellman key
-- exchange
}
IpsecDoiAhTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPSEC DOI AH Transform Identifier is an 8-bit
value which identifies a particular algorithm to be
used to provide integrity protection for AH. It is
used in the Tranform-ID field of a ISAKMP Transform
Payload for the IPSEC DOI, when the Protocol-Id of
the associated Proposal Payload is 2 (AH).
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.3 and 6.4"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
reserved1(1), -- reserved
ahMd5(2), -- generic AH transform
-- using MD5
ahSha(3), -- generic AH transform
-- using SHA-1
ahDes(4) -- generic AH transform
-- using DES
}
IpsecDoiEspTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPSEC DOI ESP Transform Identifier is an 8-bit
value which identifies a particular algorithm to be
used to provide secrecy protection for ESP. It is
used in the Tranform-ID field of a ISAKMP Transform
Payload for the IPSEC DOI, when the Protocol-Id of
the associated Proposal Payload is 2 (AH), 3 (ESP),
and 4 (IPCOMP).
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.4 and 6.5"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
espDesIv64(1), -- DES-CBC transform defined
-- in RFC 1827 and RFC 1829
-- using a 64-bit IV
espDes(2), -- generic DES transform
-- using DES-CBC
esp3Des(3), -- generic triple-DES
-- transform
espRc5(4), -- RC5 transform
espIdea(5), -- IDEA transform
espCast(6), -- CAST transform
espBlowfish(7), -- BLOWFISH transform
esp3Idea(8), -- reserved for triple-IDEA
espDesIv32(9), -- DES-CBC transform defined
-- in RFC 1827 and RFC 1829
-- using a 32-bit IV
espRc4(10), -- reserved for RC4
espNull(11) -- no confidentiality
-- provided by ESP
}
IpsecDoiAuthAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The ESP Authentication Algorithm used in the IPSEC
DOI as a SA Attributes definition in the Transform
Payload of Phase II of an IKE negotiation. This
set of values defines the AH authentication
algorithm, when the associated Proposal Payload has
a Protocol-ID of 2 (AH). This set of values
defines the ESP authentication algorithm, when the
associated Proposal Payload has a Protocol-ID
of 3 (ESP).
Values 5-61439 are reserved to IANA.
Values 61440-65535 are for private use.
In a MIB, a value of 0 indicates that ESP
has been negotiated without authentication."
REFERENCE "RFC 2407 section 4.5"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
hmacMd5(1),
hmacSha(2),
desMac(3),
kpdk(4)
}
IpsecDoiIpcompTransform ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPSEC DOI IPCOMP Transform Identifier is an
8-bit value which identifies a particular algorithm
to be used to provide IP-level compression before
ESP. It is used in the Tranform-ID field of a ISAKMP
Transform Payload for the IPSEC DOI, when the
Protocol-Id of the associated Proposal Payload
is 4 (IPCOMP).
The values 1-47 are reserved for algorithms for which
an RFC has been approved for publication.
The values 48-63 are reserved for private use amongst
cooperating systems.
The values 64-255 are reserved for future expansion."
REFERENCE "RFC 2407 sections 4.4.5 and 6.6"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
ipcompOui(1), -- proprietary compression
-- transform
ipcompDeflate(2), -- "zlib" deflate algorithm
ipcompLzs(3) -- Stac Electronics LZS
}
IpsecDoiEncapsulationMode ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The Encapsulation Mode used as an IPSEC DOI
SA Attributes definition in the Transform Payload
of a Phase II IKE negotiation. This set of
values defines encapsulation modes used for AH,
ESP, and IPCOMP when the associated Proposal Payload
has a Protocol-ID of 3 (ESP).
Values 3-61439 are reserved to IANA.
Values 61440-65535 are for private use."
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
tunnel(1),
transport(2)
}
IpsecDoiIdentType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "The IPSEC DOI Identification Type is an 8-bit value
which is used in the ID Type field as a discriminant
for interpretation of the variable-length
Identification Payload.
The values 249-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2407 sections 4.4.5, 4.6.2.1, and 6.9"
SYNTAX INTEGER {
reserved(0), -- reserved in DOI
idIpv4Addr(1), -- a single four (4) octet
-- IPv4 address
idFqdn(2), -- fully-qualified domain
-- name string
idUserFqdn(3), -- fully-qualified username
-- string
idIpv4AddrSubnet(4),
-- a range of IPv4 addresses,
-- represented by two
-- four (4) octet values,
-- where the first is an
-- address and the second
-- is a mask
idIpv6Addr(5), -- a single sixteen (16)
-- octet IPv6 address
idIpv6AddrSubnet(6),
-- a range of IPv6 addresses,
-- represented by two
-- sixteen (16) octet values,
-- where the first is an
-- address and the second
-- is a mask
idIpv4AddrRange(7), -- a range of IPv4 addresses,
-- represented by two
-- four (4) octet values,
-- where the first is the
-- beginning IPv4 address
-- and the second is the
-- ending IPv4 address
idIpv6AddrRange(8), -- a range of IPv6 addresses,
-- represented by two
-- sixteen (16) octet values,
-- where the first is the
-- beginning IPv6 address
-- and the second is the
-- ending IPv6 address
idDerAsn1Dn(9), -- the binary DER encoding of
-- ASN1 X.500
-- DistinguishedName
idDerAsn1Gn(10), -- the binary DER encoding of
-- ASN1 X.500 GeneralName
idKeyId(11) -- opaque byte stream which
-- may be used to pass
-- vendor-specific
-- information
}
-- The second group of textual conventions are based on defintions
-- the ISAKMP protocol, RFC 2408.
IsakmpDOI ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the domain of interpretation values for
the ISAKMP Protocol. They are a 32-bit value
used in the Domain of Interpretation field of the
Security Association Payload.
Values 2-4294967295 are reserved to the IANA."
REFERENCE "RFC 2048 section 3.4."
SYNTAX INTEGER {
isakmp(0), -- generic ISAKMP SA in
-- Phase 1, which can be
-- used for any protocol
-- in Phase 2
ipsecDOI(1) -- the IPsec DOI as
-- specified in RFC 2407
}
IsakmpCertificateEncoding ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of
certificate-related information contained in the
Certificate Data field of a Certificate Payload.
They are used in the Cert Encoding field of the
Certificate Payload.
Values 11-255 are reserved."
REFERENCE "RFC 2408 section 3.9"
SYNTAX INTEGER {
pkcs7(1), -- PKCS #7 wrapped
-- X.509 certificate
pgp(2), -- PGP Certificate
dnsSignedKey(3), -- DNS Signed Key
x509Signature(4), -- X.509 Certificate:
-- Signature
x509KeyExchange(5), -- X.509 Certificate:
-- Key Exchange
kerberosTokens(6), -- Kerberos Tokens
crl(7), -- Certificate Revocation
-- List (CRL)
arl(8), -- Authority Revocation
-- List (ARL)
spki(9), -- SPKI Certificate
x509Attribute(10) -- X.509 Certificate:
-- Attribute
}
IsakmpExchangeType ::= TEXTUAL-CONVENTION
--
-- When revising IsakmpExchangeType, consider revising
-- IkeExchangeType as well.
--
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values used for the exchange types in
the ISAKMP header.
Values up to 31 are reserved for future
DOI-independent assignment for ISAKMP.
The values 240-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2408 section 3.1"
SYNTAX INTEGER {
reserved(0),
base(1), -- base mode
identityProtect(2), -- identity protection
authOnly(3), -- authentication only
aggressive(4), -- aggressive mode
informational(5) -- informational
}
IsakmpNotifyMessageType ::= TEXTUAL-CONVENTION
--
-- If you change this, you probably want to
-- change IkeNotifyMessageType.
--
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of notification
messages. They are used as the Notify Message Type
field in the Notification Payload.
This textual convention merges the types
for error types (in the range 1-16386) and for
notification types (in the range 16384-65535).
The values 16001-16383 are reserved for private use
as error types amongst cooperating systems.
The values 24576-32767 are reserved for use in
each DOI. Each DOI should have a clone of this
textual convention adding local values.
The values 32768-40958 are reserved for private use
as notification types amongst cooperating systems."
REFERENCE "RFC 2408 section 3.14.1"
SYNTAX INTEGER {
-- Values defined for errors in ISAKMP
--
reserved(0), -- reserved in DOI
invalidPayloadType(1),
doiNotSupported(2),
situationNotSupported(3),
invalidCookie(4),
invalidMajorVersion(5),
invalidMinorVersion(6),
invalidExchangeType(7),
invalidFlags(8),
invalidMessageId(9),
invalidProtocolId(10),
invalidSpi(11),
invalidTransformId(12),
attributesNotSupported(13),
noProposalChosen(14),
badProposalSyntax(15),
payloadMalformed(16),
invalidKeyInformation(17),
invalidIdInformation(18),
invalidCertEncoding(19),
invalidCertificate(20),
certTypeUnsupported(21),
invalidCertAuthority(22),
invalidHashInformation(23),
authenticationFailed(24),
invalidSignature(25),
addressNotification(26),
notifySaLifetime(27),
certificateUnavailable(28),
unsupportedExchangeType(29),
unequalPayloadLengths(30)
-- values defined for errors in IPSEC DOI
-- (none)
-- values defined for notification in ISAKMP
-- (none)
-- values defined for notification in
-- each DOI (clone this TC)
}
-- The third group of textual conventions are based on defintions
-- the IKE key exchange protocol, RFC 2409.
IkeExchangeType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values used for the exchange types in
the ISAKMP header.
The values 32-239 are DOI-specific, these values are
for the IPSec DOI used by IKE.
The values 240-255 are reserved for private use
amongst cooperating systems."
REFERENCE "RFC 2409 Appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0),
base(1), -- base mode
mainMode(2), -- main mode
authOnly(3), -- authentication only
aggressive(4), -- aggressive mode
informational(5), -- informational
quickMode(32), -- quick mode
newGroupMode(33), -- new group mode
acknowledgedInfo(34)
-- acknowledged informational
}
IkeEncryptionAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for encryption algorithms negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Encryption
Algorithm (1).
