mibs/MIBS/comware/HH3C-ACL-MIB

7341 lines
252 KiB
Plaintext
Raw Normal View History

2023-12-05 12:25:34 +01:00
-- ============================================================================
-- Copyright (c) 2004-2015 New H3C Tech. Co., Ltd. All rights reserved.
--
-- Description:
-- Reference:
-- Version: V3.4
-- History:
-- V1.0 created by yuhui.
-- V2.0 2004-10-12 updated by gaolong
-- Define MODULE-IDENTITY for hh3cAcl
-- Remove chinese characters
-- Add limitation(0..65535) for some table index
-- Fix a default value error of hh3cAclAdvancedEstablish
-- V2.1 2004-11-18 updated by yubo
-- Add 'hh3cAclIDSTable' for IDS
-- V2.2 2004-12-13
-- Fix syntax bugs and adjust format of the whole file by jinyi
-- Modify description of hh3cAclAdvancedDscp by zhuangyu
-- V2.3 2005-1-26 updated by WuZhao02557
-- Change MAX-ACCESS from read-create to not-accessible for the
-- following MIB nodes:
-- hh3cAclNumGroupAclNum, hh3cAclNameGroupIndex, hh3cAclBasicAclNum,
-- hh3cAclBasicSubitem, hh3cAclAdvancedAclNum, hh3cAclAdvancedSubitem
-- hh3cAclIfAclNum, hh3cAclIfSubitem, hh3cAclLinkAclNum, hh3cAclLinkSubitem
-- hh3cAclUserAclNum, hh3cAclUserSubitem, hh3cAclActiveAclIndex,
-- hh3cAclActiveIfIndex, hh3cAclActiveVlanID, hh3cAclActiveDirection
-- Adjust format of whole file.
-- 2005-01-27 updated by zhangyinxi
-- 1. Add objects hh3cAclLinkL2LabelRangeOp, hh3cAclLinkL2LabelRangeBegin
-- hh3cAclLinkL2LabelRangeEnd and hh3cAclLinkMplsExp in hh3cAclLinkTable
-- 2. Add an enumeration mpls(34887) to object hh3cAclLinkProtocol
-- 3. Expand the range of object hh3cAclActiveVlanID to Integer32
-- V2.4 2005-2-24
-- Make the index of hh3cAclIDSTable IMPLIED by fuzhenyu because IDS devices
-- require fixed length index to be used. IDS devices only provide index
-- with no sub-identifier indicating the length of the string.
-- Modify enum name(value is 4) of hh3cAclLinkFormatType to ieee802Dot3 by daishijun
-- V2.5 2005-7-25
-- Add objects hh3cAclMib2Mode, hh3cAclVersion, hh3cAclMib2ObjectsCapabilities,
-- hh3cAclIPAclNumGroupTable, hh3cAclIPAclBasicTable, hh3cAclIPAclAdvancedTable,
-- hh3cAclMACTable, hh3cAclEnUserTable by tangshun.
-- V2.6 2006-01-03
-- Add objects hh3cAclIPAclBasicComment, hh3cAclIPAclAdvancedComment,
-- hh3cAclMACComment, hh3cAclEnUserComment by tangshun.
-- V2.7 2006-03-09 updated by changhuifeng
-- Add object hh3cAclIPAclAdvancedReflective in hh3cAclIPAclAdvancedTable.
-- Modify the description of object hh3cAclIPAclAdvancedFragmentFlag.
-- Modify the description of object hh3cAclMib2Version.
-- Modify the description of object hh3cAclLinkDestAny for text error.
-- Modify the description of object hh3cAclMib2CharacteristicsValue.
-- V2.8 2006-07-06 updated by xialei
-- Modify the description of hh3cAclIPAclAdvancedIcmpType
-- and hh3cAclIPAclAdvancedIcmpCode.
-- Change value range of hh3cAclIPAclAdvancedIcmpCode.
-- V2.9 2006-08-08 updated by chenzhaojie
-- Add enumeration value to hh3cAclActiveDirection.
-- V3.0 2010-09-01 updated by zhaixiaoxiang
-- Add hh3cAclResourceUsageTable.
-- V3.1 2012-02-06 updated by wangchenxiao
-- Add hh3cPacketfilterTrapObjects
-- Add hh3cPacketfilterTrap
-- 2012-02-14 updated by mouxuanli
-- Add hh3cAclMib2ProcessingStatus of object hh3cAclMib2NodesGroup
-- Add hh3cAclNumberGroupName of object hh3cAclNumberGroupTable
-- Add hh3cAclIPAclBasicCounting of object hh3cAclIPAclBasicTable
-- Add hh3cAclIPAclBasicRouteTypeAny of object hh3cAclIPAclBasicTable
-- Add hh3cAclIPAclBasicRouteTypeValue of object hh3cAclIPAclBasicTable
-- Add hh3cAclIPAclAdvancedCounting of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedTCPFlagMask of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedTCPFlagValue of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedRouteTypeAny of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedRouteTypeValue of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedFlowLabel of object hh3cAclIPAclAdvancedTable
-- Add hh3cAclMACLog of object hh3cAclMACTable
-- Add hh3cAclMACCounting of object hh3cAclMACTable
-- Add hh3cAclEnUserLog of object hh3cAclEnUserTable
-- Add hh3cAclEnUserCounting of object hh3cAclEnUserTable
-- Modify the description of hh3cAclResourceType
-- Add hh3cAclResourceTypeDescription of object hh3cAclResourceUsageTable
-- Add hh3cAclPacketFilterObjects
-- V3.2 2012-11-30 updated by gaoyu
-- Add hh3cPfilterRunApplyObjType of object hh3cPfilterAclGroupRunInfoTable
-- Add hh3cPfilterRunApplyObjIndex of object hh3cPfilterAclGroupRunInfoTable
-- Add hh3cPfilterRunApplyDirection of object hh3cPfilterAclGroupRunInfoTable
-- Add hh3cPfilterRunApplyAclType of object hh3cPfilterAclGroupRunInfoTable
-- Add hh3cPfilterRunApplyAclIndex of object hh3cPfilterAclGroupRunInfoTable
-- modify the hh3cPfilterRunApplyObjType of object hh3cPfilterAclRuleRunInfoTable
-- modify the hh3cPfilterRunApplyObjIndex of object hh3cPfilterAclRuleRunInfoTable
-- modify the hh3cPfilterRunApplyDirection of object hh3cPfilterAclRuleRunInfoTable
-- modify the hh3cPfilterRunApplyAclType of object hh3cPfilterAclRuleRunInfoTable
-- modify the hh3cPfilterRunApplyAclIndex of object hh3cPfilterAclRuleRunInfoTable
-- V3.3 2013-11-30 updated by gaoyu
-- Add hh3cAclNamedGroupTable to object hh3cAclMib2GlobalGroup
-- Add hh3cAclIPAclNamedBscTable to object hh3cAclIPAclGroup
-- Add hh3cAclIPAclNamedAdvTable to object hh3cAclIPAclGroup
-- Add hh3cAclNamedMACTable to object hh3cAclMACAclGroup
-- Add hh3cAclIntervalGroup to object hh3cAclMib2Objects
-- Modify hh3cPfilterApplyAclType of object hh3cPfilterApplyTable
-- Modify hh3cPfilterRunApplyAclType of object hh3cPfilterAclGroupRunInfoTable
-- Modify hh3cPfilterSumAclType of object hh3cPfilterStatisticSumTable
-- Add hh3cPfilter2ApplyTable to object hh3cAclPacketFilterObjects
-- Add hh3cPfilter2AclGroupRunInfoTable to object hh3cAclPacketFilterObjects
-- Add hh3cPfilter2AclRuleRunInfoTable to object hh3cAclPacketFilterObjects
-- Add hh3cPfilter2StatisticSumTable to object hh3cAclPacketFilterObjects
-- Add hh3cAclPacketIfName to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketDirection to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketBAGG to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketVlanID to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketSrcIP to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketDstIP to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketProtocol to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketDscp to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketFlowLabel to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketIcmpIgmpType to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketIcmpIgmpCode to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketTcpFlags to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketSrcPort to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketDstPort to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketSrcMacAddr to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketDstMacAddr to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketMacTypeLen to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclPacketVlanPCP to object hh3cAclPacketfilterTrapObjects
-- Add hh3cAclRuleMatchCount to object hh3cPfilterTrapPrefix
-- Add hh3cAclFirstIPv4PktCaptured to object hh3cPfilterTrapPrefix
-- Add hh3cAclFirstIPv6PktCaptured to object hh3cPfilterTrapPrefix
-- Add hh3cAclFirstEthernetPktCaptured to object hh3cPfilterTrapPrefix
-- 2014-2-20 updated by gaoyu
-- Add hh3cAclNamedUserTable to object hh3cAclEnUserAclGroup
-- 2014-07-08 updated by gaoyu
-- Add hh3cAclIPAclAdvancedSrcSuffix to object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclAdvancedDestSuffix to object hh3cAclIPAclAdvancedTable
-- Add hh3cAclIPAclNamedAdvSrcSuffix to object hh3cAclIPAclNamedAdvTable
-- Add hh3cAclIPAclNamedAdvDstSuffix to object hh3cAclIPAclNamedAdvTable
-- V3.4 2014-10-20 updated by gaoyu
-- Add hh3cAclMib2ResourceThreshold to object hh3cAclMib2NodesGroup
-- Add hh3cAclMib2ResourceLogInterval to object hh3cAclMib2NodesGroup
-- Add hh3cAclResourceTypeName to object hh3cAclTrapObjects
-- Add hh3cAclResourceUsage to object hh3cAclTrapObjects
-- Add hh3cAclResourceUsedEntries to object hh3cAclTrapObjects
-- Add hh3cAclResourceTotalEntries to object hh3cAclTrapObjects
-- Add hh3cAclResourceChassisID to object hh3cAclTrapObjects
-- Add hh3cAclResourceSlotID to object hh3cAclTrapObjects
-- Add hh3cAclResourceTrap to object hh3cAclTrapPrefix
-- ============================================================================
HH3C-ACL-MIB DEFINITIONS ::= BEGIN
IMPORTS
hh3cCommon
FROM HH3C-OID-MIB
IpAddress, Integer32, Counter32, OBJECT-TYPE, MODULE-IDENTITY,
NOTIFICATION-TYPE, Unsigned32, Counter64
FROM SNMPv2-SMI
InetAddressType, InetAddress, InetAddressPrefixLength
FROM INET-ADDRESS-MIB
RowStatus, TruthValue, MacAddress, TEXTUAL-CONVENTION
FROM SNMPv2-TC;
--
-- Node definitions
--
hh3cAcl MODULE-IDENTITY
LAST-UPDATED "201410201000Z" -- Oct 20, 2014 at 10:00 GMT
ORGANIZATION
"New H3C Technologies Co., Ltd."
CONTACT-INFO
"Platform Team New H3C Technologies Co., Ltd.
Hai-Dian District Beijing P.R. China
http://www.h3c.com
Zip:100085
"
DESCRIPTION
"ACL management information base for managing devices
that support access control list and packet filtering.
"
REVISION "201410201000Z" -- Oct 22, 2014 at 10:00 GMT
DESCRIPTION
"Added 2 ndoes to configure TCAM function and 6 nodes to show trap info."
::= { hh3cCommon 8 }
-- Rule action value
RuleAction ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The value of rule's action.
permit: The packet matching the rule will be permitted to forward.
deny: The packet matching the rule will be denied.
"
SYNTAX INTEGER
{
invalid(1),
permit(2),
deny(3)
}
-- CounterClear value
CounterClear ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"cleared: Reset the value of the rule's counter.
nouse: 'nouse' will be returned when getting.
"
SYNTAX INTEGER
{
cleared(1),
nouse(2)
}
-- PortOp value
PortOp ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The operation type of TCP and UDP.
lt : Less than given port number.
eq : Equal to given port number.
gt : Greater than given port number.
neq : Not equal to given port number.
range : Between two port numbers.
Default value is 'invalid'.
"
SYNTAX INTEGER
{
invalid(0),
lt(1),
eq(2),
gt(3),
neq(4),
range(5)
}
-- DSCP value
DSCPValue ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d"
STATUS current
DESCRIPTION
"The value of DSCP.
<0-63> Value of DSCP
af11 Specify Assured Forwarding 11 service(10)
af12 Specify Assured Forwarding 12 service(12)
af13 Specify Assured Forwarding 13 service(14)
af21 Specify Assured Forwarding 21 service(18)
af22 Specify Assured Forwarding 22 service(20)
af23 Specify Assured Forwarding 23 service(22)
af31 Specify Assured Forwarding 31 service(26)
af32 Specify Assured Forwarding 32 service(28)
af33 Specify Assured Forwarding 33 service(30)
af41 Specify Assured Forwarding 41 service(34)
af42 Specify Assured Forwarding 42 service(36)
af43 Specify Assured Forwarding 43 service(38)
be Specify Best Effort service(0)
cs1 Specify Class Selector 1 service(8)
cs2 Specify Class Selector 2 service(16)
cs3 Specify Class Selector 3 service(24)
cs4 Specify Class Selector 4 service(32)
cs5 Specify Class Selector 5 service(40)
cs6 Specify Class Selector 6 service(48)
cs7 Specify Class Selector 7 service(56)
ef Specify Expedited Forwarding service(46)
"
SYNTAX Integer32 (0..63|255)
-- TCP Flags
TCPFlag ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Type of TCP.
invalid(0)
tcpack(1) TCP protocol ACK Packet
tcpfin(2) TCP protocol PIN Packet
tcppsh(3) TCP protocol PUSH Packet
tcprst(4) TCP protocol RST Packet
tcpsyn(5) TCP protocol SYN Packet
tcpurg(6) TCP protocol URG Packet
Default value is 'invalid'.
"
SYNTAX INTEGER
{
invalid(0),
tcpack(1),
tcpfin(2),
tcppsh(3),
tcprst(4),
tcpsyn(5),
tcpurg(6)
}
-- Fragment Flags
FragmentFlag ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Type of fragment.
invalid(0)
fragment(1) Frag-Type Fragment
fragmentSubseq(2) Frag-Type Fragment-subsequent
nonFragment(3) Frag-Type non-Fragment
nonSubseq(4) Frag-Type non-subsequent
Default value is 'invalid'.
"
SYNTAX INTEGER
{
invalid(0),
fragment(1),
fragmentSubseq(2),
nonFragment(3),
nonSubseq(4)
}
-- Address Flags
AddressFlag ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Address flag to select IPv6 Address.
Default value is 'invalid'.
t64SrcAddrPre64DestAddrPre(1):
The mean of the enumeration 't64SrcAddrPre64DestAddrPre' is
that system gets the 64 bits prefix of source address and
the 64 bits prefix of destination address.
t64SrcAddrPre64DestAddrSuf(2):
The mean of the enumeration 't64SrcAddrPre64DestAddrSuf' is
that system gets the 64 bits prefix of source address and
the 64 bits suffix of destination address.
t64SrcAddrSuf64DestAddrPre(3):
The mean of the enumeration 't64SrcAddrSuf64DestAddrPre' is
that system gets the 64 bits suffix of source address and
the 64 bits prefix of destination address.
t64SrcAddrSuf64DestAddrSuf(4):
The mean of the enumeration 't64SrcAddrSuf64DestAddrSuf' is
that system gets the 64 bits suffix of source address and
the 64 bits suffix of destination address.
t128SourceAddress(5):
The mean of the enumeration 't128SourceAddress' is that
system gets the 128 bits of source address.
t128DestinationAddress(6):
The mean of the enumeration 't128SourceAddress' is that
system gets the 128 bits of destination address.
"
SYNTAX INTEGER
{
invalid(0),
t64SrcAddrPre64DestAddrPre(1),
t64SrcAddrPre64DestAddrSuf(2),
t64SrcAddrSuf64DestAddrPre(3),
t64SrcAddrSuf64DestAddrSuf(4),
t128SourceAddress(5),
t128DestinationAddress(6)
}
-- Direction type
DirectionType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The direction: inbound or outbound."
SYNTAX INTEGER
{
inbound(1),
outbound(2)
}
--
-- nodes defined
--
hh3cAclMibObjects OBJECT IDENTIFIER ::= { hh3cAcl 1 }
hh3cAclMode OBJECT-TYPE
SYNTAX INTEGER
{
linkBased(1),
ipBased(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Access-list mode."
DEFVAL { ipBased }
::= { hh3cAclMibObjects 1 }
--
-- Node of hh3cAclNumGroupTable
--
hh3cAclNumGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the match-order of number-acl group."
::= { hh3cAclMibObjects 2 }
hh3cAclNumGroupEntry OBJECT-TYPE
SYNTAX Hh3cAclNumGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Define the index of hh3cAclNumGroupTable."
INDEX { hh3cAclNumGroupAclNum }
::= { hh3cAclNumGroupTable 1 }
Hh3cAclNumGroupEntry ::=
SEQUENCE
{
hh3cAclNumGroupAclNum
Integer32,
hh3cAclNumGroupMatchOrder
INTEGER,
hh3cAclNumGroupSubitemNum
Integer32,
hh3cAclNumGroupDescription
OCTET STRING,
hh3cAclNumGroupCountClear
INTEGER,
hh3cAclNumGroupRowStatus
RowStatus
}
hh3cAclNumGroupAclNum OBJECT-TYPE
SYNTAX Integer32 (1000..5999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of number-acl group
Interface type:1000..1999
Basic type:2000..2999
Advance type:3000..3999
Link type:4000..4999
User type:5000..5999"
::= { hh3cAclNumGroupEntry 1 }
hh3cAclNumGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The match-order of number-acl group."
DEFVAL { config }
::= { hh3cAclNumGroupEntry 2 }
hh3cAclNumGroupSubitemNum OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of number-acl group's node."
::= { hh3cAclNumGroupEntry 3 }
hh3cAclNumGroupDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The description of this acl group."
::= { hh3cAclNumGroupEntry 4 }
hh3cAclNumGroupCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
nouse(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Reset the value of rules' counter, which belong to this group."
::= { hh3cAclNumGroupEntry 5 }
hh3cAclNumGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclNumGroupEntry 6 }
--
-- Node of hh3cAclNameGroupTable
--
hh3cAclNameGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNameGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Create acl-group that identified by name."
::= { hh3cAclMibObjects 3 }
hh3cAclNameGroupEntry OBJECT-TYPE
SYNTAX Hh3cAclNameGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Define the index of hh3cAclNameGroupTable."
