diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/hp/BLADETYPE2-ACL-MIB | |
| download | mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.tar.gz mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.zip | |
Diffstat (limited to 'MIBS/hp/BLADETYPE2-ACL-MIB')
| -rw-r--r-- | MIBS/hp/BLADETYPE2-ACL-MIB | 1321 |
1 files changed, 1321 insertions, 0 deletions
diff --git a/MIBS/hp/BLADETYPE2-ACL-MIB b/MIBS/hp/BLADETYPE2-ACL-MIB new file mode 100644 index 0000000..dd54d7e --- /dev/null +++ b/MIBS/hp/BLADETYPE2-ACL-MIB @@ -0,0 +1,1321 @@ +-- COPYRIGHT NOTICE +-- Copyright (c) Hewlett Packard Company, 2005 +-- All rights reserved +-- +-- + +BLADETYPE2-ACL-MIB DEFINITIONS ::= BEGIN + +IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, IpAddress + FROM SNMPv2-SMI + MacAddress + FROM SNMPv2-TC + hpSwitchBladeType2-Mgmt + FROM HP-SWITCH-PL-MIB + ; + +acl MODULE-IDENTITY + LAST-UPDATED "200510120000Z" -- 12 October 2005 + ORGANIZATION "Hewlett Packard Company" + CONTACT-INFO "customerservice@hp.com" + DESCRIPTION + "The MIB module for the Access Control List configuration + and statistics." + ::= { hpSwitchBladeType2-Mgmt 9 } + +-- MIB_INSERT_START +-- ---------------------------------------------------------------------------- +-- { INSERT: bt2acl +-- ---------------------------------------------------------------------------- + +acConfig OBJECT IDENTIFIER ::= { acl 1 } + +acList OBJECT IDENTIFIER ::= { acConfig 1 } +aclBlock OBJECT IDENTIFIER ::= { acConfig 2 } +aclGroup OBJECT IDENTIFIER ::= { acConfig 3 } + +-- ---------------------------------------------------------- -- +-- Access Control List (ACL) Configuration +-- ---------------------------------------------------------- -- + +aclCurCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of current ACL configuration." + ::= { acList 1 } + +aclCurCfgEntry OBJECT-TYPE + SYNTAX AclCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Current information about a particular ACL configuration entry." + INDEX { aclCurCfgIndex } + ::= { aclCurCfgTable 1 } + +AclCurCfgEntry ::= SEQUENCE { + aclCurCfgIndex Unsigned32, + aclCurCfgBlock Unsigned32, + aclCurCfgGroup Unsigned32, + aclCurCfgFilterAction INTEGER, + aclCurCfgFilterActionSetCOS INTEGER, + aclCurCfgEthFmt INTEGER, + aclCurCfgTagFmt INTEGER, + aclCurCfgSrcMACAddress MacAddress, + aclCurCfgSrcMACMask MacAddress, + aclCurCfgDstMACAddress MacAddress, + aclCurCfgDstMACMask MacAddress, + aclCurCfgEthernetTypeName INTEGER, + aclCurCfgEthernetTypeValue INTEGER, + aclCurCfgVLanId INTEGER, + aclCurCfgVLanMask INTEGER, + aclCurCfg8021pPriority INTEGER, + aclCurCfgTypeOfService INTEGER, + aclCurCfgProtocol INTEGER, + aclCurCfgSrcIPAddress IpAddress, + aclCurCfgSrcIPMask IpAddress, + aclCurCfgDstIPAddress IpAddress, + aclCurCfgDstIPMask IpAddress, + aclCurCfgSrcPort INTEGER, + aclCurCfgSrcPortMask INTEGER, + aclCurCfgDstPort INTEGER, + aclCurCfgDstPortMask INTEGER, + aclCurCfgTCPFlags BITS, + aclCurCfgTCPFlagsMask BITS, + aclCurCfgEgressPorts OCTET STRING, + aclCurCfgStatistics INTEGER + } + +aclCurCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL entry." + ::= { aclCurCfgEntry 1 } + +aclCurCfgBlock OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of the ACL block to which this ACL entry is a member of. + A value of zero means the ACL is not a member of any block." + ::= { aclCurCfgEntry 2 } + +aclCurCfgGroup OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of the ACL group to which this ACL entry is a member of. + A value of zero means the ACL is not a member of any group." + ::= { aclCurCfgEntry 3 } + +aclCurCfgFilterAction OBJECT-TYPE + SYNTAX INTEGER { + none(0), + permit(1), + deny(2), + setcos(3) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The