mibs/MIBS/huawei/HUAWEI-ACL-MIB

4741 lines
173 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
-- ====================================================================
-- Copyright (C) 2017 by HUAWEI TECHNOLOGIES. All rights reserved.
--
-- Description: Huawei Acl MIB Definition
-- Reference: Huawei Enterprise MIB
-- Version: V2.20
-- History:
-- Version: V2.0
-- Wang Ning,2002-11-29,Reunification version based on the Fix-Net MIBs
-- baseline by the MIB Standard community.
-- Version: V2.1
-- Yang Hongjie,2003-04-11,Reunification version based on V2.0.
-- Version: V2.2
-- Yang Yuhui,2004-05-17,Reunification version based on V2.1.
-- Version: V2.3
-- Xu xinjun, 2009-04-13.
-- 1, Add five new rule tables based on V2.2.
-- hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable,
-- hwAclIpv6AdvanceRuleTable, hwAclIpv6NumGroupTable,
-- hwAclIpv6IfRuleTable.
-- 2, Change Name-ACL range from [42768..45767] to [42768..59151]
-- Version: V2.04
-- wen shuangquan, 2014-01-17.
-- 1, Add two new rule nodes based on V2.0.3
-- hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew.
-- Version: V2.05
-- wang chengyuan, 2014-03-25.
-- 1, Add acl resource trap table based on V2.0.4
-- Version: V2.06
-- zhang liang, 2014-04-09.
-- 1, Add acl resource trap table based on V2.0.5
-- Version: V2.07
-- zhengfeng, 2014-06-20.
-- 1, Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd based on V2.0.6
-- Version: V2.08
-- zhang liang, 2014-08-05.
-- 1, Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length on V2.0.7
-- Version: V2.09
-- chenyang, 2014-10-28.
-- 1, Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable, based on V2.0.8
-- chenyang, 2015-02-07.
-- 1, Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable, based on V2.0.9
-- Version: V2.11
-- suxunjin, 2015-2-27.
-- 1, Add hwAclUserDestDomainName in hwAclUserRuleTable, Add hwAclDomainNameConfigTable based on V2.10
-- Version: V2.12
-- chenyang, 2015-11-27.
-- 1, Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable, based on V2.11
-- 2, Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable, based on V2.11
-- Version: V2.13
-- mengfanlu, 2015-12-17.
-- 1, Add hwAclIfDescription in hwAclIfRuleTable, based on V2.12
-- Version: V2.14
-- chenyang, 2016-02-24.
-- 1, Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable, based on V2.13
-- 2, Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable, based on V2.13
-- Version: V2.15
-- chenyang, 2016-05-6.
-- 1, Add hwAclBasicVrfAny in hwAclBasicRuleTable, based on V2.14
-- 2, Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable, based on V2.14
-- 3, Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable, based on V2.14
-- 4, Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable, based on V2.14
-- Version: V2.16
-- qihui, 2016-08-26.
-- 1, hwAclIpv6NumGroupAclType, add key interface(3), based on V2.15
-- Version: V2.17
-- fuzhichao, 2016-12-26.
-- 1, Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable, based on V2.16
-- 2, Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable, based on V2.16
-- 3, Add hwAclIPPool6Table, based on V2.16
-- Version: V2.18
-- fuzhichao, 2017-6-6.
-- 1, Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable, based on V2.17
-- Version: V2.19
-- qiujindou, 2017-7-3.
-- 1, Amend some English descriptions, based on V2.18
-- ========================================================================
HUAWEI-ACL-MIB DEFINITIONS ::= BEGIN
IMPORTS
huaweiMgmt
FROM HUAWEI-MIB
OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
FROM SNMPv2-CONF
IpAddress, Integer32, Unsigned32, Gauge32, Counter32, OBJECT-TYPE, Counter64,
MODULE-IDENTITY, NOTIFICATION-TYPE
FROM SNMPv2-SMI
RowStatus, TruthValue, MacAddress FROM SNMPv2-TC
EnabledStatus FROM P-BRIDGE-MIB
Ipv6Address FROM IPV6-TC;
hwAcl MODULE-IDENTITY
LAST-UPDATED "201708171200Z" -- Aug 17, 2017 at 15:00 GMT
ORGANIZATION "Huawei Technologies Co.,Ltd."
CONTACT-INFO
"Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com"
DESCRIPTION
"The HUAWEI-ACL-MIB contains objects to configure ACL module,
including ACL group, rule and acl accelerate,
and query the current ACL configuration and status.
This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable,
hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable,
hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable,
hwAclCompileEnableFlag, hwAclCompileNumGroupTable,
hwAclIpv6NumGroupTable and acl trap.
To filter data packets, a series of rules need to be configured
on the device. These rules are defined by ACL (Access Control List),
which are a series of sequential rules consisting of rule
permit or deny statements. The rules are described by source
address, destination address and port number of data packets.
ACL classifies data packets through these device interface applied
rules, by which the device decides which packets can be received
and which should be rejected."
REVISION "201708171200Z"
DESCRIPTION
"modify description of hwAclNumGroupTable and hwAclIpv6NumGroupTable"
REVISION "201707031200Z"
DESCRIPTION
"Amend some English descriptions"
REVISION "201706061200Z"
DESCRIPTION
"Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable"
REVISION "201612261200Z"
DESCRIPTION
"Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable
Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable.
Add hwAclIPPool6Table."
REVISION "201605061200Z"
DESCRIPTION
"Add hwAclBasicVrfAny in hwAclBasicRuleTable
Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable.
Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable.
Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable."
REVISION "201602241200Z"
DESCRIPTION
"Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable.
Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable."
REVISION "201512172100Z"
DESCRIPTION
"Add hwAclIfDescription in hwAclIfRuleTable."
REVISION "201511272100Z"
DESCRIPTION
"Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable.
Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable."
REVISION "201502272100Z"
DESCRIPTION
"Add hwAclUserDestDomainName in hwAclUserRuleTable, and Add hwAclDomainNameConfigTable."
REVISION "201502072100Z"
DESCRIPTION
"Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable."
REVISION "201410282100Z"
DESCRIPTION
"Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable."
REVISION "201406200948Z"
DESCRIPTION
"Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd in hwAclAdvancedRuleTable."
REVISION "201404090948Z"
DESCRIPTION
"Add hwAclUserSrcUserGroupNum, hwAclUserDstUserGroupNum in hwAclUserRuleTable."
REVISION "201403260926Z"
DESCRIPTION
"Add hwAclResourceTrapsTable."
REVISION "201401171338Z"
DESCRIPTION
"Add hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew in hwAclAdvancedRuleTable."
REVISION "201311282100Z"
DESCRIPTION
"Change the range of hwAclNumGroupAclNum in hwAclNumGroupTable, hwAclBasicAclNum in hwAclBasicRuleTable,
hwAclAdvancedAclNum in hwAclAdvancedRuleTable, hwAclIfAclNum in hwAclIfRuleTable,
hwAclUserAclNum in hwAclUserRuleTable, hwAclIpv6BasicAclNum in hwAclIpv6BasicRuleTable,
hwAclIpv6AdvancedAclNum in hwAclIpv6AdvancedRuleTable, hwAclEthernetFrameAclNum in hwAclEthernetFrameRuleTable,
hwAclIpv6NumGroupAclNum ihwAclAdvancedSubitemn hwAclIpv6NumGroupTable, hwAclIpv6IfAclNum in hwAclIpv6IfRuleTable, hwAclMplsAclNum in hwAclMplsRuleTable."
REVISION "201310281900Z"
DESCRIPTION
"Add hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName in hwAclAdvancedRuleTable"
REVISION "201309050000Z"
DESCRIPTION
"Add hwAclIpv6BasicSrcMask in hwAclIpv6BasicRuleTable; Add hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask in hwAclIpv6AdvancedRuleTable"
REVISION "201408051606Z"
DESCRIPTION
"Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length"
REVISION "201608260000Z"
DESCRIPTION
" hwAclIpv6NumGroupAclType, add key interface(3) "
::= { huaweiMgmt 1 }
--
-- Node definitions
--
-- 1.3.6.1.4.1.2011.5.1.1
hwAclMibObjects OBJECT IDENTIFIER ::= { hwAcl 1 }
-- 1.3.6.1.4.1.2011.5.1.1.2
hwAclNumGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description."
::= { hwAclMibObjects 2 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1
hwAclNumGroupEntry OBJECT-TYPE
SYNTAX HwAclNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing characters of an acl group "
INDEX { hwAclNumGroupAclNum }
::= { hwAclNumGroupTable 1 }
HwAclNumGroupEntry ::=
SEQUENCE {
hwAclNumGroupAclNum
Integer32,
hwAclNumGroupMatchOrder
INTEGER,
hwAclNumGroupSubitemNum
Counter32,
hwAclNumGroupStep
Integer32,
hwAclNumGroupDescription
OCTET STRING,
hwAclNumGroupCountClear
INTEGER,
hwAclNumGroupRowStatus
RowStatus,
hwAclNumGroupAclName
OCTET STRING,
hwAclNumGroupAclType
INTEGER
}
-- 1.3.6.1.4.1.2011.5.1.1.2.1.1
hwAclNumGroupAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of acl group, identifying an ACL.
The object specifies the range of an ACL number.
The basic ACL is represented by the number
in the range 2000 through 2999. The advanced ACL is
represented by the number in the range 3000 through
3999. The interface-based ACL is represented by the
number in the range 1000 to 1999. The User Defined ACL is
represented by the number in the range 5000 through
5999. The User ACL is represented by the number in the range 6000 through
9999. The Mpls ACL is represented by the number in the range 10000 through
10999. The name ACL is represented by the number
in the range 42768 through 76535."
::= { hwAclNumGroupEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.2
hwAclNumGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the match order of rules.
'config' means matching ACL rules in the configuration sequence,
'auto' means the ACL rules are matched following the 'Depth-first' principle."
DEFVAL { config }
::= { hwAclNumGroupEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.3
hwAclNumGroupSubitemNum OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of the rules in the acl group."
::= { hwAclNumGroupEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.4
hwAclNumGroupStep OBJECT-TYPE
SYNTAX Integer32 (1..20)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the step value of number acl.
Step here refers to the difference between each ID.
For instance, given the step is set to 5,
the IDs are the multiples of 5 beginning with 5.
The ACL IDs change along with the step. When the step is 5,
the ACL IDs are 5, 10, and 15 and so on.
However, when the step is set to 2, the IDs turn to 2, 4,
and 6 and so on."
::= { hwAclNumGroupEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.5
hwAclNumGroupDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the description of a rule group.
The description length cannot exceed 127 characters."
::= { hwAclNumGroupEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.6
hwAclNumGroupCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
notUsed(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies whether to clear up the count of rule groups.
The value can be:
cleared(1)
notUsed(2)
This field is effective only when you perform the Set operation to this object."
::= { hwAclNumGroupEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.7
hwAclNumGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three value:CreateAndGo,Active,Destroy."
::= { hwAclNumGroupEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.8
hwAclNumGroupAclName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the name of an acl group,
The first character must be start with a to z or A to Z,
and the length cannot exceed 64 character."
::= { hwAclNumGroupEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.2.1.9
hwAclNumGroupAclType OBJECT-TYPE
SYNTAX INTEGER
{
basic(1),
advanced(2),
link(3),
user(4),
interface(5),
mpls(6),
mac(7),
ucl(8)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of ACL group."
::= { hwAclNumGroupEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.4
hwAclBasicRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclBasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for basic acl group."
::= { hwAclMibObjects 4 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1
hwAclBasicRuleEntry OBJECT-TYPE
SYNTAX HwAclBasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a rule of basic acl."
INDEX { hwAclBasicAclNum, hwAclBasicSubitem }
::= { hwAclBasicRuleTable 1 }
HwAclBasicRuleEntry ::=
SEQUENCE {
hwAclBasicAclNum
Integer32,
hwAclBasicSubitem
Unsigned32,
hwAclBasicAct
INTEGER,
hwAclBasicSrcIp
IpAddress,
hwAclBasicSrcWild
IpAddress,
hwAclBasicTimeRangeIndex
Integer32,
hwAclBasicFragments
INTEGER,
hwAclBasicLog
TruthValue,
hwAclBasicEnable
TruthValue,
hwAclBasicCount
Counter64,
hwAclBasicVrfName
OCTET STRING,
hwAclBasicRowStatus
RowStatus,
hwAclBasicVrfAny
TruthValue,
hwAclBasicDescription
OCTET STRING
}
-- 1.3.6.1.4.1.2011.5.1.1.4.1.1
hwAclBasicAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 )."
::= { hwAclBasicRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.2
hwAclBasicSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The objects specifies the number of an ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
by step automatically;otherwise,this rule will not be created."
::= { hwAclBasicRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.3
hwAclBasicAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of a basic acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclBasicRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.4
hwAclBasicSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IP-address of a basic acl rule."
::= { hwAclBasicRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.5
hwAclBasicSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the wildcard mask of the source IP address.
The value ranges from 0.0.0.0 to 255.255.255.255."
::= { hwAclBasicRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.6
hwAclBasicTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the index of a time range of an ACL rule.
The value ranges from 0 to 256.
The value 0 is invalid, indicating that no time range is specified for the rule."
::= { hwAclBasicRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.7
hwAclBasicFragments OBJECT-TYPE
SYNTAX INTEGER
{
fragmentSubseq(0),
fragment(1),
nonFragment(2),
nonSubseq(3),
fragmentSpeFirst(4),
none(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of the packet.
0: fragmentSubseq, indicating that the packet is a subsequent fragment
1: fragment, indicating that the packet is a fragment
2: nonFragment, indicating that the packet is not a fragment
3: nonSubseq, indicating that the packet is not a subsequent fragment
4: fragmentSpeFirst, indicating that the packet is the first fragment
255: none, invalid value
This object cannot be modified once a rule is created."
::= { hwAclBasicRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.8
hwAclBasicLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets.
The log contents include sequence number of ACL rule, packets passed
or discarded, upper layer protocol type over IP, source/destination
address, source/destination port number, and number of packets."
::= { hwAclBasicRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.9
hwAclBasicEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclBasicRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.10
hwAclBasicCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the rule."
::= { hwAclBasicRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.11
hwAclBasicVrfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates an VPN instance.
The length of a VPN instance name cannot exceed 31 characters."
::= { hwAclBasicRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.12
hwAclBasicRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three value:CreateAndGo,Active and Destroy."
::= { hwAclBasicRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.13
hwAclBasicDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this basic rule.
The object describes the usage of an ACL with a word or a sentence."
::= { hwAclBasicRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.14
hwAclBasicVrfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any VPN-instance."
::= { hwAclBasicRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.5
hwAclAdvancedRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclAdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for advanced acl group."
::= { hwAclMibObjects 5 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1
hwAclAdvancedRuleEntry OBJECT-TYPE
SYNTAX HwAclAdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of advanced acl group."
INDEX { hwAclAdvancedAclNum, hwAclAdvancedSubitem }
::= { hwAclAdvancedRuleTable 1 }
HwAclAdvancedRuleEntry ::=
SEQUENCE {
hwAclAdvancedAclNum
Integer32,
hwAclAdvancedSubitem
Unsigned32,
hwAclAdvancedAct
INTEGER,
hwAclAdvancedProtocol
Integer32,
hwAclAdvancedSrcIp
IpAddress,
hwAclAdvancedSrcWild
IpAddress,
hwAclAdvancedSrcOp
INTEGER,
hwAclAdvancedSrcPort1
Integer32,
hwAclAdvancedSrcPort2
Integer32,
hwAclAdvancedDestIp
IpAddress,
hwAclAdvancedDestWild
IpAddress,
hwAclAdvancedDestOp
INTEGER,
hwAclAdvancedDestPort1
Integer32,
hwAclAdvancedDestPort2
Integer32,
hwAclAdvancedPrecedence
Integer32,
hwAclAdvancedTos
Integer32,
hwAclAdvancedDscp
Integer32,
hwAclAdvancedEstablish
TruthValue,
hwAclAdvancedTimeRangeIndex
Integer32,
hwAclAdvancedIcmpType
Integer32,
hwAclAdvancedIcmpCode
Integer32,
hwAclAdvancedFragments
INTEGER,
hwAclAdvancedLog
TruthValue,
hwAclAdvancedEnable
TruthValue,
hwAclAdvancedCount
Counter64,
hwAclAdvancedVrfName
OCTET STRING,
hwAclAdvancedRowStatus
RowStatus,
hwAclAdvancedTcpSyncFlag
Integer32,
hwAclAdvancedDescription
OCTET STRING,
hwAclAdvancedSrcPoolName
OCTET STRING,
hwAclAdvancedDestPoolName
OCTET STRING,
hwAclAdvancedProtocolNew
Integer32,
hwAclAdvancedVni
Integer32,
hwAclAdvancedIgmpType
Integer32,
hwAclAdvancedTtlOp
INTEGER,
hwAclAdvancedTtlExpire
Integer32,
hwAclAdvancedTtlExpireEnd
Integer32,
hwAclAdvancedPktLenOp
INTEGER,
hwAclAdvancedPktLenBegin
Integer32,
hwAclAdvancedPktLenEnd
Integer32,
hwAclAdvancedTcpFlagMask
Integer32,
hwAclAdvancedSrcPortPoolName
OCTET STRING,
hwAclAdvancedDestPortPoolName
OCTET STRING,
hwAclAdvancedIcmpTypeEnd
Integer32,
hwAclAdvancedVrfAny
TruthValue
}
-- 1.3.6.1.4.1.2011.5.1.1.5.1.1
hwAclAdvancedAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535)."
::= { hwAclAdvancedRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.2
hwAclAdvancedSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an advanced ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
by step automatically;otherwise,this rule will not be created."
::= { hwAclAdvancedRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.3
hwAclAdvancedAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an advanced acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclAdvancedRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.4
hwAclAdvancedProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the number of the protocol over IP.
The value ranges from 0 to 255. The value 0 indicates the IP protocol."
::= { hwAclAdvancedRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.5
hwAclAdvancedSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the source IP address.
The value ranges from 0.0.0.0 to 255.255.255.255."
::= { hwAclAdvancedRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.6
hwAclAdvancedSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the wildcard mask of the source IP address.
The value ranges from 0.0.0.0 to 255.255.255.255."
::= { hwAclAdvancedRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.7
hwAclAdvancedSrcOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source Port operation symbol of an advanced acl
rule. It compares the port operators of source address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclAdvancedRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.8
hwAclAdvancedSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the end source port number."
::= { hwAclAdvancedRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.9
hwAclAdvancedSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the start source port number."
::= { hwAclAdvancedRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.10
hwAclAdvancedDestIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the destination IP address.
The value ranges from 0.0.0.0 to 255.255.255.255."
::= { hwAclAdvancedRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.11
hwAclAdvancedDestWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the mask of the destination IP address.
The value ranges from 0.0.0.0 to 255.255.255.255."
::= { hwAclAdvancedRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.12
hwAclAdvancedDestOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination Port operation symbol of an advanced
acl group. It compares the port operators of destination address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclAdvancedRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.13
hwAclAdvancedDestPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the end destination port number."
::= { hwAclAdvancedRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.14
hwAclAdvancedDestPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the start destination port number."
::= { hwAclAdvancedRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.15
hwAclAdvancedPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the precedence sub-field.
It is the higher three bits of the ToS field in an IP header.
The value ranges from 0 to 7."
::= { hwAclAdvancedRuleEntry 15 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.16
hwAclAdvancedTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the ToS sub-field.
This field covers four bits after the higher three bits of the ToS field in an IP header.
The value ranges from 0 to 15."
::= { hwAclAdvancedRuleEntry 16 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.17
hwAclAdvancedDscp OBJECT-TYPE
SYNTAX Integer32 (0..63|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the higher six bits of the ToS field in an IP header.
The value ranges from 0 to 63."
::= { hwAclAdvancedRuleEntry 17 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.18
hwAclAdvancedEstablish OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not establishing."
DEFVAL { false }
::= { hwAclAdvancedRuleEntry 18 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.19
hwAclAdvancedTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the time range of an advanced acl rule.
When the current time is in the time range, the rule is valid.
Zero value declares that the acl rule has no time range.The
invalid value is 0."
::= { hwAclAdvancedRuleEntry 19 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.20
hwAclAdvancedIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of ICMP packet.
It filters ICMP packets according to the ICMP message type.
The invalid value is 65535."
::= { hwAclAdvancedRuleEntry 20 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.21
hwAclAdvancedIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the code of ICMP packet.
It filters ICMP packets according to the message code.
The invalid value is 65535."
::= { hwAclAdvancedRuleEntry 21 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.22
hwAclAdvancedFragments OBJECT-TYPE
SYNTAX INTEGER
{
fragmentSubseq(0),
fragment(1),
nonFragment(2),
nonSubseq(3),
fragmentSpeFirst(4),
none(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of the packet.
0: fragmentSubseq, indicating that the packet is a subsequent fragment
1: fragment, indicating that the packet is a fragment
2: nonFragment, indicating that the packet is not a fragment
3: nonSubseq, indicating that the packet is not a subsequent fragment
4: fragmentSpeFirst, indicating that the packet is the first fragment
255: none, invalid value
This object cannot be modified once a rule is created."
::= { hwAclAdvancedRuleEntry 22 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.23
hwAclAdvancedLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets. The log
contents include sequence number of ACL rule,
packets passed or discarded, upper layer protocol type over IP,
source/destination address, source/destination port number,
and number of packets"
::= { hwAclAdvancedRuleEntry 23 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.24
hwAclAdvancedEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclAdvancedRuleEntry 24 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.25
hwAclAdvancedCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the rule."
::= { hwAclAdvancedRuleEntry 25 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.26
hwAclAdvancedVrfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the VRF name of this rule,
It specifies the VPN-instance to which the packet belongs."
::= { hwAclAdvancedRuleEntry 26 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.27
hwAclAdvancedRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclAdvancedRuleEntry 27 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.28
hwAclAdvancedTcpSyncFlag OBJECT-TYPE
SYNTAX Integer32 (-1|0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the code of TCP Sync flag(0~63),
The invalid value is -1."
::= { hwAclAdvancedRuleEntry 28 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.29
hwAclAdvancedDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this advanced rule.
The object describes the usage of an ACL with a word or a sentence."
::= { hwAclAdvancedRuleEntry 29 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.30
hwAclAdvancedSrcPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source pool name."
::= { hwAclAdvancedRuleEntry 30 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.31
hwAclAdvancedDestPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination pool name."
::= { hwAclAdvancedRuleEntry 31 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.32
hwAclAdvancedProtocolNew OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the protocol type of the rule.
It specifies the protocol type over IP.The number of IP protocol is 65535."
::= { hwAclAdvancedRuleEntry 32 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.33
hwAclAdvancedVni OBJECT-TYPE
SYNTAX Integer32 (0..16777215)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ID of VXLAN,
The invalid value is 0."
::= { hwAclAdvancedRuleEntry 33 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.34
hwAclAdvancedIgmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of igmp,
The invalid value is 65535."
::= { hwAclAdvancedRuleEntry 34 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.35
hwAclAdvancedTtlOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ttl operation symbol of an advanced acl
rule.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclAdvancedRuleEntry 35 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.36
hwAclAdvancedTtlExpire OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin ttl value.
The invalid value is 0."
::= { hwAclAdvancedRuleEntry 36 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.37
hwAclAdvancedTtlExpireEnd OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end ttl value.
The invalid value is 0."
::= { hwAclAdvancedRuleEntry 37 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.38
hwAclAdvancedPktLenOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the packet length operation symbol of an advanced acl
rule.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclAdvancedRuleEntry 38 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.39
hwAclAdvancedPktLenBegin OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin packet length value."
::= { hwAclAdvancedRuleEntry 39 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.40
hwAclAdvancedPktLenEnd OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end packet length value."
::= { hwAclAdvancedRuleEntry 40 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.41
hwAclAdvancedTcpFlagMask OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the mask of tcp-flag.
The invalid value is 0."
::= { hwAclAdvancedRuleEntry 41 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.42
hwAclAdvancedSrcPortPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source port pool name."
