FDRY-IP-SOURCE-GUARD-MIB DEFINITIONS ::= BEGIN

IMPORTS
	MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, IpAddress
	   FROM SNMPv2-SMI
	snSwitch
	   FROM FOUNDRY-SN-SWITCH-GROUP-MIB
	TruthValue, RowStatus, TEXTUAL-CONVENTION
	   FROM SNMPv2-TC
	VlanIndex
	   FROM Q-BRIDGE-MIB
	ifIndex, InterfaceIndex
	   FROM IF-MIB;

fdryIpSrcGuardMIB MODULE-IDENTITY
	LAST-UPDATED "201007260000Z" -- July 26, 2010
	ORGANIZATION "Brocade Communications Systems, Inc."
	CONTACT-INFO
		"Technical Support Center
              130 Holger Way,
              San Jose, CA  95134
              Email:  ipsupport@brocade.com
              Phone: 1-800-752-8061
              URL:  www.brocade.com"
	DESCRIPTION
		"Management Information for configuration of IP Source Guard feature.
		IP Source Guard is a security feature that restricts IP traffic on untrusted
		ports by filtering traffic based on the DHCP snooping binding database or
		manually configured IP source bindings.

		Copyright 1996-2010 Brocade Communications Systems, Inc.
  		All rights reserved.
  		This Brocade Communications Systems SNMP Management Information Base Specification
 		embodies Brocade Communications Systems' confidential and proprietary
 		intellectual property. Brocade Communications Systems retains all
  		title and ownership in the Specification, including any revisions.

 		This Specification is supplied AS IS, and Brocade Communications Systems makes
 		no warranty, either express or implied, as to the use,
 		operation, condition, or performance of the specification, and any unintended
 		consequence it may on the user environment."

 	REVISION        "201007260000Z" -- July 26, 2010
 	DESCRIPTION
 		"Changed the ORGANIZATION, CONTACT-INFO and DESCRIPTION fields."

	REVISION     "201002220000Z" -- February 22, 2010
	DESCRIPTION
		""
   ::= { snSwitch 37}

BindMode ::= TEXTUAL-CONVENTION
	STATUS	  current
	DESCRIPTION
		"Represents mode of the IP Source Guard entry."
	SYNTAX     INTEGER {
		other(1),
		active(2),
		inactive(3)
		}

BindType ::= TEXTUAL-CONVENTION
	STATUS	  current
	DESCRIPTION
		"Represents type of the IP Source Guard entry."
	SYNTAX     INTEGER {
		other(1),
		ip(2)
		}

fdryIpSrcGuardInterface  OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 1 }
fdryIpSrcGuardPortVlan OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 2 }
fdryIpSrcGuardBind OBJECT IDENTIFIER ::= { fdryIpSrcGuardMIB 3 }

--
-- IP Source Guard Interface configuration table
--

fdryIpSrcGuardIfConfigTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardIfConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the mechanism to configure enabling or disabling
		IP Source Guard purpose at each physical interface."
	::= { fdryIpSrcGuardInterface 1 }

fdryIpSrcGuardIfConfigEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardIfConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains the configuration to enable or disable IP
		Source Guard at each physical interface capable of this feature."
	INDEX { ifIndex }
	::= { fdryIpSrcGuardIfConfigTable 1 }

FdryIpSrcGuardIfConfigEntry ::= SEQUENCE {
	fdryIpSrcGuardIfEnable
		TruthValue
	}

fdryIpSrcGuardIfEnable  OBJECT-TYPE
	SYNTAX		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object indicates whether IP Source Guard is
		enabled  at this interface.
		If this object is set to 'true', IP Source Guard is enabled.
		Traffic  coming to this interface will be forwarded. If it is
		 from the list of IP addresses obtained from DHCP snooping.
		 Otherwise it is denied.
		If this object is set to 'false', IP Source Guard is disabled."
	::= { fdryIpSrcGuardIfConfigEntry 1 }

--
-- IP Source Guard per-port-per-VLAN configuration table
--

fdryIpSrcGuardPortVlanConfigTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardPortVlanConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the mechanism to configure enabling or disabling
		IP Source Guard purpose per port per VLAN."
	::= { fdryIpSrcGuardPortVlan 1 }

fdryIpSrcGuardPortVlanConfigEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardPortVlanConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains the configuration to enable or disable IP
		Source Guard per port per VLAN of this feature."
	INDEX { fdryIpSrcGuardPortVlanPortId, fdryIpSrcGuardPortVlanVlanId }
	::= { fdryIpSrcGuardPortVlanConfigTable 1 }

