OPSEC
Check Point™ AMON (Application Monitoring)
OPSEC SDK 6.0
May 2006
© 2003-2006 Check Point Software Technologies Ltd.
All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19.
TRADEMARKS:
©2003-2006 Check Point Software Technologies Ltd. All rights reserved.
Check Point, Application Intelligence, Check Point Express, the Check Point logo, AlertAdvisor, ClusterXL, Cooperative Enforcement, ConnectControl, Connectra, CoSa, Cooperative Security Alliance, Eventia, Eventia Analyzer, FireWall-1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, IMsecure, INSPECT, INSPECT XL, Integrity, InterSpect, IQ Engine, Open Security Extension, OPSEC, Policy Lifecycle Management, Provider-1, Safe@Home, Safe@Office, SecureClient, SecureKnowledge, SecurePlatform, SecuRemote, SecureXL Turbocard, SecureServer, SecureUpdate, SecureXL, SiteManager-1, SmartCenter, SmartCenter Pro, Smarter Security, SmartDashboard, SmartDefense, SmartLSM, SmartMap, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, Stateful Clustering, TrueVector, Turbocard, UAM, User-to-Address Mapping, UserAuthority, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 VSX, VPN-1 XL, Web Intelligence, ZoneAlarm, ZoneAlarm Pro, Zone Labs, and the Zone Labs logo, are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 6,496,935 and 6,850,943 and may be protected by other U.S. Patents, foreign patents, or pending applications.
For third party notices, see “THIRD PARTY TRADEMARKS AND COPYRIGHTS” on page 135.
Table of Contents 5
Contents
Preface Who Should Use This Guide................................................................................ 8What Typographic Variations Mean ...................................................................... 9Summary of Contents ....................................................................................... 11...................................................................................................................... 12
Chapter 1 Introduction Overview ......................................................................................................... 14Programming Model ......................................................................................... 15
Threads ..................................................................................................... 15Defining the AMON Service ......................................................................... 15AMON data model ...................................................................................... 15AMON Communication Protocol ................................................................... 18AMON Client .............................................................................................. 20AMON Server.............................................................................................. 21OPSEC OID Tree......................................................................................... 21
AMON API Overview......................................................................................... 29
Chapter 2 Vendors Private Schema Vendors Private Schema ................................................................................... 36
Schema Format Definitions.......................................................................... 36Block Definition.......................................................................................... 38Branch Definition ....................................................................................... 39Node Definition .......................................................................................... 40Simple OID Definition ................................................................................. 41Table Definition.......................................................................................... 43Porting Private Schema ............................................................................... 46
Chapter 3 Server API Functions Function Calls ................................................................................................. 48
Oid API...................................................................................................... 48OidRep API ................................................................................................ 56AmonRequest API....................................................................................... 62AmonRequestIter API.................................................................................. 63AmonReply API .......................................................................................... 65AmonReplyIter API ..................................................................................... 70Server API.................................................................................................. 71
Event Handlers ................................................................................................ 73AMON_REQUEST_HANDLER....................................................................... 73AMON_CANCEL_HANDLER ......................................................................... 74
Index...........................................................................................................81
6
7
Preface PPreface
In This Chapter
Who Should Use This Guide page 8
What Typographic Variations Mean page 9
Summary of Contents page 11
Who Should Use This Guide
8
Who Should Use This GuideThis document describes the AMON (Application Monitoring).
This API specification is written for developers who write software to enhance the network security provided by VPN-1.
It assumes that you have read the Check Point OPSEC API Specification.
It also assumes that you have a basic understanding and a working knowledge of the following:
• system and network security
• the VPN-1 product
• system and network administration
• the C and/or C++ programming language
• the Unix or Windows operating system
• Internet protocols
What Typographic Variations Mean
Preface 9
What Typographic Variations MeanThe following table describes the typographic variations used in this book.
TABLE P-1 Typographic Conventions
Typeface or Symbol Meaning Example
AaBbCc123 The names of commands, files, and directories; on-screen computer output; code
Edit your .login file.Use ls -a to list all files.machine_name% You have mail.session = sam_new_session (client, server);
AaBbCc123 same as above, but with emphasis
session = sam_new_session (client, server);
Save Text that appears on an object in a window
Click on the Save button.
<your text> Replace the angle brackets and the text they contain with your text.
Edit the file <FWDIR>\lib\yourfile.xx
.
.
.
Lines of data or code omitted from example
line 1line 2...line n
What Typographic Variations Mean
10
[item] The item is optional.
dir [/o]
[item1] ... [item2] List of optional items
dir [/o] [/w] [/s]
item1 | item2 | item3 Choose one of the items.
copy infile1 | infile1 + infile2 |infile1 + infile2 + infile3 outfile
italic Specific values will be shown in italics
one of addnet | addapp
TABLE P-1 Typographic Conventions(continued)
Typeface or Symbol Meaning Example
Summary of Contents
Preface 11
Summary of ContentsThis guide contains that following chapters:
Chapter Description
Chapter 1, “Introduction”
Chapter 2, “Vendors Private Schema”
Chapter 3, “Server API Functions”
12
13
Chapter 1Introduction
In This Chapter
Overview page 14
Programming Model page 15
Defining the AMON Service page 15
AMON data model page 15
AMON Communication Protocol page 18
AMON Client page 20
AMON Server page 21
OPSEC OID Tree page 21
AMON API Overview page 29
Overview
14
OverviewCheck Point’s OPSEC (Open Platform for Security) integrates and manages all aspects of network security through an open, extensible management framework. Third party security applications can plug into the OPSEC framework via published application programming interfaces (APIs). Once integrated into the OPSEC framework, all applications can be configured and managed from a central point, utilizing a single Security Policy editor.
This document describes the AMON (Application Monitoring), which enables third party applications to export their status to VPN-1.
Programming Model
Chapter 1 Introduction 15
Programming Model
ThreadsAMON API Multithread level is “reentrant”. This means that:
• Multiple threads may use the AMON API concurrently.
• Multiple threads may not share data generated by AMON API
For more information, see “Multithreaded OPSEC Applications” in the Check Point OPSEC API Specification.
Defining the AMON ServiceAMON (Application MONitoring) Service enables network applications to report their status to Check Point management. Status information is available to be fetched either by a CPMI Client or by the Check Point Status Monitoring Application (see the “OPSEC CPMI API Specification”).
The AMON service has 4 components:
• AMON data model
• AMON Communication Protocol
• AMON Server
• AMON Client
AMON data modelThe data in the AMON data structure is organized in a multi-leaf tree. Each node in the tree is designated by an OID (Object ID), which is a series of non zero positive integers. In ASCII, OID is represented as a dot-separated series of numbers (e.g. - 1.3.6.1.4.2620.1.2). The OID 1.3.6 is said to be "under" 1.3 or contain 1.3 (for more information about OID order see "OID Order" below).
Values can be held only in leafs, and not in nodes. For example, if 1.3.5 has a value, then 1.3 and 1 are nodes, which can’t have values.
An organization wishing to expose data using AMON, may want to apply to a public commitee, (IANA), to get a Private Enterprise Number in the global tree under 1.3.6.1.4.1. (e.g. iso.org.dod.internet.private.enterprise). It will then be considered
AMON data model
16
as the private territory of the organization. Under that sub-tree the organization is free to expose any data it wishes. The organization can make this sub-tree public, by publishing a schema file that describes the structure of the sub-tree.
To define an AMON schema one should define the OIDs in this schema and for each OID define a name, value type and display string. It is enough to define the leaves. Consider the following AMON server data tree:Figure 1-1 Example of an AMON server data tree
Then the schema would look like Table 1-1
AMON TablesIn some cases it is necessary to define multiple values for an OID. This type of schema is called a table. A table has the following properties:
• A table has one or more columns. Each has its own OID.
• One of these columns is considered as an “index column”, which forms the “table index”.
• The table index has a unique value for each “row”.
• The value of a specific “cell” can not be held in the OID of it’s column; there are multiple cells in each column so the value of a cell is held in an OID. This OID is a combination of the column OID and a sub-OID which encodes the index of the new row.
• AMON supports only integer columns as indexes.