action to be performed on a packet that matches the filter + settings of this ACL entry." + ::= { aclCurCfgEntry 4 } + +aclCurCfgFilterActionSetCOS OBJECT-TYPE + SYNTAX INTEGER { + none(0), + cos0(1), + cos1(2), + cos2(3), + cos3(4), + cos4(5), + cos5(6), + cos6(7), + cos7(8) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value to be used when the action to be performed is setCOS + for this ACL entry." + ::= { aclCurCfgEntry 5 } + +aclCurCfgEthFmt OBJECT-TYPE + SYNTAX INTEGER { + none(0), + ethernet2(1), + snap(2), + llc(3), + ieee802dot3(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The packet ethernet format to be filtered." + ::= { aclCurCfgEntry 6 } + +aclCurCfgTagFmt OBJECT-TYPE + SYNTAX INTEGER { + untagged(1), + tagged(2) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The packet tag format to be filtered." + ::= { aclCurCfgEntry 7 } + +aclCurCfgSrcMACAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The source MAC address to be filtered." + ::= { aclCurCfgEntry 9 } + +aclCurCfgSrcMACMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The address mask applied to aclCurCfgSrcMACAddress for filtering." + ::= { aclCurCfgEntry 10 } + +aclCurCfgDstMACAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The destination MAC address to be filtered." + ::= { aclCurCfgEntry 11 } + +aclCurCfgDstMACMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The address mask applied to aclCurCfgDstMACAddress for filtering." + ::= { aclCurCfgEntry 12 } + +aclCurCfgEthernetTypeName OBJECT-TYPE + SYNTAX INTEGER { + none(0), + arp(1), + ipv4(2), + ipv6(3), + mpls(4), + rarp(5), + any(6), + other(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Ethernet type to be filtered. If the value of this + object is other(7), the value of aclNewCfgEthernetTypeValue + indicates the ethernet type that will be filtered." + ::= { aclCurCfgEntry 13 } + +aclCurCfgEthernetTypeValue OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The Ethernet type value to be filtered. The value of this + object is equivalent to the value of aclNewCfgEthernetTypeName + except when the value of aclNewCfgEthernetTypeName is other(7), + which can be any user-defined value for this object." + ::= { aclCurCfgEntry 14 } + +aclCurCfgVLanId OBJECT-TYPE + SYNTAX INTEGER (0..4095) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The virtual LAN identifier to be filtered." + ::= { aclCurCfgEntry 15 } + +aclCurCfgVLanMask OBJECT-TYPE + SYNTAX INTEGER (0..4095) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The mask applied to aclCurCfgVLanId for filtering." + ::= { aclCurCfgEntry 16 } + +aclCurCfg8021pPriority OBJECT-TYPE + SYNTAX INTEGER { + none(0), + priority0(1), + priority1(2), + priority2(3), + priority3(4), + priority4(5), + priority5(6), + priority6(7), + priority7(8) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The 802.1p priority to be filtered." + ::= { aclCurCfgEntry 17 } + +aclCurCfgTypeOfService OBJECT-TYPE + SYNTAX INTEGER (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of service to be filtered." + ::= { aclCurCfgEntry 18 } + +aclCurCfgProtocol OBJECT-TYPE + SYNTAX INTEGER (0..255) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The protocol to be filtered." + ::= { aclCurCfgEntry 19 } + +aclCurCfgSrcIPAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The source IP address to be filtered." + ::= { aclCurCfgEntry 20 } + +aclCurCfgSrcIPMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The address mask applied to aclCurCfgSrcIPAddress for filtering." + ::= { aclCurCfgEntry 21 } + +aclCurCfgDstIPAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The destination IP address