david/mibs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
David Leutgeb
2023-12-05 12:25:34 +01:00
commit 98a672123c
4378 changed files with 8817503 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

958
MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB Normal file
View File

@ -0,0 +1,958 @@
-- This file was included in WWP MIB release 04-16-00-0047
--
-- CIENA-CES-ACCESS-LIST-MIB
--
CIENA-CES-ACCESS-LIST-MIB DEFINITIONS ::= BEGIN
IMPORTS
Integer32, Unsigned32, Counter64, OBJECT-TYPE, MODULE-IDENTITY
FROM SNMPv2-SMI
DisplayString, MacAddress, TruthValue, TEXTUAL-CONVENTION
FROM SNMPv2-TC
cienaCesConfig
FROM CIENA-SMI
CienaGlobalState
FROM CIENA-TC
InetAddressType, InetAddress, InetAddressPrefixLength, InetPortNumber
FROM INET-ADDRESS-MIB;
cienaCesAccessListMIB MODULE-IDENTITY
LAST-UPDATED "201504020000Z"
ORGANIZATION "Ciena, Inc"
CONTACT-INFO
"Mib Meister
115 North Sullivan Road
Spokane Valley, WA 99037
USA
Phone: +1 509 242 9000
Email: support@ciena.com"
DESCRIPTION
"This MIB module defines objects that describe Hardware
ACLs (Access Control Lists).
The MIB describes different objects that enable the
network administrator to remotely view ACL profile/rule,
configuration in addition to monitoring ACL rule statistics."
REVISION "201504020000Z"
DESCRIPTION
"The initial version of this MIB module."
::= { cienaCesConfig 35 }
--
-- Node definitions
--
cienaCesAccessListMIBObjects OBJECT IDENTIFIER ::= { cienaCesAccessListMIB 1 }
cienaCesAclConfiguration OBJECT IDENTIFIER ::= { cienaCesAccessListMIBObjects 1 }
cienaCesAclStatistics OBJECT IDENTIFIER ::= { cienaCesAccessListMIBObjects 2 }
cienaCesAccessListMIBConformance OBJECT IDENTIFIER ::= { cienaCesAccessListMIB 2 }
cienaCesAccessListMIBCompliances OBJECT IDENTIFIER ::= { cienaCesAccessListMIBConformance 1 }
cienaCesAccessListMIBGroups OBJECT IDENTIFIER ::= { cienaCesAccessListMIBConformance 2 }
--
-- Textual Conventions
--
AclFilterAction ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the filter action applied by an ACL rule."
SYNTAX INTEGER
{
allow(1),
deny(2)
}
AclTrafficDirection ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the traffic direction to which
an ACL profile is applied."
SYNTAX INTEGER
{
ingress(1),
egress(2)
}
AclIpFragmentMatchType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the type of IP fragment filtering
to be done as part of an ACL rule."
SYNTAX INTEGER
{
any(1),
isfragment(2),
notfragment(3)
}
AclL4PortMatchType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the type of match to perform on
an L4 src/dst port filter term."
SYNTAX INTEGER
{
any(1),
single(2),
range(3)
}
AclInterfaceType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the type of interface to which
an ACL profile is attached."
SYNTAX INTEGER
{
port(1),
vlan(2),
virtualswitch(3),
ipinterface(4),
remoteinterface(5),
localinterface(6)
}
AclL4DstProtocol ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "An enumeration value to indicate the L4 destination protocol
specified as part of an ACL rule filter term."
SYNTAX INTEGER
{
any(1),
bgp(2),
bootpclient(3),
bootpserver(4),
dhcpclient(5),
dhcpserver(6),
dhcpv6client(7),
dhcpv6server(8),
dns(9),
ftp(10),
http(11),
ldp(12),
ntp(13),
olsr(14),
rip(15),
rpc(16),
snmp(17),
snmptrap(18),
ssh(19),
syslog(20),
tacacs(21),
telnet(22),
tftp(23),
twampctrl(24)
}
--
-- ACL Global Config Objects
--
cienaCesAclGlobalConfig OBJECT IDENTIFIER ::= { cienaCesAclConfiguration 1 }
cienaCesAclAdminStatus OBJECT-TYPE
SYNTAX CienaGlobalState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether the ACL feature is globally enabled or disabled."
