![background image](http://html.mh-extra.com/html/cisco/sce-1000-and/sce-1000-and_configuration-manual_64496440.webp)
B-22
Cisco SCE 2000 and SCE 1000 Software Configuration Guide
OL-7827-12
Appendix B Proprietary MIB Reference
pcubeWorkgroup (1.3.6.1.4.1.5655.4)
moduleAttackFilterDeactivatedTrap (1.3.6.1.4.1.5655.4.0.26)
The attack filter module has removed a filter that was previously activated.
•
Attack filter type — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
•
Reason for deactivating the filter — in pcubeSeEventGenericString2
Following are several examples of pcubeSeEventGenericString1 for various scenarios:
•
Attack end detected automatically
(the number of open flows or ddos-suspected flows drops
below the minimum value configured for the attack detector):
End-of-attack detected — Attack on IP address 10.1.4.135, from subscriber side, protocol UDP.
Action is: Report. Duration 20 seconds, attack comprised of 11736 flows.
End-of-attack detected — Attack from IP address 10.1.4.134, from subscriber side, protocol ICMP.
Action is: Block. Duration 10 seconds, attack comprised of 2093 flows.
•
Attack end forced
by a ‘dont-filter’, or a previous ‘force-filter’ command is removed:
Attack filter — Forced to end block of flows from IP address 10.1.1.1, from subscriber side, protocol
TCP. Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 6 seconds, 1
flows blocked.
Attack filter — Forced to end report to IP address 10.1.1.1, from network side, protocol Other.
Attack end forced using a 'no force-filter' or a 'dont-filter' command. Duration 13 seconds, attack
comprised of 1 flows.
moduleEmAgentGenericTrap (1.3.6.1.4.1.5655.4.0.27)
A generic trap used by the Cisco management agent.
•
Trap name — in pcubeSeEventGenericString1 (refer to corresponding
moduleAttackFilterActivatedTrap)
•
Relevant parameter — in pcubeSeEventGenericString2
linkModeSniffingTrap (1.3.6.1.4.1.5655.4.0.28)
The agent entity has detected that the
linkOperMode
object in this MIB has changed to
sniffing
(5).
moduleRedundancyReadyTrap (1.3.6.1.4.1.5655.4.0.29)
The module was able to connect and synch with a redundant entity, and is now ready to handle fail-over
if needed.
moduleRedundantConfigurationMismatchTrap (1.3.6.1.4.1.5655.4.0.30)
The module was not able to synch with a redundant entity, due to an incompatibility in essential
configuration parameters between the module and the redundant entity.
moduleLostRedundancyTrap (1.3.6.1.4.1.5655.4.0.31)
The module has lost the ability to perform the fail-over procedure.