to be filtered." + ::= { aclCurCfgEntry 22 } + +aclCurCfgDstIPMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The address mask applied to aclCurCfgDstIPAddress for filtering." + ::= { aclCurCfgEntry 23 } + +aclCurCfgSrcPort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The source TCP/UDP port number to be filtered." + ::= { aclCurCfgEntry 24 } + +aclCurCfgSrcPortMask OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The mask applied to aclCurCfgSrcPort for filtering." + ::= { aclCurCfgEntry 25 } + +aclCurCfgDstPort OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The destination TCP/UDP port number to be filtered." + ::= { aclCurCfgEntry 26 } + +aclCurCfgDstPortMask OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The mask applied to aclCurCfgDstPort for filtering." + ::= { aclCurCfgEntry 27 } + +aclCurCfgTCPFlags OBJECT-TYPE + SYNTAX BITS { + reserved1(0), + reserved2(1), + tcpURG(2), + tcpACK(3), + tcpPSH(4), + tcpRST(5), + tcpSYN(6), + tcpFIN(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The TCP flags to be filtered. + OCTET + xxxxxxxx + ||||..|| + ||||..||_tcpFIN(7) + ||||..|__tcpSYN(6) + |||| + ||||_____tcpACK(3) + |||______tcpURG(2) + ||_______reserved2(1) + |________reserved1(0) + + where: + - reserved1 - 0; + - reserved2 - 0; + - x - 0 or 1; + " + ::= { aclCurCfgEntry 28 } + +aclCurCfgTCPFlagsMask OBJECT-TYPE + SYNTAX BITS { + reserved1(0), + reserved2(1), + tcpURG(2), + tcpACK(3), + tcpPSH(4), + tcpRST(5), + tcpSYN(6), + tcpFIN(7) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The TCP flags mask. + OCTET + xxxxxxxx + ||||..|| + ||||..||_tcpFIN(7) + ||||..|__tcpSYN(6) + |||| + ||||_____tcpACK(3) + |||______tcpURG(2) + ||_______reserved2(1) + |________reserved1(0) + + where: + - reserved1 - 0; + - reserved2 - 0; + - x - 0 or 1; + " + ::= { aclCurCfgEntry 39 } + +aclCurCfgEgressPorts OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The port list in the ACL configured for egress filtering. + The ports are presented in bitmap format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ port 9 + || || + || ||___ port 8 + || |____ port 7 + || . . . + ||_________ port 2 + |__________ port 1 + + where x: + 1 - the represented port is configured for filtering. + 0 - the represented port is not configured for filtering." + ::= { aclCurCfgEntry 29 } + +aclCurCfgStatistics OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Whether statistics collection for this ACL is enabled or not." + ::= { aclCurCfgEntry 30 } + + +-- +-- New ACL Configuration Table +-- + +aclNewCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of new ACL configuration." + ::= { acList 2 } + +aclNewCfgEntry OBJECT-TYPE + SYNTAX AclNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "New information about a particular ACL configuration." + INDEX { aclNewCfgIndex } + ::= { aclNewCfgTable 1 } + +AclNewCfgEntry ::= SEQUENCE { + aclNewCfgIndex Unsigned32, + aclNewCfgBlock Unsigned32, + aclNewCfgGroup Unsigned32, + aclNewCfgFilterAction INTEGER, + aclNewCfgFilterActionSetCOS INTEGER, + aclNewCfgEthFmt INTEGER, + aclNewCfgTagFmt INTEGER, + aclNewCfgSrcMACAddress MacAddress, + aclNewCfgSrcMACMask MacAddress, + aclNewCfgDstMACAddress MacAddress, + aclNewCfgDstMACMask MacAddress, + aclNewCfgEthernetTypeName INTEGER, + aclNewCfgEthernetTypeValue INTEGER, + aclNewCfgVLanId INTEGER, + aclNewCfgVLanMask INTEGER, + aclNewCfg8021pPriority INTEGER, + aclNewCfgTypeOfService INTEGER, + aclNewCfgProtocol INTEGER, + aclNewCfgSrcIPAddress IpAddress, + aclNewCfgSrcIPMask IpAddress, + aclNewCfgDstIPAddress IpAddress, + aclNewCfgDstIPMask IpAddress, + aclNewCfgSrcPort INTEGER, + aclNewCfgSrcPortMask INTEGER, + aclNewCfgDstPort