Values 7-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
desCbc(1), -- RFC 2405
ideaCbc(2),
blowfishCbc(3),
rc5R16B64Cbc(4), -- RC5 R16 B64 CBC
tripleDesCbc(5), -- 3DES CBC
castCbc(6)
}
IkeHashAlgorithm ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for hash algorithms negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Hash Algorithm (2).
Values 4-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
md5(1), -- RFC 1321
sha(2), -- FIPS 180-1
tiger(3)
}
IkeAuthMethod ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for authentication methods negotiated
for the ISAKMP SA by IKE in Phase I. These are
values for SA Attrbute type Authentication
Method (3).
Values 6-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
preSharedKey(1),
dssSignatures(2),
rsaSignatures(3),
encryptionWithRsa(4),
revisedEncryptionWithRsa(5),
encryptionWithElGamal(6),
revisedEncryptionWithElGamal(7)
}
IkeGroupDescription ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Oakley key computation groups for
Diffie-Hellman exchange negotiated for the ISAKMP
SA by IKE in Phase I. They are also used in Phase II
when perfect forward secrecy is in use. These are
values for SA Attrbute type Group Description (4)."
REFERENCE "RFC 2409 appendix A,
draft-ietf-ipsec-ike-01.txt appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
modp768(1), -- default 768-bit MODP group
modp1024(2), -- alternate 1024-bit MODP
-- group
ec2nGalois2P155(3), -- EC2N group on Galois
-- Field GF[2^155]
ec2nGalois2P185(4), -- EC2N group on Galois
-- Field GF[2^185]
modp1536(5) -- alternate 1536-bit MODP
-- group
}
IkeGroupType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Oakley key computation group types
negotiated for the ISAKMP SA by IKE in Phase I.
They are also used in Phase II when perfect forward
secrecy is in use. These are values for SA Attribute
type Group Type (5)."
REFERENCE "RFC 2409 appendix A"
SYNTAX INTEGER {
reserved(0), -- reserved in IKE
modp(1), -- modular eponentiation
-- group
ecp(2), -- elliptic curve group over
-- Galois Field GF[P]
ec2n(3) -- elliptic curve group over
-- Galois Field GF[2^N]
}
IkePrf ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "Values for Pseudo-Random Functions used with
with the hash algorithm negotiated for the ISAKMP SA
by IKE in Phase I. There are currently no
pseudo-random functions defined, the default HMAC is
always used. These are values for SA Attribute type
PRF (13).
Values 1-65000 are reserved to IANA.
Values 65001-65535 are for private use among
mutually consenting parties."
REFERENCE "RFC 2409 appendix A"
SYNTAX Unsigned32 (0..65535)
IkeNotifyMessageType ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION "These are the values for the types of notification
messages. They are used as the Notify Message Type
field in the Notification Payload.
This textual convention merges the types
for error types (in the range 1-16386) and for
notification types (in the range 16384-65535).
This textual convention is a merge of values
defined by ISAKMP with the additional values
defined in the IPSEC DOI.
The values 16001-16383 are reserved for private use
as error types amongst cooperating systems.
The values 32001-32767 are reserved for private use
as notification types amongst cooperating systems."
REFERENCE "RFC 2408 section 3.14.1 and RFC 2407 sections 4.6.3
and 6.10"
SYNTAX INTEGER {
-- Values defined for errors in ISAKMP
--
reserved(0), -- reserved in DOI
invalidPayloadType(1),
doiNotSupported(2),
situationNotSupported(3),
invalidCookie(4),
invalidMajorVersion(5),
invalidMinorVersion(6),
invalidExchangeType(7),
invalidFlags(8),
invalidMessageId(9),
invalidProtocolId(10),
invalidSpi(11),
invalidTransformId(12),
attributesNotSupported(13),
noProposalChosen(14),
badProposalSyntax(15),
payloadMalformed(16),
invalidKeyInformation(17),
invalidIdInformation(18),
invalidCertEncoding(19),
invalidCertificate(20),
certTypeUnsupported(21),
invalidCertAuthority(22),
invalidHashInformation(23),
authenticationFailed(24),
invalidSignature(25),
addressNotification(26),
notifySaLifetime(27),
certificateUnavailable(28),
unsupportedExchangeType(29),
unequalPayloadLengths(30),
-- values defined for errors in IPSEC DOI
-- (none)
-- values defined for notification in ISAKMP
-- (none)
-- values defined for notification in IPSEC
-- DOI
responderLifetime(24576),
-- used to communicate IPSEC
-- SA lifetime chosen by the
-- responder
replayStatus(24577),
-- used for positive
-- confirmation of the
-- responder's election on
-- whether or not he is to
-- perform anti-replay
-- detection
initialContact(24578)
-- used when one side wishes
-- to inform the other that
-- this is the first SA being
-- established with the
-- remote system
}
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-CLIENT-MIB.txt
+313
View File
@@ -0,0 +1,313 @@
WATCHGUARD-CLIENT-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
OBJECT-IDENTITY, enterprises,
IpAddress, Unsigned32, TimeTicks FROM SNMPv2-SMI
DateAndTime FROM SNMPv2-TC
watchguard FROM WATCHGUARD-SMI;
wgInfoModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes client information
of WatchGuard system."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 6 }
wgClientMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for DHCP Server, DHCP Client
and PPPoE Client"
::= { wgInfoModule 2 }
wgClientDHCPServer OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all DHCP server related information."
::= { wgClientMIB 1 }
wgClientDHCPClient OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all DHCP client related information."
::= { wgClientMIB 2 }
wgClientPPPoEClient OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all PPPoE client related information."
::= { wgClientMIB 3 }
wgClientDHCPServerEnable OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1),
relay(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether if DHCP Server has been enabled. "
::= { wgClientDHCPServer 1 }
wgClientDHCPServerStartIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The starting IP address of the range of IP addresses leased by the DHCP server."
::= { wgClientDHCPServer 2 }
wgClientDHCPServerEndIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The last IP address of the range of IP addresses leased by the DHCP Server. "
::= { wgClientDHCPServer 3 }
wgClientDHCPServerLeaseTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The lease time of an address assigned to a DHCP client. "
::= { wgClientDHCPServer 4 }
wgClientDHCPServerNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of entries in the wgClientDHCPServerTable. "
::= { wgClientDHCPServer 5 }
wgClientDHCPServerConnTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGClientDHCPServerConnEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the client lease table of the DHCP Server."
::= { wgClientDHCPServer 6 }
wgClientDHCPServerRelayServer OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of remote DHCP server to which
DHCP requests should be relayed."
::= { wgClientDHCPServer 7 }
wgClientDHCPServerConnEntry OBJECT-TYPE
SYNTAX WGClientDHCPServerConnEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the leasing
information of an assigned address by the DHCP Server."
INDEX {
wgClientDHCPServerConnIPAddr
}
::= { wgClientDHCPServerConnTable 1 }
WGClientDHCPServerConnEntry ::= SEQUENCE {
wgClientDHCPServerConnIPAddr IpAddress,
wgClientDHCPServerConnClientHostName OCTET STRING,
wgClientDHCPServerConnMACAddr OCTET STRING (SIZE(6)),
wgClientDHCPServerConnLeaseTimeStart DateAndTime,
wgClientDHCPServerConnLeaseTimeEnd DateAndTime
}
wgClientDHCPServerConnClientHostName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The hostname of the client."
::= { wgClientDHCPServerConnEntry 1 }
wgClientDHCPServerConnIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address assigned to the client."
::= { wgClientDHCPServerConnEntry 2 }
wgClientDHCPServerConnMACAddr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(6))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The MAC address of the client."
::= { wgClientDHCPServerConnEntry 3 }
wgClientDHCPServerConnLeaseTimeStart OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The date and time when the lease starts."
::= { wgClientDHCPServerConnEntry 4 }
wgClientDHCPServerConnLeaseTimeEnd OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The date and time when the lease ends."
::= { wgClientDHCPServerConnEntry 5 }
-- DHCP Client information
wgClientDHCPClientEnable OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether interface 1 (public) is configured to obtain IP address through DHCP."
::= { wgClientDHCPClient 1 }
wgClientDHCPClientDomainName OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The domain name of the DHCP Client."
::= { wgClientDHCPClient 2 }
wgClientDHCPClientDefaultGateway OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the default gateway obtained by the DHCP client."
::= { wgClientDHCPClient 3 }
wgClientDHCPClientDNSOne OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the primary DNS server obtained by the DHCP client."
::= { wgClientDHCPClient 4 }
wgClientDHCPClientDNSTwo OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the secondary DNS server obtained by the DHCP client."
::= { wgClientDHCPClient 5 }
-- PPPoE Client information
wgClientPPPoEClientEnable OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether the interface 1 (public) is configured to use PPPoE."
::= { wgClientPPPoEClient 1 }
wgClientPPPoEClientADSLStatus OBJECT-TYPE
SYNTAX INTEGER {
disconnect(0), -- ADSL is disconnected
initialize(1), -- ADSL is initializing
establish(2), -- ASDL is established
authenticate(3), -- ASDL is authenticated
network(4),
running(5) -- ASDL is running
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current ADSL status of the PPPoE Client. "
::= { wgClientPPPoEClient 2 }
wgClientPPPoEClientLocalIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address obtained by the PPPoE Client."
::= { wgClientPPPoEClient 3 }
wgClientPPPoEClientRemoteIPAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP Address of the PPP server this PPPoE client connects to."
::= { wgClientPPPoEClient 4 }
wgClientPPPoEClientNetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The subnet mask of the PPPoE client."
::= { wgClientPPPoEClient 5 }
wgClientPPPoEClientDNSOne OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the primary DNS server obtained."
::= { wgClientPPPoEClient 6 }
wgClientPPPoEClientDNSTwo OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address of the secondary DNS server obtained."
::= { wgClientPPPoEClient 7 }
wgClientPPPoEADSLPeerMACAddr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(6))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The MAC Address of the PPP server this client connects to."