::= { hwAclAdvancedRuleEntry 42 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.43
hwAclAdvancedDestPortPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination port pool name."
::= { hwAclAdvancedRuleEntry 43 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.44
hwAclAdvancedIcmpTypeEnd OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the ICMP message type.
The value ranges from 0 to 255. The value 65535 is invalid.
This object is used together with hwAclAdvancedIcmpType to indicate the value range of the ICMP message type."
::= { hwAclAdvancedRuleEntry 44 }
-- 1.3.6.1.4.1.2011.5.1.1.5.1.45
hwAclAdvancedVrfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any VPN-instance."
::= { hwAclAdvancedRuleEntry 45 }
-- 1.3.6.1.4.1.2011.5.1.1.6
hwAclIfRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for interface-based acl group."
::= { hwAclMibObjects 6 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1
hwAclIfRuleEntry OBJECT-TYPE
SYNTAX HwAclIfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of interface-based acl group."
INDEX { hwAclIfAclNum, hwAclIfSubitem }
::= { hwAclIfRuleTable 1 }
HwAclIfRuleEntry ::=
SEQUENCE {
hwAclIfAclNum
Integer32,
hwAclIfSubitem
Unsigned32,
hwAclIfAct
INTEGER,
hwAclIfIndex
Integer32,
hwAclIfAny
TruthValue,
hwAclIfTimeRangeIndex
Integer32,
hwAclIfLog
TruthValue,
hwAclIfEnable
TruthValue,
hwAclIfCount
Counter64,
hwAclIfRowStatus
RowStatus,
hwAclIfDescription
OCTET STRING
}
-- 1.3.6.1.4.1.2011.5.1.1.6.1.1
hwAclIfAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of interface-based acl group, the index range is (1000..1999 | 42768..76535)."
::= { hwAclIfRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.2
hwAclIfSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
by step automatically;otherwise,this rule will not be created."
::= { hwAclIfRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.3
hwAclIfAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an interface-based acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclIfRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.4
hwAclIfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the index of an interface.
It specifies the interface information of the packets.The invalid
interface index is 0."
::= { hwAclIfRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.5
hwAclIfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any interface."
::= { hwAclIfRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.6
hwAclIfTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the index of the time
range during which an ACL rule can be applied. When the current
time is in the time range, the rule is valid. The value 0 is
invalid, indicating that no time range is specified for the rule.
The value ranges from 0 to 256."
::= { hwAclIfRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.7
hwAclIfLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets.
The log contents include sequence number of ACL rule,
packets passed or discarded, upper layer protocol type over IP,
source/destination address, source/destination port number,
and number of packets."
::= { hwAclIfRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.8
hwAclIfEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclIfRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.9
hwAclIfCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the rule."
::= { hwAclIfRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.11
hwAclIfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus,Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclIfRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.6.1.12
hwAclIfDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this if rule.
The object describes the usage of an ACL with a word or a sentence."
::= { hwAclIfRuleEntry 12 }
--user acl
-- 1.3.6.1.4.1.2011.5.1.1.7
hwAclUserRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclUserRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for user acl group."
::= { hwAclMibObjects 7 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1
hwAclUserRuleEntry OBJECT-TYPE
SYNTAX HwAclUserRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of user acl group."
INDEX { hwAclUserAclNum, hwAclUserSubitem }
::= { hwAclUserRuleTable 1 }
HwAclUserRuleEntry ::=
SEQUENCE {
hwAclUserAclNum
Integer32,
hwAclUserSubitem
Unsigned32,
hwAclUserAct
INTEGER,
hwAclUserProtocol
Integer32,
hwAclUserSrcIp
IpAddress,
hwAclUserSrcWild
IpAddress,
hwAclUserSrcOp
INTEGER,
hwAclUserSrcPort1
Integer32,
hwAclUserSrcPort2
Integer32,
hwAclUserDestIp
IpAddress,
hwAclUserDestWild
IpAddress,
hwAclUserDestOp
INTEGER,
hwAclUserDestPort1
Integer32,
hwAclUserDestPort2
Integer32,
hwAclUserPrecedence
Integer32,
hwAclUserTos
Integer32,
hwAclUserDscp
Integer32,
hwAclUserEstablish
TruthValue,
hwAclUserTimeRangeIndex
Integer32,
hwAclUserIcmpType
Integer32,
hwAclUserIcmpCode
Integer32,
hwAclUserFragments
TruthValue,
hwAclUserLog
TruthValue,
hwAclUserEnable
TruthValue,
hwAclUserCount
Counter32,
hwAclUserVrfName
OCTET STRING,
hwAclUserSrcUserGroupName
OCTET STRING,
hwAclUserDestUserGroupName
OCTET STRING,
hwAclUserSrcModeType
Integer32,
hwAclUserDestModeType
Integer32,
hwAclUserRowStatus
RowStatus,
hwAclUserTcpSyncFlag
Integer32,
hwAclUserSrcUserGroupNum
Integer32,
hwAclUserDestUserGroupNum
Integer32 ,
hwAclUserDestDomainName
OCTET STRING
}
-- 1.3.6.1.4.1.2011.5.1.1.7.1.1
hwAclUserAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of user acl table, the index range is (6000..9999)."
::= { hwAclUserRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.2
hwAclUserSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an User ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle"
::= { hwAclUserRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.3
hwAclUserAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an User acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclUserRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.4
hwAclUserProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the protocol type of the rule.
It specifies the protocol type over IP.The number of IP protocol is 0."
::= { hwAclUserRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.5
hwAclUserSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IP-address of an User acl rule."
::= { hwAclUserRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.6
hwAclUserSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IP-address wild of an User acl rule."
::= { hwAclUserRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.7
hwAclUserSrcOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source Port operation symbol of an User acl
rule. It compares the port operators of source address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclUserRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.8
hwAclUserSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the fourth layer sourec port 1.
It specifies the source port information of UDP or TCP packets."
::= { hwAclUserRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.9
hwAclUserSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the fourth layer source port2."
::= { hwAclUserRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.10
hwAclUserDestIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination IP-address of an User acl rule."
::= { hwAclUserRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.11
hwAclUserDestWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination IP-address wild of an User acl rule."
::= { hwAclUserRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.12
hwAclUserDestOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
invalid(0),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination Port operation symbol of an User
acl group. It compares the port operators of destination address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclUserRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.13
hwAclUserDestPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the fourth layer destination port1."
::= { hwAclUserRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.14
hwAclUserDestPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the fourth layer destination port2."
::= { hwAclUserRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.15
hwAclUserPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the value of IP-packet's precedence,
It filters packets according to precedence field.The invalid
value is 255."
::= { hwAclUserRuleEntry 15 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.16
hwAclUserTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the value of IP-packet's TOS,
It filters packets according to type of service.The invalid
value is 255."
::= { hwAclUserRuleEntry 16 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.17
hwAclUserDscp OBJECT-TYPE
SYNTAX Integer32 (0..63|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the value of frame.The invalid
value is 255."
::= { hwAclUserRuleEntry 17 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.18
hwAclUserEstablish OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not establishing."
DEFVAL { false }
::= { hwAclUserRuleEntry 18 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.19
hwAclUserTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the time range of an User acl rule.
When the current time is in the time range, the rule is valid.
Zero value declares that the acl rule has no time range.The
invalid value is 0."
::= { hwAclUserRuleEntry 19 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.20
hwAclUserIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of ICMP packet.
It filters ICMP packets according to the ICMP message type.
The invalid value is 65535."
::= { hwAclUserRuleEntry 20 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.21
hwAclUserIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the code of ICMP packet.
It filters ICMP packets according to the message code.
The invalid value is 65535."
::= { hwAclUserRuleEntry 21 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.22
hwAclUserFragments OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching fragmented packet,
It specifies that this rule is only valid for
the non-first fragment packets."
::= { hwAclUserRuleEntry 22 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.23
hwAclUserLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets. The log
contents include sequence number of ACL rule,
packets passed or discarded, upper layer protocol type over IP,
source/destination address, source/destination port number,
and number of packets"
::= { hwAclUserRuleEntry 23 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.24
hwAclUserEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclUserRuleEntry 24 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.25
hwAclUserCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the rule."
::= { hwAclUserRuleEntry 25 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.26
hwAclUserVrfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the VRF name of this rule,
It specifies the VPN-instance to which the packet belongs."
::= { hwAclUserRuleEntry 26 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.27
hwAclUserSrcUserGroupName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source user group name of this rule.
if modetype source is user, null sting means any user"
::= { hwAclUserRuleEntry 27 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.28
hwAclUserDestUserGroupName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination user group name of this rule.
if modetype destination is user, null sting means any user"
::= { hwAclUserRuleEntry 28 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.29
hwAclUserSrcModeType OBJECT-TYPE
SYNTAX Integer32 (0..4)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates ACL's mode type,
Now support four state
0 Any match rule from any user group or any ip subnet,
1 NetAny match rule from any ip subnet,
2 UserAny match rule from any user group,
3 Net match rule from an ip subnet,
4 User match rule from a user group"
::= { hwAclUserRuleEntry 29 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.30
hwAclUserDestModeType OBJECT-TYPE
SYNTAX Integer32 (0..6)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates ACL's mode type,
Now support four state
0 Any match rule from any user group or any ip subnet or any doamin name,
1 NetAny match rule from any ip subnet,
2 UserAny match rule from any user group,
3 Net match rule from an ip subnet,
4 User match rule from a user group,
5 domain match rule from a domain name,
6 domainAny match rule from any doamin name"
::= { hwAclUserRuleEntry 30 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.31
hwAclUserRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclUserRuleEntry 31 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.32
hwAclUserTcpSyncFlag OBJECT-TYPE
SYNTAX Integer32 (-1|0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the code of TCP Sync flag(0~63),
The invalid value is -1."
::= { hwAclUserRuleEntry 32 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.33
hwAclUserSrcUserGroupNum OBJECT-TYPE
SYNTAX Integer32 (0..64000|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source user group num of this rule.
if modetype source is user, null sting means any user"
::= { hwAclUserRuleEntry 33 }
-- 1.3.6.1.4.1.2011.5.1.1.7.1.34
hwAclUserDestUserGroupNum OBJECT-TYPE
SYNTAX Integer32 (0..64000|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination user group name of this rule.
if modetype destination is user, null sting means any user"
::= { hwAclUserRuleEntry 34 }
hwAclUserDestDomainName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (3..127))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the destination domain name of this rule.
if modetype destination is domain, null sting means any domain."
::= { hwAclUserRuleEntry 35 }
-- 1.3.6.1.4.1.2011.5.1.1.10
hwAclCompileEnableFlag OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object indicates whether acl compiler is enabled. when acl compiler
is enabled, and ACL accelerate function is enabled, then matching packets
by rule is efficient."
::= { hwAclMibObjects 10 }
-- 1.3.6.1.4.1.2011.5.1.1.11
hwAclCompileNumGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclCompileNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL compiler table extending the Acl-number-group table"
::= { hwAclMibObjects 11 }
-- 1.3.6.1.4.1.2011.5.1.1.11.1
hwAclCompileNumGroupEntry OBJECT-TYPE
SYNTAX HwAclCompileNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry of Acl-number-group compiler extended table"
AUGMENTS { hwAclNumGroupEntry }
::= { hwAclCompileNumGroupTable 1 }
HwAclCompileNumGroupEntry ::=
SEQUENCE {
hwAclCompileNumGroupStatus
INTEGER
}
-- 1.3.6.1.4.1.2011.5.1.1.11.1.1
hwAclCompileNumGroupStatus OBJECT-TYPE
SYNTAX INTEGER
{
notCompile(1),
compiled(2),
changeAfterCompile(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The object indicates the status of Acl-number-group compiler.
'notCompile' means acl accelerate function is disabled,
'compiled' means acl accelerate function is enabled,
'changeAfterCompile' means acl is changed after compiled."
DEFVAL { notCompile }
::= { hwAclCompileNumGroupEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.12
hwAclIpv6BasicRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIpv6BasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for ipv6 basic acl group."
