Commit f2cf65cc authored by markc's avatar markc

TS 102 232-3 v2.2.1 (2009-01-09) agreed at LI#19 (Prague, 2008-09-30)

parent 4114e287
Pipeline #3938 passed with stage
in 6 seconds
IPAccessPDU
{itu-t(0) dentified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version6(6)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- from ETSI TS 101 671 [1]
IPAddress
FROM HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version10(10)};
-- ============================
-- Object Identifier Definition
-- ============================
iPIRIObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) iRI(1)}
iPCCObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) cC(2)}
iPIRIOnlyObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) iRIOnly(3)}
-- all three definitions relative to {itu-t(0) identified-organization(4)
-- etsi(0) securityDomain(2) lawfulintercept(2)}
-- ==========================
-- IP Communications Contents
-- ==========================
IPCC ::= SEQUENCE
{
iPCCObjId [0] RELATIVE-OID,
iPCCContents [1] IPCCContents
}
IPCCContents ::= CHOICE
{
iPPackets [0] OCTET STRING,
...
}
-- ===================================================
-- Intercept-related information for general IP-Access
-- ===================================================
IPIRI ::= SEQUENCE
{
iPIRIObjId [0] RELATIVE-OID,
iPIRIContents [1] IPIRIContents,
...
}
IPIRIContents ::= SEQUENCE
{
accessEventType [0] AccessEventType,
targetUsername [1] OCTET STRING,
-- in ASCIIcharacters
internetAccessType [2] InternetAccessType,
iPVersion [3] IPVersion,
targetIPAddress [4] IPAddress OPTIONAL,
-- IP address may not be available in case of failed logon attempts.
-- If it is available, it must be sent.
targetNetworkID [5] UTF8String (SIZE (1..20)) OPTIONAL,
-- Target network ID (e.g. MAC address, PSTN number)
targetCPEID [6] UTF8String (SIZE (1..128)) OPTIONAL,
-- CPEID (e.g. Relay Agent info, computer name)
targetLocation [7] UTF8String (SIZE (1..64)) OPTIONAL,
-- When internetAccessType is Wireless LAN, this field should contain a string which
-- uniquely identifies the wireless accesspoint within the SvP domain
pOPPortNumber [8] INTEGER (0..4294967295) OPTIONAL,
-- The POP port number used by the target
callBackNumber [9] UTF8String (SIZE (1..20)) OPTIONAL,
-- The number used to call-back the target
startTime [10] GeneralizedTime OPTIONAL,
-- The start date-time of the session or lease
endTime [11] GeneralizedTime OPTIONAL,
-- The actual end date-time of the session or lease
endReason [12] EndReason OPTIONAL,
-- The reason for the session to end
octetsReceived [13] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target received
octetsTransmitted [14] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target transmitted
rawAAAData [15] OCTET STRING OPTIONAL,
-- Content of the raw AAA record
...,
expectedEndTime [16] GeneralizedTime OPTIONAL,
-- The expected end date-time of the session or lease
pOPPhoneNumber [17] UTF8String (SIZE (1..20)) OPTIONAL,
-- The phone number dialed by the target for dial-up
pOPIdentifier [18] IPIRIIDType OPTIONAL,
-- The identifier or name of the POP
pOPIPAddress [19] IPAddress OPTIONAL,
-- The IP address of the POP
nationalIPIRIParameters [20] NationalIPIRIParameters OPTIONAL
}
AccessEventType ::= ENUMERATED
{
accessAttempt(0),
-- A target requests access to the IAS
accessAccept(1),
-- IAS access is granted to the target, the session begins
accessReject(2),
-- IAS access is refused to the target
accessFailed(3),
-- The Access_attempt timed-out or failed otherwise
sessionStart(4),
-- A target starts using the IAS; not in use anymore from version 4(4)
sessionEnd(5),
-- A target stops using the IAS; not in use anymore from version 4(4)
interimUpdate(6),
-- Intermediate status report on service status or usage
...,
startOfInterceptionWithSessionActive(7),
-- LI is started on a target who already has an active session
accessEnd(8)
-- A target stops using the IAS, the session ends
}
InternetAccessType ::= ENUMERATED
{
undefined(0),
dialUp(1),
-- IAS via DialUp access
xDSL(2),
-- IAS via DSL access
cableModem(3),
-- IAS via Cable access
lAN(4),
-- IAS via LAN access
...,
wirelessLAN(5),
-- IAS via Wireless LAN access
fTTx(6),
-- IAS via Fiber access
wIMAX-HIPERMAN(7),
-- IAS via WIMAX/HIPERMAN (fixed access)
satellite(8)
-- IAS via Satellite access
-- (when it is not covered by any 3GPP or ETSI mobile Lawful Interception specifications)
}
IPVersion ::= ENUMERATED
{
iPV4(1),
-- The IPv4 protocol is used
iPV6(2)
-- The IPv6 protocol is used
}
EndReason ::= ENUMERATED
{
undefined(0),
regularLogoff(1),
-- The target logged off
connectionLoss(2),
-- The connection was lost
connectionTimeout(3),
-- The connection timed-out
leaseExpired(4),
-- The DHCP lease expired
...