INTEGER, + aclNewCfgDstPortMask INTEGER, + aclNewCfgTCPFlags BITS, + aclNewCfgTCPFlagsMask BITS, + aclNewCfgEgressPorts OCTET STRING, + aclNewCfgStatistics INTEGER, + aclNewCfgAddEgressPort Unsigned32, + aclNewCfgRemoveEgressPort Unsigned32, + aclNewCfgDelete INTEGER + } + +aclNewCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL entry." + ::= { aclNewCfgEntry 1 } + +aclNewCfgBlock OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of the ACL block to which this ACL entry is a member of. + A value of zero means the ACL is not a member of any block." + ::= { aclNewCfgEntry 2 } + +aclNewCfgGroup OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of the ACL group to which this ACL entry is a member of. + A value of zero means the ACL is not a member of any group." + ::= { aclNewCfgEntry 3 } + +aclNewCfgFilterAction OBJECT-TYPE + SYNTAX INTEGER { + none(0), + permit(1), + deny(2), + setcos(3) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The action to be performed on a packet that matches the filter + settings of this ACL entry." + ::= { aclNewCfgEntry 4 } + +aclNewCfgFilterActionSetCOS OBJECT-TYPE + SYNTAX INTEGER { + none(0), + cos0(1), + cos1(2), + cos2(3), + cos3(4), + cos4(5), + cos5(6), + cos6(7), + cos7(8) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The COS queue to be used when the action for this ACL entry is + set to SetCOS." + ::= { aclNewCfgEntry 5 } + +aclNewCfgEthFmt OBJECT-TYPE + SYNTAX INTEGER { + none(0), + ethernet2(1), + snap(2), + llc(3), + ieee802dot3(4) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The packet ethernet format to be filtered." + ::= { aclNewCfgEntry 6 } + +aclNewCfgTagFmt OBJECT-TYPE + SYNTAX INTEGER { + none(1), + tagged(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The packet tagging format to be filtered." + ::= { aclNewCfgEntry 7 } + +aclNewCfgSrcMACAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The source MAC address to be filtered. Whenever this object is + set to a nonzero value, the aclNewCfgSrcMACMask object, if not + yet set, will be automatically set to ff:ff:ff:ff:ff." + ::= { aclNewCfgEntry 9 } + +aclNewCfgSrcMACMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The address mask to be applied to aclNewCfgSrcMACAddress + for filtering." + ::= { aclNewCfgEntry 10 } + +aclNewCfgDstMACAddress OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The destination MAC address to be filtered. Whenever this object + is set to a nonzero value, the aclNewCfgDstMACMask object, if not + yet set, will be automatically set to ff:ff:ff:ff:ff." + ::= { aclNewCfgEntry 11 } + +aclNewCfgDstMACMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The address mask to be applied to aclNewCfgDstMACAddress + for filtering." + ::= { aclNewCfgEntry 12 } + +aclNewCfgEthernetTypeName OBJECT-TYPE + SYNTAX INTEGER { + none(0), + arp(1), + ipv4(2), + ipv6(3), + mpls(4), + rarp(5), + any(6), + other(7) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The Ethernet type to be filtered. If the value of this + object is other(7), the value of aclNewCfgEthernetTypeValue + indicates the ethernet type that will be filtered. If this + object is set to a value other than other(7), the value of + the aclNewCfgEthernetTypeValue object is automatically set, + as follows: + + aclNewCfgEthernetTypeName aclNewCfgEthernetTypeValue + none(0) 0 + arp(1) 2054 (0x0806) + ipv4(2) 2048 (0x0800) + ipv6(3) 34525 (0x86dd) + mpls(4) 34887 (0x8847) + rarp(5) 32821 (0x8035) + any(6) 65535 (0xffff) + " + ::= { aclNewCfgEntry 13 } + +aclNewCfgEthernetTypeValue OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The Ethernet type value to be filtered. The value of this + object is equivalent to the