Table 1-1 Simple Schema Definition
OID Name Value Type Display String
35.1 appStatus string Application status
35.2.1
appName string Application name
35.2.2
appVersion integer Application version
35 appSta tus(1 )
appN am e(1)2
appVers ion(2 )
AMON data model
Chapter 1 Introduction 17
• The OID of columns are always placed 2 OID levels “below” the table OID. This is in order to allow the definition of a logical “table entry” entity in the schema (between the table OID and the column OIDs), whose only purpose is to specify which are the index columns. The sub-OID of the table entry is usually “1”.
Suppose we have the following table definitions:
Table OID = 56.32
Table Entry OID = 1
Column “Serial” OID = 1,type=integer
Column “Name” OID = 2,type=string
Column “Money” OID = 3,type=integer
In this example “Serial” will serve as the index column.
The schema of the table would look like Table 1-2
OID Order and ContainmentOID's can be ordered in lexicographic order. One OID can contain another OID.
Lexicographic Order and Containment Rules
Table 1-2 Simple Table Schema Definition
OID Name Value Type Display String
56.32.1.1 Serial integer Index
56.32.1.2 Name string Name
56.32.1.3 Money integer Bank Account Balance
Table 1-3 Lexicographic Order and Containment Rules
first OID second
OID
order rule containment rule
1.2.3, 1.2.2 1.2.2 is before 1.2.3 no containment
1.2.3, 1.2.3.4 1.2.3 is before 1.2.3.4 1.2.3.4 contains 1.2.3
AMON Communication Protocol
18
AMON Communication Protocol
The Protocol
The communication protocol of AMON presents a request-reply mechanism. The request is simply a list of OID's to retrieve (see “AmonRequest”” Content on page 31). The reply is a list of reply items, each of which specifies: the OID for which it replies, the value found for this OID, the type of the value, and an optional error status (see “AmonReply”” on page 31).
Amon Scope TypesThe AMON protocol specifies that for each OID found in the request, the AMON server has to reply with OIDs, which are equal or "under" the OID based on the scope of the request. Amon supports three scope types (see “AmonRequest”” Content on page 31):
All– client expects to get all leaves which are successors of this OID
One– client will only get this OID
Next– starting from this OID the client expects to get only the next leaf OID
For example, if an AMON server has the following data tree:Figure 1-2 Example of an AMON server tree
1.2, 1.2.1.2 1.2 is before 1.2.1.2 1.2.1.2 contains 1.2
1.2.3, 1.2.3 identical identical
1.2, 2.3 1.2 is before 2.3 no containment
Table 1-3 Lexicographic Order and Containment Rules
first OID second
OID
order rule containment rule
32 1, value = “Abba”
1, value = “U2”2
2, value = 3
AMON Communication Protocol
Chapter 1 Introduction 19
Simple Queries
Request with scope “all”
OID = 32.1
OID = 32.2
Request with scope “one”
OID = 32.1
OID = 32.2
Request with scope “next”
OID = 32.1
Querying TablesQuerying tables works just like any other query. The reply still consists of leaves that have values. OIDS are returned in lexicographic order meaning column after column rather then row after row. The client knows that the OIDs are part of a table and therfore can build the table row by row.
Table 1-4 Reply Results for Scope “all”
Value OID Value Type Status
Abba 32.1 String OK
U2 32.2.1 String OK
3 32.2.2 Number OK
Table 1-5 Reply Results for Scope “one”
Value OID Value Type Status
Abba 32.1 String OK
None 32.2 String Not Found
Table 1-6 Reply Results for Scope “next”
Value OID Value Type Status
Abba 32.2.1 String OK
AMON Client
20
Consider the table schema definition from Table 1-2 the “Simple Table Schema Definition”. Assuming the values in Table 1-7 below populate this table
and that the scope is “all” and the request if for “OID 56.32.1”, the values that will be returned by an AMON server for Table 1-7 are liste in below.
AMON ClientAn AMON Client is an application, which send AMON requests to AMON servers, and handles the replies when they arrive from the server. The only AMON client is the Check Point SmartCenter Server. Check Point SmartCenter Server builds requests based on a predefined schema and exports the results through CPMI (Check Point Management Interface). The AMON client might limit the size of the reply by setting the size argument in the request (see “AmonRequest”” Content on page 31). If the server sends data beyond the limit, the client might drop the reply.
Table 1-7 Querying Tables Population
Serial Name Money
1 George -1000
2 Kim 3200
3 Bill 5700
Table 1-8 Querying Tables Example Results
OID Value Value Type Status
56.32.1.1.1 1 Integer OK
56.32.1.1.2 2 Integer OK
56.32.1.1.3 3 Integer OK
56.32.1.2.1 George String OK
56.32.1.2.2 Kim String OK
56.32.1.2.3 Bill String OK
56.32.1.3.1 -1000 Integer OK
56.32.1.3.2 3200 Integer OK
56.32.1.3.3 5700 Integer OK
AMON Server
Chapter 1 Introduction 21
AMON ServerAn AMON Server is an application, which waits for AMON requests, produces replies, and sends them back to their initiator. The OPSEC package contains an API for implementing an AMON server.
The server might send the whole reply at once or it might split the reply into a few replies. In the former case the server should mark the reply as “last reply” and in the later, it should mark the reply as “not last reply” (see “AmonReply”” Content on page 31). The server might get a cancel request which notifies it that the reply for a certain request is no longer needed. In this case the server can drop the request.Figure 1-3 AMON Configuration
OPSEC OID TreeCheck Point’s Private Enterprise Number is 2620.
The OID is 1.3.6.1.4.1.2620.
• iso(1).
• org(3).
• dod(6).
• internet(1).
• private(4).
• enterprises(1).
• checkpoint(2620)
ManagementStation
AMON ClientMIB
OPSECApplication
AMON ServerSystem Status
Viewer
CPMI ClientCPMI Server
The Management Stationprovides application status info
on request to CPMI Clients.
The Management Stationqueries the OPSEC application
for its status.
OPSEC OID Tree
22
This sub-tree has two sub-trees: Checkpoint.1 is Checkpoint products (e.g. checkpoint.1.1 is FireWall-1, checkpoint.1.2 is VPN-1) and checkpoint.2 is OPSEC which is the entry point for OPSEC applications.Figure 1-4 The Check Point sub-tree
OpsecGenericStatus Schema
Figure 1-5 opsecGenericStatus Fields
Iso(1) Internet(1) Private(4) Enterprises(1) Checkpoint(2620)
Products(1) Opsec(2)
Org(3) Dod(6)
opsec(2)
opsecStatus(1)
opsecGenericStatus(1)
opsecCvpStatus(2)
opsecUfpStatus(3)
opsecLeaStatus(4)
opsecSamStatus(6)
opsecElaStatus(5)
opsecCpmiStatus(7)
OPSEC OID Tree
Chapter 1 Introduction 23
Entry point OID 1.3.6.1.4.1.2620.2.1.1
Table 1-9 opsecGenericStatusFields
Name OID Value
Type
OPSEC VT Type Description
statusOK 1 Integer
OPSEC_VT_I32BIT 0 if the status of the application is OK, otherwise non-zero.
statusDescription 2 String OPSEC_VT_STRING Text description of the status of the application.
opsecVendor 3 String OPSEC_VT_STRING Text description of the status of the application.
opsecProduct 4 String OPSEC_VT_STRING The product name.
opsecProductVersion 5 String OPSEC_VT_STRING The product version.
opsecSdkVersion 6 String OPSEC_VT_STRING The OPSEC SDK version.
opsecSdkBuildNumber
7 Integer
OPSEC_VT_UI32BIT OPSEC SDK build number.
opsecAppUpTime 8 Integer
OPSEC_VT_UI32BIT The number of seconds since the application started as returned by the ANSII C function time().
OPSEC OID Tree
24
OpsecCvpStatusSchema
Entry point OID 1.3.6.1.4.1.2620.2.1.2
OpsecUfpStatusSchema
Entry point OID 1.3.6.1.4.1.2620.2.1.3
Table 1-10 opsecCvpStatusFields
Name OID Value
Type
OPSEC VT Type Description
cvpItemsModified 1 Integer OPSEC_VT_UII32BIT The number of the sessions that modified the content.
cvpItemsNotModified 2 Integer OPSEC_VT_UII32BIT The number of the sessions that did not modify the content.
cvpItemsReplaced 3 Integer OPSEC_VT_UII32BIT The number of the sessions that replaced the content.
cvpItemsNotSafe 4 Integer OPSEC_VT_UII32BIT The number of the sessions where the content was not safe.
cvpItemsSafe 5 Integer OPSEC_VT_UII32BIT The number of session where the content was safe.
OPSEC OID Tree
Chapter 1 Introduction 25
Figure 1-6 OpsecUfpStatus Schema Image
Table entry point OID 1.3.6.1.4.1.2620.2.1.3.1.1
OpsecLeaStatusSchema
Entry point OID 1.3.6.1.4.1.2620.2.1.4Figure 1-7 OpsecLeaStatusSchema Image
Table 1-11 ufpEntry Fields
Name OID Value
Type
OPSEC VT Type Description
ufpIndex 1 Integer OPSEC_VT_UI32BIT Index for the table.
ufpCategoryName 2 String OPSEC_VT_STRING The category name.
ufpCategory Matched
3 Integer OPSEC_VT_UI32BIT The number of requests that matched this category.
opsecUfpStatus(3)
ufpEntry(1)
ufpTable(1)
opsecLeaStatus(4)
leaEntry(1)
leaTable(1)
OPSEC OID Tree
26
Table entry point OID 1.3.6.1.4.1.2620.2.1.4.1.1
OpsecElaStatusSchema
Entry point OID 1.3.6.1.4.1.2620.2.1.5Figure 1-8 OpsecElaStatus Schema Image
Table entry point OID 1.3.6.1.4.1.2620.2.1.5.1.1
Table 1-12 leaEntry Fields
Name OID Value
Type
OPSEC VT Type Description
leaIndex 1 Integer OPSEC_VT_UI32BIT Index for the table.
leaServer 2 String OPSEC_VT_STRING The host name of the LEA server.
leaLogsRead 3 Integer OPSEC_VT_UI32BIT The number of logs read from this server.
opsecElaStatus(5)
elaEntry(1)
elaTable(1)
Table 1-13 ela Entry Fields
Name OID Value
Type
OPSEC VT Type Description
elaIndex 1 Integer OPSEC_VT_UI32BIT Index for the table.
elaServer 2 String OPSEC_VT_STRING The host name of the ELA server.
elaLogsWritten 3 Integer OPSEC_VT_UI32BIT The number of logs written to this server.
OPSEC OID Tree
Chapter 1 Introduction 27
OpsecSamStatus Schema
Entry point OID 1.3.6.1.4.1.2620.2.1.6Figure 1-9 OpsecSamStatus Schema Image
Table entry point OID 1.3.6.1.4.1.2620.2.1.6.1.1
OpsecCpmiStatus Schema
Entry point OID 1.3.6.1.4.1.2620.2.1.7
opsecSamStatus(6)
samEntry(1)
samTable(1)
Table 1-14 samEntry Fields
Name OID Value
Type
OPSEC VT Type Description
samIndex 1 Integer OPSEC_VT_UI32BIT Index for the table.
samServer 2 String OPSEC_VT_STRING The host name of the SAM server.
samInhibitReq 3 Integer OPSEC_VT_UI32BIT The number of ”Inhibit” requests to this server.
samNotifyReq 4 Integer OPSEC_VT_UI32BIT The number of ”Notify” requests to this server.
samDeleteReq 5 Integer OPSEC_VT_UI32BIT The number of ”Delete” requests to this server.
samCancelReq 6 Integer OPSEC_VT_UI32BIT The number of ”Cancel” requests to this server.
samClosedConn 7 Integer OPSEC_VT_UI32BIT The number of ”Close Connection” requests to this server.
OPSEC OID Tree
28
Figure 1-10 OpsecCpmiStatus Schema Image
Table entry point OID 1.3.6.1.4.1.2620.2.1.7.1.1
OPSEC Schema Mandatory FieldsOPSEC defines mandatory fields which vendors should support if they support AMON in their applications. The vendors should support the opsecGenericStatus variables as well as any other supported OPSEC service status variables. For example, if the vendor supports ELA and CVP, they should also support opsecCvpStatus and opsecElaStatus variables. Vendors might also support their own schema (see Vendors Private schema on page 36).
Table 1-15 cpmiEntry Fields
Name OID Value
Type
OPSEC VT Type Description
cpmiIndex 1 Integer OPSEC_VT_UI32BIT Index for the table.
cpmiServer 2 String OPSEC_VT_STRING The host name of the CPMI server.
cpmiDbMode 3 String OPSEC_VT_STRING The Database Open mode eg. “Write”, “Read Only” etc.
opsecCpmiStatus(7)
cpmiEntry(1)
cpmiTable(1)
Note - OIDs that represent counters assumed to reset their count at application start.
AMON API Overview
Chapter 1 Introduction 29
AMON API Overview
AMON Server Application
EventsThe AMON Server responds to the events listed in Table 1-16 A response is handled by the event handler (callback) function set in the call to opsec_init_entity for that event.
Event Handler FunctionsThe event handlers functions are written by the AMON Server developer. These handlers should return one of the following values (for more about information about Event handlers see “Event Handlers” on page 73).
An AMON Server’s main function should proceed as illustrated below:
Table 1-16 AMON Server Events
Event
Description
Handler Reference
New request arrived
AMON_REQUEST_HANDLER Event Handler for the AMON_REQUEST event page 29
Cancel request arrived
AMON_CANCEL_HANDLER Event Handler for the AMON_CANCEL_REQUEST event page 29
Table 1-17 Values Returned by Event Handlers
Value Meaning
OPSEC_SESSION_OK The session can continue.
OPSEC_SESSION_END The session will be closed.
OPSEC_SESSION_ERR The session will be closed because of an error.
AMON API Overview
30
Figure 1-11 AMON Server Application Structure
mainloop
Handler forEvent #1
Handler forEvent #2
EVENT #1 EVENT #2
initialize OPSECenvironment
initialize AMON Server
entity
start themain loop
start the ServerAMON
free OPSECenvironment
free the Server
entityAMON
AMON API Overview
Chapter 1 Introduction 31
Data Structures
AmonRequestAmonRequest includes the following information:
• list of OID's (one or more).
• search scope (see below) - the AMON client adds to each request a search scope. This might be one of the following values:
AmonScope_GetAll– client expects to get all leaf successors of this OID.
AmonScope_GetOne–client expects to get this OID only.
AmonScope_GetNext– client expects to get only the next leaf of this OID
• size limit - client expect server to send in the reply OID's up to this limit (Default = 500; 0 = no limit)
AmonReplyAmonReply includes the following information:
• List of OidRep's (one or more) – see OidRep Content (page 17).
• Error code for the whole reply. One of the following values
AmonError_OK
AmonError_Fail
Table 1-18 AMON use the following objects as its data structures:
Object Definition page
AmonRequest Holds the request from the client to the server.
page 31
AmonReply Holds the reply from the server to the client.
page 31
OidRep Building blocks for AmonReply. page 32
Oid Object that represent OID. page 32
Opsec_value_t Object to hold many types of data. page 32
Note - All of these objects have functions to create, destroy and manipulate them
AMON API Overview
32
• Last reply marker (see below)
LastReply_False
LastReply_True
Server should send a reply to the client with one of the following:
• LastReply_False - if the reply for a request is partial result and more replies will be sent soon for a that request.
• LastReply_True - if the reply is complete.
OidRepOidRep includes the following information:
• Oid
• Error code for this OID- this should be one of the following values:
OidErr_Ok
OidErr_NotFound
• Value – see below opsec_value_t
Opsec_value_tAMON use virtual types of data with objects to hold these data types. The table below lists all the valid types used by AMON:
Table 1-19 Valid Types of Data Used by Amon
Virtual Type Actual Type Comments
OPSEC_VT_NONE None
OPSEC_VT_I16BIT Signed short
OPSEC_VT_I32BIT Signed integer
OPSEC_VT_I64BIT Signed 64 bit number
OPSEC_VT_UI16BIT Unsigned short
OPSEC_VT_UI32BIT Unsigned integer
OPSEC_VT_UI64BIT Unsigned 64 bit number
AMON API Overview
Chapter 1 Introduction 33
For further information on opsec_value_t refer to “Opsec Value Tyes” in the “OPSEC API Specification”.