}
IPIRIIDType ::= CHOICE
{
printableIDType [0] UTF8String (SIZE (1..128)),
-- For printable userIDs, such as the Radius username, phonenumbers
macAddressType [1] OCTET STRING (SIZE (6)),
-- For MAC address types, raw binary format as in RFC 2132 [15]
ipAddressType [2] IPAddress,
-- For IP address types
...
}
NationalIPIRIParameters ::= SEQUENCE
{
countryCode [1] PrintableString (SIZE (2)),
-- Country Code according to ISO 3166-1 [16],
-- the country to which the parameters inserted after the extension marker apply.
...
-- In case a given country wants to use additional national parameters according to its law,
-- these national parameters should be defined using the ASN.1 syntax and added after the
-- extension marker (...).
-- It is recommended that "version parameter" and "vendor identification parameter" are
-- included in the national parameters definition. Vendor identifications can be
-- retrieved from the IANA web site (see Annex E Bibliography). Besides, it is recommended
-- to avoid using tags from 240 to 255 in a formal type definition.
}
-- =====================================================
-- Intercept-related information for IRI-Only intercepts
-- =====================================================
IPIRIOnly ::= SEQUENCE
{
iPIRIOnlyObjId [0] RELATIVE-OID,
iPInformation [1] IPInformation,
protocolInformation [2] ProtocolInformation,
iPAggregatedNbrOfPackets [3] INTEGER OPTIONAL,
iPAggregatedNbrOfBytes [4] INTEGER OPTIONAL,
...
}
IPInformation ::= CHOICE
{
iPv4Information [0] IPv4Information,
iPv6Information [1] IPv6Information
}
ProtocolInformation ::= CHOICE
{
none [0] NULL,
-- No layer 4 protocol information is provided
tCPInformation [1] TCPInformation,
uDPInformation [2] UDPInformation,
...
}
IPv4Information ::= SEQUENCE
{
headerLength [0] OCTET STRING OPTIONAL,
typeOfService [1] OCTET STRING OPTIONAL,
totalLength [2] OCTET STRING (SIZE (2))OPTIONAL,
identification [3] OCTET STRING (SIZE (2))OPTIONAL,
fragment [4] OCTET STRING (SIZE (2))OPTIONAL,
ttl [5] OCTET STRING OPTIONAL,
protocol [6] OCTET STRING OPTIONAL,
headerChecksum [7] OCTET STRING (SIZE (2))OPTIONAL,
source [8] OCTET STRING (SIZE (4)),
destination [9] OCTET STRING (SIZE (4)),
options [10] OCTET STRING (SIZE (0..40))OPTIONAL
}
IPv6Information ::= SEQUENCE
{
trafficClass [0] OCTET STRING OPTIONAL,
flowLabel [1] OCTET STRING (SIZE (20))OPTIONAL,
payloadLength [2] OCTET STRING (SIZE (4))OPTIONAL,
nextHeader [3] OCTET STRING OPTIONAL,
hopLimit [4] OCTET STRING OPTIONAL,
source [5] OCTET STRING (SIZE (16)),
destination [6] OCTET STRING (SIZE (16))
}
TCPInformation ::= SEQUENCE
{
sourcePort [0] OCTET STRING (SIZE (2))OPTIONAL,
destinationPort [1] OCTET STRING (SIZE (2))OPTIONAL,
sequenceNumber [2] OCTET STRING (SIZE (4))OPTIONAL,
ackNumber [3] OCTET STRING (SIZE (4))OPTIONAL,
dataOffset [4] BIT STRING (SIZE (4))OPTIONAL,
-- First 4 bits
controlBits [5] BIT STRING (SIZE (6))OPTIONAL,
-- Last 6 bits
windowSize [6] OCTET STRING (SIZE (2))OPTIONAL,
checkSum [7] OCTET STRING (SIZE (2))OPTIONAL,
urgentPointer [8] OCTET STRING (SIZE (2))OPTIONAL,
options [9] OCTET STRING (SIZE (0..40))OPTIONAL
}
UDPInformation ::= SEQUENCE
{
sourcePort [0] OCTET STRING (SIZE (2))OPTIONAL,
destinationPort [1] OCTET STRING (SIZE (2))OPTIONAL,
length [2] OCTET STRING (SIZE (2))OPTIONAL,
checkSum [3] OCTET STRING (SIZE (2))OPTIONAL
}
END -- end of IPAccessPDU
IPAccessPDU
{itu-t(0) dentified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) li-ps(5) iPAccess(3) version6(6)}
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
-- from ETSI TS 101 671 [1]
IPAddress
FROM HI2Operations
{itu-t(0) identified-organization(4) etsi(0) securityDomain(2) lawfulIntercept(2) hi2(1) version10(10)};
-- ============================
-- Object Identifier Definition
-- ============================
iPIRIObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) iRI(1)}
iPCCObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) cC(2)}
iPIRIOnlyObjId RELATIVE-OID ::= {li-ps(5) iPAccess(3) version6(6) iRIOnly(3)}
-- all three definitions relative to {itu-t(0) identified-organization(4)
-- etsi(0) securityDomain(2) lawfulintercept(2)}
-- ==========================
-- IP Communications Contents
-- ==========================
IPCC ::= SEQUENCE
{
iPCCObjId [0] RELATIVE-OID,
iPCCContents [1] IPCCContents
}
IPCCContents ::= CHOICE
{
iPPackets [0] OCTET STRING,
...