::= { cienaCesAclGlobalConfig 1 }
cienaCesAclFilterMode OBJECT-TYPE
SYNTAX INTEGER
{
l2l3combo(1),
l3only(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates which global ACL device mode is currently in use."
::= { cienaCesAclGlobalConfig 2 }
cienaCesAclNumAclProfileDefs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the total number of configured ACL profile definitions on the device."
::= { cienaCesAclGlobalConfig 3 }
cienaCesAclRemainingAclProfileDefs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the number of remaining ACL profile definitions that can be configured on the device."
::= { cienaCesAclGlobalConfig 4 }
cienaCesAclNumAclRuleDefs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the total number of configured ACL rule definitions on the device."
::= { cienaCesAclGlobalConfig 5 }
cienaCesAclRemainingAclRuleDefs OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the number of remaining ACL rule definitions that can be configured on the device."
::= { cienaCesAclGlobalConfig 6 }
--
-- ACL Profile Config Table
--
cienaCesAclProfileConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF CienaCesAclProfileConfigTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of ACL profiles configured on the device. Each
entry contains the ACL profile configuration data."
::= { cienaCesAclConfiguration 2 }
cienaCesAclProfileConfigTableEntry OBJECT-TYPE
SYNTAX CienaCesAclProfileConfigTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the ACL profile configuration data."
INDEX { cienaCesAclProfileId }
::= { cienaCesAclProfileConfigTable 1 }
CienaCesAclProfileConfigTableEntry ::= SEQUENCE {
cienaCesAclProfileId Integer32,
cienaCesAclProfileName DisplayString,
cienaCesAclProfileAdminState CienaGlobalState,
cienaCesAclProfileOperState CienaGlobalState,
cienaCesAclProfileDefaultFilterAction AclFilterAction,
cienaCesAclProfileNumRules Integer32,
cienaCesAclProfileAttachedInterfaces Unsigned32
}
cienaCesAclProfileId OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The unique identifier of this ACL profile."
::= { cienaCesAclProfileConfigTableEntry 1 }
cienaCesAclProfileName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The unique name of this ACL profile."
::= { cienaCesAclProfileConfigTableEntry 2 }
cienaCesAclProfileAdminState OBJECT-TYPE
SYNTAX CienaGlobalState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The configured administrative State of the ACL profile."
::= { cienaCesAclProfileConfigTableEntry 3 }
cienaCesAclProfileOperState OBJECT-TYPE
SYNTAX CienaGlobalState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Operational State of the ACL profile.
A profile is operationally enabled if it is administratively enabled
and attached to at least one interface. It is otherwise disabled.
Note that the ACL feature must also be globally enabled for
any profile to be operationally enabled."
::= { cienaCesAclProfileConfigTableEntry 4 }
cienaCesAclProfileDefaultFilterAction OBJECT-TYPE
SYNTAX AclFilterAction
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The configured default filter action for this ACL profile."
::= { cienaCesAclProfileConfigTableEntry 5 }
cienaCesAclProfileNumRules OBJECT-TYPE
SYNTAX Integer32 (1..256)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of ACL rules configured in this profile. There will always
be at least one rule defined in each profile - the default rule."
::= { cienaCesAclProfileConfigTableEntry 6 }
cienaCesAclProfileAttachedInterfaces OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of interfaces to which this profile is attached."
::= { cienaCesAclProfileConfigTableEntry 7 }
--
-- ACL Rule Config Table
--
cienaCesAclRuleConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF CienaCesAclRuleConfigTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of ACL rules configured on the device. Each
entry contains the ACL rule configuration data."
::= { cienaCesAclConfiguration 3 }
cienaCesAclRuleConfigTableEntry OBJECT-TYPE
SYNTAX CienaCesAclRuleConfigTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the ACL rule configuration data."
INDEX { cienaCesAclProfileId,
cienaCesAclRulePrecedence
}
::= { cienaCesAclRuleConfigTable 1 }
CienaCesAclRuleConfigTableEntry ::= SEQUENCE {
cienaCesAclRulePrecedence Unsigned32,
cienaCesAclRuleName DisplayString,
cienaCesAclRuleFilterAction AclFilterAction,
cienaCesAclRuleMatchAny TruthValue,
cienaCesAclRuleMatchSrcMacAddr TruthValue,
cienaCesAclRuleSrcMacAddr MacAddress,
cienaCesAclRuleSrcMacAddrMask MacAddress,
cienaCesAclRuleMatchDstMacAddr TruthValue,
cienaCesAclRuleDstMacAddr MacAddress,
cienaCesAclRuleDstMacAddrMask MacAddress,
cienaCesAclRuleMatchOuterVid TruthValue,
cienaCesAclRuleOuterVid Unsigned32,
cienaCesAclRuleOuterVidMask Unsigned32,
cienaCesAclRuleMatchOuterPcp TruthValue,
cienaCesAclRuleOuterPcp Unsigned32,
cienaCesAclRuleOuterPcpMask Unsigned32,
cienaCesAclRuleMatchOuterDei TruthValue,
cienaCesAclRuleOuterDei Unsigned32,
cienaCesAclRuleMatchBaseEtype TruthValue,
cienaCesAclRuleBaseEtype Unsigned32,
cienaCesAclRuleMatchSrcIpAddr TruthValue,
cienaCesAclRuleSrcIpAddrType InetAddressType,
cienaCesAclRuleSrcIpAddr InetAddress,
cienaCesAclRuleSrcIpAddrPrefixLength InetAddressPrefixLength,
cienaCesAclRuleMatchDstIpAddr TruthValue,
cienaCesAclRuleDstIpAddrType InetAddressType,
cienaCesAclRuleDstIpAddr InetAddress,
cienaCesAclRuleDstIpAddrPrefixLength InetAddressPrefixLength,
cienaCesAclRuleMatchIpProtocol TruthValue,
cienaCesAclRuleIpProtocol Unsigned32,
cienaCesAclRuleMatchDscp TruthValue,
cienaCesAclRuleDscp Unsigned32,
cienaCesAclRuleDscpMask Unsigned32,
cienaCesAclRuleMatchL4SrcPort AclL4PortMatchType,
cienaCesAclRuleL4SrcPort InetPortNumber,
cienaCesAclRuleL4SrcPortUpper InetPortNumber,
cienaCesAclRuleMatchL4DstPort AclL4PortMatchType,
cienaCesAclRuleL4DstPort InetPortNumber,
cienaCesAclRuleL4DstPortUpper InetPortNumber,
cienaCesAclRuleMatchL4DstProtocol AclL4DstProtocol,
cienaCesAclRuleMatchIpFragment AclIpFragmentMatchType,
cienaCesAclRuleMatchTcpFlags TruthValue,
cienaCesAclRuleTcpFlags DisplayString
}
cienaCesAclRulePrecedence OBJECT-TYPE
SYNTAX Unsigned32 (0..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The unique precedence value (within the profile) of this ACL rule."
::= { cienaCesAclRuleConfigTableEntry 1 }
cienaCesAclRuleName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The unique name (within the profile) of this ACL rule."
::= { cienaCesAclRuleConfigTableEntry 2 }
cienaCesAclRuleFilterAction OBJECT-TYPE
SYNTAX AclFilterAction
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The configured filter action for this ACL rule."
::= { cienaCesAclRuleConfigTableEntry 3 }
cienaCesAclRuleMatchAny OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches any traffic, False otherwise.
Matching on any traffic automatically disregards all the remaining fields."
::= { cienaCesAclRuleConfigTableEntry 4 }
cienaCesAclRuleMatchSrcMacAddr OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the source MAC address, False otherwise.
When True, the cienaCesAclRuleSrcMacAddr and cienaCesAclRuleSrcMacAddrMask fields
will contain the source MAC address and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 5 }
cienaCesAclRuleSrcMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the source MAC address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchSrcMacAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 6 }
cienaCesAclRuleSrcMacAddrMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the source MAC address mask that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchSrcMacAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 7 }
cienaCesAclRuleMatchDstMacAddr OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the destination MAC address, False otherwise.
When True, the cienaCesAclRuleDstMacAddr and cienaCesAclRuleDstMacAddrMask fields
will contain the destination MAC address and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 8 }
cienaCesAclRuleDstMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the destination MAC address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDstMacAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 9 }
cienaCesAclRuleDstMacAddrMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the destination MAC address mask that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDstMacAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 10 }
cienaCesAclRuleMatchOuterVid OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the outer VID, False otherwise.
When True, the cienaCesAclRuleOuterVid and cienaCesAclRuleOuterVidMask fields
will contain the outer VID value and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 11 }
cienaCesAclRuleOuterVid OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer VID that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchOuterVid field is set to False."
::= { cienaCesAclRuleConfigTableEntry 12 }
cienaCesAclRuleOuterVidMask OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer VID mask that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchOuterVid field is set to False."
::= { cienaCesAclRuleConfigTableEntry 13 }
cienaCesAclRuleMatchOuterPcp OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the outer PCP, False otherwise.
When True, the cienaCesAclRuleOuterPcp and cienaCesAclRuleOuterPcpMask fields
will contain the outer PCP value and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 14 }
cienaCesAclRuleOuterPcp OBJECT-TYPE
SYNTAX Unsigned32 (0..7)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer PCP that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchOuterPcp field is set to False."
::= { cienaCesAclRuleConfigTableEntry 15 }
cienaCesAclRuleOuterPcpMask OBJECT-TYPE
SYNTAX Unsigned32 (0..7)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer PCP mask that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchOuterPcp field is set to False."
::= { cienaCesAclRuleConfigTableEntry 16 }
cienaCesAclRuleMatchOuterDei OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the outer DEI bit, False otherwise.
When True, the cienaCesAclRuleOuterDei field
will contain the outer DEI value that is to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 17 }
cienaCesAclRuleOuterDei OBJECT-TYPE
SYNTAX Unsigned32 (0..1)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer DEI bit that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchOuterDei field is set to False."
::= { cienaCesAclRuleConfigTableEntry 18 }
cienaCesAclRuleMatchBaseEtype OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the base ethertype, False otherwise.
When True, the cienaCesAclRuleBaseEtype field
will contain the base ethertype value that is to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 19 }
cienaCesAclRuleBaseEtype OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the base ethertype that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchBaseEtype field is set to False."
::= { cienaCesAclRuleConfigTableEntry 20 }
cienaCesAclRuleMatchSrcIpAddr OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the source IP address, False otherwise.
When True, the cienaCesAclRuleSrcIpAddrType field will contain the
IP address type (IPv4 or IPv6) and the cienaCesAclRuleSrcIpAddr and
cienaCesAclRuleSrcIpAddrPrefixLength fields will contain the IP address
value and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 21 }
cienaCesAclRuleSrcIpAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the address family of the source IP address (IPv4/IPv6). This field is
not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False"
::= { cienaCesAclRuleConfigTableEntry 22 }
cienaCesAclRuleSrcIpAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the source IP address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 23 }
cienaCesAclRuleSrcIpAddrPrefixLength OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the prefix length of the source IP address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 24 }
cienaCesAclRuleMatchDstIpAddr OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the destination IP address, False otherwise.
When True, the cienaCesAclRuleDstIpAddrType field will contain the
IP address type (IPv4 or IPv6) and the cienaCesAclRuleDstIpAddr and
cienaCesAclRuleDstIpAddrPrefixLength fields will contain the IP address
value and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 25 }
cienaCesAclRuleDstIpAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the address family of the destination IP address (IPv4/IPv6).
This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False"
::= { cienaCesAclRuleConfigTableEntry 26 }
cienaCesAclRuleDstIpAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the destination IP address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 27 }
cienaCesAclRuleDstIpAddrPrefixLength OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the prefix length of the destination IP address that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False."
::= { cienaCesAclRuleConfigTableEntry 28 }
cienaCesAclRuleMatchIpProtocol OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the IP protocol, False otherwise.
When True, the cienaCesAclRuleIpProtocol field
will contain the IP protocol value that is to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 29 }
cienaCesAclRuleIpProtocol OBJECT-TYPE
SYNTAX Unsigned32 (0..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the IP protocol value that is to be matched by this rule. This field is
not applicable when the cienaCesAclRuleMatchIpProtocol field is set to False."
::= { cienaCesAclRuleConfigTableEntry 30 }
cienaCesAclRuleMatchDscp OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on the DSCP value, False otherwise.
When True, the cienaCesAclRuleDscp and cienaCesAclRuleDscpMask fields
will contain the DSCP value and mask that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 31 }
cienaCesAclRuleDscp OBJECT-TYPE
SYNTAX Unsigned32 (0..63)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the DSCP value that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDscp field is set to False."
::= { cienaCesAclRuleConfigTableEntry 32 }
cienaCesAclRuleDscpMask OBJECT-TYPE
SYNTAX Unsigned32 (0..63)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the outer DSCP mask that is to be matched by this rule.
This field is not applicable when the cienaCesAclRuleMatchDscp field is set to False."
