Info/CiscoPortSecurity.pm

# SNMP::Info::CiscoPortSecurity
# $Id$
#
# Copyright (c) 2008 Eric Miller
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
#     * Redistributions of source code must retain the above copyright notice,
#       this list of conditions and the following disclaimer.
#     * Redistributions in binary form must reproduce the above copyright
#       notice, this list of conditions and the following disclaimer in the
#       documentation and/or other materials provided with the distribution.
#     * Neither the name of the University of California, Santa Cruz nor the
#       names of its contributors may be used to endorse or promote products
#       derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR # ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

package SNMP::Info::CiscoPortSecurity;

use strict;
use Exporter;

@SNMP::Info::CiscoPortSecurity::ISA       = qw/Exporter/;
@SNMP::Info::CiscoPortSecurity::EXPORT_OK = qw//;

use vars qw/$VERSION %MIBS %FUNCS %GLOBALS %MUNGE %PAECAPABILITIES/;

$VERSION = '3.28';

%MIBS = (
    'CISCO-PORT-SECURITY-MIB' => 'ciscoPortSecurityMIB',
    'CISCO-PAE-MIB'           => 'ciscoPaeMIB',
    'IEEE8021-PAE-MIB'        => 'dot1xAuthLastEapolFrameSource',
);

%GLOBALS = (

    # CISCO-PORT-SECURITY-MIB
    'cps_clear'     => 'cpsGlobalClearSecureMacAddresses',
    'cps_notify'    => 'cpsGlobalSNMPNotifControl',
    'cps_rate'      => 'cpsGlobalSNMPNotifRate',
    'cps_enable'    => 'cpsGlobalPortSecurityEnable',
    'cps_mac_count' => 'cpsGlobalTotalSecureAddress',
    'cps_mac_max'   => 'cpsGlobalMaxSecureAddress',
);

%FUNCS = (

    # CISCO-PORT-SECURITY-MIB::cpsIfConfigTable
    'cps_i_limit_val'  => 'cpsIfInvalidSrcRateLimitValue',
    'cps_i_limit'      => 'cpsIfInvalidSrcRateLimitEnable',
    'cps_i_sticky'     => 'cpsIfStickyEnable',
    'cps_i_clear_type' => 'cpsIfClearSecureMacAddresses',
    'cps_i_shutdown'   => 'cpsIfShutdownTimeout',
    'cps_i_flood'      => 'cpsIfUnicastFloodingEnable',
    'cps_i_clear'      => 'cpsIfClearSecureAddresses',
    'cps_i_mac'        => 'cpsIfSecureLastMacAddress',
    'cps_i_count'      => 'cpsIfViolationCount',
    'cps_i_action'     => 'cpsIfViolationAction',
    'cps_i_mac_static' => 'cpsIfStaticMacAddrAgingEnable',
    'cps_i_mac_type'   => 'cpsIfSecureMacAddrAgingType',
    'cps_i_mac_age'    => 'cpsIfSecureMacAddrAgingTime',
    'cps_i_mac_count'  => 'cpsIfCurrentSecureMacAddrCount',
    'cps_i_mac_max'    => 'cpsIfMaxSecureMacAddr',
    'cps_i_status'     => 'cpsIfPortSecurityStatus',
    'cps_i_enable'     => 'cpsIfPortSecurityEnable',

    # CISCO-PORT-SECURITY-MIB::cpsIfVlanTable
    'cps_i_v_mac_count' => 'cpsIfVlanCurSecureMacAddrCount',
    'cps_i_v_mac_max'   => 'cpsIfVlanMaxSecureMacAddr',
    'cps_i_v'           => 'cpsIfVlanIndex',

    # CISCO-PORT-SECURITY-MIB::cpsIfVlanSecureMacAddrTable
    'cps_i_v_mac_status' => 'cpsIfVlanSecureMacAddrRowStatus',
    'cps_i_v_mac_age'    => 'cpsIfVlanSecureMacAddrRemainAge',
    'cps_i_v_mac_type'   => 'cpsIfVlanSecureMacAddrType',
    'cps_i_v_vlan'       => 'cpsIfVlanSecureVlanIndex',
    'cps_i_v_mac'        => 'cpsIfVlanSecureMacAddress',

    # CISCO-PORT-SECURITY-MIB::cpsSecureMacAddressTable
    'cps_m_status' => 'cpsSecureMacAddrRowStatus',
    'cps_m_age'    => 'cpsSecureMacAddrRemainingAge',
    'cps_m_type'   => 'cpsSecureMacAddrType',
    'cps_m_mac'    => 'cpsSecureMacAddress',

    # IEEE8021-PAE-MIB::dot1xPaePortEntry
    'pae_i_capabilities'            => 'dot1xPaePortCapabilities',
    'pae_i_last_eapol_frame_source' => 'dot1xAuthLastEapolFrameSource',
);

%MUNGE = (
    'cps_i_mac'                     => \&SNMP::Info::munge_mac,
    'cps_m_mac'                     => \&SNMP::Info::munge_mac,
    'cps_i_v_mac'                   => \&SNMP::Info::munge_mac,
    'pae_i_last_eapol_frame_source' => \&SNMP::Info::munge_mac,
    'pae_i_capabilities'            => \&munge_pae_capabilities,
);

%PAECAPABILITIES = (
    0 => 'dot1xPaePortAuthCapable',
    1 => 'dot1xPaePortSuppCapable'
);

sub munge_pae_capabilities {
    my $bits = shift;

    return unless defined $bits;
    my @vals
        = map( $PAECAPABILITIES{$_}, sprintf( "%x", unpack( 'b*', $bits ) ) );
    return join( ' ', @vals );
}

1;
__END__

=head1 NAME

SNMP::Info::CiscoPortSecurity - SNMP Interface to data from
F<CISCO-PORT-SECURITY-MIB> and F<CISCO-PAE-MIB>

=head1 AUTHOR

Eric Miller

=head1 SYNOPSIS

 # Let SNMP::Info determine the correct subclass for you. 
 my $cps = new SNMP::Info(
                        AutoSpecify => 1,
                        Debug       => 1,
                        DestHost    => 'myswitch',
                        Community   => 'public',
                        Version     => 2
                        ) 
    or die "Can't connect to DestHost.\n";

 my $class      = $cps->class();
 print "SNMP::Info determined this device to fall under subclass : $class\n";

=head1 DESCRIPTION

SNMP::Info::CiscoPortSecurity is a subclass of SNMP::Info that provides
an interface to the F<CISCO-PORT-SECURITY-MIB> and F<CISCO-PAE-MIB>.  These
MIBs are used across the Catalyst family under CatOS and IOS.

Use or create in a subclass of SNMP::Info.  Do not use directly.

=head2 Inherited Classes

None.

=head2 Required MIBs

=over

=item F<CISCO-PORT-SECURITY-MIB>

=item F<CISCO-PAE-MIB>

=item F<IEEE8021-PAE-MIB>

=back

=head1 GLOBALS

These are methods that return scalar values from SNMP

=over

=back

=head2 F<CISCO-PORT-SECURITY-MIB> globals

=over

=item $cps->cps_clear()

(C<cpsGlobalClearSecureMacAddresses>)

=item $cps->cps_notify()

(C<cpsGlobalSNMPNotifControl>)

=item $cps->cps_rate()

(C<cpsGlobalSNMPNotifRate>)

=item $cps->cps_enable()

(C<cpsGlobalPortSecurityEnable>)

=item $cps->cps_mac_count()

(C<cpsGlobalTotalSecureAddress>)

=item $cps->cps_mac_max()

(C<cpsGlobalMaxSecureAddress>)

=back

=head1 TABLE METHODS

=head2 C<CISCO-PORT-SECURITY-MIB> - Interface Config Table

=over

=item $cps->cps_i_limit_val()

