summaryrefslogtreecommitdiffstats
path: root/Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof
diff options
context:
space:
mode:
Diffstat (limited to 'Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof')
-rw-r--r--Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof93
1 files changed, 93 insertions, 0 deletions
diff --git a/Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof b/Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof
new file mode 100644
index 0000000..ff9cad2
--- /dev/null
+++ b/Schemas/CIM236/DMTF/IPsecPolicy/CIM_IPsecAction.mof
@@ -0,0 +1,93 @@
+// Copyright (c) 2005 DMTF. All rights reserved.
+ [Version ( "2.8.0" ),
+ UMLPackagePath ( "CIM::IPsecPolicy" ),
+ Description (
+ "IPsecAction specifies the parameters to use for an IPsec phase "
+ "2 negotiation." ),
+ MappingStrings { "IPSP Policy Model.IETF|IPsecAction" }]
+class CIM_IPsecAction : CIM_SANegotiationAction {
+
+ [Description (
+ "UsePFS indicates whether perfect forward secrecy is "
+ "required when refreshing keys." ),
+ MappingStrings { "IPSP Policy Model.IETF|IPsecAction.UsePFS" },
+ ModelCorrespondence { "CIM_IPsecSAEndpoint.PFSInUse" }]
+ boolean UsePFS;
+
+ [Description (
+ "UsePhase1Group indicates that the phase 2 GroupId should "
+ "be the same as that used in the phase 1 key exchange. If "
+ "UsePFS is False, then this property is ignored. Note "
+ "that a value of False indicates that the property "
+ "GroupId will contain the key exchange group to use for "
+ "phase 2." ),
+ MappingStrings {
+ "IPSP Policy Model.IETF|IPsecAction.UseIKEGroup" }]
+ boolean UsePhase1Group;
+
+ [Description (
+ "GroupId specifies the PFS group ID to use. This value is "
+ "only used if PFS is True and UsePhase1Group is False. If "
+ "the GroupID number is from the vendor-specific range "
+ "(32768-65535), the VendorID qualifies the group number. "
+ "Well-known group identifiers from RFC2412, Appendix E, "
+ "are: Group 1=\'768 bit prime\', Group 2=\'1024 bit "
+ "prime\', Group 3=\'Elliptic Curve Group with 155 bit "
+ "field element\', Group 4=\'Large Elliptic Curve Group "
+ "with 185 bit field element\', and Group 5=\'1536 bit "
+ "prime\'." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "..", "0x8000.." },
+ Values { "No Group/Non-Diffie-Hellman Exchange",
+ "DH-768 bit prime", "DH-1024 bit prime",
+ "EC2N-155 bit field element",
+ "EC2N-185 bit field element", "DH-1536 bit prime",
+ "Standard Group - Reserved", "Vendor Reserved" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IPsecAction.GroupID",
+ "RFC2412.IETF|Appendix E" },
+ ModelCorrespondence { "CIM_IPsecAction.VendorID",
+ "CIM_IKESAEndpoint.GroupID" }]
+ uint16 GroupId;
+
+ [Description (
+ "The property VendorID is used together with the property "
+ "GroupID (when it is in the vendor-specific range) to "
+ "identify the key exchange group. VendorID is ignored "
+ "unless UsePFS is true, AND UsePhase1Group is False, AND "
+ "GroupID is in the vendor-specific range (32768-65535)." ),
+ MappingStrings { "IPSP Policy Model.IETF|IPsecAction.VendorID" },
+ ModelCorrespondence { "CIM_IPsecAction.GroupId",
+ "CIM_IKESAEndpoint.VendorID" }]
+ string VendorID;
+
+ [Description (
+ "The property Granularity is an enumeration that "
+ "specifies how the selector for the SA should be derived "
+ "from the traffic that triggered the negotiation. Its "
+ "values are: \n"
+ "1=Other; See the OtherGranularity property for more "
+ "information \n"
+ "2=Subnet; The source and destination subnet masks are "
+ "used \n"
+ "3=Address; The source and destination IP addresses of "
+ "the triggering packet are used \n"
+ "4=Protocol; The source and destination IP addresses and "
+ "the IP protocol of the triggering packet are used \n"
+ "5=Port; The source and destination IP addresses, IP "
+ "protocol and the source and destination layer 4 ports of "
+ "the triggering packet are used." ),
+ ValueMap { "1", "2", "3", "4", "5" },
+ Values { "Other", "Subnet", "Address", "Protocol", "Port" },
+ MappingStrings {
+ "IPSP Policy Model.IETF|IPsecAction.Granularity" },
+ ModelCorrespondence { "CIM_IPsecAction.OtherGranularity" }]
+ uint16 Granularity;
+
+ [Description (
+ "Description of the granularity when the value 1 "
+ "(\"Other\") is specified for the property, Granularity." ),
+ ModelCorrespondence { "CIM_IPsecAction.Granularity" }]
+ string OtherGranularity;
+
+
+};