value of aclNewCfgEthernetTypeName + except when the value of aclNewCfgEthernetTypeName is other(7), + which can be any user-defined value for this object." + ::= { aclNewCfgEntry 14 } + +aclNewCfgVLanId OBJECT-TYPE + SYNTAX INTEGER (1..4095) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The virtual LAN identifier to be filtered. Whenever this object + is set to a nonzero value, the aclNewCfgVLanMask object, if not + yet set, will be automatically set to 4095 (0xfff)." + ::= { aclNewCfgEntry 15 } + +aclNewCfgVLanMask OBJECT-TYPE + SYNTAX INTEGER (0..4095) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The mask to be applied to aclNewCfgVLanId for filtering." + ::= { aclNewCfgEntry 16 } + +aclNewCfg8021pPriority OBJECT-TYPE + SYNTAX INTEGER { + none(0), + priority0(1), + priority1(2), + priority2(3), + priority3(4), + priority4(5), + priority5(6), + priority6(7), + priority7(8) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The 802.1p priority to be filtered." + ::= { aclNewCfgEntry 17 } + +aclNewCfgTypeOfService OBJECT-TYPE + SYNTAX INTEGER (0..255) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The type of service to be filtered." + ::= { aclNewCfgEntry 18 } + +aclNewCfgProtocol OBJECT-TYPE + SYNTAX INTEGER (0..255) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The protocol to be filtered." + ::= { aclNewCfgEntry 19 } + +aclNewCfgSrcIPAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The source IP address to be filtered. Whenever this object is set + to a nonzero value, the aclNewCfgSrcIPMask object, if not yet set, + will be automatically set to 255.255.255.255." + ::= { aclNewCfgEntry 20 } + +aclNewCfgSrcIPMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The address mask to be applied to aclNewCfgSrcIPAddress + for filtering." + ::= { aclNewCfgEntry 21 } + +aclNewCfgDstIPAddress OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The destination IP address to be filtered. Whenever this object is set + to a nonzero value, the aclNewCfgDstIPMask object, if not yet set, + will be automatically set to 255.255.255.255." + ::= { aclNewCfgEntry 22 } + +aclNewCfgDstIPMask OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The address mask to be applied to aclNewCfgDstIPAddress for filtering." + ::= { aclNewCfgEntry 23 } + +aclNewCfgSrcPort OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The source TCP/UDP port number to be filtered. Whenever this + object is set if the aclNewCfgSrcPortMask object is not set + will be automatically set to 65535 (0xffff)." + ::= { aclNewCfgEntry 24 } + +aclNewCfgSrcPortMask OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The mask to be applied to aclNewCfgSrcPort for filtering." + ::= { aclNewCfgEntry 25 } + +aclNewCfgDstPort OBJECT-TYPE + SYNTAX INTEGER (1..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The destination TCP/UDP port number to be filtered. Whenever this + object is set the aclNewCfgSrcPortMask object, if not yet set, will + be automatically set to 65535 (0xffff)." + ::= { aclNewCfgEntry 26 } + +aclNewCfgDstPortMask OBJECT-TYPE + SYNTAX INTEGER (0..65535) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The mask to be applied to aclNewCfgDstPort for filtering." + ::= { aclNewCfgEntry 27 } + +aclNewCfgTCPFlags OBJECT-TYPE + SYNTAX BITS { + reserved1(0), + reserved2(1), + tcpURG(2), + tcpACK(3), + tcpPSH(4), + tcpRST(5), + tcpSYN(6), + tcpFIN(7) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The TCP flags to be filtered. + The TCP flags are presented in bitmap format, as follows: + OCTET + xxxxxxxx + ||||..|| + ||||..||_tcpFIN(7) + ||||..