}
-- ===================================================
-- Intercept-related information for general IP-Access
-- ===================================================
IPIRI ::= SEQUENCE
{
iPIRIObjId [0] RELATIVE-OID,
iPIRIContents [1] IPIRIContents,
...
}
IPIRIContents ::= SEQUENCE
{
accessEventType [0] AccessEventType,
targetUsername [1] OCTET STRING,
-- in ASCIIcharacters
internetAccessType [2] InternetAccessType,
iPVersion [3] IPVersion,
targetIPAddress [4] IPAddress OPTIONAL,
-- IP address may not be available in case of failed logon attempts.
-- If it is available, it must be sent.
targetNetworkID [5] UTF8String (SIZE (1..20)) OPTIONAL,
-- Target network ID (e.g. MAC address, PSTN number)
targetCPEID [6] UTF8String (SIZE (1..128)) OPTIONAL,
-- CPEID (e.g. Relay Agent info, computer name)
targetLocation [7] UTF8String (SIZE (1..64)) OPTIONAL,
-- When internetAccessType is Wireless LAN, this field should contain a string which
-- uniquely identifies the wireless accesspoint within the SvP domain
pOPPortNumber [8] INTEGER (0..4294967295) OPTIONAL,
-- The POP port number used by the target
callBackNumber [9] UTF8String (SIZE (1..20)) OPTIONAL,
-- The number used to call-back the target
startTime [10] GeneralizedTime OPTIONAL,
-- The start date-time of the session or lease
endTime [11] GeneralizedTime OPTIONAL,
-- The actual end date-time of the session or lease
endReason [12] EndReason OPTIONAL,
-- The reason for the session to end
octetsReceived [13] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target received
octetsTransmitted [14] INTEGER (0..18446744073709551615) OPTIONAL,
-- The number of octets the target transmitted
rawAAAData [15] OCTET STRING OPTIONAL,
-- Content of the raw AAA record
...,
expectedEndTime [16] GeneralizedTime OPTIONAL,
-- The expected end date-time of the session or lease
pOPPhoneNumber [17] UTF8String (SIZE (1..20)) OPTIONAL,
-- The phone number dialed by the target for dial-up
pOPIdentifier [18] IPIRIIDType OPTIONAL,
-- The identifier or name of the POP
pOPIPAddress [19] IPAddress OPTIONAL,
-- The IP address of the POP
nationalIPIRIParameters [20] NationalIPIRIParameters OPTIONAL
}
AccessEventType ::= ENUMERATED
{
accessAttempt(0),
-- A target requests access to the IAS
accessAccept(1),
-- IAS access is granted to the target, the session begins
accessReject(2),
-- IAS access is refused to the target
accessFailed(3),
-- The Access_attempt timed-out or failed otherwise
sessionStart(4),
-- A target starts using the IAS; not in use anymore from version 4(4)
sessionEnd(5),
-- A target stops using the IAS; not in use anymore from version 4(4)
interimUpdate(6),
-- Intermediate status report on service status or usage
...,
startOfInterceptionWithSessionActive(7),
-- LI is started on a target who already has an active session
accessEnd(8)
-- A target stops using the IAS, the session ends
}
InternetAccessType ::= ENUMERATED
{
undefined(0),
dialUp(1),
-- IAS via DialUp access
xDSL(2),
-- IAS via DSL access
cableModem(3),
-- IAS via Cable access
lAN(4),
-- IAS via LAN access
...,
wirelessLAN(5),
-- IAS via Wireless LAN access
fTTx(6),
-- IAS via Fiber access
wIMAX-HIPERMAN(7),
-- IAS via WIMAX/HIPERMAN (fixed access)
satellite(8)
-- IAS via Satellite access
-- (when it is not covered by any 3GPP or ETSI mobile Lawful Interception specifications)
}
IPVersion ::= ENUMERATED
{
iPV4(1),
-- The IPv4 protocol is used
iPV6(2)
-- The IPv6 protocol is used
}
EndReason ::= ENUMERATED
{
undefined(0),
regularLogoff(1),
-- The target logged off
connectionLoss(2),
-- The connection was lost
connectionTimeout(3),
-- The connection timed-out
leaseExpired(4),
-- The DHCP lease expired
...