::= { wgClientPPPoEClient 8 }
wgClientPPPoEClientConnTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The connection time of the PPPoE connection."
::= { wgClientPPPoEClient 9 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-CLUSTER-STATUS-MIB.txt
+160
View File
@@ -0,0 +1,160 @@
WATCHGUARD-SYSTEM-STATISTICS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
OBJECT-IDENTITY, enterprises,
IpAddress, TimeTicks FROM SNMPv2-SMI
watchguard FROM WATCHGUARD-SMI;
wgInfoModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes various system statistics information
of WatchGuard system."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 6 }
wgClusterStatusMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is cluster status information."
::= { wgInfoModule 6 }
wgClusterEnabled OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"It is cluster or single box."
::= { wgClusterStatusMIB 1 }
wgFirstMemberId OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..256))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member id."
::= { wgClusterStatusMIB 2 }
wgFirstMemberRole OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
worker(1),
backup(2),
master(3),
idle(4),
standby(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member role."
::= { wgClusterStatusMIB 3 }
wgFirstMemberSystemHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member system health value."
::= { wgClusterStatusMIB 4 }
wgFirstMemberHardwareHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member hardware health value."
::= { wgClusterStatusMIB 5 }
wgFirstMemberMonitorPortHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member monitored ports health value."
::= { wgClusterStatusMIB 6 }
wgFirstMemberWeightAvg OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"First member weight avg value."
::= { wgClusterStatusMIB 7 }
wgSecondMemberId OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..256))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member id."
::= { wgClusterStatusMIB 8 }
wgSecondMemberRole OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
worker(1),
backup(2),
master(3),
idle(4),
standby(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member role."
::= { wgClusterStatusMIB 9 }
wgSecondMemberSystemHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member system health value."
::= { wgClusterStatusMIB 10 }
wgSecondMemberHardwareHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member hardware health value."
::= { wgClusterStatusMIB 11 }
wgSecondMemberMonitorPortHealth OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member monitored ports health value."
::= { wgClusterStatusMIB 12 }
wgSecondMemberWeightAvg OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Second member weight avg value."
::= { wgClusterStatusMIB 13 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-INFO-SYSTEM-MIB.txt
+65
View File
@@ -0,0 +1,65 @@
WATCHGUARD-INFO-SYSTEM-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
OBJECT-IDENTITY, enterprises FROM SNMPv2-SMI
DateAndTime FROM SNMPv2-TC
watchguard FROM WATCHGUARD-SMI;
wgInfoModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes general information
of WatchGuard system. Mainly, the information
obtained from this MIB is used by wgInfoSystemMIB,
wgClientMIB, wgSystemStatisticsMIB, wgIpsecTunnelMIB."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 6 }
wgInfoSystem OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base system information for all wg Client
branches."
::= { wgInfoModule 1 }
wgInfoSystemCurrentTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The host's notion of the local date and time of day."
::= {wgInfoSystem 1}
wgInfoGavService OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Version and update time of Gateway Antivirus Service"
::= {wgInfoSystem 3}
wgInfoIpsService OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Version and update time of Intrusion Prevention Service"
::= {wgInfoSystem 4}
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-IPSEC-ENDPOINT-PAIR-MIB.txt
+437
View File
@@ -0,0 +1,437 @@
WATCHGUARD-IPSEC-ENDPOINT-PAIR-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Gauge32,
OBJECT-IDENTITY, enterprises,
IpAddress FROM SNMPv2-SMI
watchguard FROM WATCHGUARD-SMI;
wgIpsecEndpointPairModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes generic Ipsec Endpoint Pair information
of WatchGuard system. Mainly, the information
obtained from this MIB is used to constructed topological
view of IPSec security gateways that are connected by
IPSec tunnels.
An IPSec Endpoint Pair is a pair of security gateways that
are connected with 0 or more IPSec SA's in tunnel mode.
It contains information of aggregated information
of tunnel mode SA's between two security gateways.
An IPSec Endpoint Pair is identified by a pair of IP addresses.
Therefore, if an IPSec security gateway X has 2 external
IP addresses while IPsec secruity gateway Y has 3 external
IP addresses, there are potentially 6 IPsec Endpoint Pairs
between X and Y."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 5 }
wgIpsecEndpointPairMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all IPSec tunnel
branches."
::= { wgIpsecEndpointPairModule 1 }
wgIpsecEndpointPair OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all IPSec
tunnel information."
::= { wgIpsecEndpointPairMIB 1 }
wgIpsecEndpointPairStatistics OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all objects which
are global counters for IPSec tunnels."
::= { wgIpsecEndpointPairMIB 2 }
wgIpsecEndpointPairNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of entries in the wgIpsecEndpointPairTable. "
::= { wgIpsecEndpointPair 1 }
wgIpsecEndpointPairTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGIpsecEndpointPairEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the connection table describing all current
IPSec tunnels exist on this entity."
::= { wgIpsecEndpointPair 2 }
wgIpsecEndpointPairEntry OBJECT-TYPE
SYNTAX WGIpsecEndpointPairEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the information on a
IPSec tunnel between two IPSec security gateways."
INDEX{ wgIpsecEndpointPairIndex }
::= { wgIpsecEndpointPairTable 1 }
WGIpsecEndpointPairEntry ::= SEQUENCE {
wgIpsecEndpointPairIndex Integer32,
wgIpsecEndpointPairLocalAddr IpAddress,
wgIpsecEndpointPairPeerAddr IpAddress,
wgIpsecEndpointPairInSAs Unsigned32,
wgIpsecEndpointPairOutSAs Unsigned32,
wgIpsecEndpointPairInAccKbytes Counter64,
wgIpsecEndpointPairOutAccKbytes Counter64,
wgIpsecEndpointPairInPackets Counter64,
wgIpsecEndpointPairOutPackets Counter64,
wgIpsecEndpointPairDecryptErrors Counter32,
wgIpsecEndpointPairAuthErrors Counter32,
wgIpsecEndpointPairReplayErrors Counter32,
wgIpsecEndpointPairPolicyErrors Counter32,
wgIpsecEndpointPairPadErrors Counter32,
wgIpsecEndpointPairOtherReceiveErrors Counter32,
wgIpsecEndpointPairSendErrors Counter32
}
wgIpsecEndpointPairIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The running index of this IPSec endpoint pair."
::= { wgIpsecEndpointPairEntry 1 }
wgIpsecEndpointPairLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local IP address of the current IPSec ednpoint pair."
::= { wgIpsecEndpointPairEntry 2 }
wgIpsecEndpointPairPeerAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote IP address of the current IPSec endpoint pair."
::= { wgIpsecEndpointPairEntry 3 }
wgIpsecEndpointPairInSAs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of inbound IPSEC SA's within this
IPSec endpoint pair.If IKE rekeys and no data
stream to activate new SA, the SA statistics
may be include the old SA, then the total number
is the double of the active SA"
::= { wgIpsecEndpointPairEntry 4 }
wgIpsecEndpointPairOutSAs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of outbound IPSEC SA's within this
IPSec endpoint pair.If IKE rekeys and no data
stream to activate new SA, the SA statistics
may be include the old SA, then the total number
is the double of the active SA"
::= { wgIpsecEndpointPairEntry 5 }
wgIpsecEndpointPairInAccKbytes OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total inbound traffic in Kbytes since the establish of
this connection."
::= { wgIpsecEndpointPairEntry 6 }
wgIpsecEndpointPairOutAccKbytes OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total outound traffic in Kbytes since the establish of
this connection."
::= { wgIpsecEndpointPairEntry 7 }
wgIpsecEndpointPairInPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of inbound packets since the establish of
this connection."
::= { wgIpsecEndpointPairEntry 8 }
wgIpsecEndpointPairOutPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of outound packets since the establish of
this connection."
::= { wgIpsecEndpointPairEntry 9 }
wgIpsecEndpointPairDecryptErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairEntry 10 }
wgIpsecEndpointPairAuthErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to authentication
error since the establish of this connection."
::= { wgIpsecEndpointPairEntry 11 }
wgIpsecEndpointPairReplayErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to replay
error since the establish of this connection."
::= { wgIpsecEndpointPairEntry 12}
wgIpsecEndpointPairPolicyErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairEntry 13 }
wgIpsecEndpointPairPadErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairEntry 14 }
wgIpsecEndpointPairOtherReceiveErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairEntry 15 }
wgIpsecEndpointPairSendErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairEntry 16 }
-- global statistics
wgIpsecEndpointPairTotalInSAs OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of active inbound SA's in the entity."
::= { wgIpsecEndpointPairStatistics 1 }
wgIpsecEndpointPairTotalOutSAs OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of active outbound SA's in the entity."
::= { wgIpsecEndpointPairStatistics 2 }
wgIpsecEndpointPairTotalInAccKbytes OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total inbound IPsec traffic of this entity."
::= { wgIpsecEndpointPairStatistics 3 }
wgIpsecEndpointPairTotalOutAccKbytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total outbound IPsec traffic of this entity."
::= { wgIpsecEndpointPairStatistics 4 }
wgIpsecEndpointPairTotalInPackets OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total inbound IPsec packets of this entity."
::= { wgIpsecEndpointPairStatistics 5 }
wgIpsecEndpointPairTotalOutPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total outbound IPsec packets of this entity."
::= { wgIpsecEndpointPairStatistics 6 }
wgIpsecEndpointPairTotalDecryptErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairStatistics 7 }
wgIpsecEndpointPairTotalAuthErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets on this entity discarded
due to authentication errors."
::= { wgIpsecEndpointPairStatistics 8 }
wgIpsecEndpointPairTotalReplayErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to replay
errors on this entity."
::= { wgIpsecEndpointPairStatistics 9 }
wgIpsecEndpointPairTotalPolicyErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairStatistics 10 }
wgIpsecEndpointPairTotalPadErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairStatistics 11 }
wgIpsecEndpointPairTotalOtherReceiveErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairStatistics 12 }
wgIpsecEndpointPairTotalSendErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecEndpointPairStatistics 13 }
wgIpsecEndpointPairPeerIPToTunnel OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all tunnels
information of the policies."