|__tcpSYN(6) + |||| + ||||_____tcpACK(3) + |||______tcpURG(2) + ||_______reserved2(1) + |________reserved1(0) + + where: + - reserved1 - 0; + - reserved2 - 0; + - x - 0 or 1; + " + ::= { aclNewCfgEntry 28 } + +aclNewCfgTCPFlagsMask OBJECT-TYPE + SYNTAX BITS { + reserved1(0), + reserved2(1), + tcpURG(2), + tcpACK(3), + tcpPSH(4), + tcpRST(5), + tcpSYN(6), + tcpFIN(7) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The TCP flags mask. + The TCP flags are presented in bitmap format, as follows: + OCTET + xxxxxxxx + ||||..|| + ||||..||_tcpFIN(7) + ||||..|__tcpSYN(6) + |||| + ||||_____tcpACK(3) + |||______tcpURG(2) + ||_______reserved2(1) + |________reserved1(0) + + where: + - reserved1 - 0; + - reserved2 - 0; + - x - 0 or 1; + Default value is 0x3f." + ::= { aclNewCfgEntry 39 } + +aclNewCfgEgressPorts OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The port list in the ACL configured for egress filtering. + The ports are presented in bitmap format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ port 9 + || || + || ||___ port 8 + || |____ port 7 + || . . . + ||_________ port 2 + |__________ port 1 + + where x: + 1 - the represented port is configured for filtering. + 0 - the represented port is not configured for filtering." + ::= { aclNewCfgEntry 29 } + +aclNewCfgStatistics OBJECT-TYPE + SYNTAX INTEGER { + disable(0), + enable(1) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Whether statistics collection for this ACL is enabled or not." + ::= { aclNewCfgEntry 30 } + +aclNewCfgAddEgressPort OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The port to be added to the specified ACL for egress filtering. + A value of zero is always returned when this object is read." + ::= { aclNewCfgEntry 31 } + +aclNewCfgRemoveEgressPort OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The port to be removed from the specified ACL. A value of zero + is always returned when this object is read." + ::= { aclNewCfgEntry 32 } + +aclNewCfgDelete OBJECT-TYPE + SYNTAX INTEGER { + other(1), + delete(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This is an action object to delete an ACL entry. A value of + other(1) is always returned when this object is read." + ::= { aclNewCfgEntry 33 } + + +-- ---------------------------------------------------------- -- +-- ACL Block Configuration +-- ---------------------------------------------------------- -- + +aclBlockCurCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclBlockCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of current ACL block configuration." + ::= { aclBlock 1 } + +aclBlockCurCfgEntry OBJECT-TYPE + SYNTAX AclBlockCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Current information about a particular ACL block configuration." + INDEX { aclBlockCurCfgIndex } + ::= { aclBlockCurCfgTable 1 } + +AclBlockCurCfgEntry ::= SEQUENCE { + aclBlockCurCfgIndex Unsigned32, + aclBlockCurCfgMemberAcls OCTET STRING + } + +aclBlockCurCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL block entry." + ::= { aclBlockCurCfgEntry 1 } + +aclBlockCurCfgMemberAcls OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL members of this ACL block, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL 9 + || || + || ||___ ACL 8 + || |____ ACL 7 + || . . . + ||_________ ACL 2 + |__________ ACL 1 + + where x: + 1 - the represented ACL is a member of the block. + 0 - the represented ACL is not a member of the block." + ::= { aclBlockCurCfgEntry 2 } + +aclBlockNewCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclBlockNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of new ACL block configuration." + ::= { aclBlock 2 } + +aclBlockNewCfgEntry OBJECT-TYPE + SYNTAX AclBlockNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "New information about a