}
IPIRIIDType ::= CHOICE
{
printableIDType [0] UTF8String (SIZE (1..128)),
-- For printable userIDs, such as the Radius username, phonenumbers
macAddressType [1] OCTET STRING (SIZE (6)),
-- For MAC address types, raw binary format as in RFC 2132 [15]
ipAddressType [2] IPAddress,
-- For IP address types
...
}
NationalIPIRIParameters ::= SEQUENCE
{
countryCode [1] PrintableString (SIZE (2)),
-- Country Code according to ISO 3166-1 [16],
-- the country to which the parameters inserted after the extension marker apply.
...
-- In case a given country wants to use additional national parameters according to its law,
-- these national parameters should be defined using the ASN.1 syntax and added after the
-- extension marker (...).
-- It is recommended that "version parameter" and "vendor identification parameter" are
-- included in the national parameters definition. Vendor identifications can be
-- retrieved from the IANA web site (see Annex E Bibliography). Besides, it is recommended
-- to avoid using tags from 240 to 255 in a formal type definition.
}
-- =====================================================
-- Intercept-related information for IRI-Only intercepts
-- =====================================================
IPIRIOnly ::= SEQUENCE
{
iPIRIOnlyObjId [0] RELATIVE-OID,
iPInformation [1] IPInformation,
protocolInformation [2] ProtocolInformation,
iPAggregatedNbrOfPackets [3] INTEGER OPTIONAL,
iPAggregatedNbrOfBytes [4] INTEGER OPTIONAL,
...
}
IPInformation ::= CHOICE
{
iPv4Information [0] IPv4Information,
iPv6Information [1] IPv6Information
}
ProtocolInformation ::= CHOICE
{
none [0] NULL,
-- No layer 4 protocol information is provided
tCPInformation [1] TCPInformation,
uDPInformation [2] UDPInformation,
...
}
IPv4Information ::= SEQUENCE
{
headerLength [0] OCTET STRING OPTIONAL,
typeOfService [1] OCTET STRING OPTIONAL,
totalLength [2] OCTET STRING (SIZE (2))OPTIONAL,
identification [3] OCTET STRING (SIZE (2))OPTIONAL,
fragment [4] OCTET STRING (SIZE (2))OPTIONAL,
ttl [5] OCTET STRING OPTIONAL,
protocol [6] OCTET STRING OPTIONAL,
headerChecksum [7] OCTET STRING (SIZE (2))OPTIONAL,
source [8] OCTET STRING (SIZE (4)),
destination [9] OCTET STRING (SIZE (4)),
options [10] OCTET STRING (SIZE (0..40))OPTIONAL
}
IPv6Information ::= SEQUENCE
{
trafficClass [0] OCTET STRING OPTIONAL,
flowLabel [1] OCTET STRING (SIZE (20))OPTIONAL,
payloadLength [2] OCTET STRING (SIZE (4))OPTIONAL,
nextHeader [3] OCTET STRING OPTIONAL,
hopLimit [4] OCTET STRING OPTIONAL,
source [5] OCTET STRING (SIZE (16)),
destination [6] OCTET STRING (SIZE (16))
}
TCPInformation ::= SEQUENCE
{
sourcePort [0] OCTET STRING (SIZE (2))OPTIONAL,
destinationPort [1] OCTET STRING (SIZE (2))OPTIONAL,
sequenceNumber [2] OCTET STRING (SIZE (4))OPTIONAL,
ackNumber [3] OCTET STRING (SIZE (4))OPTIONAL,
dataOffset [4] BIT STRING (SIZE (4))OPTIONAL,
-- First 4 bits
controlBits [5] BIT STRING (SIZE (6))OPTIONAL,
-- Last 6 bits
windowSize [6] OCTET STRING (SIZE (2))OPTIONAL,
checkSum [7] OCTET STRING (SIZE (2))OPTIONAL,
urgentPointer [8] OCTET STRING (SIZE (2))OPTIONAL,
options [9] OCTET STRING (SIZE (0..40))OPTIONAL
}
UDPInformation ::= SEQUENCE
{
sourcePort [0] OCTET STRING (SIZE (2))OPTIONAL,
destinationPort [1] OCTET STRING (SIZE (2))OPTIONAL,
length [2] OCTET STRING (SIZE (2))OPTIONAL,
checkSum [3] OCTET STRING (SIZE (2))OPTIONAL
}
END -- end of IPAccessPDU
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment