diff options
Diffstat (limited to 'mibs/SNMP-VIEW-BASED-ACM-MIB.txt')
-rw-r--r-- | mibs/SNMP-VIEW-BASED-ACM-MIB.txt | 830 |
1 files changed, 0 insertions, 830 deletions
diff --git a/mibs/SNMP-VIEW-BASED-ACM-MIB.txt b/mibs/SNMP-VIEW-BASED-ACM-MIB.txt deleted file mode 100644 index 7244ad0a..00000000 --- a/mibs/SNMP-VIEW-BASED-ACM-MIB.txt +++ /dev/null @@ -1,830 +0,0 @@ -SNMP-VIEW-BASED-ACM-MIB DEFINITIONS ::= BEGIN - -IMPORTS - MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF - MODULE-IDENTITY, OBJECT-TYPE, - snmpModules FROM SNMPv2-SMI - TestAndIncr, - RowStatus, StorageType FROM SNMPv2-TC - SnmpAdminString, - SnmpSecurityLevel, - SnmpSecurityModel FROM SNMP-FRAMEWORK-MIB; - -snmpVacmMIB MODULE-IDENTITY - LAST-UPDATED "200210160000Z" -- 16 Oct 2002, midnight - ORGANIZATION "SNMPv3 Working Group" - CONTACT-INFO "WG-email: snmpv3@lists.tislabs.com - Subscribe: majordomo@lists.tislabs.com - In message body: subscribe snmpv3 - - Co-Chair: Russ Mundy - Network Associates Laboratories - postal: 15204 Omega Drive, Suite 300 - Rockville, MD 20850-4601 - USA - email: mundy@tislabs.com - phone: +1 301-947-7107 - - Co-Chair: David Harrington - Enterasys Networks - Postal: 35 Industrial Way - P. O. Box 5004 - Rochester, New Hampshire 03866-5005 - USA - EMail: dbh@enterasys.com - Phone: +1 603-337-2614 - - Co-editor: Bert Wijnen - Lucent Technologies - postal: Schagen 33 - 3461 GL Linschoten - Netherlands - email: bwijnen@lucent.com - phone: +31-348-480-685 - - Co-editor: Randy Presuhn - BMC Software, Inc. - - postal: 2141 North First Street - San Jose, CA 95131 - USA - email: randy_presuhn@bmc.com - phone: +1 408-546-1006 - - Co-editor: Keith McCloghrie - Cisco Systems, Inc. - postal: 170 West Tasman Drive - San Jose, CA 95134-1706 - USA - email: kzm@cisco.com - phone: +1-408-526-5260 - " - DESCRIPTION "The management information definitions for the - View-based Access Control Model for SNMP. - - Copyright (C) The Internet Society (2002). This - version of this MIB module is part of RFC 3415; - see the RFC itself for full legal notices. - " --- Revision history - - REVISION "200210160000Z" -- 16 Oct 2002, midnight - DESCRIPTION "Clarifications, published as RFC3415" - - REVISION "199901200000Z" -- 20 Jan 1999, midnight - DESCRIPTION "Clarifications, published as RFC2575" - - REVISION "199711200000Z" -- 20 Nov 1997, midnight - DESCRIPTION "Initial version, published as RFC2275" - ::= { snmpModules 16 } - --- Administrative assignments **************************************** - -vacmMIBObjects OBJECT IDENTIFIER ::= { snmpVacmMIB 1 } -vacmMIBConformance OBJECT IDENTIFIER ::= { snmpVacmMIB 2 } - --- Information about Local Contexts ********************************** - -vacmContextTable OBJECT-TYPE - SYNTAX SEQUENCE OF VacmContextEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The table of locally available contexts. - - This table provides information to SNMP Command - - Generator applications so that they can properly - configure the vacmAccessTable to control access to - all contexts at the SNMP entity. - - This table may change dynamically if the SNMP entity - allows that contexts are added/deleted dynamically - (for instance when its configuration changes). Such - changes would happen only if the management - instrumentation at that SNMP entity recognizes more - (or fewer) contexts. - - The presence of entries in this table and of entries - in the vacmAccessTable are independent. That is, a - context identified by an entry in this table is not - necessarily referenced by any entries in the - vacmAccessTable; and the context(s) referenced by an - entry in the vacmAccessTable does not necessarily - currently exist and thus need not be identified by an - entry in this table. - - This table must be made accessible via the default - context so that Command Responder applications have - a standard way of retrieving the information. - - This table is read-only. It cannot be configured via - SNMP. - " - ::= { vacmMIBObjects 1 } - -vacmContextEntry OBJECT-TYPE - SYNTAX VacmContextEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "Information about a particular context." - INDEX { - vacmContextName - } - ::= { vacmContextTable 1 } - -VacmContextEntry ::= SEQUENCE - { - vacmContextName SnmpAdminString - } - -vacmContextName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(0..32)) - MAX-ACCESS read-only - STATUS current - DESCRIPTION "A human readable