(C<cpsIfInvalidSrcRateLimitValue>)

=item $cps->cps_i_limit()

(C<cpsIfInvalidSrcRateLimitEnable>)

=item $cps->cps_i_sticky()

(C<cpsIfStickyEnable>)

=item $cps->cps_i_clear_type()

(C<cpsIfClearSecureMacAddresses>)

=item $cps->cps_i_shutdown()

(C<cpsIfShutdownTimeout>)

=item $cps->cps_i_flood()

(C<cpsIfUnicastFloodingEnable>)

=item $cps->cps_i_clear()

(C<cpsIfClearSecureAddresses>)

=item $cps->cps_i_mac()

(C<cpsIfSecureLastMacAddress>)

=item $cps->cps_i_count()

(C<cpsIfViolationCount>)

=item $cps->cps_i_action()

(C<cpsIfViolationAction>)

=item $cps->cps_i_mac_static()

(C<cpsIfStaticMacAddrAgingEnable>)

=item $cps->cps_i_mac_type()

(C<cpsIfSecureMacAddrAgingType>)

=item $cps->cps_i_mac_age()

(C<cpsIfSecureMacAddrAgingTime>)

=item $cps->cps_i_mac_count()

(C<cpsIfCurrentSecureMacAddrCount>)

=item $cps->cps_i_mac_max()

(C<cpsIfMaxSecureMacAddr>)

=item $cps->cps_i_status()

(C<cpsIfPortSecurityStatus>)

=item $cps->cps_i_enable()

(C<cpsIfPortSecurityEnable>)

=back

=head2 C<CISCO-PORT-SECURITY-MIB::cpsIfVlanTable>

=over

=item $cps->cps_i_v_mac_count()

(C<cpsIfVlanCurSecureMacAddrCount>)

=item $cps->cps_i_v_mac_max()

(C<cpsIfVlanMaxSecureMacAddr>)

=item $cps->cps_i_v()

(C<cpsIfVlanIndex>)

=back

=head2 C<CISCO-PORT-SECURITY-MIB::cpsIfVlanSecureMacAddrTable>

=over

=item $cps->cps_i_v_mac_status()

(C<cpsIfVlanSecureMacAddrRowStatus>)

=item $cps->cps_i_v_mac_age()

(C<cpsIfVlanSecureMacAddrRemainAge>)

=item $cps->cps_i_v_mac_type()

(C<cpsIfVlanSecureMacAddrType>)

=item $cps->cps_i_v_vlan()

(C<cpsIfVlanSecureVlanIndex>)

=item $cps->cps_i_v_mac()

(C<cpsIfVlanSecureMacAddress>)

=back

=head2 C<CISCO-PORT-SECURITY-MIB::cpsSecureMacAddressTable>

=over

=item $cps->cps_m_status()

(C<cpsSecureMacAddrRowStatus>)

=item $cps->cps_m_age()

(C<cpsSecureMacAddrRemainingAge>)

=item $cps->cps_m_type()

(C<cpsSecureMacAddrType>)

=item $cps->cps_m_mac()

(C<cpsSecureMacAddress>)

=back

=head2 C<IEEE8021-PAE-MIB::dot1xPaePortEntry>

=over

=item $cps->pae_i_capabilities()

C<dot1xPaePortCapabilities>

Indicates the PAE functionality that this Port supports
and that may be managed through this MIB munged to return either
C<'dot1xPaePortAuthCapable'> or C<'dot1xPaePortSuppCapable'>.

=item $cps->pae_i_last_eapol_frame_source()

C<dot1xAuthLastEapolFrameSource>

The source MAC address carried in the most recently received EAPOL frame.

=back

=head1 Data Munging Callback Subroutines

=over

=item $cps->munge_pae_capabilities()

Return either C<'dot1xPaePortAuthCapable'> or C<'dot1xPaePortSuppCapable'>
based upon bit value.

=back

=cut
	Global
`s`	Focus search bar
`?`	Bring up this help dialog
	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)
	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse
	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)