-- *------------------------------------------------
-- * Firebrick IPsec MIB
-- *
-- * June 2020, Cliff Hones
-- *
-- * Copyright (c) 2020 by Andrews & Arnold
-- * 
-- * See the Firebrick Manuals for more information
-- *------------------------------------------------

FIREBRICK-IPSEC-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY,
    OBJECT-TYPE,
    enterprises
        FROM SNMPv2-SMI
    DisplayString
        FROM SNMPv2-TC
    InetAddressType,
    InetAddress
        FROM INET-ADDRESS-MIB
    firebrickNewStyle
	FROM FIREBRICK-MIB
        ;

fbIPsecMib MODULE-IDENTITY
    LAST-UPDATED "202006160000Z"
    ORGANIZATION "Andrews & Arnold Limited"
    CONTACT-INFO
        "Andrews & Arnold
        Unit 1&2, Enterprise Court
        Bracknell, Berkshire, RG12 1QS
        United Kingdom

        Tel: +44 3333 400 999
        Email: support@aa.net.uk"
    DESCRIPTION
        "This is a MIB Module for monitoring the Firebrick-specific structures
        for IPSec."
    REVISION "202006160000Z"
    DESCRIPTION "Initial version of this MIB module"
    ::= { firebrickNewStyle 500 }

fbIPsecGeneral    OBJECT IDENTIFIER ::= { fbIPsecMib 1 }

fbIPsecEstablished OBJECT-TYPE
    SYNTAX     Integer32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The count of currently established IKE connections."
    ::= { fbIPsecGeneral 1 }

fbIPsecHalfOpen OBJECT-TYPE
    SYNTAX     Integer32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The count of incoming IKE connections which have not yet authorized."
    ::= { fbIPsecGeneral 2 }

fbIPsecConnectionTable OBJECT-TYPE
    SYNTAX SEQUENCE OF FbIPsecConnectionEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The list of IPsec connections for this Firebrick"
    ::= { fbIPsecMib 2 }

fbIPsecConnectionEntry OBJECT-TYPE
    SYNTAX FbIPsecConnectionEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "An entry in the IPsec connection table"
    INDEX { fbIPsecConnectionIndex }
    ::= { fbIPsecConnectionTable 1 }

FbIPsecConnectionEntry ::= SEQUENCE {
    fbIPsecConnectionIndex        Integer32,
    fbIPsecConnectionName         DisplayString,
    fbIPsecConnectionState        Integer32,
    fbIPsecConnectionUptime       TimeTicks,
    fbIPsecConnectionLocalId      DisplayString,
    fbIPsecConnectionPeerId       DisplayString,
    fbIPsecConnectionPeerAddress  DisplayString
}

fbIPsecConnectionIndex OBJECT-TYPE
    SYNTAX  Integer32
    MAX-ACCESS  not-accessible
    STATUS  current
    DESCRIPTION
        "The index for the connection table"
    ::= { fbIPsecConnectionEntry 1 }

fbIPsecConnectionName OBJECT-TYPE
    SYNTAX  DisplayString
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The config name for this connection"
    ::= { fbIPsecConnectionEntry 2 }

fbIPsecConnectionState OBJECT-TYPE
    SYNTAX  Integer32
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The current state for this connection"
    ::= { fbIPsecConnectionEntry 3 }

fbIPsecConnectionUptime OBJECT-TYPE
    SYNTAX  TimeTicks
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The uptime for this connection"
    ::= { fbIPsecConnectionEntry 4 }

fbIPsecConnectionLocalID OBJECT-TYPE
    SYNTAX  DisplayString
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The local IKE ID for this connection"
    ::= { fbIPsecConnectionEntry 5 }

fbIPsecConnectionPeerID OBJECT-TYPE
    SYNTAX  DisplayString
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The peer IKE ID for this connection"
    ::= { fbIPsecConnectionEntry 6 }

fbIPsecConnectionPeerAddress OBJECT-TYPE
    SYNTAX  DisplayString
    MAX-ACCESS  read-only
    STATUS  current
    DESCRIPTION
        "The peer's IP address for this connection"
    ::= { fbIPsecConnectionEntry 7 }

END