AMON Client ToolThe OPSEC SDK Next Generation includes amon_client, an AMON testing tool that enables testing of an AMON Server without VPN-1. The tool is contained in the OPSEC SDK Next Generation package.
The Amon Client queries the Amon Server and prints the results to stderr.
Syntax
amon_client [options] <list of oid’s>
OPSEC_VT_IP IP address Network Order
OPSEC_VT_BUFF Array of characters
OPSEC_VT_STRING NULL terminated buffer
OPSEC_VT_IPV6 Type that represents Ipv6
Table 1-19 Valid Types of Data Used by Amon
Virtual Type Actual Type Comments
AMON API Overview
34
Arguments
Table 1-20 AMON Client Tool Arguments
Argument Meaning
Options Any of the following:
Option Meaning
-s scope One of the following
All client expects to get all leaves which are successors of this OID
One client will only get this OID
Next starting from this OID the client expects to get only the next leaf OID
Options (Cont.)
-t timeout Client side timeout for all operations (in mili-seconds). The default is 0, no time out.
-r reply mode One of the following
all accept all the results (default)
partial accept partial results
-l size limit The default is 500. 0 means no size limit.
-h host The Server’s IP address in dotted format. The default is 127.0.0.1
-p port The Server’s Port. The default is 18193
list of OID’s The list of OID’s to retrieve.
35
Chapter 2Vendors Private Schema
In This Chapter
Vendors Private Schema page 36
Schema Format Definitions page 36
Block Definition page 38
Branch Definition page 39
Node Definition page 40
Simple OID Definition page 41
Table Definition page 43
Porting Private Schema page 46
Vendors Private Schema
36
Vendors Private SchemaAMON allows vendors to export their private schema. This schema needs to be imported into the Check Point schema before it can be used. After it has been imported, based on this schema, the AMON client (ie, VPN-1 SmartCenter Server) will query the AMON server.
To import a private schema definition to Check Point’s schema (which resides on the VPN-1 SmartCenter Server), AMON supports a private schema file with a specific format. An import tool uses this file as an input to port the schema (with a compatible format) into the Check Point schema (see “Porting Private Schema”” below).
Schema Format DefinitionsThe schema file is composed of a file header and one or more blocks. Each block represents a complete product schema definition. This definition can be referenced using its identifier, from the Policy Editor when the product is defined as an OPSEC application (see “Defining OPSEC applications” in the “Check Point SmartCenter Guide”). Blocks are composed of one or more branches. Each branch contains definitions of simple OIDs, nodes and tables. Nodes may contain simple OIDs, other nodes and tables. Tables contain columns.
Tokens are composed of letters, digits and underscore characters. All white space characters except newline are ignored unless they are placed in quoted strings (““). Tokens are separated by comma characters (,). Token’s identifier have to be unique within the scope of the schema file.
Schema Format Definitions
Chapter 2 Vendors Private Schema 37
For example
File Header
Block
Branch
Simple-OID and/or Node and/or Table
End-Branch
End-Block
Table 2-1 Header Tokens
Token Arguments
Meaning of Arguments Comments
START-FILE-HEADER
None
FILE-TYPE File Type The type of this file. Should be: MIB-DEFINITION.
VERSION Version The version of this file. Should be:5.0.
END-FILE-HEADER None
START-FILE-HEADER
FILE-TYPE, MIB-DEFINITION
VERSION, 5.0END- FILE-HEADER
Block Definition
38
Block Definition
For example:
Table 3:
Token Arguments Meaning of Arguments Comments
START-BLOCK
None
BLOCK-NAME
Identifier Identifier for this block. The one word token that should start with a lower case letter.
Display String String to display with this block.
A quoted string.
IMPLEMENT Implement Comma separated list of the OPSEC APIs that the application supports.
One or more of: CVP, UFP, LEA, ELA, SAM, CPMI.
END-BLOCK None
START-BLOCK
BLOCK-NAME, myStatus, “My Status”
IMPLEMENT,CVP, CPMI, ELA
…END-BLOCK
Branch Definition
Chapter 2 Vendors Private Schema 39
Branch Definition
For example
Table 2-1 Branch Tokens
Token Arguments Meaning of Arguments Comments
START-BRANCH
Identifier Identifier for this branch. The one word token that should start with a lower case letter.
Display String
String to display with this branch.
A quoted string.
OID The absolute OID of the branch.
END-BRANCH
None
START-BLOCK
BLOCK-NAME, myStatus, “My Status”
IMPLEMENT,CVP, CPMI, ELA
START-BRANCH, myFirstBranch, “My First Branch”, 1.2.34
…
END-BRANCH
END-BLOCK
Node Definition
40
Node Definition
For example
Table 2-2 NODE Tokens
Token Arguments Meaning of Arguments Comments
START-NODE
Identifier An identifier for this node. The one word token, should start with lower case letter.
Display String
The string to display with this branch.
A quoted string.
OID The relative OID of the Node.
END-NODE None
START-BLOCK
BLOCK-NAME, myStatus, “My Status”
IMPLEMENT,CVP, CPMI, ELA
START-BRANCH, myFirstBranch, “My First Branch”, 1.2.34
START-NODE, myFirstNode, “My First Node”, 4
…
END-NODE
END-BRANCH
END-BLOCK
Simple OID Definition
Chapter 2 Vendors Private Schema 41
Simple OID DefinitionTable 2-3 Simple OID Tokens
Token Arguments Meaning of Arguments Comments
SIMPLE-OID
Identifier An identifier for this OID. The one word token, should start with lower case letter.
Display String The string to display with this OID.
A quoted string.
OID The relative OID of this OID.
Value Type The value type. One of: UINT16, INT16, UINT32, INT32, UINT64, INT64, IP, STRING
Mandatory Optional attribute: Is this OID mandatory or optional.
One of: MANDATORY, OPTIONALDefault = MANDATORY
Simple OID Definition
42
For example
START-BLOCK
BLOCK-NAME, myStatus, “My Status”
IMPLEMENT,CVP, CPMI, ELA
START-BRANCH, myFirstBranch, “My First Branch”, 1.2.34
START-NODE, myFirstNode, “My First Node”, 4
SIMPLE-OID, myFieldName, “My FieldName”, 1, STRING
SIMPLE-OID, myFieldNumber, “My Field Number”, 2, UINT16
END-NODE
SIMPLE-OID, myName, “My Name”, 10, STRING, OPTIONAL
SIMPLE-OID, myNumber, “My Number”, 11, UINT32
END-BRANCH
END-BLOCK
Table Definition
Chapter 2 Vendors Private Schema 43
Table DefinitionTable 2-4 TABLE Tokens
Token Arguments Meaning of Arguments Comments
START-TABLE
Table Identifier An identifier for this table.
The one word token, should start witha lower case letter.
Table Display String The string to display with this table name.
A quoted string.
OID The relative OID.
Entry Identifier An identifier for this table entry.
The one word token, should start with lower case letter.
Entry Display String The string to display with this entry name.
A quoted string.
OID The relative OID to the table entry.
Table Definition
44
COLUMN
Identifier The identifier for this column.
The one word token, should start with lower case letter.
Display String The string to display with this OID.
A quoted string
OID The relative OID of this OID.
Value Type The value type. One of: UINT16, INT16, UINT32, INT32, STRING.
Index For index column this is the index number.
Must be an integer. 0 means not an index column.
END-TABLE
None
Table 2-4 TABLE Tokens
Table Definition
Chapter 2 Vendors Private Schema 45
For example
START-BLOCK
BLOCK-NAME, myStatus, “My Status”
IMPLEMENT,CVP, CPMI, ELA
START-BRANCH, myFirstBranch, “My First Branch”, 1.2.34
START-NODE, myFirstNode, “My First Node”, 4
SIMPLE-OID, myFieldName, “My Node Name”, 1, STRING
SIMPLE-OID, myFieldNumber, “My Node Number”, 2, UINT16
START-TABLE, nodeTableName, “My Node Table”, 3, nodeEntryName, “My Node Entry”, 1
COLUMN, myTableIndex, “Index”, 1, UINT32, 1
COLUMN, myName, “My Name”, 2, STRING, 0
COLUMN, myNumber, “My Number”, 3, INT32, 0
END-TABLE
END-NODE
SIMPLE-OID, myName2, “My Name2”, 10, STRING, OPTIONAL
SIMPLE-OID, myNumber2, “My Number2”, 11, UINT32
START-TABLE, otherTableName, “My Table”, 21, otherEntryName, “My Entry”, 1
COLUMN, otherIndex, “Other Index”, 1, UINT32, 1
COLUMN, otherName, “My Other Number”, 2, INT32, 0
END-TABLE
END-BRANCH
END-BLOCK
Porting Private Schema
46
Porting Private SchemaIn order to port the AMON schema (definition described in “Schema Format Definitions””) to a Check Point schema, a command-line tool is supplied in the VPN-1 package called "amon_import". Run it on SmartCenter Server with root permissions. Its output is a modification of the Check Point schema that takes effect after re-running the Check Point AMON (Application Monitoring) service.
UsageThe format of the command line is as follows:
amon_import [-force] [-nochange] [-delete] input_file
The program exits with a non-zero code upon failure. The default invocation has no parameters and ports the scheme for the first time. If the program is run again, it will exit with error, with a prompt stating that the schema was already ported.
To delete the existing entry run the program with the -delete parameter. To force an override of the existing entry, use the -force parameter. Use the -nochange parameter to check the validity of the input file as well as the validity of the whole porting process.
Table 2-5 amon_import parameters
parameter meaning
-nochange Do the process,leave the Check Point schema unchanged.
-force Force a possible override of an existing AMON schema.
-delete Delete the input_file schema from the Check Point schema.
input_file The AMON schema file name.
Note - Because it uses the input file name as an entry in the scheme, don't use the tool with different files (containing same block names) without deleting the old entry first.
47
Chapter 3Server API Functions
In This Chapter
Function Calls page 48
Oid API page 48
OidRep API page 56
AmonRequest API page 62
AmonRequestIter API page 63
AmonReply API page 65
AmonReplyIter API page 70
Server API page 71
Event Handlers page 73
AMON_REQUEST_HANDLER page 73
AMON_CANCEL_HANDLER page 74
Function Calls
48
Function CallsThis section describes the functions provided by the OPSEC AMON API.
Oid APIThe following functions enable creation, deletion and other manipulations on Oid objects.
oid_createCreate oid object.
Prototypeint oid_create(Oid **oid, const OidNum *oid_arr, unsigned int oid_arr_len);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_create_from_stringCreate oid object from string.
Prototypeint oid_create_from_string(Oid **oid, const char *oid_str);
Table 3-1 oid_create arguments
argument meaning
oid a pointer to hold the new oid
oid_arr number-array representation of oid
oid_arr_length length of the array
Oid API
Chapter 3 Server API Functions 49
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_duplicateDuplicate (create) oid object from another oid.
Prototypeint oid_duplicate(Oid **dst_oid, const Oid *src_oid);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_destroyDestroy oid object.
Prototypevoid oid_destroy(Oid *oid);
Table 3-2 oid_create_from_string arguments
argument meaning
oid a pointer to hold the new oid
oid_str a string representation of oid (e.g. a.b.c.d)
Table 3-3 oid_duplicate arguments
argument meaning
dst_oid a pointer to hold the new oid
src_oid oid to duplicate
Note - The caller should destroy the duplicated oid, using oid_destroy.
Oid API
50
Arguments
Return Values
None.
oid_to_stringReturn the string representation of the oid on success, else NULL.
Prototypechar * oid_to_string(const Oid *oid);
Arguments
Return Values
return the string representation of the oid on success, else NULL
oid_to_arrayConvert oid to array of numbers.
Prototypeint oid_to_array(const Oid *oid, OidNum **oid_arr, unsigned int *oid_arr_len);
Table 3-4 oid_destroy arguments
argument meaning
oid Oid object
Table 3-5 oid_to_string arguments
argument meaning
oid Oid object
Note - The caller should free this string using opsec_free().
Oid API
Chapter 3 Server API Functions 51
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_get_lengthReturn oid length.
Prototypeunsigned int oid_get_length(const Oid *oid);
Arguments
Return Values
The size of the array that is required to hold this oid.
oid_compareLexicographical comparison between two oid's.
Prototypeint oid_compare(const Oid *left, const Oid *right);
Table 3-6 oid_to_array arguments
argument meaning
oid oid object
oid_arr a pointer to hold the Number-array representation of oid
oid_arr_length a pointer to hold array length
Note - The caller should free this array using opsec_free().
Table 3-7 oid_get_length arguments
argument meaning
oid oid object
Oid API
52
Arguments
Return Values
0 if not different (equal),
< 0 if left is before right
> 0 if left is after right
oid_concatConcatenate oid2 to oid1.
Prototypeint oid_concat(Oid* oid1, const Oid* oid2);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_containCheck if left oid number contains right oid.
For example:
1.2.3 , 1.2.2 - no containment
1.2.3 , 1.2.3.4 - right contains left
1.2.3.4, 1.2.3 - left contains right
Table 3-8 oid_compare arguments
argument meaning
left left oid
right right oid
Table 3-9 oid_concat arguments
argument meaning
oid1 oid object
oid2 oid object
Oid API
Chapter 3 Server API Functions 53
1.2.3, 1.2.3 - identical
PrototypeeOidContain oid_contain(const Oid* left, const Oid* right);
Arguments
Return Values
eoidContain values.
Possible values for containment:
Arguments
oid_prefixReturns the prefix of oid on success.
Prototype
int oid_prefix(const Oid* oid, unsigned int num_of_elems, Oid** prefix_oid);
Table 3-10 oid_contain arguments
argument meaning
left left oid
right right oid
Table 3-11 eOidContain values
value description
OidContain_NoContainment not containment between the oid’s
OidContain_LeftContainRight left oid contain right oid
OidContain_RightContainLeft right oid contain left oid
OidContain_Identical oids are identical
Oid API
54
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise
oid_suffixReturns the suffix of oid on success.
Prototypeint oid_suffix(const Oid* oid, unsigned int num_of_elems, Oid** suffix_oid);
Table 3-12 oid_prefix arguments
argument meaning
oid Oid object
num_of_elems number of elements in prefixif num_of_elems > oid_length then all oid will be returned in prefix_oid
prefix_oid pointer to hold the prefix
Note - Caller should destroy prefix_oid using oid_destroy.
Oid API
Chapter 3 Server API Functions 55
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise
oid_chop_leftChop n elements from left of oid.
Prototypevoid oid_chop_left(Oid* oid, unsigned int num_of_elems);
Arguments
Return Values
None.
oid_chop_rightChop n elements from right of oid.
Table 3-13 oid_suffix arguments
argument meaning
oid Oid object
num_of_elems number of elements in suffixif num_of_elems > oid_length then all oid will be returned in suffix_oid
suffix_oid pointer to hold the suffix
Note - Caller should destroy prefix_oid using oid_destroy.
Table 3-14 oid_chop_left arguments
argument meaning
oid Oid object
num_of_elems number of elements to chopif num_of_elems > number of elements in oid then oid length will be 0
OidRep API
56
Prototypevoid oid_chop_right(Oid* oid, unsigned int num_of_elems);
Arguments
Return Values
None.
oid_elementReturns the 'index' element in oid.
Prototypeint oid_element(const Oid *oid, unsigned int index);
Arguments
Return Values
the n-th element if exists (>=0), else -1
OidRep APIThe following functions enable creation, deletion and other manipulations to OidRep objects.
Table 3-15 oid_chop_right arguments
argument meaning
oid Oid object
num_of_elems number of elements to chopif num_of_elems > number of elements in oid then oid length will be 0
Table 3-16 oid_element arguments
argument meaning
oid Oid object
index the nth element to retrieve
OidRep API
Chapter 3 Server API Functions 57
oid_reply_createCreate oid reply object.
Prototypeint oid_reply_create(OidRep **oid_rep);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_reply_destroyDestroy OidRep object.
Prototypevoid oid_reply_destroy(OidRep *oid_rep);
Arguments
Return Values
None.
oid_reply_get_oidReturns a reference to the oid of the OidRep object
Prototypeconst Oid * oid_reply_get_oid(const OidRep *oid_rep);
Table 3-17 oid_reply_create arguments
argument meaning
oid_rep OidRep object
Table 3-18 oid_reply_destroy arguments
argument meaning
oid_rep OidRep object
OidRep API
58
Arguments
Return Values
A pointer to (reference) Oid on success, otherwise NULL.
oid_reply_get_opsec_valueReturns reference to opsec_value object in oid_rep.
Prototypeconst opsec_value_t *oid_reply_get_opsec_value (const OidRep *oid_rep);
Arguments
Return Values
Pointer to (reference) opsec_value_t on success, otherwise NULL.
oid_reply_get_errorReturn error status of OidRep object.
PrototypeeOidError oid_reply_get_error(const OidRep *oid_rep);
Table 3-19 oid_reply_get_oid arguments
argument meaning
oid_rep OidRep object
Note - Do not try to free this pointer.
Table 3-20 oid_reply_get_value arguments
argument meaning
oid_rep OidRep object
Note - Do not try to free this pointer.– opsec_value_t should be parsed and acced using opsec_value api (see the OPSEC.pdf)– for amon supported value types see “AMON Communication Protocol” on page 18
OidRep API
Chapter 3 Server API Functions 59
Arguments
Return Values
Return one of the eOidError values from Table 3-22 below.
oid_reply_get_allReturn all the content of OidRep object.
Prototypevoid oid_reply_all(const OidRep *oid_rep, const Oid **oid, const opsec_value_t **value, eOidError *err)
Table 3-21 oid_reply_get_error arguments
argument meaning
oid_rep OidRep object
Table 3-22 oid_reply_get_error codes
value description
OidErr_OK the status of this oid reply is OK
OidErr_NotFound this oid was not found
OidRep API
60
Arguments
Return Values
None.
oid_reply_set_oidSets the oid in OidRep.
Prototypeint oid_reply_set_oid(OidRep *oid_rep, const Oid *oid);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_reply_set_opsec_valueSets opsec_value_t object to OidRep object.
Table 3-23 oid_reply_get_all arguments
argument meaning
oid_rep OidRep object
oid a pointer to hold the oid
value a pointer to hold the value
err a pointer to hold the error
Note - Do not try to free oid and value.
Table 3-24 oid_reply_set_oid arguments
argument meaning
oid_rep OidRep object
oid the oid to set in the OidRep
OidRep API
Chapter 3 Server API Functions 61
Prototypeint oid_reply_set_opsec_value(OidRep *oid_rep, const opsec_value_t *value);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
oid_reply_set_errorset error of oid object in OidRep object
Prototypevoid oid_reply_set_error(OidRep *oid_rep, eOidError err);
Arguments
Return Values
None.
oid_reply_create_with_allCreates OidRep object with all setting.
Prototypeint oid_reply_create_with_all(OidRep **oid_rep, const Oid *oid, const opsec_value_t *value, eOidError err);
Table 3-25 oid_reply_set_opsec_value arguments
argument meaning
oid_rep OidRep object
value the value to set
Table 3-26 oid_reply_set_error arguments
argument meaning
oid_rep OidRep object
err the error to set
AmonRequest API
62
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
AmonRequest APIThe following functions enable you to parse AmonRequest objects.
amon_request_get_num_of_oidsReturns the number of OIDs in the specified request.
Prototypeunsigned int amon_request_get_num_of_oids(const AmonRequest *req);
Arguments
Return Values
The number of OIDs if successful, otherwise 0.
amon_request_get_scopeReturns the search scope of the request.
PrototypeeAmonScope amon_request_get_scope(const AmonRequest *req);
Table 3-27 oid_reply_create_with_all arguments
argument meaning
oid_rep a pointer to hold the new created OidRep object
oid oid that will be set to the created OidRep
value value that will be set to the created OidRep
err error that will be set to the created OidRep
Table 3-28 amon_request_get_num_of_oids arguments
argument meaning
req A pointer to the request.
AmonRequestIter API
Chapter 3 Server API Functions 63
Arguments
Return Values
One of the following values:
amon_request_get_size_limit
Prototypeunsigned int amon_request_get_size_limit(const AmonRequest *req);
Arguments
Return Values
Return the size_limit (max oid's) of the request.
AmonRequestIter APIThis set of functions allow iteration on the AmonRequest object.
amon_request_iter_createCreates iterator on request.
Table 3-29 amon_request_get_scope arguments
argument meaning
req A pointer to the request.
Table 3-30 amon_request_get_scope return values
Value Meaning
AmonScope_GetAll this oid and all its sub tree oid's
AmonScope_GetOne one oid only
AmonScope_GetNext next oid only
Table 3-31 amon_request_get_size_limit arguments
argument meaning
req A pointer to the request.
AmonRequestIter API
64
Prototypeint amon_request_iter_create(AmonRequest *req, AmonRequestIter **iter);
Arguments
Return Values
EO_OK on success. EO_ERROR otherwise.
amon_request_iter_nextIterate on all oid’s in AmonRequest.
Prototypeconst Oid * amon_request_iter_next(AmonRequestIter *iter);
Arguments
Return Values
On the first call, the first oid in the request is returned. For each succeeding call, the function iterates and the next oid is retrieved. NULL if error or if the last oid has been returned.
amon_request_iter_destroyDestroy AmonRequestIter.
Table 3-32 amon_request_iter_create arguments
argument meaning
req A pointer to the request.
iter A pointer to be set to the request iterator.
Note - Note: caller should destroy iter using amon_request_iter_destroy
Table 3-33 amon_request_iter_next arguments
argument meaning
iter A pointer to the request iterator.
AmonReply API
Chapter 3 Server API Functions 65
Prototypevoid amon_request_iter_destroy(AmonRequestIter *iter);
Arguments
Return Values
None.
AmonReply APIThe following functions enable creation, deletion, parsing, setting and get value from AmonRequest objects.
Contains:
• list of OidRep's
• number of OidRep's in the list
• last reply marker
• reply status
amon_reply_createCreate AmonReply object
Prototypeint amon_reply_create(AmonReply **rep);
Table 3-34 amon_request_iter_destroy arguments
argument meaning
iter A pointer to the request iterator.
AmonReply API
66
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
amon_reply_destroyDestroy AmonReply object.
Prototypevoid amon_reply_destroy(AmonReply *rep);
Arguments
Return Values
None.
amon_reply_add_oidAdd oid to reply.
Prototypeint amon_reply_add_oid(AmonReply *rep, const OidRep *oid_rep);
Table 3-35 amon_reply_create arguments
argument meaning
rep pointer to hold the AmonReply object
Note - Note: the caller should destroy this reply using amon_reply_destroy.
Table 3-36 amon_reply_create arguments
argument meaning
rep pointer to AmonReply object
AmonReply API
Chapter 3 Server API Functions 67
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
amon_reply_remove_oidRemove oid from reply.
Prototypevoid amon_reply_remove_oid(AmonReply *rep, const Oid *oid);
Arguments
Return Values
None.
amon_reply_get_num_of_oidsReturns the number of oid's in a reply.
Prototypeunsigned int amon_reply_get_num_of_oids(const AmonReply *rep);
Table 3-37 amon_reply_add_oid arguments
argument meaning
rep the reply which the oid will be added to
oid_rep OidRep object to add to the reply
Table 3-38 amon_reply_remove_oid arguments
argument meaning
rep AmonReply object which the oid will be removed from
oid the oid to remove
AmonReply API
68
Arguments
Return Values
returns number of oid's
amon_reply_get_errorGets error of reply from AmonReply object.
PrototypeeAmonError amon_reply_get_error(const AmonReply *rep);
Arguments
Return Values
AmonError_OK when the reply is OK. AmonError_Fail meaning the server failed to reply to a specific request.
amon_reply_set_errorSets error of reply in AmonReply object.
Prototypevoid amon_reply_set_error(AmonReply *rep, eAmonError reply_err);
Table 3-39 amon_reply_get_num_of_oids arguments
argument meaning
rep AmonReply object
Table 3-40 amon_reply_get_error arguments
argument meaning
rep AmonReply object
AmonReply API
Chapter 3 Server API Functions 69
Arguments
Return Values
None.
amon_reply_get_last_reply_markGets last reply marker from AmonReply object.
PrototypeeLastReply amon_reply_get_last_reply_mark(const AmonReply *rep);
Arguments
Return Values
None.
amon_reply_set_last_reply_markSets last reply marker in AmonReply object.