::= { hwAclMibObjects 12 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1
hwAclIpv6BasicRuleEntry OBJECT-TYPE
SYNTAX HwAclIpv6BasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a rule of ipv6 basic acl."
INDEX { hwAclIpv6BasicAclNum, hwAclIpv6BasicSubitem }
::= { hwAclIpv6BasicRuleTable 1 }
HwAclIpv6BasicRuleEntry ::=
SEQUENCE {
hwAclIpv6BasicAclNum
Integer32,
hwAclIpv6BasicSubitem
Unsigned32,
hwAclIpv6BasicAct
INTEGER,
hwAclIpv6BasicSrcIp
Ipv6Address,
hwAclIpv6BasicSrcPrefix
Integer32,
hwAclIpv6BasicTimeRangeIndex
Integer32,
hwAclIpv6BasicFragment
INTEGER,
hwAclIpv6BasicLog
TruthValue,
hwAclIpv6BasicEnable
EnabledStatus,
hwAclIpv6BasicCount
Counter64,
hwAclIpv6BasicVrfName
OCTET STRING,
hwAclIpv6BasicRowStatus
RowStatus,
hwAclIpv6BasicDescription
OCTET STRING,
hwAclIpv6BasicSrcMask
Ipv6Address,
hwAclIpv6BasicVrfAny
TruthValue
}
-- 1.3.6.1.4.1.2011.5.1.1.12.1.1
hwAclIpv6BasicAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535)."
::= { hwAclIpv6BasicRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.4.1.2
hwAclIpv6BasicSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The objects specifies the number of an ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
automatically; otherwise, this rule will not be created."
::= { hwAclIpv6BasicRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.3
hwAclIpv6BasicAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of a ipv6 basic acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclIpv6BasicRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.4
hwAclIpv6BasicSrcIp OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IPv6-address of a ipv6 basic acl rule."
::= { hwAclIpv6BasicRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.5
hwAclIpv6BasicSrcPrefix OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the mask length of the source IPv6 address.
The value ranges from 0 to 128."
::= { hwAclIpv6BasicRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.6
hwAclIpv6BasicTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the index of the time range during which an
ACL6 rule can be applied.The value ranges from 0 to 256.The value 0 is invalid,
indicating that no time range is specified for the rule."
::= { hwAclIpv6BasicRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.7
hwAclIpv6BasicFragment OBJECT-TYPE
SYNTAX INTEGER
{
fragmentSubseq(0),
fragment(1),
none(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of the packet.
1: fragment, indicating that the packet is a fragment
255: none, invalid value
This object cannot be modified once a rule is created."
::= { hwAclIpv6BasicRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.8
hwAclIpv6BasicLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets.
The log contents include sequence number of ACL rule, packets passed
or discarded, upper layer protocol type over IP, source/destination
address, source/destination port number, and number of packets."
::= { hwAclIpv6BasicRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.9
hwAclIpv6BasicEnable OBJECT-TYPE
SYNTAX EnabledStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclIpv6BasicRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.10
hwAclIpv6BasicCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of matched packets by a rule. A maximum
of 64 bits are supported."
::= { hwAclIpv6BasicRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.11
hwAclIpv6BasicVrfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters."
::= { hwAclIpv6BasicRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.12
hwAclIpv6BasicRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three value: CreateAndGo, Active and Destroy."
::= { hwAclIpv6BasicRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.13
hwAclIpv6BasicDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this IPv6 basic rule.
The object describes the usage of an IPv6 ACL with a word or a sentence."
::= { hwAclIpv6BasicRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.14
hwAclIpv6BasicSrcMask OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive."
::= { hwAclIpv6BasicRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.12.1.15
hwAclIpv6BasicVrfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any VPN-instance."
::= { hwAclIpv6BasicRuleEntry 15 }
-- 1.3.6.1.4.1.2011.5.1.1.13
hwAclIpv6AdvancedRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIpv6AdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for ipv6 advanced acl group."
::= { hwAclMibObjects 13 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1
hwAclIpv6AdvancedRuleEntry OBJECT-TYPE
SYNTAX HwAclIpv6AdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of ipv6 advanced acl group."
INDEX { hwAclIpv6AdvancedAclNum, hwAclIpv6AdvancedSubitem }
::= { hwAclIpv6AdvancedRuleTable 1 }
HwAclIpv6AdvancedRuleEntry ::=
SEQUENCE {
hwAclIpv6AdvancedAclNum
Integer32,
hwAclIpv6AdvancedSubitem
Unsigned32,
hwAclIpv6AdvancedAct
INTEGER,
hwAclIpv6AdvancedProtocol
Integer32,
hwAclIpv6AdvancedSrcIp
Ipv6Address,
hwAclIpv6AdvancedSrcPrefix
Integer32,
hwAclIpv6AdvancedSrcOp
INTEGER,
hwAclIpv6AdvancedSrcPort1
Integer32,
hwAclIpv6AdvancedSrcPort2
Integer32,
hwAclIpv6AdvancedDestIp
Ipv6Address,
hwAclIpv6AdvancedDestPrefix
Integer32,
hwAclIpv6AdvancedDestOp
INTEGER,
hwAclIpv6AdvancedDestPort1
Integer32,
hwAclIpv6AdvancedDestPort2
Integer32,
hwAclIpv6AdvancedPrecedence
Integer32,
hwAclIpv6AdvancedTos
Integer32,
hwAclIpv6AdvancedDscp
Integer32,
hwAclIpv6AdvancedEstablish
TruthValue,
hwAclIpv6AdvancedTimeRangeIndex
Integer32,
hwAclIpv6AdvancedIcmpType
Integer32,
hwAclIpv6AdvancedIcmpCode
Integer32,
hwAclIpv6AdvancedFragment
INTEGER,
hwAclIpv6AdvancedLog
TruthValue,
hwAclIpv6AdvancedEnable
EnabledStatus,
hwAclIpv6AdvancedCount
Counter64,
hwAclIpv6AdvancedVrfName
OCTET STRING,
hwAclIpv6AdvancedRowStatus
RowStatus,
hwAclIpv6AdvancedDescription
OCTET STRING,
hwAclIpv6AdvancedSrcMask
Ipv6Address,
hwAclIpv6AdvancedDestMask
Ipv6Address,
hwAclIpv6AdvancedProtocolNew
Integer32,
hwAclIpv6AdvancedIcmpTypeEnd
Integer32,
hwAclIpv6AdvancedVrfAny
TruthValue,
hwAclIpv6AdvancedSrcPoolName
OCTET STRING,
hwAclIpv6AdvancedVni
Integer32
}
-- 1.3.6.1.4.1.2011.5.1.1.13.1.1
hwAclIpv6AdvancedAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535)."
::= { hwAclIpv6AdvancedRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.2
hwAclIpv6AdvancedSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an ipv6 advanced ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
automatically;otherwise,this rule will not be created."
::= { hwAclIpv6AdvancedRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.3
hwAclIpv6AdvancedAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an ipv6 advanced acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclIpv6AdvancedRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.4
hwAclIpv6AdvancedProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the number of the protocol over IPv6.
The value ranges from 0 to 255. The value 0 indicates the IPv6 protocol."
::= { hwAclIpv6AdvancedRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.5
hwAclIpv6AdvancedSrcIp OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IPv6-address of an ipv6 advanced acl rule."
::= { hwAclIpv6AdvancedRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.6
hwAclIpv6AdvancedSrcPrefix OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the mask length of the source IPv6 address.
The value ranges from 0 to 128."
::= { hwAclIpv6AdvancedRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.7
hwAclIpv6AdvancedSrcOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
range(5),
invalid(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source Port operation symbol of an ipv6 advanced acl
rule. It compares the port operators of source address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclIpv6AdvancedRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.8
hwAclIpv6AdvancedSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the end source port number."
::= { hwAclIpv6AdvancedRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.9
hwAclIpv6AdvancedSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the start source port number."
::= { hwAclIpv6AdvancedRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.10
hwAclIpv6AdvancedDestIp OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination IPv6-address of an ipv6 advanced acl rule."
::= { hwAclIpv6AdvancedRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.11
hwAclIpv6AdvancedDestPrefix OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the mask length of the destination IPv6 address. The value ranges from 0 to 128."
::= { hwAclIpv6AdvancedRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.12
hwAclIpv6AdvancedDestOp OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
neq(4),
range(5),
invalid(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination Port operation symbol of an ipv6 advanced
acl group. It compares the port operators of destination address.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclIpv6AdvancedRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.13
hwAclIpv6AdvancedDestPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the largest destination port number."
::= { hwAclIpv6AdvancedRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.14
hwAclIpv6AdvancedDestPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the smallest destination port number."
::= { hwAclIpv6AdvancedRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.15
hwAclIpv6AdvancedPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the precedence sub-field.
It is the higher three bits of the ToS field in an IPv6 header.
The value ranges from 0 to 7."
::= { hwAclIpv6AdvancedRuleEntry 15 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.16
hwAclIpv6AdvancedTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the ToS sub-field.
This field covers four bits after the higher three bits of the ToS field in an IPv6 header.
The value ranges from 0 to 15."
::= { hwAclIpv6AdvancedRuleEntry 16 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.17
hwAclIpv6AdvancedDscp OBJECT-TYPE
SYNTAX Integer32 (0..63|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the higher seven bits of the ToS field in an IPv6 header.
The value ranges from 0 to 63."
::= { hwAclIpv6AdvancedRuleEntry 17 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.18
hwAclIpv6AdvancedEstablish OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not establishing."
DEFVAL { false }
::= { hwAclIpv6AdvancedRuleEntry 18 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.19
hwAclIpv6AdvancedTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the index of the time range during which an ACL6 rule can be applied.
The value ranges from 0 to 256.
The value 0 indicates that no time range is specified for the rule."
::= { hwAclIpv6AdvancedRuleEntry 19 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.20
hwAclIpv6AdvancedIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the ICMPv6 message type.
The value ranges from 0 to 255. The value 65535 is invalid."
::= { hwAclIpv6AdvancedRuleEntry 20 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.21
hwAclIpv6AdvancedIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this obejct identifies the code of an ICMPv6 message.
The value ranges from 0 to 255. The value 65535 is invalid."
::= { hwAclIpv6AdvancedRuleEntry 21 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.22
hwAclIpv6AdvancedFragment OBJECT-TYPE
SYNTAX INTEGER
{
fragmentSubseq(0),
fragment(1),
none(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the type of the packet.
1: fragment, indicating that the packet is a fragment
255: none, invalid value
This object cannot be modified once a rule is created."
::= { hwAclIpv6AdvancedRuleEntry 22 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.23
hwAclIpv6AdvancedLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets. The log
contents include sequence number of ACL rule,
packets passed or discarded, upper layer protocol type over IP,
source/destination address, source/destination port number,
and number of packets"
::= { hwAclIpv6AdvancedRuleEntry 23 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.24
hwAclIpv6AdvancedEnable OBJECT-TYPE
SYNTAX EnabledStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclIpv6AdvancedRuleEntry 24 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.25
hwAclIpv6AdvancedCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of packets matched by a rule. A maximum of 64 bits are supported."
::= { hwAclIpv6AdvancedRuleEntry 25 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.26
hwAclIpv6AdvancedVrfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates a VPN instance.
The length of a VPN instance name cannot exceed 31 characters."
::= { hwAclIpv6AdvancedRuleEntry 26 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.27
hwAclIpv6AdvancedRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclIpv6AdvancedRuleEntry 27 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.28
hwAclIpv6AdvancedDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this IPv6 advanced rule.
The object describes the usage of an IPv6 ACL with a word or a sentence."
::= { hwAclIpv6AdvancedRuleEntry 28 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.29
hwAclIpv6AdvancedSrcMask OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive."
::= { hwAclIpv6AdvancedRuleEntry 29 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.30
hwAclIpv6AdvancedDestMask OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive."
::= { hwAclIpv6AdvancedRuleEntry 30 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.31
hwAclIpv6AdvancedProtocolNew OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the protocol type of the rule.
It specifies the protocol type over IP.The number of IPv6 protocol is 65535."
::= { hwAclIpv6AdvancedRuleEntry 31 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.32
hwAclIpv6AdvancedIcmpTypeEnd OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the ICMPv6 message type.
The value ranges from 0 to 255. The value 65535 is invalid.
This object is used together with hwAclIpv6AdvancedIcmpType to indicate the value range of the ICMPv6 type."
::= { hwAclIpv6AdvancedRuleEntry 32 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.33
hwAclIpv6AdvancedVrfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any VPN-instance."
::= { hwAclIpv6AdvancedRuleEntry 33 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.34
hwAclIpv6AdvancedSrcPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source Ipv6 pool name."
::= { hwAclIpv6AdvancedRuleEntry 34 }
-- 1.3.6.1.4.1.2011.5.1.1.13.1.35
hwAclIpv6AdvancedVni OBJECT-TYPE
SYNTAX Integer32 (0..16777215)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ID of VXLAN,
The invalid value is 0."
::= { hwAclIpv6AdvancedRuleEntry 35 }
-- 1.3.6.1.4.1.2011.5.1.1.14
hwAclEthernetFrameRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclEthernetFrameRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for ethernet-frame-based acl group."
::= { hwAclMibObjects 14 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1
hwAclEthernetFrameRuleEntry OBJECT-TYPE
SYNTAX HwAclEthernetFrameRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of ethernet-frame-based acl group."
INDEX { hwAclEthernetFrameAclNum, hwAclEthernetFrameSubitem }
::= { hwAclEthernetFrameRuleTable 1 }
HwAclEthernetFrameRuleEntry ::=
SEQUENCE {
hwAclEthernetFrameAclNum
Integer32,
hwAclEthernetFrameSubitem
Unsigned32,
hwAclEthernetFrameAct
INTEGER,
hwAclEthernetFrameType
Integer32,
hwAclEthernetFrameTypeMask
Integer32,
hwAclEthernetFrameSrcMac
MacAddress,
hwAclEthernetFrameSrcMacMask
MacAddress,
hwAclEthernetFrameDstMac
MacAddress,
hwAclEthernetFrameDstMacMask
MacAddress,
hwAclEthernetFrameTimeRangeIndex
Integer32,
hwAclEthernetFrameLog
TruthValue,
hwAclEthernetFrameEnable
EnabledStatus,
hwAclEthernetFrameCount
Counter64,
hwAclEthernetFrameRowStatus
RowStatus,
hwAclEthernetFrameEncapType
INTEGER,
hwAclEthernetFrameDoubleTag
TruthValue,
hwAclEthernetFrameVlanId
Integer32,
hwAclEthernetFrameVlanIdMask
Integer32,
hwAclEthernetFrameCVlanId
Integer32,
hwAclEthernetFrameCVlanIdMask
Integer32,
hwAclEthernetFrameRule8021p
Integer32,
hwAclEthernetFrameRuleCVlan8021p
Integer32,
hwAclEthernetFrameDescription
OCTET STRING
}
-- 1.3.6.1.4.1.2011.5.1.1.14.1.1
hwAclEthernetFrameAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535)."
::= { hwAclEthernetFrameRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.2
hwAclEthernetFrameSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
by step automatically;otherwise,this rule will not be created."
::= { hwAclEthernetFrameRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.3
hwAclEthernetFrameAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an ethernet-frame-based acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclEthernetFrameRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.4
hwAclEthernetFrameType OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the protocol type of an Ethernet frame.
The value ranges from 0 to 65535."
::= { hwAclEthernetFrameRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.5
hwAclEthernetFrameTypeMask OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the mask of the protocol type of an Ethernet frame.
The value ranges from 0 to 65535."
::= { hwAclEthernetFrameRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.6
hwAclEthernetFrameSrcMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source mac address of rule."
::= { hwAclEthernetFrameRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.7
hwAclEthernetFrameSrcMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the source mac mask of rule."
::= { hwAclEthernetFrameRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.8
hwAclEthernetFrameDstMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination mac address of rule."
::= { hwAclEthernetFrameRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.9
hwAclEthernetFrameDstMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the destination mac mask of rule."
::= { hwAclEthernetFrameRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.10
hwAclEthernetFrameTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the time range of a ethernet frame
acl rule. When the current time is in time range, the rule
is valid. Zero value declares that the acl rule has no
time range. The invalid value is 0."
::= { hwAclEthernetFrameRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.11
hwAclEthernetFrameLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets.
The log contents include sequence number of ACL rule,
packets passed or discarded, source/destination mac addr,
protocol of ethernet frame, and number of packets."
::= { hwAclEthernetFrameRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.12
hwAclEthernetFrameEnable OBJECT-TYPE
SYNTAX EnabledStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclEthernetFrameRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.13
hwAclEthernetFrameCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the number of matched packets by a rule. A maximum of 64 bits are supported."
::= { hwAclEthernetFrameRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.14.1.14
hwAclEthernetFrameRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus,Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclEthernetFrameRuleEntry 14 }
hwAclEthernetFrameEncapType OBJECT-TYPE
SYNTAX INTEGER
{
ether2(1),
ieee802dot3(2),
snap(3),
none(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the encapsulation type of rule."
DEFVAL { none }
::= { hwAclEthernetFrameRuleEntry 15 }
hwAclEthernetFrameDoubleTag OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates two tags of rule. False value do not
care the number of tags."
DEFVAL { false }
::= { hwAclEthernetFrameRuleEntry 16 }
hwAclEthernetFrameVlanId OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the vlan ID of rule. The invalid
vlan ID is 0."
DEFVAL { 0 }
::= { hwAclEthernetFrameRuleEntry 17 }
hwAclEthernetFrameVlanIdMask OBJECT-TYPE
SYNTAX Integer32 (0..4095)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the vlan ID mask of rule."
DEFVAL { 4095 }
::= { hwAclEthernetFrameRuleEntry 18 }
hwAclEthernetFrameCVlanId OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ce-vlan ID of rule. The invalid
vlan ID is 0."
DEFVAL { 0 }
::= { hwAclEthernetFrameRuleEntry 19 }
hwAclEthernetFrameCVlanIdMask OBJECT-TYPE
SYNTAX Integer32 (0..4095)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ce-vlan ID mask of rule."
DEFVAL { 4095 }
::= { hwAclEthernetFrameRuleEntry 20 }
hwAclEthernetFrameRule8021p OBJECT-TYPE
SYNTAX Integer32 (0..7 | 255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the 8021p value of S-tag."
::= { hwAclEthernetFrameRuleEntry 21 }
hwAclEthernetFrameRuleCVlan8021p OBJECT-TYPE
SYNTAX Integer32 (0..7 | 255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the 8021p value of C-tag."
::= { hwAclEthernetFrameRuleEntry 22 }
hwAclEthernetFrameDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the description of this ethernetframe rule.
The object describes the usage of an ACL with a word or a sentence."
::= { hwAclEthernetFrameRuleEntry 23 }
hwAclAppliedTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclAppliedEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the applied ACL."
::= { hwAclMibObjects 15 }
hwAclAppliedEntry OBJECT-TYPE
SYNTAX HwAclAppliedEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a applied ACL."
INDEX { hwAclAppliedOperation, hwAclAppliedScopeType, hwAclAppliedScopeIndex, hwAclAppliedDirection, hwAclAppliedAclNum,
hwAclAppliedSubitem, hwAclAppliedAclNum2, hwAclAppliedSubitem2, hwAclAppliedIsIPv6Acl }
::= { hwAclAppliedTable 1 }
HwAclAppliedEntry ::=
SEQUENCE {
hwAclAppliedOperation
INTEGER,
hwAclAppliedScopeType
INTEGER,
hwAclAppliedScopeIndex
Integer32,
hwAclAppliedDirection
INTEGER,
hwAclAppliedAclNum
Integer32,
hwAclAppliedSubitem
Integer32,
hwAclAppliedAclNum2
Integer32,
hwAclAppliedSubitem2
Integer32,
hwAclAppliedStatMode
INTEGER,
hwAclAppliedStatCount
Counter64,
hwAclAppliedLimitCir
Integer32,
hwAclAppliedLimitPir
Integer32,
hwAclAppliedLimitCbs
Integer32,
hwAclAppliedLimitPbs
Integer32,
hwAclAppliedLimitGreenAction
INTEGER,
hwAclAppliedLimitGreenValue
Integer32,
hwAclAppliedLimitYellowAction
INTEGER,
hwAclAppliedLimitYellowValue
Integer32,
hwAclAppliedLimitRedAction
INTEGER,
hwAclAppliedLimitRedValue
Integer32,
hwAclAppliedMirrObservedPort
Integer32,
hwAclAppliedMirrRspanVlan
Integer32,
hwAclAppliedRedirectIfIndex
Integer32,
hwAclAppliedRedirectIpAddr
IpAddress,
hwAclAppliedRedirectIpv6Addr
Ipv6Address,
hwAclAppliedRemarkVlan
Integer32,
hwAclAppliedRemarkCVlan
Integer32,
hwAclAppliedRemark8021p
Integer32,
hwAclAppliedRemarkDscp
Integer32,
hwAclAppliedRemarkIpPre
Integer32,
hwAclAppliedRemarkLocalPre
Integer32,
hwAclAppliedRemarkMacAddr
MacAddress,
hwAclAppliedIsIPv6Acl
TruthValue,
hwAclAppliedRowStatus
RowStatus
}
hwAclAppliedOperation OBJECT-TYPE
SYNTAX INTEGER
{
filter(1),
limit(2),
mirror(3),
redirectCpu(4),
redirectInterface(5),
redirectIpNextHop(6),
redirectIpv6NextHop(7),
remark8021p(8),
remarkDscp(9),
remarkIpPrecedence(10),
remarkLocalPrecedence(11),
remarkVlanId(12),
remarkCVlanId(13),
remarkDestMac(14),
statistic(15)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The actions taken when packets conforming or exceeding the configured."
::= { hwAclAppliedEntry 1 }
hwAclAppliedScopeType OBJECT-TYPE
SYNTAX INTEGER
{
global(1),
vlan(2),
interface(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The scope that ACL apply on."
::= { hwAclAppliedEntry 2 }
hwAclAppliedScopeIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"When the scope is global, this field is invalid;
When the scope is vlan, this field is vlan ID;
When the scope is interface, this field is interface index."
::= { hwAclAppliedEntry 3 }
hwAclAppliedDirection OBJECT-TYPE
SYNTAX INTEGER
{
inbound(1),
outbound(2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction acl apply on."
::= { hwAclAppliedEntry 4 }
hwAclAppliedAclNum OBJECT-TYPE
SYNTAX Integer32 (2000..4999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of ACL group.
Basic ACL in range 2000~2999;
Advance ACL in range 3000~3999;
Link ACL in range 4000~4999;"
::= { hwAclAppliedEntry 5 }
hwAclAppliedSubitem OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object specifies the number of an ACL rule."
::= { hwAclAppliedEntry 6 }
hwAclAppliedAclNum2 OBJECT-TYPE
SYNTAX Integer32 (2000..3999|65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of ACL group.
65535 means this field is valid."
::= { hwAclAppliedEntry 7 }
hwAclAppliedSubitem2 OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object specifies the number of an ACL rule."
::= { hwAclAppliedEntry 8 }
hwAclAppliedStatMode OBJECT-TYPE
SYNTAX INTEGER
{
byPackets(1),
byBytes(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object specifies the mode of statistics.
When action is statistic, this field is valid."
DEFVAL { byPackets }
::= { hwAclAppliedEntry 9 }
hwAclAppliedStatCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the policy.
When action is statistic or limit, this field is valid."
::= { hwAclAppliedEntry 10 }
hwAclAppliedLimitCir OBJECT-TYPE
SYNTAX Integer32 (0 | 64..10000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Committed information rate. Unit: kbps."
DEFVAL { 0 }
::= { hwAclAppliedEntry 11 }
hwAclAppliedLimitPir OBJECT-TYPE
SYNTAX Integer32 (0 | 64..10000000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Peak information rate. Unit: kbps.
0 is the default value."
DEFVAL { 0 }
::= { hwAclAppliedEntry 12 }
hwAclAppliedLimitCbs OBJECT-TYPE
SYNTAX Integer32 (0 | 4096..16773120)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Committed burst size. Unit: byte.
