# Copyright (C) 2003 Shawn Ferry # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. # $Id: CiscoFirewall.pm,v 1.1 2010-12-27 00:03:56 ivan Exp $ # Shawn Ferry # Cisco Firewall devices discovery package Torrus::DevDiscover::CiscoFirewall; use strict; use Torrus::Log; $Torrus::DevDiscover::registry{'CiscoFirewall'} = { 'sequence' => 510, 'checkdevtype' => \&checkdevtype, 'discover' => \&discover, 'buildConfig' => \&buildConfig }; our %oiddef = ( # CISCO-FIREWALL 'ciscoFirewallMIB' => '1.3.6.1.4.1.9.9.147', 'cfwBasicEventsTableLastRow' => '1.3.6.1.4.1.9.9.147.1.1.4', 'cfwConnectionStatTable' => '1.3.6.1.4.1.9.9.147.1.2.2.2.1', 'cfwConnectionStatMax' => '1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.7', ); sub checkdevtype { my $dd = shift; my $devdetails = shift; my $session = $dd->session(); my $data = $devdetails->data(); if( $devdetails->isDevType('CiscoGeneric') and $dd->checkSnmpTable('ciscoFirewallMIB') ) { $devdetails->setCap('interfaceIndexingManaged'); return 1; } return 0; } sub discover { my $dd = shift; my $devdetails = shift; my $data = $devdetails->data(); my $session = $dd->session(); $data->{'nameref'}{'ifReferenceName'} = 'ifName'; $data->{'nameref'}{'ifSubtreeName'} = 'ifNameT'; $data->{'param'}{'ifindex-table'} = '$ifName'; if( not defined( $data->{'param'}{'snmp-oids-per-pdu'} ) ) { my $oidsPerPDU = $devdetails->param('CiscoFirewall::snmp-oids-per-pdu'); if( $oidsPerPDU == 0 ) { $oidsPerPDU = 10; } $data->{'param'}{'snmp-oids-per-pdu'} = $oidsPerPDU; } if( $dd->checkSnmpOID('cfwConnectionStatMax') ) { $devdetails->setCap('CiscoFirewall::connections'); } # I have not seen a system that supports this. if( $dd->checkSnmpOID('cfwBasicEventsTableLastRow') ) { $devdetails->setCap('CiscoFirewall::events'); } return 1; } sub buildConfig { my $devdetails = shift; my $cb = shift; my $devNode = shift; my $data = $devdetails->data(); my $fwStatsTree = "Firewall_Stats"; my $fwStatsParam = { 'precedence' => '-1000', 'comment' => 'Firewall Stats', }; my @templates = ('CiscoFirewall::cisco-firewall-subtree'); if( $devdetails->hasCap('CiscoFirewall::connections') ) { push( @templates, 'CiscoFirewall::connections'); } if( $devdetails->hasCap('CiscoFirewall::events') ) { push( @templates, 'CiscoFirewall::events'); } $cb->addSubtree( $devNode, $fwStatsTree, $fwStatsParam, \@templates ); } 1; # Local Variables: # mode: perl # indent-tabs-mode: nil # perl-indent-level: 4 # End: