-- ==================================================================== -- Copyright (C) 2017 by HUAWEI TECHNOLOGIES. All rights reserved. -- -- Description: Huawei Acl MIB Definition -- Reference: Huawei Enterprise MIB -- Version: V2.20 -- History: -- Version: V2.0 -- Wang Ning,2002-11-29,Reunification version based on the Fix-Net MIBs -- baseline by the MIB Standard community. -- Version: V2.1 -- Yang Hongjie,2003-04-11,Reunification version based on V2.0. -- Version: V2.2 -- Yang Yuhui,2004-05-17,Reunification version based on V2.1. -- Version: V2.3 -- Xu xinjun, 2009-04-13. -- 1, Add five new rule tables based on V2.2. -- hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, -- hwAclIpv6AdvanceRuleTable, hwAclIpv6NumGroupTable, -- hwAclIpv6IfRuleTable. -- 2, Change Name-ACL range from [42768..45767] to [42768..59151] -- Version: V2.04 -- wen shuangquan, 2014-01-17. -- 1, Add two new rule nodes based on V2.0.3 -- hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew. -- Version: V2.05 -- wang chengyuan, 2014-03-25. -- 1, Add acl resource trap table based on V2.0.4 -- Version: V2.06 -- zhang liang, 2014-04-09. -- 1, Add acl resource trap table based on V2.0.5 -- Version: V2.07 -- zhengfeng, 2014-06-20. -- 1, Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd based on V2.0.6 -- Version: V2.08 -- zhang liang, 2014-08-05. -- 1, Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length on V2.0.7 -- Version: V2.09 -- chenyang, 2014-10-28. -- 1, Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable, based on V2.0.8 -- chenyang, 2015-02-07. -- 1, Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable, based on V2.0.9 -- Version: V2.11 -- suxunjin, 2015-2-27. -- 1, Add hwAclUserDestDomainName in hwAclUserRuleTable, Add hwAclDomainNameConfigTable based on V2.10 -- Version: V2.12 -- chenyang, 2015-11-27. -- 1, Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable, based on V2.11 -- 2, Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable, based on V2.11 -- Version: V2.13 -- mengfanlu, 2015-12-17. -- 1, Add hwAclIfDescription in hwAclIfRuleTable, based on V2.12 -- Version: V2.14 -- chenyang, 2016-02-24. -- 1, Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable, based on V2.13 -- 2, Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable, based on V2.13 -- Version: V2.15 -- chenyang, 2016-05-6. -- 1, Add hwAclBasicVrfAny in hwAclBasicRuleTable, based on V2.14 -- 2, Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable, based on V2.14 -- 3, Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable, based on V2.14 -- 4, Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable, based on V2.14 -- Version: V2.16 -- qihui, 2016-08-26. -- 1, hwAclIpv6NumGroupAclType, add key interface(3), based on V2.15 -- Version: V2.17 -- fuzhichao, 2016-12-26. -- 1, Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable, based on V2.16 -- 2, Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable, based on V2.16 -- 3, Add hwAclIPPool6Table, based on V2.16 -- Version: V2.18 -- fuzhichao, 2017-6-6. -- 1, Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable, based on V2.17 -- Version: V2.19 -- qiujindou, 2017-7-3. -- 1, Amend some English descriptions, based on V2.18 -- ======================================================================== HUAWEI-ACL-MIB DEFINITIONS ::= BEGIN IMPORTS huaweiMgmt FROM HUAWEI-MIB OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP FROM SNMPv2-CONF IpAddress, Integer32, Unsigned32, Gauge32, Counter32, OBJECT-TYPE, Counter64, MODULE-IDENTITY, NOTIFICATION-TYPE FROM SNMPv2-SMI RowStatus, TruthValue, MacAddress FROM SNMPv2-TC EnabledStatus FROM P-BRIDGE-MIB Ipv6Address FROM IPV6-TC; hwAcl MODULE-IDENTITY LAST-UPDATED "201708171200Z" -- Aug 17, 2017 at 15:00 GMT ORGANIZATION "Huawei Technologies Co.,Ltd." CONTACT-INFO "Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com Email: support@huawei.com" DESCRIPTION "The HUAWEI-ACL-MIB contains objects to configure ACL module, including ACL group, rule and acl accelerate, and query the current ACL configuration and status. This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable, hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable, hwAclCompileEnableFlag, hwAclCompileNumGroupTable, hwAclIpv6NumGroupTable and acl trap. To filter data packets, a series of rules need to be configured on the device. These rules are defined by ACL (Access Control List), which are a series of sequential rules consisting of rule permit or deny statements. The rules are described by source address, destination address and port number of data packets. ACL classifies data packets through these device interface applied rules, by which the device decides which packets can be received and which should be rejected." REVISION "201708171200Z" DESCRIPTION "modify description of hwAclNumGroupTable and hwAclIpv6NumGroupTable" REVISION "201707031200Z" DESCRIPTION "Amend some English descriptions" REVISION "201706061200Z" DESCRIPTION "Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable" REVISION "201612261200Z" DESCRIPTION "Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable. Add hwAclIPPool6Table." REVISION "201605061200Z" DESCRIPTION "Add hwAclBasicVrfAny in hwAclBasicRuleTable Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable. Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable. Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable." REVISION "201602241200Z" DESCRIPTION "Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable. Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable." REVISION "201512172100Z" DESCRIPTION "Add hwAclIfDescription in hwAclIfRuleTable." REVISION "201511272100Z" DESCRIPTION "Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable. Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable." REVISION "201502272100Z" DESCRIPTION "Add hwAclUserDestDomainName in hwAclUserRuleTable, and Add hwAclDomainNameConfigTable." REVISION "201502072100Z" DESCRIPTION "Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable." REVISION "201410282100Z" DESCRIPTION "Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable." REVISION "201406200948Z" DESCRIPTION "Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd in hwAclAdvancedRuleTable." REVISION "201404090948Z" DESCRIPTION "Add hwAclUserSrcUserGroupNum, hwAclUserDstUserGroupNum in hwAclUserRuleTable." REVISION "201403260926Z" DESCRIPTION "Add hwAclResourceTrapsTable." REVISION "201401171338Z" DESCRIPTION "Add hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew in hwAclAdvancedRuleTable." REVISION "201311282100Z" DESCRIPTION "Change the range of hwAclNumGroupAclNum in hwAclNumGroupTable, hwAclBasicAclNum in hwAclBasicRuleTable, hwAclAdvancedAclNum in hwAclAdvancedRuleTable, hwAclIfAclNum in hwAclIfRuleTable, hwAclUserAclNum in hwAclUserRuleTable, hwAclIpv6BasicAclNum in hwAclIpv6BasicRuleTable, hwAclIpv6AdvancedAclNum in hwAclIpv6AdvancedRuleTable, hwAclEthernetFrameAclNum in hwAclEthernetFrameRuleTable, hwAclIpv6NumGroupAclNum ihwAclAdvancedSubitemn hwAclIpv6NumGroupTable, hwAclIpv6IfAclNum in hwAclIpv6IfRuleTable, hwAclMplsAclNum in hwAclMplsRuleTable." REVISION "201310281900Z" DESCRIPTION "Add hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName in hwAclAdvancedRuleTable" REVISION "201309050000Z" DESCRIPTION "Add hwAclIpv6BasicSrcMask in hwAclIpv6BasicRuleTable; Add hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask in hwAclIpv6AdvancedRuleTable" REVISION "201408051606Z" DESCRIPTION "Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length" REVISION "201608260000Z" DESCRIPTION " hwAclIpv6NumGroupAclType, add key interface(3) " ::= { huaweiMgmt 1 } -- -- Node definitions -- -- 1.3.6.1.4.1.2011.5.1.1 hwAclMibObjects OBJECT IDENTIFIER ::= { hwAcl 1 } -- 1.3.6.1.4.1.2011.5.1.1.2 hwAclNumGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description." ::= { hwAclMibObjects 2 } -- 1.3.6.1.4.1.2011.5.1.1.2.1 hwAclNumGroupEntry OBJECT-TYPE SYNTAX HwAclNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing characters of an acl group " INDEX { hwAclNumGroupAclNum } ::= { hwAclNumGroupTable 1 } HwAclNumGroupEntry ::= SEQUENCE { hwAclNumGroupAclNum Integer32, hwAclNumGroupMatchOrder INTEGER, hwAclNumGroupSubitemNum Counter32, hwAclNumGroupStep Integer32, hwAclNumGroupDescription OCTET STRING, hwAclNumGroupCountClear INTEGER, hwAclNumGroupRowStatus RowStatus, hwAclNumGroupAclName OCTET STRING, hwAclNumGroupAclType INTEGER } -- 1.3.6.1.4.1.2011.5.1.1.2.1.1 hwAclNumGroupAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of acl group, identifying an ACL. The object specifies the range of an ACL number. The basic ACL is represented by the number in the range 2000 through 2999. The advanced ACL is represented by the number in the range 3000 through 3999. The interface-based ACL is represented by the number in the range 1000 to 1999. The User Defined ACL is represented by the number in the range 5000 through 5999. The User ACL is represented by the number in the range 6000 through 9999. The Mpls ACL is represented by the number in the range 10000 through 10999. The name ACL is represented by the number in the range 42768 through 76535." ::= { hwAclNumGroupEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.2 hwAclNumGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL rules are matched following the 'Depth-first' principle." DEFVAL { config } ::= { hwAclNumGroupEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.3 hwAclNumGroupSubitemNum OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of the rules in the acl group." ::= { hwAclNumGroupEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.4 hwAclNumGroupStep OBJECT-TYPE SYNTAX Integer32 (1..20) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the step value of number acl. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The ACL IDs change along with the step. When the step is 5, the ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on." ::= { hwAclNumGroupEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.5 hwAclNumGroupDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the description of a rule group. The description length cannot exceed 127 characters." ::= { hwAclNumGroupEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.6 hwAclNumGroupCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), notUsed(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies whether to clear up the count of rule groups. The value can be: cleared(1) notUsed(2) This field is effective only when you perform the Set operation to this object." ::= { hwAclNumGroupEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.7 hwAclNumGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three value:CreateAndGo,Active,Destroy." ::= { hwAclNumGroupEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.8 hwAclNumGroupAclName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the name of an acl group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character." ::= { hwAclNumGroupEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.2.1.9 hwAclNumGroupAclType OBJECT-TYPE SYNTAX INTEGER { basic(1), advanced(2), link(3), user(4), interface(5), mpls(6), mac(7), ucl(8) } MAX-ACCESS read-only STATUS current DESCRIPTION "The type of ACL group." ::= { hwAclNumGroupEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.4 hwAclBasicRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclBasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for basic acl group." ::= { hwAclMibObjects 4 } -- 1.3.6.1.4.1.2011.5.1.1.4.1 hwAclBasicRuleEntry OBJECT-TYPE SYNTAX HwAclBasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a rule of basic acl." INDEX { hwAclBasicAclNum, hwAclBasicSubitem } ::= { hwAclBasicRuleTable 1 } HwAclBasicRuleEntry ::= SEQUENCE { hwAclBasicAclNum Integer32, hwAclBasicSubitem Unsigned32, hwAclBasicAct INTEGER, hwAclBasicSrcIp IpAddress, hwAclBasicSrcWild IpAddress, hwAclBasicTimeRangeIndex Integer32, hwAclBasicFragments INTEGER, hwAclBasicLog TruthValue, hwAclBasicEnable TruthValue, hwAclBasicCount Counter64, hwAclBasicVrfName OCTET STRING, hwAclBasicRowStatus RowStatus, hwAclBasicVrfAny TruthValue, hwAclBasicDescription OCTET STRING } -- 1.3.6.1.4.1.2011.5.1.1.4.1.1 hwAclBasicAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 )." ::= { hwAclBasicRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.2 hwAclBasicSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created." ::= { hwAclBasicRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.3 hwAclBasicAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclBasicRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.4 hwAclBasicSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IP-address of a basic acl rule." ::= { hwAclBasicRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.5 hwAclBasicSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the wildcard mask of the source IP address. The value ranges from 0.0.0.0 to 255.255.255.255." ::= { hwAclBasicRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.6 hwAclBasicTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the index of a time range of an ACL rule. The value ranges from 0 to 256. The value 0 is invalid, indicating that no time range is specified for the rule." ::= { hwAclBasicRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.7 hwAclBasicFragments OBJECT-TYPE SYNTAX INTEGER { fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created." ::= { hwAclBasicRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.8 hwAclBasicLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets." ::= { hwAclBasicRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.9 hwAclBasicEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclBasicRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.10 hwAclBasicCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the rule." ::= { hwAclBasicRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.11 hwAclBasicVrfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates an VPN instance. The length of a VPN instance name cannot exceed 31 characters." ::= { hwAclBasicRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.12 hwAclBasicRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three value:CreateAndGo,Active and Destroy." ::= { hwAclBasicRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.13 hwAclBasicDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this basic rule. The object describes the usage of an ACL with a word or a sentence." ::= { hwAclBasicRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.14 hwAclBasicVrfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any VPN-instance." ::= { hwAclBasicRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.5 hwAclAdvancedRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclAdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for advanced acl group." ::= { hwAclMibObjects 5 } -- 1.3.6.1.4.1.2011.5.1.1.5.1 hwAclAdvancedRuleEntry OBJECT-TYPE SYNTAX HwAclAdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of advanced acl group." INDEX { hwAclAdvancedAclNum, hwAclAdvancedSubitem } ::= { hwAclAdvancedRuleTable 1 } HwAclAdvancedRuleEntry ::= SEQUENCE { hwAclAdvancedAclNum Integer32, hwAclAdvancedSubitem Unsigned32, hwAclAdvancedAct INTEGER, hwAclAdvancedProtocol Integer32, hwAclAdvancedSrcIp IpAddress, hwAclAdvancedSrcWild IpAddress, hwAclAdvancedSrcOp INTEGER, hwAclAdvancedSrcPort1 Integer32, hwAclAdvancedSrcPort2 Integer32, hwAclAdvancedDestIp IpAddress, hwAclAdvancedDestWild IpAddress, hwAclAdvancedDestOp INTEGER, hwAclAdvancedDestPort1 Integer32, hwAclAdvancedDestPort2 Integer32, hwAclAdvancedPrecedence Integer32, hwAclAdvancedTos Integer32, hwAclAdvancedDscp Integer32, hwAclAdvancedEstablish TruthValue, hwAclAdvancedTimeRangeIndex Integer32, hwAclAdvancedIcmpType Integer32, hwAclAdvancedIcmpCode Integer32, hwAclAdvancedFragments INTEGER, hwAclAdvancedLog TruthValue, hwAclAdvancedEnable TruthValue, hwAclAdvancedCount Counter64, hwAclAdvancedVrfName OCTET STRING, hwAclAdvancedRowStatus RowStatus, hwAclAdvancedTcpSyncFlag Integer32, hwAclAdvancedDescription OCTET STRING, hwAclAdvancedSrcPoolName OCTET STRING, hwAclAdvancedDestPoolName OCTET STRING, hwAclAdvancedProtocolNew Integer32, hwAclAdvancedVni Integer32, hwAclAdvancedIgmpType Integer32, hwAclAdvancedTtlOp INTEGER, hwAclAdvancedTtlExpire Integer32, hwAclAdvancedTtlExpireEnd Integer32, hwAclAdvancedPktLenOp INTEGER, hwAclAdvancedPktLenBegin Integer32, hwAclAdvancedPktLenEnd Integer32, hwAclAdvancedTcpFlagMask Integer32, hwAclAdvancedSrcPortPoolName OCTET STRING, hwAclAdvancedDestPortPoolName OCTET STRING, hwAclAdvancedIcmpTypeEnd Integer32, hwAclAdvancedVrfAny TruthValue } -- 1.3.6.1.4.1.2011.5.1.1.5.1.1 hwAclAdvancedAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535)." ::= { hwAclAdvancedRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.2 hwAclAdvancedSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created." ::= { hwAclAdvancedRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.3 hwAclAdvancedAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclAdvancedRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.4 hwAclAdvancedProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the number of the protocol over IP. The value ranges from 0 to 255. The value 0 indicates the IP protocol." ::= { hwAclAdvancedRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.5 hwAclAdvancedSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the source IP address. The value ranges from 0.0.0.0 to 255.255.255.255." ::= { hwAclAdvancedRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.6 hwAclAdvancedSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the wildcard mask of the source IP address. The value ranges from 0.0.0.0 to 255.255.255.255." ::= { hwAclAdvancedRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.7 hwAclAdvancedSrcOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source Port operation symbol of an advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclAdvancedRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.8 hwAclAdvancedSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the end source port number." ::= { hwAclAdvancedRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.9 hwAclAdvancedSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the start source port number." ::= { hwAclAdvancedRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.10 hwAclAdvancedDestIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the destination IP address. The value ranges from 0.0.0.0 to 255.255.255.255." ::= { hwAclAdvancedRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.11 hwAclAdvancedDestWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the mask of the destination IP address. The value ranges from 0.0.0.0 to 255.255.255.255." ::= { hwAclAdvancedRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.12 hwAclAdvancedDestOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination Port operation symbol of an advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclAdvancedRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.13 hwAclAdvancedDestPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the end destination port number." ::= { hwAclAdvancedRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.14 hwAclAdvancedDestPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the start destination port number." ::= { hwAclAdvancedRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.15 hwAclAdvancedPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the precedence sub-field. It is the higher three bits of the ToS field in an IP header. The value ranges from 0 to 7." ::= { hwAclAdvancedRuleEntry 15 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.16 hwAclAdvancedTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the ToS sub-field. This field covers four bits after the higher three bits of the ToS field in an IP header. The value ranges from 0 to 15." ::= { hwAclAdvancedRuleEntry 16 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.17 hwAclAdvancedDscp OBJECT-TYPE SYNTAX Integer32 (0..63|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the higher six bits of the ToS field in an IP header. The value ranges from 0 to 63." ::= { hwAclAdvancedRuleEntry 17 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.18 hwAclAdvancedEstablish OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not establishing." DEFVAL { false } ::= { hwAclAdvancedRuleEntry 18 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.19 hwAclAdvancedTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the time range of an advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0." ::= { hwAclAdvancedRuleEntry 19 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.20 hwAclAdvancedIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535." ::= { hwAclAdvancedRuleEntry 20 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.21 hwAclAdvancedIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535." ::= { hwAclAdvancedRuleEntry 21 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.22 hwAclAdvancedFragments OBJECT-TYPE SYNTAX INTEGER { fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created." ::= { hwAclAdvancedRuleEntry 22 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.23 hwAclAdvancedLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets" ::= { hwAclAdvancedRuleEntry 23 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.24 hwAclAdvancedEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclAdvancedRuleEntry 24 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.25 hwAclAdvancedCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the rule." ::= { hwAclAdvancedRuleEntry 25 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.26 hwAclAdvancedVrfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs." ::= { hwAclAdvancedRuleEntry 26 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.27 hwAclAdvancedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclAdvancedRuleEntry 27 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.28 hwAclAdvancedTcpSyncFlag OBJECT-TYPE SYNTAX Integer32 (-1|0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the code of TCP Sync flag(0~63), The invalid value is -1." ::= { hwAclAdvancedRuleEntry 28 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.29 hwAclAdvancedDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this advanced rule. The object describes the usage of an ACL with a word or a sentence." ::= { hwAclAdvancedRuleEntry 29 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.30 hwAclAdvancedSrcPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source pool name." ::= { hwAclAdvancedRuleEntry 30 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.31 hwAclAdvancedDestPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination pool name." ::= { hwAclAdvancedRuleEntry 31 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.32 hwAclAdvancedProtocolNew OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 65535." ::= { hwAclAdvancedRuleEntry 32 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.33 hwAclAdvancedVni OBJECT-TYPE SYNTAX Integer32 (0..16777215) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ID of VXLAN, The invalid value is 0." ::= { hwAclAdvancedRuleEntry 33 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.34 hwAclAdvancedIgmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of igmp, The invalid value is 65535." ::= { hwAclAdvancedRuleEntry 34 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.35 hwAclAdvancedTtlOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ttl operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclAdvancedRuleEntry 35 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.36 hwAclAdvancedTtlExpire OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin ttl value. The invalid value is 0." ::= { hwAclAdvancedRuleEntry 36 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.37 hwAclAdvancedTtlExpireEnd OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end ttl value. The invalid value is 0." ::= { hwAclAdvancedRuleEntry 37 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.38 hwAclAdvancedPktLenOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the packet length operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclAdvancedRuleEntry 38 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.39 hwAclAdvancedPktLenBegin OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin packet length value." ::= { hwAclAdvancedRuleEntry 39 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.40 hwAclAdvancedPktLenEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end packet length value." ::= { hwAclAdvancedRuleEntry 40 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.41 hwAclAdvancedTcpFlagMask OBJECT-TYPE SYNTAX Integer32 (0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the mask of tcp-flag. The invalid value is 0." ::= { hwAclAdvancedRuleEntry 41 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.42 hwAclAdvancedSrcPortPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source port pool name." ::= { hwAclAdvancedRuleEntry 42 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.43 hwAclAdvancedDestPortPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination port pool name." ::= { hwAclAdvancedRuleEntry 43 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.44 hwAclAdvancedIcmpTypeEnd OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the ICMP message type. The value ranges from 0 to 255. The value 65535 is invalid. This object is used together with hwAclAdvancedIcmpType to indicate the value range of the ICMP message type." ::= { hwAclAdvancedRuleEntry 44 } -- 1.3.6.1.4.1.2011.5.1.1.5.1.45 hwAclAdvancedVrfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any VPN-instance." ::= { hwAclAdvancedRuleEntry 45 } -- 1.3.6.1.4.1.2011.5.1.1.6 hwAclIfRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for interface-based acl group." ::= { hwAclMibObjects 6 } -- 1.3.6.1.4.1.2011.5.1.1.6.1 hwAclIfRuleEntry OBJECT-TYPE SYNTAX HwAclIfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of interface-based acl group." INDEX { hwAclIfAclNum, hwAclIfSubitem } ::= { hwAclIfRuleTable 1 } HwAclIfRuleEntry ::= SEQUENCE { hwAclIfAclNum Integer32, hwAclIfSubitem Unsigned32, hwAclIfAct INTEGER, hwAclIfIndex Integer32, hwAclIfAny TruthValue, hwAclIfTimeRangeIndex Integer32, hwAclIfLog TruthValue, hwAclIfEnable TruthValue, hwAclIfCount Counter64, hwAclIfRowStatus RowStatus, hwAclIfDescription OCTET STRING } -- 1.3.6.1.4.1.2011.5.1.1.6.1.1 hwAclIfAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of interface-based acl group, the index range is (1000..1999 | 42768..76535)." ::= { hwAclIfRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.2 hwAclIfSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created." ::= { hwAclIfRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.3 hwAclIfAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an interface-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclIfRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.4 hwAclIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the index of an interface. It specifies the interface information of the packets.The invalid interface index is 0." ::= { hwAclIfRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.5 hwAclIfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any interface." ::= { hwAclIfRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.6 hwAclIfTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the index of the time range during which an ACL rule can be applied. When the current time is in the time range, the rule is valid. The value 0 is invalid, indicating that no time range is specified for the rule. The value ranges from 0 to 256." ::= { hwAclIfRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.7 hwAclIfLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets." ::= { hwAclIfRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.8 hwAclIfEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclIfRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.9 hwAclIfCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the rule." ::= { hwAclIfRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.11 hwAclIfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus,Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclIfRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.6.1.12 hwAclIfDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this if rule. The object describes the usage of an ACL with a word or a sentence." ::= { hwAclIfRuleEntry 12 } --user acl -- 1.3.6.1.4.1.2011.5.1.1.7 hwAclUserRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclUserRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for user acl group." ::= { hwAclMibObjects 7 } -- 1.3.6.1.4.1.2011.5.1.1.7.1 hwAclUserRuleEntry OBJECT-TYPE SYNTAX HwAclUserRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of user acl group." INDEX { hwAclUserAclNum, hwAclUserSubitem } ::= { hwAclUserRuleTable 1 } HwAclUserRuleEntry ::= SEQUENCE { hwAclUserAclNum Integer32, hwAclUserSubitem Unsigned32, hwAclUserAct INTEGER, hwAclUserProtocol Integer32, hwAclUserSrcIp IpAddress, hwAclUserSrcWild IpAddress, hwAclUserSrcOp INTEGER, hwAclUserSrcPort1 Integer32, hwAclUserSrcPort2 Integer32, hwAclUserDestIp IpAddress, hwAclUserDestWild IpAddress, hwAclUserDestOp INTEGER, hwAclUserDestPort1 Integer32, hwAclUserDestPort2 Integer32, hwAclUserPrecedence Integer32, hwAclUserTos Integer32, hwAclUserDscp Integer32, hwAclUserEstablish TruthValue, hwAclUserTimeRangeIndex Integer32, hwAclUserIcmpType Integer32, hwAclUserIcmpCode Integer32, hwAclUserFragments TruthValue, hwAclUserLog TruthValue, hwAclUserEnable TruthValue, hwAclUserCount Counter32, hwAclUserVrfName OCTET STRING, hwAclUserSrcUserGroupName OCTET STRING, hwAclUserDestUserGroupName OCTET STRING, hwAclUserSrcModeType Integer32, hwAclUserDestModeType Integer32, hwAclUserRowStatus RowStatus, hwAclUserTcpSyncFlag Integer32, hwAclUserSrcUserGroupNum Integer32, hwAclUserDestUserGroupNum Integer32 , hwAclUserDestDomainName OCTET STRING } -- 1.3.6.1.4.1.2011.5.1.1.7.1.1 hwAclUserAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of user acl table, the index range is (6000..9999)." ::= { hwAclUserRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.2 hwAclUserSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an User ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle" ::= { hwAclUserRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.3 hwAclUserAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an User acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclUserRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.4 hwAclUserProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0." ::= { hwAclUserRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.5 hwAclUserSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IP-address of an User acl rule." ::= { hwAclUserRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.6 hwAclUserSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IP-address wild of an User acl rule." ::= { hwAclUserRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.7 hwAclUserSrcOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source Port operation symbol of an User acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclUserRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.8 hwAclUserSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets." ::= { hwAclUserRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.9 hwAclUserSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the fourth layer source port2." ::= { hwAclUserRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.10 hwAclUserDestIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination IP-address of an User acl rule." ::= { hwAclUserRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.11 hwAclUserDestWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination IP-address wild of an User acl rule." ::= { hwAclUserRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.12 hwAclUserDestOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), invalid(0), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination Port operation symbol of an User acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclUserRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.13 hwAclUserDestPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the fourth layer destination port1." ::= { hwAclUserRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.14 hwAclUserDestPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the fourth layer destination port2." ::= { hwAclUserRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.15 hwAclUserPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255." ::= { hwAclUserRuleEntry 15 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.16 hwAclUserTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255." ::= { hwAclUserRuleEntry 16 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.17 hwAclUserDscp OBJECT-TYPE SYNTAX Integer32 (0..63|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the value of frame.The invalid value is 255." ::= { hwAclUserRuleEntry 17 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.18 hwAclUserEstablish OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not establishing." DEFVAL { false } ::= { hwAclUserRuleEntry 18 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.19 hwAclUserTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the time range of an User acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0." ::= { hwAclUserRuleEntry 19 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.20 hwAclUserIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535." ::= { hwAclUserRuleEntry 20 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.21 hwAclUserIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535." ::= { hwAclUserRuleEntry 21 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.22 hwAclUserFragments OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching fragmented packet, It specifies that this rule is only valid for the non-first fragment packets." ::= { hwAclUserRuleEntry 22 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.23 hwAclUserLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets" ::= { hwAclUserRuleEntry 23 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.24 hwAclUserEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclUserRuleEntry 24 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.25 hwAclUserCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the rule." ::= { hwAclUserRuleEntry 25 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.26 hwAclUserVrfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs." ::= { hwAclUserRuleEntry 26 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.27 hwAclUserSrcUserGroupName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source user group name of this rule. if modetype source is user, null sting means any user" ::= { hwAclUserRuleEntry 27 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.28 hwAclUserDestUserGroupName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user" ::= { hwAclUserRuleEntry 28 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.29 hwAclUserSrcModeType OBJECT-TYPE SYNTAX Integer32 (0..4) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group" ::= { hwAclUserRuleEntry 29 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.30 hwAclUserDestModeType OBJECT-TYPE SYNTAX Integer32 (0..6) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet or any doamin name, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group, 5 domain match rule from a domain name, 6 domainAny match rule from any doamin name" ::= { hwAclUserRuleEntry 30 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.31 hwAclUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclUserRuleEntry 31 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.32 hwAclUserTcpSyncFlag OBJECT-TYPE SYNTAX Integer32 (-1|0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the code of TCP Sync flag(0~63), The invalid value is -1." ::= { hwAclUserRuleEntry 32 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.33 hwAclUserSrcUserGroupNum OBJECT-TYPE SYNTAX Integer32 (0..64000|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source user group num of this rule. if modetype source is user, null sting means any user" ::= { hwAclUserRuleEntry 33 } -- 1.3.6.1.4.1.2011.5.1.1.7.1.34 hwAclUserDestUserGroupNum OBJECT-TYPE SYNTAX Integer32 (0..64000|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user" ::= { hwAclUserRuleEntry 34 } hwAclUserDestDomainName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (3..127)) MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the destination domain name of this rule. if modetype destination is domain, null sting means any domain." ::= { hwAclUserRuleEntry 35 } -- 1.3.6.1.4.1.2011.5.1.1.10 hwAclCompileEnableFlag OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "The object indicates whether acl compiler is enabled. when acl compiler is enabled, and ACL accelerate function is enabled, then matching packets by rule is efficient." ::= { hwAclMibObjects 10 } -- 1.3.6.1.4.1.2011.5.1.1.11 hwAclCompileNumGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclCompileNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL compiler table extending the Acl-number-group table" ::= { hwAclMibObjects 11 } -- 1.3.6.1.4.1.2011.5.1.1.11.1 hwAclCompileNumGroupEntry OBJECT-TYPE SYNTAX HwAclCompileNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of Acl-number-group compiler extended table" AUGMENTS { hwAclNumGroupEntry } ::= { hwAclCompileNumGroupTable 1 } HwAclCompileNumGroupEntry ::= SEQUENCE { hwAclCompileNumGroupStatus INTEGER } -- 1.3.6.1.4.1.2011.5.1.1.11.1.1 hwAclCompileNumGroupStatus OBJECT-TYPE SYNTAX INTEGER { notCompile(1), compiled(2), changeAfterCompile(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "The object indicates the status of Acl-number-group compiler. 'notCompile' means acl accelerate function is disabled, 'compiled' means acl accelerate function is enabled, 'changeAfterCompile' means acl is changed after compiled." DEFVAL { notCompile } ::= { hwAclCompileNumGroupEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.12 hwAclIpv6BasicRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIpv6BasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for ipv6 basic acl group." ::= { hwAclMibObjects 12 } -- 1.3.6.1.4.1.2011.5.1.1.12.1 hwAclIpv6BasicRuleEntry OBJECT-TYPE SYNTAX HwAclIpv6BasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a rule of ipv6 basic acl." INDEX { hwAclIpv6BasicAclNum, hwAclIpv6BasicSubitem } ::= { hwAclIpv6BasicRuleTable 1 } HwAclIpv6BasicRuleEntry ::= SEQUENCE { hwAclIpv6BasicAclNum Integer32, hwAclIpv6BasicSubitem Unsigned32, hwAclIpv6BasicAct INTEGER, hwAclIpv6BasicSrcIp Ipv6Address, hwAclIpv6BasicSrcPrefix Integer32, hwAclIpv6BasicTimeRangeIndex Integer32, hwAclIpv6BasicFragment INTEGER, hwAclIpv6BasicLog TruthValue, hwAclIpv6BasicEnable EnabledStatus, hwAclIpv6BasicCount Counter64, hwAclIpv6BasicVrfName OCTET STRING, hwAclIpv6BasicRowStatus RowStatus, hwAclIpv6BasicDescription OCTET STRING, hwAclIpv6BasicSrcMask Ipv6Address, hwAclIpv6BasicVrfAny TruthValue } -- 1.3.6.1.4.1.2011.5.1.1.12.1.1 hwAclIpv6BasicAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535)." ::= { hwAclIpv6BasicRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.4.1.2 hwAclIpv6BasicSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically; otherwise, this rule will not be created." ::= { hwAclIpv6BasicRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.3 hwAclIpv6BasicAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of a ipv6 basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclIpv6BasicRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.4 hwAclIpv6BasicSrcIp OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IPv6-address of a ipv6 basic acl rule." ::= { hwAclIpv6BasicRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.5 hwAclIpv6BasicSrcPrefix OBJECT-TYPE SYNTAX Integer32 (0..128) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the mask length of the source IPv6 address. The value ranges from 0 to 128." ::= { hwAclIpv6BasicRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.6 hwAclIpv6BasicTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the index of the time range during which an ACL6 rule can be applied.The value ranges from 0 to 256.The value 0 is invalid, indicating that no time range is specified for the rule." ::= { hwAclIpv6BasicRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.7 hwAclIpv6BasicFragment OBJECT-TYPE SYNTAX INTEGER { fragmentSubseq(0), fragment(1), none(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created." ::= { hwAclIpv6BasicRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.8 hwAclIpv6BasicLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets." ::= { hwAclIpv6BasicRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.9 hwAclIpv6BasicEnable OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclIpv6BasicRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.10 hwAclIpv6BasicCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the number of matched packets by a rule. A maximum of 64 bits are supported." ::= { hwAclIpv6BasicRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.11 hwAclIpv6BasicVrfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters." ::= { hwAclIpv6BasicRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.12 hwAclIpv6BasicRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three value: CreateAndGo, Active and Destroy." ::= { hwAclIpv6BasicRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.13 hwAclIpv6BasicDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this IPv6 basic rule. The object describes the usage of an IPv6 ACL with a word or a sentence." ::= { hwAclIpv6BasicRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.14 hwAclIpv6BasicSrcMask OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive." ::= { hwAclIpv6BasicRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.12.1.15 hwAclIpv6BasicVrfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any VPN-instance." ::= { hwAclIpv6BasicRuleEntry 15 } -- 1.3.6.1.4.1.2011.5.1.1.13 hwAclIpv6AdvancedRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIpv6AdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for ipv6 advanced acl group." ::= { hwAclMibObjects 13 } -- 1.3.6.1.4.1.2011.5.1.1.13.1 hwAclIpv6AdvancedRuleEntry OBJECT-TYPE SYNTAX HwAclIpv6AdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of ipv6 advanced acl group." INDEX { hwAclIpv6AdvancedAclNum, hwAclIpv6AdvancedSubitem } ::= { hwAclIpv6AdvancedRuleTable 1 } HwAclIpv6AdvancedRuleEntry ::= SEQUENCE { hwAclIpv6AdvancedAclNum Integer32, hwAclIpv6AdvancedSubitem Unsigned32, hwAclIpv6AdvancedAct INTEGER, hwAclIpv6AdvancedProtocol Integer32, hwAclIpv6AdvancedSrcIp Ipv6Address, hwAclIpv6AdvancedSrcPrefix Integer32, hwAclIpv6AdvancedSrcOp INTEGER, hwAclIpv6AdvancedSrcPort1 Integer32, hwAclIpv6AdvancedSrcPort2 Integer32, hwAclIpv6AdvancedDestIp Ipv6Address, hwAclIpv6AdvancedDestPrefix Integer32, hwAclIpv6AdvancedDestOp INTEGER, hwAclIpv6AdvancedDestPort1 Integer32, hwAclIpv6AdvancedDestPort2 Integer32, hwAclIpv6AdvancedPrecedence Integer32, hwAclIpv6AdvancedTos Integer32, hwAclIpv6AdvancedDscp Integer32, hwAclIpv6AdvancedEstablish TruthValue, hwAclIpv6AdvancedTimeRangeIndex Integer32, hwAclIpv6AdvancedIcmpType Integer32, hwAclIpv6AdvancedIcmpCode Integer32, hwAclIpv6AdvancedFragment INTEGER, hwAclIpv6AdvancedLog TruthValue, hwAclIpv6AdvancedEnable EnabledStatus, hwAclIpv6AdvancedCount Counter64, hwAclIpv6AdvancedVrfName OCTET STRING, hwAclIpv6AdvancedRowStatus RowStatus, hwAclIpv6AdvancedDescription OCTET STRING, hwAclIpv6AdvancedSrcMask Ipv6Address, hwAclIpv6AdvancedDestMask Ipv6Address, hwAclIpv6AdvancedProtocolNew Integer32, hwAclIpv6AdvancedIcmpTypeEnd Integer32, hwAclIpv6AdvancedVrfAny TruthValue, hwAclIpv6AdvancedSrcPoolName OCTET STRING, hwAclIpv6AdvancedVni Integer32 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.1 hwAclIpv6AdvancedAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535)." ::= { hwAclIpv6AdvancedRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.2 hwAclIpv6AdvancedSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an ipv6 advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically;otherwise,this rule will not be created." ::= { hwAclIpv6AdvancedRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.3 hwAclIpv6AdvancedAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an ipv6 advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclIpv6AdvancedRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.4 hwAclIpv6AdvancedProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the number of the protocol over IPv6. The value ranges from 0 to 255. The value 0 indicates the IPv6 protocol." ::= { hwAclIpv6AdvancedRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.5 hwAclIpv6AdvancedSrcIp OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IPv6-address of an ipv6 advanced acl rule." ::= { hwAclIpv6AdvancedRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.6 hwAclIpv6AdvancedSrcPrefix OBJECT-TYPE SYNTAX Integer32 (0..128) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the mask length of the source IPv6 address. The value ranges from 0 to 128." ::= { hwAclIpv6AdvancedRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.7 hwAclIpv6AdvancedSrcOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), range(5), invalid(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source Port operation symbol of an ipv6 advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclIpv6AdvancedRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.8 hwAclIpv6AdvancedSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the end source port number." ::= { hwAclIpv6AdvancedRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.9 hwAclIpv6AdvancedSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the start source port number." ::= { hwAclIpv6AdvancedRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.10 hwAclIpv6AdvancedDestIp OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination IPv6-address of an ipv6 advanced acl rule." ::= { hwAclIpv6AdvancedRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.11 hwAclIpv6AdvancedDestPrefix OBJECT-TYPE SYNTAX Integer32 (0..128) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the mask length of the destination IPv6 address. The value ranges from 0 to 128." ::= { hwAclIpv6AdvancedRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.12 hwAclIpv6AdvancedDestOp OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), neq(4), range(5), invalid(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination Port operation symbol of an ipv6 advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclIpv6AdvancedRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.13 hwAclIpv6AdvancedDestPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the largest destination port number." ::= { hwAclIpv6AdvancedRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.14 hwAclIpv6AdvancedDestPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the smallest destination port number." ::= { hwAclIpv6AdvancedRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.15 hwAclIpv6AdvancedPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the precedence sub-field. It is the higher three bits of the ToS field in an IPv6 header. The value ranges from 0 to 7." ::= { hwAclIpv6AdvancedRuleEntry 15 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.16 hwAclIpv6AdvancedTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the ToS sub-field. This field covers four bits after the higher three bits of the ToS field in an IPv6 header. The value ranges from 0 to 15." ::= { hwAclIpv6AdvancedRuleEntry 16 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.17 hwAclIpv6AdvancedDscp OBJECT-TYPE SYNTAX Integer32 (0..63|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the higher seven bits of the ToS field in an IPv6 header. The value ranges from 0 to 63." ::= { hwAclIpv6AdvancedRuleEntry 17 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.18 hwAclIpv6AdvancedEstablish OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not establishing." DEFVAL { false } ::= { hwAclIpv6AdvancedRuleEntry 18 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.19 hwAclIpv6AdvancedTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the index of the time range during which an ACL6 rule can be applied. The value ranges from 0 to 256. The value 0 indicates that no time range is specified for the rule." ::= { hwAclIpv6AdvancedRuleEntry 19 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.20 hwAclIpv6AdvancedIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the ICMPv6 message type. The value ranges from 0 to 255. The value 65535 is invalid." ::= { hwAclIpv6AdvancedRuleEntry 20 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.21 hwAclIpv6AdvancedIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this obejct identifies the code of an ICMPv6 message. The value ranges from 0 to 255. The value 65535 is invalid." ::= { hwAclIpv6AdvancedRuleEntry 21 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.22 hwAclIpv6AdvancedFragment OBJECT-TYPE SYNTAX INTEGER { fragmentSubseq(0), fragment(1), none(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created." ::= { hwAclIpv6AdvancedRuleEntry 22 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.23 hwAclIpv6AdvancedLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets" ::= { hwAclIpv6AdvancedRuleEntry 23 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.24 hwAclIpv6AdvancedEnable OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclIpv6AdvancedRuleEntry 24 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.25 hwAclIpv6AdvancedCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the number of packets matched by a rule. A maximum of 64 bits are supported." ::= { hwAclIpv6AdvancedRuleEntry 25 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.26 hwAclIpv6AdvancedVrfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters." ::= { hwAclIpv6AdvancedRuleEntry 26 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.27 hwAclIpv6AdvancedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclIpv6AdvancedRuleEntry 27 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.28 hwAclIpv6AdvancedDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this IPv6 advanced rule. The object describes the usage of an IPv6 ACL with a word or a sentence." ::= { hwAclIpv6AdvancedRuleEntry 28 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.29 hwAclIpv6AdvancedSrcMask OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive." ::= { hwAclIpv6AdvancedRuleEntry 29 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.30 hwAclIpv6AdvancedDestMask OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive." ::= { hwAclIpv6AdvancedRuleEntry 30 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.31 hwAclIpv6AdvancedProtocolNew OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 65535." ::= { hwAclIpv6AdvancedRuleEntry 31 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.32 hwAclIpv6AdvancedIcmpTypeEnd OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the ICMPv6 message type. The value ranges from 0 to 255. The value 65535 is invalid. This object is used together with hwAclIpv6AdvancedIcmpType to indicate the value range of the ICMPv6 type." ::= { hwAclIpv6AdvancedRuleEntry 32 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.33 hwAclIpv6AdvancedVrfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any VPN-instance." ::= { hwAclIpv6AdvancedRuleEntry 33 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.34 hwAclIpv6AdvancedSrcPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source Ipv6 pool name." ::= { hwAclIpv6AdvancedRuleEntry 34 } -- 1.3.6.1.4.1.2011.5.1.1.13.1.35 hwAclIpv6AdvancedVni OBJECT-TYPE SYNTAX Integer32 (0..16777215) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ID of VXLAN, The invalid value is 0." ::= { hwAclIpv6AdvancedRuleEntry 35 } -- 1.3.6.1.4.1.2011.5.1.1.14 hwAclEthernetFrameRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclEthernetFrameRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for ethernet-frame-based acl group." ::= { hwAclMibObjects 14 } -- 1.3.6.1.4.1.2011.5.1.1.14.1 hwAclEthernetFrameRuleEntry OBJECT-TYPE SYNTAX HwAclEthernetFrameRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of ethernet-frame-based acl group." INDEX { hwAclEthernetFrameAclNum, hwAclEthernetFrameSubitem } ::= { hwAclEthernetFrameRuleTable 1 } HwAclEthernetFrameRuleEntry ::= SEQUENCE { hwAclEthernetFrameAclNum Integer32, hwAclEthernetFrameSubitem Unsigned32, hwAclEthernetFrameAct INTEGER, hwAclEthernetFrameType Integer32, hwAclEthernetFrameTypeMask Integer32, hwAclEthernetFrameSrcMac MacAddress, hwAclEthernetFrameSrcMacMask MacAddress, hwAclEthernetFrameDstMac MacAddress, hwAclEthernetFrameDstMacMask MacAddress, hwAclEthernetFrameTimeRangeIndex Integer32, hwAclEthernetFrameLog TruthValue, hwAclEthernetFrameEnable EnabledStatus, hwAclEthernetFrameCount Counter64, hwAclEthernetFrameRowStatus RowStatus, hwAclEthernetFrameEncapType INTEGER, hwAclEthernetFrameDoubleTag TruthValue, hwAclEthernetFrameVlanId Integer32, hwAclEthernetFrameVlanIdMask Integer32, hwAclEthernetFrameCVlanId Integer32, hwAclEthernetFrameCVlanIdMask Integer32, hwAclEthernetFrameRule8021p Integer32, hwAclEthernetFrameRuleCVlan8021p Integer32, hwAclEthernetFrameDescription OCTET STRING } -- 1.3.6.1.4.1.2011.5.1.1.14.1.1 hwAclEthernetFrameAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535)." ::= { hwAclEthernetFrameRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.2 hwAclEthernetFrameSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created." ::= { hwAclEthernetFrameRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.3 hwAclEthernetFrameAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an ethernet-frame-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclEthernetFrameRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.4 hwAclEthernetFrameType OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the protocol type of an Ethernet frame. The value ranges from 0 to 65535." ::= { hwAclEthernetFrameRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.5 hwAclEthernetFrameTypeMask OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the mask of the protocol type of an Ethernet frame. The value ranges from 0 to 65535." ::= { hwAclEthernetFrameRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.6 hwAclEthernetFrameSrcMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source mac address of rule." ::= { hwAclEthernetFrameRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.7 hwAclEthernetFrameSrcMacMask OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the source mac mask of rule." ::= { hwAclEthernetFrameRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.8 hwAclEthernetFrameDstMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination mac address of rule." ::= { hwAclEthernetFrameRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.9 hwAclEthernetFrameDstMacMask OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the destination mac mask of rule." ::= { hwAclEthernetFrameRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.10 hwAclEthernetFrameTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the time range of a ethernet frame acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0." ::= { hwAclEthernetFrameRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.11 hwAclEthernetFrameLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, source/destination mac addr, protocol of ethernet frame, and number of packets." ::= { hwAclEthernetFrameRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.12 hwAclEthernetFrameEnable OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclEthernetFrameRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.13 hwAclEthernetFrameCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the number of matched packets by a rule. A maximum of 64 bits are supported." ::= { hwAclEthernetFrameRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.14.1.14 hwAclEthernetFrameRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus,Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclEthernetFrameRuleEntry 14 } hwAclEthernetFrameEncapType OBJECT-TYPE SYNTAX INTEGER { ether2(1), ieee802dot3(2), snap(3), none(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the encapsulation type of rule." DEFVAL { none } ::= { hwAclEthernetFrameRuleEntry 15 } hwAclEthernetFrameDoubleTag OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates two tags of rule. False value do not care the number of tags." DEFVAL { false } ::= { hwAclEthernetFrameRuleEntry 16 } hwAclEthernetFrameVlanId OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the vlan ID of rule. The invalid vlan ID is 0." DEFVAL { 0 } ::= { hwAclEthernetFrameRuleEntry 17 } hwAclEthernetFrameVlanIdMask OBJECT-TYPE SYNTAX Integer32 (0..4095) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the vlan ID mask of rule." DEFVAL { 4095 } ::= { hwAclEthernetFrameRuleEntry 18 } hwAclEthernetFrameCVlanId OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ce-vlan ID of rule. The invalid vlan ID is 0." DEFVAL { 0 } ::= { hwAclEthernetFrameRuleEntry 19 } hwAclEthernetFrameCVlanIdMask OBJECT-TYPE SYNTAX Integer32 (0..4095) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ce-vlan ID mask of rule." DEFVAL { 4095 } ::= { hwAclEthernetFrameRuleEntry 20 } hwAclEthernetFrameRule8021p OBJECT-TYPE SYNTAX Integer32 (0..7 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the 8021p value of S-tag." ::= { hwAclEthernetFrameRuleEntry 21 } hwAclEthernetFrameRuleCVlan8021p OBJECT-TYPE SYNTAX Integer32 (0..7 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the 8021p value of C-tag." ::= { hwAclEthernetFrameRuleEntry 22 } hwAclEthernetFrameDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the description of this ethernetframe rule. The object describes the usage of an ACL with a word or a sentence." ::= { hwAclEthernetFrameRuleEntry 23 } hwAclAppliedTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclAppliedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the applied ACL." ::= { hwAclMibObjects 15 } hwAclAppliedEntry OBJECT-TYPE SYNTAX HwAclAppliedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a applied ACL." INDEX { hwAclAppliedOperation, hwAclAppliedScopeType, hwAclAppliedScopeIndex, hwAclAppliedDirection, hwAclAppliedAclNum, hwAclAppliedSubitem, hwAclAppliedAclNum2, hwAclAppliedSubitem2, hwAclAppliedIsIPv6Acl } ::= { hwAclAppliedTable 1 } HwAclAppliedEntry ::= SEQUENCE { hwAclAppliedOperation INTEGER, hwAclAppliedScopeType INTEGER, hwAclAppliedScopeIndex Integer32, hwAclAppliedDirection INTEGER, hwAclAppliedAclNum Integer32, hwAclAppliedSubitem Integer32, hwAclAppliedAclNum2 Integer32, hwAclAppliedSubitem2 Integer32, hwAclAppliedStatMode INTEGER, hwAclAppliedStatCount Counter64, hwAclAppliedLimitCir Integer32, hwAclAppliedLimitPir Integer32, hwAclAppliedLimitCbs Integer32, hwAclAppliedLimitPbs Integer32, hwAclAppliedLimitGreenAction INTEGER, hwAclAppliedLimitGreenValue Integer32, hwAclAppliedLimitYellowAction INTEGER, hwAclAppliedLimitYellowValue Integer32, hwAclAppliedLimitRedAction INTEGER, hwAclAppliedLimitRedValue Integer32, hwAclAppliedMirrObservedPort Integer32, hwAclAppliedMirrRspanVlan Integer32, hwAclAppliedRedirectIfIndex Integer32, hwAclAppliedRedirectIpAddr IpAddress, hwAclAppliedRedirectIpv6Addr Ipv6Address, hwAclAppliedRemarkVlan Integer32, hwAclAppliedRemarkCVlan Integer32, hwAclAppliedRemark8021p Integer32, hwAclAppliedRemarkDscp Integer32, hwAclAppliedRemarkIpPre Integer32, hwAclAppliedRemarkLocalPre Integer32, hwAclAppliedRemarkMacAddr MacAddress, hwAclAppliedIsIPv6Acl TruthValue, hwAclAppliedRowStatus RowStatus } hwAclAppliedOperation OBJECT-TYPE SYNTAX INTEGER { filter(1), limit(2), mirror(3), redirectCpu(4), redirectInterface(5), redirectIpNextHop(6), redirectIpv6NextHop(7), remark8021p(8), remarkDscp(9), remarkIpPrecedence(10), remarkLocalPrecedence(11), remarkVlanId(12), remarkCVlanId(13), remarkDestMac(14), statistic(15) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The actions taken when packets conforming or exceeding the configured." ::= { hwAclAppliedEntry 1 } hwAclAppliedScopeType OBJECT-TYPE SYNTAX INTEGER { global(1), vlan(2), interface(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The scope that ACL apply on." ::= { hwAclAppliedEntry 2 } hwAclAppliedScopeIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "When the scope is global, this field is invalid; When the scope is vlan, this field is vlan ID; When the scope is interface, this field is interface index." ::= { hwAclAppliedEntry 3 } hwAclAppliedDirection OBJECT-TYPE SYNTAX INTEGER { inbound(1), outbound(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction acl apply on." ::= { hwAclAppliedEntry 4 } hwAclAppliedAclNum OBJECT-TYPE SYNTAX Integer32 (2000..4999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of ACL group. Basic ACL in range 2000~2999; Advance ACL in range 3000~3999; Link ACL in range 4000~4999;" ::= { hwAclAppliedEntry 5 } hwAclAppliedSubitem OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object specifies the number of an ACL rule." ::= { hwAclAppliedEntry 6 } hwAclAppliedAclNum2 OBJECT-TYPE SYNTAX Integer32 (2000..3999|65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of ACL group. 65535 means this field is valid." ::= { hwAclAppliedEntry 7 } hwAclAppliedSubitem2 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object specifies the number of an ACL rule." ::= { hwAclAppliedEntry 8 } hwAclAppliedStatMode OBJECT-TYPE SYNTAX INTEGER { byPackets(1), byBytes(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object specifies the mode of statistics. When action is statistic, this field is valid." DEFVAL { byPackets } ::= { hwAclAppliedEntry 9 } hwAclAppliedStatCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the policy. When action is statistic or limit, this field is valid." ::= { hwAclAppliedEntry 10 } hwAclAppliedLimitCir OBJECT-TYPE SYNTAX Integer32 (0 | 64..10000000) MAX-ACCESS read-create STATUS current DESCRIPTION "Committed information rate. Unit: kbps." DEFVAL { 0 } ::= { hwAclAppliedEntry 11 } hwAclAppliedLimitPir OBJECT-TYPE SYNTAX Integer32 (0 | 64..10000000) MAX-ACCESS read-create STATUS current DESCRIPTION "Peak information rate. Unit: kbps. 0 is the default value." DEFVAL { 0 } ::= { hwAclAppliedEntry 12 } hwAclAppliedLimitCbs OBJECT-TYPE SYNTAX Integer32 (0 | 4096..16773120) MAX-ACCESS read-create STATUS current DESCRIPTION "Committed burst size. Unit: byte. 0 is the default value." DEFVAL { 0 } ::= { hwAclAppliedEntry 13 } hwAclAppliedLimitPbs OBJECT-TYPE SYNTAX Integer32 (0 | 4096..16773120) MAX-ACCESS read-create STATUS current DESCRIPTION "Peak burst size. Unit: byte. 0 is the default value." DEFVAL { 0 } ::= { hwAclAppliedEntry 14 } hwAclAppliedLimitGreenAction OBJECT-TYPE SYNTAX INTEGER { pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Green action." DEFVAL { pass } ::= { hwAclAppliedEntry 15 } hwAclAppliedLimitGreenValue OBJECT-TYPE SYNTAX Integer32 (0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The value is to remark When green action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7." ::= { hwAclAppliedEntry 16 } hwAclAppliedLimitYellowAction OBJECT-TYPE SYNTAX INTEGER { pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Yellow action." DEFVAL { pass } ::= { hwAclAppliedEntry 17 } hwAclAppliedLimitYellowValue OBJECT-TYPE SYNTAX Integer32 (0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The value is to remark When yellow action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7." ::= { hwAclAppliedEntry 18 } hwAclAppliedLimitRedAction OBJECT-TYPE SYNTAX INTEGER { pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Red action." DEFVAL { drop } ::= { hwAclAppliedEntry 19 } hwAclAppliedLimitRedValue OBJECT-TYPE SYNTAX Integer32 (0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The value is to remark When red action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7." ::= { hwAclAppliedEntry 20 } hwAclAppliedMirrObservedPort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The mirror observe port number." ::= { hwAclAppliedEntry 21 } hwAclAppliedMirrRspanVlan OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The object specifies the RSPAN vlan. 0 means mirror to local port." ::= { hwAclAppliedEntry 22 } hwAclAppliedRedirectIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The redirect output interface." ::= { hwAclAppliedEntry 23 } hwAclAppliedRedirectIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The redirect IP next hop address." ::= { hwAclAppliedEntry 24 } hwAclAppliedRedirectIpv6Addr OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-create STATUS current DESCRIPTION "The redirect IPv6 next hop address." ::= { hwAclAppliedEntry 25 } hwAclAppliedRemarkVlan OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked vlan ID." ::= { hwAclAppliedEntry 26 } hwAclAppliedRemarkCVlan OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked ce-vlan ID." ::= { hwAclAppliedEntry 27 } hwAclAppliedRemark8021p OBJECT-TYPE SYNTAX Integer32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked 8021p value." ::= { hwAclAppliedEntry 28 } hwAclAppliedRemarkDscp OBJECT-TYPE SYNTAX Integer32 (0..63) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked DSCP value." ::= { hwAclAppliedEntry 29 } hwAclAppliedRemarkIpPre OBJECT-TYPE SYNTAX Integer32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked IP precedence value." ::= { hwAclAppliedEntry 30 } hwAclAppliedRemarkLocalPre OBJECT-TYPE SYNTAX Integer32 (0..7) MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked local precedence value." ::= { hwAclAppliedEntry 31 } hwAclAppliedRemarkMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The remarked MAC address." ::= { hwAclAppliedEntry 32 } hwAclAppliedIsIPv6Acl OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object indicates whether is IPv6 ACL." ::= { hwAclAppliedEntry 33 } hwAclAppliedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus,Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclAppliedEntry 51 } hwAclIpv6NumGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIpv6NumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description." ::= { hwAclMibObjects 16 } hwAclIpv6NumGroupEntry OBJECT-TYPE SYNTAX HwAclIpv6NumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing characters of an IPv6 ACL group." INDEX { hwAclIpv6NumGroupAclNum } ::= { hwAclIpv6NumGroupTable 1 } HwAclIpv6NumGroupEntry ::= SEQUENCE { hwAclIpv6NumGroupAclNum Integer32, hwAclIpv6NumGroupMatchOrder INTEGER, hwAclIpv6NumGroupSubitemNum Counter32, hwAclIpv6NumGroupCountClear INTEGER, hwAclIpv6NumGroupAclName OCTET STRING, hwAclIpv6NumGroupDescription OCTET STRING, hwAclIpv6NumGroupAclType INTEGER, hwAclIpv6NumGroupRowStatus RowStatus, hwAclIpv6NumGroupStep Integer32 } hwAclIpv6NumGroupAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object identifies a table index, representing the number of an IPv6 ACL rule group. The value range is as follows: Interface-based ACL6: 1000 to 1999 Basic ACL6: 2000 to 2999 Advanced ACL6: 3000 to 3999 Named ACL6: 42768 to 75535" ::= { hwAclIpv6NumGroupEntry 1 } hwAclIpv6NumGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2), default(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL6 rules are matched following the 'Depth-first' principle." DEFVAL { default } ::= { hwAclIpv6NumGroupEntry 2 } hwAclIpv6NumGroupSubitemNum OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of the rules in the ACL6 group." ::= { hwAclIpv6NumGroupEntry 3 } hwAclIpv6NumGroupCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), notUsed(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether to clear the statistics of an ACL6 rule group. cleared(1): clear notUsed(2): not clear This object is valid only when the Set operation is performed for this object." ::= { hwAclIpv6NumGroupEntry 4 } hwAclIpv6NumGroupAclName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the name of an acl6 group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character." ::= { hwAclIpv6NumGroupEntry 5 } hwAclIpv6NumGroupDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates the description of an ACL6 rule group. The description length cannot exceed 127 characters." ::= { hwAclIpv6NumGroupEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.16.1.7 hwAclIpv6NumGroupAclType OBJECT-TYPE SYNTAX INTEGER { basic(1), advanced(2), interface(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of IPv6 ACL group." ::= { hwAclIpv6NumGroupEntry 7 } hwAclIpv6NumGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three value:CreateAndGo,Active,Destroy." ::= { hwAclIpv6NumGroupEntry 51 } hwAclIpv6NumGroupStep OBJECT-TYPE SYNTAX Integer32 (1..20) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the step value of number IPv6 ACL. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The IPv6 ACL IDs change along with the step. When the step is 5, the IPv6 ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on." ::= { hwAclIpv6NumGroupEntry 52 } hwAclIpv6IfRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIpv6IfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for interface-based acl6 group." ::= { hwAclMibObjects 17 } hwAclIpv6IfRuleEntry OBJECT-TYPE SYNTAX HwAclIpv6IfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a rule of interface-based acl6 group." INDEX { hwAclIpv6IfAclNum, hwAclIpv6IfSubitem } ::= { hwAclIpv6IfRuleTable 1 } HwAclIpv6IfRuleEntry ::= SEQUENCE { hwAclIpv6IfAclNum Integer32, hwAclIpv6IfSubitem Unsigned32, hwAclIpv6IfAct INTEGER, hwAclIpv6IfIndex Integer32, hwAclIpv6IfAny TruthValue, hwAclIpv6IfTimeRangeIndex Integer32, hwAclIpv6IfLog TruthValue, hwAclIpv6IfEnable TruthValue, hwAclIpv6IfCount Counter64, hwAclIpv6IfRowStatus RowStatus } hwAclIpv6IfAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535)." ::= { hwAclIpv6IfRuleEntry 1 } hwAclIpv6IfSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object specifies the number of an ACL6 rule. If the number specified has been assigned to an ACL6 rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL6. It will be placed at the end of the ACL6 when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL6 rule must be given 0, but it will be assigned automatically;otherwise, this rule will not be created." ::= { hwAclIpv6IfRuleEntry 2 } hwAclIpv6IfAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of an interface-based acl6 rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclIpv6IfRuleEntry 3 } hwAclIpv6IfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the index of an interface. It specifies the interface information of the packets. The invalid interface index is 0." ::= { hwAclIpv6IfRuleEntry 4 } hwAclIpv6IfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not matching any interface." ::= { hwAclIpv6IfRuleEntry 5 } hwAclIpv6IfTimeRangeIndex OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the index of the time range during which an ACL rule can be applied. When the current time is in the time range, the rule is valid. The value 0 is invalid, indicating that no time range is specified for the rule.The value ranges from 0 to 256." ::= { hwAclIpv6IfRuleEntry 6 } hwAclIpv6IfLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether to log the matched packets. The log contents include sequence number of ACL6 rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets." ::= { hwAclIpv6IfRuleEntry 7 } hwAclIpv6IfEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates whether the rule is valid or invalid." ::= { hwAclIpv6IfRuleEntry 8 } hwAclIpv6IfCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by basic rule." ::= { hwAclIpv6IfRuleEntry 9 } hwAclIpv6IfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus,Now support three state:CreateAndGo,Active,Destroy." ::= { hwAclIpv6IfRuleEntry 11 } -- chenjing 43944 -- 1.3.6.1.4.1.2011.5.1.1.18 hwAclMplsRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclMplsRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for mpls acl group." ::= { hwAclMibObjects 18 } -- 1.3.6.1.4.1.2011.5.1.1.18.1 hwAclMplsRuleEntry OBJECT-TYPE SYNTAX HwAclMplsRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a rule of mpls acl." INDEX { hwAclMplsAclNum, hwAclMplsSubitem } ::= { hwAclMplsRuleTable 1 } HwAclMplsRuleEntry ::= SEQUENCE { hwAclMplsAclNum Integer32, hwAclMplsSubitem Unsigned32, hwAclMplsAct INTEGER, hwAclMplsExp1 Integer32, hwAclMplsExp2 Integer32, hwAclMplsExp3 Integer32, hwAclMplsExp4 Integer32, hwAclMplsLabel1 Integer32, hwAclMplsLabel2 Integer32, hwAclMplsLabel3 Integer32, hwAclMplsLabel4 Integer32, hwAclMplsTTLOP1 INTEGER, hwAclMplsTTL1Begin Integer32, hwAclMplsTTL1End Integer32, hwAclMplsTTLOP2 INTEGER, hwAclMplsTTL2Begin Integer32, hwAclMplsTTL2End Integer32, hwAclMplsTTLOP3 INTEGER, hwAclMplsTTL3Begin Integer32, hwAclMplsTTL3End Integer32, hwAclMplsRowStatus RowStatus, hwAclMplsCount Counter64 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.1 hwAclMplsAclNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of mpls acl group, the index range is (10000..10999 | 42768..76535)." ::= { hwAclMplsRuleEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.2 hwAclMplsSubitem OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created." ::= { hwAclMplsRuleEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.3 hwAclMplsAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition." ::= { hwAclMplsRuleEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.4 hwAclMplsExp1 OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the EXP value in the first label of an MPLS packet. The value ranges from 0 to 7. The default value is 255." ::= { hwAclMplsRuleEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.5 hwAclMplsExp2 OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the EXP value in the second label of an MPLS packet. The value ranges from 0 to 7. The default value is 255." ::= { hwAclMplsRuleEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.6 hwAclMplsExp3 OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the EXP value in the third label of an MPLS packet. The value ranges from 0 to 7. The default value is 255." ::= { hwAclMplsRuleEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.7 hwAclMplsExp4 OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the EXP value in the fourth label of an MPLS packet. The value ranges from 0 to 7. The default value is 255." ::= { hwAclMplsRuleEntry 7 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.8 hwAclMplsLabel1 OBJECT-TYPE SYNTAX Integer32 (-1|0..1048575) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the Label value in the first label of an MPLS packet. The value ranges from 0 to 1048575. The default value is -1." ::= { hwAclMplsRuleEntry 8 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.9 hwAclMplsLabel2 OBJECT-TYPE SYNTAX Integer32 (-1|0..1048575) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the Label value in the second label of an MPLS packet. The value ranges from 0 to 1048575. The default value is -1." ::= { hwAclMplsRuleEntry 9 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.10 hwAclMplsLabel3 OBJECT-TYPE SYNTAX Integer32 (-1|0..1048575) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the Label value in the third label of an MPLS packet. The value ranges from 0 to 1048575. The default value is -1." ::= { hwAclMplsRuleEntry 10 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.11 hwAclMplsLabel4 OBJECT-TYPE SYNTAX Integer32 (-1|0..1048575) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object identifies the Label value in the fourth label of an MPLS packet. The value ranges from 0 to 1048575. The default value is -1." ::= { hwAclMplsRuleEntry 11 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.12 hwAclMplsTTLOP1 OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), range(5), invalid(0), any(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid." ::= { hwAclMplsRuleEntry 12 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.13 hwAclMplsTTL1Begin OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin value of a mpls ttl." ::= { hwAclMplsRuleEntry 13 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.14 hwAclMplsTTL1End OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end value of a mpls ttl." ::= { hwAclMplsRuleEntry 14 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.15 hwAclMplsTTLOP2 OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), range(5), invalid(0), any(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid." ::= { hwAclMplsRuleEntry 15 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.16 hwAclMplsTTL2Begin OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin value of a mpls ttl." ::= { hwAclMplsRuleEntry 16 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.17 hwAclMplsTTL2End OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end value of a mpls ttl." ::= { hwAclMplsRuleEntry 17 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.18 hwAclMplsTTLOP3 OBJECT-TYPE SYNTAX INTEGER { lt(1), eq(2), gt(3), range(5), invalid(0), any(255) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid." ::= { hwAclMplsRuleEntry 18 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.19 hwAclMplsTTL3Begin OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin value of a mpls ttl." ::= { hwAclMplsRuleEntry 19 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.20 hwAclMplsTTL3End OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end value of a mpls ttl." ::= { hwAclMplsRuleEntry 20 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.21 hwAclMplsRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, Now support three value:CreateAndGo,Active and Destroy." ::= { hwAclMplsRuleEntry 21 } -- 1.3.6.1.4.1.2011.5.1.1.18.1.22 hwAclMplsCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The object indicates the statistics of matched packets by the rule." ::= { hwAclMplsRuleEntry 22 } -- chenjing 43944 -- 1.3.6.1.4.1.2011.5.1.1.19 hwAclDomainNameConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclDomainNameConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the domain name." ::= { hwAclMibObjects 19 } -- 1.3.6.1.4.1.2011.5.1.1.19.1 hwAclDomainNameConfigEntry OBJECT-TYPE SYNTAX HwAclDomainNameConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a domain name." INDEX { hwAclDomainID } ::= { hwAclDomainNameConfigTable 1 } HwAclDomainNameConfigEntry ::= SEQUENCE { hwAclDomainID Integer32, hwAclDomainName OCTET STRING, hwAclDomainNameConfigRowStatus RowStatus } -- 1.3.6.1.4.1.2011.5.1.1.19.1.1 hwAclDomainID OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of DomianName table, the index range is (0..31)." ::= { hwAclDomainNameConfigEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.19.1.2 hwAclDomainName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (3..127)) MAX-ACCESS read-write STATUS current DESCRIPTION "The domian name." ::= { hwAclDomainNameConfigEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.19.1.3 hwAclDomainNameConfigRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status,Two actions are used: createAndGo(4), destroy(6)." ::= { hwAclDomainNameConfigEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.20 hwAclIPPoolTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIPPoolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the IP pool name." ::= { hwAclMibObjects 20 } -- 1.3.6.1.4.1.2011.5.1.1.20.1 hwAclIPPoolEntry OBJECT-TYPE SYNTAX HwAclIPPoolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a IP pool name." INDEX { hwAclIPPoolIndex } ::= { hwAclIPPoolTable 1 } HwAclIPPoolEntry ::= SEQUENCE { hwAclIPPoolIndex Integer32, hwAclIPPoolName OCTET STRING, hwAclIPPoolRowStatus RowStatus, hwAclIPPoolApplyBGPPeer TruthValue } -- 1.3.6.1.4.1.2011.5.1.1.20.1.1 hwAclIPPoolIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ACL IP pool table." ::= { hwAclIPPoolEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.20.1.2 hwAclIPPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IP pool name." ::= { hwAclIPPoolEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.20.1.3 hwAclIPPoolRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status." ::= { hwAclIPPoolEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.20.1.4 hwAclIPPoolApplyBGPPeer OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not BGP peers are applied." ::= { hwAclIPPoolEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.21 hwAclIPPoolIPTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIPPoolIPEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the IP address of IP pool." ::= { hwAclMibObjects 21 } -- 1.3.6.1.4.1.2011.5.1.1.21.1 hwAclIPPoolIPEntry OBJECT-TYPE SYNTAX HwAclIPPoolIPEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a IP address of IP pool." INDEX { hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex } ::= { hwAclIPPoolIPTable 1 } HwAclIPPoolIPEntry ::= SEQUENCE { hwAclIPPoolIPPoolIndex Integer32, hwAclIPPoolIPIndex Integer32, hwAclIPPoolIPIpAdd IpAddress, hwAclIPPoolIPIpWild IpAddress, hwAclIPPoolIPRowStatus RowStatus } -- 1.3.6.1.4.1.2011.5.1.1.21.1.1 hwAclIPPoolIPPoolIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the level 1 index, that is, the index of an IP address pool used by an ACL." ::= { hwAclIPPoolIPEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.21.1.2 hwAclIPPoolIPIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the level 2 index, that is, the index of an IPv4 address in an IP address pool used by an ACL." ::= { hwAclIPPoolIPEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.21.1.3 hwAclIPPoolIPIpAdd OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the IP-address." ::= { hwAclIPPoolIPEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.21.1.4 hwAclIPPoolIPIpWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the IP-address wild." ::= { hwAclIPPoolIPEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.21.1.5 hwAclIPPoolIPRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status." ::= { hwAclIPPoolIPEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.22 hwAclPortPoolTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclPortPoolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the port pool name." ::= { hwAclMibObjects 22 } -- 1.3.6.1.4.1.2011.5.1.1.22.1 hwAclPortPoolEntry OBJECT-TYPE SYNTAX HwAclPortPoolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a port pool name." INDEX { hwAclPortPoolIndex } ::= { hwAclPortPoolTable 1 } HwAclPortPoolEntry ::= SEQUENCE { hwAclPortPoolIndex Integer32, hwAclPortPoolName OCTET STRING, hwAclPortPoolRowStatus RowStatus } -- 1.3.6.1.4.1.2011.5.1.1.22.1.1 hwAclPortPoolIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ACL port pool table." ::= { hwAclPortPoolEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.22.1.2 hwAclPortPoolName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Port pool name." ::= { hwAclPortPoolEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.22.1.3 hwAclPortPoolRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status." ::= { hwAclPortPoolEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.23 hwAclPortPoolPortTable OBJECT-TYPE SYNTAX SEQUENCE OF HwAclPortPoolPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the port range of port pool." ::= { hwAclMibObjects 23 } -- 1.3.6.1.4.1.2011.5.1.1.23.1 hwAclPortPoolPortEntry OBJECT-TYPE SYNTAX HwAclPortPoolPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a port range of port pool." INDEX { hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex } ::= { hwAclPortPoolPortTable 1 } HwAclPortPoolPortEntry ::= SEQUENCE { hwAclPortPoolPortPoolIndex Integer32, hwAclPortPoolPortIndex Integer32, hwAclPortPoolPortOp INTEGER, hwAclPortPoolPortNumBegin Integer32, hwAclPortPoolPortNumEnd Integer32, hwAclPortPoolPortRowStatus RowStatus } -- 1.3.6.1.4.1.2011.5.1.1.23.1.1 hwAclPortPoolPortPoolIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the level 1 index, that is, the index of an ACL port pool." ::= { hwAclPortPoolPortEntry 1 } -- 1.3.6.1.4.1.2011.5.1.1.23.1.2 hwAclPortPoolPortIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the level 2 index, that is, the index of a port number in the ACL port pool." ::= { hwAclPortPoolPortEntry 2 } -- 1.3.6.1.4.1.2011.5.1.1.23.1.3 hwAclPortPoolPortOp OBJECT-TYPE SYNTAX INTEGER { invalid(0), lt(1), eq(2), gt(3), neq(4), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the Port operation. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid." ::= { hwAclPortPoolPortEntry 3 } -- 1.3.6.1.4.1.2011.5.1.1.23.1.4 hwAclPortPoolPortNumBegin OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the begin port number." ::= { hwAclPortPoolPortEntry 4 } -- 1.3.6.1.4.1.2011.5.1.1.23.1.5 hwAclPortPoolPortNumEnd OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates the end port number." ::= { hwAclPortPoolPortEntry 5 } -- 1.3.6.1.4.1.2011.5.1.1.23.1.6 hwAclPortPoolPortRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status." ::= { hwAclPortPoolPortEntry 6 } -- 1.3.6.1.4.1.2011.5.1.1.24 hwAclIPPool6Table OBJECT-TYPE SYNTAX SEQUENCE OF HwAclIPPool6Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the IPv6 pool name." ::= { hwAclMibObjects 24 } -- 1.3.6.1.4.1.2011.5.1.1.24.1 hwAclIPPool6Entry OBJECT-TYPE SYNTAX HwAclIPPool6Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry is a IPv6 pool name." INDEX { hwAclIPPool6Index } ::= { hwAclIPPool6Table 1 } HwAclIPPool6Entry ::= SEQUENCE { hwAclIPPool6Index Integer32, hwAclIPPool6Name OCTET STRING, hwAclIPPool6ApplyBGPIPv6Peer TruthValue, hwAclIPPool6RowStatus RowStatus } -- 1.3.6.1.4.1.2011.5.1.1.24.1.1 hwAclIPPool6Index OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The index of ACL IPv6 pool table." ::= { hwAclIPPool6Entry 1 } -- 1.3.6.1.4.1.2011.5.1.1.24.1.2 hwAclIPPool6Name OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The IPv6 pool name." ::= { hwAclIPPool6Entry 2 } -- 1.3.6.1.4.1.2011.5.1.1.24.1.3 hwAclIPPool6ApplyBGPIPv6Peer OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The object indicates whether or not BGP IPv6 peers are applied." ::= { hwAclIPPool6Entry 3 } -- 1.3.6.1.4.1.2011.5.1.1.24.1.4 hwAclIPPool6RowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status." ::= { hwAclIPPool6Entry 4 } -- Acl Trap MIB definition -- -- 1.3.6.1.4.1.2011.5.1.2 hwAclMibTrap OBJECT IDENTIFIER ::= { hwAcl 2 } -- 1.3.6.1.4.1.2011.5.1.2.1 hwAclTrapOid OBJECT IDENTIFIER ::= { hwAclMibTrap 1 } -- 1.3.6.1.4.1.2011.5.1.2.2 hwAclTrapsDefine OBJECT IDENTIFIER ::= { hwAclMibTrap 2 } -- 1.3.6.1.4.1.2011.5.1.2.2.1 hwAclTraps OBJECT IDENTIFIER ::= { hwAclTrapsDefine 1 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1 hwAclResourceTrapsTable OBJECT IDENTIFIER ::= { hwAclTraps 1 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.1 hwAclResSlotStr OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The infomation of slot." ::= { hwAclResourceTrapsTable 1 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.2 hwAclResStage OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The stage where trap infomation exists." ::= { hwAclResourceTrapsTable 2 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.3 hwAclResLimit OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The usage of rule resource." ::= { hwAclResourceTrapsTable 3 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4 hwAclResourceTrapsEntry OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 4 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1 hwAclResThresholdExceedClearTrap NOTIFICATION-TYPE OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } STATUS current DESCRIPTION "Acl resource lack clear trap" ::= { hwAclResourceTrapsEntry 1 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2 hwAclResThresholdExceedTrap NOTIFICATION-TYPE OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } STATUS current DESCRIPTION "Acl resource lack trap" ::= { hwAclResourceTrapsEntry 2 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3 hwAclResTotalCountExceedClearTrap NOTIFICATION-TYPE OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } STATUS current DESCRIPTION "Acl resource full clear trap" ::= { hwAclResourceTrapsEntry 3 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4 hwAclResTotalCountExceedTrap NOTIFICATION-TYPE OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } STATUS current DESCRIPTION "Acl resource full trap" ::= { hwAclResourceTrapsEntry 4 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5 hwAclResourceTrapsGroups OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 5 } -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1 hwAclResourceTrapsGroup NOTIFICATION-GROUP NOTIFICATIONS { hwAclResThresholdExceedClearTrap, hwAclResThresholdExceedTrap, hwAclResTotalCountExceedClearTrap, hwAclResTotalCountExceedTrap } STATUS current DESCRIPTION "Group for all acl resource traps." ::= { hwAclResourceTrapsGroups 1 } -- Acl MIB Conformance definition -- -- 1.3.6.1.4.1.2011.5.1.3 hwAclMibConformance OBJECT IDENTIFIER ::= { hwAcl 3 } -- 1.3.6.1.4.1.2011.5.1.3.1 hwAclMibCompliances OBJECT IDENTIFIER ::= { hwAclMibConformance 1 } -- this module -- 1.3.6.1.4.1.2011.5.1.3.1.1 hwAclMibCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the Huawei acl MIB." MODULE -- this module MANDATORY-GROUPS { hwAclGroup } OBJECT hwAclBasicRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destory(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclAdvancedRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destory(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclIfRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclIpv6BasicRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclIpv6AdvancedRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclEthernetFrameRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclAppliedRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclIpv6NumGroupRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclIpv6IfRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." OBJECT hwAclMplsRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "The value of creatAndWaite, notInservice and notReady are not required." ::= { hwAclMibCompliances 1 } -- 1.3.6.1.4.1.2011.5.1.3.2 hwAclMibGroups OBJECT IDENTIFIER ::= { hwAclMibConformance 2 } -- 1.3.6.1.4.1.2011.5.1.3.2.1 hwAclGroup OBJECT-GROUP OBJECTS { hwAclNumGroupMatchOrder, hwAclNumGroupSubitemNum, hwAclNumGroupAclName, hwAclBasicAct, hwAclBasicSrcIp, hwAclBasicSrcWild, hwAclBasicTimeRangeIndex, hwAclBasicFragments, hwAclBasicLog, hwAclBasicEnable, hwAclBasicCount, hwAclBasicVrfAny, hwAclBasicRowStatus, hwAclAdvancedAct, hwAclAdvancedProtocol, hwAclAdvancedSrcIp, hwAclAdvancedSrcWild, hwAclAdvancedSrcOp, hwAclAdvancedSrcPort1, hwAclAdvancedSrcPort2, hwAclAdvancedDestIp, hwAclAdvancedDestWild, hwAclAdvancedDestOp, hwAclAdvancedDestPort1, hwAclAdvancedDestPort2, hwAclAdvancedPrecedence, hwAclAdvancedTos, hwAclAdvancedDscp, hwAclAdvancedEstablish, hwAclAdvancedTimeRangeIndex, hwAclAdvancedIcmpType, hwAclAdvancedIcmpCode, hwAclAdvancedFragments, hwAclAdvancedLog, hwAclAdvancedEnable, hwAclAdvancedCount, hwAclAdvancedRowStatus, hwAclAdvancedTcpSyncFlag, hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName, hwAclAdvancedProtocolNew, hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd, hwAclAdvancedSrcPortPoolName, hwAclAdvancedDestPortPoolName, hwAclAdvancedIcmpTypeEnd, hwAclAdvancedVrfAny, hwAclIfAct, hwAclIfIndex, hwAclIfAny, hwAclIfTimeRangeIndex, hwAclIfLog, hwAclIfEnable, hwAclIfCount, hwAclIfRowStatus, hwAclUserAct, hwAclUserProtocol, hwAclUserSrcIp, hwAclUserSrcWild, hwAclUserSrcOp, hwAclUserSrcPort1, hwAclUserSrcPort2, hwAclUserDestIp, hwAclUserDestWild, hwAclUserDestOp, hwAclUserDestPort1, hwAclUserDestPort2, hwAclUserPrecedence, hwAclUserTos, hwAclUserDscp, hwAclUserEstablish, hwAclUserTimeRangeIndex, hwAclUserIcmpType, hwAclUserIcmpCode, hwAclUserFragments, hwAclUserLog, hwAclUserEnable, hwAclUserCount, hwAclUserSrcUserGroupName, hwAclUserDestUserGroupName, hwAclUserSrcModeType, hwAclUserDestModeType, hwAclUserRowStatus, hwAclCompileEnableFlag, hwAclNumGroupAclNum, hwAclBasicAclNum, hwAclBasicSubitem, hwAclAdvancedAclNum, hwAclAdvancedSubitem, hwAclIfAclNum, hwAclIfSubitem, hwAclUserAclNum, hwAclUserSubitem, hwAclUserVrfName, hwAclUserTcpSyncFlag, hwAclEthernetFrameEncapType, hwAclEthernetFrameDoubleTag, hwAclEthernetFrameVlanId, hwAclEthernetFrameVlanIdMask, hwAclEthernetFrameCVlanId, hwAclEthernetFrameCVlanIdMask, hwAclAppliedStatMode, hwAclAppliedStatCount, hwAclAppliedLimitCir, hwAclAppliedLimitPir, hwAclAppliedLimitCbs, hwAclAppliedLimitPbs, hwAclAppliedLimitGreenAction, hwAclAppliedLimitGreenValue, hwAclAppliedLimitYellowAction, hwAclAppliedLimitYellowValue, hwAclAppliedLimitRedAction, hwAclAppliedLimitRedValue, hwAclAppliedMirrObservedPort, hwAclAppliedMirrRspanVlan, hwAclAppliedRedirectIfIndex, hwAclAppliedRedirectIpAddr, hwAclAppliedRedirectIpv6Addr, hwAclAppliedRemarkVlan, hwAclAppliedRemarkCVlan, hwAclAppliedRemark8021p, hwAclAppliedRemarkDscp, hwAclAppliedRemarkIpPre, hwAclAppliedRemarkLocalPre, hwAclAppliedRemarkMacAddr, hwAclAppliedRowStatus, hwAclCompileNumGroupStatus, hwAclNumGroupStep, hwAclNumGroupDescription, hwAclNumGroupCountClear, hwAclNumGroupRowStatus, hwAclBasicVrfName, hwAclAdvancedVrfName, hwAclIpv6BasicAct, hwAclIpv6BasicSrcIp, hwAclIpv6BasicSrcPrefix, hwAclIpv6BasicTimeRangeIndex, hwAclIpv6BasicFragment, hwAclIpv6BasicLog, hwAclIpv6BasicEnable, hwAclIpv6BasicCount, hwAclIpv6BasicVrfName, hwAclIpv6BasicRowStatus, hwAclIpv6BasicVrfAny, hwAclIpv6AdvancedAct, hwAclIpv6AdvancedProtocol, hwAclIpv6AdvancedSrcIp, hwAclIpv6AdvancedSrcPrefix, hwAclIpv6AdvancedSrcOp, hwAclIpv6AdvancedSrcPort1, hwAclIpv6AdvancedSrcPort2, hwAclIpv6AdvancedDestIp, hwAclIpv6AdvancedDestPrefix, hwAclIpv6AdvancedDestOp, hwAclIpv6AdvancedDestPort1, hwAclIpv6AdvancedDestPort2, hwAclIpv6AdvancedPrecedence, hwAclIpv6AdvancedTos, hwAclIpv6AdvancedDscp, hwAclIpv6AdvancedEstablish, hwAclIpv6AdvancedTimeRangeIndex, hwAclIpv6AdvancedIcmpType, hwAclIpv6AdvancedIcmpCode, hwAclIpv6AdvancedFragment, hwAclIpv6AdvancedLog, hwAclIpv6AdvancedEnable, hwAclIpv6AdvancedCount, hwAclIpv6AdvancedVrfName, hwAclIpv6AdvancedRowStatus, hwAclIpv6AdvancedProtocolNew, hwAclIpv6AdvancedIcmpTypeEnd, hwAclIpv6AdvancedVrfAny, hwAclEthernetFrameAct, hwAclEthernetFrameType, hwAclEthernetFrameTypeMask, hwAclEthernetFrameSrcMac, hwAclEthernetFrameSrcMacMask, hwAclEthernetFrameDstMac, hwAclEthernetFrameDstMacMask, hwAclEthernetFrameTimeRangeIndex, hwAclEthernetFrameLog, hwAclEthernetFrameEnable, hwAclEthernetFrameCount, hwAclEthernetFrameRowStatus, hwAclEthernetFrameRule8021p, hwAclEthernetFrameRuleCVlan8021p, hwAclIpv6NumGroupMatchOrder, hwAclIpv6NumGroupSubitemNum, hwAclIpv6NumGroupCountClear, hwAclIpv6NumGroupRowStatus, hwAclIpv6NumGroupAclName, hwAclIpv6IfAct, hwAclIpv6IfIndex, hwAclIpv6IfAny, hwAclIpv6IfTimeRangeIndex, hwAclIpv6IfLog, hwAclIpv6IfEnable, hwAclIpv6IfCount, hwAclIpv6IfRowStatus, hwAclMplsAct, hwAclMplsExp1, hwAclMplsExp2, hwAclMplsExp3, hwAclMplsExp4, hwAclMplsLabel1, hwAclMplsLabel2, hwAclMplsLabel3, hwAclMplsLabel4, hwAclMplsTTLOP1, hwAclMplsTTL1Begin, hwAclMplsTTL1End, hwAclMplsTTLOP2, hwAclMplsTTL2Begin, hwAclMplsTTL2End, hwAclMplsTTLOP3, hwAclMplsTTL3Begin, hwAclMplsTTL3End, hwAclMplsRowStatus, hwAclMplsCount, hwAclIpv6BasicSrcMask, hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask, hwAclIPPoolIndex, hwAclIPPoolName, hwAclIPPoolRowStatus, hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex, hwAclIPPoolIPIpAdd, hwAclIPPoolIPIpWild, hwAclIPPoolIPRowStatus, hwAclPortPoolIndex, hwAclPortPoolName, hwAclPortPoolRowStatus, hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex, hwAclPortPoolPortOp, hwAclPortPoolPortNumBegin, hwAclPortPoolPortNumEnd, hwAclPortPoolPortRowStatus} STATUS current DESCRIPTION "A collection of objects providing mandatory acl information." ::= { hwAclMibGroups 1 } END