name identifying a particular - context at a particular SNMP entity. - - The empty contextName (zero length) represents the - default context. - " - ::= { vacmContextEntry 1 } - --- Information about Groups ****************************************** - -vacmSecurityToGroupTable OBJECT-TYPE - SYNTAX SEQUENCE OF VacmSecurityToGroupEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "This table maps a combination of securityModel and - securityName into a groupName which is used to define - an access control policy for a group of principals. - " - ::= { vacmMIBObjects 2 } - -vacmSecurityToGroupEntry OBJECT-TYPE - SYNTAX VacmSecurityToGroupEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "An entry in this table maps the combination of a - securityModel and securityName into a groupName. - " - INDEX { - vacmSecurityModel, - vacmSecurityName - } - ::= { vacmSecurityToGroupTable 1 } - -VacmSecurityToGroupEntry ::= SEQUENCE - { - vacmSecurityModel SnmpSecurityModel, - vacmSecurityName SnmpAdminString, - vacmGroupName SnmpAdminString, - vacmSecurityToGroupStorageType StorageType, - vacmSecurityToGroupStatus RowStatus - } - -vacmSecurityModel OBJECT-TYPE - SYNTAX SnmpSecurityModel(1..2147483647) - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The Security Model, by which the vacmSecurityName - referenced by this entry is provided. - - Note, this object may not take the 'any' (0) value. - " - ::= { vacmSecurityToGroupEntry 1 } - -vacmSecurityName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(1..32)) - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The securityName for the principal, represented in a - Security Model independent format, which is mapped by - this entry to a groupName. - " - ::= { vacmSecurityToGroupEntry 2 } - -vacmGroupName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(1..32)) - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The name of the group to which this entry (e.g., the - combination of securityModel and securityName) - belongs. - - This groupName is used as index into the - vacmAccessTable to select an access control policy. - However, a value in this table does not imply that an - instance with the value exists in table vacmAccesTable. - " - ::= { vacmSecurityToGroupEntry 3 } - -vacmSecurityToGroupStorageType OBJECT-TYPE - SYNTAX StorageType - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The storage type for this conceptual row. - Conceptual rows having the value 'permanent' need not - allow write-access to any columnar objects in the row. - " - DEFVAL { nonVolatile } - ::= { vacmSecurityToGroupEntry 4 } - -vacmSecurityToGroupStatus OBJECT-TYPE - SYNTAX RowStatus - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The status of this conceptual row. - - Until instances of all corresponding columns are - appropriately configured, the value of the - - corresponding instance of the vacmSecurityToGroupStatus - column is 'notReady'. - - In particular, a newly created row cannot be made - active until a value has been set for vacmGroupName. - - The RowStatus TC [RFC2579] requires that this - DESCRIPTION clause states under which circumstances - other objects in this row can be modified: - - The value of this object has no effect on whether - other objects in this conceptual row can be modified. - " - ::= { vacmSecurityToGroupEntry 5 } - --- Information about Access Rights *********************************** - -vacmAccessTable OBJECT-TYPE - SYNTAX SEQUENCE OF VacmAccessEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The table of access rights for groups. - - Each entry is indexed by a groupName, a contextPrefix, - a securityModel and a securityLevel. To determine - whether access is allowed, one entry from this table - needs to be selected and the proper viewName from that - entry must be used for access control checking. - - To select the proper entry, follow these steps: - - 1) the set of possible matches is formed by the - intersection of the following sets of entries: - - the set of entries with identical vacmGroupName - the union of these two sets: - - the set with identical vacmAccessContextPrefix - - the set of entries with vacmAccessContextMatch - value of 'prefix' and matching - vacmAccessContextPrefix - intersected with the union of these two sets: - - the set of entries with identical - vacmSecurityModel - - the set of entries with vacmSecurityModel - value of 'any' - intersected with the set of entries with - vacmAccessSecurityLevel value less than or equal - to the requested securityLevel - - 2) if this set has only one member, we're done - otherwise, it comes down to deciding how to weight - the preferences between ContextPrefixes, - SecurityModels, and SecurityLevels as follows: - a) if the subset of entries with securityModel - matching the securityModel in the message is - not empty, then discard the rest. - b) if the subset of entries with - vacmAccessContextPrefix matching the contextName - in the message is not empty, - then discard the rest - c) discard all entries with ContextPrefixes shorter - than the longest one remaining in the set - d) select the entry with the highest securityLevel - - Please note that for securityLevel noAuthNoPriv, all - groups are really equivalent since the assumption that - the securityName has been authenticated does not hold. - " - ::= { vacmMIBObjects 4 } - -vacmAccessEntry OBJECT-TYPE - SYNTAX VacmAccessEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "An access right configured in the Local Configuration - Datastore (LCD) authorizing access to an SNMP context. - - Entries in this table can use an instance value for - object vacmGroupName even if no entry in table - vacmAccessSecurityToGroupTable has a corresponding - value for object vacmGroupName. - " - INDEX { vacmGroupName, - vacmAccessContextPrefix, - vacmAccessSecurityModel, - vacmAccessSecurityLevel - } - ::= { vacmAccessTable 1 } - -VacmAccessEntry ::= SEQUENCE - { - vacmAccessContextPrefix SnmpAdminString, - vacmAccessSecurityModel SnmpSecurityModel, - vacmAccessSecurityLevel SnmpSecurityLevel, - vacmAccessContextMatch INTEGER, - vacmAccessReadViewName SnmpAdminString, - vacmAccessWriteViewName SnmpAdminString, - vacmAccessNotifyViewName SnmpAdminString, - vacmAccessStorageType StorageType, - vacmAccessStatus RowStatus - } - -vacmAccessContextPrefix OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(0..32)) - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "In order to gain the access rights allowed by this - conceptual row, a contextName must match exactly - (if the value of vacmAccessContextMatch is 'exact') - or partially (if the value of vacmAccessContextMatch - is 'prefix') to the value of the instance of this - object. - " - ::= { vacmAccessEntry 1 } - -vacmAccessSecurityModel OBJECT-TYPE - SYNTAX SnmpSecurityModel - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "In order to gain the access rights allowed by this - conceptual row, this securityModel must be in use. - " - ::= { vacmAccessEntry 2 } - -vacmAccessSecurityLevel OBJECT-TYPE - SYNTAX SnmpSecurityLevel - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The minimum level of security required in order to - gain the access rights allowed by this conceptual - row. A securityLevel of noAuthNoPriv is less than - authNoPriv which in turn is less than authPriv. - - If multiple entries are equally indexed except for - this vacmAccessSecurityLevel index, then the entry - which has the highest value for - vacmAccessSecurityLevel is selected. - " - ::= { vacmAccessEntry 3 } - -vacmAccessContextMatch OBJECT-TYPE - SYNTAX INTEGER - { exact (1), -- exact match of prefix and contextName - prefix (2) -- Only match to the prefix - } - MAX-ACCESS read-create - STATUS current - DESCRIPTION "If the value of this object is exact(1), then all - rows where the contextName exactly matches - vacmAccessContextPrefix are selected. - - If the value of this object is prefix(2), then all - rows where the contextName whose starting octets - exactly match vacmAccessContextPrefix are selected. - This allows for a simple form of wildcarding. - " - DEFVAL { exact } - ::= { vacmAccessEntry 4 } - -vacmAccessReadViewName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(0..32)) - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The value of an instance of this object identifies - the MIB view of the SNMP context to which this - conceptual row authorizes read access. - - The identified MIB view is that one for which the - vacmViewTreeFamilyViewName has the same value as the - instance of this object; if the value is the empty - string or if there is no active MIB view having this - value of vacmViewTreeFamilyViewName, then no access - is granted. - " - DEFVAL { ''H } -- the empty string - ::= { vacmAccessEntry 5 } - -vacmAccessWriteViewName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(0..32)) - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The value of an instance of this object identifies - the MIB view of the SNMP context to which this - conceptual row authorizes write access. - - The identified MIB view is that one for which the - vacmViewTreeFamilyViewName has the same value as the - instance of this object; if the value is the empty - string or if there is no active MIB view having this - value of vacmViewTreeFamilyViewName, then no access - is granted. - " - DEFVAL { ''H } -- the empty string - ::= { vacmAccessEntry 6 } - -vacmAccessNotifyViewName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(0..32)) - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The value of an instance of this object identifies - the MIB view of the SNMP context to which this - conceptual row authorizes access for notifications. - - The identified MIB view is that one for which the - vacmViewTreeFamilyViewName has the same value as the - instance of this object; if the value is the empty - string or if there is no active MIB view having this - value of vacmViewTreeFamilyViewName, then no access - is granted. - " - DEFVAL { ''H } -- the empty string - ::= { vacmAccessEntry 7 } - -vacmAccessStorageType OBJECT-TYPE - SYNTAX StorageType - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The storage type for this conceptual row. - - Conceptual rows having the value 'permanent' need not - allow write-access to any columnar objects in the row. - " - DEFVAL { nonVolatile } - ::= { vacmAccessEntry 8 } - -vacmAccessStatus OBJECT-TYPE - SYNTAX RowStatus - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The status of this conceptual row. - - The RowStatus TC [RFC2579] requires that this - DESCRIPTION clause states under which circumstances - other objects in this row can be modified: - - The value of this object has no effect on whether - other objects in this conceptual row can be modified. - " - ::= { vacmAccessEntry 9 } - --- Information about MIB views *************************************** - --- Support for instance-level granularity is optional. --- --- In some implementations, instance-level access control --- granularity may come at a high performance cost. Managers --- should avoid requesting such configurations unnecessarily. - -vacmMIBViews OBJECT IDENTIFIER ::= { vacmMIBObjects 5 } - -vacmViewSpinLock OBJECT-TYPE - SYNTAX TestAndIncr - MAX-ACCESS read-write - STATUS current - DESCRIPTION "An advisory lock used to allow cooperating SNMP - Command Generator applications to coordinate their - use of the Set operation in creating or modifying - views. - - When creating a new view or altering an existing - view, it is important to understand the potential - interactions with other uses of the view. The - vacmViewSpinLock should be retrieved. The name of - the view to be created should be determined to be - unique by the SNMP Command Generator application by - consulting the vacmViewTreeFamilyTable. Finally, - the named view may be created (Set), including the - advisory lock. - If another SNMP Command Generator application has - altered the views in the meantime, then the spin - lock's value will have changed, and so this creation - will fail because it will specify the wrong value for - the spin lock. - - Since this is an advisory lock, the use of this lock - is not enforced. - " - ::= { vacmMIBViews 1 } - -vacmViewTreeFamilyTable OBJECT-TYPE - SYNTAX SEQUENCE OF VacmViewTreeFamilyEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "Locally held information about families of subtrees - within MIB views. - - Each MIB view is defined by two sets of view subtrees: - - the included view subtrees, and - - the excluded view subtrees. - Every such view subtree, both the included and the - - excluded ones, is defined in this table. - - To determine if a particular object instance is in - a particular MIB view, compare the object instance's - OBJECT IDENTIFIER with each of the MIB view's active - entries in this table. If none match, then the - object instance is not in the MIB view. If one or - more match, then the object instance is included in, - or excluded from, the MIB view according to the - value of vacmViewTreeFamilyType in the entry whose - value of vacmViewTreeFamilySubtree has the most - sub-identifiers. If multiple entries match and have - the same number of sub-identifiers (when wildcarding - is specified with the value of vacmViewTreeFamilyMask), - then the lexicographically greatest instance of - vacmViewTreeFamilyType determines the inclusion or - exclusion. - - An object instance's OBJECT IDENTIFIER X matches an - active entry in this table when the number of - sub-identifiers in X is at least as many as in the - value of vacmViewTreeFamilySubtree for the entry, - and each sub-identifier in the value of - vacmViewTreeFamilySubtree matches its corresponding - sub-identifier in X. Two sub-identifiers match - either if the corresponding bit of the value of - vacmViewTreeFamilyMask for the entry is zero (the - 'wild card' value), or if they are equal. - - A 'family' of subtrees is the set of subtrees defined - by a particular combination of values of - vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask. - - In the case where no 'wild card' is defined in the - vacmViewTreeFamilyMask, the family of subtrees reduces - to a single subtree. - - When creating or changing MIB views, an SNMP Command - Generator application should utilize the - vacmViewSpinLock to try to avoid collisions. See - DESCRIPTION clause of vacmViewSpinLock. - - When creating MIB views, it is strongly advised that - first the 'excluded' vacmViewTreeFamilyEntries are - created and then the 'included' entries. - - When deleting MIB views, it is strongly advised that - first the 'included' vacmViewTreeFamilyEntries are - - deleted and then the 'excluded' entries. - - If a create for an entry for instance-level access - control is received and the implementation does not - support instance-level granularity, then an - inconsistentName error must be returned. - " - ::= { vacmMIBViews 2 } - -vacmViewTreeFamilyEntry OBJECT-TYPE - SYNTAX VacmViewTreeFamilyEntry - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "Information on a particular family of view subtrees - included in or excluded from a particular SNMP - context's MIB view. - - Implementations must not restrict the number of - families of view subtrees for a given MIB view, - except as dictated by resource constraints on the - overall number of entries in the - vacmViewTreeFamilyTable. - - If no conceptual rows exist in this table for a given - MIB view (viewName), that view may be thought of as - consisting of the empty set of view subtrees. - " - INDEX { vacmViewTreeFamilyViewName, - vacmViewTreeFamilySubtree - } - ::= { vacmViewTreeFamilyTable 1 } - -VacmViewTreeFamilyEntry ::= SEQUENCE - { - vacmViewTreeFamilyViewName SnmpAdminString, - vacmViewTreeFamilySubtree OBJECT IDENTIFIER, - vacmViewTreeFamilyMask OCTET STRING, - vacmViewTreeFamilyType INTEGER, - vacmViewTreeFamilyStorageType StorageType, - vacmViewTreeFamilyStatus RowStatus - } - -vacmViewTreeFamilyViewName OBJECT-TYPE - SYNTAX SnmpAdminString (SIZE(1..32)) - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The human readable name for a family of view subtrees. - " - ::= { vacmViewTreeFamilyEntry 1 } - -vacmViewTreeFamilySubtree OBJECT-TYPE - SYNTAX OBJECT IDENTIFIER - MAX-ACCESS not-accessible - STATUS current - DESCRIPTION "The MIB subtree which when combined with the - corresponding instance of vacmViewTreeFamilyMask - defines a family of view subtrees. - " - ::= { vacmViewTreeFamilyEntry 2 } - -vacmViewTreeFamilyMask OBJECT-TYPE - SYNTAX OCTET STRING (SIZE (0..16)) - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The bit mask which, in combination with the - corresponding instance of vacmViewTreeFamilySubtree, - defines a family of view subtrees. - - Each bit of this bit mask corresponds to a - sub-identifier of vacmViewTreeFamilySubtree, with the - most significant bit of the i-th octet of this octet - string value (extended if necessary, see below) - corresponding to the (8*i - 7)-th sub-identifier, and - the least significant bit of the i-th octet of this - octet string corresponding to the (8*i)-th - sub-identifier, where i is in the range 1 through 16. - - Each bit of this bit mask specifies whether or not - the corresponding sub-identifiers must match when - determining if an OBJECT IDENTIFIER is in this - family of view subtrees; a '1' indicates that an - exact match must occur; a '0' indicates 'wild card', - i.e., any sub-identifier value matches. - - Thus, the OBJECT IDENTIFIER X of an object instance - is contained in a family of view subtrees if, for - each sub-identifier of the value of - vacmViewTreeFamilySubtree, either: - - the i-th bit of vacmViewTreeFamilyMask is 0, or - - the i-th sub-identifier of X is equal to the i-th - sub-identifier of the value of - vacmViewTreeFamilySubtree. - - If the value of this bit mask is M bits long and - - there are more than M sub-identifiers in the - corresponding instance of vacmViewTreeFamilySubtree, - then the bit mask is extended with 1's to be the - required length. - - Note that when the value of this object is the - zero-length string, this extension rule results in - a mask of all-1's being used (i.e., no 'wild card'), - and the family of view subtrees is the one view - subtree uniquely identified by the corresponding - instance of vacmViewTreeFamilySubtree. - - Note that masks of length greater than zero length - do not need to be supported. In this case this - object is made read-only. - " - DEFVAL { ''H } - ::= { vacmViewTreeFamilyEntry 3 } - -vacmViewTreeFamilyType OBJECT-TYPE - SYNTAX INTEGER { included(1), excluded(2) } - MAX-ACCESS read-create - STATUS current - DESCRIPTION "Indicates whether the corresponding instances of - vacmViewTreeFamilySubtree and vacmViewTreeFamilyMask - define a family of view subtrees which is included in - or excluded from the MIB view. - " - DEFVAL { included } - ::= { vacmViewTreeFamilyEntry 4 } - -vacmViewTreeFamilyStorageType OBJECT-TYPE - SYNTAX StorageType - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The storage type for this conceptual row. - - Conceptual rows having the value 'permanent' need not - allow write-access to any columnar objects in the row. - " - DEFVAL { nonVolatile } - ::= { vacmViewTreeFamilyEntry 5 } - -vacmViewTreeFamilyStatus OBJECT-TYPE - SYNTAX RowStatus - MAX-ACCESS read-create - STATUS current - DESCRIPTION "The status of this conceptual row. - - The RowStatus TC [RFC2579] requires that this - DESCRIPTION clause states under which circumstances - other objects in this row can be modified: - - The value of this object has no effect on whether - other objects in this conceptual row can be modified. - " - ::= { vacmViewTreeFamilyEntry 6 } - --- Conformance information ******************************************* - -vacmMIBCompliances OBJECT IDENTIFIER ::= { vacmMIBConformance 1 } -vacmMIBGroups OBJECT IDENTIFIER ::= { vacmMIBConformance 2 } - --- Compliance statements ********************************************* - -vacmMIBCompliance MODULE-COMPLIANCE - STATUS current - DESCRIPTION "The compliance statement for SNMP engines which - implement the SNMP View-based Access Control Model - configuration MIB. - " - MODULE -- this module - MANDATORY-GROUPS { vacmBasicGroup } - - OBJECT vacmAccessContextMatch - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmAccessReadViewName - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmAccessWriteViewName - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmAccessNotifyViewName - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmAccessStorageType - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmAccessStatus - MIN-ACCESS read-only - DESCRIPTION "Create/delete/modify access to the - - vacmAccessTable is not required. - " - - OBJECT vacmViewTreeFamilyMask - WRITE-SYNTAX OCTET STRING (SIZE (0)) - MIN-ACCESS read-only - DESCRIPTION "Support for configuration via SNMP of subtree - families using wild-cards is not required. - " - - OBJECT vacmViewTreeFamilyType - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmViewTreeFamilyStorageType - MIN-ACCESS read-only - DESCRIPTION "Write access is not required." - - OBJECT vacmViewTreeFamilyStatus - MIN-ACCESS read-only - DESCRIPTION "Create/delete/modify access to the - vacmViewTreeFamilyTable is not required. - " - ::= { vacmMIBCompliances 1 } - --- Units of conformance ********************************************** - -vacmBasicGroup OBJECT-GROUP - OBJECTS { - vacmContextName, - vacmGroupName, - vacmSecurityToGroupStorageType, - vacmSecurityToGroupStatus, - vacmAccessContextMatch, - vacmAccessReadViewName, - vacmAccessWriteViewName, - vacmAccessNotifyViewName, - vacmAccessStorageType, - vacmAccessStatus, - vacmViewSpinLock, - vacmViewTreeFamilyMask, - vacmViewTreeFamilyType, - vacmViewTreeFamilyStorageType, - vacmViewTreeFamilyStatus - } - STATUS current - DESCRIPTION "A collection of objects providing for remote - configuration of an SNMP engine which implements - - the SNMP View-based Access Control Model. - " - ::= { vacmMIBGroups 1 } - -END |