::= { cienaCesAclRuleConfigTableEntry 33 }
cienaCesAclRuleMatchL4SrcPort OBJECT-TYPE
SYNTAX AclL4PortMatchType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the type of L4 source port matching that the ACL rule is performing.
A value of 'any' indicates that the rule matches any L4 source port.
A value of 'single' indicates that the rules matches on a single L4 source port
specified in the cienaCesAclRuleL4SrcPort field. A value of 'range' indicates that
the rule matches on a range of ports, with the cienaCesAclRuleL4SrcPort field specifiying
the lower bound and the cienaCesAclRuleL4SrcPortUpper specifying the upper bound of the range."
::= { cienaCesAclRuleConfigTableEntry 34 }
cienaCesAclRuleL4SrcPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the lower bound or single L4 source port value that is to be matched by this rule
depending on the value of cienaCesAclRuleMatchL4SrcPort.
This field is not applicable when the cienaCesAclRuleMatchL4SrcPort field is set to 'any'."
::= { cienaCesAclRuleConfigTableEntry 35 }
cienaCesAclRuleL4SrcPortUpper OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the upper bound of the L4 source port range that is to be matched by this rule
depending on the value of cienaCesAclRuleMatchL4SrcPort.
This field is not applicable when the cienaCesAclRuleMatchL4SrcPort field is set to 'any' or 'single'."
::= { cienaCesAclRuleConfigTableEntry 36 }
cienaCesAclRuleMatchL4DstPort OBJECT-TYPE
SYNTAX AclL4PortMatchType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the type of L4 destination port matching that the ACL rule is performing.
A value of 'any' indicates that the rule matches any L4 destination port.
A value of 'single' indicates that the rules matches on a single L4 destination port
specified in the cienaCesAclRuleL4SrcPort field. A value of 'range' indicates that
the rule matches on a range of ports, with the cienaCesAclRuleL4DstPort field specifiying
the lower bound and the cienaCesAclRuleL4DstPortUpper specifying the upper bound of the range."
::= { cienaCesAclRuleConfigTableEntry 37 }
cienaCesAclRuleL4DstPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the lower bound or single L4 destination port value that is to be matched by this rule
depending on the value of cienaCesAclRuleMatchL4DstPort.
This field is not applicable when the cienaCesAclRuleMatchL4DstPort field is set to 'any'."
::= { cienaCesAclRuleConfigTableEntry 38 }
cienaCesAclRuleL4DstPortUpper OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the upper bound of the L4 destination port range that is to be matched by this rule
depending on the value of cienaCesAclRuleMatchL4DstPort.
This field is not applicable when the cienaCesAclRuleMatchL4DstPort field is set to 'any' or 'single'."
::= { cienaCesAclRuleConfigTableEntry 39 }
cienaCesAclRuleMatchL4DstProtocol OBJECT-TYPE
SYNTAX AclL4DstProtocol
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the L4 destination protocol name that is to be matched by this rule.
A value of 'any' indicates that the rule will match any protocol. Note that
this field is mutually exclusive with cienaCesAclRuleMatchL4DstPort - i.e. only
one of these fields can have a value different from 'any' at a given time."
::= { cienaCesAclRuleConfigTableEntry 40 }
cienaCesAclRuleMatchIpFragment OBJECT-TYPE
SYNTAX AclIpFragmentMatchType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the type of IP fragment matching that is to be matched by this rule.
A value of 'any' indicates that the rule will match both fragmented and non-fragmented
packets. A value of 'fragment' indicates that the rule will match only fragmented packets.
A value of 'nonfragment' indicates that the rule will match only non-fragmented (head) packets."
::= { cienaCesAclRuleConfigTableEntry 41 }
cienaCesAclRuleMatchTcpFlags OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"True if the ACL rule matches on specific TCP Flags, False otherwise.
When True, the cienaCesAclRuleTcpFlags field will contain the TCP Flags
that are to be matched by this rule."
::= { cienaCesAclRuleConfigTableEntry 42 }
cienaCesAclRuleTcpFlags OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains a comma-separated uppercase string list of TCP Flags
that are to be matched by this rule, i.e. 'SYN,ACK,RST,...'.
This field is not applicable when the cienaCesAclRuleMatchTcpFlags
field is set to False."
::= { cienaCesAclRuleConfigTableEntry 43 }
--
-- ACL Profile Attachment Table
--
cienaCesAclProfileAttachmentTable OBJECT-TYPE
SYNTAX SEQUENCE OF CienaCesAclProfileAttachmentTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table showing the interface attachments for each
profile on the device. Each entry contains the name of
the interface and the traffic direction on which the profile is applied."
::= { cienaCesAclConfiguration 4 }
cienaCesAclProfileAttachmentTableEntry OBJECT-TYPE
SYNTAX CienaCesAclProfileAttachmentTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the ACL profile attachment data."
INDEX { cienaCesAclProfileId,
cienaCesAclInterfaceType,
cienaCesAclInterfaceId
}
::= { cienaCesAclProfileAttachmentTable 1 }
CienaCesAclProfileAttachmentTableEntry ::= SEQUENCE {
cienaCesAclInterfaceType AclInterfaceType,
cienaCesAclInterfaceId Integer32,
cienaCesAclInterfaceName DisplayString,
cienaCesAclDirection AclTrafficDirection
}
cienaCesAclInterfaceType OBJECT-TYPE
SYNTAX AclInterfaceType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of the interface to which this ACL profile is attached."
::= { cienaCesAclProfileAttachmentTableEntry 1 }
cienaCesAclInterfaceId OBJECT-TYPE
SYNTAX Integer32 (1..1048576)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ID of the interface to which this ACL profile is attached."
::= { cienaCesAclProfileAttachmentTableEntry 2 }
cienaCesAclInterfaceName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the interface to which this ACL profile is attached."
::= { cienaCesAclProfileAttachmentTableEntry 3 }
cienaCesAclDirection OBJECT-TYPE
SYNTAX AclTrafficDirection
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The interface's traffic direction (ingress/egress) on which the ACL profile is applied."
::= { cienaCesAclProfileAttachmentTableEntry 4 }
--
-- ACL Profile Global Rule Stats Table
--
cienaCesAclProfileGlobalRuleStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF CienaCesAclProfileGlobalRuleStatsTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of global ACL profile rule statistics. Global ACL profile rule statistics
are the aggregate counts of the hit statistics for all instances of the ACL profile's rules."
::= { cienaCesAclStatistics 1 }
cienaCesAclProfileGlobalRuleStatsTableEntry OBJECT-TYPE
SYNTAX CienaCesAclProfileGlobalRuleStatsTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the ACL profile global rule hit statistics."
INDEX { cienaCesAclProfileId,
cienaCesAclRulePrecedence
}
::= { cienaCesAclProfileGlobalRuleStatsTable 1 }
CienaCesAclProfileGlobalRuleStatsTableEntry ::= SEQUENCE {
cienaCesAclGlobalRuleStatsPacketCount Counter64,
cienaCesAclGlobalRuleStatsByteCount Counter64
}
cienaCesAclGlobalRuleStatsPacketCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets that matched this ACL rule."
::= { cienaCesAclProfileGlobalRuleStatsTableEntry 1 }
cienaCesAclGlobalRuleStatsByteCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes that matched this ACL rule."
::= { cienaCesAclProfileGlobalRuleStatsTableEntry 2 }
--
-- ACL Profile Rule Instance Stats Table
--
cienaCesAclProfileRuleInstanceStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF CienaCesAclProfileRuleInstanceStatsTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of ACL profile rule instance statistics. These ACL rule hit statistics are
specific to the rules applied on the particular interface."
::= { cienaCesAclStatistics 2 }
cienaCesAclProfileRuleInstanceStatsTableEntry OBJECT-TYPE
SYNTAX CienaCesAclProfileRuleInstanceStatsTableEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the ACL profile rule instance hit statistics."
INDEX { cienaCesAclProfileId,
cienaCesAclInterfaceType,
cienaCesAclInterfaceId,
cienaCesAclRulePrecedence
}
::= { cienaCesAclProfileRuleInstanceStatsTable 1 }
CienaCesAclProfileRuleInstanceStatsTableEntry ::= SEQUENCE {
cienaCesAclRuleInstanceStatsPacketCount Counter64,
cienaCesAclRuleInstanceStatsByteCount Counter64
}
cienaCesAclRuleInstanceStatsPacketCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets that matched this ACL rule instance."
::= { cienaCesAclProfileRuleInstanceStatsTableEntry 1 }
cienaCesAclRuleInstanceStatsByteCount OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes that matched this ACL rule instance."
::= { cienaCesAclProfileRuleInstanceStatsTableEntry 2 }
END