::= {wgIpsecEndpointPairMIB 3}
wgIpsecEndpointPairPeerIPToTunnelNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of tunnels in the peeriptotunnel table. "
::= { wgIpsecEndpointPairPeerIPToTunnel 1 }
wgIpsecEndpointPairPeerIPToTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGIpsecEndpointPairPeerIPToTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The peeriptotunnel table in the endpointpair mib."
::= { wgIpsecEndpointPairPeerIPToTunnel 2 }
wgIpsecEndpointPairPeerIPToTunnelEntry OBJECT-TYPE
SYNTAX WGIpsecEndpointPairPeerIPToTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the peer ip and tunnel
information."
INDEX {
wgIpsecEndpointPairPeerIPToTunnelPeerIP,
wgIpsecEndpointPairPeerIPToTunnelTunnelID
}
::= { wgIpsecEndpointPairPeerIPToTunnelTable 1 }
WGIpsecEndpointPairPeerIPToTunnelEntry ::= SEQUENCE {
wgIpsecEndpointPairPeerIPToTunnelPeerIP IpAddress,
wgIpsecEndpointPairPeerIPToTunnelTunnelID Unsigned32
}
wgIpsecEndpointPairPeerIPToTunnelPeerIP OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The peer ip of the peeriptotunnel table."
::= {wgIpsecEndpointPairPeerIPToTunnelEntry 1}
wgIpsecEndpointPairPeerIPToTunnelTunnelID OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The tunnel id of the peeriptotunnel table."
::= {wgIpsecEndpointPairPeerIPToTunnelEntry 2}
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-IPSEC-SA-MON-MIB-EXT.txt
+1831
View File
File diff suppressed because it is too large Load Diff
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-IPSEC-TUNNEL-MIB.txt
+552
View File
@@ -0,0 +1,552 @@
WATCHGUARD-IPSEC-TUNNEL-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter64,
OBJECT-IDENTITY, enterprises,
IpAddress, TimeTicks FROM SNMPv2-SMI
DateAndTime FROM SNMPv2-TC
watchguard FROM WATCHGUARD-SMI;
wgInfoModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes various tunnel objects
of WatchGuard system."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 6 }
wgIpsecTunnelMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all tunnel
branches."
::= { wgInfoModule 5 }
wgIpsecTunnel OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all
tunnel information."
::= { wgIpsecTunnelMIB 1 }
wgIpsecTunnelNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of entries in the wgIpsecTunnelTable. "
::= { wgIpsecTunnel 1 }
wgIpsecTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGIpsecTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the connection table describing all current
tunnels exist on this entity."
::= { wgIpsecTunnel 2 }
wgIpsecTunnelEntry OBJECT-TYPE
SYNTAX WGIpsecTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the information on a
tunnel between two security gateways."
INDEX{ wgIpsecTunnelID }
::= { wgIpsecTunnelTable 1 }
WGIpsecTunnelEntry ::= SEQUENCE {
wgIpsecTunnelID Integer32,
wgIpsecTunnelLocalAddr IpAddress,
wgIpsecTunnelPeerAddr IpAddress,
wgIpsecTunnelInSpi Unsigned32,
wgIpsecTunnelOutSpi Unsigned32,
wgIpsecTunnelCreateTime DateAndTime,
wgIpsecTunnelDeviceID Unsigned32,
wgIpsecTunnelEspEncryptAlg INTEGER,
wgIpsecTunnelEspAuthAlg INTEGER,
wgIpsecTunnelAhAuthAlg INTEGER,
wgIpsecTunnelMode INTEGER,
wgIpsecTunnelKeyMode INTEGER,
wgIpsecTunnelLifeTime TimeTicks,
wgIpsecTunnelLifeLength Counter64,
wgIpsecTunnelInSaBytes Counter64,
wgIpsecTunnelOutSaBytes Counter64,
wgIpsecTunnelAccSecs Counter32,
wgIpsecTunnelSelectorProtocol INTEGER,
wgIpsecTunnelSelectorRemoteIPType INTEGER,
wgIpsecTunnelSelectorRemoteIPOne IpAddress,
wgIpsecTunnelSelectorRemoteIPTwo IpAddress,
wgIpsecTunnelSelectorRemotePort INTEGER,
wgIpsecTunnelSelectorLocalIPType INTEGER,
wgIpsecTunnelSelectorLocalIPOne IpAddress,
wgIpsecTunnelSelectorLocalIPTwo IpAddress,
wgIpsecTunnelSelectorLocalPort INTEGER,
wgIpsecTunnelNumRekey Counter32,
wgIpsecTunnelInKbytes Counter64,
wgIpsecTunnelOutKbytes Counter64,
wgIpsecTunnelInPackets Counter64,
wgIpsecTunnelOutPackets Counter64,
wgIpsecTunnelInDecryptErrors Counter32,
wgIpsecTunnelInAuthErrors Counter32,
wgIpsecTunnelInReplayErrors Counter32,
wgIpsecTunnelInOtherErrors Counter32,
wgIpsecTunnelOutDecryptErrors Counter32,
wgIpsecTunnelOutAuthErrors Counter32,
wgIpsecTunnelOutReplayErrors Counter32,
wgIpsecTunnelOutOtherErrors Counter32,
wgIpsecTunnelUdpEncap INTEGER,
wgIpsecTunnelPeerUdpPort INTEGER,
wgIpsecTunnelOrigPeerAddr IpAddress
}
wgIpsecTunnelID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The running index of this tunnel."
::= { wgIpsecTunnelEntry 1 }
wgIpsecTunnelLocalAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local gateway IP address of the current tunnel."
::= { wgIpsecTunnelEntry 2 }
wgIpsecTunnelPeerAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote gateway IP address of the current tunnel."
::= { wgIpsecTunnelEntry 3 }
wgIpsecTunnelInSpi OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The security parameters index of inbound SA's within this
tunnel."
::= { wgIpsecTunnelEntry 4 }
wgIpsecTunnelOutSpi OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The security parameters index of outbound SA's within this
tunnel."
::= { wgIpsecTunnelEntry 5 }
wgIpsecTunnelCreateTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The date and time when the tunnel is created."
::= { wgIpsecTunnelEntry 6 }
wgIpsecTunnelDeviceID OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The identifier of target device where the SA resides."
::= { wgIpsecTunnelEntry 7 }
wgIpsecTunnelEspEncryptAlg OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
des(2),
three-des(3),
aes(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The encryption algorithm used in the tunnel. It's 0
if ESP is not used."
::= { wgIpsecTunnelEntry 8 }
wgIpsecTunnelEspAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
md5(2),
sha(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication algorithm used in the tunnel. It's
0 if ESP is not used."
::= { wgIpsecTunnelEntry 9 }
wgIpsecTunnelAhAuthAlg OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
md5(2),
sha(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The AH authentication algorithm used in the tunnel.
It's 0 if AH is not used."
::= { wgIpsecTunnelEntry 10 }
wgIpsecTunnelMode OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
tunnel(1),
transport(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The tunnel/transport mode of the tunnel."
::= { wgIpsecTunnelEntry 11 }
wgIpsecTunnelKeyMode OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
manual(1),
auto-ike(2),
other(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The key mode of the tunnel."
::= { wgIpsecTunnelEntry 12 }
wgIpsecTunnelLifeTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The life time (in hundredths of a second) of the tunnel."
::= { wgIpsecTunnelEntry 13 }
wgIpsecTunnelLifeLength OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum traffic in bytes that the tunnel is allowed to support."
::= { wgIpsecTunnelEntry 14 }
wgIpsecTunnelInSaBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Current active inbound SA bytes of the tunnel."
::= { wgIpsecTunnelEntry 15 }
wgIpsecTunnelOutSaBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Current active outbound SA bytes of the tunnel."
::= { wgIpsecTunnelEntry 16 }
wgIpsecTunnelAccSecs OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of seconds that the tunnel has existed."
::= { wgIpsecTunnelEntry 17 }
wgIpsecTunnelSelectorProtocol OBJECT-TYPE
SYNTAX INTEGER {
any(0),
icmp(1),
igmp(2),
ipip(4),
tcp(6),
egp(8),
pup(12),
udp(17),
idp(22),
tp(29),
ipv6(41),
ipv6-routing(43),
ipv6-fragmentation(44),
rsvp(46),
gre(47),
esp(50),
ah(51),
icmpv6(58),
none(59),
dstopts(60),
mtp(92),
encap(98),
pim(103),
raw(255)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The ip protocol number that this SA(Tunnel) selector carries, or
0 if it carries any protocol."
::= { wgIpsecTunnelEntry 18 }
wgIpsecTunnelSelectorRemoteIPType OBJECT-TYPE
SYNTAX INTEGER {
ip-addr-single(1),
ip-addr-subnet(2),
ip-addr-range(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of remote IP address of the SA(Tunnel) selector in
the entity."
::= { wgIpsecTunnelEntry 19 }
wgIpsecTunnelSelectorRemoteIPOne OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The first remote IP address of the SA(Tunnel) selector in the entity.
It's IP address if remote IP of this selector only has one address.
It's IP address of subnet if the remote IP of this selector is IP subnet.
It's the start IP address if the remote IP of this selector
has a range of addresses."
::= { wgIpsecTunnelEntry 20 }
wgIpsecTunnelSelectorRemoteIPTwo OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The second remote IP address of the SA(Tunnel) selector in the entity.
It's 0 if remote IP of this selector only has one address.
It's netmask of subnet if the remote IP of this selector is IP subnet.
It's the end IP address if the remote IP of this selector
has a range of addresses."
::= { wgIpsecTunnelEntry 21 }
wgIpsecTunnelSelectorRemotePort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The remote port used by the SA(Tunnel) selector in the entity."
::= { wgIpsecTunnelEntry 22 }
wgIpsecTunnelSelectorLocalIPType OBJECT-TYPE
SYNTAX INTEGER {
ip-addr-single(1),
ip-addr-subnet(2),
ip-addr-range(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of local IP address of the SA(Tunnel) selector in
the entity."