0 is the default value."
DEFVAL { 0 }
::= { hwAclAppliedEntry 13 }
hwAclAppliedLimitPbs OBJECT-TYPE
SYNTAX Integer32 (0 | 4096..16773120)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Peak burst size. Unit: byte.
0 is the default value."
DEFVAL { 0 }
::= { hwAclAppliedEntry 14 }
hwAclAppliedLimitGreenAction OBJECT-TYPE
SYNTAX INTEGER
{
pass(1),
drop(2),
passRemarkDscp(3),
passRemark8021p(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Green action."
DEFVAL { pass }
::= { hwAclAppliedEntry 15 }
hwAclAppliedLimitGreenValue OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value is to remark When green action is remarking.
For remarking DSCP, the range is 0~63;
For remarking 8021p, the range is 0~7."
::= { hwAclAppliedEntry 16 }
hwAclAppliedLimitYellowAction OBJECT-TYPE
SYNTAX INTEGER
{
pass(1),
drop(2),
passRemarkDscp(3),
passRemark8021p(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Yellow action."
DEFVAL { pass }
::= { hwAclAppliedEntry 17 }
hwAclAppliedLimitYellowValue OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value is to remark When yellow action is remarking.
For remarking DSCP, the range is 0~63;
For remarking 8021p, the range is 0~7."
::= { hwAclAppliedEntry 18 }
hwAclAppliedLimitRedAction OBJECT-TYPE
SYNTAX INTEGER
{
pass(1),
drop(2),
passRemarkDscp(3),
passRemark8021p(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Red action."
DEFVAL { drop }
::= { hwAclAppliedEntry 19 }
hwAclAppliedLimitRedValue OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value is to remark When red action is remarking.
For remarking DSCP, the range is 0~63;
For remarking 8021p, the range is 0~7."
::= { hwAclAppliedEntry 20 }
hwAclAppliedMirrObservedPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mirror observe port number."
::= { hwAclAppliedEntry 21 }
hwAclAppliedMirrRspanVlan OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object specifies the RSPAN vlan.
0 means mirror to local port."
::= { hwAclAppliedEntry 22 }
hwAclAppliedRedirectIfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The redirect output interface."
::= { hwAclAppliedEntry 23 }
hwAclAppliedRedirectIpAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The redirect IP next hop address."
::= { hwAclAppliedEntry 24 }
hwAclAppliedRedirectIpv6Addr OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The redirect IPv6 next hop address."
::= { hwAclAppliedEntry 25 }
hwAclAppliedRemarkVlan OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked vlan ID."
::= { hwAclAppliedEntry 26 }
hwAclAppliedRemarkCVlan OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked ce-vlan ID."
::= { hwAclAppliedEntry 27 }
hwAclAppliedRemark8021p OBJECT-TYPE
SYNTAX Integer32 (0..7)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked 8021p value."
::= { hwAclAppliedEntry 28 }
hwAclAppliedRemarkDscp OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked DSCP value."
::= { hwAclAppliedEntry 29 }
hwAclAppliedRemarkIpPre OBJECT-TYPE
SYNTAX Integer32 (0..7)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked IP precedence value."
::= { hwAclAppliedEntry 30 }
hwAclAppliedRemarkLocalPre OBJECT-TYPE
SYNTAX Integer32 (0..7)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked local precedence value."
::= { hwAclAppliedEntry 31 }
hwAclAppliedRemarkMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The remarked MAC address."
::= { hwAclAppliedEntry 32 }
hwAclAppliedIsIPv6Acl OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object indicates whether is IPv6 ACL."
::= { hwAclAppliedEntry 33 }
hwAclAppliedRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus,Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclAppliedEntry 51 }
hwAclIpv6NumGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIpv6NumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description."
::= { hwAclMibObjects 16 }
hwAclIpv6NumGroupEntry OBJECT-TYPE
SYNTAX HwAclIpv6NumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing characters of an IPv6 ACL group."
INDEX { hwAclIpv6NumGroupAclNum }
::= { hwAclIpv6NumGroupTable 1 }
HwAclIpv6NumGroupEntry ::=
SEQUENCE {
hwAclIpv6NumGroupAclNum
Integer32,
hwAclIpv6NumGroupMatchOrder
INTEGER,
hwAclIpv6NumGroupSubitemNum
Counter32,
hwAclIpv6NumGroupCountClear
INTEGER,
hwAclIpv6NumGroupAclName
OCTET STRING,
hwAclIpv6NumGroupDescription
OCTET STRING,
hwAclIpv6NumGroupAclType
INTEGER,
hwAclIpv6NumGroupRowStatus
RowStatus,
hwAclIpv6NumGroupStep
Integer32
}
hwAclIpv6NumGroupAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object identifies a table index, representing the number of an IPv6 ACL rule group.
The value range is as follows:
Interface-based ACL6: 1000 to 1999
Basic ACL6: 2000 to 2999
Advanced ACL6: 3000 to 3999
Named ACL6: 42768 to 75535"
::= { hwAclIpv6NumGroupEntry 1 }
hwAclIpv6NumGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2),
default(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the match order of rules.
'config' means matching ACL rules in the configuration sequence,
'auto' means the ACL6 rules are matched following the 'Depth-first' principle."
DEFVAL { default }
::= { hwAclIpv6NumGroupEntry 2 }
hwAclIpv6NumGroupSubitemNum OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of the rules in the ACL6 group."
::= { hwAclIpv6NumGroupEntry 3 }
hwAclIpv6NumGroupCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
notUsed(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates whether to clear the statistics of an ACL6 rule group.
cleared(1): clear
notUsed(2): not clear
This object is valid only when the Set operation is performed for this object."
::= { hwAclIpv6NumGroupEntry 4 }
hwAclIpv6NumGroupAclName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the name of an acl6 group,
The first character must be start with a to z or A to Z,
and the length cannot exceed 64 character."
::= { hwAclIpv6NumGroupEntry 5 }
hwAclIpv6NumGroupDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the description of an ACL6 rule group.
The description length cannot exceed 127 characters."
::= { hwAclIpv6NumGroupEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.16.1.7
hwAclIpv6NumGroupAclType OBJECT-TYPE
SYNTAX INTEGER
{
basic(1),
advanced(2),
interface(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of IPv6 ACL group."
::= { hwAclIpv6NumGroupEntry 7 }
hwAclIpv6NumGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three value:CreateAndGo,Active,Destroy."
::= { hwAclIpv6NumGroupEntry 51 }
hwAclIpv6NumGroupStep OBJECT-TYPE
SYNTAX Integer32 (1..20)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the step value of number IPv6 ACL.
Step here refers to the difference between each ID.
For instance, given the step is set to 5,
the IDs are the multiples of 5 beginning with 5.
The IPv6 ACL IDs change along with the step. When the step is 5,
the IPv6 ACL IDs are 5, 10, and 15 and so on.
However, when the step is set to 2, the IDs turn to 2, 4,
and 6 and so on."
::= { hwAclIpv6NumGroupEntry 52 }
hwAclIpv6IfRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIpv6IfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for interface-based acl6 group."
::= { hwAclMibObjects 17 }
hwAclIpv6IfRuleEntry OBJECT-TYPE
SYNTAX HwAclIpv6IfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a rule of interface-based acl6 group."
INDEX { hwAclIpv6IfAclNum, hwAclIpv6IfSubitem }
::= { hwAclIpv6IfRuleTable 1 }
HwAclIpv6IfRuleEntry ::=
SEQUENCE {
hwAclIpv6IfAclNum
Integer32,
hwAclIpv6IfSubitem
Unsigned32,
hwAclIpv6IfAct
INTEGER,
hwAclIpv6IfIndex
Integer32,
hwAclIpv6IfAny
TruthValue,
hwAclIpv6IfTimeRangeIndex
Integer32,
hwAclIpv6IfLog
TruthValue,
hwAclIpv6IfEnable
TruthValue,
hwAclIpv6IfCount
Counter64,
hwAclIpv6IfRowStatus
RowStatus
}
hwAclIpv6IfAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535)."
::= { hwAclIpv6IfRuleEntry 1 }
hwAclIpv6IfSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object specifies the number of an ACL6 rule.
If the number specified has been assigned to an ACL6 rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL6. It will be placed at the end of the
ACL6 when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL6 rule must be given 0, but it will be assigned
automatically;otherwise, this rule will not be created."
::= { hwAclIpv6IfRuleEntry 2 }
hwAclIpv6IfAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of an interface-based acl6 rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclIpv6IfRuleEntry 3 }
hwAclIpv6IfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the index of an interface.
It specifies the interface information of the packets. The invalid
interface index is 0."
::= { hwAclIpv6IfRuleEntry 4 }
hwAclIpv6IfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not matching any interface."
::= { hwAclIpv6IfRuleEntry 5 }
hwAclIpv6IfTimeRangeIndex OBJECT-TYPE
SYNTAX Integer32 (0..256)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the index of the time range during which an ACL rule can be applied.
When the current time is in the time range, the rule is valid. The value 0 is invalid,
indicating that no time range is specified for the rule.The value ranges from 0 to 256."
::= { hwAclIpv6IfRuleEntry 6 }
hwAclIpv6IfLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether to log the matched packets.
The log contents include sequence number of ACL6 rule,
packets passed or discarded, upper layer protocol type over IP,
source/destination address, source/destination port number,
and number of packets."
::= { hwAclIpv6IfRuleEntry 7 }
hwAclIpv6IfEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates whether the rule is valid or invalid."
::= { hwAclIpv6IfRuleEntry 8 }
hwAclIpv6IfCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by basic rule."
::= { hwAclIpv6IfRuleEntry 9 }
hwAclIpv6IfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus,Now support three state:CreateAndGo,Active,Destroy."
::= { hwAclIpv6IfRuleEntry 11 }
-- chenjing 43944
-- 1.3.6.1.4.1.2011.5.1.1.18
hwAclMplsRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclMplsRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for mpls acl group."
::= { hwAclMibObjects 18 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1
hwAclMplsRuleEntry OBJECT-TYPE
SYNTAX HwAclMplsRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a rule of mpls acl."
INDEX { hwAclMplsAclNum, hwAclMplsSubitem }
::= { hwAclMplsRuleTable 1 }
HwAclMplsRuleEntry ::=
SEQUENCE {
hwAclMplsAclNum
Integer32,
hwAclMplsSubitem
Unsigned32,
hwAclMplsAct
INTEGER,
hwAclMplsExp1
Integer32,
hwAclMplsExp2
Integer32,
hwAclMplsExp3
Integer32,
hwAclMplsExp4
Integer32,
hwAclMplsLabel1
Integer32,
hwAclMplsLabel2
Integer32,
hwAclMplsLabel3
Integer32,
hwAclMplsLabel4
Integer32,
hwAclMplsTTLOP1
INTEGER,
hwAclMplsTTL1Begin
Integer32,
hwAclMplsTTL1End
Integer32,
hwAclMplsTTLOP2
INTEGER,
hwAclMplsTTL2Begin
Integer32,
hwAclMplsTTL2End
Integer32,
hwAclMplsTTLOP3
INTEGER,
hwAclMplsTTL3Begin
Integer32,
hwAclMplsTTL3End
Integer32,
hwAclMplsRowStatus
RowStatus,
hwAclMplsCount
Counter64
}
-- 1.3.6.1.4.1.2011.5.1.1.18.1.1
hwAclMplsAclNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of mpls acl group, the index range is (10000..10999 | 42768..76535)."
::= { hwAclMplsRuleEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.2
hwAclMplsSubitem OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The objects specifies the number of an ACL rule.
If the number specified has been assigned to an ACL rule,
the new rule will overwrite the old one,
which is equal to editing the old rule.
If the number is not assigned, the system will define
a rule with the number and insert it to the place
corresponding to its number. If no number is specified,
the system will define a rule, assign a number to it and
add it into the ACL. It will be placed at the end of the
ACL when configuration sequence is adopted; otherwise,
it will be placed based on the 'Depth-first' principle.
When ACL rules are following the 'Depth-first' principle,
the number of an ACL rule must be given 0 ,but it will be assigned
by step automatically;otherwise,this rule will not be created."
::= { hwAclMplsRuleEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.3
hwAclMplsAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the action of a basic acl rule.
'deny' means discarding the packets that meet the condition,
'permit' means permitting the packets that meet the condition."
::= { hwAclMplsRuleEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.4
hwAclMplsExp1 OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the EXP value in the first label of an MPLS packet.
The value ranges from 0 to 7. The default value is 255."
::= { hwAclMplsRuleEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.5
hwAclMplsExp2 OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the EXP value in the second label of an MPLS packet.
The value ranges from 0 to 7. The default value is 255."
::= { hwAclMplsRuleEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.6
hwAclMplsExp3 OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the EXP value in the third label of an MPLS packet.
The value ranges from 0 to 7. The default value is 255."
::= { hwAclMplsRuleEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.7
hwAclMplsExp4 OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the EXP value in the fourth label of an MPLS packet.
The value ranges from 0 to 7. The default value is 255."
::= { hwAclMplsRuleEntry 7 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.8
hwAclMplsLabel1 OBJECT-TYPE
SYNTAX Integer32 (-1|0..1048575)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the Label value in the first label of an MPLS packet.
The value ranges from 0 to 1048575. The default value is -1."
::= { hwAclMplsRuleEntry 8 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.9
hwAclMplsLabel2 OBJECT-TYPE
SYNTAX Integer32 (-1|0..1048575)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the Label value in the second label of an MPLS packet.
The value ranges from 0 to 1048575. The default value is -1."
::= { hwAclMplsRuleEntry 9 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.10
hwAclMplsLabel3 OBJECT-TYPE
SYNTAX Integer32 (-1|0..1048575)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the Label value in the third label of an MPLS packet.
The value ranges from 0 to 1048575. The default value is -1."
::= { hwAclMplsRuleEntry 10 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.11
hwAclMplsLabel4 OBJECT-TYPE
SYNTAX Integer32 (-1|0..1048575)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies the Label value in the fourth label of an MPLS packet.
The value ranges from 0 to 1048575. The default value is -1."
::= { hwAclMplsRuleEntry 11 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.12
hwAclMplsTTLOP1 OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
range(5),
invalid(0),
any(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ttl operation symbol of a mpls
acl rule. It compares the operators of ttl value.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'range' means between,
'invalid' means this operation of the ttl is invalid."
::= { hwAclMplsRuleEntry 12 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.13
hwAclMplsTTL1Begin OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin value of a mpls ttl."
::= { hwAclMplsRuleEntry 13 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.14
hwAclMplsTTL1End OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end value of a mpls ttl."
::= { hwAclMplsRuleEntry 14 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.15
hwAclMplsTTLOP2 OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
range(5),
invalid(0),
any(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ttl operation symbol of a mpls
acl rule. It compares the operators of ttl value.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'range' means between,
'invalid' means this operation of the ttl is invalid."
::= { hwAclMplsRuleEntry 15 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.16
hwAclMplsTTL2Begin OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin value of a mpls ttl."
::= { hwAclMplsRuleEntry 16 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.17
hwAclMplsTTL2End OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end value of a mpls ttl."
::= { hwAclMplsRuleEntry 17 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.18
hwAclMplsTTLOP3 OBJECT-TYPE
SYNTAX INTEGER
{
lt(1),
eq(2),
gt(3),
range(5),
invalid(0),
any(255)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the ttl operation symbol of a mpls
acl rule. It compares the operators of ttl value.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'range' means between,
'invalid' means this operation of the ttl is invalid."
::= { hwAclMplsRuleEntry 18 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.19
hwAclMplsTTL3Begin OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin value of a mpls ttl."
::= { hwAclMplsRuleEntry 19 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.20
hwAclMplsTTL3End OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end value of a mpls ttl."
::= { hwAclMplsRuleEntry 20 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.21
hwAclMplsRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, Now support three value:CreateAndGo,Active and Destroy."
::= { hwAclMplsRuleEntry 21 }
-- 1.3.6.1.4.1.2011.5.1.1.18.1.22
hwAclMplsCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object indicates the statistics of matched packets by the rule."
::= { hwAclMplsRuleEntry 22 }
-- chenjing 43944
-- 1.3.6.1.4.1.2011.5.1.1.19
hwAclDomainNameConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclDomainNameConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the domain name."
::= { hwAclMibObjects 19 }
-- 1.3.6.1.4.1.2011.5.1.1.19.1
hwAclDomainNameConfigEntry OBJECT-TYPE
SYNTAX HwAclDomainNameConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a domain name."
INDEX { hwAclDomainID }
::= { hwAclDomainNameConfigTable 1 }
HwAclDomainNameConfigEntry ::=
SEQUENCE {
hwAclDomainID
Integer32,
hwAclDomainName
OCTET STRING,
hwAclDomainNameConfigRowStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.1.1.19.1.1
hwAclDomainID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of DomianName table, the index range is (0..31)."
::= { hwAclDomainNameConfigEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.19.1.2
hwAclDomainName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (3..127))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The domian name."
::= { hwAclDomainNameConfigEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.19.1.3
hwAclDomainNameConfigRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status,Two actions are used: createAndGo(4), destroy(6)."
::= { hwAclDomainNameConfigEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.20
hwAclIPPoolTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIPPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the IP pool name."
::= { hwAclMibObjects 20 }
-- 1.3.6.1.4.1.2011.5.1.1.20.1
hwAclIPPoolEntry OBJECT-TYPE
SYNTAX HwAclIPPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a IP pool name."
INDEX { hwAclIPPoolIndex }
::= { hwAclIPPoolTable 1 }
HwAclIPPoolEntry ::=
SEQUENCE {
hwAclIPPoolIndex
Integer32,
hwAclIPPoolName
OCTET STRING,
hwAclIPPoolRowStatus
RowStatus,
hwAclIPPoolApplyBGPPeer
TruthValue
}
-- 1.3.6.1.4.1.2011.5.1.1.20.1.1
hwAclIPPoolIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ACL IP pool table."
::= { hwAclIPPoolEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.20.1.2
hwAclIPPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP pool name."
::= { hwAclIPPoolEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.20.1.3
hwAclIPPoolRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status."
::= { hwAclIPPoolEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.20.1.4
hwAclIPPoolApplyBGPPeer OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not BGP peers are applied."
::= { hwAclIPPoolEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.21
hwAclIPPoolIPTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIPPoolIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the IP address of IP pool."
::= { hwAclMibObjects 21 }
-- 1.3.6.1.4.1.2011.5.1.1.21.1
hwAclIPPoolIPEntry OBJECT-TYPE
SYNTAX HwAclIPPoolIPEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a IP address of IP pool."
INDEX { hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex }
::= { hwAclIPPoolIPTable 1 }
HwAclIPPoolIPEntry ::=
SEQUENCE {
hwAclIPPoolIPPoolIndex
Integer32,
hwAclIPPoolIPIndex
Integer32,
hwAclIPPoolIPIpAdd
IpAddress,
hwAclIPPoolIPIpWild
IpAddress,
hwAclIPPoolIPRowStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.1.1.21.1.1
hwAclIPPoolIPPoolIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the level 1 index, that is, the index of an IP address pool used by an ACL."
::= { hwAclIPPoolIPEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.21.1.2
hwAclIPPoolIPIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the level 2 index, that is, the index of an IPv4 address in an IP address pool used by an ACL."
::= { hwAclIPPoolIPEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.21.1.3
hwAclIPPoolIPIpAdd OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the IP-address."
::= { hwAclIPPoolIPEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.21.1.4
hwAclIPPoolIPIpWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the IP-address wild."
::= { hwAclIPPoolIPEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.21.1.5
hwAclIPPoolIPRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status."
::= { hwAclIPPoolIPEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.22
hwAclPortPoolTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclPortPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the port pool name."
::= { hwAclMibObjects 22 }
-- 1.3.6.1.4.1.2011.5.1.1.22.1
hwAclPortPoolEntry OBJECT-TYPE
SYNTAX HwAclPortPoolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a port pool name."
INDEX { hwAclPortPoolIndex }
::= { hwAclPortPoolTable 1 }
HwAclPortPoolEntry ::=
SEQUENCE {
hwAclPortPoolIndex
Integer32,
hwAclPortPoolName
OCTET STRING,
hwAclPortPoolRowStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.1.1.22.1.1
hwAclPortPoolIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ACL port pool table."
::= { hwAclPortPoolEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.22.1.2
hwAclPortPoolName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Port pool name."
::= { hwAclPortPoolEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.22.1.3
hwAclPortPoolRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status."
::= { hwAclPortPoolEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.23
hwAclPortPoolPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclPortPoolPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the port range of port pool."
::= { hwAclMibObjects 23 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1
hwAclPortPoolPortEntry OBJECT-TYPE
SYNTAX HwAclPortPoolPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a port range of port pool."
INDEX { hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex }
::= { hwAclPortPoolPortTable 1 }
HwAclPortPoolPortEntry ::=
SEQUENCE {
hwAclPortPoolPortPoolIndex
Integer32,
hwAclPortPoolPortIndex
Integer32,
hwAclPortPoolPortOp
INTEGER,
hwAclPortPoolPortNumBegin
Integer32,
hwAclPortPoolPortNumEnd
Integer32,
hwAclPortPoolPortRowStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.1.1.23.1.1
hwAclPortPoolPortPoolIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the level 1 index, that is, the index of an ACL port pool."
::= { hwAclPortPoolPortEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1.2
hwAclPortPoolPortIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the level 2 index, that is, the index of a port number in the ACL port pool."
::= { hwAclPortPoolPortEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1.3
hwAclPortPoolPortOp OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
lt(1),
eq(2),
gt(3),
neq(4),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the Port operation.
'lt' means less than,
'eq' means equal to,
'gt' means greater than,
'neq' means not equal to,
'range' means between,
'invalid' means this operation of the rule is invalid."
::= { hwAclPortPoolPortEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1.4
hwAclPortPoolPortNumBegin OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the begin port number."
::= { hwAclPortPoolPortEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1.5
hwAclPortPoolPortNumEnd OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates the end port number."
::= { hwAclPortPoolPortEntry 5 }
-- 1.3.6.1.4.1.2011.5.1.1.23.1.6
hwAclPortPoolPortRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status."
::= { hwAclPortPoolPortEntry 6 }
-- 1.3.6.1.4.1.2011.5.1.1.24
hwAclIPPool6Table OBJECT-TYPE
SYNTAX SEQUENCE OF HwAclIPPool6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the IPv6 pool name."
::= { hwAclMibObjects 24 }
-- 1.3.6.1.4.1.2011.5.1.1.24.1
hwAclIPPool6Entry OBJECT-TYPE
SYNTAX HwAclIPPool6Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry is a IPv6 pool name."
INDEX { hwAclIPPool6Index }
::= { hwAclIPPool6Table 1 }
HwAclIPPool6Entry ::=
SEQUENCE {
hwAclIPPool6Index
Integer32,
hwAclIPPool6Name
OCTET STRING,
hwAclIPPool6ApplyBGPIPv6Peer
TruthValue,
hwAclIPPool6RowStatus
RowStatus
}
-- 1.3.6.1.4.1.2011.5.1.1.24.1.1
hwAclIPPool6Index OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of ACL IPv6 pool table."
::= { hwAclIPPool6Entry 1 }
-- 1.3.6.1.4.1.2011.5.1.1.24.1.2
hwAclIPPool6Name OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IPv6 pool name."
::= { hwAclIPPool6Entry 2 }
-- 1.3.6.1.4.1.2011.5.1.1.24.1.3
hwAclIPPool6ApplyBGPIPv6Peer OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The object indicates whether or not BGP IPv6 peers are applied."
::= { hwAclIPPool6Entry 3 }
-- 1.3.6.1.4.1.2011.5.1.1.24.1.4
hwAclIPPool6RowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status."
::= { hwAclIPPool6Entry 4 }
-- Acl Trap MIB definition
--
-- 1.3.6.1.4.1.2011.5.1.2
hwAclMibTrap OBJECT IDENTIFIER ::= { hwAcl 2 }
-- 1.3.6.1.4.1.2011.5.1.2.1
hwAclTrapOid OBJECT IDENTIFIER ::= { hwAclMibTrap 1 }
-- 1.3.6.1.4.1.2011.5.1.2.2
hwAclTrapsDefine OBJECT IDENTIFIER ::= { hwAclMibTrap 2 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1
hwAclTraps OBJECT IDENTIFIER ::= { hwAclTrapsDefine 1 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1
hwAclResourceTrapsTable OBJECT IDENTIFIER ::= { hwAclTraps 1 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.1
hwAclResSlotStr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The infomation of slot."
::= { hwAclResourceTrapsTable 1 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.2
hwAclResStage OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The stage where trap infomation exists."
::= { hwAclResourceTrapsTable 2 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.3
hwAclResLimit OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The usage of rule resource."
::= { hwAclResourceTrapsTable 3 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4
hwAclResourceTrapsEntry OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 4 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1
hwAclResThresholdExceedClearTrap NOTIFICATION-TYPE
OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
STATUS current
DESCRIPTION
"Acl resource lack clear trap"
::= { hwAclResourceTrapsEntry 1 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2
hwAclResThresholdExceedTrap NOTIFICATION-TYPE
OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
STATUS current
DESCRIPTION
"Acl resource lack trap"
::= { hwAclResourceTrapsEntry 2 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3
hwAclResTotalCountExceedClearTrap NOTIFICATION-TYPE
OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
STATUS current
DESCRIPTION
"Acl resource full clear trap"
::= { hwAclResourceTrapsEntry 3 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4
hwAclResTotalCountExceedTrap NOTIFICATION-TYPE
OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
STATUS current
DESCRIPTION
"Acl resource full trap"
::= { hwAclResourceTrapsEntry 4 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5
hwAclResourceTrapsGroups OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 5 }
-- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1
hwAclResourceTrapsGroup NOTIFICATION-GROUP
NOTIFICATIONS { hwAclResThresholdExceedClearTrap, hwAclResThresholdExceedTrap, hwAclResTotalCountExceedClearTrap, hwAclResTotalCountExceedTrap }
STATUS current
DESCRIPTION
"Group for all acl resource traps."
::= { hwAclResourceTrapsGroups 1 }
-- Acl MIB Conformance definition
--
-- 1.3.6.1.4.1.2011.5.1.3
hwAclMibConformance OBJECT IDENTIFIER ::= { hwAcl 3 }
-- 1.3.6.1.4.1.2011.5.1.3.1
hwAclMibCompliances OBJECT IDENTIFIER ::= { hwAclMibConformance 1 }
-- this module
-- 1.3.6.1.4.1.2011.5.1.3.1.1
hwAclMibCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which
implement the Huawei acl MIB."
MODULE -- this module
MANDATORY-GROUPS { hwAclGroup }
OBJECT hwAclBasicRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destory(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclAdvancedRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destory(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclIfRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclIpv6BasicRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclIpv6AdvancedRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclEthernetFrameRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclAppliedRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclIpv6NumGroupRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclIpv6IfRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
OBJECT hwAclMplsRowStatus
SYNTAX INTEGER
{
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"The value of creatAndWaite, notInservice and notReady are not required."
::= { hwAclMibCompliances 1 }
-- 1.3.6.1.4.1.2011.5.1.3.2
hwAclMibGroups OBJECT IDENTIFIER ::= { hwAclMibConformance 2 }
-- 1.3.6.1.4.1.2011.5.1.3.2.1
hwAclGroup OBJECT-GROUP
OBJECTS { hwAclNumGroupMatchOrder, hwAclNumGroupSubitemNum, hwAclNumGroupAclName, hwAclBasicAct, hwAclBasicSrcIp,
hwAclBasicSrcWild, hwAclBasicTimeRangeIndex, hwAclBasicFragments, hwAclBasicLog, hwAclBasicEnable,
hwAclBasicCount, hwAclBasicVrfAny, hwAclBasicRowStatus, hwAclAdvancedAct, hwAclAdvancedProtocol, hwAclAdvancedSrcIp,
hwAclAdvancedSrcWild, hwAclAdvancedSrcOp, hwAclAdvancedSrcPort1, hwAclAdvancedSrcPort2, hwAclAdvancedDestIp,
hwAclAdvancedDestWild, hwAclAdvancedDestOp, hwAclAdvancedDestPort1, hwAclAdvancedDestPort2, hwAclAdvancedPrecedence,
hwAclAdvancedTos, hwAclAdvancedDscp, hwAclAdvancedEstablish, hwAclAdvancedTimeRangeIndex, hwAclAdvancedIcmpType,
hwAclAdvancedIcmpCode, hwAclAdvancedFragments, hwAclAdvancedLog, hwAclAdvancedEnable, hwAclAdvancedCount,
hwAclAdvancedRowStatus, hwAclAdvancedTcpSyncFlag, hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName,
hwAclAdvancedProtocolNew, hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire,
hwAclAdvancedTtlExpireEnd, hwAclAdvancedSrcPortPoolName, hwAclAdvancedDestPortPoolName, hwAclAdvancedIcmpTypeEnd, hwAclAdvancedVrfAny, hwAclIfAct, hwAclIfIndex, hwAclIfAny,
hwAclIfTimeRangeIndex, hwAclIfLog, hwAclIfEnable, hwAclIfCount, hwAclIfRowStatus,
hwAclUserAct, hwAclUserProtocol, hwAclUserSrcIp, hwAclUserSrcWild, hwAclUserSrcOp,
hwAclUserSrcPort1, hwAclUserSrcPort2, hwAclUserDestIp, hwAclUserDestWild, hwAclUserDestOp,
hwAclUserDestPort1, hwAclUserDestPort2, hwAclUserPrecedence, hwAclUserTos, hwAclUserDscp,
hwAclUserEstablish, hwAclUserTimeRangeIndex, hwAclUserIcmpType, hwAclUserIcmpCode, hwAclUserFragments,
hwAclUserLog, hwAclUserEnable, hwAclUserCount, hwAclUserSrcUserGroupName, hwAclUserDestUserGroupName,
hwAclUserSrcModeType, hwAclUserDestModeType, hwAclUserRowStatus, hwAclCompileEnableFlag, hwAclNumGroupAclNum,
hwAclBasicAclNum, hwAclBasicSubitem, hwAclAdvancedAclNum, hwAclAdvancedSubitem, hwAclIfAclNum,
hwAclIfSubitem, hwAclUserAclNum, hwAclUserSubitem, hwAclUserVrfName, hwAclUserTcpSyncFlag,
hwAclEthernetFrameEncapType, hwAclEthernetFrameDoubleTag, hwAclEthernetFrameVlanId, hwAclEthernetFrameVlanIdMask, hwAclEthernetFrameCVlanId,
hwAclEthernetFrameCVlanIdMask, hwAclAppliedStatMode, hwAclAppliedStatCount, hwAclAppliedLimitCir, hwAclAppliedLimitPir,
hwAclAppliedLimitCbs, hwAclAppliedLimitPbs, hwAclAppliedLimitGreenAction, hwAclAppliedLimitGreenValue, hwAclAppliedLimitYellowAction,
hwAclAppliedLimitYellowValue, hwAclAppliedLimitRedAction, hwAclAppliedLimitRedValue, hwAclAppliedMirrObservedPort, hwAclAppliedMirrRspanVlan,
hwAclAppliedRedirectIfIndex, hwAclAppliedRedirectIpAddr, hwAclAppliedRedirectIpv6Addr, hwAclAppliedRemarkVlan, hwAclAppliedRemarkCVlan,
hwAclAppliedRemark8021p, hwAclAppliedRemarkDscp, hwAclAppliedRemarkIpPre, hwAclAppliedRemarkLocalPre, hwAclAppliedRemarkMacAddr,
hwAclAppliedRowStatus, hwAclCompileNumGroupStatus, hwAclNumGroupStep, hwAclNumGroupDescription, hwAclNumGroupCountClear,
hwAclNumGroupRowStatus, hwAclBasicVrfName, hwAclAdvancedVrfName, hwAclIpv6BasicAct, hwAclIpv6BasicSrcIp,
hwAclIpv6BasicSrcPrefix, hwAclIpv6BasicTimeRangeIndex, hwAclIpv6BasicFragment, hwAclIpv6BasicLog, hwAclIpv6BasicEnable,
hwAclIpv6BasicCount, hwAclIpv6BasicVrfName, hwAclIpv6BasicRowStatus, hwAclIpv6BasicVrfAny, hwAclIpv6AdvancedAct, hwAclIpv6AdvancedProtocol,
hwAclIpv6AdvancedSrcIp, hwAclIpv6AdvancedSrcPrefix, hwAclIpv6AdvancedSrcOp, hwAclIpv6AdvancedSrcPort1, hwAclIpv6AdvancedSrcPort2,
hwAclIpv6AdvancedDestIp, hwAclIpv6AdvancedDestPrefix, hwAclIpv6AdvancedDestOp, hwAclIpv6AdvancedDestPort1, hwAclIpv6AdvancedDestPort2,
hwAclIpv6AdvancedPrecedence, hwAclIpv6AdvancedTos, hwAclIpv6AdvancedDscp, hwAclIpv6AdvancedEstablish, hwAclIpv6AdvancedTimeRangeIndex,
hwAclIpv6AdvancedIcmpType, hwAclIpv6AdvancedIcmpCode, hwAclIpv6AdvancedFragment, hwAclIpv6AdvancedLog, hwAclIpv6AdvancedEnable,
hwAclIpv6AdvancedCount, hwAclIpv6AdvancedVrfName, hwAclIpv6AdvancedRowStatus, hwAclIpv6AdvancedProtocolNew, hwAclIpv6AdvancedIcmpTypeEnd, hwAclIpv6AdvancedVrfAny, hwAclEthernetFrameAct, hwAclEthernetFrameType,
hwAclEthernetFrameTypeMask, hwAclEthernetFrameSrcMac, hwAclEthernetFrameSrcMacMask, hwAclEthernetFrameDstMac, hwAclEthernetFrameDstMacMask,
hwAclEthernetFrameTimeRangeIndex, hwAclEthernetFrameLog, hwAclEthernetFrameEnable, hwAclEthernetFrameCount,
hwAclEthernetFrameRowStatus, hwAclEthernetFrameRule8021p, hwAclEthernetFrameRuleCVlan8021p,
hwAclIpv6NumGroupMatchOrder, hwAclIpv6NumGroupSubitemNum, hwAclIpv6NumGroupCountClear, hwAclIpv6NumGroupRowStatus, hwAclIpv6NumGroupAclName,
hwAclIpv6IfAct, hwAclIpv6IfIndex, hwAclIpv6IfAny, hwAclIpv6IfTimeRangeIndex, hwAclIpv6IfLog, hwAclIpv6IfEnable, hwAclIpv6IfCount, hwAclIpv6IfRowStatus,
hwAclMplsAct, hwAclMplsExp1, hwAclMplsExp2,
hwAclMplsExp3, hwAclMplsExp4, hwAclMplsLabel1, hwAclMplsLabel2, hwAclMplsLabel3,
hwAclMplsLabel4, hwAclMplsTTLOP1, hwAclMplsTTL1Begin, hwAclMplsTTL1End,
hwAclMplsTTLOP2, hwAclMplsTTL2Begin, hwAclMplsTTL2End,
hwAclMplsTTLOP3, hwAclMplsTTL3Begin, hwAclMplsTTL3End, hwAclMplsRowStatus, hwAclMplsCount, hwAclIpv6BasicSrcMask, hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask,
hwAclIPPoolIndex, hwAclIPPoolName, hwAclIPPoolRowStatus,
hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex, hwAclIPPoolIPIpAdd, hwAclIPPoolIPIpWild, hwAclIPPoolIPRowStatus,
hwAclPortPoolIndex, hwAclPortPoolName, hwAclPortPoolRowStatus,
hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex, hwAclPortPoolPortOp, hwAclPortPoolPortNumBegin, hwAclPortPoolPortNumEnd, hwAclPortPoolPortRowStatus}
STATUS current
DESCRIPTION
"A collection of objects providing mandatory acl information."
::= { hwAclMibGroups 1 }
END