FdryIpSrcGuardPortVlanConfigEntry ::= SEQUENCE {
	fdryIpSrcGuardPortVlanPortId
		InterfaceIndex,
	fdryIpSrcGuardPortVlanVlanId
		VlanIndex,
	fdryIpSrcGuardPortVlanEnable
		TruthValue
	}

fdryIpSrcGuardPortVlanPortId OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "The ifIndex of the port for IP Source Guard purpose per port per VLAN."
    ::= { fdryIpSrcGuardPortVlanConfigEntry 1 }

fdryIpSrcGuardPortVlanVlanId OBJECT-TYPE
    SYNTAX     VlanIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "The number of VLAN for IP Source Guard purpose per port per VLAN."
    ::= { fdryIpSrcGuardPortVlanConfigEntry 2 }

fdryIpSrcGuardPortVlanEnable  OBJECT-TYPE
	SYNTAX		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object indicates whether IP Source Guard is
		enabled at this interface and this VLAN number.
		If this object is set to 'true', IP Source Guard per-port-per-VLAN is enabled.
		If this object is set to 'false', IP Source Guard per-port-per-VLAN is disabled."
	::= { fdryIpSrcGuardPortVlanConfigEntry 3 }

--
-- IP Source Guard binding table
-- Use this table to configure Ip source entries
--

fdryIpSrcGuardBindTable OBJECT-TYPE
	SYNTAX SEQUENCE OF FdryIpSrcGuardBindEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table provides the information of IP addresses used IP Source
		Guard purpose at each physical interface with or without specific VLAN
		memberships  "
	::= { fdryIpSrcGuardBind 1 }

fdryIpSrcGuardBindEntry OBJECT-TYPE
	SYNTAX FdryIpSrcGuardBindEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A row instance contains IP address used for IP Source Guard purpose
		at each physical interface with or without specific VLAN memberships ."
	INDEX { ifIndex, fdryIpSrcGuardBindIpAddr }
	::= { fdryIpSrcGuardBindTable 1 }

FdryIpSrcGuardBindEntry ::= SEQUENCE {
	fdryIpSrcGuardBindIpAddr
		IpAddress,
	fdryIpSrcGuardBindVlanId
		Unsigned32,
	fdryIpSrcGuardBindRowStatus
		RowStatus,
	fdryIpSrcGuardBindMode
		BindMode,
	fdryIpSrcGuardBindType
		BindType
	}

fdryIpSrcGuardBindIpAddr  OBJECT-TYPE
	SYNTAX		IpAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The device IP address."
	::= { fdryIpSrcGuardBindEntry 1}

fdryIpSrcGuardBindVlanId  OBJECT-TYPE
	SYNTAX		Unsigned32
	MAX-ACCESS	read-create
	STATUS 		current
	DESCRIPTION
		"This object indicates the specific VLAN memberships on this interface.
		The VLAN number is optional. If you configure a VLAN number, the bindings
		applies to that VLAN only. If you do not configure a VLAN number, the static
		applies to all VLANs associated with the port. In this case, the VLAN number
		will be displayed as 0."
	::= { fdryIpSrcGuardBindEntry 2 }

fdryIpSrcGuardBindRowStatus  OBJECT-TYPE
 	SYNTAX  RowStatus
 	MAX-ACCESS  read-create
 	STATUS  current
 	DESCRIPTION
 		"This variable is used to create, or
 		delete a row in this table. When a row in this
 		table is in active(1) state, no objects in that row
 		can be modified except this object."
 	::= { fdryIpSrcGuardBindEntry 3 }

fdryIpSrcGuardBindMode OBJECT-TYPE
	SYNTAX    BindMode
	MAX-ACCESS read-only
	STATUS     current
	DESCRIPTION
		"The mode of the IP Source Guard entry"
	::= { fdryIpSrcGuardBindEntry 4 }

fdryIpSrcGuardBindType OBJECT-TYPE
	SYNTAX    BindType
	MAX-ACCESS read-only
	STATUS     current
	DESCRIPTION
		"The type of the IP Source Guard entry"
	::= { fdryIpSrcGuardBindEntry 5 }


   END