::= { wgIpsecTunnelEntry 23 }
wgIpsecTunnelSelectorLocalIPOne OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The first local IP address of the SA(Tunnel) selector in the entity.
It's IP address if local IP of this selector only has one address.
It's IP address of subnet if the local IP of this selector is IP subnet.
It's the start IP address if the local IP of this selector
has a range of IP addresses."
::= { wgIpsecTunnelEntry 24 }
wgIpsecTunnelSelectorLocalIPTwo OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The second local IP address of the SA(Tunnel) selector in the entity.
It's 0 if local IP of this selector only has one address.
It's netmask of subnet if the local IP of this selector is IP subnet.
It's the end IP address if the local IP of this selector
has a range of IP addresses."
::= { wgIpsecTunnelEntry 25 }
wgIpsecTunnelSelectorLocalPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local port used by the SA(Tunnel) selector in the entity."
::= { wgIpsecTunnelEntry 26 }
wgIpsecTunnelNumRekey OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of rekeys of the tunnel."
::= { wgIpsecTunnelEntry 27 }
wgIpsecTunnelInKbytes OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total inbound traffic in Kbytes since the establish of
this tunnel."
::= { wgIpsecTunnelEntry 28 }
wgIpsecTunnelOutKbytes OBJECT-TYPE
SYNTAX Counter64
UNITS "Kbytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total outound traffic in Kbytes since the establish of
this connection."
::= { wgIpsecTunnelEntry 29 }
wgIpsecTunnelInPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of inbound packets since the establish of
this connection."
::= { wgIpsecTunnelEntry 30 }
wgIpsecTunnelOutPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of outound packets since the establish of
this connection."
::= { wgIpsecTunnelEntry 31 }
wgIpsecTunnelInDecryptErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 32 }
wgIpsecTunnelInAuthErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to authentication
error since the establish of this connection."
::= { wgIpsecTunnelEntry 33 }
wgIpsecTunnelInReplayErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to replay
error since the establish of this connection."
::= { wgIpsecTunnelEntry 34}
wgIpsecTunnelInOtherErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 35 }
wgIpsecTunnelOutDecryptErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 36 }
wgIpsecTunnelOutAuthErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to authentication
error since the establish of this connection."
::= { wgIpsecTunnelEntry 37 }
wgIpsecTunnelOutReplayErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to replay
error since the establish of this connection."
::= { wgIpsecTunnelEntry 38 }
wgIpsecTunnelOutOtherErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 39 }
wgIpsecTunnelUdpEncap OBJECT-TYPE
SYNTAX INTEGER {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 40 }
wgIpsecTunnelPeerUdpPort OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 41 }
wgIpsecTunnelOrigPeerAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgIpsecTunnelEntry 42 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-POLICY-MIB.txt
+320
View File
@@ -0,0 +1,320 @@
WATCHGUARD-POLICY-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter64,
OBJECT-IDENTITY, enterprises,
IpAddress, TimeTicks FROM SNMPv2-SMI
DateAndTime FROM SNMPv2-TC
watchguard FROM WATCHGUARD-SMI;
wgPolicyMIB MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes various policy objects
of WatchGuard system."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 4 }
wgPolicyToTunnel OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all tunnels
information of the policies."
::= {wgPolicyMIB 1}
wgPolicyStatistics OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all policy related
statistical counters."
::= { wgPolicyMIB 2 }
wgPolicyToTunnelNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of tunnels in the policytotunnel table. "
::= { wgPolicyToTunnel 1 }
wgPolicyToTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGPolicyToTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the policytotunnel table of all the policies."
::= { wgPolicyToTunnel 2 }
wgPolicyToTunnelEntry OBJECT-TYPE
SYNTAX WGPolicyToTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the tunnels
information."
INDEX {
wgPolicyToTunnelPolicyID,
wgPolicyToTunnelTunnelID
}
::= { wgPolicyToTunnelTable 1 }
WGPolicyToTunnelEntry ::= SEQUENCE {
wgPolicyToTunnelPolicyID Integer32,
wgPolicyToTunnelTunnelID Integer32
}
wgPolicyToTunnelPolicyID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The policy identifier of this entity."
::= {wgPolicyToTunnelEntry 1}
wgPolicyToTunnelTunnelID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The tunnel identifier of this entity."
::= {wgPolicyToTunnelEntry 2}
-- counter ID
-- per policy counter
-- 1-24 is reserved
wgPolicyTableNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of policies in the policy table. "
::= { wgPolicyStatistics 1 }
wgPolicyTable OBJECT-TYPE
SYNTAX SEQUENCE OF WGPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the policytotunnel table of the policies."
::= { wgPolicyStatistics 2 }
wgPolicyEntry OBJECT-TYPE
SYNTAX WGPolicyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the policy
information."
INDEX{
wgPolicyID
}
::= { wgPolicyTable 1 }
WGPolicyEntry ::= SEQUENCE {
wgPolicyID Integer32,
wgPolicyName OCTET STRING (SIZE(32)),
wgPolicyBytes Counter64,
wgPolicyPackets Counter64,
wgPolicyIpsecDecryptErr Counter64,
wgPolicyIpsecAuthErr Counter64,
wgPolicyIpsecReplayErr Counter64,
wgPolicyIpsecPadErr Counter64,
wgPolicyIpsecPolicyErr Counter64,
wgPolicyFwDisc Counter64,
wgPolicyOtherDisc Counter64,
wgPolicyActiveStreams Counter64,
wgPolicyIpsecDisc Counter64,
wgPolicyDisc Counter64,
wgPolicyNumTunl Counter64,
wgPolicySingleCntrNum Counter64,
wgPolicyLogging Unsigned32,
wgPolicyCurrActiveConns Counter64
}
wgPolicyID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The policy identifier of this policy."
::= {wgPolicyEntry 1}
wgPolicyName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(32))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The policy name of this policy"
::= {wgPolicyEntry 2}
wgPolicyL3PackageBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total traffic in bytes (counted from L3 head) since setting up this policy."
::= {wgPolicyEntry 3}
wgPolicyPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total traffic in packets since setting up this policy."
::= {wgPolicyEntry 4}
wgPolicyIpsecDecryptErr OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to decryption
errors since setting up this policy."
::= {wgPolicyEntry 5}
wgPolicyIpsecAuthErr OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to authentication
errors since setting up this policy."
::= {wgPolicyEntry 6}
wgPolicyIpsecReplayErr OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to replay
errors since setting up this policy."
::= {wgPolicyEntry 7}
wgPolicyIpsecPadErr OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to pad value
errors since setting up this policy."
::= {wgPolicyEntry 8}
wgPolicyIpsecPolicyErr OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to policy
errors since setting up this policy."
::= {wgPolicyEntry 9}
wgPolicyFwDisc OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded by firewall policies
since setting up this policy."
::= {wgPolicyEntry 10}
wgPolicyOtherDisc OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded due to errors
other than firewall errors, ipsec errors since setting up
this policy."
::= {wgPolicyEntry 11}
wgPolicyActiveStreams OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of the active connections since setting
up this policy."
::= {wgPolicyEntry 12}
wgPolicyIpsecDisc OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded by IPSEC errors
(decryption error, authentication error, replay error)
since setting up this policy."
::= {wgPolicyEntry 13}
wgPolicyDisc OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of packets discarded since setting up
this policy."
::= {wgPolicyEntry 14}
wgPolicyNumTunl OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of tunnels belong to this policy"
::= {wgPolicyEntry 15}
wgPolicySingleCntrNum OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of single counters handled by this policy."
::= {wgPolicyEntry 16}
wgPolicyLogging OBJECT-TYPE
SYNTAX Unsigned32 {
disabled(0),
enabled(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether if the logging of this policy has been enabled. "
::= { wgPolicyEntry 17 }
wgPolicyCurrActiveConns OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of currently active connections for this policy."
::= {wgPolicyEntry 18}
wgPolicyL2PackageBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total traffic in bytes(counted from L2 head) since setting up this policy."
::= {wgPolicyEntry 19}
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-PRODUCTS-MIB.txt
+151
View File
@@ -0,0 +1,151 @@
WATCHGUARD-PRODUCTS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY FROM SNMPv2-SMI
watchguard FROM WATCHGUARD-SMI;
wgProducts MODULE-IDENTITY
LAST-UPDATED "200811100000Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"This MIB module definesthe object identifiers
for WatchGuard Technologies Products."
REVISION
"200811100000Z"
DESCRIPTION
"Initial version."
::= { watchguard 1 }
fbXSeries OBJECT IDENTIFIER ::= { wgProducts 4 }
xtmSeries OBJECT IDENTIFIER ::= { wgProducts 5 }
-- fbX series
fbX500 OBJECT IDENTIFIER ::= { fbXSeries 1 }
fbX550e OBJECT IDENTIFIER ::= { fbXSeries 2 }
fbX700 OBJECT IDENTIFIER ::= { fbXSeries 3 }
fbX750e OBJECT IDENTIFIER ::= { fbXSeries 4 }
fbX750e-4 OBJECT IDENTIFIER ::= { fbXSeries 5 }
fbX1000 OBJECT IDENTIFIER ::= { fbXSeries 6 }
fbX1250e OBJECT IDENTIFIER ::= { fbXSeries 7 }
fbX1250e-4 OBJECT IDENTIFIER ::= { fbXSeries 8 }
fbX2500 OBJECT IDENTIFIER ::= { fbXSeries 9 }
fbX5000 OBJECT IDENTIFIER ::= { fbXSeries 10 }
fbX5500e OBJECT IDENTIFIER ::= { fbXSeries 11 }
fbX6000 OBJECT IDENTIFIER ::= { fbXSeries 12 }
fbX6500e OBJECT IDENTIFIER ::= { fbXSeries 13 }
fbX8000 OBJECT IDENTIFIER ::= { fbXSeries 14 }
fbX8500e OBJECT IDENTIFIER ::= { fbXSeries 15 }
fbX8500e-F OBJECT IDENTIFIER ::= { fbXSeries 16 }
fbX10e OBJECT IDENTIFIER ::= { fbXSeries 17 }
fbX10e-W OBJECT IDENTIFIER ::= { fbXSeries 18 }
fbX20e OBJECT IDENTIFIER ::= { fbXSeries 19 }
fbX20e-W OBJECT IDENTIFIER ::= { fbXSeries 20 }
fbX55e OBJECT IDENTIFIER ::= { fbXSeries 21 }
fbX55e-W OBJECT IDENTIFIER ::= { fbXSeries 22 }
-- xtm series
xtm1050 OBJECT IDENTIFIER ::= { xtmSeries 1 }
xtm1050-F OBJECT IDENTIFIER ::= { xtmSeries 2 }
xtm830-F OBJECT IDENTIFIER ::= { xtmSeries 3 }
xtm830 OBJECT IDENTIFIER ::= { xtmSeries 4 }
xtm820 OBJECT IDENTIFIER ::= { xtmSeries 5 }
xtm810 OBJECT IDENTIFIER ::= { xtmSeries 6 }
xtm530 OBJECT IDENTIFIER ::= { xtmSeries 7 }
xtm520 OBJECT IDENTIFIER ::= { xtmSeries 8 }
xtm510 OBJECT IDENTIFIER ::= { xtmSeries 9 }
xtm505 OBJECT IDENTIFIER ::= { xtmSeries 10 }
xtm23 OBJECT IDENTIFIER ::= { xtmSeries 11 }
xtm22 OBJECT IDENTIFIER ::= { xtmSeries 12 }
xtm21 OBJECT IDENTIFIER ::= { xtmSeries 13 }
xtm23-W OBJECT IDENTIFIER ::= { xtmSeries 14 }
xtm22-W OBJECT IDENTIFIER ::= { xtmSeries 15 }
xtm21-W OBJECT IDENTIFIER ::= { xtmSeries 16 }
xtm2050 OBJECT IDENTIFIER ::= { xtmSeries 17 }
xtm25 OBJECT IDENTIFIER ::= { xtmSeries 18 }
xtm25-W OBJECT IDENTIFIER ::= { xtmSeries 19 }
xtm26 OBJECT IDENTIFIER ::= { xtmSeries 20 }
xtm26-W OBJECT IDENTIFIER ::= { xtmSeries 21 }
xtm33 OBJECT IDENTIFIER ::= { xtmSeries 22 }
xtm33-W OBJECT IDENTIFIER ::= { xtmSeries 23 }
xtm330 OBJECT IDENTIFIER ::= { xtmSeries 24 }
xtm545 OBJECT IDENTIFIER ::= { xtmSeries 25 }
xtm535 OBJECT IDENTIFIER ::= { xtmSeries 26 }
xtm525 OBJECT IDENTIFIER ::= { xtmSeries 27 }
xtm515 OBJECT IDENTIFIER ::= { xtmSeries 28 }
xtm2050A OBJECT IDENTIFIER ::= { xtmSeries 29 }
xtm850 OBJECT IDENTIFIER ::= { xtmSeries 30 }
xtm860 OBJECT IDENTIFIER ::= { xtmSeries 31 }
xtm870 OBJECT IDENTIFIER ::= { xtmSeries 32 }
xtm870-F OBJECT IDENTIFIER ::= { xtmSeries 33 }
xtm1520 OBJECT IDENTIFIER ::= { xtmSeries 34 }
xtm1525 OBJECT IDENTIFIER ::= { xtmSeries 35 }
xtm2520 OBJECT IDENTIFIER ::= { xtmSeries 36 }
xtmv-SM OBJECT IDENTIFIER ::= { xtmSeries 37 }
xtmv-MED OBJECT IDENTIFIER ::= { xtmSeries 38 }
xtmv-LG OBJECT IDENTIFIER ::= { xtmSeries 39 }
xtmv-DC OBJECT IDENTIFIER ::= { xtmSeries 40 }
xtmv-EXP OBJECT IDENTIFIER ::= { xtmSeries 41 }
xtmv OBJECT IDENTIFIER ::= { xtmSeries 42 }
xtm1520-RP OBJECT IDENTIFIER ::= { xtmSeries 43 }
xtm1525-RP OBJECT IDENTIFIER ::= { xtmSeries 44 }
T10 OBJECT IDENTIFIER ::= { xtmSeries 45 }
M440 OBJECT IDENTIFIER ::= { xtmSeries 46 }
T10-D OBJECT IDENTIFIER ::= { xtmSeries 47 }
T10-W OBJECT IDENTIFIER ::= { xtmSeries 48 }
M400 OBJECT IDENTIFIER ::= { xtmSeries 49 }
M500 OBJECT IDENTIFIER ::= { xtmSeries 50 }
M200 OBJECT IDENTIFIER ::= { xtmSeries 51 }
M300 OBJECT IDENTIFIER ::= { xtmSeries 52 }
T30 OBJECT IDENTIFIER ::= { xtmSeries 53 }
T30-W OBJECT IDENTIFIER ::= { xtmSeries 54 }
T50 OBJECT IDENTIFIER ::= { xtmSeries 55 }
T50-W OBJECT IDENTIFIER ::= { xtmSeries 56 }
M4600 OBJECT IDENTIFIER ::= { xtmSeries 57 }
M5600 OBJECT IDENTIFIER ::= { xtmSeries 58 }
T70 OBJECT IDENTIFIER ::= { xtmSeries 59 }
FireboxV OBJECT IDENTIFIER ::= { xtmSeries 60 }
FireboxV-MC OBJECT IDENTIFIER ::= { xtmSeries 61 }
FireboxV-SM OBJECT IDENTIFIER ::= { xtmSeries 62 }
FireboxV-MED OBJECT IDENTIFIER ::= { xtmSeries 63 }
FireboxV-LG OBJECT IDENTIFIER ::= { xtmSeries 64 }
FireboxV-XLG OBJECT IDENTIFIER ::= { xtmSeries 65 }
M370 OBJECT IDENTIFIER ::= { xtmSeries 66 }
M470 OBJECT IDENTIFIER ::= { xtmSeries 67 }
M570 OBJECT IDENTIFIER ::= { xtmSeries 68 }
M670 OBJECT IDENTIFIER ::= { xtmSeries 69 }
T15 OBJECT IDENTIFIER ::= { xtmSeries 70 }
T15-W OBJECT IDENTIFIER ::= { xtmSeries 71 }
T35 OBJECT IDENTIFIER ::= { xtmSeries 72 }
T35-W OBJECT IDENTIFIER ::= { xtmSeries 73 }
T55 OBJECT IDENTIFIER ::= { xtmSeries 74 }
T55-W OBJECT IDENTIFIER ::= { xtmSeries 75 }
FireboxCloud OBJECT IDENTIFIER ::= { xtmSeries 76 }
FireboxCloud-MC OBJECT IDENTIFIER ::= { xtmSeries 77 }
FireboxCloud-SM OBJECT IDENTIFIER ::= { xtmSeries 78 }
FireboxCloud-MED OBJECT IDENTIFIER ::= { xtmSeries 79 }
FireboxCloud-LG OBJECT IDENTIFIER ::= { xtmSeries 80 }
FireboxCloud-XLG OBJECT IDENTIFIER ::= { xtmSeries 81 }
M270 OBJECT IDENTIFIER ::= { xtmSeries 82 }
T35-DW OBJECT IDENTIFIER ::= { xtmSeries 83 }
T35-R OBJECT IDENTIFIER ::= { xtmSeries 84 }
T20 OBJECT IDENTIFIER ::= { xtmSeries 85 }
T20-W OBJECT IDENTIFIER ::= { xtmSeries 86 }
T40 OBJECT IDENTIFIER ::= { xtmSeries 87 }
T40-W OBJECT IDENTIFIER ::= { xtmSeries 88 }
T80 OBJECT IDENTIFIER ::= { xtmSeries 89 }
M4800 OBJECT IDENTIFIER ::= { xtmSeries 90 }
M5800 OBJECT IDENTIFIER ::= { xtmSeries 91 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-SMI.txt
+43
View File
@@ -0,0 +1,43 @@
WATCHGUARD-SMI DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-IDENTITY, enterprises
FROM SNMPv2-SMI;
watchguard MODULE-IDENTITY
LAST-UPDATED "200811100000Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The Structure of Management Information for
the WatchGuard enterprise."
REVISION "200811100000Z"
DESCRIPTION
"Initial version."
::= { enterprises 3097 }
wgProducts OBJECT-IDENTITY
STATUS current
DESCRIPTION
"wgProducts is the root OBJECT IDENTIFIER of
WatchGuard Product OIDs."
::= { watchguard 1 }
wgSystemConfigMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"wgSystemConfig is the root OBJECT IDENTIFIER of
WatchGuard Firebox system configurations."
::= { watchguard 2 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-SYSTEM-CONFIG-MIB.txt
+167
View File
@@ -0,0 +1,167 @@
WATCHGUARD-SYSTEM-CONFIG-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32,
Integer32, Unsigned32, IpAddress, Gauge32,
enterprises, NOTIFICATION-TYPE FROM SNMPv2-SMI
watchguard FROM WATCHGUARD-SMI;
wgSystemConfigMIB MODULE-IDENTITY
LAST-UPDATED "200811100000Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"This MIB module defines WatchGuard Firebox system
configuration."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
REVISION "200811100000Z"
DESCRIPTION
"Updated CONTACT-INFO."
::= { watchguard 2 }
-- significant branches
wgSysTraps OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object for system wide traps
in this entity."
::= { wgSystemConfigMIB 3 }
wgSysTrapObjects OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object for objects which are used
as part of traps."
::= { wgSystemConfigMIB 4 }
wgSysTrapControl OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base object identifier for all objects
which are trap control for the entity."
::= { wgSystemConfigMIB 5 }
--
-- wgSysTraps
--
-- object used in trap reporting
wgAlarmId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The id of the alarm that generates a trap."
::= { wgSysTrapObjects 1 }
wgAlarmLabel OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the alarm that generates a trap."