particular ACL block configuration." + INDEX { aclBlockNewCfgIndex } + ::= { aclBlockNewCfgTable 1 } + +AclBlockNewCfgEntry ::= SEQUENCE { + aclBlockNewCfgIndex Unsigned32, + aclBlockNewCfgMemberAcls OCTET STRING, + aclBlockNewCfgAddAcl Unsigned32, + aclBlockNewCfgRemoveAcl Unsigned32, + aclBlockNewCfgDelete INTEGER + } + +aclBlockNewCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL block entry." + ::= { aclBlockNewCfgEntry 1 } + +aclBlockNewCfgMemberAcls OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL members of this ACL block, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL 9 + || || + || ||___ ACL 8 + || |____ ACL 7 + || . . . + ||_________ ACL 2 + |__________ ACL 1 + + where x: + 1 - the represented ACL is a member of the block. + 0 - the represented ACL is not a member of the block." + ::= { aclBlockNewCfgEntry 2 } + +aclBlockNewCfgAddAcl OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL entry to be added into this ACL block. + A successful set operation on this object will also set the bit + corresponding to the ACL entry in the aclBlockNewCfgMemberAcls + bitmap. A value of zero is always returned when this object + is read." + ::= { aclBlockNewCfgEntry 3 } + +aclBlockNewCfgRemoveAcl OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL entry to be removed from this ACL block. + A successful set operation on this object will unset the bit + corresponding to the ACL entry in the aclBlockNewCfgMemberAcls + bitmap. A value of zero is always returned when this object + is read." + ::= { aclBlockNewCfgEntry 4 } + +aclBlockNewCfgDelete OBJECT-TYPE + SYNTAX INTEGER { + other(1), + delete(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This is an action object to delete an ACL block. A value of + other(1) is always returned when this object is read." + ::= { aclBlockNewCfgEntry 5 } + + +-- ---------------------------------------------------------- -- +-- ACL Group Configuration +-- ---------------------------------------------------------- -- + +aclGroupCurCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclGroupCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of current ACL Group configuration." + ::= { aclGroup 1 } + +aclGroupCurCfgEntry OBJECT-TYPE + SYNTAX AclGroupCurCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Information about a particular ACL configuration." + INDEX { aclGroupCurCfgIndex } + ::= { aclGroupCurCfgTable 1 } + +AclGroupCurCfgEntry ::= SEQUENCE { + aclGroupCurCfgIndex Unsigned32, + aclGroupCurCfgMemberAcls OCTET STRING, + aclGroupCurCfgMemberBlocks OCTET STRING + } + +aclGroupCurCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL Group entry." + ::= { aclGroupCurCfgEntry 1 } + +aclGroupCurCfgMemberAcls OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL members of this ACL group, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL 9 + || || + || ||___ ACL 8 + || |____ ACL 7 + || . . . + ||_________ ACL 2 + |__________ ACL 1 + + where x: + 1 - the represented ACL is a member of the group. + 0 - the represented ACL is not a member of the group." + ::= { aclGroupCurCfgEntry 2 } + +aclGroupCurCfgMemberBlocks OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL block members of this ACL group, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL Block 9 + || || + || ||___ ACL Block 8 + || |____ ACL Block 7 + || . . . . + ||_________ ACL Block 2 + |__________ ACL Block 1 + + where x: + 1 - the represented ACL block is a member of the group. + 0 - the represented ACL block is not a member of the group." + ::= { aclGroupCurCfgEntry 3 } + +aclGroupNewCfgTable OBJECT-TYPE + SYNTAX SEQUENCE OF AclGroupNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The