Prototypevoid amon_reply_set_last_reply_mark(AmonReply *rep, eLastReply last_rep_mark);
Table 3-41 amon_reply_set_error arguments
argument meaning
rep AmonReply Object
reply_err refer to “amon_reply_get_error”” above
Table 3-42 amon_reply_get_last_reply_mark arguments
argument meaning
LastReply_False This is not the last reply.
LastReply_True This is the last reply.
AmonReplyIter API
70
Arguments
Return Values
None.
AmonReplyIter APIThis set of functions allow iteration on the AmonReply object.
amon_reply_iter_createCreates iterator on reply.
Prototypeint amon_reply_iter_create(AmonReply *rep, AmonReplyIter **iter);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
amon_reply_iter_nextIterate on all OidRep objects in AmonReply.
Table 3-43 amon_reply_set_last_reply_mark arguments
argument meaning
rep AmonReply Object
last_rep_mark the last reply marker
Table 3-44 amon_reply_iter_create arguments
argument meaning
rep AmonReply Object
iter pointer to hold the iterator
Note - Caller should destroy iter using amon_reply_iter_destroy.
Server API
Chapter 3 Server API Functions 71
Prototypeconst OidRep * amon_reply_iter_next(AmonReplyIter *iter);
Arguments
Return Values
On the first call, the first oid in the request is returned. For each succeeding call, the function iterates and the next oid is retrieved. NULL if error or if the last oid has been returned.
amon_reply_iter_destroyDestroy AmonRequestIter.
Prototypevoid amon_reply_iter_destroy(AmonReplyIter *iter);
Arguments
Return Values
None.
Server APIThe following functions enable interaction with an amon client.
amon_reply_sendSends the reply on the session.
Table 3-45 amon_reply_iter_next arguments
argument meaning
iter pointer to hold the iterator
Table 3-46 amon_reply_iter_destroy arguments
argument meaning
iter AmonReplyIter object
Server API
72
Prototype
int amon_reply_send(OpsecSession *session, AmonReply *rep, AmonReqId id);
Arguments
Return Values
EO_OK if successful. EO_ERROR otherwise.
Table 3-47 amon_reply_send arguments
argument meaning
session opsec session
rep the reply to send
id the id of the request that this reply answers
Event Handlers
Chapter 3 Server API Functions 73
Event HandlersThis section describes the functions that need to be written in order to implement an AMON Server. All of these functions take a pointer to an OpsecSession as their agrument. The memory allocated for the function arguments is managed by the OPSEC environment, and the arguments hold valid data only during the execution of the handler function. For this reason do not save a static pointer to this data to use after the handler function returns.
AMON_REQUEST_HANDLERThis function is called when a new request arrives from the client.
Prototype
eOpsecHandlerRC amon_request_handler(OpsecSession *session, AmonRequest *req, AmonReqId id);
Arguments
Return Value
OPSEC_SESSION_OKOPSEC_SESSION_ERROPSEC_SESSION_END
Table 3-48 amon_request_handler
argument meaning
session opsec session
req the request that arrived from the amon client
id id of the request
AMON_CANCEL_HANDLER
74
AMON_CANCEL_HANDLERThis function is called when a cancel request arrives from the client.
PrototypeeOpsecHandlerRC amon_cancel_handler(OpsecSession *session,AmonReqId id);
Arguments
Return Value
OPSEC_SESSION_OKOPSEC_SESSION_ERROPSEC_SESSION_END
Table 3-49 amon_request_handler
argument meaning
session opsec session
id id of the request
135
THIRD PARTY TRADEMARKS AND COPYRIGHTS
Entrust is a registered trademark of Entrust Technologies, Inc. in the United States and other countries. Entrust’s logos and Entrust product and service names are also trademarks of Entrust Technologies, Inc. Entrust Technologies Limited is a wholly owned subsidiary of Entrust Technologies, Inc. FireWall-1 and SecuRemote incorporate certificate management technology from Entrust.
Verisign is a trademark of Verisign Inc.
The following statements refer to those portions of the software copyrighted by University of Michigan. Portions of the software copyright © 1992-1996 Regents of the University of Michigan. All rights reserved. Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided “as is” without express or implied warranty. Copyright © Sax Software (terminal emulation only).
The following statements refer to those portions of the software copyrighted by Carnegie Mellon University.
Copyright 1997 by Carnegie Mellon University. All Rights Reserved.
Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of CMU not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission.CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
The following statements refer to those portions of the software copyrighted by The Open Group.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
The following statements refer to those portions of the software copyrighted by The OpenSSL Project. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The following statements refer to those portions of the software copyrighted by Eric Young. THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Copyright © 1998 The Open Group.
136
The following statements refer to those portions of the software copyrighted by Jean-loup Gailly and Mark Adler Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler. This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
The following statements refer to those portions of the software copyrighted by the Gnu Public License. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
The following statements refer to those portions of the software copyrighted by Thai Open Source Software Center Ltd and Clark Cooper Copyright (c) 2001, 2002 Expat maintainers. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.GDChart is free for use in your applications and for chart generation. YOU MAY NOT re-distribute or represent the code as your own. Any re-distributions of the code MUST reference the author, and include any and all original documentation. Copyright. Bruce Verderaime. 1998, 1999, 2000, 2001. Portions copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002 by Cold Spring Harbor Laboratory. Funded under Grant P41-RR02188 by the National Institutes of Health. Portions copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002 by Boutell.Com, Inc. Portions relating to GD2 format copyright 1999, 2000, 2001, 2002 Philip Warner. Portions relating to PNG copyright 1999, 2000, 2001, 2002 Greg Roelofs. Portions relating to gdttf.c copyright 1999, 2000, 2001, 2002 John Ellson ([email protected]). Portions relating to gdft.c copyright 2001, 2002 John Ellson ([email protected]). Portions relating to JPEG and to color quantization copyright 2000, 2001, 2002, Doug Becker and copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, Thomas G. Lane. This software is based in part on the work of the Independent JPEG Group. See the file README-JPEG.TXT for more information. Portions relating to WBMP copyright 2000, 2001, 2002 Maurice Szmurlo and Johan Van den Brande. Permission has been granted to copy, distribute and modify gd in any context without fee, including a commercial application, provided that this notice is present in user-accessible supporting documentation. This does not affect your ownership of the derived work itself, and the intent is to assure proper credit for the authors of gd, not to interfere with your productive use of gd. If you have questions, ask. "Derived works" includes all programs that utilize the library. Credit must be given in user-accessible documentation. This software is provided "AS IS." The copyright holders disclaim all warranties, either express or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose, with respect to this code and accompanying documentation. Although their code does not appear in gd 2.0.4, the authors wish to thank David Koblas, David Rowley, and Hutchison Avenue Software Corporation for their prior contributions.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
The curl license
COPYRIGHT AND PERMISSION NOTICE
Copyright (c) 1996 - 2004, Daniel Stenberg, <[email protected]>.All rights reserved.
Permission to use, copy, modify, and distribute this software for any purpose
with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.
Chapter 137
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder.
The PHP License, version 3.0
Copyright (c) 1999 - 2004 The PHP Group. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, is permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
3. The name "PHP" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected].
4. Products derived from this software may not be called "PHP", nor may "PHP" appear in their name, without prior written permission from [email protected]. You may indicate that your software works in conjunction with PHP by saying "Foo for PHP" instead of calling it "PHP Foo" or "phpfoo"
5. The PHP Group may publish revised and/or new versions of the license from time to time. Each version will be given a distinguishing version number. Once covered code has been published under a particular version of the license, you may always continue to use it under the terms of that version. You may also choose to use such covered code under the terms of any subsequent version of the license published by the PHP Group. No one other than the PHP Group has the right to modify the terms applicable to covered code created under this License.
6. Redistributions of any form whatsoever must retain the following acknowledgment:
"This product includes PHP, freely available from <http://www.php.net/>".
THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This software consists of voluntary contributions made by many individuals on behalf of the PHP Group. The PHP Group can be contacted via Email at [email protected].
For more information on the PHP Group and the PHP project, please see <http://www.php.net>. This product includes the Zend Engine, freely available at <http://www.zend.com>.
This product includes software written by Tim Hudson ([email protected]).