::= { wgSysTrapObjects 2 }
wgAlarmTime OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The date and time of the alarm that generates a trap."
::= { wgSysTrapObjects 3 }
wgAlarmLevel OBJECT-TYPE
SYNTAX INTEGER {
normal(4),
warning(3),
error(2),
critical(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The level of an alarm generated."
::= { wgSysTrapObjects 4 }
wgAlarmHostname OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The host name of the system where alarm occurred"
::= { wgSysTrapObjects 5 }
wgAlarmMsg OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The message describing the nature of this alarm."
::= { wgSysTrapObjects 6 }
--
-- trap control
--
wgAlarmTrapEnable OBJECT-TYPE
SYNTAX INTEGER {
false(0),
true(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether wgAlarmTrap trap should be generated."
DEFVAL { true }
::= { wgSysTrapControl 1 }
--
-- traps themselves
--
wgSysTrapsPrefix OBJECT-IDENTITY
STATUS current
DESCRIPTION ""
::= { wgSysTraps 0 }
wgAlarmTrap NOTIFICATION-TYPE
OBJECTS {
wgAlarmId,
wgAlarmLabel,
wgAlarmTime,
wgAlarmLevel,
wgAlarmHostname,
wgAlarmMsg
}
STATUS current
DESCRIPTION
"An alarm was raised by Monitoring Agent of this
WatchGuard entity."
::= { wgSysTrapsPrefix 1 }
wgSnmpShutdown NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This trap is sent when the snmp terminates."
::= { wgSysTrapsPrefix 2 }
wgSnmpStart NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This trap is sent when the snmp starts."
::= { wgSysTrapsPrefix 3 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/WATCHGUARD-SYSTEM-STATISTICS-MIB.txt
+148
View File
@@ -0,0 +1,148 @@
WATCHGUARD-SYSTEM-STATISTICS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter64,
OBJECT-IDENTITY, enterprises,
IpAddress, TimeTicks FROM SNMPv2-SMI
watchguard FROM WATCHGUARD-SMI;
wgInfoModule MODULE-IDENTITY
LAST-UPDATED "200701251200Z"
ORGANIZATION "WatchGuard Technologies, Inc."
CONTACT-INFO
" WatchGuard Technologies, Inc.
505 Fifth Avenue South
Suite 500
Seattle, WA 98104
United States
+1.206.613.6600 "
DESCRIPTION
"The MIB module describes various system statistics information
of WatchGuard system."
REVISION "200701251200Z"
DESCRIPTION
"Initial revision."
::= { watchguard 6 }
wgSystemStatisticsMIB OBJECT-IDENTITY
STATUS current
DESCRIPTION
"This is the base system information for all system related
statistical counters."
::= { wgInfoModule 3 }
wgSoftwareVersion OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Software version of sysA and sysB"
::= { wgSystemStatisticsMIB 1 }
wgSystemCpuUtil OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgSystemStatisticsMIB 4 }
wgSystemTotalSendBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of bytes sent since system is up. This
number includes both cut through traffic and host traffic."
::= { wgSystemStatisticsMIB 8 }
wgSystemTotalRecvBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of bytes received since system is up. This
number includes both cut through traffic and host traffic."
::= { wgSystemStatisticsMIB 9 }
wgSystemTotalSendPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of the packets sent since system is up. This
number includes both cut through traffic and host traffic."
::= { wgSystemStatisticsMIB 10 }
wgSystemTotalRecvPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of the packets received since system is up.
The number includes both cut through traffic and host traffic."
::= { wgSystemStatisticsMIB 11 }
wgSystemStreamReqTotal OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgSystemStatisticsMIB 30 }
wgSystemStreamReqDrop OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated, currently unused."
::= { wgSystemStatisticsMIB 34 }
wgSystemCpuUtil1 OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"CPU utilization of the system in last 1 minute. The value
is measured in 0.01%. For example, if the value is 234,
then CPU utilization is 2.34%."
::= { wgSystemStatisticsMIB 77 }
wgSystemCpuUtil5 OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"CPU utilization of the system in last 5 minutes. The value
is measured in 0.01%. For example, if the value is 234,
then CPU utilization is 2.34%."
::= { wgSystemStatisticsMIB 78 }
wgSystemCpuUtil15 OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"CPU utilization of the system in last 15 minutes. The value
is measured in 0.01%. For example, if the value is 234,
then CPU utilization is 2.34%."
::= { wgSystemStatisticsMIB 79 }
wgSystemCurrActiveConns OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of currently active connections of the system."
::= { wgSystemStatisticsMIB 80 }
END
Icinga2/_Test/WatchGuard File/WatchGuard MIB/_OID.xlsx
BIN
View File
Binary file not shown.
Icinga2/_Test/WatchGuard File/check_watchguard.sh
+347
View File
@@ -0,0 +1,347 @@
#!/bin/sh
# - VAR
# - Bash info
APPNAME=$(basename $0)
NAME="Check Watchguard"
AUTHOR="Kalarumeth"
VERSION="v1.2"
URL="https://github.com/Kalarumeth/Check-WatchGuard"
# - Default settings for connection
COMMUNITY="public"
HOST_NAME="localhost"
SNMPVERSION="2c"
# - State Variables
STATE_OK=0
STATE_WARN=1
STATE_CRIT=2
STATE_UNK=3
# - Range Variables
WA=80
CR=90
CAC_MAX=3300000
# - Default Outputs
STATE=$STATE_OK
STATE_STRING=""
PERFDATA=""
# - WATCHGUARD OID
# - wgSystemStatisticsMIB
OID_wgSystemTotalSendBytes="1.3.6.1.4.1.3097.6.3.8"
OID_wgSystemTotalRecvBytes="1.3.6.1.4.1.3097.6.3.9"
OID_wgSystemTotalSendPackets="1.3.6.1.4.1.3097.6.3.10"
OID_wgSystemTotalRecvPackets="1.3.6.1.4.1.3097.6.3.11"
OID_wgSystemCpuUtil1="1.3.6.1.4.1.3097.6.3.77"
OID_wgSystemCurrActiveConns="1.3.6.1.4.1.3097.6.3.80"
# - wgMem
OID_wgMemTotalReal="1.3.6.1.4.1.2021.4.5.0"
OID_wgMemAvailReal="1.3.6.1.4.1.2021.4.6.0"
# - wgIpsecStats
OID_wgIpsecTunnelNum="1.3.6.1.4.1.3097.6.5.1.1"
# - wgInfoSystem
OID_wgInfoGavService="1.3.6.1.4.1.3097.6.1.3.0"
OID_wgInfoIpsService="1.3.6.1.4.1.3097.6.1.4"
# - HELP
print_help(){
echo ''
echo "Script bash for check WatchGuard OIDs"
echo ''
print_usage
echo ''
print_options
echo ''
print_info
echo ''
print_sup
echo ''
exit $STATE_UNK
}
print_usage(){
echo " ./$APPNAME -C <SNMP community> -H <host/ip> -t <type to check> | -wa <value> -cr <value> | -acm <value>"
}
print_options(){
echo 'OPTIONS:'
echo ''
echo " -c|--community SNMP v2 community string with Read access."
echo " Default is 'public'."
echo ''
echo " -h|--host [REQUIRED OPTION] Host name or IP address to check."
echo " Default is: localhost."
echo ''
echo " -t|--type [REQUIRED OPTION] Select what you need to scan."
echo " { ActiveConns | Cpu | InfoIps | InfoGav | IpsecTunnelNum | Memory | Transfer }."
echo ''
echo " -wa|--allert-wa Defines the threshold for Warning,"
echo " you can set only for ActiveConns - Cpu - Memory."
echo " Default is: 80."
echo ''
echo " -cr|--allert-cr Defines the threshold for Critical,"
echo " you can set only for ActiveConns - Cpu - Memory."
echo " Default is: 90."
echo ''
echo " -acm|--activeconns-max Defines the maximum Active Connections of the firewall,"
echo " write this number in full without dot, work only for ActiveConns."
echo " Default is: 3300000"
echo ''
echo " -H|--help Show help."
echo ''
echo " -V|--version Print script version."
