ELTEX-MES-ISS-IP-MIB DEFINITIONS ::= BEGIN

IMPORTS
    OBJECT-TYPE, MODULE-IDENTITY,
    Integer32
            FROM SNMPv2-SMI
    TEXTUAL-CONVENTION, RowStatus,
    TruthValue
            FROM SNMPv2-TC
    ifIndex
            FROM IF-MIB
    VlanId, PortList
            FROM Q-BRIDGE-MIB
    eltMesIss
            FROM ELTEX-MES-ISS-MIB
    InetAddressType, InetAddress, InetAddressPrefixLength
            FROM INET-ADDRESS-MIB;

eltMesIssIpMIB MODULE-IDENTITY
    LAST-UPDATED "202101120000Z"
    ORGANIZATION "Eltex Enterprise, Ltd."
    CONTACT-INFO
            "www.eltex-co.ru"
    DESCRIPTION
            "Eltex MIB extensions for IP module."
    REVISION "202101120000Z"
    DESCRIPTION "Initial revision."

    REVISION "202101190000Z"
    DESCRIPTION "Authorized-manager feature."

  ::= { eltMesIss 24 }

-- Top level MIB structure

eltMesIssIpObjects        OBJECT IDENTIFIER ::= { eltMesIssIpMIB 1 }
eltMesIssIpNotifications  OBJECT IDENTIFIER ::= { eltMesIssIpMIB 2 }

-- MIB Groups

eltMesIssIpMgmt           OBJECT IDENTIFIER ::= { eltMesIssIpObjects 1 }
eltMesIssIpAuthMgr        OBJECT IDENTIFIER ::= { eltMesIssIpObjects 2 }

-- ========================================================================== --
--                       IP Management Interface Table                        --
-- ========================================================================== --

eltMesIssIpMgmtInterfaceTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF EltMesIssIpMgmtInterfaceEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "The table contains IP management interfaces."
    ::= { eltMesIssIpMgmt 1 }

eltMesIssIpMgmtInterfaceEntry OBJECT-TYPE
    SYNTAX      EltMesIssIpMgmtInterfaceEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "The row definition for this table."
    INDEX { ifIndex }
    ::= { eltMesIssIpMgmtInterfaceTable 1 }

EltMesIssIpMgmtInterfaceEntry ::=
    SEQUENCE {
        eltMesIssIpMgmtInterfaceOuterVlanId
            VlanId
    }

eltMesIssIpMgmtInterfaceOuterVlanId OBJECT-TYPE
    SYNTAX      VlanId
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
            "Outer VLAN ID for IP management interface.
            Outer vlan tag of packets with configured VLAN ID
            will be removed on ingress. Packets on egress will be
            encapsulated with outer vlan tag with corresponding VLAN ID.
            The value '4095' disables this feature."
    DEFVAL { 4095 }
    ::= { eltMesIssIpMgmtInterfaceEntry 1 }

-- ========================================================================== --
--                           IP Authorized Manager                            --
-- ========================================================================== --

eltMesIssIpAuthMgrTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF EltMesIssIpAuthMgrEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "A table to configure IP authorized managers in the system."
    ::= { eltMesIssIpAuthMgr 1 }

eltMesIssIpAuthMgrEntry OBJECT-TYPE
    SYNTAX      EltMesIssIpAuthMgrEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "Each entry in this table represents rules for particular
            IP authorized manager."
    INDEX { eltMesIssIpAuthMgrIpAddrType,
            eltMesIssIpAuthMgrIpAddr,
            eltMesIssIpAuthMgrIpPrefixLength }
    ::= { eltMesIssIpAuthMgrTable 1 }

EltMesIssIpAuthMgrEntry ::=
    SEQUENCE {
        eltMesIssIpAuthMgrIpAddrType
            InetAddressType,
        eltMesIssIpAuthMgrIpAddr
            InetAddress,
        eltMesIssIpAuthMgrIpPrefixLength
            InetAddressPrefixLength,
        eltMesIssIpAuthMgrPortList
            PortList,
        eltMesIssIpAuthMgrVlanList
            OCTET STRING,
        eltMesIssIpAuthMgrOOBPort
            TruthValue,
        eltMesIssIpAuthMgrAllowedServices
            Integer32,
        eltMesIssIpAuthMgrRowStatus
            RowStatus
    }

eltMesIssIpAuthMgrIpAddrType OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "Specifies the IP version of the network or host address
            from which the switch can be managed."
    ::= { eltMesIssIpAuthMgrEntry 1 }

eltMesIssIpAuthMgrIpAddr OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "IP address of the network or host from which the switch can be managed.
            An address 0.0.0.0 (::0 for IPv6) indicates 'Any Manager'."
    ::= { eltMesIssIpAuthMgrEntry 2 }

eltMesIssIpAuthMgrIpPrefixLength OBJECT-TYPE
    SYNTAX      InetAddressPrefixLength
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
            "IP address prefix (or mask length) to be applied on eltMesIssIpAuthMgrIpAddr.
            Value 0 indicates mask for 'Any Manager'."
    ::= { eltMesIssIpAuthMgrEntry 3 }

eltMesIssIpAuthMgrPortList OBJECT-TYPE
    SYNTAX       PortList
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
            "Specifies the port numbers through which the authorized manager can
            access the switch. 
            By default the authorized manager is allowed to access the switch 
            through all the ports.
            If the set of ports is configured in the 'PortList', the manager can
            access the switch only through the configured ports."
    ::= { eltMesIssIpAuthMgrEntry 4 }

eltMesIssIpAuthMgrVlanList OBJECT-TYPE
    SYNTAX       OCTET STRING
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
            "Specifies the Vlan's in which the IP authorized manager can reside.
            By default the manager is allowed to reside in any vlan.
            If the set of vlans is configured in the 'VlanList', the manager can 
            reside only in the configured vlan set.  Access to the switch 
            will be denied from any other vlan." 
    ::= { eltMesIssIpAuthMgrEntry 5 }

eltMesIssIpAuthMgrOOBPort OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-write
    STATUS       current
    DESCRIPTION
            "Specifies whether the authorized manager can access the switch
            through OOB Port
            By default the manager is denied access to reside on OOB Interface"
    DEFVAL { false }
    ::= { eltMesIssIpAuthMgrEntry 6 }

eltMesIssIpAuthMgrAllowedServices OBJECT-TYPE
    SYNTAX      Integer32 
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
            "Specifies the allowed services through which the authorized manager can
            access the switch. 
            This object takes bit mask values. The services represented by each bit
            position is as given below:
            With bit 0 being the Least Significant Bit,
                Bit0  --> snmp
                Bit1  --> telnet
                Bit2  --> http
                Bit3  --> https
                Bit4  --> ssh
            If the particular bit is set to 1,corresponding service is allowed for 
            the configured manager.
            By default all services are allowed for the configured manager." 
    DEFVAL { '1F'h }
    ::= { eltMesIssIpAuthMgrEntry 7 }

eltMesIssIpAuthMgrRowStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
            "This object indicates the status of this entry."
   ::= { eltMesIssIpAuthMgrEntry 8 }

END
