📄 rfc1353.txt
字号:
STATUS mandatory DESCRIPTION "The status of the access privileges for a particular requesting SNMP party in accessing a particular target SNMP party. Setting an instance of this object to the value 'invalid(2)' has the effect of invalidating the corresponding access privileges. It is an implementation-specific matter as to whether the agent removes an invalidated entry from the table. Accordingly, management stations must be prepared to receive from agents tabular information corresponding to entries not currently in use. Proper interpretation of such entries requires examination of the relevant aclStatus object." DEFVAL { valid } ::= { aclEntry 4 }McCloghrie, Davin, & Galvin [Page 20]
RFC 1353 SNMP Party MIB July 1992 -- The MIB View Database Group -- This group of objects allows the SNMP itself to be used to -- configure new SNMP parties, or to manipulate the MIB -- MIB views of existing parties. -- -- Implementation of the objects in this group is mandatory. viewTable OBJECT-TYPE SYNTAX SEQUENCE OF ViewEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "The table contained in the local database which defines local MIB views. Each SNMP party has a single MIB view which is defined by two collections of view subtrees: the included view subtrees, and the excluded view subtrees. Every such subtree, both included and excluded, is defined in this table. To determine if a particular object instance is in a particular SNMP party's MIB view, compare the object instance's Object Identifier with each entry (for this party) in this table. If none match, then the object instance is not in the MIB view. If one or more match, then the object instance is included in, or excluded from, the MIB view according to the value of viewStatus in the entry whose value of viewSubtree has the most sub-identifiers. If multiple entries match and have the same number of sub-identifiers, then the lexicographically greatest instance of viewStatus determines the inclusion or exclusion. An object instance's Object Identifier X matches an entry in this table when the number of sub- identifiers in X is at least as many as in the value of viewSubtree for the entry, and each sub- identifier in the value of viewSubtree matches its corresponding sub-identifier in X. Two sub- identifiers match either if the corresponding bit of viewMask is zero (the 'wild card' value), or if they are equal. Due to this 'wild card' capability, we introduce the term, a 'family' of view subtrees, to refer toMcCloghrie, Davin, & Galvin [Page 21]
RFC 1353 SNMP Party MIB July 1992 the set of subtrees defined by a particular combination of values of viewSubtree and viewMask. In the case where no 'wild card' is defined in viewMask, the family of view subtrees reduces to a single view subtree." ::= { partyViews 1 } viewEntry OBJECT-TYPE SYNTAX ViewEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Information on a particular family of view subtrees included in or excluded from a particular SNMP party's MIB view." INDEX { viewParty, viewSubtree } ::= { viewTable 1 } ViewEntry ::= SEQUENCE { viewParty Party, viewSubtree OBJECT IDENTIFIER, viewStatus INTEGER, viewMask OCTET STRING } viewParty OBJECT-TYPE SYNTAX Party ACCESS read-write STATUS mandatory DESCRIPTION "The SNMP party whose single MIB view includes or excludes a particular family of view subtrees." ::= { viewEntry 1 } viewSubtree OBJECT-TYPE SYNTAX OBJECT IDENTIFIER ACCESS read-write STATUS mandatory DESCRIPTION "The view subtree which, in combination with the corresponding instance of viewMask, defines a family of view subtrees. This family is included in, or excluded from the particular SNMP party'sMcCloghrie, Davin, & Galvin [Page 22]
RFC 1353 SNMP Party MIB July 1992 MIB view, according to the value of the corresponding instance of viewStatus." ::= { viewEntry 2 } viewStatus OBJECT-TYPE SYNTAX INTEGER { included(1), excluded(2), invalid(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The status of a particular family of view subtrees within the particular SNMP party's MIB view. The value 'included(1)' indicates that the corresponding instances of viewSubtree and viewMask define a family of view subtrees included in the MIB view. The value 'excluded(2)' indicates that the corresponding instances of viewSubtree and viewMask define a family of view subtrees excluded from the MIB view. Setting an instance of this object to the value 'invalid(3)' has the effect of invalidating the presence or absence of the corresponding family of view subtrees in the corresponding SNMP party's MIB view. It is an implementation-specific matter as to whether the agent removes an invalidated entry from the table. Accordingly, management stations must be prepared to receive from agents tabular information corresponding to entries not currently in use. Proper interpretation of such entries requires examination of the relevant viewStatus object." DEFVAL { included } ::= { viewEntry 3 } viewMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..16)) ACCESS read-write STATUS mandatory DESCRIPTION "The bit mask which, in combination with the corresponding instance of viewSubtree, defines a family of view subtrees.McCloghrie, Davin, & Galvin [Page 23]