INDEX { hh3cAclNameGroupIndex }
::= { hh3cAclNameGroupTable 1 }
Hh3cAclNameGroupEntry ::=
SEQUENCE {
hh3cAclNameGroupIndex
Integer32,
hh3cAclNameGroupCreateName
OCTET STRING,
hh3cAclNameGroupTypes
INTEGER,
hh3cAclNameGroupMatchOrder
INTEGER,
hh3cAclNameGroupSubitemNum
Integer32,
hh3cAclNameGroupRowStatus
RowStatus
}
hh3cAclNameGroupIndex OBJECT-TYPE
SYNTAX Integer32 (10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of name-acl group."
::= { hh3cAclNameGroupEntry 1 }
hh3cAclNameGroupCreateName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The name of name-acl group."
::= { hh3cAclNameGroupEntry 2 }
hh3cAclNameGroupTypes OBJECT-TYPE
SYNTAX INTEGER
{
basic(1),
advanced(2),
ifBased(3),
link(4),
user(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of name-acl group."
::= { hh3cAclNameGroupEntry 3 }
hh3cAclNameGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The match-order of name-acl group."
DEFVAL { config }
::= { hh3cAclNameGroupEntry 4 }
hh3cAclNameGroupSubitemNum OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of name-acl group's node."
::= { hh3cAclNameGroupEntry 5 }
hh3cAclNameGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclNameGroupEntry 6 }
--
-- hh3cAclBasicRuleTable
--
hh3cAclBasicRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclBasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for basic acl group."
::= { hh3cAclMibObjects 4 }
hh3cAclBasicRuleEntry OBJECT-TYPE
SYNTAX Hh3cAclBasicRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Define the index of hh3cAclBasicRuleTable."
INDEX { hh3cAclBasicAclNum, hh3cAclBasicSubitem }
::= { hh3cAclBasicRuleTable 1 }
Hh3cAclBasicRuleEntry ::=
SEQUENCE {
hh3cAclBasicAclNum
Integer32,
hh3cAclBasicSubitem
Integer32,
hh3cAclBasicAct
INTEGER,
hh3cAclBasicSrcIp
IpAddress,
hh3cAclBasicSrcWild
IpAddress,
hh3cAclBasicTimeRangeName
OCTET STRING,
hh3cAclBasicFragments
TruthValue,
hh3cAclBasicLog
TruthValue,
hh3cAclBasicEnable
TruthValue,
hh3cAclBasicCount
Counter32,
hh3cAclBasicCountClear
INTEGER,
hh3cAclBasicRowStatus
RowStatus
}
hh3cAclBasicAclNum OBJECT-TYPE
SYNTAX Integer32 (0|2000..2999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of basic acl group."
::= { hh3cAclBasicRuleEntry 1 }
hh3cAclBasicSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subindex of basic acl group."
::= { hh3cAclBasicRuleEntry 2 }
hh3cAclBasicAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of basic acl rule."
::= { hh3cAclBasicRuleEntry 3 }
hh3cAclBasicSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address of basic acl rule."
::= { hh3cAclBasicRuleEntry 4 }
hh3cAclBasicSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address wild of basic acl rule."
::= { hh3cAclBasicRuleEntry 5 }
hh3cAclBasicTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of basic acl rule."
::= { hh3cAclBasicRuleEntry 6 }
hh3cAclBasicFragments OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packet."
::= { hh3cAclBasicRuleEntry 7 }
hh3cAclBasicLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of log."
::= { hh3cAclBasicRuleEntry 8 }
hh3cAclBasicEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
::= { hh3cAclBasicRuleEntry 9 }
hh3cAclBasicCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by basic rule."
::= { hh3cAclBasicRuleEntry 10 }
hh3cAclBasicCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
nouse(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Reset the value of counter."
::= { hh3cAclBasicRuleEntry 11 }
hh3cAclBasicRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclBasicRuleEntry 12 }
--
-- hh3cAclAdvancedRuleTable
--
hh3cAclAdvancedRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclAdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for advanced acl group."
::= { hh3cAclMibObjects 5 }
hh3cAclAdvancedRuleEntry OBJECT-TYPE
SYNTAX Hh3cAclAdvancedRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Define the index of hh3cAclAdvancedRuleTable."
INDEX { hh3cAclAdvancedAclNum, hh3cAclAdvancedSubitem }
::= { hh3cAclAdvancedRuleTable 1 }
Hh3cAclAdvancedRuleEntry ::=
SEQUENCE {
hh3cAclAdvancedAclNum
Integer32,
hh3cAclAdvancedSubitem
Integer32,
hh3cAclAdvancedAct
INTEGER,
hh3cAclAdvancedProtocol
Integer32,
hh3cAclAdvancedSrcIp
IpAddress,
hh3cAclAdvancedSrcWild
IpAddress,
hh3cAclAdvancedSrcOp
INTEGER,
hh3cAclAdvancedSrcPort1
Integer32,
hh3cAclAdvancedSrcPort2
Integer32,
hh3cAclAdvancedDestIp
IpAddress,
hh3cAclAdvancedDestWild
IpAddress,
hh3cAclAdvancedDestOp
INTEGER,
hh3cAclAdvancedDestPort1
Integer32,
hh3cAclAdvancedDestPort2
Integer32,
hh3cAclAdvancedPrecedence
Integer32,
hh3cAclAdvancedTos
Integer32,
hh3cAclAdvancedDscp
Integer32,
hh3cAclAdvancedEstablish
TruthValue,
hh3cAclAdvancedTimeRangeName
OCTET STRING,
hh3cAclAdvancedIcmpType
Integer32,
hh3cAclAdvancedIcmpCode
Integer32,
hh3cAclAdvancedFragments
TruthValue,
hh3cAclAdvancedLog
TruthValue,
hh3cAclAdvancedEnable
TruthValue,
hh3cAclAdvancedCount
Counter32,
hh3cAclAdvancedCountClear
INTEGER,
hh3cAclAdvancedRowStatus
RowStatus
}
hh3cAclAdvancedAclNum OBJECT-TYPE
SYNTAX Integer32 (0|3000..3999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 1 }
hh3cAclAdvancedSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subindex of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 2 }
hh3cAclAdvancedAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of Advance acl rule."
::= { hh3cAclAdvancedRuleEntry 3 }
hh3cAclAdvancedProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol-type of advanced acl group.
<1-255> Protocol number
gre GRE tunneling(47)
icmp Internet Control Message Protocol(1)
igmp Internet Group Management Protocol(2)
ip Any IP protocol
ipinip IP in IP tunneling(4)
ospf OSPF routing protocol(89)
tcp Transmission Control Protocol (6)
udp User Datagram Protocol (17)"
::= { hh3cAclAdvancedRuleEntry 4 }
hh3cAclAdvancedSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 5 }
hh3cAclAdvancedSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address wild of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 6 }
hh3cAclAdvancedSrcOp OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
lt(1),
eq(2),
gt(3),
neq(4),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The source IP-address's operator of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 7 }
hh3cAclAdvancedSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port1."
::= { hh3cAclAdvancedRuleEntry 8 }
hh3cAclAdvancedSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port2."
::= { hh3cAclAdvancedRuleEntry 9 }
hh3cAclAdvancedDestIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IP-address of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 10 }
hh3cAclAdvancedDestWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IP-address wild of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 11 }
hh3cAclAdvancedDestOp OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
lt(1),
eq(2),
gt(3),
neq(4),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The destination IP-address's operator of advanced acl group."
::= { hh3cAclAdvancedRuleEntry 12 }
hh3cAclAdvancedDestPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port1."
::= { hh3cAclAdvancedRuleEntry 13 }
hh3cAclAdvancedDestPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port2."
::= { hh3cAclAdvancedRuleEntry 14 }
hh3cAclAdvancedPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's precedence.
<0-7> Value of precedence
routine Specify routine precedence(0)
priority Specify priority precedence(1)
immediate Specify immediate precedence(2)
flash Specify flash precedence(3)
flash-override Specify flash-override precedence(4)
critical Specify critical precedence(5)
internet Specify internetwork control precedence(6)
network Specify network control precedence(7) "
::= { hh3cAclAdvancedRuleEntry 15 }
hh3cAclAdvancedTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's TOS.
<0-15> Value of TOS(type of service)
max-reliability Match packets with max reliable TOS(2)
max-throughput Match packets with max throughput TOS(4)
min-delay Match packets with min delay TOS(8)
min-monetary-cost Match packets with min monetary cost TOS(1)
normal Match packets with normal TOS(0) "
::= { hh3cAclAdvancedRuleEntry 16 }
hh3cAclAdvancedDscp OBJECT-TYPE
SYNTAX Integer32 (0..63|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of DSCP.
<0-63> Value of DSCP
af11 Specify Assured Forwarding 11 service(10)
af12 Specify Assured Forwarding 12 service(12)
af13 Specify Assured Forwarding 13 service(14)
af21 Specify Assured Forwarding 21 service(18)
af22 Specify Assured Forwarding 22 service(20)
af23 Specify Assured Forwarding 23 service(22)
af31 Specify Assured Forwarding 31 service(26)
af32 Specify Assured Forwarding 32 service(28)
af33 Specify Assured Forwarding 33 service(30)
af41 Specify Assured Forwarding 41 service(34)
af42 Specify Assured Forwarding 42 service(36)
af43 Specify Assured Forwarding 43 service(38)
be Specify Best Effort service(0)
cs1 Specify Class Selector 1 service(8)
cs2 Specify Class Selector 2 service(16)
cs3 Specify Class Selector 3 service(24)
cs4 Specify Class Selector 4 service(32)
cs5 Specify Class Selector 5 service(40)
cs6 Specify Class Selector 6 service(48)
cs7 Specify Class Selector 7 service(56)
ef Specify Expedited Forwarding service(46)"
::= { hh3cAclAdvancedRuleEntry 17 }
hh3cAclAdvancedEstablish OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Establish flag."
DEFVAL { false }
::= { hh3cAclAdvancedRuleEntry 18 }
hh3cAclAdvancedTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of advanced acl rule."
::= { hh3cAclAdvancedRuleEntry 19 }
hh3cAclAdvancedIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of ICMP packet.
Integer32 ICMP type
echo Type=8, Code=0
echo-reply Type=0, Code=0
fragmentneed-DFset Type=3, Code=4
host-redirect Type=5, Code=1
host-tos-redirect Type=5, Code=3
host-unreachable Type=3, Code=1
information-reply Type=16, Code=0
information-request Type=15, Code=0
net-redirect Type=5, Code=0
net-tos-redirect Type=5, Code=2
net-unreachable Type=3, Code=0
parameter-problem Type=12, Code=0
port-unreachable Type=3, Code=3
protocol-unreachable Type=3, Code=2
reassembly-timeout Type=11, Code=1
source-quench Type=4, Code=0
source-route-failed Type=3, Code=5
timestamp-reply Type=14, Code=0
timestamp-request Type=13, Code=0
ttl-exceeded Type=11, Code=0 "
::= { hh3cAclAdvancedRuleEntry 20 }
hh3cAclAdvancedIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The code of ICMP packet."
::= { hh3cAclAdvancedRuleEntry 21 }
hh3cAclAdvancedFragments OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packet."
::= { hh3cAclAdvancedRuleEntry 22 }
hh3cAclAdvancedLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of log."
::= { hh3cAclAdvancedRuleEntry 23 }
hh3cAclAdvancedEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
::= { hh3cAclAdvancedRuleEntry 24 }
hh3cAclAdvancedCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by advanced rule."
::= { hh3cAclAdvancedRuleEntry 25 }
hh3cAclAdvancedCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
nouse(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Reset the value of counter."
::= { hh3cAclAdvancedRuleEntry 26 }
hh3cAclAdvancedRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclAdvancedRuleEntry 27 }
--
-- hh3cAclIfRuleTable
--
hh3cAclIfRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for interface-based acl group."
::= { hh3cAclMibObjects 6 }
hh3cAclIfRuleEntry OBJECT-TYPE
SYNTAX Hh3cAclIfRuleEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Define the index of hh3cAclIfRuleTable."
INDEX { hh3cAclIfAclNum, hh3cAclIfSubitem }
::= { hh3cAclIfRuleTable 1 }
Hh3cAclIfRuleEntry ::=
SEQUENCE {
hh3cAclIfAclNum
Integer32,
hh3cAclIfSubitem
Integer32,
hh3cAclIfAct
INTEGER,
hh3cAclIfIndex
Integer32,
hh3cAclIfAny
TruthValue,
hh3cAclIfTimeRangeName
OCTET STRING,
hh3cAclIfLog
TruthValue,
hh3cAclIfEnable
TruthValue,
hh3cAclIfCount
Counter32,
hh3cAclIfCountClear
INTEGER,
hh3cAclIfRowStatus
RowStatus
}
hh3cAclIfAclNum OBJECT-TYPE
SYNTAX Integer32 (0|1000..1999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of interface-based acl group."
::= { hh3cAclIfRuleEntry 1 }
hh3cAclIfSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subindex of interface-based acl group."
::= { hh3cAclIfRuleEntry 2 }
hh3cAclIfAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of interface-based acl group."
::= { hh3cAclIfRuleEntry 3 }
hh3cAclIfIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The index of interface."
::= { hh3cAclIfRuleEntry 4 }
hh3cAclIfAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any interface."
::= { hh3cAclIfRuleEntry 5 }
hh3cAclIfTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of interface-based acl rule."
::= { hh3cAclIfRuleEntry 6 }
hh3cAclIfLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of log."
::= { hh3cAclIfRuleEntry 7 }
hh3cAclIfEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
::= { hh3cAclIfRuleEntry 8 }
hh3cAclIfCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by basic rule."
::= { hh3cAclIfRuleEntry 9 }
hh3cAclIfCountClear OBJECT-TYPE
SYNTAX INTEGER
{
cleared(1),
nouse(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Reset the value of the rule's counter."
::= { hh3cAclIfRuleEntry 10 }
hh3cAclIfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclIfRuleEntry 11 }
--
-- hh3cAclLinkTable
--
hh3cAclLinkTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclLinkEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Create link acl."
::= { hh3cAclMibObjects 7 }
hh3cAclLinkEntry OBJECT-TYPE
SYNTAX Hh3cAclLinkEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry of the link acl table."
INDEX { hh3cAclLinkAclNum, hh3cAclLinkSubitem }
::= { hh3cAclLinkTable 1 }
Hh3cAclLinkEntry ::=
SEQUENCE {
hh3cAclLinkAclNum
Integer32,
hh3cAclLinkSubitem
Integer32,
hh3cAclLinkAct
INTEGER,
hh3cAclLinkProtocol
INTEGER,
hh3cAclLinkFormatType
INTEGER,
hh3cAclLinkVlanTag
INTEGER,
hh3cAclLinkVlanPri
Integer32,
hh3cAclLinkSrcVlanId
Integer32,
hh3cAclLinkSrcMac
MacAddress,
hh3cAclLinkSrcMacWild
MacAddress,
hh3cAclLinkSrcIfIndex
Integer32,
hh3cAclLinkSrcAny
TruthValue,
hh3cAclLinkDestVlanId
Integer32,
hh3cAclLinkDestMac
MacAddress,
hh3cAclLinkDestMacWild
MacAddress,
hh3cAclLinkDestIfIndex
Integer32,
hh3cAclLinkDestAny
TruthValue,
hh3cAclLinkTimeRangeName
OCTET STRING,
hh3cAclLinkEnable
TruthValue,
hh3cAclLinkRowStatus
RowStatus,
hh3cAclLinkTypeCode
OCTET STRING,
hh3cAclLinkTypeMask
OCTET STRING,
hh3cAclLinkLsapCode
OCTET STRING,
hh3cAclLinkLsapMask
OCTET STRING,
hh3cAclLinkL2LabelRangeOp
INTEGER,
hh3cAclLinkL2LabelRangeBegin
Integer32,
hh3cAclLinkL2LabelRangeEnd
Integer32,
hh3cAclLinkMplsExp
Integer32
}
hh3cAclLinkAclNum OBJECT-TYPE
SYNTAX Integer32 (0|4000..4999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of link-based acl group."
::= { hh3cAclLinkEntry 1 }
hh3cAclLinkSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subindex of link-based acl group."
::= { hh3cAclLinkEntry 2 }
hh3cAclLinkAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of link-based acl group."
::= { hh3cAclLinkEntry 3 }
hh3cAclLinkProtocol OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
ip(2048),
arp(2054),
rarp(32821),
mpls(34887),
pppoeControl(34915),
pppoeData(34916)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The layer 2 protocol-type of link acl rule."
DEFVAL { invalid }
::= { hh3cAclLinkEntry 4 }
hh3cAclLinkFormatType OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
ethernetII(1),
snap(2),
ieee802Dot3And2(3),
ieee802Dot3(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Format type of link acl rule."
::= { hh3cAclLinkEntry 5 }
hh3cAclLinkVlanTag OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
tagged(1),
untagged(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of vlan tag of link acl rule."
::= { hh3cAclLinkEntry 6 }
hh3cAclLinkVlanPri OBJECT-TYPE
SYNTAX Integer32 (0..7 | 255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Vlan priority of link acl rule."
::= { hh3cAclLinkEntry 7 }
hh3cAclLinkSrcVlanId OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source vlan ID of link acl rule."
::= { hh3cAclLinkEntry 8 }
hh3cAclLinkSrcMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source mac of link acl rule."
::= { hh3cAclLinkEntry 9 }
hh3cAclLinkSrcMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source mac wildzard of link acl rule."
::= { hh3cAclLinkEntry 10 }
hh3cAclLinkSrcIfIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IfIndex of link acl rule."
::= { hh3cAclLinkEntry 11 }
hh3cAclLinkSrcAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any source."
::= { hh3cAclLinkEntry 12 }
hh3cAclLinkDestVlanId OBJECT-TYPE
SYNTAX Integer32 (0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination vlan ID of link acl rule."
::= { hh3cAclLinkEntry 13 }
hh3cAclLinkDestMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination mac of link acl rule."
::= { hh3cAclLinkEntry 14 }
hh3cAclLinkDestMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination mac wildzard of link acl rule."
::= { hh3cAclLinkEntry 15 }
hh3cAclLinkDestIfIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IfIndex of link acl rule."
::= { hh3cAclLinkEntry 16 }
hh3cAclLinkDestAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any destination."
::= { hh3cAclLinkEntry 17 }
hh3cAclLinkTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of link-based acl rule."
::= { hh3cAclLinkEntry 18 }
hh3cAclLinkEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
::= { hh3cAclLinkEntry 19 }
hh3cAclLinkRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclLinkEntry 20 }
hh3cAclLinkTypeCode OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE(0..32) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of layer 2 protocol.0x0000...0xffff."
::= { hh3cAclLinkEntry 21 }
hh3cAclLinkTypeMask OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE(0..32) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of layer 2 protocol.0x0000...0xffff."
::= { hh3cAclLinkEntry 22 }
hh3cAclLinkLsapCode OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of LSAP.0x0000...0xffff."
::= { hh3cAclLinkEntry 23 }
hh3cAclLinkLsapMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of LSAP.0x0000...0xffff."
::= { hh3cAclLinkEntry 24 }
hh3cAclLinkL2LabelRangeOp OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
lt(1),
eq(2),
gt(3),
neq(4),
range(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Operation symbol of the MPLS label.
If the symbol is range(5), the objects hh3cAclLinkL2LabelRangeBegin and
hh3cAclLinkL2LabelRangeEnd should have different values indicating a range.
Otherwise, only hh3cAclLinkL2LabelRangeBegin counts,
object hh3cAclLinkL2LabelRangeEnd is ignored.
invalid(0) -- unavailable
lt(1) -- less than
eq(2) -- equal
gt(3) -- great than
neq(4) -- not equal
range(5) -- a range with two ends included
"
::= { hh3cAclLinkEntry 25 }
hh3cAclLinkL2LabelRangeBegin OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The beginning of VPLS VC label."
::= { hh3cAclLinkEntry 26 }
hh3cAclLinkL2LabelRangeEnd OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The end of VPLS VC label."
::= { hh3cAclLinkEntry 27 }
hh3cAclLinkMplsExp OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of MPLS-packet's Exp."
::= { hh3cAclLinkEntry 28 }
--
-- hh3cAclUserTable
--
hh3cAclUserTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Create user acl."
::= { hh3cAclMibObjects 8 }
hh3cAclUserEntry OBJECT-TYPE
SYNTAX Hh3cAclUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry of user acl table."
INDEX { hh3cAclUserAclNum, hh3cAclUserSubitem }
::= { hh3cAclUserTable 1 }
Hh3cAclUserEntry ::=
SEQUENCE {
hh3cAclUserAclNum
Integer32,
hh3cAclUserSubitem
Integer32,
hh3cAclUserAct
INTEGER,
hh3cAclUserFormatType
INTEGER,
hh3cAclUserVlanTag
INTEGER,
hh3cAclUserRuleStr
OCTET STRING,
hh3cAclUserRuleMask
OCTET STRING,
hh3cAclUserTimeRangeName
OCTET STRING,
hh3cAclUserEnable
TruthValue,
hh3cAclUserRowStatus
RowStatus
}
hh3cAclUserAclNum OBJECT-TYPE
SYNTAX Integer32 (0|5000..5999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The number of the user acl."
::= { hh3cAclUserEntry 1 }
hh3cAclUserSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subitem of the user acl."
::= { hh3cAclUserEntry 2 }
hh3cAclUserAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of the user acl."
::= { hh3cAclUserEntry 3 }
hh3cAclUserFormatType OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
ethernetII(1),
snap(2),
ieee802Dot2And3(3),
ieee802Dot4(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Format type."
DEFVAL { invalid }
::= { hh3cAclUserEntry 4 }
hh3cAclUserVlanTag OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
tagged(1),
untagged(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Vlan tag exits or not."
DEFVAL { invalid }
::= { hh3cAclUserEntry 5 }
hh3cAclUserRuleStr OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..80))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Rule string."
::= { hh3cAclUserEntry 6 }
hh3cAclUserRuleMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..80))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Rule mask."
::= { hh3cAclUserEntry 7 }
hh3cAclUserTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of the user defined acl."
::= { hh3cAclUserEntry 8 }
hh3cAclUserEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
::= { hh3cAclUserEntry 9 }
hh3cAclUserRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclUserEntry 10 }
--
-- hh3cAclActiveTable
--
hh3cAclActiveTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclActiveEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Active acl."
::= { hh3cAclMibObjects 9 }
hh3cAclActiveEntry OBJECT-TYPE
SYNTAX Hh3cAclActiveEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry of active acl table."
INDEX { hh3cAclActiveAclIndex,
hh3cAclActiveIfIndex,
hh3cAclActiveVlanID,
hh3cAclActiveDirection
}
::= { hh3cAclActiveTable 1 }
Hh3cAclActiveEntry ::=
SEQUENCE {
hh3cAclActiveAclIndex
Integer32,
hh3cAclActiveIfIndex
Integer32,
hh3cAclActiveVlanID
Integer32,
hh3cAclActiveDirection
INTEGER,
hh3cAclActiveUserAclNum
Integer32,
hh3cAclActiveUserAclSubitem
Integer32,
hh3cAclActiveIpAclNum
Integer32,
hh3cAclActiveIpAclSubitem
Integer32,
hh3cAclActiveLinkAclNum
Integer32,
hh3cAclActiveLinkAclSubitem
Integer32,
hh3cAclActiveRuntime
TruthValue,
hh3cAclActiveRowStatus
RowStatus
}
hh3cAclActiveAclIndex OBJECT-TYPE
SYNTAX Integer32 (0|1..5999|10000..12999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Acl index."
::= { hh3cAclActiveEntry 1 }
hh3cAclActiveIfIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IfIndex."
::= { hh3cAclActiveEntry 2 }
hh3cAclActiveVlanID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The lower 16 bits is Vlan ID, the higher 16 bits,
if not zero, it describes the slot ID of the L3plus board.
"
::= { hh3cAclActiveEntry 3 }
hh3cAclActiveDirection OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
input(1),
output(2),
both(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Direction."
::= { hh3cAclActiveEntry 4 }
hh3cAclActiveUserAclNum OBJECT-TYPE
SYNTAX Integer32 (0|5000..5999|10000..12999)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The number of the user acl."
::= { hh3cAclActiveEntry 5 }
hh3cAclActiveUserAclSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The subitem of the user acl."
::= { hh3cAclActiveEntry 6 }
hh3cAclActiveIpAclNum OBJECT-TYPE
SYNTAX Integer32 (0|2000..3999|10000..12999)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The number of the IP acl."
::= { hh3cAclActiveEntry 7 }
hh3cAclActiveIpAclSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The subitem of the IP acl."
::= { hh3cAclActiveEntry 8 }
hh3cAclActiveLinkAclNum OBJECT-TYPE
SYNTAX Integer32 (0|4000..4999|10000..12999)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The num of the link acl."
::= { hh3cAclActiveEntry 9 }
hh3cAclActiveLinkAclSubitem OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The subitem of the link acl."
::= { hh3cAclActiveEntry 10 }
hh3cAclActiveRuntime OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Is run or not."
::= { hh3cAclActiveEntry 11 }
hh3cAclActiveRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
::= { hh3cAclActiveEntry 12 }
--
-- hh3cAclIDSTable
--
hh3cAclIDSTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIDSEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configure the rule for IDS."
::= { hh3cAclMibObjects 10 }
hh3cAclIDSEntry OBJECT-TYPE
SYNTAX Hh3cAclIDSEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry of acl ids table."
INDEX { IMPLIED hh3cAclIDSName}
::= { hh3cAclIDSTable 1 }
Hh3cAclIDSEntry ::=
SEQUENCE {
hh3cAclIDSName
OCTET STRING,
hh3cAclIDSSrcMac
MacAddress,
hh3cAclIDSDestMac
MacAddress,
hh3cAclIDSSrcIp
IpAddress,
hh3cAclIDSSrcWild
IpAddress,
hh3cAclIDSDestIp
IpAddress,
hh3cAclIDSDestWild
IpAddress,
hh3cAclIDSSrcPort
Integer32,
hh3cAclIDSDestPort
Integer32,
hh3cAclIDSProtocol
Integer32,
hh3cAclIDSDenyTime
Unsigned32,
hh3cAclIDSAct
INTEGER,
hh3cAclIDSRowStatus
RowStatus
}
hh3cAclIDSName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The name index of the IDS table."
::= { hh3cAclIDSEntry 1 }
hh3cAclIDSSrcMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source mac of IDS acl rule."
::= { hh3cAclIDSEntry 2 }
hh3cAclIDSDestMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination mac of IDS acl rule."
::= { hh3cAclIDSEntry 3 }
hh3cAclIDSSrcIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address of IDS acl rule."
::= { hh3cAclIDSEntry 4 }
hh3cAclIDSSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IP-address wild of IDS acl rule."
::= { hh3cAclIDSEntry 5 }
hh3cAclIDSDestIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IP-address of IDS acl rule."
::= { hh3cAclIDSEntry 6 }
hh3cAclIDSDestWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IP-address wild of IDS acl rule."
::= { hh3cAclIDSEntry 7 }
hh3cAclIDSSrcPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port."
::= { hh3cAclIDSEntry 8 }
hh3cAclIDSDestPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port."
::= { hh3cAclIDSEntry 9 }
hh3cAclIDSProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol-type of advanced acl group.
<1-255> Protocol number
gre GRE tunneling(47)
icmp Internet Control Message Protocol(1)
igmp Internet Group Management Protocol(2)
ip Any IP protocol
ipinip IP in IP tunneling(4)
ospf OSPF routing protocol(89)
tcp Transmission Control Protocol (6)
udp User Datagram Protocol (17)
"
::= { hh3cAclIDSEntry 10 }
hh3cAclIDSDenyTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum number of seconds which deny for this acl rule."
DEFVAL { 0 }
::= { hh3cAclIDSEntry 11 }
hh3cAclIDSAct OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of IDS acl rule."
::= { hh3cAclIDSEntry 12 }
hh3cAclIDSRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus, now supports three states: CreateAndGo, Active, and Destroy."
::= { hh3cAclIDSEntry 13 }
--
-- Nodes of hh3cAclMib2Objects
--
hh3cAclMib2Objects OBJECT IDENTIFIER ::= { hh3cAcl 2 }
--
-- Nodes of hh3cAclMib2GlobalGroup
--
hh3cAclMib2GlobalGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 1 }
hh3cAclMib2NodesGroup OBJECT IDENTIFIER ::= { hh3cAclMib2GlobalGroup 1 }
hh3cAclMib2Mode OBJECT-TYPE
SYNTAX INTEGER
{
linkBased(1),
ipBased(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The applying mode of ACL."
::= { hh3cAclMib2NodesGroup 1 }
hh3cAclMib2Version OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The version of this file.
The output value has the format of 'xx'or 'xxx'.
For example: 10 means 1.0; 125 means 12.5.
"
::= { hh3cAclMib2NodesGroup 2 }
hh3cAclMib2ObjectsCapabilities OBJECT-TYPE
SYNTAX BITS
{
hh3cAclMib2Mode(0),
hh3cAclVersion(1),
hh3cAclMib2ObjectsCapabilities(2),
hh3cAclMib2CapabilityTable(3),
hh3cAclNumberGroupTable(4),
hh3cAclIPAclBasicTable(5),
hh3cAclIPAclAdvancedTable(6),
hh3cAclMACTable(7),
hh3cAclEnUserTable(8),
hh3cAclMib2ProcessingStatus(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The objects of hh3cAclMib2Objects."
::= { hh3cAclMib2NodesGroup 3 }
hh3cAclMib2ProcessingStatus OBJECT-TYPE
SYNTAX INTEGER
{
processing(1),
done(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The processing status of ACL operation."
::= { hh3cAclMib2NodesGroup 4 }
hh3cAclMib2ResourceThreshold OBJECT-TYPE
SYNTAX Integer32 (0..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The threshold of TCAM resources.
The value 0 indicates that cancelling the TCAM resource notification function."
::= { hh3cAclMib2NodesGroup 5 }
hh3cAclMib2ResourceLogInterval OBJECT-TYPE
SYNTAX Integer32 (1..60)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of interval. It must be in the range of 1 to 60.
Default value is 5."
::= { hh3cAclMib2NodesGroup 6 }
hh3cAclMib2CapabilityTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclMib2CapabilityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The capability of mib2."
::= { hh3cAclMib2GlobalGroup 2 }
hh3cAclMib2CapabilityEntry OBJECT-TYPE
SYNTAX Hh3cAclMib2CapabilityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information of Capability of mib2."
INDEX { hh3cAclMib2EntityType,
hh3cAclMib2EntityIndex,
hh3cAclMib2ModuleIndex,
hh3cAclMib2CharacteristicsIndex
}
::= { hh3cAclMib2CapabilityTable 1 }
Hh3cAclMib2CapabilityEntry ::=
SEQUENCE
{
hh3cAclMib2EntityType
INTEGER,
hh3cAclMib2EntityIndex
Integer32,
hh3cAclMib2ModuleIndex
INTEGER,
hh3cAclMib2CharacteristicsIndex
Integer32,
hh3cAclMib2CharacteristicsDesc
OCTET STRING,
hh3cAclMib2CharacteristicsValue
Unsigned32
}
hh3cAclMib2EntityType OBJECT-TYPE
SYNTAX INTEGER
{
system(1),
interface(2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of entity.
system: The entity is systemic level.
interface: The entity is interface level.
"
::= { hh3cAclMib2CapabilityEntry 1 }
hh3cAclMib2EntityIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of entity.
If hh3cAclMib2EntityType is system, the value of this object is 0.
If hh3cAclMib2EntityType is interface,
the value of this object is equal to 'ifIndex'.
"
::= { hh3cAclMib2CapabilityEntry 2 }
hh3cAclMib2ModuleIndex OBJECT-TYPE
SYNTAX INTEGER
{
layer3(1),
layer2(2),
userDefined(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The module index of ACL."
::= { hh3cAclMib2CapabilityEntry 3 }
hh3cAclMib2CharacteristicsIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The characteristics index of mib2.
See DESCRIPTION of hh3cAclMib2CharacteristicsValue
to get detail information about the value of this object.
"
::= { hh3cAclMib2CapabilityEntry 4 }
hh3cAclMib2CharacteristicsDesc OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The description of characteristics."
::= { hh3cAclMib2CapabilityEntry 5 }
hh3cAclMib2CharacteristicsValue OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of capability of this object.
TypeOfRuleStringValue : notSupport(0) and the length of
RuleString.
TypeOfCodeValue : OnlyOneNotSupport(0),
MoreThanOneNotSupport(1)
If hh3cAclMib2CharacteristicsValue is 'moreThanOneNotSupport',
hh3cAclMib2CharacteristicsDesc must be used to depict which
protocols are not supported. The output value of
hh3cAclMib2CharacteristicsDesc has the format of 'a,b'.
For example, 'ip,rarp'.
layer3 Module:
Index Characteristics value
1 SourceIPAddress notSupport(0)
2 DestinationIPAddress notSupport(0)
3 SourcePort notSupport(0)
4 DestinationPort notSupport(0)
5 IPPrecedence notSupport(0)
6 TOS notSupport(0)
7 DSCP notSupport(0)
8 TCPFlag notSupport(0)
9 FragmentFlag notSupport(0)
10 Log notSupport(0)
11 RuleMatchCounter notSupport(0)
12 ResetRuleMatchCounter notSupport(0)
13 VPN notSupport(0)
15 protocol notSupport(0)
16 AddressFlag notSupport(0)
layer2 Module:
Index Characteristics value
1 ProtocolType TypeOfCodeValue
2 SourceMAC notSupport(0)
3 DestinationMAC notSupport(0)
4 LSAPType TypeOfCodeValue
5 CoS notSupport(0)
UserDefined Module:
Index Characteristics value
1 UserDefaultOffset TypeOfRuleStringValue
2 UserL2RuleOffset TypeOfRuleStringValue
3 UserMplsOffset TypeOfRuleStringValue
4 UserIPv4Offset TypeOfRuleStringValue
5 UserIPv6Offset TypeOfRuleStringValue
6 UserL4Offset TypeOfRuleStringValue
7 UserL5Offset TypeOfRuleStringValue
"
::= { hh3cAclMib2CapabilityEntry 6 }
--
-- Nodes of number group
--
hh3cAclNumberGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNumberGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of the number acl group information."
::= { hh3cAclMib2GlobalGroup 3 }
hh3cAclNumberGroupEntry OBJECT-TYPE
SYNTAX Hh3cAclNumberGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Number acl group information entry."
INDEX { hh3cAclNumberGroupType, hh3cAclNumberGroupIndex }
::= { hh3cAclNumberGroupTable 1 }
Hh3cAclNumberGroupEntry ::=
SEQUENCE
{
hh3cAclNumberGroupType
INTEGER,
hh3cAclNumberGroupIndex
Integer32,
hh3cAclNumberGroupRowStatus
RowStatus,
hh3cAclNumberGroupMatchOrder
INTEGER,
hh3cAclNumberGroupStep
Integer32,
hh3cAclNumberGroupDescription
OCTET STRING,
hh3cAclNumberGroupCountClear
CounterClear,
hh3cAclNumberGroupRuleCounter
Counter32,
hh3cAclNumberGroupName
OCTET STRING
}
hh3cAclNumberGroupType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
mac(3),
user(4)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of number group.
Basic ACL and Advanced ACL support ipv4 and ipv6.
The range of Basic ACL is from 2000 to 2999.
The range of Advanced ACL is from 3000 to 3999.
Simple ACL supports ipv6 only.
The range of Simple ACL is from 10000 to 42767.
MAC ACL support mac only.
The range of MAC ACL is from 4000 to 4999.
User-defined ACL support user only.
The range of user-defined ACL is from 5000 to 5999.
"
::= { hh3cAclNumberGroupEntry 1 }
hh3cAclNumberGroupIndex OBJECT-TYPE
SYNTAX Integer32 (2000..5999|10000..42767)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The group index of number acl.
Basic type:2000..2999
Advanced type:3000..3999
MAC type:4000..4999
User type:5000..5999
Simple type:10000..42767
"
::= { hh3cAclNumberGroupEntry 2 }
hh3cAclNumberGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclNumberGroupEntry 3 }
hh3cAclNumberGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The match-order of number acl group."
DEFVAL { config }
::= { hh3cAclNumberGroupEntry 4 }
hh3cAclNumberGroupStep OBJECT-TYPE
SYNTAX Integer32 (1..20)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The step of rule index."
DEFVAL { 5 }
::= { hh3cAclNumberGroupEntry 5 }
hh3cAclNumberGroupDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Description of this acl group."
::= { hh3cAclNumberGroupEntry 6 }
hh3cAclNumberGroupCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counters of this group."
DEFVAL { nouse }
::= { hh3cAclNumberGroupEntry 7 }
hh3cAclNumberGroupRuleCounter OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule count of number acl group."
::= { hh3cAclNumberGroupEntry 8 }
hh3cAclNumberGroupName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..63))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of this acl group."
::= { hh3cAclNumberGroupEntry 9 }
--
-- Nodes of named ACL group
--
hh3cAclNamedGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNamedGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of the named ACL group."
::= { hh3cAclMib2GlobalGroup 4 }
hh3cAclNamedGroupEntry OBJECT-TYPE
SYNTAX Hh3cAclNamedGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Named ACL group entry."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNamedGroupCategory,
hh3cAclNamedGroupName
}
::= { hh3cAclNamedGroupTable 1 }
Hh3cAclNamedGroupEntry ::=
SEQUENCE
{
hh3cAclNamedGroupCategory
INTEGER,
hh3cAclNamedGroupName
OCTET STRING,
hh3cAclNamedGroupRowStatus
RowStatus,
hh3cAclNamedGroupMatchOrder
INTEGER,
hh3cAclNamedGroupStep
Integer32,
hh3cAclNamedGroupDescription
OCTET STRING,
hh3cAclNamedGroupCountClear
CounterClear,
hh3cAclNamedGroupRuleCounter
Counter32
}
hh3cAclNamedGroupCategory OBJECT-TYPE
SYNTAX INTEGER
{
invalid(0),
basic(1),
advanced(2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The category of number group. 1 indicates basic ACL, 2 indicates
advanced ACL."
::= { hh3cAclNamedGroupEntry 1 }
hh3cAclNamedGroupName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(1..63))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Name of an ACL group, a case-insensitive string of 1 to 63
characters. It must start with an English letter.
"
::= { hh3cAclNamedGroupEntry 2 }
hh3cAclNamedGroupRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclNamedGroupEntry 3 }
hh3cAclNamedGroupMatchOrder OBJECT-TYPE
SYNTAX INTEGER
{
config(1),
auto(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The match-order of name acl group."
DEFVAL { config }
::= { hh3cAclNamedGroupEntry 4 }
hh3cAclNamedGroupStep OBJECT-TYPE
SYNTAX Integer32 (1..20)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The numbering step of the increment of the rule index."
DEFVAL { 5 }
::= { hh3cAclNamedGroupEntry 5 }
hh3cAclNamedGroupDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Description of this ACL group."
::= { hh3cAclNamedGroupEntry 6 }
hh3cAclNamedGroupCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the statistics counter of this group."
DEFVAL { nouse }
::= { hh3cAclNamedGroupEntry 7 }
hh3cAclNamedGroupRuleCounter OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The amount of rules of this group."
::= { hh3cAclNamedGroupEntry 8 }
--
-- Node of hh3cAclIPv6Group
--
hh3cAclIPAclGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 2 }
--
-- Nodes of hh3cAclIPAclBasicTable
--
hh3cAclIPAclBasicTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIPAclBasicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of basic rule group.
If some objects of this table are not supported by some products,
these objects can't be created, changed or applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclIPAclGroup 2 }
hh3cAclIPAclBasicEntry OBJECT-TYPE
SYNTAX Hh3cAclIPAclBasicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Basic rule group information."
INDEX { hh3cAclNumberGroupType,
hh3cAclNumberGroupIndex,
hh3cAclIPAclBasicRuleIndex
}
::= { hh3cAclIPAclBasicTable 1 }
Hh3cAclIPAclBasicEntry ::=
SEQUENCE
{
hh3cAclIPAclBasicRuleIndex
Integer32,
hh3cAclIPAclBasicRowStatus
RowStatus,
hh3cAclIPAclBasicAct
RuleAction,
hh3cAclIPAclBasicSrcAddrType
InetAddressType,
hh3cAclIPAclBasicSrcAddr
InetAddress,
hh3cAclIPAclBasicSrcPrefix
InetAddressPrefixLength,
hh3cAclIPAclBasicSrcAny
TruthValue,
hh3cAclIPAclBasicSrcWild
IpAddress,
hh3cAclIPAclBasicTimeRangeName
OCTET STRING,
hh3cAclIPAclBasicFragmentFlag
FragmentFlag,
hh3cAclIPAclBasicLog
TruthValue,
hh3cAclIPAclBasicCount
Unsigned32,
hh3cAclIPAclBasicCountClear
CounterClear,
hh3cAclIPAclBasicEnable
TruthValue,
hh3cAclIPAclBasicVpnInstanceName
OCTET STRING,
hh3cAclIPAclBasicComment
OCTET STRING,
hh3cAclIPAclBasicCounting
TruthValue,
hh3cAclIPAclBasicRouteTypeAny
TruthValue,
hh3cAclIPAclBasicRouteTypeValue
Integer32
}
hh3cAclIPAclBasicRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The rule index of basic acl group."
::= { hh3cAclIPAclBasicEntry 1 }
hh3cAclIPAclBasicRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclIPAclBasicEntry 2 }
hh3cAclIPAclBasicAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of basic acl rule."
::= { hh3cAclIPAclBasicEntry 3 }
hh3cAclIPAclBasicSrcAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP addresses type of IP pool."
::= { hh3cAclIPAclBasicEntry 4 }
hh3cAclIPAclBasicSrcAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of a local IP address is available for this association.
The type of this address is determined by the value of
hh3cAclIPAclBasicSrcAddrType.
"
::= { hh3cAclIPAclBasicEntry 5 }
hh3cAclIPAclBasicSrcPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address prefix.
A value of n corresponds to an IP address mask
that has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclBasicEntry 6 }
hh3cAclIPAclBasicSrcAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any IP address."
DEFVAL { true }
::= { hh3cAclIPAclBasicEntry 7 }
hh3cAclIPAclBasicSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IPv4 address wildcard mask.
Only IPv4 Basic Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclBasicEntry 8 }
hh3cAclIPAclBasicTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of basic acl rule.
Default value is zero-length.
"
::= { hh3cAclIPAclBasicEntry 9 }
hh3cAclIPAclBasicFragmentFlag OBJECT-TYPE
SYNTAX FragmentFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packets."
DEFVAL { invalid }
::= { hh3cAclIPAclBasicEntry 10 }
hh3cAclIPAclBasicLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule."
DEFVAL { false }
::= { hh3cAclIPAclBasicEntry 11 }
hh3cAclIPAclBasicCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matches by the rule."
::= { hh3cAclIPAclBasicEntry 12 }
hh3cAclIPAclBasicCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
DEFVAL { nouse }
::= { hh3cAclIPAclBasicEntry 13 }
hh3cAclIPAclBasicEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclIPAclBasicEntry 14 }
hh3cAclIPAclBasicVpnInstanceName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The VPN name, to which the rule will be applied.
Default value is zero-length.
"
::= { hh3cAclIPAclBasicEntry 15 }
hh3cAclIPAclBasicComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclIPAclBasicEntry 16 }
hh3cAclIPAclBasicCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclIPAclBasicEntry 17 }
hh3cAclIPAclBasicRouteTypeAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any type of routing header of IPv6 packet.
"
DEFVAL { false }
::= { hh3cAclIPAclBasicEntry 18 }
hh3cAclIPAclBasicRouteTypeValue OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Match specific type of routing header of IPv6 packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclBasicEntry 19 }
--
-- Notes of hh3cAclIPAclAdvancedTable
--
hh3cAclIPAclAdvancedTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIPAclAdvancedEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of advanced and simple acl group.
If some objects of this table are not supported by some products,
these objects can't be created, changed and applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclIPAclGroup 3 }
hh3cAclIPAclAdvancedEntry OBJECT-TYPE
SYNTAX Hh3cAclIPAclAdvancedEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Advanced acl group information."
INDEX { hh3cAclNumberGroupType,
hh3cAclNumberGroupIndex,
hh3cAclIPAclAdvancedRuleIndex
}
::= { hh3cAclIPAclAdvancedTable 1 }
Hh3cAclIPAclAdvancedEntry ::=
SEQUENCE
{
hh3cAclIPAclAdvancedRuleIndex
Integer32,
hh3cAclIPAclAdvancedRowStatus
RowStatus,
hh3cAclIPAclAdvancedAct
RuleAction,
hh3cAclIPAclAdvancedProtocol
Integer32,
hh3cAclIPAclAdvancedAddrFlag
AddressFlag,
hh3cAclIPAclAdvancedSrcAddrType
InetAddressType,
hh3cAclIPAclAdvancedSrcAddr
InetAddress,
hh3cAclIPAclAdvancedSrcPrefix
InetAddressPrefixLength,
hh3cAclIPAclAdvancedSrcAny
TruthValue,
hh3cAclIPAclAdvancedSrcWild
IpAddress,
hh3cAclIPAclAdvancedSrcOp
PortOp,
hh3cAclIPAclAdvancedSrcPort1
Integer32,
hh3cAclIPAclAdvancedSrcPort2
Integer32,
hh3cAclIPAclAdvancedDestAddrType
InetAddressType,
hh3cAclIPAclAdvancedDestAddr
InetAddress,
hh3cAclIPAclAdvancedDestPrefix
InetAddressPrefixLength,
hh3cAclIPAclAdvancedDestAny
TruthValue,
hh3cAclIPAclAdvancedDestWild
IpAddress,
hh3cAclIPAclAdvancedDestOp
PortOp,
hh3cAclIPAclAdvancedDestPort1
Integer32,
hh3cAclIPAclAdvancedDestPort2
Integer32,
hh3cAclIPAclAdvancedIcmpType
Integer32,
hh3cAclIPAclAdvancedIcmpCode
Integer32,
hh3cAclIPAclAdvancedPrecedence
Integer32,
hh3cAclIPAclAdvancedTos
Integer32,
hh3cAclIPAclAdvancedDscp
DSCPValue,
hh3cAclIPAclAdvancedTimeRangeName
OCTET STRING,
hh3cAclIPAclAdvancedTCPFlag
TCPFlag,
hh3cAclIPAclAdvancedFragmentFlag
FragmentFlag,
hh3cAclIPAclAdvancedLog
TruthValue,
hh3cAclIPAclAdvancedCount
Unsigned32,
hh3cAclIPAclAdvancedCountClear
CounterClear,
hh3cAclIPAclAdvancedEnable
TruthValue,
hh3cAclIPAclAdvancedVpnInstanceName
OCTET STRING,
hh3cAclIPAclAdvancedComment
OCTET STRING,
hh3cAclIPAclAdvancedReflective
TruthValue,
hh3cAclIPAclAdvancedCounting
TruthValue,
hh3cAclIPAclAdvancedTCPFlagMask
BITS,
hh3cAclIPAclAdvancedTCPFlagValue
BITS,
hh3cAclIPAclAdvancedRouteTypeAny
TruthValue,
hh3cAclIPAclAdvancedRouteTypeValue
Integer32,
hh3cAclIPAclAdvancedFlowLabel
Unsigned32,
hh3cAclIPAclAdvancedSrcSuffix
Unsigned32,
hh3cAclIPAclAdvancedDestSuffix
Unsigned32
}
hh3cAclIPAclAdvancedRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The rule index of advanced acl group.
As a Simple ACL group, the value of this object must be 0.
As an Advanced ACL group, the value of this object is ranging
from 0 to 65534.
"
::= { hh3cAclIPAclAdvancedEntry 1 }
hh3cAclIPAclAdvancedRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclIPAclAdvancedEntry 2 }
hh3cAclIPAclAdvancedAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of advanced acl rule."
::= { hh3cAclIPAclAdvancedEntry 3 }
hh3cAclIPAclAdvancedProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol-type of advanced acl group. 0 indicates any IPv4 or
IPv6 protocol.
<1-255> Protocol number
gre GRE tunneling(47)
icmp Internet Control Message Protocol(1)
icmpv6 Internet Control Message Protocol6(58)
igmp Internet Group Management Protocol(2)
ipinip IP in IP tunneling(4)
ospf OSPF routing protocol(89)
tcp Transmission Control Protocol (6)
udp User Datagram Protocol (17)
ipv6-ah IPv6 Authentication Header(51)
ipv6-esp IPv6 Encapsulating Security Payload(50)
"
::= { hh3cAclIPAclAdvancedEntry 4 }
hh3cAclIPAclAdvancedAddrFlag OBJECT-TYPE
SYNTAX AddressFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Address flag to select address."
DEFVAL { invalid }
::= { hh3cAclIPAclAdvancedEntry 5 }
hh3cAclIPAclAdvancedSrcAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP addresses type of IP pool."
::= { hh3cAclIPAclAdvancedEntry 6 }
hh3cAclIPAclAdvancedSrcAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of a local IP address available for this association.
The type of this address is determined by the value of
hh3cAclIPAclAdvancedSrcAddrType.
"
::= { hh3cAclIPAclAdvancedEntry 7 }
hh3cAclIPAclAdvancedSrcPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address prefix.
A value of n corresponds to an IP address mask
which has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclAdvancedEntry 8 }
hh3cAclIPAclAdvancedSrcAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any IP address."
DEFVAL { true }
::= { hh3cAclIPAclAdvancedEntry 9 }
hh3cAclIPAclAdvancedSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IPv4 address wildcard mask.
Only IPv4 Advanced Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclAdvancedEntry 10 }
hh3cAclIPAclAdvancedSrcOp OBJECT-TYPE
SYNTAX PortOp
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source port operation symbol of advanced acl group."
DEFVAL { invalid }
::= { hh3cAclIPAclAdvancedEntry 11 }
hh3cAclIPAclAdvancedSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port1."
DEFVAL { 0 }
::= { hh3cAclIPAclAdvancedEntry 12 }
hh3cAclIPAclAdvancedSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port2."
DEFVAL { 65535 }
::= { hh3cAclIPAclAdvancedEntry 13 }
hh3cAclIPAclAdvancedDestAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP addresses type of IP pool."
::= { hh3cAclIPAclAdvancedEntry 14 }
hh3cAclIPAclAdvancedDestAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of a local IP address available for this association.
The type of this address is determined by the value of
hh3cAclIPAclAdvancedDestAddrType.
"
::= { hh3cAclIPAclAdvancedEntry 15 }
hh3cAclIPAclAdvancedDestPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address prefix.
A value of n corresponds to an IP address mask
which has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclAdvancedEntry 16 }
hh3cAclIPAclAdvancedDestAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any IP address."
DEFVAL { true }
::= { hh3cAclIPAclAdvancedEntry 17 }
hh3cAclIPAclAdvancedDestWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IPv4 address wildcard mask.
Only IPv4 Advanced Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclAdvancedEntry 18 }
hh3cAclIPAclAdvancedDestOp OBJECT-TYPE
SYNTAX PortOp
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination port operation symbol of advanced acl group."
DEFVAL { invalid }
::= { hh3cAclIPAclAdvancedEntry 19 }
hh3cAclIPAclAdvancedDestPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port1."
DEFVAL { 0 }
::= { hh3cAclIPAclAdvancedEntry 20 }
hh3cAclIPAclAdvancedDestPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port2."
DEFVAL { 65535 }
::= { hh3cAclIPAclAdvancedEntry 21 }
hh3cAclIPAclAdvancedIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of ICMP packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclAdvancedEntry 22 }
hh3cAclIPAclAdvancedIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The code of ICMP packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclAdvancedEntry 23 }
hh3cAclIPAclAdvancedPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's precedence.
<0-7> Value of precedence
routine Specify routine precedence(0)
priority Specify priority precedence(1)
immediate Specify immediate precedence(2)
flash Specify flash precedence(3)
flash-override Specify flash-override precedence(4)
critical Specify critical precedence(5)
internet Specify internetwork control precedence(6)
network Specify network control precedence(7)
"
DEFVAL { 255 }
::= { hh3cAclIPAclAdvancedEntry 24 }
hh3cAclIPAclAdvancedTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's TOS.
<0-15> Value of TOS(type of service)
max-reliability Match packets with max reliable TOS(2)
max-throughput Match packets with max throughput TOS(4)
min-delay Match packets with min delay TOS(8)
min-monetary-cost Match packets with min monetary cost TOS(1)
normal Match packets with normal TOS(0)
"
DEFVAL { 255 }
::= { hh3cAclIPAclAdvancedEntry 25 }
hh3cAclIPAclAdvancedDscp OBJECT-TYPE
SYNTAX DSCPValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of DSCP of IP packet."
DEFVAL { 255 }
::= { hh3cAclIPAclAdvancedEntry 26 }
hh3cAclIPAclAdvancedTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of advanced acl rule.
Default value is zero-length.
"
::= { hh3cAclIPAclAdvancedEntry 27 }
hh3cAclIPAclAdvancedTCPFlag OBJECT-TYPE
SYNTAX TCPFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet type of TCP protocol."
DEFVAL { invalid }
::= { hh3cAclIPAclAdvancedEntry 28 }
hh3cAclIPAclAdvancedFragmentFlag OBJECT-TYPE
SYNTAX FragmentFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packet,
and now support two value: 0 or 2."
DEFVAL { invalid }
::= { hh3cAclIPAclAdvancedEntry 29 }
hh3cAclIPAclAdvancedLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Log matched packets."
DEFVAL { false }
::= { hh3cAclIPAclAdvancedEntry 30 }
hh3cAclIPAclAdvancedCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by the rule."
::= { hh3cAclIPAclAdvancedEntry 31 }
hh3cAclIPAclAdvancedCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
DEFVAL { nouse }
::= { hh3cAclIPAclAdvancedEntry 32 }
hh3cAclIPAclAdvancedEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclIPAclAdvancedEntry 33 }
hh3cAclIPAclAdvancedVpnInstanceName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The VPN name that the rule will be applied.
Default value is zero-length.
"
::= { hh3cAclIPAclAdvancedEntry 34 }
hh3cAclIPAclAdvancedComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclIPAclAdvancedEntry 35 }
hh3cAclIPAclAdvancedReflective OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of reflective."
::= { hh3cAclIPAclAdvancedEntry 36 }
hh3cAclIPAclAdvancedCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclIPAclAdvancedEntry 37 }
hh3cAclIPAclAdvancedTCPFlagMask OBJECT-TYPE
SYNTAX BITS {
tcpack(0),
tcpfin(1),
tcppsh(2),
tcprst(3),
tcpsyn(4),
tcpurg(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The TCP Flag Mask. This is a bit-map of possible conditions.
The various bit positions are:
|0 |tcpack |
|1 |tcpfin |
|2 |tcppsh |
|3 |tcprst |
|4 |tcpsyn |
|5 |tcpurg |
"
DEFVAL { { } }
::= { hh3cAclIPAclAdvancedEntry 38 }
hh3cAclIPAclAdvancedTCPFlagValue OBJECT-TYPE
SYNTAX BITS {
tcpack(0),
tcpfin(1),
tcppsh(2),
tcprst(3),
tcpsyn(4),
tcpurg(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The TCP Flag Value. This is a bit-map of possible conditions.