Copyright (c) 2003, Itai Tzur <[email protected]>
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistribution of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Neither the name of Itai Tzur nor the names of other contributors may be used to endorse or promote products derived from this software without specific prior written permission.
138
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Copyright © 2003, 2004 NextHop Technologies, Inc. All rights reserved.
Confidential Copyright Notice
Except as stated herein, none of the material provided as a part of this document may be copied, reproduced, distrib-uted, republished, downloaded, displayed, posted or transmitted in any form or by any means, including, but not lim-ited to, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of NextHop Technologies, Inc. Permission is granted to display, copy, distribute and download the materials in this doc-ument for personal, non-commercial use only, provided you do not modify the materials and that you retain all copy-right and other proprietary notices contained in the materials unless otherwise stated. No material contained in this document may be "mirrored" on any server without written permission of NextHop. Any unauthorized use of any material contained in this document may violate copyright laws, trademark laws, the laws of privacy and publicity, and communications regulations and statutes. Permission terminates automatically if any of these terms or condi-tions are breached. Upon termination, any downloaded and printed materials must be immediately destroyed.
Trademark Notice
The trademarks, service marks, and logos (the "Trademarks") used and displayed in this document are registered and unregistered Trademarks of NextHop in the US and/or other countries. The names of actual companies and products mentioned herein may be Trademarks of their respective owners. Nothing in this document should be construed as granting, by implication, estoppel, or otherwise, any license or right to use any Trademark displayed in the document. The owners aggressively enforce their intellectual property rights to the fullest extent of the law. The Trademarks may not be used in any way, including in advertising or publicity pertaining to distribution of, or access to, materials in
this document, including use, without prior, written permission. Use of Trademarks as a "hot" link to any website is prohibited unless establishment of such a link is approved in advance in writing. Any questions concerning the use of these Trademarks should be referred to NextHop at U.S. +1 734 222 1600.
U.S. Government Restricted Rights
The material in document is provided with "RESTRICTED RIGHTS." Software and accompanying documentation are provided to the U.S. government ("Government") in a transaction subject to the Federal Acquisition Regulations with Restricted Rights. The Government's rights to use, modify, reproduce, release, perform, display or disclose are
restricted by paragraph (b)(3) of the Rights in Noncommercial Computer Software and Noncommercial Computer Soft-ware Documentation clause at DFAR 252.227-7014 (Jun 1995), and the other restrictions and terms in paragraph (g)(3)(i) of Rights in Data-General clause at FAR 52.227-14, Alternative III (Jun 87) and paragraph (c)(2) of the Commer-cial
Computer Software-Restricted Rights clause at FAR 52.227-19 (Jun 1987).
Use of the material in this document by the Government constitutes acknowledgment of NextHop's proprietary rights in them, or that of the original creator. The Contractor/Licensor is NextHop located at 1911 Landings Drive, Mountain View, California 94043. Use, duplication, or disclosure by the Government is subject to restrictions as set forth in applicable laws and regulations.
Chapter 139
Disclaimer Warranty Disclaimer Warranty Disclaimer Warranty Disclaimer Warranty
THE MATERIAL IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND EITHER EXPRESS OR IMPLIED. TO THE FULLEST EXTENT POSSIBLE PURSUANT TO THE APPLICABLE LAW, NEXTHOP DISCLAIMS ALL WARRANTIES,
EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON INFRINGEMENT OR OTHER VIOLATION OF RIGHTS. NEITHER NEXTHOP NOR ANY OTHER PROVIDER OR DEVELOPER OF MATERIAL CONTAINED IN THIS DOCUMENT WARRANTS OR MAKES ANY REPRESEN-TATIONS REGARDING THE USE, VALIDITY, ACCURACY, OR RELIABILITY OF, OR THE RESULTS OF THE USE OF, OR OTHERWISE RESPECTING, THE MATERIAL IN THIS DOCUMENT.
Limitation of Liability
UNDER NO CIRCUMSTANCES SHALL NEXTHOP BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF DATA OR PROFIT, ARISING OUT OF THE USE, OR THE INABILITY TO USE, THE MATERIAL IN THIS DOCUMENT, EVEN IF NEXTHOP OR A NEXTHOP AUTHORIZED REPRESENTATIVE HAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IF YOUR USE OF MATERIAL FROM THIS DOCUMENT RESULTS IN THE NEED FOR SERVICING, REPAIR OR CORRECTION OF EQUIPMENT OR DATA, YOU ASSUME ANY COSTS THEREOF. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT FULLY APPLY TO YOU.
Copyright © ComponentOne, LLC 1991-2002. All Rights Reserved.
BIND: ISC Bind (Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC"))
Copyright 1997-2001, Theo de Raadt: the OpenBSD 2.9 Release
PCRE LICENCE
PCRE is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language. Release 5 of PCRE is distributed under the terms of the "BSD" licence, as specified below. The documentation for PCRE, supplied in the "doc" directory, is distributed under the same terms as the software itself.
Written by: Philip Hazel <[email protected]>
University of Cambridge Computing Service, Cambridge, England. Phone:
+44 1223 334714.
Copyright (c) 1997-2004 University of Cambridge All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of the University of Cambridge nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
140
June 2006 81
Index
AAMON communication
protocol 18three scope types 18
Amon Scope Types 18AMON Tables 16AMON_CANCEL_HANDLER 74amon_reply_add_oid 66amon_reply_create 65amon_reply_destroy 66amon_reply_get_error 68amon_reply_get_last_reply_mark
69amon_reply_get_num_of_oids 67amon_reply_iter_create 70amon_reply_iter_destroy 71amon_reply_iter_next 70amon_reply_remove_oid 67amon_reply_send 71amon_reply_set_error 68amon_reply_set_last_reply_mark
69amon_request_get_num_of_oids
62amon_request_get_scope 62amon_request_get_size_limit 63AMON_REQUEST_HANDLER 73amon_request_iter_create 63amon_request_iter_destroy 64amon_request_iter_next 64AmonReplyIter API 70arguments
AmonScope_GetAll 63AmonScope_GetNext 63AmonScope_GetOne 63dst_oid 49err 60, 61, 62id 72, 73, 74index 56iter 64, 65, 70, 71last_rep_mark 70LastReply_False 69
LastReply_True 69left 52, 53num_of_elems 54, 55, 56oid 48, 49, 50, 51, 54, 55,
56, 60, 62, 67oid_arr 48, 51oid_arr_length 48, 51oid_rep 57, 58, 59, 60, 61,
62, 67oid_str 49oid1 52oid2 52prefix_oid 54rep 66, 67, 68, 69, 70reply_err 69req 62, 63, 64, 72, 73right 52, 53session 72, 73, 74src_oid 49suffix_oid 55value 60, 61, 62
Bblocks 36
DData Structures 31
EEvent Handler Functions 29Event Handlers 73
AMON_CANCEL_HANDLER74
AMON_REQUEST_HANDLER73
Ffile header 36Function Calls
AmonReply API 65AmonRequest API 62AmonRequestIter API 63Oid API 48OidRep API 56Server API 71
Iidentifier 36
Llexicographic order and
containment rules 17
MMultithread 15
reentrant 15
OOID Order and Containment 17oid_chop_left 55oid_chop_right 55oid_compare 51oid_concat 52oid_contain 52oid_create 48oid_create_from_string 48oid_destroy 49oid_duplicate 49
82
oid_element 56oid_get_length 51oid_prefix 53oid_reply_create 57oid_reply_create_with_all 61oid_reply_destroy 57oid_reply_get_all 59oid_reply_get_error 58oid_reply_get_oid 57oid_reply_get_opsec_value 58oid_reply_set_error 61oid_reply_set_oid 60oid_reply_set_opsec_value 60oid_suffix 54oid_to_array 50oid_to_string 50OPSEC OID Tree 21OPSEC schema mandatory
fields 28OpsecCpmiStatus Schema 27OpsecCpmiStatusSchema 27OpsecCvpStatusSchema 24OpsecElaStatusSchema 26OpsecLeaStatusSchema 25OpsecSamStatus Schema 27OpsecUfpStatusSchema 24
Pporting private schema
usage 46possible values for
containment 53private enterprise number
2620 21
QQuerying Tables 19
SSimple Queries 19
Tthreads 15tokens 36
Vvendors private schema 36