table of new ACL Group configuration." + ::= { aclGroup 2 } + +aclGroupNewCfgEntry OBJECT-TYPE + SYNTAX AclGroupNewCfgEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "New information about a particular ACL configuration." + INDEX { aclGroupNewCfgIndex } + ::= { aclGroupNewCfgTable 1 } + +AclGroupNewCfgEntry ::= SEQUENCE { + aclGroupNewCfgIndex Unsigned32, + aclGroupNewCfgMemberAcls OCTET STRING, + aclGroupNewCfgMemberBlocks OCTET STRING, + aclGroupNewCfgAddAcl Unsigned32, + aclGroupNewCfgRemoveAcl Unsigned32, + aclGroupNewCfgAddBlock Unsigned32, + aclGroupNewCfgRemoveBlock Unsigned32, + aclGroupNewCfgDelete INTEGER + } + +aclGroupNewCfgIndex OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index associated with this ACL Group entry." + ::= { aclGroupNewCfgEntry 1 } + +aclGroupNewCfgMemberAcls OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL members of this ACL group, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL 9 + || || + || ||___ ACL 8 + || |____ ACL 7 + || . . . + ||_________ ACL 2 + |__________ ACL 1 + + where x: + 1 - the represented ACL is a member of the group. + 0 - the represented ACL is not a member of the group." + ::= { aclGroupNewCfgEntry 2 } + +aclGroupNewCfgMemberBlocks OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The ACL block members of this ACL group, presented in bitmap + format, as follows: + + OCTET 1 OCTET 2 ..... + xxxxxxxx xxxxxxxx ..... + || || | + || || |_ ACL Block 9 + || || + || ||___ ACL Block 8 + || |____ ACL Block 7 + || . . . . + ||_________ ACL Block 2 + |__________ ACL Block 1 + + where x: + 1 - the represented ACL block is a member of the group. + 0 - the represented ACL block is not a member of the group." + ::= { aclGroupNewCfgEntry 3 } + +aclGroupNewCfgAddAcl OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL entry to be added into this ACL group. + A successful set operation on this object will also set the bit + corresponding to the ACL entry in the aclGroupNewCfgMemberAcls + bitmap. A value of zero is always returned when this object + is read." + ::= { aclGroupNewCfgEntry 4 } + +aclGroupNewCfgRemoveAcl OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL entry to be removed from this ACL group. + A successful set operation on this object will unset the bit + corresponding to the ACL entry in the aclGroupNewCfgMemberAcls + bitmap. A value of zero is always returned when this object + is read." + ::= { aclGroupNewCfgEntry 5 } + +aclGroupNewCfgAddBlock OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL block entry to be added into this ACL group. + A successful set operation on this object will also set the bit + corresponding to the ACL block entry in the aclGroupNewCfgMemberBlocks + bitmap. A value of zero is always returned when this object + is read." + ::= { aclGroupNewCfgEntry 6 } + +aclGroupNewCfgRemoveBlock OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The index of the ACL block entry to be removed from this ACL group. + A successful set operation on this object will unset the bit + corresponding to the ACL block entry in the aclGroupNewCfgMemberBlocks + bitmap. A value of zero is always returned when this object + is read." + ::= { aclGroupNewCfgEntry 7 } + +aclGroupNewCfgDelete OBJECT-TYPE + SYNTAX INTEGER { + other(1), + delete(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This is an action object to delete an ACL group. A value of other(1) + is always returned when this object is read." + ::= { aclGroupNewCfgEntry 8 } + + +-- ---------------------------------------------------------------------------- +-- } INSERT: bt2acl +-- ---------------------------------------------------------------------------- + +END + + |