The various bit positions are:
|0 |tcpack |
|1 |tcpfin |
|2 |tcppsh |
|3 |tcprst |
|4 |tcpsyn |
|5 |tcpurg |
"
DEFVAL { { } }
::= { hh3cAclIPAclAdvancedEntry 39 }
hh3cAclIPAclAdvancedRouteTypeAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any type of routing header of IPv6 packet.
"
DEFVAL { false }
::= { hh3cAclIPAclAdvancedEntry 40 }
hh3cAclIPAclAdvancedRouteTypeValue OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of routing header of IPv6 packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclAdvancedEntry 41 }
hh3cAclIPAclAdvancedFlowLabel OBJECT-TYPE
SYNTAX Unsigned32 (0..1048575|4294967295)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of flow label of IPv6 packet header."
DEFVAL { 4294967295 }
::= { hh3cAclIPAclAdvancedEntry 42 }
hh3cAclIPAclAdvancedSrcSuffix OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address suffix.
A value of n corresponds to an IP address mask
that has n contiguous 1-bits from the least significant bit
and all other bits set to 0.
"
::= { hh3cAclIPAclAdvancedEntry 43 }
hh3cAclIPAclAdvancedDestSuffix OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address suffix.
A value of n corresponds to an IP address mask
that has n contiguous 1-bits from the least significant bit
and all other bits set to 0.
"
::= { hh3cAclIPAclAdvancedEntry 44 }
--
--Nodes of hh3cAclIPAclNamedBscTable
--
hh3cAclIPAclNamedBscTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIPAclNamedBscEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of basic rule of named ACL.
The name of ACL group will be used as an index in this table,
which differs from the table hh3cAclIPAclBasicTable.
If some objects of this table are not supported by some
products, these objects can't be created, changed or applied.
Default value of these objects will be returned when they are
read.
"
::= { hh3cAclIPAclGroup 4 }
hh3cAclIPAclNamedBscEntry OBJECT-TYPE
SYNTAX Hh3cAclIPAclNamedBscEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Basic named ACL rule entry."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNamedGroupName,
hh3cAclIPAclBasicRuleIndex
}
::= { hh3cAclIPAclNamedBscTable 1 }
Hh3cAclIPAclNamedBscEntry ::=
SEQUENCE
{
hh3cAclIPAclNamedBscRowStatus
RowStatus,
hh3cAclIPAclNamedBscAct
RuleAction,
hh3cAclIPAclNamedBscSrcAddrType
InetAddressType,
hh3cAclIPAclNamedBscSrcAddr
InetAddress,
hh3cAclIPAclNamedBscSrcPrefix
InetAddressPrefixLength,
hh3cAclIPAclNamedBscSrcAny
TruthValue,
hh3cAclIPAclNamedBscSrcWild
IpAddress,
hh3cAclIPAclNamedBscTRangeName
OCTET STRING,
hh3cAclIPAclNamedBscFragmentFlag
FragmentFlag,
hh3cAclIPAclNamedBscLog
TruthValue,
hh3cAclIPAclNamedBscCount
Unsigned32,
hh3cAclIPAclNamedBscCountClear
CounterClear,
hh3cAclIPAclNamedBscEnable
TruthValue,
hh3cAclIPAclNamedBscVpnInstName
OCTET STRING,
hh3cAclIPAclNamedBscComment
OCTET STRING,
hh3cAclIPAclNamedBscCounting
TruthValue,
hh3cAclIPAclNamedBscRouteTypeAny
TruthValue,
hh3cAclIPAclNamedBscRouteTypeValue
Integer32
}
hh3cAclIPAclNamedBscRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclIPAclNamedBscEntry 1 }
hh3cAclIPAclNamedBscAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of basic ACL rule."
::= { hh3cAclIPAclNamedBscEntry 2 }
hh3cAclIPAclNamedBscSrcAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP addresses type of IP pool."
::= { hh3cAclIPAclNamedBscEntry 3 }
hh3cAclIPAclNamedBscSrcAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The specified source IP address.
The type of this address is determined by the value of
hh3cAclIPAclNamedBscSrcAddrType.
"
::= { hh3cAclIPAclNamedBscEntry 4 }
hh3cAclIPAclNamedBscSrcPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specify the length of a generic Internet network address
prefix. A value of n corresponds to an IP address mask that
has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclNamedBscEntry 5 }
hh3cAclIPAclNamedBscSrcAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any source IP address."
DEFVAL { true }
::= { hh3cAclIPAclNamedBscEntry 6 }
hh3cAclIPAclNamedBscSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IPv4 address wildcard mask.
Only IPv4 Basic Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclNamedBscEntry 7 }
hh3cAclIPAclNamedBscTRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of basic acl rule.
Default value is zero-length.
"
::= { hh3cAclIPAclNamedBscEntry 8 }
hh3cAclIPAclNamedBscFragmentFlag OBJECT-TYPE
SYNTAX FragmentFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packets."
DEFVAL { invalid }
::= { hh3cAclIPAclNamedBscEntry 9 }
hh3cAclIPAclNamedBscLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule."
DEFVAL { false }
::= { hh3cAclIPAclNamedBscEntry 10 }
hh3cAclIPAclNamedBscCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matches by the rule."
::= { hh3cAclIPAclNamedBscEntry 11 }
hh3cAclIPAclNamedBscCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the statistics counter of the rule."
DEFVAL { nouse }
::= { hh3cAclIPAclNamedBscEntry 12 }
hh3cAclIPAclNamedBscEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclIPAclNamedBscEntry 13 }
hh3cAclIPAclNamedBscVpnInstName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The VPN name, to which the rule will be applied.
Default value is zero-length.
"
::= { hh3cAclIPAclNamedBscEntry 14 }
hh3cAclIPAclNamedBscComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclIPAclNamedBscEntry 15 }
hh3cAclIPAclNamedBscCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclIPAclNamedBscEntry 16 }
hh3cAclIPAclNamedBscRouteTypeAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any type of routing header of IPv6 packet.
"
DEFVAL { false }
::= { hh3cAclIPAclNamedBscEntry 17 }
hh3cAclIPAclNamedBscRouteTypeValue OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Value of the routing header type of IPv6 packet,
in the range of 0 to 255.
"
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedBscEntry 18 }
--
-- Notes of hh3cAclIPAclNamedAdvTable
--
hh3cAclIPAclNamedAdvTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIPAclNamedAdvEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of advanced rule of named ACL.
The name of ACL group will be used as an index in this table,
which differs from the table hh3cAclIPAclAdvancedTable.
If some objects of this table are not supported by some
products, these objects can't be created, changed or applied.
Default value of these objects will be returned when they are
read.
"
::= { hh3cAclIPAclGroup 5 }
hh3cAclIPAclNamedAdvEntry OBJECT-TYPE
SYNTAX Hh3cAclIPAclNamedAdvEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Advanced ACL rule information entry."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNamedGroupName,
hh3cAclIPAclAdvancedRuleIndex
}
::= { hh3cAclIPAclNamedAdvTable 1 }
Hh3cAclIPAclNamedAdvEntry ::=
SEQUENCE
{
hh3cAclIPAclNamedAdvRowStatus
RowStatus,
hh3cAclIPAclNamedAdvAct
RuleAction,
hh3cAclIPAclNamedAdvProtocol
Integer32,
hh3cAclIPAclNamedAdvAddrFlag
AddressFlag,
hh3cAclIPAclNamedAdvSrcAddrType
InetAddressType,
hh3cAclIPAclNamedAdvSrcAddr
InetAddress,
hh3cAclIPAclNamedAdvSrcPrefix
InetAddressPrefixLength,
hh3cAclIPAclNamedAdvSrcAny
TruthValue,
hh3cAclIPAclNamedAdvSrcWild
IpAddress,
hh3cAclIPAclNamedAdvSrcOp
PortOp,
hh3cAclIPAclNamedAdvSrcPort1
Integer32,
hh3cAclIPAclNamedAdvSrcPort2
Integer32,
hh3cAclIPAclNamedAdvDstAddrType
InetAddressType,
hh3cAclIPAclNamedAdvDstAddr
InetAddress,
hh3cAclIPAclNamedAdvDstPrefix
InetAddressPrefixLength,
hh3cAclIPAclNamedAdvDstAny
TruthValue,
hh3cAclIPAclNamedAdvDstWild
IpAddress,
hh3cAclIPAclNamedAdvDstOp
PortOp,
hh3cAclIPAclNamedAdvDstPort1
Integer32,
hh3cAclIPAclNamedAdvDstPort2
Integer32,
hh3cAclIPAclNamedAdvIcmpType
Integer32,
hh3cAclIPAclNamedAdvIcmpCode
Integer32,
hh3cAclIPAclNamedAdvPrecedence
Integer32,
hh3cAclIPAclNamedAdvTos
Integer32,
hh3cAclIPAclNamedAdvDscp
DSCPValue,
hh3cAclIPAclNamedAdvTRangeName
OCTET STRING,
hh3cAclIPAclNamedAdvTCPFlag
TCPFlag,
hh3cAclIPAclNamedAdvFragmentFlag
FragmentFlag,
hh3cAclIPAclNamedAdvLog
TruthValue,
hh3cAclIPAclNamedAdvCount
Unsigned32,
hh3cAclIPAclNamedAdvCountClear
CounterClear,
hh3cAclIPAclNamedAdvEnable
TruthValue,
hh3cAclIPAclNamedAdvVpnInstName
OCTET STRING,
hh3cAclIPAclNamedAdvComment
OCTET STRING,
hh3cAclIPAclNamedAdvReflective
TruthValue,
hh3cAclIPAclNamedAdvCounting
TruthValue,
hh3cAclIPAclNamedAdvTCPFlagMask
BITS,
hh3cAclIPAclNamedAdvTCPFlagValue
BITS,
hh3cAclIPAclNamedAdvRouteTypeAny
TruthValue,
hh3cAclIPAclNamedAdvRouteTypeValue
Integer32,
hh3cAclIPAclNamedAdvFlowLabel
Unsigned32,
hh3cAclIPAclNamedAdvSrcSuffix
Unsigned32,
hh3cAclIPAclNamedAdvDstSuffix
Unsigned32
}
hh3cAclIPAclNamedAdvRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclIPAclNamedAdvEntry 1 }
hh3cAclIPAclNamedAdvAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of advanced ACL rule."
::= { hh3cAclIPAclNamedAdvEntry 2 }
hh3cAclIPAclNamedAdvProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol-type of advanced ACL rule. 0 indicates any IPv4 or
IPv6 protocol.
<1-255> Protocol number
gre GRE tunneling(47)
icmp Internet Control Message Protocol(1)
icmpv6 Internet Control Message Protocol6(58)
igmp Internet Group Management Protocol(2)
ipinip IP in IP tunneling(4)
ospf OSPF routing protocol(89)
tcp Transmission Control Protocol (6)
udp User Datagram Protocol (17)
ipv6-ah IPv6 Authentication Header(51)
ipv6-esp IPv6 Encapsulating Security Payload(50)
"
::= { hh3cAclIPAclNamedAdvEntry 3 }
hh3cAclIPAclNamedAdvAddrFlag OBJECT-TYPE
SYNTAX AddressFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Address flag to select address."
DEFVAL { invalid }
::= { hh3cAclIPAclNamedAdvEntry 4 }
hh3cAclIPAclNamedAdvSrcAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of source IP address.
"
::= { hh3cAclIPAclNamedAdvEntry 5 }
hh3cAclIPAclNamedAdvSrcAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The specified source IP address.
The type of this address is determined by the value of
hh3cAclIPAclNamedAdvSrcAddrType.
"
::= { hh3cAclIPAclNamedAdvEntry 6 }
hh3cAclIPAclNamedAdvSrcPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specify the length of a generic Internet network address
prefix. A value of n corresponds to an IP address mask that
has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclNamedAdvEntry 7 }
hh3cAclIPAclNamedAdvSrcAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any IP address."
DEFVAL { true }
::= { hh3cAclIPAclNamedAdvEntry 8 }
hh3cAclIPAclNamedAdvSrcWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IPv4 address wildcard mask.
Only IPv4 Advanced Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclNamedAdvEntry 9 }
hh3cAclIPAclNamedAdvSrcOp OBJECT-TYPE
SYNTAX PortOp
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source port operation symbol of advanced acl group."
DEFVAL { invalid }
::= { hh3cAclIPAclNamedAdvEntry 10 }
hh3cAclIPAclNamedAdvSrcPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port1."
DEFVAL { 0 }
::= { hh3cAclIPAclNamedAdvEntry 11 }
hh3cAclIPAclNamedAdvSrcPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer source port2."
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedAdvEntry 12 }
hh3cAclIPAclNamedAdvDstAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of destination IP address.
"
::= { hh3cAclIPAclNamedAdvEntry 13 }
hh3cAclIPAclNamedAdvDstAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The specified destination IP address.
The type of this address is determined by the value of
hh3cAclIPAclNamedAdvDstAddrType.
"
::= { hh3cAclIPAclNamedAdvEntry 14 }
hh3cAclIPAclNamedAdvDstPrefix OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specify the length of a generic Internet network address
prefix. A value of n corresponds to an IP address mask that
has n contiguous 1-bits from the most significant bit (MSB)
and all other bits set to 0.
"
::= { hh3cAclIPAclNamedAdvEntry 15 }
hh3cAclIPAclNamedAdvDstAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any IP address."
DEFVAL { true }
::= { hh3cAclIPAclNamedAdvEntry 16 }
hh3cAclIPAclNamedAdvDstWild OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IPv4 address wildcard mask.
Only IPv4 Advanced Rule supports this object.
Default value is '0.0.0.0'.
"
::= { hh3cAclIPAclNamedAdvEntry 17 }
hh3cAclIPAclNamedAdvDstOp OBJECT-TYPE
SYNTAX PortOp
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination port operation symbol of advanced acl group."
DEFVAL { invalid }
::= { hh3cAclIPAclNamedAdvEntry 18 }
hh3cAclIPAclNamedAdvDstPort1 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port1."
DEFVAL { 0 }
::= { hh3cAclIPAclNamedAdvEntry 19 }
hh3cAclIPAclNamedAdvDstPort2 OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The fourth layer destination port2."
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedAdvEntry 20 }
hh3cAclIPAclNamedAdvIcmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of ICMP packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedAdvEntry 21 }
hh3cAclIPAclNamedAdvIcmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The code of ICMP packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedAdvEntry 22 }
hh3cAclIPAclNamedAdvPrecedence OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's precedence.
<0-7> Value of precedence
routine Specify routine precedence(0)
priority Specify priority precedence(1)
immediate Specify immediate precedence(2)
flash Specify flash precedence(3)
flash-override Specify flash-override precedence(4)
critical Specify critical precedence(5)
internet Specify internetwork control precedence(6)
network Specify network control precedence(7)
"
DEFVAL { 255 }
::= { hh3cAclIPAclNamedAdvEntry 23 }
hh3cAclIPAclNamedAdvTos OBJECT-TYPE
SYNTAX Integer32 (0..15|255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of IP-packet's TOS.
<0-15> Value of TOS(type of service)
max-reliability Match packets with max reliable TOS(2)
max-throughput Match packets with max throughput TOS(4)
min-delay Match packets with min delay TOS(8)
min-monetary-cost Match packets with min monetary cost TOS(1)
normal Match packets with normal TOS(0)
"
DEFVAL { 255 }
::= { hh3cAclIPAclNamedAdvEntry 24 }
hh3cAclIPAclNamedAdvDscp OBJECT-TYPE
SYNTAX DSCPValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of DSCP of IP packet."
DEFVAL { 255 }
::= { hh3cAclIPAclNamedAdvEntry 25 }
hh3cAclIPAclNamedAdvTRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of advanced ACL rule.
Default value is zero-length.
"
::= { hh3cAclIPAclNamedAdvEntry 26 }
hh3cAclIPAclNamedAdvTCPFlag OBJECT-TYPE
SYNTAX TCPFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet type of TCP protocol."
DEFVAL { invalid }
::= { hh3cAclIPAclNamedAdvEntry 27 }
hh3cAclIPAclNamedAdvFragmentFlag OBJECT-TYPE
SYNTAX FragmentFlag
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching fragmented packet,
and now support two value: 0 or 2.
"
DEFVAL { invalid }
::= { hh3cAclIPAclNamedAdvEntry 28 }
hh3cAclIPAclNamedAdvLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Log matched packets."
DEFVAL { false }
::= { hh3cAclIPAclNamedAdvEntry 29 }
hh3cAclIPAclNamedAdvCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matches by the rule."
::= { hh3cAclIPAclNamedAdvEntry 30 }
hh3cAclIPAclNamedAdvCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the statistics counter of this rule."
DEFVAL { nouse }
::= { hh3cAclIPAclNamedAdvEntry 31 }
hh3cAclIPAclNamedAdvEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclIPAclNamedAdvEntry 32 }
hh3cAclIPAclNamedAdvVpnInstName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The VPN name to which the rule will be applied.
Default value is zero-length.
"
::= { hh3cAclIPAclNamedAdvEntry 33 }
hh3cAclIPAclNamedAdvComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is zero-length String.
"
::= { hh3cAclIPAclNamedAdvEntry 34 }
hh3cAclIPAclNamedAdvReflective OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of reflective."
::= { hh3cAclIPAclNamedAdvEntry 35 }
hh3cAclIPAclNamedAdvCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclIPAclNamedAdvEntry 36 }
hh3cAclIPAclNamedAdvTCPFlagMask OBJECT-TYPE
SYNTAX BITS {
tcpack(0),
tcpfin(1),
tcppsh(2),
tcprst(3),
tcpsyn(4),
tcpurg(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The TCP Flag Mask. This is a bit-map of possible conditions.
The various bit positions are:
|0 |tcpack |
|1 |tcpfin |
|2 |tcppsh |
|3 |tcprst |
|4 |tcpsyn |
|5 |tcpurg |
"
::= { hh3cAclIPAclNamedAdvEntry 37 }
hh3cAclIPAclNamedAdvTCPFlagValue OBJECT-TYPE
SYNTAX BITS {
tcpack(0),
tcpfin(1),
tcppsh(2),
tcprst(3),
tcpsyn(4),
tcpurg(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The TCP Flag Value. This is a bit-map of possible conditions.
The various bit positions are:
|0 |tcpack |
|1 |tcpfin |
|2 |tcppsh |
|3 |tcprst |
|4 |tcpsyn |
|5 |tcpurg |
"
::= { hh3cAclIPAclNamedAdvEntry 38 }
hh3cAclIPAclNamedAdvRouteTypeAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The flag of matching any type of routing header of IPv6 packet.
"
DEFVAL { false }
::= { hh3cAclIPAclNamedAdvEntry 39 }
hh3cAclIPAclNamedAdvRouteTypeValue OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of routing header of IPv6 packet."
DEFVAL { 65535 }
::= { hh3cAclIPAclNamedAdvEntry 40 }
hh3cAclIPAclNamedAdvFlowLabel OBJECT-TYPE
SYNTAX Unsigned32 (0..1048575|4294967295)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of flow label of IPv6 packet header."
DEFVAL { 4294967295 }
::= { hh3cAclIPAclNamedAdvEntry 41 }
hh3cAclIPAclNamedAdvSrcSuffix OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address suffix.
A value of n corresponds to an IP address mask
that has n contiguous 1-bits from the least significant bit
and all other bits set to 0.
"
::= { hh3cAclIPAclNamedAdvEntry 42 }
hh3cAclIPAclNamedAdvDstSuffix OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Denotes the length of a generic Internet network address suffix.
A value of n corresponds to an IP address mask
that has n contiguous 1-bits from the least significant bit
and all other bits set to 0.
"
::= { hh3cAclIPAclNamedAdvEntry 43 }
--
-- Node of hh3cAclMACAclGroup
--
hh3cAclMACAclGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 3 }
--
-- Nodes of hh3cAclMACTable
--
hh3cAclMACTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclMACEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of MAC acl group.
If some objects of this table are not supported by some products,
these objects can't be created, changed or applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclMACAclGroup 1 }
hh3cAclMACEntry OBJECT-TYPE
SYNTAX Hh3cAclMACEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"MAC acl group information."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNumberGroupIndex,
hh3cAclMACRuleIndex
}
::= { hh3cAclMACTable 1 }
Hh3cAclMACEntry ::=
SEQUENCE
{
hh3cAclMACRuleIndex
Integer32,
hh3cAclMACRowStatus
RowStatus,
hh3cAclMACAct
RuleAction,
hh3cAclMACTypeCode
OCTET STRING,
hh3cAclMACTypeMask
OCTET STRING,
hh3cAclMACSrcMac
MacAddress,
hh3cAclMACSrcMacWild
MacAddress,
hh3cAclMACDestMac
MacAddress,
hh3cAclMACDestMacWild
MacAddress,
hh3cAclMACLsapCode
OCTET STRING,
hh3cAclMACLsapMask
OCTET STRING,
hh3cAclMACCos
Integer32,
hh3cAclMACTimeRangeName
OCTET STRING,
hh3cAclMACCount
Unsigned32,
hh3cAclMACCountClear
CounterClear,
hh3cAclMACEnable
TruthValue,
hh3cAclMACComment
OCTET STRING,
hh3cAclMACLog
TruthValue,
hh3cAclMACCounting
TruthValue
}
hh3cAclMACRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The rule index of MAC-based acl group."
::= { hh3cAclMACEntry 1 }
hh3cAclMACRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclMACEntry 2 }
hh3cAclMACAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of MAC acl rule."
::= { hh3cAclMACEntry 3 }
hh3cAclMACTypeCode OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of protocol."
REFERENCE
"rfc894, rfc1010."
::= { hh3cAclMACEntry 4 }
hh3cAclMACTypeMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of protocol."
::= { hh3cAclMACEntry 5 }
hh3cAclMACSrcMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source MAC of MAC acl rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclMACEntry 6 }
hh3cAclMACSrcMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source MAC wildzard of MAC acl rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclMACEntry 7 }
hh3cAclMACDestMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination MAC of MAC acl rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclMACEntry 8 }
hh3cAclMACDestMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination MAC wildzard of MAC acl rule.
Default value is '00:00:00:00:00:00'
"
::= { hh3cAclMACEntry 9 }
hh3cAclMACLsapCode OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of LSAP."
REFERENCE
"ANSI/IEEE Std 802.3"
::= { hh3cAclMACEntry 10 }
hh3cAclMACLsapMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of LSAP."
::= { hh3cAclMACEntry 11 }
hh3cAclMACCos OBJECT-TYPE
SYNTAX Integer32 (0..7 | 255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Vlan priority of MAC acl rule."
DEFVAL { 255 }
::= { hh3cAclMACEntry 12 }
hh3cAclMACTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of MAC acl rule.
Default value is zero-length.
"
::= { hh3cAclMACEntry 13 }
hh3cAclMACCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched frames by the rule."
::= { hh3cAclMACEntry 14 }
hh3cAclMACCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
DEFVAL { nouse }
::= { hh3cAclMACEntry 15 }
hh3cAclMACEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclMACEntry 16 }
hh3cAclMACComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclMACEntry 17 }
hh3cAclMACLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclMACEntry 18 }
hh3cAclMACCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclMACEntry 19 }
--
-- Nodes of named MAC ACL group
--
hh3cAclNamedMACTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNamedMACEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of named MAC ACL rule.
The name of ACL group will be used as an index in this table,
which differs from the table hh3cAclMACTable.
If some objects of this table are not supported by some products,
these objects can't be created, changed or applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclMACAclGroup 2 }
hh3cAclNamedMACEntry OBJECT-TYPE
SYNTAX Hh3cAclNamedMACEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"MAC acl group information."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNamedGroupName,
hh3cAclMACRuleIndex
}
::= { hh3cAclNamedMACTable 1 }
Hh3cAclNamedMACEntry ::=
SEQUENCE
{
hh3cAclNamedMACRowStatus
RowStatus,
hh3cAclNamedMACAct
RuleAction,
hh3cAclNamedMACTypeCode
OCTET STRING,
hh3cAclNamedMACTypeMask
OCTET STRING,
hh3cAclNamedMACSrcMac
MacAddress,
hh3cAclNamedMACSrcMacWild
MacAddress,
hh3cAclNamedMACDstMac
MacAddress,
hh3cAclNamedMACDstMacWild
MacAddress,
hh3cAclNamedMACLsapCode
OCTET STRING,
hh3cAclNamedMACLsapMask
OCTET STRING,
hh3cAclNamedMACCos
Integer32,
hh3cAclNamedMACTimeRangeName
OCTET STRING,
hh3cAclNamedMACCount
Unsigned32,
hh3cAclNamedMACCountClear
CounterClear,
hh3cAclNamedMACEnable
TruthValue,
hh3cAclNamedMACComment
OCTET STRING,
hh3cAclNamedMACLog
TruthValue,
hh3cAclNamedMACCounting
TruthValue
}
hh3cAclNamedMACRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclNamedMACEntry 1 }
hh3cAclNamedMACAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of MAC ACL rule."
::= { hh3cAclNamedMACEntry 2 }
hh3cAclNamedMACTypeCode OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of protocol."
REFERENCE
"rfc894, rfc1010."
::= { hh3cAclNamedMACEntry 3 }
hh3cAclNamedMACTypeMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of protocol."
::= { hh3cAclNamedMACEntry 4 }
hh3cAclNamedMACSrcMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source MAC of MAC ACL rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclNamedMACEntry 5 }
hh3cAclNamedMACSrcMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source MAC wildcard of MAC ACL rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclNamedMACEntry 6 }
hh3cAclNamedMACDstMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination MAC of MAC ACL rule.
Default value is '00:00:00:00:00:00'.
"
::= { hh3cAclNamedMACEntry 7 }
hh3cAclNamedMACDstMacWild OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination MAC wildcard of MAC ACL rule.
Default value is '00:00:00:00:00:00'
"
::= { hh3cAclNamedMACEntry 8 }
hh3cAclNamedMACLsapCode OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of LSAP."
REFERENCE
"ANSI/IEEE Std 802.3"
::= { hh3cAclNamedMACEntry 9 }
hh3cAclNamedMACLsapMask OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The mask of LSAP."
::= { hh3cAclNamedMACEntry 10 }
hh3cAclNamedMACCos OBJECT-TYPE
SYNTAX Integer32 (0..7 | 255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Vlan priority of MAC ACL rule."
DEFVAL { 255 }
::= { hh3cAclNamedMACEntry 11 }
hh3cAclNamedMACTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The time-range of MAC ACL rule.
Default value is zero-length.
"
::= { hh3cAclNamedMACEntry 12 }
hh3cAclNamedMACCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched frames by the rule."
::= { hh3cAclNamedMACEntry 13 }
hh3cAclNamedMACCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
DEFVAL { nouse }
::= { hh3cAclNamedMACEntry 14 }
hh3cAclNamedMACEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclNamedMACEntry 15 }
hh3cAclNamedMACComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclNamedMACEntry 16 }
hh3cAclNamedMACLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclNamedMACEntry 17 }
hh3cAclNamedMACCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclNamedMACEntry 18 }
--
-- Node of hh3cAclEnUserGroup
--
hh3cAclEnUserAclGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 4 }
--
-- Nodes of hh3cAclEnUserTable
--
hh3cAclEnUserTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclEnUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of user acl group information.
If some objects of this table are not supported by some products,
these objects can't be created, changed and applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclEnUserAclGroup 3 }
hh3cAclEnUserEntry OBJECT-TYPE
SYNTAX Hh3cAclEnUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"User defined acl group entry."
INDEX { hh3cAclNumberGroupType,
hh3cAclNumberGroupIndex,
hh3cAclEnUserRuleIndex }
::= { hh3cAclEnUserTable 1 }
Hh3cAclEnUserEntry ::=
SEQUENCE
{
hh3cAclEnUserRuleIndex
Integer32,
hh3cAclEnUserRowStatus
RowStatus,
hh3cAclEnUserAct
RuleAction,
hh3cAclEnUserStartString
OCTET STRING,
hh3cAclEnUserL2String
OCTET STRING,
hh3cAclEnUserMplsString
OCTET STRING,
hh3cAclEnUserIPv4String
OCTET STRING,
hh3cAclEnUserIPv6String
OCTET STRING,
hh3cAclEnUserL4String
OCTET STRING,
hh3cAclEnUserL5String
OCTET STRING,
hh3cAclEnUserTimeRangeName
OCTET STRING,
hh3cAclEnUserCount
Unsigned32,
hh3cAclEnUserCountClear
CounterClear,
hh3cAclEnUserEnable
TruthValue,
hh3cAclEnUserComment
OCTET STRING,
hh3cAclEnUserLog
TruthValue,
hh3cAclEnUserCounting
TruthValue
}
hh3cAclEnUserRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The subitem of the user acl."
::= { hh3cAclEnUserEntry 1 }
hh3cAclEnUserRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclEnUserEntry 2 }
hh3cAclEnUserAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of user defined acl rule."
::= { hh3cAclEnUserEntry 3 }
hh3cAclEnUserStartString OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value of this object is defined by product and
it indicates the offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: 10,10af,ffff.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 4 }
hh3cAclEnUserL2String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 2 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 5 }
hh3cAclEnUserMplsString OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching mpls packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 6 }
hh3cAclEnUserIPv4String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching IPv4 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 7 }
hh3cAclEnUserIPv6String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching IPv6 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 8 }
hh3cAclEnUserL4String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 4 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 9 }
hh3cAclEnUserL5String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 5 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclEnUserEntry 10 }
hh3cAclEnUserTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of user acl rule.
Default value is zero-length."
::= { hh3cAclEnUserEntry 11 }
hh3cAclEnUserCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by the rule."
::= { hh3cAclEnUserEntry 12 }
hh3cAclEnUserCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
::= { hh3cAclEnUserEntry 13 }
hh3cAclEnUserEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclEnUserEntry 14 }
hh3cAclEnUserComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclEnUserEntry 15 }
hh3cAclEnUserLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclEnUserEntry 16 }
hh3cAclEnUserCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclEnUserEntry 17 }
--
-- Nodes of hh3cAclNamedUserTable
--
hh3cAclNamedUserTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclNamedUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of named user acl rule.
The name of ACL group will be used as an index in this table,
which differs from the table hh3cAclEnUserTable.
If some objects of this table are not supported by some products,
these objects can't be created, changed and applied.
Default value of these objects will be returned when they are read.
"
::= { hh3cAclEnUserAclGroup 4 }
hh3cAclNamedUserEntry OBJECT-TYPE
SYNTAX Hh3cAclNamedUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"User defined acl group entry."
INDEX
{
hh3cAclNumberGroupType,
hh3cAclNamedGroupName,
hh3cAclEnUserRuleIndex
}
::= { hh3cAclNamedUserTable 1 }
Hh3cAclNamedUserEntry ::=
SEQUENCE
{
hh3cAclNamedUserRowStatus
RowStatus,
hh3cAclNamedUserAct
RuleAction,
hh3cAclNamedUserStartString
OCTET STRING,
hh3cAclNamedUserL2String
OCTET STRING,
hh3cAclNamedUserMplsString
OCTET STRING,
hh3cAclNamedUserIPv4String
OCTET STRING,
hh3cAclNamedUserIPv6String
OCTET STRING,
hh3cAclNamedUserL4String
OCTET STRING,
hh3cAclNamedUserL5String
OCTET STRING,
hh3cAclNamedUserTimeRangeName
OCTET STRING,
hh3cAclNamedUserCount
Unsigned32,
hh3cAclNamedUserCountClear
CounterClear,
hh3cAclNamedUserEnable
TruthValue,
hh3cAclNamedUserComment
OCTET STRING,
hh3cAclNamedUserLog
TruthValue,
hh3cAclNamedUserCounting
TruthValue
}
hh3cAclNamedUserRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclNamedUserEntry 1 }
hh3cAclNamedUserAct OBJECT-TYPE
SYNTAX RuleAction
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The action of user defined acl rule."
::= { hh3cAclNamedUserEntry 2 }
hh3cAclNamedUserStartString OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value of this object is defined by product and
it indicates the offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: 10,10af,ffff.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 3 }
hh3cAclNamedUserL2String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 2 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 4 }
hh3cAclNamedUserMplsString OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching mpls packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 5 }
hh3cAclNamedUserIPv4String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching IPv4 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 6 }
hh3cAclNamedUserIPv6String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching IPv6 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 7 }
hh3cAclNamedUserL4String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 4 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 8 }
hh3cAclNamedUserL5String OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The rule, matching layer 5 packets, input like this:
'RuleOffset','RuleString','RuleMask'.
RuleOffset: The value is defined by product and
it indicates offset of the rule mask in the packet(unit: byte).
RuleString: The length of RuleString is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
RuleMask: The length of RuleMask is defined by product.
The string must be hexadecimal.
The length of string must be multiple of 2.
For example: '10','10af','ffff'.
Default value is zero-length.
"
::= { hh3cAclNamedUserEntry 9 }
hh3cAclNamedUserTimeRangeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Time-range of user acl rule.
Default value is zero-length."
::= { hh3cAclNamedUserEntry 10 }
hh3cAclNamedUserCount OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The count of matched by the rule."
::= { hh3cAclNamedUserEntry 11 }
hh3cAclNamedUserCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Reset the value of counter."
::= { hh3cAclNamedUserEntry 12 }
hh3cAclNamedUserEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The rule is active or not.
true : active
false : inactive
"
DEFVAL { false }
::= { hh3cAclNamedUserEntry 13 }
hh3cAclNamedUserComment OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The description of ACL rule.
Default value is Zero-length String.
"
::= { hh3cAclNamedUserEntry 14 }
hh3cAclNamedUserLog OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be logged when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclNamedUserEntry 15 }
hh3cAclNamedUserCounting OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The packet will be counted when it matches the rule.
It is disabled by default.
"
DEFVAL { false }
::= { hh3cAclNamedUserEntry 16 }
--
-- Node of hh3cAclResourceGroup
--
hh3cAclResourceGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 5 }
--
-- Nodes of hh3cAclResourceUsageTable
--
hh3cAclResourceUsageTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclResourceUsageEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table shows ACL resource usage information. Support for
resource types that are denoted by hh3cAclResourceType object
varies with products. If a type is not supported, the
corresponding row for the type will not be instantiated
in this table.
"
::= { hh3cAclResourceGroup 1 }
hh3cAclResourceUsageEntry OBJECT-TYPE
SYNTAX Hh3cAclResourceUsageEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each row contains a brief description of the resource type,
a port range associated with the chip, total, reserved, and
configured amount of resource of this type, the percent of
resource that has been allocated, and so on.
"
INDEX
{
hh3cAclResourceChassis,
hh3cAclResourceSlot,
hh3cAclResourceChip,
hh3cAclResourceType
}
::= { hh3cAclResourceUsageTable 1 }
Hh3cAclResourceUsageEntry ::=
SEQUENCE
{
hh3cAclResourceChassis
Unsigned32,
hh3cAclResourceSlot
Unsigned32,
hh3cAclResourceChip
Unsigned32,
hh3cAclResourceType
Integer32,
hh3cAclPortRange
OCTET STRING,
hh3cAclResourceTotal
Unsigned32,
hh3cAclResourceReserved
Unsigned32,
hh3cAclResourceConfigured
Unsigned32,
hh3cAclResourceUsagePercent
Unsigned32,
hh3cAclResourceTypeDescription
OCTET STRING
}
hh3cAclResourceChassis OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The chassis number. On a centralized or distributed device,
the value for this node is always zero.
"
::= { hh3cAclResourceUsageEntry 1 }
hh3cAclResourceSlot OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The slot number. On a centralized device, the value for
this node is always zero."
::= { hh3cAclResourceUsageEntry 2 }
hh3cAclResourceChip OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The chip number. On a single chip device, the value for
this node is always zero."
::= { hh3cAclResourceUsageEntry 3 }
hh3cAclResourceType OBJECT-TYPE
SYNTAX Integer32 (1..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The resource type."
::= { hh3cAclResourceUsageEntry 4 }
hh3cAclPortRange OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The port range associated with the chip. Commas are used to
separate multiple port ranges, for example, Ethernet1/2 to
Ethernet1/12, Ethernet1/31 to Ethernet1/48.
"
::= { hh3cAclResourceUsageEntry 5 }
hh3cAclResourceTotal OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total TCAM entries of the resource type."
::= { hh3cAclResourceUsageEntry 6 }
hh3cAclResourceReserved OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The amount of reserved TCAM entries of the resource type."
::= { hh3cAclResourceUsageEntry 7 }
hh3cAclResourceConfigured OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The amount of configured TCAM entries of the resource type."
::= { hh3cAclResourceUsageEntry 8 }
hh3cAclResourceUsagePercent OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The percent of TCAM entries that have been used for
this resource type.
"
::= { hh3cAclResourceUsageEntry 9 }
hh3cAclResourceTypeDescription OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The description of this resource type."
::= { hh3cAclResourceUsageEntry 10 }
--
-- Node of hh3cAclIntervalGroup
--
hh3cAclIntervalGroup OBJECT IDENTIFIER ::= { hh3cAclMib2Objects 6 }
--
-- Nodes of hh3cAclIntervalTable
--
hh3cAclIntervalTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cAclIntervalEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Log interval table."
::= { hh3cAclIntervalGroup 1 }
hh3cAclIntervalEntry OBJECT-TYPE
SYNTAX Hh3cAclIntervalEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Log interval entry."
INDEX
{
hh3cAclIntervalType
}
::= { hh3cAclIntervalTable 1 }
Hh3cAclIntervalEntry ::=
SEQUENCE
{
hh3cAclIntervalType
INTEGER,
hh3cAclIntervalValue
Integer32,
hh3cAclIntervalRowStatus
RowStatus
}
hh3cAclIntervalType OBJECT-TYPE
SYNTAX INTEGER
{
logging(1),
trap(2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The types of the interval specified for generating
packet filtering logs or traps.
"
::= { hh3cAclIntervalEntry 1 }
hh3cAclIntervalValue OBJECT-TYPE
SYNTAX Integer32 (5..1440)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of interval.
It must be a multiple of 5 and in the range of 5 to 1440.
"
::= { hh3cAclIntervalEntry 2 }
hh3cAclIntervalRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cAclIntervalEntry 3 }
--
-- Node of hh3cAclPacketFilterObjects
--
hh3cAclPacketFilterObjects OBJECT IDENTIFIER ::= { hh3cAcl 3 }
hh3cPfilterScalarGroup OBJECT IDENTIFIER ::= { hh3cAclPacketFilterObjects 1 }
hh3cPfilterDefaultAction OBJECT-TYPE
SYNTAX INTEGER
{
permit(1),
deny(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The default action of packet filter.
By default, the packet filter permits packets that do not match
any ACL rule to pass.
"
::= { hh3cPfilterScalarGroup 1 }
hh3cPfilterProcessingStatus OBJECT-TYPE
SYNTAX INTEGER
{
processing(1),
done(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object shows the status of the system when applying packet
filter. It is forbidden to set or read in hh3cAclPacketFilterObjects
MIB module when the value is processing.
"
::= { hh3cPfilterScalarGroup 2 }
--
-- Nodes of hh3cPfilterApplyTable
--
hh3cPfilterApplyTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilterApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of packet filter application.
It's not supported to set default action on an entity,
but supported to enable hardware count of default action
on an entity.
"
::= { hh3cAclPacketFilterObjects 2 }
hh3cPfilterApplyEntry OBJECT-TYPE
SYNTAX Hh3cPfilterApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Packet filter application information entry."
INDEX
{
hh3cPfilterApplyObjType,
hh3cPfilterApplyObjIndex,
hh3cPfilterApplyDirection,
hh3cPfilterApplyAclType,
hh3cPfilterApplyAclIndex
}
::= { hh3cPfilterApplyTable 1 }
Hh3cPfilterApplyEntry ::=
SEQUENCE
{
hh3cPfilterApplyObjType
INTEGER,
hh3cPfilterApplyObjIndex
Integer32,
hh3cPfilterApplyDirection
DirectionType,
hh3cPfilterApplyAclType
INTEGER,
hh3cPfilterApplyAclIndex
Integer32,
hh3cPfilterApplyHardCount
TruthValue,
hh3cPfilterApplySequence
Unsigned32,
hh3cPfilterApplyCountClear
CounterClear,
hh3cPfilterApplyRowStatus
RowStatus
}
hh3cPfilterApplyObjType OBJECT-TYPE
SYNTAX INTEGER
{
interface(1),
vlan(2),
global(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object type of packet filter application.
interface: Apply an ACL to the interface to filter packets.
vlan: Apply an ACL to the VLAN to filter packets.
global: Apply an ACL globally to filter packets.
"
::= { hh3cPfilterApplyEntry 1 }
hh3cPfilterApplyObjIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object ID of packet filter application.
Interface: interface index, equal to ifIndex
VLAN: VLAN ID, 1..4094
Global: 0
"
::= { hh3cPfilterApplyEntry 2 }
hh3cPfilterApplyDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction of packet filter application."
::= { hh3cPfilterApplyEntry 3 }
hh3cPfilterApplyAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
default(3),
mac(4),
user(5)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL Type: IPv4, IPv6, default action, MAC, and user.
Take default action as a special ACL group.
"
::= { hh3cPfilterApplyEntry 4 }
hh3cPfilterApplyAclIndex OBJECT-TYPE
SYNTAX Integer32 (0|2000..5999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL group index.
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
Default action type: 0
"
::= { hh3cPfilterApplyEntry 5 }
hh3cPfilterApplyHardCount OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Hardware count flag.
true: enable hardware count
false: disable hardware count
"
DEFVAL { false }
::= { hh3cPfilterApplyEntry 6 }
hh3cPfilterApplySequence OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The configure sequence of packet filter application."
::= { hh3cPfilterApplyEntry 7 }
hh3cPfilterApplyCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Clear the value of counters."
::= { hh3cPfilterApplyEntry 8 }
hh3cPfilterApplyRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cPfilterApplyEntry 9 }
--
-- Nodes of hh3cPfilterAclGroupRunInfoTable
--
hh3cPfilterAclGroupRunInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilterAclGroupRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of group running information of ACLs
for packet filtering. If hardware count function is not
supported or not enabled to the packet filter application, the
statistics entry will be zero.
"
::= { hh3cAclPacketFilterObjects 3 }
hh3cPfilterAclGroupRunInfoEntry OBJECT-TYPE
SYNTAX Hh3cPfilterAclGroupRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL group running information entry for packet filtering."
INDEX
{
hh3cPfilterRunApplyObjType,
hh3cPfilterRunApplyObjIndex,
hh3cPfilterRunApplyDirection,
hh3cPfilterRunApplyAclType,
hh3cPfilterRunApplyAclIndex
}
::= { hh3cPfilterAclGroupRunInfoTable 1 }
Hh3cPfilterAclGroupRunInfoEntry ::=
SEQUENCE
{
hh3cPfilterRunApplyObjType
INTEGER,
hh3cPfilterRunApplyObjIndex
Integer32,
hh3cPfilterRunApplyDirection
DirectionType,
hh3cPfilterRunApplyAclType
INTEGER,
hh3cPfilterRunApplyAclIndex
Integer32,
hh3cPfilterAclGroupStatus
INTEGER,
hh3cPfilterAclGroupCountStatus
INTEGER,
hh3cPfilterAclGroupPermitPkts
Counter64,
hh3cPfilterAclGroupPermitBytes
Counter64,
hh3cPfilterAclGroupDenyPkts
Counter64,
hh3cPfilterAclGroupDenyBytes
Counter64
}
hh3cPfilterRunApplyObjType OBJECT-TYPE
SYNTAX INTEGER
{
interface(1),
vlan(2),
global(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object type of packet filter application.
interface: Apply an ACL to the interface to filter packets.
vlan: Apply an ACL to the VLAN to filter packets.
global: Apply an ACL globally to filter packets.
"
::= { hh3cPfilterAclGroupRunInfoEntry 1 }
hh3cPfilterRunApplyObjIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object ID of packet filter application.
Interface: interface index, equal to ifIndex
VLAN: VLAN ID, 1..4094
Global: 0
"
::= { hh3cPfilterAclGroupRunInfoEntry 2 }
hh3cPfilterRunApplyDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction of packet filter application."
::= { hh3cPfilterAclGroupRunInfoEntry 3 }
hh3cPfilterRunApplyAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
default(3),
mac(4),
user(5)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL Type: IPv4, IPv6, default action, MAC, and user.
Take default action as a special ACL group.
"
::= { hh3cPfilterAclGroupRunInfoEntry 4 }
hh3cPfilterRunApplyAclIndex OBJECT-TYPE
SYNTAX Integer32 (1..3|2000..5999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL group index.
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
MAC default action: 1
IPv4 default action: 2
IPv6 default action: 3
"
::= { hh3cPfilterAclGroupRunInfoEntry 5 }
hh3cPfilterAclGroupStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of ACL group applied.
success: ACL applied successfully on all slots
failed: failed to apply ACL on all slots
partialSuccess: failed to apply ACL on some slots
"
::= { hh3cPfilterAclGroupRunInfoEntry 6 }
hh3cPfilterAclGroupCountStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of enabling hardware count. If hardware count is
not enabled, it returns success.
success: enable hardware count successfully on all slots
failed: failed to enable hardware count on all slots
partialSuccess: failed to enable hardware count on some slots
"
::= { hh3cPfilterAclGroupRunInfoEntry 7 }
hh3cPfilterAclGroupPermitPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets permitted."
::= { hh3cPfilterAclGroupRunInfoEntry 8 }
hh3cPfilterAclGroupPermitBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes permitted."
::= { hh3cPfilterAclGroupRunInfoEntry 9 }
hh3cPfilterAclGroupDenyPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets denied."
::= { hh3cPfilterAclGroupRunInfoEntry 10 }
hh3cPfilterAclGroupDenyBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes denied."
::= { hh3cPfilterAclGroupRunInfoEntry 11 }
--
-- Nodes of hh3cPfilterAclRuleRunInfoTable
--
hh3cPfilterAclRuleRunInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilterAclRuleRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of rule's running information of ACLs
for packet filtering. If hardware count function is not
supported or not enabled to the packet filter application, the
hh3cPfilterAclRuleMatchPackets and hh3cPfilterAclRuleMatchBytes
will be zero.
"
::= { hh3cAclPacketFilterObjects 4 }
hh3cPfilterAclRuleRunInfoEntry OBJECT-TYPE
SYNTAX Hh3cPfilterAclRuleRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL rule's running information entry."
INDEX
{
hh3cPfilterRunApplyObjType,
hh3cPfilterRunApplyObjIndex,
hh3cPfilterRunApplyDirection,
hh3cPfilterRunApplyAclType,
hh3cPfilterRunApplyAclIndex,
hh3cPfilterAclRuleIndex
}
::= { hh3cPfilterAclRuleRunInfoTable 1 }
Hh3cPfilterAclRuleRunInfoEntry ::=
SEQUENCE
{
hh3cPfilterAclRuleIndex
Integer32,
hh3cPfilterAclRuleStatus
INTEGER,
hh3cPfilterAclRuleCountStatus
INTEGER,
hh3cPfilterAclRuleMatchPackets
Counter64,
hh3cPfilterAclRuleMatchBytes
Counter64
}
hh3cPfilterAclRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL rule index."
::= { hh3cPfilterAclRuleRunInfoEntry 1 }
hh3cPfilterAclRuleStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of rule application.
success: rule applied successfully on all slots
failed: failed to apply rule on all slots
partialSuccess: failed to apply rule on some slots
"
::= { hh3cPfilterAclRuleRunInfoEntry 2 }
hh3cPfilterAclRuleCountStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of enabling rule's hardware count.
If hardware count is not enabled, it returns success.
success: enable hardware count successfully on all slots
failed: failed to enable hardware count on all slots
partialSuccess: failed to enable hardware count on some slots
"
::= { hh3cPfilterAclRuleRunInfoEntry 3 }
hh3cPfilterAclRuleMatchPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets matched."
::= { hh3cPfilterAclRuleRunInfoEntry 4 }
hh3cPfilterAclRuleMatchBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes matched."
::= { hh3cPfilterAclRuleRunInfoEntry 5 }
--
-- Nodes of hh3cPfilterStatisticSumTable
--
hh3cPfilterStatisticSumTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilterStatisticSumEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of ACL rule's sum statistics information,
accumulated by all entity application on all slots.
"
::= { hh3cAclPacketFilterObjects 5 }
hh3cPfilterStatisticSumEntry OBJECT-TYPE
SYNTAX Hh3cPfilterStatisticSumEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL rule's sum statistics information entry."
INDEX
{
hh3cPfilterSumDirection,
hh3cPfilterSumAclType,
hh3cPfilterSumAclIndex,
hh3cPfilterSumRuleIndex
}
::= { hh3cPfilterStatisticSumTable 1 }
Hh3cPfilterStatisticSumEntry ::=
SEQUENCE
{
hh3cPfilterSumDirection
DirectionType,
hh3cPfilterSumAclType
INTEGER,
hh3cPfilterSumAclIndex
Integer32,
hh3cPfilterSumRuleIndex
Integer32,
hh3cPfilterSumRuleMatchPackets
Counter64,
hh3cPfilterSumRuleMatchBytes
Counter64
}
hh3cPfilterSumDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction of application."
::= { hh3cPfilterStatisticSumEntry 1 }
hh3cPfilterSumAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
mac(3),
user(4)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL type: IPv4, IPv6, MAC, and user."
::= { hh3cPfilterStatisticSumEntry 2 }
hh3cPfilterSumAclIndex OBJECT-TYPE
SYNTAX Integer32 (2000..5999)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL group index.
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
"
::= { hh3cPfilterStatisticSumEntry 3 }
hh3cPfilterSumRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL rule index."
::= { hh3cPfilterStatisticSumEntry 4 }
hh3cPfilterSumRuleMatchPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sum number of packets matched the ACL rule."
::= { hh3cPfilterStatisticSumEntry 5 }
hh3cPfilterSumRuleMatchBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sum number of bytes matched the ACL rule."
::= { hh3cPfilterStatisticSumEntry 6 }
--
-- Nodes of hh3cPfilter2ApplyTable
--
hh3cPfilter2ApplyTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilter2ApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of packet filter application.
It's not supported to set default action on an entity,
but supported to enable hardware count of default action
on an entity.
"
::= { hh3cAclPacketFilterObjects 6 }
hh3cPfilter2ApplyEntry OBJECT-TYPE
SYNTAX Hh3cPfilter2ApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Packet filter application information entry."
INDEX
{
hh3cPfilter2ApplyObjType,
hh3cPfilter2ApplyObjIndex,
hh3cPfilter2ApplyDirection,
hh3cPfilter2ApplyAclType,
hh3cPfilter2ApplyAclIndex
}
::= { hh3cPfilter2ApplyTable 1 }
Hh3cPfilter2ApplyEntry ::=
SEQUENCE
{
hh3cPfilter2ApplyObjType
INTEGER,
hh3cPfilter2ApplyObjIndex
Integer32,
hh3cPfilter2ApplyDirection
DirectionType,
hh3cPfilter2ApplyAclType
INTEGER,
hh3cPfilter2ApplyAclIndex
OCTET STRING,
hh3cPfilter2ApplyHardCount
TruthValue,
hh3cPfilter2ApplySequence
Unsigned32,
hh3cPfilter2ApplyCountClear
CounterClear,
hh3cPfilter2ApplyRowStatus
RowStatus
}
hh3cPfilter2ApplyObjType OBJECT-TYPE
SYNTAX INTEGER
{
interface(1),
vlan(2),
global(3)
}
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The object type of packet filter application.
interface: Apply an ACL to the interface to filter packets.
vlan: Apply an ACL to the VLAN to filter packets.
global: Apply an ACL globally to filter packets.
"
::= { hh3cPfilter2ApplyEntry 1 }
hh3cPfilter2ApplyObjIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The object ID of packet filter application.
Interface: interface index, equal to ifIndex
VLAN: VLAN ID, 1..4094
Global: 0
"
::= { hh3cPfilter2ApplyEntry 2 }
hh3cPfilter2ApplyDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The direction of packet filter application."
::= { hh3cPfilter2ApplyEntry 3 }
hh3cPfilter2ApplyAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
default(3),
mac(4),
user(5)
}
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"ACL Type: IPv4, IPv6, default action, MAC, and user.
Take default action as a special ACL group.
"
::= { hh3cPfilter2ApplyEntry 4 }
hh3cPfilter2ApplyAclIndex OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(1..63))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The index of ACL group used by packet-filter.
If the specified string comprises only digits, it is converted
into a numerical sequence in decimal notation, and regarded as
an ACL group index or a default action. If the string is a
character string beginning with an English letter, it is
regarded as an ACL group name.
Group index range and default action:
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
Default action type: 0
"
::= { hh3cPfilter2ApplyEntry 5 }
hh3cPfilter2ApplyHardCount OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Hardware count flag.
true: enable hardware count
false: disable hardware count
"
DEFVAL { false }
::= { hh3cPfilter2ApplyEntry 6 }
hh3cPfilter2ApplySequence OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The configure sequence of packet filter application."
::= { hh3cPfilter2ApplyEntry 7 }
hh3cPfilter2ApplyCountClear OBJECT-TYPE
SYNTAX CounterClear
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Clear the value of counters."
DEFVAL { nouse }
::= { hh3cPfilter2ApplyEntry 8 }
hh3cPfilter2ApplyRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus."
::= { hh3cPfilter2ApplyEntry 9 }
--
-- Nodes of hh3cPfilter2AclGroupRunInfoTable
--
hh3cPfilter2AclGroupRunInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilter2AclGroupRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of group running information of ACLs
for packet filtering. If hardware count function is not
supported or not enabled to the packet filter application, the
statistics entry will be zero.
"
::= { hh3cAclPacketFilterObjects 7 }
hh3cPfilter2AclGroupRunInfoEntry OBJECT-TYPE
SYNTAX Hh3cPfilter2AclGroupRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL group running information entry for packet filtering."
INDEX
{
hh3cPfilter2RunApplyObjType,
hh3cPfilter2RunApplyObjIndex,
hh3cPfilter2RunApplyDirection,
hh3cPfilter2RunApplyAclType,
hh3cPfilter2RunApplyAclIndex
}
::= { hh3cPfilter2AclGroupRunInfoTable 1 }
Hh3cPfilter2AclGroupRunInfoEntry ::=
SEQUENCE
{
hh3cPfilter2RunApplyObjType
INTEGER,
hh3cPfilter2RunApplyObjIndex
Integer32,
hh3cPfilter2RunApplyDirection
DirectionType,
hh3cPfilter2RunApplyAclType
INTEGER,
hh3cPfilter2RunApplyAclIndex
OCTET STRING,
hh3cPfilter2AclGroupStatus
INTEGER,
hh3cPfilter2AclGroupCountStatus
INTEGER,
hh3cPfilter2AclGroupPermitPkts
Counter64,
hh3cPfilter2AclGroupPermitBytes
Counter64,
hh3cPfilter2AclGroupDenyPkts
Counter64,
hh3cPfilter2AclGroupDenyBytes
Counter64
}
hh3cPfilter2RunApplyObjType OBJECT-TYPE
SYNTAX INTEGER
{
interface(1),
vlan(2),
global(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object type of packet filter application.
interface: Apply an ACL to the interface to filter packets.
vlan: Apply an ACL to the VLAN to filter packets.
global: Apply an ACL globally to filter packets.
"
::= { hh3cPfilter2AclGroupRunInfoEntry 1 }
hh3cPfilter2RunApplyObjIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The object ID of packet filter application.
Interface: interface index, equal to ifIndex
VLAN: VLAN ID, 1..4094
Global: 0
"
::= { hh3cPfilter2AclGroupRunInfoEntry 2 }
hh3cPfilter2RunApplyDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction of packet filter application."
::= { hh3cPfilter2AclGroupRunInfoEntry 3 }
hh3cPfilter2RunApplyAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
default(3),
mac(4),
user(5)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL Type: IPv4, IPv6, default action, MAC, and user.
Take default action as a special ACL group.
"
::= { hh3cPfilter2AclGroupRunInfoEntry 4 }
hh3cPfilter2RunApplyAclIndex OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(1..63))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of ACL group used by packet-filter.
If the specified string comprises only digits, it is converted
into a numerical sequence in decimal notation, and regarded as
an ACL group index or a default action. If the string is a
character string beginning with an English letter, it is
regarded as an ACL group name.
Group index range and default action:
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
MAC default action: 1
IPv4 default action: 2
IPv6 default action: 3
"
::= { hh3cPfilter2AclGroupRunInfoEntry 5 }
hh3cPfilter2AclGroupStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of ACL group applied.
success: ACL applied successfully on all slots
failed: failed to apply ACL on all slots
partialSuccess: failed to apply ACL on some slots
"
::= { hh3cPfilter2AclGroupRunInfoEntry 6 }
hh3cPfilter2AclGroupCountStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of enabling hardware count. If hardware count is
not enabled, it returns success.
success: enable hardware count successfully on all slots
failed: failed to enable hardware count on all slots
partialSuccess: failed to enable hardware count on some slots
"
::= { hh3cPfilter2AclGroupRunInfoEntry 7 }
hh3cPfilter2AclGroupPermitPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets permitted."
::= { hh3cPfilter2AclGroupRunInfoEntry 8 }
hh3cPfilter2AclGroupPermitBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes permitted."
::= { hh3cPfilter2AclGroupRunInfoEntry 9 }
hh3cPfilter2AclGroupDenyPkts OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets denied."
::= { hh3cPfilter2AclGroupRunInfoEntry 10 }
hh3cPfilter2AclGroupDenyBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes denied."
::= { hh3cPfilter2AclGroupRunInfoEntry 11 }
--
-- Nodes of hh3cPfilter2AclRuleRunInfoTable
--
hh3cPfilter2AclRuleRunInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilter2AclRuleRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of rule's running information of ACLs
for packet filtering. If hardware count function is not
supported or not enabled to the packet filter application, the
hh3cPfilter2AclRuleMatchPackets and hh3cPfilter2AclRuleMatchBytes
will be zero.
"
::= { hh3cAclPacketFilterObjects 8 }
hh3cPfilter2AclRuleRunInfoEntry OBJECT-TYPE
SYNTAX Hh3cPfilter2AclRuleRunInfoEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL rule's running information entry."
INDEX
{
hh3cPfilter2RunApplyObjType,
hh3cPfilter2RunApplyObjIndex,
hh3cPfilter2RunApplyDirection,
hh3cPfilter2RunApplyAclType,
hh3cPfilter2RunApplyAclIndex,
hh3cPfilter2AclRuleIndex
}
::= { hh3cPfilter2AclRuleRunInfoTable 1 }
Hh3cPfilter2AclRuleRunInfoEntry ::=
SEQUENCE
{
hh3cPfilter2AclRuleIndex
Integer32,
hh3cPfilter2AclRuleStatus
INTEGER,
hh3cPfilter2AclRuleCountStatus
INTEGER,
hh3cPfilter2AclRuleMatchPackets
Counter64,
hh3cPfilter2AclRuleMatchBytes
Counter64
}
hh3cPfilter2AclRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The ACL rule index."
::= { hh3cPfilter2AclRuleRunInfoEntry 1 }
hh3cPfilter2AclRuleStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of rule application.
success: rule applied successfully on all slots
failed: failed to apply rule on all slots
partialSuccess: failed to apply rule on some slots
"
::= { hh3cPfilter2AclRuleRunInfoEntry 2 }
hh3cPfilter2AclRuleCountStatus OBJECT-TYPE
SYNTAX INTEGER
{
success(1),
failed(2),
partialSuccess(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of enabling rule's hardware count.
If hardware count is not enabled, it returns success.
success: enable hardware count successfully on all slots
failed: failed to enable hardware count on all slots
partialSuccess: failed to enable hardware count on some slots
"
::= { hh3cPfilter2AclRuleRunInfoEntry 3 }
hh3cPfilter2AclRuleMatchPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets matched."
::= { hh3cPfilter2AclRuleRunInfoEntry 4 }
hh3cPfilter2AclRuleMatchBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes matched."
::= { hh3cPfilter2AclRuleRunInfoEntry 5 }
--
-- Nodes of hh3cPfilter2StatisticSumTable
--
hh3cPfilter2StatisticSumTable OBJECT-TYPE
SYNTAX SEQUENCE OF Hh3cPfilter2StatisticSumEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of ACL rule's sum statistics information,
accumulated by all entity application on all slots.
"
::= { hh3cAclPacketFilterObjects 9 }
hh3cPfilter2StatisticSumEntry OBJECT-TYPE
SYNTAX Hh3cPfilter2StatisticSumEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL rule's sum statistics information entry."
INDEX
{
hh3cPfilter2SumDirection,
hh3cPfilter2SumAclType,
hh3cPfilter2SumAclIndex,
hh3cPfilter2SumRuleIndex
}
::= { hh3cPfilter2StatisticSumTable 1 }
Hh3cPfilter2StatisticSumEntry ::=
SEQUENCE
{
hh3cPfilter2SumDirection
DirectionType,
hh3cPfilter2SumAclType
INTEGER,
hh3cPfilter2SumAclIndex
OCTET STRING,
hh3cPfilter2SumRuleIndex
Integer32,
hh3cPfilter2SumRuleMatchPackets
Counter64,
hh3cPfilter2SumRuleMatchBytes
Counter64
}
hh3cPfilter2SumDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The direction of application."
::= { hh3cPfilter2StatisticSumEntry 1 }
hh3cPfilter2SumAclType OBJECT-TYPE
SYNTAX INTEGER
{
ipv4(1),
ipv6(2),
mac(3),
user(4)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"ACL type: IPv4, IPv6, MAC, and user."
::= { hh3cPfilter2StatisticSumEntry 2 }
hh3cPfilter2SumAclIndex OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(1..63))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of ACL group used by packet-filter.
If the specified string comprises only digits, it is converted
into a numerical sequence in decimal notation, and regarded as
an ACL group index. If the string is a character string
beginning with an English letter, it is regarded as an ACL
group name.
Group index range and default action:
Basic type: 2000..2999
Advanced type: 3000..3999
MAC type: 4000..4999
User type: 5000..5999
"
::= { hh3cPfilter2StatisticSumEntry 3 }
hh3cPfilter2SumRuleIndex OBJECT-TYPE
SYNTAX Integer32 (0..65534)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ACL rule index."
::= { hh3cPfilter2StatisticSumEntry 4 }
hh3cPfilter2SumRuleMatchPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sum number of packets matched the ACL rule."
::= { hh3cPfilter2StatisticSumEntry 5 }
hh3cPfilter2SumRuleMatchBytes OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sum number of bytes matched the ACL rule."
::= { hh3cPfilter2StatisticSumEntry 6 }
--
-- Nodes of hh3cPacketfilterTrapObjects
--
hh3cAclPacketfilterTrapObjects OBJECT IDENTIFIER ::= { hh3cAcl 4 }
hh3cPfilterInterface OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The interface which policy apply."
::= { hh3cAclPacketfilterTrapObjects 1 }
hh3cPfilterDirection OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Inbound or outbound."
::= { hh3cAclPacketfilterTrapObjects 2 }
hh3cPfilterACLNumber OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"ACL number."
::= { hh3cAclPacketfilterTrapObjects 3 }
hh3cPfilterAction OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Permit or deny."
::= { hh3cAclPacketfilterTrapObjects 4 }
hh3cMACfilterSourceMac OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Source MAC address."
::= { hh3cAclPacketfilterTrapObjects 5 }
hh3cMACfilterDestinationMac OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Destination MAC address."
::= { hh3cAclPacketfilterTrapObjects 6 }
hh3cPfilterPacketNumber OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The number of packets permitted or denied by ACL."
::= { hh3cAclPacketfilterTrapObjects 7 }
hh3cPfilterReceiveInterface OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The interface where packet come from."
::= { hh3cAclPacketfilterTrapObjects 8 }
hh3cAclPacketIfName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The name of the interface on which the packet is matched."
::= { hh3cAclPacketfilterTrapObjects 9 }
hh3cAclPacketDirection OBJECT-TYPE
SYNTAX DirectionType
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The direction the packet is going."
::= { hh3cAclPacketfilterTrapObjects 10 }
hh3cAclPacketBAGG OBJECT-TYPE
SYNTAX Integer32 (0..2048)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The bridge-aggregation-interface ID the interface belongs to.
"
DEFVAL { 0 }
::= { hh3cAclPacketfilterTrapObjects 11 }
hh3cAclPacketVlanID OBJECT-TYPE
SYNTAX Integer32 (1..4094)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The vlan the interface belongs to."
::= { hh3cAclPacketfilterTrapObjects 12 }
hh3cAclPacketSrcIP OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Source IP address of IPv4/IPv6 packet."
::= { hh3cAclPacketfilterTrapObjects 13 }
hh3cAclPacketDstIP OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Destination IP address of IPv4/IPv6 packet."
::= { hh3cAclPacketfilterTrapObjects 14 }
hh3cAclPacketProtocol OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The protocol of IPv4/IPv6 packet.
icmp(1),
tcp(6),
udp(17),
igmp(2),
gre(47),
ospf(89),
ipinip(4),
icmp6(58),
ipv6_ah(51),
ipv6_esp(50)
"
::= { hh3cAclPacketfilterTrapObjects 15 }
hh3cAclPacketDscp OBJECT-TYPE
SYNTAX DSCPValue
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"DSCP of IPv4/IPv6 packet."
DEFVAL { 255 }
::= { hh3cAclPacketfilterTrapObjects 16 }
hh3cAclPacketFlowLabel OBJECT-TYPE
SYNTAX Unsigned32 (0..1048575|4294967295)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Flow label value of IPv6 packet."
DEFVAL { 4294967295 }
::= { hh3cAclPacketfilterTrapObjects 17 }
hh3cAclPacketIcmpIgmpType OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The type of ICMP or IGMP packet."
DEFVAL { 65535 }
::= { hh3cAclPacketfilterTrapObjects 18 }
hh3cAclPacketIcmpIgmpCode OBJECT-TYPE
SYNTAX Integer32 (0..255|65535)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The code of ICMP or IGMP packet."
DEFVAL { 65535 }
::= { hh3cAclPacketfilterTrapObjects 19 }
hh3cAclPacketTcpFlags OBJECT-TYPE
SYNTAX INTEGER
{
tcpack(1),
tcpfin(2),
tcppsh(3),
tcprst(4),
tcpsyn(5),
tcpurg(6),
invalid(255)
}
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The flags of TCP packet.
tcpack(1),
tcpfin(2),
tcppsh(3),
tcprst(4),
tcpsyn(5),
tcpurg(6),
invalid(255)
"
DEFVAL { 255 }
::= { hh3cAclPacketfilterTrapObjects 20 }
hh3cAclPacketSrcPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Source port of TCP or UDP packet."
DEFVAL { 0 }
::= { hh3cAclPacketfilterTrapObjects 21 }
hh3cAclPacketDstPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Destination port of TCP or UDP packet."
DEFVAL { 65535 }
::= { hh3cAclPacketfilterTrapObjects 22 }
hh3cAclPacketSrcMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Source MAC address of Ethernet packet."
::= { hh3cAclPacketfilterTrapObjects 23 }
hh3cAclPacketDstMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Destination MAC address of Ethernet packet."
::= { hh3cAclPacketfilterTrapObjects 24 }
hh3cAclPacketMacTypeLen OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The Ethertype or 802.3 length of Ethernet packet."
DEFVAL { 0 }
::= { hh3cAclPacketfilterTrapObjects 25 }
hh3cAclPacketVlanPCP OBJECT-TYPE
SYNTAX Integer32 (0..7|255)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"802.1p priority code point of Ethernet packet."
DEFVAL { 255 }
::= { hh3cAclPacketfilterTrapObjects 26 }
--
-- Nodes of hh3cPacketfilterTrap
--
hh3cAclPacketfilterTrap OBJECT IDENTIFIER ::= { hh3cAcl 5 }
hh3cPfilterTrapPrefix OBJECT IDENTIFIER ::= { hh3cAclPacketfilterTrap 0 }
hh3cMACfilterTrap NOTIFICATION-TYPE
OBJECTS
{
hh3cPfilterInterface,
hh3cPfilterDirection,
hh3cPfilterACLNumber,
hh3cPfilterAction,
hh3cMACfilterSourceMac,
hh3cMACfilterDestinationMac,
hh3cPfilterPacketNumber,
hh3cPfilterReceiveInterface
}
STATUS current
DESCRIPTION
"This notification is generated when a packet was processed
by MAC address filter, but not every packet will generate one
notification, the same notification only generate once in 30
seconds.
"
::= { hh3cPfilterTrapPrefix 1 }
hh3cAclRuleMatchCount NOTIFICATION-TYPE
OBJECTS
{
hh3cPfilter2ApplyObjType,
hh3cPfilter2ApplyObjIndex,
hh3cPfilter2ApplyDirection,
hh3cPfilter2ApplyAclType,
hh3cPfilter2ApplyAclIndex,
hh3cPfilter2AclRuleIndex,
hh3cPfilter2AclRuleMatchPackets
}
STATUS current
DESCRIPTION
"This notification is generated periodically due to a timer.
The interval of the timer is configured in hh3cAclIntervalTable.
The notification details the entries about the packet-filter
object, the matched ACL rule and the number of matching packets.
"
::= { hh3cPfilterTrapPrefix 2 }
hh3cAclFirstIPv4PktCaptured NOTIFICATION-TYPE
OBJECTS
{
hh3cPfilter2ApplyAclIndex,
hh3cPfilter2AclRuleIndex,
hh3cAclPacketIfName,
hh3cAclPacketDirection,
hh3cAclPacketBAGG,
hh3cAclPacketVlanID,
hh3cAclPacketSrcIP,
hh3cAclPacketDstIP,
hh3cAclPacketProtocol,
hh3cAclPacketDscp,
hh3cAclPacketIcmpIgmpType,
hh3cAclPacketIcmpIgmpCode,
hh3cAclPacketTcpFlags,
hh3cAclPacketSrcPort,
hh3cAclPacketDstPort
}
STATUS current
DESCRIPTION
"This notification is generated immediately when the first
packet of the matched IPv4 flow is captured. Other packets
of the matched flow won't be captured.
"
::= { hh3cPfilterTrapPrefix 3 }
hh3cAclFirstIPv6PktCaptured NOTIFICATION-TYPE
OBJECTS
{
hh3cPfilter2ApplyAclIndex,
hh3cPfilter2AclRuleIndex,
hh3cAclPacketIfName,
hh3cAclPacketDirection,
hh3cAclPacketBAGG,
hh3cAclPacketVlanID,
hh3cAclPacketSrcIP,
hh3cAclPacketDstIP,
hh3cAclPacketProtocol,
hh3cAclPacketDscp,
hh3cAclPacketFlowLabel,
hh3cAclPacketIcmpIgmpType,
hh3cAclPacketIcmpIgmpCode,
hh3cAclPacketTcpFlags,
hh3cAclPacketSrcPort,
hh3cAclPacketDstPort
}
STATUS current
DESCRIPTION
"This notification is generated immediately when the first
packet of the matched IPv6 flow is captured. Other packets
of the matched flow won't be captured.
"
::= { hh3cPfilterTrapPrefix 4 }
hh3cAclFirstEthernetPktCaptured NOTIFICATION-TYPE
OBJECTS
{
hh3cPfilter2ApplyAclIndex,
hh3cPfilter2AclRuleIndex,
hh3cAclPacketIfName,
hh3cAclPacketDirection,
hh3cAclPacketBAGG,
hh3cAclPacketVlanID,
hh3cAclPacketSrcMacAddr,
hh3cAclPacketDstMacAddr,
hh3cAclPacketMacTypeLen,
hh3cAclPacketVlanPCP
}
STATUS current
DESCRIPTION
"This notification is generated immediately when the first
packet of the matched Ethernet flow is captured. Other packets
of the matched flow won't be captured.
"
::= { hh3cPfilterTrapPrefix 5 }
--
-- Nodes of hh3cAclTrapObjects
--
hh3cAclTrapObjects OBJECT IDENTIFIER ::= { hh3cAcl 6 }
hh3cAclResourceTypeName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(1..255))
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The name of TCAM resources."
::= { hh3cAclTrapObjects 1 }
hh3cAclResourceUsage OBJECT-TYPE
SYNTAX Integer32 (1..100)
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The current usage of TCAM resources."
::= { hh3cAclTrapObjects 2 }
hh3cAclResourceUsedEntries OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The used number of entries on TCAM."
::= { hh3cAclTrapObjects 3 }
hh3cAclResourceTotalEntries OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The total number of entries on TCAM."
::= { hh3cAclTrapObjects 4 }
hh3cAclResourceChassisID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The chassis number. On a centralized or distributed device,
the value for this node is always zero."
::= { hh3cAclTrapObjects 5 }
hh3cAclResourceSlotID OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The slot number. On a centralized device, the value for
this node is always zero."
::= { hh3cAclTrapObjects 6 }
--
-- Nodes of hh3cAclResourceTrap
--
hh3cAclTrap OBJECT IDENTIFIER ::= { hh3cAcl 7 }
hh3cAclTrapPrefix OBJECT IDENTIFIER ::= { hh3cAclTrap 0 }
hh3cAclResourceTrap NOTIFICATION-TYPE
OBJECTS
{
hh3cAclResourceTypeName,
hh3cAclResourceUsage,
hh3cAclResourceUsedEntries,
hh3cAclResourceTotalEntries,
hh3cAclMib2ResourceThreshold,
hh3cAclResourceChassisID,
hh3cAclResourceSlotID
}
STATUS current
DESCRIPTION
"This notification is generated when the number of entries on TCAM
becomes equal to or greater than a preset threshold level"
::= { hh3cAclTrapPrefix 1 }
END