}
print_info(){
echo "INFO: $NAME $VERSION"
echo " $AUTHOR - $URL"
}
print_sup(){
echo 'GitHub Supporters:'
echo " kelups"
}
# - SNMPWALK FUNCTION
# - Check System Statistics Send/Recv
CheckTransferData(){
TOTSENDB=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalSendBytes)
TOTSENDPKG=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalSendPackets)
TOTRECVB=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalRecvBytes)
TOTRECVPKG=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalRecvPackets)
TSPO=$(echo "$TOTSENDPKG" | cut -d " " -f 4)
TSBO=$(echo "$TOTSENDB" | cut -d " " -f 4 | awk '{ byte = $1 /1024/1024/1024; print byte }' | xargs printf "%.2f")
TRPO=$(echo "$TOTRECVPKG" | cut -d " " -f 4)
TRBO=$(echo "$TOTRECVB" | cut -d " " -f 4 | awk '{ byte = $1 /1024/1024/1024; print byte }' | xargs printf "%.2f")
TSGB=$(echo "$TOTSENDB" | cut -d " " -f 4 | awk '{ byte = $1 /1024/1024/1024; print byte }' | xargs printf "%.0f")
TRGB=$(echo "$TOTRECVB" | cut -d " " -f 4 | awk '{ byte = $1 /1024/1024/1024; print byte }' | xargs printf "%.0f")
echo "Send $TSGB GB / Recive $TRGB GB"
echo "WatchGuard transfer info:"
echo ''
echo "Total Data Send:"
echo " $TSPO pkg"
echo " $TSBO GB"
echo ''
echo "Total Data Recive:"
echo " $TRPO pkg"
echo " $TRBO GB"
}
# - Check Cpu Utilization
CheckCpuUtil(){
CPUUTIL=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemCpuUtil1)
CPU_STATE=$(echo "$CPUUTIL" | cut -d " " -f 4)
CPU_PERC=$(echo "$CPU_STATE" | awk '{ cpu = $1 /100; print cpu }')
case 1 in
$(($CPU_PERC <= $WA-1)))
echo "OK! CPU used: $CPU_PERC%"
exit $STATE_OK ;;
$(($CPU_PERC <= $CR-1)))
echo "WARRING! CPU used: $CPU_PERC%"
exit $STATE_WARN ;;
$(($CPU_PERC > $CR-1)))
echo "CRITICAL! CPU used: $CPU_PERC%"
exit $STATE_CRIT ;;
*)
echo "UNKNOWN! Cpu not found"
exit $STATE_UNK ;;
esac
}
# - Check Memory Utilization
CheckMemory(){
RAMIM=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgMemTotalReal)
RAMAR=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgMemAvailReal)
RAM_ALL=$(echo "$RAMIM" | cut -d " " -f4 )
RAM_FRE=$(echo "$RAMAR" | cut -d " " -f4 )
RAM_ALLK=$(echo "$RAM_ALL" | awk '{ kbyte = $1 /1024/1024; print kbyte }' | xargs printf "%.2f")
RAM_FREK=$(echo "$RAM_FRE" | awk '{ kbyte = $1 /1024/1024; print kbyte }' | xargs printf "%.2f")
RAM_PERC=$(echo "$RAM_FRE" "$RAM_ALL" | awk '{ ramp = $1 /$2 *100; print ramp }' | xargs printf "%.2f" )
RAM_UPERC=$(echo "$RAM_PERC" | awk '{ ramup = 100 - $1; print ramup }')
RAM_P=$(echo "$RAM_UPERC" | cut -d "." -f1 )
RAM_USE=$(echo "$RAM_ALL" "$RAM_FRE" | awk '{ used = $1 -$2; print used }' )
RAM_USEK=$(echo "$RAM_USE" | awk '{ kbyte = $1 /1024/1024; print kbyte }' | xargs printf "%.2f")
case 1 in
$(($RAM_P <= $WA-1)))
echo "OK! RAM used: $RAM_USEK / $RAM_ALLK GB ($RAM_UPERC%)"
echo "RAM free: $RAM_FREK GB ($RAM_PERC%)"
exit $STATE_OK ;;
$(($RAM_P <= $CR-1)))
echo "WARRING! RAM used: $RAM_USEK / $RAM_ALLK GB ($RAM_UPERC%)"
echo "RAM free: $RAM_FREK GB ($RAM_PERC%)"
exit $STATE_WARN ;;
$(($RAM_P > $CR-1)))
echo "CRITICAL! RAM used: $RAM_USEK / $RAM_ALLK GB ($RAM_UPERC%)"
echo "RAM free: $RAM_FREK GB ($RAM_PERC%)"
exit $STATE_CRIT ;;
*)
echo "UNKNOWN! RAM not found"
exit $STATE_UNK ;;
esac
}
# - Check Current Active Connections
CheckCurrActiveConns(){
CAC=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemCurrActiveConns)
CACO=$(echo "$CAC" | cut -d " " -f 4)
CAC_PER=$(echo "$CACO $CAC_MAX" | awk '{ perc = $1 /$2 *100; print perc; }')
CAC_P=$(echo "$CAC_PER" | cut -d "." -f 1 )
CAC_PERC=$(echo "$CAC_PER" | xargs printf "%.2f")
CAC_U=$(echo "$CACO" | perl -pe 's/(\d{1,3})(?=(?:\d{3}){1,5}\b)/\1./g')
CAC_M=$(echo "$CAC_MAX" | perl -pe 's/(\d{1,3})(?=(?:\d{3}){1,5}\b)/\1./g')
case 1 in
$(($CAC_P <= $WA-1)))
echo "OK! Active Connections used: $CAC_PERC%"
echo "Current Active Connections: $CAC_U of $CAC_M"
exit $STATE_OK ;;
$(($CAC_P <= $CR-1)))
echo "WARRING! Active Connections used: $CAC_PERC%"
echo "Current Active Connections: $CAC_U of $CAC_M"
exit $STATE_WARN ;;
$(($CAC_P > $CR-1)))
echo "CRITICAL! Active Connections used: $CAC_PERC%"
echo "Current Active Connections: $CAC_U of $CAC_M"
exit $STATE_CRIT ;;
*)
echo "UNKNOWN! Current Active Connections not found"
exit $STATE_UNK ;;
esac
}
# - Check IP Security Tunnel
CheckIpsecTunnelNum(){
IPSTN=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgIpsecTunnelNum)
IPSTNO=$(echo "$IPSTN" | cut -d " " -f 4)
echo "VPN active: $IPSTNO"
}
# - Check Last update of Gateway Antivirus Service
CheckInfoGavService(){
INFOGAV=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgInfoGavService)
IGSV=$(echo "$INFOGAV" | cut -d "<" -f 2 | cut -d ">" -f 1)
IGSD=$(echo "$INFOGAV" | cut -d "(" -f 2 | cut -d ")" -f 1)
echo "Gateway Antivirus Service: $IGSV"
echo "Last Update: $IGSD"
}
# - Check Last update of Intrusion Prevention Service
CheckInfoIpsService(){
INFOIPS=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgInfoIpsService 2>&1 | sed 's/Timeout: No Response.*/Idle/')
if [ "$INFOIPS" != "Idle" ] ; then
INFOIPS=$(echo $INFOIPS)
fi
IISV=$(echo "$INFOIPS" | cut -d "<" -f 2 | cut -d ">" -f 1)
IISD=$(echo "$INFOIPS" | cut -d "(" -f 2 | cut -d ")" -f 1)
echo "Intrusion Prevention Service: $IISV"
echo "Last Update: $IISD"
}
# - COMMAND LINE ENCODER
# - Prompt
while test -n "$1"; do
case "$1" in
--host|-h) #SNMP Coordinate
HOST_NAME=$2
shift
;;
--comunity|-c)
COMMUNITY=$2
shift
;;
--type|-t)
CHECK_TYPE=$2
shift
;;
--activeconns-max|-acm)
CAC_MAX=$2
shift
;;
--allert-wa|-wa) #Allert Range
WA=$2
shift
;;
--allert-cr|-cr)
CR=$2
shift
;;
--help|-H) #Info
print_help
;;
--version|-V)
print_info
exit $STATE
;;
*)
echo "Unknown argument: $1"
print_help
exit $STATE_UNK
;;
esac
shift
done
# - Type Check
if [ ! -z $CHECK_TYPE ]; then
case "$CHECK_TYPE" in
Transfer)
CheckTransferData;;
Cpu)
CheckCpuUtil;;
Memory)
CheckMemory;;
ActiveConns)
CheckCurrActiveConns;;
IpsecTunnelNum)
CheckIpsecTunnelNum;;
InfoGav)
CheckInfoGavService;;
InfoIps)
CheckInfoIpsService;;
*)
echo "Command incomplete!"
print_help
STATE=$STATE_UNK ;;
esac
fi
exit $STATE
Icinga2/_Test/WatchGuard File/commands.conf
+15
View File
@@ -0,0 +1,15 @@
// -*- mode: icinga -*-
object CheckCommand "check_watchguard" {
import "plugin-check-command"
command = [ PluginDir + "/check_watchguard.sh" ]
arguments += {
"-C" = "$wgsnmp_community$"
"-H" = "$address$"
"-t" = {
required = true
value = "$wgsnmp_types$"
}
}
vars.wgsnmp_community = "pal-ro"
}
Icinga2/_Test/WatchGuard File/hosts.conf
+5
View File
@@ -0,0 +1,5 @@
// -*- mode: icinga -*-
object Host "WatchGuard - Host" {
import "WatchGuard"
}
Icinga2/_Test/WatchGuard File/obj.conf
+72
View File
@@ -0,0 +1,72 @@
// -*- mode: icinga -*-
// # CheckCommand #
object CheckCommand "check_watchguard" {
import "plugin-check-command"
command = [ PluginDir + "/check_watchguard.sh" ]
arguments += {
"-C" = "$wgsnmp_community$"
"-H" = "$address$"
"-t" = {
required = true
value = "$wgsnmp_types$"
}
}
vars.wgsnmp_community = "pal-ro"
}
// # Template #
template Host "WatchGuard" {
address = "172.16.254.240"
check_command = "hostalive"
}
template Service "WatchGuard - check_watchguard" {
check_command = "check_watchguard"
check_interval = 5m
retry_interval = 3m
command_endpoint = null
vars.wgsnmp_types = "InfoGav"
}
// # Host #
object Host "WatchGuard - Host" {
import "WatchGuard"
}
// # Service #
// # snmp #
object Service "Transfer" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "Transfer"
}
object Service "Cpu" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "Cpu"
}
object Service "ActiveConns" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "ActiveConns"
}
object Service "IpsecTunnelNum" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "IpsecTunnelNum"
}
object Service "InfoGav" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "InfoGav"
}
Icinga2/_Test/WatchGuard File/services.conf
+47
View File
@@ -0,0 +1,47 @@
// -*- mode: icinga -*-
// # basic #
object Service "ping4" {
display_name = "Ping4"
host_name = "WatchGuard - Host"
check_command = "ping4"
}
object Service "http" {
display_name = "Http"
host_name = "WatchGuard - Host"
check_command = "http"
}
// # snmp #
object Service "Transfer" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "Transfer"
}
object Service "Cpu" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "Cpu"
}
object Service "ActiveConns" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "ActiveConns"
}
object Service "IpsecTunnelNum" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "IpsecTunnelNum"
}
object Service "InfoGav" {
import "WatchGuard - check_watchguard"
host_name = "WatchGuard - Host"
vars.wgsnmp_types = "InfoGav"
}
Icinga2/_Test/WatchGuard File/templates.conf
+14
View File
@@ -0,0 +1,14 @@
// -*- mode: icinga -*-
template Host "WatchGuard" {
address = "172.16.254.240"
check_command = "hostalive"
}
template Service "WatchGuard - check_watchguard" {
check_command = "check_watchguard"
check_interval = 5m
retry_interval = 3m
command_endpoint = null
vars.wgsnmp_types = "InfoGav"
}