RFC 1353 SNMP Party MIB July 1992 Each bit of this bit mask corresponds to a sub- identifier of viewSubtree, with the most significant bit of the i-th octet of this octet string value (extended if necessary, see below) corresponding to the (8*i - 7)-th sub-identifier, and the least significant bit of the i-th octet of this octet string corresponding to the (8*i)-th sub-identifier, where i is in the range 1 through 16. Each bit of this bit mask specifies whether or not the corresponding sub-identifiers must match when determining if an Object Identifier is in this family of view subtrees; a '1' indicates that an exact match must occur; a '0' indicates 'wild card', i.e., any sub-identifier value matches. Thus, the Object Identifier X of an object instance is contained in a family of view subtrees if the following criteria are met: for each sub-identifier of the value of viewSubtree, either: the i-th bit of viewMask is 0, or the i-th sub-identifier of X is equal to the i-th sub-identifier of the value of viewSubtree. If the value of this bit mask is M bits long and there are more than M sub-identifiers in the corresponding instance of viewSubtree, then the bit mask is extended with 1's to be the required length. Note that when the value of this object is the zero-length string, this extension rule results in a mask of all-1's being used (i.e., no 'wild card'), and the family of view subtrees is the one view subtree uniquely identified by the corresponding instance of viewSubtree." DEFVAL { ''h } ::= { viewEntry 4 } ENDMcCloghrie, Davin, & Galvin [Page 24]
RFC 1353 SNMP Party MIB July 19925. Acknowledgments This document was produced on behalf of the SNMP Security Working Group of the Internet Engineering Task Force. The authors wish to thank the members of the working group, and others who contributed to this effort.6. References [1] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP based internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [2] McCloghrie, K., and M. Rose, "Management Information Base for Network Management of TCP/IP-based Internets", RFC 1156, Hughes LAN Systems and Performance Systems International, May 1990. [3] Case, J., M. Fedor, M. Schoffstall, and J. Davin, The Simple Network Management Protocol", RFC 1157, University of Tennessee at Knoxville, Performance Systems International, Performance Systems International, and the MIT Laboratory for Computer Science, May 1990. [4] McCloghrie K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets", RFC 1213, Performance Systems International, March 1991. [5] Information processing systems - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization, International Standard 8824, December 1987. [6] Information processing systems - Open Systems Interconnection - Specification of Basic Encoding Rules for Abstract Notation One (ASN.1), International Organization for Standardization, International Standard 8825, December 1987. [7] Rose, M., and K. McCloghrie, Editors, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [8] Davin, J., Galvin, J., and K. McCloghrie, "SNMP Administrative Model", RFC 1351, MIT Laboratory for Computer Science, Trusted Information Systems, Inc., Hughes LAN Systems, Inc., July 1992. [9] Galvin, J., McCloghrie, K., and J. Davin, "SNMP Security Protocols", RFC 1352, Trusted Information Systems, Inc., Hughes LAN Systems, Inc., MIT Laboratory for Computer Science, JulyMcCloghrie, Davin, & Galvin [Page 25]
RFC 1353 SNMP Party MIB July 1992 1992.Security Considerstions Security issues are discussed in section 3.1. and in RFCs 1351 and 1352.Authors' Addresses Keith McCloghrie Hughes LAN Systems, Inc. Mountain View, CA 94043 Phone: (415) 966-7934 EMail: kzm@hls.com James R. Davin MIT Laboratory for Computer Science 545 Technology Square Cambridge, MA 02139 Phone: (617) 253-6020 EMail: jrd@ptt.lcs.mit.edu James M. Galvin Trusted Information Systems, Inc. 3060 Washington Road, Route 97 Glenwood, MD 21738 Phone: (301) 854-6889 EMail: galvin@tis.comMcCloghrie, Davin, & Galvin [Page 26]
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -