From 98a672123c7872f6b9b75a9a2b6bb3aea504de6a Mon Sep 17 00:00:00 2001 From: David Leutgeb Date: Tue, 5 Dec 2023 12:25:34 +0100 Subject: Initial commit --- MIBS/huawei/HUAWEI-ACL-MIB | 4741 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 4741 insertions(+) create mode 100644 MIBS/huawei/HUAWEI-ACL-MIB (limited to 'MIBS/huawei/HUAWEI-ACL-MIB') diff --git a/MIBS/huawei/HUAWEI-ACL-MIB b/MIBS/huawei/HUAWEI-ACL-MIB new file mode 100644 index 0000000..e16a3b6 --- /dev/null +++ b/MIBS/huawei/HUAWEI-ACL-MIB @@ -0,0 +1,4741 @@ +-- ==================================================================== +-- Copyright (C) 2017 by HUAWEI TECHNOLOGIES. All rights reserved. +-- +-- Description: Huawei Acl MIB Definition +-- Reference: Huawei Enterprise MIB +-- Version: V2.20 +-- History: +-- Version: V2.0 +-- Wang Ning,2002-11-29,Reunification version based on the Fix-Net MIBs +-- baseline by the MIB Standard community. +-- Version: V2.1 +-- Yang Hongjie,2003-04-11,Reunification version based on V2.0. +-- Version: V2.2 +-- Yang Yuhui,2004-05-17,Reunification version based on V2.1. +-- Version: V2.3 +-- Xu xinjun, 2009-04-13. +-- 1, Add five new rule tables based on V2.2. +-- hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, +-- hwAclIpv6AdvanceRuleTable, hwAclIpv6NumGroupTable, +-- hwAclIpv6IfRuleTable. +-- 2, Change Name-ACL range from [42768..45767] to [42768..59151] +-- Version: V2.04 +-- wen shuangquan, 2014-01-17. +-- 1, Add two new rule nodes based on V2.0.3 +-- hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew. +-- Version: V2.05 +-- wang chengyuan, 2014-03-25. +-- 1, Add acl resource trap table based on V2.0.4 +-- Version: V2.06 +-- zhang liang, 2014-04-09. +-- 1, Add acl resource trap table based on V2.0.5 +-- Version: V2.07 +-- zhengfeng, 2014-06-20. +-- 1, Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd based on V2.0.6 +-- Version: V2.08 +-- zhang liang, 2014-08-05. +-- 1, Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length on V2.0.7 +-- Version: V2.09 +-- chenyang, 2014-10-28. +-- 1, Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable, based on V2.0.8 +-- chenyang, 2015-02-07. +-- 1, Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable, based on V2.0.9 +-- Version: V2.11 +-- suxunjin, 2015-2-27. +-- 1, Add hwAclUserDestDomainName in hwAclUserRuleTable, Add hwAclDomainNameConfigTable based on V2.10 +-- Version: V2.12 +-- chenyang, 2015-11-27. +-- 1, Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable, based on V2.11 +-- 2, Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable, based on V2.11 +-- Version: V2.13 +-- mengfanlu, 2015-12-17. +-- 1, Add hwAclIfDescription in hwAclIfRuleTable, based on V2.12 +-- Version: V2.14 +-- chenyang, 2016-02-24. +-- 1, Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable, based on V2.13 +-- 2, Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable, based on V2.13 +-- Version: V2.15 +-- chenyang, 2016-05-6. +-- 1, Add hwAclBasicVrfAny in hwAclBasicRuleTable, based on V2.14 +-- 2, Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable, based on V2.14 +-- 3, Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable, based on V2.14 +-- 4, Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable, based on V2.14 +-- Version: V2.16 +-- qihui, 2016-08-26. +-- 1, hwAclIpv6NumGroupAclType, add key interface(3), based on V2.15 +-- Version: V2.17 +-- fuzhichao, 2016-12-26. +-- 1, Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable, based on V2.16 +-- 2, Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable, based on V2.16 +-- 3, Add hwAclIPPool6Table, based on V2.16 +-- Version: V2.18 +-- fuzhichao, 2017-6-6. +-- 1, Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable, based on V2.17 +-- Version: V2.19 +-- qiujindou, 2017-7-3. +-- 1, Amend some English descriptions, based on V2.18 +-- ======================================================================== + +HUAWEI-ACL-MIB DEFINITIONS ::= BEGIN + + IMPORTS + huaweiMgmt + FROM HUAWEI-MIB + OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP + FROM SNMPv2-CONF + IpAddress, Integer32, Unsigned32, Gauge32, Counter32, OBJECT-TYPE, Counter64, + MODULE-IDENTITY, NOTIFICATION-TYPE + FROM SNMPv2-SMI + RowStatus, TruthValue, MacAddress FROM SNMPv2-TC + EnabledStatus FROM P-BRIDGE-MIB + Ipv6Address FROM IPV6-TC; + + hwAcl MODULE-IDENTITY + LAST-UPDATED "201708171200Z" -- Aug 17, 2017 at 15:00 GMT + ORGANIZATION "Huawei Technologies Co.,Ltd." + CONTACT-INFO + "Huawei Industrial Base + Bantian, Longgang + Shenzhen 518129 + People's Republic of China + Website: http://www.huawei.com + Email: support@huawei.com" + DESCRIPTION + "The HUAWEI-ACL-MIB contains objects to configure ACL module, + including ACL group, rule and acl accelerate, + and query the current ACL configuration and status. + This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable, + hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable, + hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable, + hwAclCompileEnableFlag, hwAclCompileNumGroupTable, + hwAclIpv6NumGroupTable and acl trap. + + To filter data packets, a series of rules need to be configured + on the device. These rules are defined by ACL (Access Control List), + which are a series of sequential rules consisting of rule + permit or deny statements. The rules are described by source + address, destination address and port number of data packets. + ACL classifies data packets through these device interface applied + rules, by which the device decides which packets can be received + and which should be rejected." + REVISION "201708171200Z" + DESCRIPTION + "modify description of hwAclNumGroupTable and hwAclIpv6NumGroupTable" + REVISION "201707031200Z" + DESCRIPTION + "Amend some English descriptions" + REVISION "201706061200Z" + DESCRIPTION + "Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable" + REVISION "201612261200Z" + DESCRIPTION + "Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable + Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable. + Add hwAclIPPool6Table." + REVISION "201605061200Z" + DESCRIPTION + "Add hwAclBasicVrfAny in hwAclBasicRuleTable + Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable. + Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable. + Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable." + REVISION "201602241200Z" + DESCRIPTION + "Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable. + Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable." + REVISION "201512172100Z" + DESCRIPTION + "Add hwAclIfDescription in hwAclIfRuleTable." + REVISION "201511272100Z" + DESCRIPTION + "Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable. + Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable." + REVISION "201502272100Z" + DESCRIPTION + "Add hwAclUserDestDomainName in hwAclUserRuleTable, and Add hwAclDomainNameConfigTable." + REVISION "201502072100Z" + DESCRIPTION + "Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable." + REVISION "201410282100Z" + DESCRIPTION + "Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable." + REVISION "201406200948Z" + DESCRIPTION + "Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd in hwAclAdvancedRuleTable." + REVISION "201404090948Z" + DESCRIPTION + "Add hwAclUserSrcUserGroupNum, hwAclUserDstUserGroupNum in hwAclUserRuleTable." + REVISION "201403260926Z" + DESCRIPTION + "Add hwAclResourceTrapsTable." + REVISION "201401171338Z" + DESCRIPTION + "Add hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew in hwAclAdvancedRuleTable." + REVISION "201311282100Z" + DESCRIPTION + "Change the range of hwAclNumGroupAclNum in hwAclNumGroupTable, hwAclBasicAclNum in hwAclBasicRuleTable, + hwAclAdvancedAclNum in hwAclAdvancedRuleTable, hwAclIfAclNum in hwAclIfRuleTable, + hwAclUserAclNum in hwAclUserRuleTable, hwAclIpv6BasicAclNum in hwAclIpv6BasicRuleTable, + hwAclIpv6AdvancedAclNum in hwAclIpv6AdvancedRuleTable, hwAclEthernetFrameAclNum in hwAclEthernetFrameRuleTable, + hwAclIpv6NumGroupAclNum ihwAclAdvancedSubitemn hwAclIpv6NumGroupTable, hwAclIpv6IfAclNum in hwAclIpv6IfRuleTable, hwAclMplsAclNum in hwAclMplsRuleTable." + REVISION "201310281900Z" + DESCRIPTION + "Add hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName in hwAclAdvancedRuleTable" + REVISION "201309050000Z" + DESCRIPTION + "Add hwAclIpv6BasicSrcMask in hwAclIpv6BasicRuleTable; Add hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask in hwAclIpv6AdvancedRuleTable" + REVISION "201408051606Z" + DESCRIPTION + "Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length" + REVISION "201608260000Z" + DESCRIPTION + " hwAclIpv6NumGroupAclType, add key interface(3) " + ::= { huaweiMgmt 1 } + + -- + -- Node definitions + -- + + -- 1.3.6.1.4.1.2011.5.1.1 + hwAclMibObjects OBJECT IDENTIFIER ::= { hwAcl 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.2 + hwAclNumGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclNumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description." + ::= { hwAclMibObjects 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1 + hwAclNumGroupEntry OBJECT-TYPE + SYNTAX HwAclNumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing characters of an acl group " + INDEX { hwAclNumGroupAclNum } + ::= { hwAclNumGroupTable 1 } + + HwAclNumGroupEntry ::= + SEQUENCE { + hwAclNumGroupAclNum + Integer32, + hwAclNumGroupMatchOrder + INTEGER, + hwAclNumGroupSubitemNum + Counter32, + hwAclNumGroupStep + Integer32, + hwAclNumGroupDescription + OCTET STRING, + hwAclNumGroupCountClear + INTEGER, + hwAclNumGroupRowStatus + RowStatus, + hwAclNumGroupAclName + OCTET STRING, + hwAclNumGroupAclType + INTEGER + } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.1 + hwAclNumGroupAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of acl group, identifying an ACL. + The object specifies the range of an ACL number. + The basic ACL is represented by the number + in the range 2000 through 2999. The advanced ACL is + represented by the number in the range 3000 through + 3999. The interface-based ACL is represented by the + number in the range 1000 to 1999. The User Defined ACL is + represented by the number in the range 5000 through + 5999. The User ACL is represented by the number in the range 6000 through + 9999. The Mpls ACL is represented by the number in the range 10000 through + 10999. The name ACL is represented by the number + in the range 42768 through 76535." + ::= { hwAclNumGroupEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.2 + hwAclNumGroupMatchOrder OBJECT-TYPE + SYNTAX INTEGER + { + config(1), + auto(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the match order of rules. + 'config' means matching ACL rules in the configuration sequence, + 'auto' means the ACL rules are matched following the 'Depth-first' principle." + DEFVAL { config } + ::= { hwAclNumGroupEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.3 + hwAclNumGroupSubitemNum OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of the rules in the acl group." + ::= { hwAclNumGroupEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.4 + hwAclNumGroupStep OBJECT-TYPE + SYNTAX Integer32 (1..20) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the step value of number acl. + Step here refers to the difference between each ID. + For instance, given the step is set to 5, + the IDs are the multiples of 5 beginning with 5. + The ACL IDs change along with the step. When the step is 5, + the ACL IDs are 5, 10, and 15 and so on. + However, when the step is set to 2, the IDs turn to 2, 4, + and 6 and so on." + ::= { hwAclNumGroupEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.5 + hwAclNumGroupDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the description of a rule group. + The description length cannot exceed 127 characters." + ::= { hwAclNumGroupEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.6 + hwAclNumGroupCountClear OBJECT-TYPE + SYNTAX INTEGER + { + cleared(1), + notUsed(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies whether to clear up the count of rule groups. + The value can be: + cleared(1) + notUsed(2) + This field is effective only when you perform the Set operation to this object." + ::= { hwAclNumGroupEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.7 + hwAclNumGroupRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three value:CreateAndGo,Active,Destroy." + ::= { hwAclNumGroupEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.8 + hwAclNumGroupAclName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..64)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the name of an acl group, + The first character must be start with a to z or A to Z, + and the length cannot exceed 64 character." + ::= { hwAclNumGroupEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.2.1.9 + hwAclNumGroupAclType OBJECT-TYPE + SYNTAX INTEGER + { + basic(1), + advanced(2), + link(3), + user(4), + interface(5), + mpls(6), + mac(7), + ucl(8) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The type of ACL group." + ::= { hwAclNumGroupEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.4 + hwAclBasicRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclBasicRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for basic acl group." + ::= { hwAclMibObjects 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1 + hwAclBasicRuleEntry OBJECT-TYPE + SYNTAX HwAclBasicRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a rule of basic acl." + INDEX { hwAclBasicAclNum, hwAclBasicSubitem } + ::= { hwAclBasicRuleTable 1 } + + HwAclBasicRuleEntry ::= + SEQUENCE { + hwAclBasicAclNum + Integer32, + hwAclBasicSubitem + Unsigned32, + hwAclBasicAct + INTEGER, + hwAclBasicSrcIp + IpAddress, + hwAclBasicSrcWild + IpAddress, + hwAclBasicTimeRangeIndex + Integer32, + hwAclBasicFragments + INTEGER, + hwAclBasicLog + TruthValue, + hwAclBasicEnable + TruthValue, + hwAclBasicCount + Counter64, + hwAclBasicVrfName + OCTET STRING, + hwAclBasicRowStatus + RowStatus, + hwAclBasicVrfAny + TruthValue, + hwAclBasicDescription + OCTET STRING + } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.1 + hwAclBasicAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 )." + ::= { hwAclBasicRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.2 + hwAclBasicSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The objects specifies the number of an ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + by step automatically;otherwise,this rule will not be created." + ::= { hwAclBasicRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.3 + hwAclBasicAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of a basic acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclBasicRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.4 + hwAclBasicSrcIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IP-address of a basic acl rule." + ::= { hwAclBasicRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.5 + hwAclBasicSrcWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the wildcard mask of the source IP address. + The value ranges from 0.0.0.0 to 255.255.255.255." + ::= { hwAclBasicRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.6 + hwAclBasicTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the index of a time range of an ACL rule. + The value ranges from 0 to 256. + The value 0 is invalid, indicating that no time range is specified for the rule." + ::= { hwAclBasicRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.7 + hwAclBasicFragments OBJECT-TYPE + SYNTAX INTEGER + { + fragmentSubseq(0), + fragment(1), + nonFragment(2), + nonSubseq(3), + fragmentSpeFirst(4), + none(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of the packet. + 0: fragmentSubseq, indicating that the packet is a subsequent fragment + 1: fragment, indicating that the packet is a fragment + 2: nonFragment, indicating that the packet is not a fragment + 3: nonSubseq, indicating that the packet is not a subsequent fragment + 4: fragmentSpeFirst, indicating that the packet is the first fragment + 255: none, invalid value + This object cannot be modified once a rule is created." + ::= { hwAclBasicRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.8 + hwAclBasicLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. + The log contents include sequence number of ACL rule, packets passed + or discarded, upper layer protocol type over IP, source/destination + address, source/destination port number, and number of packets." + ::= { hwAclBasicRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.9 + hwAclBasicEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclBasicRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.10 + hwAclBasicCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the rule." + ::= { hwAclBasicRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.11 + hwAclBasicVrfName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..31)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates an VPN instance. + The length of a VPN instance name cannot exceed 31 characters." + ::= { hwAclBasicRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.12 + hwAclBasicRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three value:CreateAndGo,Active and Destroy." + ::= { hwAclBasicRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.13 + hwAclBasicDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this basic rule. + The object describes the usage of an ACL with a word or a sentence." + ::= { hwAclBasicRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.14 + hwAclBasicVrfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any VPN-instance." + ::= { hwAclBasicRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.5 + hwAclAdvancedRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclAdvancedRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for advanced acl group." + ::= { hwAclMibObjects 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1 + hwAclAdvancedRuleEntry OBJECT-TYPE + SYNTAX HwAclAdvancedRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of advanced acl group." + INDEX { hwAclAdvancedAclNum, hwAclAdvancedSubitem } + ::= { hwAclAdvancedRuleTable 1 } + + HwAclAdvancedRuleEntry ::= + SEQUENCE { + hwAclAdvancedAclNum + Integer32, + hwAclAdvancedSubitem + Unsigned32, + hwAclAdvancedAct + INTEGER, + hwAclAdvancedProtocol + Integer32, + hwAclAdvancedSrcIp + IpAddress, + hwAclAdvancedSrcWild + IpAddress, + hwAclAdvancedSrcOp + INTEGER, + hwAclAdvancedSrcPort1 + Integer32, + hwAclAdvancedSrcPort2 + Integer32, + hwAclAdvancedDestIp + IpAddress, + hwAclAdvancedDestWild + IpAddress, + hwAclAdvancedDestOp + INTEGER, + hwAclAdvancedDestPort1 + Integer32, + hwAclAdvancedDestPort2 + Integer32, + hwAclAdvancedPrecedence + Integer32, + hwAclAdvancedTos + Integer32, + hwAclAdvancedDscp + Integer32, + hwAclAdvancedEstablish + TruthValue, + hwAclAdvancedTimeRangeIndex + Integer32, + hwAclAdvancedIcmpType + Integer32, + hwAclAdvancedIcmpCode + Integer32, + hwAclAdvancedFragments + INTEGER, + hwAclAdvancedLog + TruthValue, + hwAclAdvancedEnable + TruthValue, + hwAclAdvancedCount + Counter64, + hwAclAdvancedVrfName + OCTET STRING, + hwAclAdvancedRowStatus + RowStatus, + hwAclAdvancedTcpSyncFlag + Integer32, + hwAclAdvancedDescription + OCTET STRING, + hwAclAdvancedSrcPoolName + OCTET STRING, + hwAclAdvancedDestPoolName + OCTET STRING, + hwAclAdvancedProtocolNew + Integer32, + hwAclAdvancedVni + Integer32, + hwAclAdvancedIgmpType + Integer32, + hwAclAdvancedTtlOp + INTEGER, + hwAclAdvancedTtlExpire + Integer32, + hwAclAdvancedTtlExpireEnd + Integer32, + hwAclAdvancedPktLenOp + INTEGER, + hwAclAdvancedPktLenBegin + Integer32, + hwAclAdvancedPktLenEnd + Integer32, + hwAclAdvancedTcpFlagMask + Integer32, + hwAclAdvancedSrcPortPoolName + OCTET STRING, + hwAclAdvancedDestPortPoolName + OCTET STRING, + hwAclAdvancedIcmpTypeEnd + Integer32, + hwAclAdvancedVrfAny + TruthValue + } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.1 + hwAclAdvancedAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535)." + ::= { hwAclAdvancedRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.2 + hwAclAdvancedSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an advanced ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + by step automatically;otherwise,this rule will not be created." + ::= { hwAclAdvancedRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.3 + hwAclAdvancedAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an advanced acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclAdvancedRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.4 + hwAclAdvancedProtocol OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the number of the protocol over IP. + The value ranges from 0 to 255. The value 0 indicates the IP protocol." + ::= { hwAclAdvancedRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.5 + hwAclAdvancedSrcIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the source IP address. + The value ranges from 0.0.0.0 to 255.255.255.255." + ::= { hwAclAdvancedRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.6 + hwAclAdvancedSrcWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the wildcard mask of the source IP address. + The value ranges from 0.0.0.0 to 255.255.255.255." + ::= { hwAclAdvancedRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.7 + hwAclAdvancedSrcOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source Port operation symbol of an advanced acl + rule. It compares the port operators of source address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclAdvancedRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.8 + hwAclAdvancedSrcPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the end source port number." + ::= { hwAclAdvancedRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.9 + hwAclAdvancedSrcPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the start source port number." + ::= { hwAclAdvancedRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.10 + hwAclAdvancedDestIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the destination IP address. + The value ranges from 0.0.0.0 to 255.255.255.255." + ::= { hwAclAdvancedRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.11 + hwAclAdvancedDestWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the mask of the destination IP address. + The value ranges from 0.0.0.0 to 255.255.255.255." + ::= { hwAclAdvancedRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.12 + hwAclAdvancedDestOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination Port operation symbol of an advanced + acl group. It compares the port operators of destination address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclAdvancedRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.13 + hwAclAdvancedDestPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the end destination port number." + ::= { hwAclAdvancedRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.14 + hwAclAdvancedDestPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the start destination port number." + ::= { hwAclAdvancedRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.15 + hwAclAdvancedPrecedence OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the precedence sub-field. + It is the higher three bits of the ToS field in an IP header. + The value ranges from 0 to 7." + ::= { hwAclAdvancedRuleEntry 15 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.16 + hwAclAdvancedTos OBJECT-TYPE + SYNTAX Integer32 (0..15|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the ToS sub-field. + This field covers four bits after the higher three bits of the ToS field in an IP header. + The value ranges from 0 to 15." + ::= { hwAclAdvancedRuleEntry 16 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.17 + hwAclAdvancedDscp OBJECT-TYPE + SYNTAX Integer32 (0..63|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the higher six bits of the ToS field in an IP header. + The value ranges from 0 to 63." + ::= { hwAclAdvancedRuleEntry 17 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.18 + hwAclAdvancedEstablish OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not establishing." + DEFVAL { false } + ::= { hwAclAdvancedRuleEntry 18 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.19 + hwAclAdvancedTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the time range of an advanced acl rule. + When the current time is in the time range, the rule is valid. + Zero value declares that the acl rule has no time range.The + invalid value is 0." + ::= { hwAclAdvancedRuleEntry 19 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.20 + hwAclAdvancedIcmpType OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of ICMP packet. + It filters ICMP packets according to the ICMP message type. + The invalid value is 65535." + ::= { hwAclAdvancedRuleEntry 20 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.21 + hwAclAdvancedIcmpCode OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the code of ICMP packet. + It filters ICMP packets according to the message code. + The invalid value is 65535." + ::= { hwAclAdvancedRuleEntry 21 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.22 + hwAclAdvancedFragments OBJECT-TYPE + SYNTAX INTEGER + { + fragmentSubseq(0), + fragment(1), + nonFragment(2), + nonSubseq(3), + fragmentSpeFirst(4), + none(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of the packet. + 0: fragmentSubseq, indicating that the packet is a subsequent fragment + 1: fragment, indicating that the packet is a fragment + 2: nonFragment, indicating that the packet is not a fragment + 3: nonSubseq, indicating that the packet is not a subsequent fragment + 4: fragmentSpeFirst, indicating that the packet is the first fragment + 255: none, invalid value + This object cannot be modified once a rule is created." + ::= { hwAclAdvancedRuleEntry 22 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.23 + hwAclAdvancedLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. The log + contents include sequence number of ACL rule, + packets passed or discarded, upper layer protocol type over IP, + source/destination address, source/destination port number, + and number of packets" + ::= { hwAclAdvancedRuleEntry 23 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.24 + hwAclAdvancedEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclAdvancedRuleEntry 24 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.25 + hwAclAdvancedCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the rule." + ::= { hwAclAdvancedRuleEntry 25 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.26 + hwAclAdvancedVrfName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..31)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the VRF name of this rule, + It specifies the VPN-instance to which the packet belongs." + ::= { hwAclAdvancedRuleEntry 26 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.27 + hwAclAdvancedRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclAdvancedRuleEntry 27 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.28 + hwAclAdvancedTcpSyncFlag OBJECT-TYPE + SYNTAX Integer32 (-1|0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the code of TCP Sync flag(0~63), + The invalid value is -1." + ::= { hwAclAdvancedRuleEntry 28 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.29 + hwAclAdvancedDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this advanced rule. + The object describes the usage of an ACL with a word or a sentence." + ::= { hwAclAdvancedRuleEntry 29 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.30 + hwAclAdvancedSrcPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source pool name." + ::= { hwAclAdvancedRuleEntry 30 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.31 + hwAclAdvancedDestPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination pool name." + ::= { hwAclAdvancedRuleEntry 31 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.32 + hwAclAdvancedProtocolNew OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the protocol type of the rule. + It specifies the protocol type over IP.The number of IP protocol is 65535." + ::= { hwAclAdvancedRuleEntry 32 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.33 + hwAclAdvancedVni OBJECT-TYPE + SYNTAX Integer32 (0..16777215) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ID of VXLAN, + The invalid value is 0." + ::= { hwAclAdvancedRuleEntry 33 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.34 + hwAclAdvancedIgmpType OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of igmp, + The invalid value is 65535." + ::= { hwAclAdvancedRuleEntry 34 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.35 + hwAclAdvancedTtlOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ttl operation symbol of an advanced acl + rule. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclAdvancedRuleEntry 35 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.36 + hwAclAdvancedTtlExpire OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin ttl value. + The invalid value is 0." + ::= { hwAclAdvancedRuleEntry 36 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.37 + hwAclAdvancedTtlExpireEnd OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end ttl value. + The invalid value is 0." + ::= { hwAclAdvancedRuleEntry 37 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.38 + hwAclAdvancedPktLenOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the packet length operation symbol of an advanced acl + rule. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclAdvancedRuleEntry 38 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.39 + hwAclAdvancedPktLenBegin OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin packet length value." + ::= { hwAclAdvancedRuleEntry 39 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.40 + hwAclAdvancedPktLenEnd OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end packet length value." + ::= { hwAclAdvancedRuleEntry 40 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.41 + hwAclAdvancedTcpFlagMask OBJECT-TYPE + SYNTAX Integer32 (0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the mask of tcp-flag. + The invalid value is 0." + ::= { hwAclAdvancedRuleEntry 41 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.42 + hwAclAdvancedSrcPortPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source port pool name." + ::= { hwAclAdvancedRuleEntry 42 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.43 + hwAclAdvancedDestPortPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination port pool name." + ::= { hwAclAdvancedRuleEntry 43 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.44 + hwAclAdvancedIcmpTypeEnd OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the ICMP message type. + The value ranges from 0 to 255. The value 65535 is invalid. + This object is used together with hwAclAdvancedIcmpType to indicate the value range of the ICMP message type." + ::= { hwAclAdvancedRuleEntry 44 } + + -- 1.3.6.1.4.1.2011.5.1.1.5.1.45 + hwAclAdvancedVrfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any VPN-instance." + ::= { hwAclAdvancedRuleEntry 45 } + + -- 1.3.6.1.4.1.2011.5.1.1.6 + hwAclIfRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIfRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for interface-based acl group." + ::= { hwAclMibObjects 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1 + hwAclIfRuleEntry OBJECT-TYPE + SYNTAX HwAclIfRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of interface-based acl group." + INDEX { hwAclIfAclNum, hwAclIfSubitem } + ::= { hwAclIfRuleTable 1 } + + HwAclIfRuleEntry ::= + SEQUENCE { + hwAclIfAclNum + Integer32, + hwAclIfSubitem + Unsigned32, + hwAclIfAct + INTEGER, + hwAclIfIndex + Integer32, + hwAclIfAny + TruthValue, + hwAclIfTimeRangeIndex + Integer32, + hwAclIfLog + TruthValue, + hwAclIfEnable + TruthValue, + hwAclIfCount + Counter64, + hwAclIfRowStatus + RowStatus, + hwAclIfDescription + OCTET STRING + } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.1 + hwAclIfAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of interface-based acl group, the index range is (1000..1999 | 42768..76535)." + ::= { hwAclIfRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.2 + hwAclIfSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + by step automatically;otherwise,this rule will not be created." + ::= { hwAclIfRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.3 + hwAclIfAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an interface-based acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclIfRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.4 + hwAclIfIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the index of an interface. + It specifies the interface information of the packets.The invalid + interface index is 0." + ::= { hwAclIfRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.5 + hwAclIfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any interface." + ::= { hwAclIfRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.6 + hwAclIfTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the index of the time + range during which an ACL rule can be applied. When the current + time is in the time range, the rule is valid. The value 0 is + invalid, indicating that no time range is specified for the rule. + The value ranges from 0 to 256." + ::= { hwAclIfRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.7 + hwAclIfLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. + The log contents include sequence number of ACL rule, + packets passed or discarded, upper layer protocol type over IP, + source/destination address, source/destination port number, + and number of packets." + ::= { hwAclIfRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.8 + hwAclIfEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclIfRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.9 + hwAclIfCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the rule." + ::= { hwAclIfRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.11 + hwAclIfRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus,Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclIfRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.6.1.12 + hwAclIfDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this if rule. + The object describes the usage of an ACL with a word or a sentence." + ::= { hwAclIfRuleEntry 12 } + + --user acl + -- 1.3.6.1.4.1.2011.5.1.1.7 + hwAclUserRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclUserRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for user acl group." + ::= { hwAclMibObjects 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1 + hwAclUserRuleEntry OBJECT-TYPE + SYNTAX HwAclUserRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of user acl group." + INDEX { hwAclUserAclNum, hwAclUserSubitem } + ::= { hwAclUserRuleTable 1 } + + HwAclUserRuleEntry ::= + SEQUENCE { + hwAclUserAclNum + Integer32, + hwAclUserSubitem + Unsigned32, + hwAclUserAct + INTEGER, + hwAclUserProtocol + Integer32, + hwAclUserSrcIp + IpAddress, + hwAclUserSrcWild + IpAddress, + hwAclUserSrcOp + INTEGER, + hwAclUserSrcPort1 + Integer32, + hwAclUserSrcPort2 + Integer32, + hwAclUserDestIp + IpAddress, + hwAclUserDestWild + IpAddress, + hwAclUserDestOp + INTEGER, + hwAclUserDestPort1 + Integer32, + hwAclUserDestPort2 + Integer32, + hwAclUserPrecedence + Integer32, + hwAclUserTos + Integer32, + hwAclUserDscp + Integer32, + hwAclUserEstablish + TruthValue, + hwAclUserTimeRangeIndex + Integer32, + hwAclUserIcmpType + Integer32, + hwAclUserIcmpCode + Integer32, + hwAclUserFragments + TruthValue, + hwAclUserLog + TruthValue, + hwAclUserEnable + TruthValue, + hwAclUserCount + Counter32, + hwAclUserVrfName + OCTET STRING, + hwAclUserSrcUserGroupName + OCTET STRING, + hwAclUserDestUserGroupName + OCTET STRING, + hwAclUserSrcModeType + Integer32, + hwAclUserDestModeType + Integer32, + hwAclUserRowStatus + RowStatus, + hwAclUserTcpSyncFlag + Integer32, + hwAclUserSrcUserGroupNum + Integer32, + hwAclUserDestUserGroupNum + Integer32 , + hwAclUserDestDomainName + OCTET STRING + } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.1 + hwAclUserAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of user acl table, the index range is (6000..9999)." + ::= { hwAclUserRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.2 + hwAclUserSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an User ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle" + ::= { hwAclUserRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.3 + hwAclUserAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an User acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclUserRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.4 + hwAclUserProtocol OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the protocol type of the rule. + It specifies the protocol type over IP.The number of IP protocol is 0." + ::= { hwAclUserRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.5 + hwAclUserSrcIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IP-address of an User acl rule." + ::= { hwAclUserRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.6 + hwAclUserSrcWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IP-address wild of an User acl rule." + ::= { hwAclUserRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.7 + hwAclUserSrcOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source Port operation symbol of an User acl + rule. It compares the port operators of source address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclUserRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.8 + hwAclUserSrcPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the fourth layer sourec port 1. + It specifies the source port information of UDP or TCP packets." + ::= { hwAclUserRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.9 + hwAclUserSrcPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the fourth layer source port2." + ::= { hwAclUserRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.10 + hwAclUserDestIp OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination IP-address of an User acl rule." + ::= { hwAclUserRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.11 + hwAclUserDestWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination IP-address wild of an User acl rule." + ::= { hwAclUserRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.12 + hwAclUserDestOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + invalid(0), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination Port operation symbol of an User + acl group. It compares the port operators of destination address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclUserRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.13 + hwAclUserDestPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the fourth layer destination port1." + ::= { hwAclUserRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.14 + hwAclUserDestPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the fourth layer destination port2." + ::= { hwAclUserRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.15 + hwAclUserPrecedence OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the value of IP-packet's precedence, + It filters packets according to precedence field.The invalid + value is 255." + ::= { hwAclUserRuleEntry 15 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.16 + hwAclUserTos OBJECT-TYPE + SYNTAX Integer32 (0..15|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the value of IP-packet's TOS, + It filters packets according to type of service.The invalid + value is 255." + ::= { hwAclUserRuleEntry 16 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.17 + hwAclUserDscp OBJECT-TYPE + SYNTAX Integer32 (0..63|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the value of frame.The invalid + value is 255." + ::= { hwAclUserRuleEntry 17 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.18 + hwAclUserEstablish OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not establishing." + DEFVAL { false } + ::= { hwAclUserRuleEntry 18 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.19 + hwAclUserTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the time range of an User acl rule. + When the current time is in the time range, the rule is valid. + Zero value declares that the acl rule has no time range.The + invalid value is 0." + ::= { hwAclUserRuleEntry 19 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.20 + hwAclUserIcmpType OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of ICMP packet. + It filters ICMP packets according to the ICMP message type. + The invalid value is 65535." + ::= { hwAclUserRuleEntry 20 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.21 + hwAclUserIcmpCode OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the code of ICMP packet. + It filters ICMP packets according to the message code. + The invalid value is 65535." + ::= { hwAclUserRuleEntry 21 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.22 + hwAclUserFragments OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching fragmented packet, + It specifies that this rule is only valid for + the non-first fragment packets." + ::= { hwAclUserRuleEntry 22 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.23 + hwAclUserLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. The log + contents include sequence number of ACL rule, + packets passed or discarded, upper layer protocol type over IP, + source/destination address, source/destination port number, + and number of packets" + ::= { hwAclUserRuleEntry 23 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.24 + hwAclUserEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclUserRuleEntry 24 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.25 + hwAclUserCount OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the rule." + ::= { hwAclUserRuleEntry 25 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.26 + hwAclUserVrfName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the VRF name of this rule, + It specifies the VPN-instance to which the packet belongs." + ::= { hwAclUserRuleEntry 26 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.27 + hwAclUserSrcUserGroupName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source user group name of this rule. + if modetype source is user, null sting means any user" + ::= { hwAclUserRuleEntry 27 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.28 + hwAclUserDestUserGroupName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination user group name of this rule. + if modetype destination is user, null sting means any user" + ::= { hwAclUserRuleEntry 28 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.29 + hwAclUserSrcModeType OBJECT-TYPE + SYNTAX Integer32 (0..4) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates ACL's mode type, + Now support four state + 0 Any match rule from any user group or any ip subnet, + 1 NetAny match rule from any ip subnet, + 2 UserAny match rule from any user group, + 3 Net match rule from an ip subnet, + 4 User match rule from a user group" + ::= { hwAclUserRuleEntry 29 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.30 + hwAclUserDestModeType OBJECT-TYPE + SYNTAX Integer32 (0..6) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates ACL's mode type, + Now support four state + 0 Any match rule from any user group or any ip subnet or any doamin name, + 1 NetAny match rule from any ip subnet, + 2 UserAny match rule from any user group, + 3 Net match rule from an ip subnet, + 4 User match rule from a user group, + 5 domain match rule from a domain name, + 6 domainAny match rule from any doamin name" + ::= { hwAclUserRuleEntry 30 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.31 + hwAclUserRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclUserRuleEntry 31 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.32 + hwAclUserTcpSyncFlag OBJECT-TYPE + SYNTAX Integer32 (-1|0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the code of TCP Sync flag(0~63), + The invalid value is -1." + ::= { hwAclUserRuleEntry 32 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.33 + hwAclUserSrcUserGroupNum OBJECT-TYPE + SYNTAX Integer32 (0..64000|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source user group num of this rule. + if modetype source is user, null sting means any user" + ::= { hwAclUserRuleEntry 33 } + + -- 1.3.6.1.4.1.2011.5.1.1.7.1.34 + hwAclUserDestUserGroupNum OBJECT-TYPE + SYNTAX Integer32 (0..64000|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination user group name of this rule. + if modetype destination is user, null sting means any user" + ::= { hwAclUserRuleEntry 34 } + + hwAclUserDestDomainName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (3..127)) + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the destination domain name of this rule. + if modetype destination is domain, null sting means any domain." + ::= { hwAclUserRuleEntry 35 } + + -- 1.3.6.1.4.1.2011.5.1.1.10 + hwAclCompileEnableFlag OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The object indicates whether acl compiler is enabled. when acl compiler + is enabled, and ACL accelerate function is enabled, then matching packets + by rule is efficient." + ::= { hwAclMibObjects 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.11 + hwAclCompileNumGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclCompileNumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The ACL compiler table extending the Acl-number-group table" + ::= { hwAclMibObjects 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.11.1 + hwAclCompileNumGroupEntry OBJECT-TYPE + SYNTAX HwAclCompileNumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The entry of Acl-number-group compiler extended table" + AUGMENTS { hwAclNumGroupEntry } + ::= { hwAclCompileNumGroupTable 1 } + + HwAclCompileNumGroupEntry ::= + SEQUENCE { + hwAclCompileNumGroupStatus + INTEGER + } + + -- 1.3.6.1.4.1.2011.5.1.1.11.1.1 + hwAclCompileNumGroupStatus OBJECT-TYPE + SYNTAX INTEGER + { + notCompile(1), + compiled(2), + changeAfterCompile(3) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The object indicates the status of Acl-number-group compiler. + 'notCompile' means acl accelerate function is disabled, + 'compiled' means acl accelerate function is enabled, + 'changeAfterCompile' means acl is changed after compiled." + DEFVAL { notCompile } + ::= { hwAclCompileNumGroupEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.12 + hwAclIpv6BasicRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIpv6BasicRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for ipv6 basic acl group." + ::= { hwAclMibObjects 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1 + hwAclIpv6BasicRuleEntry OBJECT-TYPE + SYNTAX HwAclIpv6BasicRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a rule of ipv6 basic acl." + INDEX { hwAclIpv6BasicAclNum, hwAclIpv6BasicSubitem } + ::= { hwAclIpv6BasicRuleTable 1 } + + HwAclIpv6BasicRuleEntry ::= + SEQUENCE { + hwAclIpv6BasicAclNum + Integer32, + hwAclIpv6BasicSubitem + Unsigned32, + hwAclIpv6BasicAct + INTEGER, + hwAclIpv6BasicSrcIp + Ipv6Address, + hwAclIpv6BasicSrcPrefix + Integer32, + hwAclIpv6BasicTimeRangeIndex + Integer32, + hwAclIpv6BasicFragment + INTEGER, + hwAclIpv6BasicLog + TruthValue, + hwAclIpv6BasicEnable + EnabledStatus, + hwAclIpv6BasicCount + Counter64, + hwAclIpv6BasicVrfName + OCTET STRING, + hwAclIpv6BasicRowStatus + RowStatus, + hwAclIpv6BasicDescription + OCTET STRING, + hwAclIpv6BasicSrcMask + Ipv6Address, + hwAclIpv6BasicVrfAny + TruthValue + } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.1 + hwAclIpv6BasicAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535)." + ::= { hwAclIpv6BasicRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.4.1.2 + hwAclIpv6BasicSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The objects specifies the number of an ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + automatically; otherwise, this rule will not be created." + ::= { hwAclIpv6BasicRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.3 + hwAclIpv6BasicAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of a ipv6 basic acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclIpv6BasicRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.4 + hwAclIpv6BasicSrcIp OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IPv6-address of a ipv6 basic acl rule." + ::= { hwAclIpv6BasicRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.5 + hwAclIpv6BasicSrcPrefix OBJECT-TYPE + SYNTAX Integer32 (0..128) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the mask length of the source IPv6 address. + The value ranges from 0 to 128." + ::= { hwAclIpv6BasicRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.6 + hwAclIpv6BasicTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the index of the time range during which an + ACL6 rule can be applied.The value ranges from 0 to 256.The value 0 is invalid, + indicating that no time range is specified for the rule." + ::= { hwAclIpv6BasicRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.7 + hwAclIpv6BasicFragment OBJECT-TYPE + SYNTAX INTEGER + { + fragmentSubseq(0), + fragment(1), + none(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of the packet. + 1: fragment, indicating that the packet is a fragment + 255: none, invalid value + This object cannot be modified once a rule is created." + ::= { hwAclIpv6BasicRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.8 + hwAclIpv6BasicLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. + The log contents include sequence number of ACL rule, packets passed + or discarded, upper layer protocol type over IP, source/destination + address, source/destination port number, and number of packets." + ::= { hwAclIpv6BasicRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.9 + hwAclIpv6BasicEnable OBJECT-TYPE + SYNTAX EnabledStatus + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclIpv6BasicRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.10 + hwAclIpv6BasicCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the number of matched packets by a rule. A maximum + of 64 bits are supported." + ::= { hwAclIpv6BasicRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.11 + hwAclIpv6BasicVrfName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..31)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters." + ::= { hwAclIpv6BasicRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.12 + hwAclIpv6BasicRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three value: CreateAndGo, Active and Destroy." + ::= { hwAclIpv6BasicRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.13 + hwAclIpv6BasicDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this IPv6 basic rule. + The object describes the usage of an IPv6 ACL with a word or a sentence." + ::= { hwAclIpv6BasicRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.14 + hwAclIpv6BasicSrcMask OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive." + ::= { hwAclIpv6BasicRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.12.1.15 + hwAclIpv6BasicVrfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any VPN-instance." + ::= { hwAclIpv6BasicRuleEntry 15 } + + -- 1.3.6.1.4.1.2011.5.1.1.13 + hwAclIpv6AdvancedRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIpv6AdvancedRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for ipv6 advanced acl group." + ::= { hwAclMibObjects 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1 + hwAclIpv6AdvancedRuleEntry OBJECT-TYPE + SYNTAX HwAclIpv6AdvancedRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of ipv6 advanced acl group." + INDEX { hwAclIpv6AdvancedAclNum, hwAclIpv6AdvancedSubitem } + ::= { hwAclIpv6AdvancedRuleTable 1 } + + HwAclIpv6AdvancedRuleEntry ::= + SEQUENCE { + hwAclIpv6AdvancedAclNum + Integer32, + hwAclIpv6AdvancedSubitem + Unsigned32, + hwAclIpv6AdvancedAct + INTEGER, + hwAclIpv6AdvancedProtocol + Integer32, + hwAclIpv6AdvancedSrcIp + Ipv6Address, + hwAclIpv6AdvancedSrcPrefix + Integer32, + hwAclIpv6AdvancedSrcOp + INTEGER, + hwAclIpv6AdvancedSrcPort1 + Integer32, + hwAclIpv6AdvancedSrcPort2 + Integer32, + hwAclIpv6AdvancedDestIp + Ipv6Address, + hwAclIpv6AdvancedDestPrefix + Integer32, + hwAclIpv6AdvancedDestOp + INTEGER, + hwAclIpv6AdvancedDestPort1 + Integer32, + hwAclIpv6AdvancedDestPort2 + Integer32, + hwAclIpv6AdvancedPrecedence + Integer32, + hwAclIpv6AdvancedTos + Integer32, + hwAclIpv6AdvancedDscp + Integer32, + hwAclIpv6AdvancedEstablish + TruthValue, + hwAclIpv6AdvancedTimeRangeIndex + Integer32, + hwAclIpv6AdvancedIcmpType + Integer32, + hwAclIpv6AdvancedIcmpCode + Integer32, + hwAclIpv6AdvancedFragment + INTEGER, + hwAclIpv6AdvancedLog + TruthValue, + hwAclIpv6AdvancedEnable + EnabledStatus, + hwAclIpv6AdvancedCount + Counter64, + hwAclIpv6AdvancedVrfName + OCTET STRING, + hwAclIpv6AdvancedRowStatus + RowStatus, + hwAclIpv6AdvancedDescription + OCTET STRING, + hwAclIpv6AdvancedSrcMask + Ipv6Address, + hwAclIpv6AdvancedDestMask + Ipv6Address, + hwAclIpv6AdvancedProtocolNew + Integer32, + hwAclIpv6AdvancedIcmpTypeEnd + Integer32, + hwAclIpv6AdvancedVrfAny + TruthValue, + hwAclIpv6AdvancedSrcPoolName + OCTET STRING, + hwAclIpv6AdvancedVni + Integer32 + } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.1 + hwAclIpv6AdvancedAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535)." + ::= { hwAclIpv6AdvancedRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.2 + hwAclIpv6AdvancedSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an ipv6 advanced ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + automatically;otherwise,this rule will not be created." + ::= { hwAclIpv6AdvancedRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.3 + hwAclIpv6AdvancedAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an ipv6 advanced acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclIpv6AdvancedRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.4 + hwAclIpv6AdvancedProtocol OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the number of the protocol over IPv6. + The value ranges from 0 to 255. The value 0 indicates the IPv6 protocol." + ::= { hwAclIpv6AdvancedRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.5 + hwAclIpv6AdvancedSrcIp OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IPv6-address of an ipv6 advanced acl rule." + ::= { hwAclIpv6AdvancedRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.6 + hwAclIpv6AdvancedSrcPrefix OBJECT-TYPE + SYNTAX Integer32 (0..128) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the mask length of the source IPv6 address. + The value ranges from 0 to 128." + ::= { hwAclIpv6AdvancedRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.7 + hwAclIpv6AdvancedSrcOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + range(5), + invalid(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source Port operation symbol of an ipv6 advanced acl + rule. It compares the port operators of source address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclIpv6AdvancedRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.8 + hwAclIpv6AdvancedSrcPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the end source port number." + ::= { hwAclIpv6AdvancedRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.9 + hwAclIpv6AdvancedSrcPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the start source port number." + ::= { hwAclIpv6AdvancedRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.10 + hwAclIpv6AdvancedDestIp OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination IPv6-address of an ipv6 advanced acl rule." + ::= { hwAclIpv6AdvancedRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.11 + hwAclIpv6AdvancedDestPrefix OBJECT-TYPE + SYNTAX Integer32 (0..128) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the mask length of the destination IPv6 address. The value ranges from 0 to 128." + ::= { hwAclIpv6AdvancedRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.12 + hwAclIpv6AdvancedDestOp OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + neq(4), + range(5), + invalid(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination Port operation symbol of an ipv6 advanced + acl group. It compares the port operators of destination address. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclIpv6AdvancedRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.13 + hwAclIpv6AdvancedDestPort1 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the largest destination port number." + ::= { hwAclIpv6AdvancedRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.14 + hwAclIpv6AdvancedDestPort2 OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the smallest destination port number." + ::= { hwAclIpv6AdvancedRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.15 + hwAclIpv6AdvancedPrecedence OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the precedence sub-field. + It is the higher three bits of the ToS field in an IPv6 header. + The value ranges from 0 to 7." + ::= { hwAclIpv6AdvancedRuleEntry 15 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.16 + hwAclIpv6AdvancedTos OBJECT-TYPE + SYNTAX Integer32 (0..15|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the ToS sub-field. + This field covers four bits after the higher three bits of the ToS field in an IPv6 header. + The value ranges from 0 to 15." + ::= { hwAclIpv6AdvancedRuleEntry 16 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.17 + hwAclIpv6AdvancedDscp OBJECT-TYPE + SYNTAX Integer32 (0..63|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the higher seven bits of the ToS field in an IPv6 header. + The value ranges from 0 to 63." + ::= { hwAclIpv6AdvancedRuleEntry 17 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.18 + hwAclIpv6AdvancedEstablish OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not establishing." + DEFVAL { false } + ::= { hwAclIpv6AdvancedRuleEntry 18 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.19 + hwAclIpv6AdvancedTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the index of the time range during which an ACL6 rule can be applied. + The value ranges from 0 to 256. + The value 0 indicates that no time range is specified for the rule." + ::= { hwAclIpv6AdvancedRuleEntry 19 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.20 + hwAclIpv6AdvancedIcmpType OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the ICMPv6 message type. + The value ranges from 0 to 255. The value 65535 is invalid." + ::= { hwAclIpv6AdvancedRuleEntry 20 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.21 + hwAclIpv6AdvancedIcmpCode OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this obejct identifies the code of an ICMPv6 message. + The value ranges from 0 to 255. The value 65535 is invalid." + ::= { hwAclIpv6AdvancedRuleEntry 21 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.22 + hwAclIpv6AdvancedFragment OBJECT-TYPE + SYNTAX INTEGER + { + fragmentSubseq(0), + fragment(1), + none(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the type of the packet. + 1: fragment, indicating that the packet is a fragment + 255: none, invalid value + This object cannot be modified once a rule is created." + ::= { hwAclIpv6AdvancedRuleEntry 22 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.23 + hwAclIpv6AdvancedLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. The log + contents include sequence number of ACL rule, + packets passed or discarded, upper layer protocol type over IP, + source/destination address, source/destination port number, + and number of packets" + ::= { hwAclIpv6AdvancedRuleEntry 23 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.24 + hwAclIpv6AdvancedEnable OBJECT-TYPE + SYNTAX EnabledStatus + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclIpv6AdvancedRuleEntry 24 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.25 + hwAclIpv6AdvancedCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the number of packets matched by a rule. A maximum of 64 bits are supported." + ::= { hwAclIpv6AdvancedRuleEntry 25 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.26 + hwAclIpv6AdvancedVrfName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..31)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates a VPN instance. + The length of a VPN instance name cannot exceed 31 characters." + ::= { hwAclIpv6AdvancedRuleEntry 26 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.27 + hwAclIpv6AdvancedRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclIpv6AdvancedRuleEntry 27 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.28 + hwAclIpv6AdvancedDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this IPv6 advanced rule. + The object describes the usage of an IPv6 ACL with a word or a sentence." + ::= { hwAclIpv6AdvancedRuleEntry 28 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.29 + hwAclIpv6AdvancedSrcMask OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive." + ::= { hwAclIpv6AdvancedRuleEntry 29 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.30 + hwAclIpv6AdvancedDestMask OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive." + ::= { hwAclIpv6AdvancedRuleEntry 30 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.31 + hwAclIpv6AdvancedProtocolNew OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the protocol type of the rule. + It specifies the protocol type over IP.The number of IPv6 protocol is 65535." + ::= { hwAclIpv6AdvancedRuleEntry 31 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.32 + hwAclIpv6AdvancedIcmpTypeEnd OBJECT-TYPE + SYNTAX Integer32 (0..255|65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the ICMPv6 message type. + The value ranges from 0 to 255. The value 65535 is invalid. + This object is used together with hwAclIpv6AdvancedIcmpType to indicate the value range of the ICMPv6 type." + ::= { hwAclIpv6AdvancedRuleEntry 32 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.33 + hwAclIpv6AdvancedVrfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any VPN-instance." + ::= { hwAclIpv6AdvancedRuleEntry 33 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.34 + hwAclIpv6AdvancedSrcPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source Ipv6 pool name." + ::= { hwAclIpv6AdvancedRuleEntry 34 } + + -- 1.3.6.1.4.1.2011.5.1.1.13.1.35 + hwAclIpv6AdvancedVni OBJECT-TYPE + SYNTAX Integer32 (0..16777215) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ID of VXLAN, + The invalid value is 0." + ::= { hwAclIpv6AdvancedRuleEntry 35 } + + -- 1.3.6.1.4.1.2011.5.1.1.14 + hwAclEthernetFrameRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclEthernetFrameRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for ethernet-frame-based acl group." + ::= { hwAclMibObjects 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1 + hwAclEthernetFrameRuleEntry OBJECT-TYPE + SYNTAX HwAclEthernetFrameRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of ethernet-frame-based acl group." + INDEX { hwAclEthernetFrameAclNum, hwAclEthernetFrameSubitem } + ::= { hwAclEthernetFrameRuleTable 1 } + + HwAclEthernetFrameRuleEntry ::= + SEQUENCE { + hwAclEthernetFrameAclNum + Integer32, + hwAclEthernetFrameSubitem + Unsigned32, + hwAclEthernetFrameAct + INTEGER, + hwAclEthernetFrameType + Integer32, + hwAclEthernetFrameTypeMask + Integer32, + hwAclEthernetFrameSrcMac + MacAddress, + hwAclEthernetFrameSrcMacMask + MacAddress, + hwAclEthernetFrameDstMac + MacAddress, + hwAclEthernetFrameDstMacMask + MacAddress, + hwAclEthernetFrameTimeRangeIndex + Integer32, + hwAclEthernetFrameLog + TruthValue, + hwAclEthernetFrameEnable + EnabledStatus, + hwAclEthernetFrameCount + Counter64, + hwAclEthernetFrameRowStatus + RowStatus, + hwAclEthernetFrameEncapType + INTEGER, + hwAclEthernetFrameDoubleTag + TruthValue, + hwAclEthernetFrameVlanId + Integer32, + hwAclEthernetFrameVlanIdMask + Integer32, + hwAclEthernetFrameCVlanId + Integer32, + hwAclEthernetFrameCVlanIdMask + Integer32, + hwAclEthernetFrameRule8021p + Integer32, + hwAclEthernetFrameRuleCVlan8021p + Integer32, + hwAclEthernetFrameDescription + OCTET STRING + } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.1 + hwAclEthernetFrameAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535)." + ::= { hwAclEthernetFrameRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.2 + hwAclEthernetFrameSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + by step automatically;otherwise,this rule will not be created." + ::= { hwAclEthernetFrameRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.3 + hwAclEthernetFrameAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an ethernet-frame-based acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclEthernetFrameRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.4 + hwAclEthernetFrameType OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the protocol type of an Ethernet frame. + The value ranges from 0 to 65535." + ::= { hwAclEthernetFrameRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.5 + hwAclEthernetFrameTypeMask OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the mask of the protocol type of an Ethernet frame. + The value ranges from 0 to 65535." + ::= { hwAclEthernetFrameRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.6 + hwAclEthernetFrameSrcMac OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source mac address of rule." + ::= { hwAclEthernetFrameRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.7 + hwAclEthernetFrameSrcMacMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the source mac mask of rule." + ::= { hwAclEthernetFrameRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.8 + hwAclEthernetFrameDstMac OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination mac address of rule." + ::= { hwAclEthernetFrameRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.9 + hwAclEthernetFrameDstMacMask OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the destination mac mask of rule." + ::= { hwAclEthernetFrameRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.10 + hwAclEthernetFrameTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the time range of a ethernet frame + acl rule. When the current time is in time range, the rule + is valid. Zero value declares that the acl rule has no + time range. The invalid value is 0." + ::= { hwAclEthernetFrameRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.11 + hwAclEthernetFrameLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. + The log contents include sequence number of ACL rule, + packets passed or discarded, source/destination mac addr, + protocol of ethernet frame, and number of packets." + ::= { hwAclEthernetFrameRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.12 + hwAclEthernetFrameEnable OBJECT-TYPE + SYNTAX EnabledStatus + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclEthernetFrameRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.13 + hwAclEthernetFrameCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the number of matched packets by a rule. A maximum of 64 bits are supported." + ::= { hwAclEthernetFrameRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.14.1.14 + hwAclEthernetFrameRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus,Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclEthernetFrameRuleEntry 14 } + + hwAclEthernetFrameEncapType OBJECT-TYPE + SYNTAX INTEGER + { + ether2(1), + ieee802dot3(2), + snap(3), + none(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the encapsulation type of rule." + DEFVAL { none } + ::= { hwAclEthernetFrameRuleEntry 15 } + + hwAclEthernetFrameDoubleTag OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates two tags of rule. False value do not + care the number of tags." + DEFVAL { false } + ::= { hwAclEthernetFrameRuleEntry 16 } + + hwAclEthernetFrameVlanId OBJECT-TYPE + SYNTAX Integer32 (0..4094) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the vlan ID of rule. The invalid + vlan ID is 0." + DEFVAL { 0 } + ::= { hwAclEthernetFrameRuleEntry 17 } + + hwAclEthernetFrameVlanIdMask OBJECT-TYPE + SYNTAX Integer32 (0..4095) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the vlan ID mask of rule." + DEFVAL { 4095 } + ::= { hwAclEthernetFrameRuleEntry 18 } + + hwAclEthernetFrameCVlanId OBJECT-TYPE + SYNTAX Integer32 (0..4094) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ce-vlan ID of rule. The invalid + vlan ID is 0." + DEFVAL { 0 } + ::= { hwAclEthernetFrameRuleEntry 19 } + + hwAclEthernetFrameCVlanIdMask OBJECT-TYPE + SYNTAX Integer32 (0..4095) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ce-vlan ID mask of rule." + DEFVAL { 4095 } + ::= { hwAclEthernetFrameRuleEntry 20 } + + hwAclEthernetFrameRule8021p OBJECT-TYPE + SYNTAX Integer32 (0..7 | 255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the 8021p value of S-tag." + ::= { hwAclEthernetFrameRuleEntry 21 } + + hwAclEthernetFrameRuleCVlan8021p OBJECT-TYPE + SYNTAX Integer32 (0..7 | 255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the 8021p value of C-tag." + ::= { hwAclEthernetFrameRuleEntry 22 } + + hwAclEthernetFrameDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the description of this ethernetframe rule. + The object describes the usage of an ACL with a word or a sentence." + ::= { hwAclEthernetFrameRuleEntry 23 } + + hwAclAppliedTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclAppliedEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the applied ACL." + ::= { hwAclMibObjects 15 } + + hwAclAppliedEntry OBJECT-TYPE + SYNTAX HwAclAppliedEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a applied ACL." + INDEX { hwAclAppliedOperation, hwAclAppliedScopeType, hwAclAppliedScopeIndex, hwAclAppliedDirection, hwAclAppliedAclNum, + hwAclAppliedSubitem, hwAclAppliedAclNum2, hwAclAppliedSubitem2, hwAclAppliedIsIPv6Acl } + ::= { hwAclAppliedTable 1 } + + + HwAclAppliedEntry ::= + SEQUENCE { + hwAclAppliedOperation + INTEGER, + hwAclAppliedScopeType + INTEGER, + hwAclAppliedScopeIndex + Integer32, + hwAclAppliedDirection + INTEGER, + hwAclAppliedAclNum + Integer32, + hwAclAppliedSubitem + Integer32, + hwAclAppliedAclNum2 + Integer32, + hwAclAppliedSubitem2 + Integer32, + hwAclAppliedStatMode + INTEGER, + hwAclAppliedStatCount + Counter64, + hwAclAppliedLimitCir + Integer32, + hwAclAppliedLimitPir + Integer32, + hwAclAppliedLimitCbs + Integer32, + hwAclAppliedLimitPbs + Integer32, + hwAclAppliedLimitGreenAction + INTEGER, + hwAclAppliedLimitGreenValue + Integer32, + hwAclAppliedLimitYellowAction + INTEGER, + hwAclAppliedLimitYellowValue + Integer32, + hwAclAppliedLimitRedAction + INTEGER, + hwAclAppliedLimitRedValue + Integer32, + hwAclAppliedMirrObservedPort + Integer32, + hwAclAppliedMirrRspanVlan + Integer32, + hwAclAppliedRedirectIfIndex + Integer32, + hwAclAppliedRedirectIpAddr + IpAddress, + hwAclAppliedRedirectIpv6Addr + Ipv6Address, + hwAclAppliedRemarkVlan + Integer32, + hwAclAppliedRemarkCVlan + Integer32, + hwAclAppliedRemark8021p + Integer32, + hwAclAppliedRemarkDscp + Integer32, + hwAclAppliedRemarkIpPre + Integer32, + hwAclAppliedRemarkLocalPre + Integer32, + hwAclAppliedRemarkMacAddr + MacAddress, + hwAclAppliedIsIPv6Acl + TruthValue, + hwAclAppliedRowStatus + RowStatus + } + + hwAclAppliedOperation OBJECT-TYPE + SYNTAX INTEGER + { + filter(1), + limit(2), + mirror(3), + redirectCpu(4), + redirectInterface(5), + redirectIpNextHop(6), + redirectIpv6NextHop(7), + remark8021p(8), + remarkDscp(9), + remarkIpPrecedence(10), + remarkLocalPrecedence(11), + remarkVlanId(12), + remarkCVlanId(13), + remarkDestMac(14), + statistic(15) + } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The actions taken when packets conforming or exceeding the configured." + ::= { hwAclAppliedEntry 1 } + + hwAclAppliedScopeType OBJECT-TYPE + SYNTAX INTEGER + { + global(1), + vlan(2), + interface(3) + } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The scope that ACL apply on." + ::= { hwAclAppliedEntry 2 } + + hwAclAppliedScopeIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "When the scope is global, this field is invalid; + When the scope is vlan, this field is vlan ID; + When the scope is interface, this field is interface index." + ::= { hwAclAppliedEntry 3 } + + + hwAclAppliedDirection OBJECT-TYPE + SYNTAX INTEGER + { + inbound(1), + outbound(2) + } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The direction acl apply on." + ::= { hwAclAppliedEntry 4 } + + hwAclAppliedAclNum OBJECT-TYPE + SYNTAX Integer32 (2000..4999) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index of ACL group. + Basic ACL in range 2000~2999; + Advance ACL in range 3000~3999; + Link ACL in range 4000~4999;" + ::= { hwAclAppliedEntry 5 } + + hwAclAppliedSubitem OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The object specifies the number of an ACL rule." + ::= { hwAclAppliedEntry 6 } + + hwAclAppliedAclNum2 OBJECT-TYPE + SYNTAX Integer32 (2000..3999|65535) + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index of ACL group. + 65535 means this field is valid." + ::= { hwAclAppliedEntry 7 } + + hwAclAppliedSubitem2 OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The object specifies the number of an ACL rule." + ::= { hwAclAppliedEntry 8 } + + hwAclAppliedStatMode OBJECT-TYPE + SYNTAX INTEGER + { + byPackets(1), + byBytes(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object specifies the mode of statistics. + When action is statistic, this field is valid." + DEFVAL { byPackets } + ::= { hwAclAppliedEntry 9 } + + hwAclAppliedStatCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the policy. + When action is statistic or limit, this field is valid." + ::= { hwAclAppliedEntry 10 } + + + hwAclAppliedLimitCir OBJECT-TYPE + SYNTAX Integer32 (0 | 64..10000000) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Committed information rate. Unit: kbps." + DEFVAL { 0 } + ::= { hwAclAppliedEntry 11 } + + + hwAclAppliedLimitPir OBJECT-TYPE + SYNTAX Integer32 (0 | 64..10000000) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Peak information rate. Unit: kbps. + 0 is the default value." + DEFVAL { 0 } + ::= { hwAclAppliedEntry 12 } + + hwAclAppliedLimitCbs OBJECT-TYPE + SYNTAX Integer32 (0 | 4096..16773120) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Committed burst size. Unit: byte. + 0 is the default value." + DEFVAL { 0 } + ::= { hwAclAppliedEntry 13 } + + hwAclAppliedLimitPbs OBJECT-TYPE + SYNTAX Integer32 (0 | 4096..16773120) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Peak burst size. Unit: byte. + 0 is the default value." + DEFVAL { 0 } + ::= { hwAclAppliedEntry 14 } + + hwAclAppliedLimitGreenAction OBJECT-TYPE + SYNTAX INTEGER + { + pass(1), + drop(2), + passRemarkDscp(3), + passRemark8021p(4) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Green action." + DEFVAL { pass } + ::= { hwAclAppliedEntry 15 } + + hwAclAppliedLimitGreenValue OBJECT-TYPE + SYNTAX Integer32 (0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value is to remark When green action is remarking. + For remarking DSCP, the range is 0~63; + For remarking 8021p, the range is 0~7." + ::= { hwAclAppliedEntry 16 } + + hwAclAppliedLimitYellowAction OBJECT-TYPE + SYNTAX INTEGER + { + pass(1), + drop(2), + passRemarkDscp(3), + passRemark8021p(4) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Yellow action." + DEFVAL { pass } + ::= { hwAclAppliedEntry 17 } + + hwAclAppliedLimitYellowValue OBJECT-TYPE + SYNTAX Integer32 (0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value is to remark When yellow action is remarking. + For remarking DSCP, the range is 0~63; + For remarking 8021p, the range is 0~7." + ::= { hwAclAppliedEntry 18 } + + hwAclAppliedLimitRedAction OBJECT-TYPE + SYNTAX INTEGER + { + pass(1), + drop(2), + passRemarkDscp(3), + passRemark8021p(4) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Red action." + DEFVAL { drop } + ::= { hwAclAppliedEntry 19 } + + hwAclAppliedLimitRedValue OBJECT-TYPE + SYNTAX Integer32 (0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value is to remark When red action is remarking. + For remarking DSCP, the range is 0~63; + For remarking 8021p, the range is 0~7." + ::= { hwAclAppliedEntry 20 } + + + hwAclAppliedMirrObservedPort OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The mirror observe port number." + ::= { hwAclAppliedEntry 21 } + + hwAclAppliedMirrRspanVlan OBJECT-TYPE + SYNTAX Integer32 (0..4094) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object specifies the RSPAN vlan. + 0 means mirror to local port." + ::= { hwAclAppliedEntry 22 } + + hwAclAppliedRedirectIfIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The redirect output interface." + ::= { hwAclAppliedEntry 23 } + + hwAclAppliedRedirectIpAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The redirect IP next hop address." + ::= { hwAclAppliedEntry 24 } + + hwAclAppliedRedirectIpv6Addr OBJECT-TYPE + SYNTAX Ipv6Address + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The redirect IPv6 next hop address." + ::= { hwAclAppliedEntry 25 } + + hwAclAppliedRemarkVlan OBJECT-TYPE + SYNTAX Integer32 (0..4094) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked vlan ID." + ::= { hwAclAppliedEntry 26 } + + hwAclAppliedRemarkCVlan OBJECT-TYPE + SYNTAX Integer32 (0..4094) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked ce-vlan ID." + ::= { hwAclAppliedEntry 27 } + + hwAclAppliedRemark8021p OBJECT-TYPE + SYNTAX Integer32 (0..7) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked 8021p value." + ::= { hwAclAppliedEntry 28 } + + hwAclAppliedRemarkDscp OBJECT-TYPE + SYNTAX Integer32 (0..63) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked DSCP value." + ::= { hwAclAppliedEntry 29 } + + hwAclAppliedRemarkIpPre OBJECT-TYPE + SYNTAX Integer32 (0..7) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked IP precedence value." + ::= { hwAclAppliedEntry 30 } + + hwAclAppliedRemarkLocalPre OBJECT-TYPE + SYNTAX Integer32 (0..7) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked local precedence value." + ::= { hwAclAppliedEntry 31 } + + hwAclAppliedRemarkMacAddr OBJECT-TYPE + SYNTAX MacAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The remarked MAC address." + ::= { hwAclAppliedEntry 32 } + + hwAclAppliedIsIPv6Acl OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The object indicates whether is IPv6 ACL." + ::= { hwAclAppliedEntry 33 } + + hwAclAppliedRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus,Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclAppliedEntry 51 } + + hwAclIpv6NumGroupTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIpv6NumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description." + ::= { hwAclMibObjects 16 } + + hwAclIpv6NumGroupEntry OBJECT-TYPE + SYNTAX HwAclIpv6NumGroupEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry containing characters of an IPv6 ACL group." + INDEX { hwAclIpv6NumGroupAclNum } + ::= { hwAclIpv6NumGroupTable 1 } + + + HwAclIpv6NumGroupEntry ::= + SEQUENCE { + hwAclIpv6NumGroupAclNum + Integer32, + hwAclIpv6NumGroupMatchOrder + INTEGER, + hwAclIpv6NumGroupSubitemNum + Counter32, + hwAclIpv6NumGroupCountClear + INTEGER, + hwAclIpv6NumGroupAclName + OCTET STRING, + hwAclIpv6NumGroupDescription + OCTET STRING, + hwAclIpv6NumGroupAclType + INTEGER, + hwAclIpv6NumGroupRowStatus + RowStatus, + hwAclIpv6NumGroupStep + Integer32 + } + + hwAclIpv6NumGroupAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The value of this object identifies a table index, representing the number of an IPv6 ACL rule group. + The value range is as follows: + Interface-based ACL6: 1000 to 1999 + Basic ACL6: 2000 to 2999 + Advanced ACL6: 3000 to 3999 + Named ACL6: 42768 to 75535" + ::= { hwAclIpv6NumGroupEntry 1 } + + + hwAclIpv6NumGroupMatchOrder OBJECT-TYPE + SYNTAX INTEGER + { + config(1), + auto(2), + default(3) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the match order of rules. + 'config' means matching ACL rules in the configuration sequence, + 'auto' means the ACL6 rules are matched following the 'Depth-first' principle." + DEFVAL { default } + ::= { hwAclIpv6NumGroupEntry 2 } + + + hwAclIpv6NumGroupSubitemNum OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The total number of the rules in the ACL6 group." + ::= { hwAclIpv6NumGroupEntry 3 } + + + hwAclIpv6NumGroupCountClear OBJECT-TYPE + SYNTAX INTEGER + { + cleared(1), + notUsed(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates whether to clear the statistics of an ACL6 rule group. + cleared(1): clear + notUsed(2): not clear + This object is valid only when the Set operation is performed for this object." + ::= { hwAclIpv6NumGroupEntry 4 } + + hwAclIpv6NumGroupAclName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..64)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the name of an acl6 group, + The first character must be start with a to z or A to Z, + and the length cannot exceed 64 character." + ::= { hwAclIpv6NumGroupEntry 5 } + + hwAclIpv6NumGroupDescription OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..127)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This object indicates the description of an ACL6 rule group. + The description length cannot exceed 127 characters." + ::= { hwAclIpv6NumGroupEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.16.1.7 + hwAclIpv6NumGroupAclType OBJECT-TYPE + SYNTAX INTEGER + { + basic(1), + advanced(2), + interface(3) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The type of IPv6 ACL group." + ::= { hwAclIpv6NumGroupEntry 7 } + + hwAclIpv6NumGroupRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three value:CreateAndGo,Active,Destroy." + ::= { hwAclIpv6NumGroupEntry 51 } + + hwAclIpv6NumGroupStep OBJECT-TYPE + SYNTAX Integer32 (1..20) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the step value of number IPv6 ACL. + Step here refers to the difference between each ID. + For instance, given the step is set to 5, + the IDs are the multiples of 5 beginning with 5. + The IPv6 ACL IDs change along with the step. When the step is 5, + the IPv6 ACL IDs are 5, 10, and 15 and so on. + However, when the step is set to 2, the IDs turn to 2, 4, + and 6 and so on." + ::= { hwAclIpv6NumGroupEntry 52 } + + hwAclIpv6IfRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIpv6IfRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for interface-based acl6 group." + ::= { hwAclMibObjects 17 } + + hwAclIpv6IfRuleEntry OBJECT-TYPE + SYNTAX HwAclIpv6IfRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry contains a rule of interface-based acl6 group." + INDEX { hwAclIpv6IfAclNum, hwAclIpv6IfSubitem } + ::= { hwAclIpv6IfRuleTable 1 } + + HwAclIpv6IfRuleEntry ::= + SEQUENCE { + hwAclIpv6IfAclNum + Integer32, + hwAclIpv6IfSubitem + Unsigned32, + hwAclIpv6IfAct + INTEGER, + hwAclIpv6IfIndex + Integer32, + hwAclIpv6IfAny + TruthValue, + hwAclIpv6IfTimeRangeIndex + Integer32, + hwAclIpv6IfLog + TruthValue, + hwAclIpv6IfEnable + TruthValue, + hwAclIpv6IfCount + Counter64, + hwAclIpv6IfRowStatus + RowStatus + } + + hwAclIpv6IfAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535)." + ::= { hwAclIpv6IfRuleEntry 1 } + + hwAclIpv6IfSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object specifies the number of an ACL6 rule. + If the number specified has been assigned to an ACL6 rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL6. It will be placed at the end of the + ACL6 when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL6 rule must be given 0, but it will be assigned + automatically;otherwise, this rule will not be created." + ::= { hwAclIpv6IfRuleEntry 2 } + + hwAclIpv6IfAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of an interface-based acl6 rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclIpv6IfRuleEntry 3 } + + hwAclIpv6IfIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the index of an interface. + It specifies the interface information of the packets. The invalid + interface index is 0." + ::= { hwAclIpv6IfRuleEntry 4 } + + hwAclIpv6IfAny OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not matching any interface." + ::= { hwAclIpv6IfRuleEntry 5 } + + hwAclIpv6IfTimeRangeIndex OBJECT-TYPE + SYNTAX Integer32 (0..256) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the index of the time range during which an ACL rule can be applied. + When the current time is in the time range, the rule is valid. The value 0 is invalid, + indicating that no time range is specified for the rule.The value ranges from 0 to 256." + ::= { hwAclIpv6IfRuleEntry 6 } + + hwAclIpv6IfLog OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether to log the matched packets. + The log contents include sequence number of ACL6 rule, + packets passed or discarded, upper layer protocol type over IP, + source/destination address, source/destination port number, + and number of packets." + ::= { hwAclIpv6IfRuleEntry 7 } + + hwAclIpv6IfEnable OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates whether the rule is valid or invalid." + ::= { hwAclIpv6IfRuleEntry 8 } + + hwAclIpv6IfCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by basic rule." + ::= { hwAclIpv6IfRuleEntry 9 } + + hwAclIpv6IfRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus,Now support three state:CreateAndGo,Active,Destroy." + ::= { hwAclIpv6IfRuleEntry 11 } + +-- chenjing 43944 + -- 1.3.6.1.4.1.2011.5.1.1.18 + hwAclMplsRuleTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclMplsRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the rule for mpls acl group." + ::= { hwAclMibObjects 18 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1 + hwAclMplsRuleEntry OBJECT-TYPE + SYNTAX HwAclMplsRuleEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a rule of mpls acl." + INDEX { hwAclMplsAclNum, hwAclMplsSubitem } + ::= { hwAclMplsRuleTable 1 } + + HwAclMplsRuleEntry ::= + SEQUENCE { + hwAclMplsAclNum + Integer32, + hwAclMplsSubitem + Unsigned32, + hwAclMplsAct + INTEGER, + hwAclMplsExp1 + Integer32, + hwAclMplsExp2 + Integer32, + hwAclMplsExp3 + Integer32, + hwAclMplsExp4 + Integer32, + hwAclMplsLabel1 + Integer32, + hwAclMplsLabel2 + Integer32, + hwAclMplsLabel3 + Integer32, + hwAclMplsLabel4 + Integer32, + hwAclMplsTTLOP1 + INTEGER, + hwAclMplsTTL1Begin + Integer32, + hwAclMplsTTL1End + Integer32, + hwAclMplsTTLOP2 + INTEGER, + hwAclMplsTTL2Begin + Integer32, + hwAclMplsTTL2End + Integer32, + hwAclMplsTTLOP3 + INTEGER, + hwAclMplsTTL3Begin + Integer32, + hwAclMplsTTL3End + Integer32, + hwAclMplsRowStatus + RowStatus, + hwAclMplsCount + Counter64 + } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.1 + hwAclMplsAclNum OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of mpls acl group, the index range is (10000..10999 | 42768..76535)." + ::= { hwAclMplsRuleEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.2 + hwAclMplsSubitem OBJECT-TYPE + SYNTAX Unsigned32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The objects specifies the number of an ACL rule. + If the number specified has been assigned to an ACL rule, + the new rule will overwrite the old one, + which is equal to editing the old rule. + If the number is not assigned, the system will define + a rule with the number and insert it to the place + corresponding to its number. If no number is specified, + the system will define a rule, assign a number to it and + add it into the ACL. It will be placed at the end of the + ACL when configuration sequence is adopted; otherwise, + it will be placed based on the 'Depth-first' principle. + When ACL rules are following the 'Depth-first' principle, + the number of an ACL rule must be given 0 ,but it will be assigned + by step automatically;otherwise,this rule will not be created." + ::= { hwAclMplsRuleEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.3 + hwAclMplsAct OBJECT-TYPE + SYNTAX INTEGER + { + permit(1), + deny(2) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the action of a basic acl rule. + 'deny' means discarding the packets that meet the condition, + 'permit' means permitting the packets that meet the condition." + ::= { hwAclMplsRuleEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.4 + hwAclMplsExp1 OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the EXP value in the first label of an MPLS packet. + The value ranges from 0 to 7. The default value is 255." + ::= { hwAclMplsRuleEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.5 + hwAclMplsExp2 OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the EXP value in the second label of an MPLS packet. + The value ranges from 0 to 7. The default value is 255." + ::= { hwAclMplsRuleEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.6 + hwAclMplsExp3 OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the EXP value in the third label of an MPLS packet. + The value ranges from 0 to 7. The default value is 255." + ::= { hwAclMplsRuleEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.7 + hwAclMplsExp4 OBJECT-TYPE + SYNTAX Integer32 (0..7|255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the EXP value in the fourth label of an MPLS packet. + The value ranges from 0 to 7. The default value is 255." + ::= { hwAclMplsRuleEntry 7 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.8 + hwAclMplsLabel1 OBJECT-TYPE + SYNTAX Integer32 (-1|0..1048575) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the Label value in the first label of an MPLS packet. + The value ranges from 0 to 1048575. The default value is -1." + ::= { hwAclMplsRuleEntry 8 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.9 + hwAclMplsLabel2 OBJECT-TYPE + SYNTAX Integer32 (-1|0..1048575) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the Label value in the second label of an MPLS packet. + The value ranges from 0 to 1048575. The default value is -1." + ::= { hwAclMplsRuleEntry 9 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.10 + hwAclMplsLabel3 OBJECT-TYPE + SYNTAX Integer32 (-1|0..1048575) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the Label value in the third label of an MPLS packet. + The value ranges from 0 to 1048575. The default value is -1." + ::= { hwAclMplsRuleEntry 10 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.11 + hwAclMplsLabel4 OBJECT-TYPE + SYNTAX Integer32 (-1|0..1048575) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The value of this object identifies the Label value in the fourth label of an MPLS packet. + The value ranges from 0 to 1048575. The default value is -1." + ::= { hwAclMplsRuleEntry 11 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.12 + hwAclMplsTTLOP1 OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + range(5), + invalid(0), + any(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ttl operation symbol of a mpls + acl rule. It compares the operators of ttl value. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'range' means between, + 'invalid' means this operation of the ttl is invalid." + ::= { hwAclMplsRuleEntry 12 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.13 + hwAclMplsTTL1Begin OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin value of a mpls ttl." + ::= { hwAclMplsRuleEntry 13 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.14 + hwAclMplsTTL1End OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end value of a mpls ttl." + ::= { hwAclMplsRuleEntry 14 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.15 + hwAclMplsTTLOP2 OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + range(5), + invalid(0), + any(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ttl operation symbol of a mpls + acl rule. It compares the operators of ttl value. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'range' means between, + 'invalid' means this operation of the ttl is invalid." + ::= { hwAclMplsRuleEntry 15 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.16 + hwAclMplsTTL2Begin OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin value of a mpls ttl." + ::= { hwAclMplsRuleEntry 16 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.17 + hwAclMplsTTL2End OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end value of a mpls ttl." + ::= { hwAclMplsRuleEntry 17 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.18 + hwAclMplsTTLOP3 OBJECT-TYPE + SYNTAX INTEGER + { + lt(1), + eq(2), + gt(3), + range(5), + invalid(0), + any(255) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the ttl operation symbol of a mpls + acl rule. It compares the operators of ttl value. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'range' means between, + 'invalid' means this operation of the ttl is invalid." + ::= { hwAclMplsRuleEntry 18 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.19 + hwAclMplsTTL3Begin OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin value of a mpls ttl." + ::= { hwAclMplsRuleEntry 19 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.20 + hwAclMplsTTL3End OBJECT-TYPE + SYNTAX Integer32 (0..255) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end value of a mpls ttl." + ::= { hwAclMplsRuleEntry 20 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.21 + hwAclMplsRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "RowStatus, Now support three value:CreateAndGo,Active and Destroy." + ::= { hwAclMplsRuleEntry 21 } + + -- 1.3.6.1.4.1.2011.5.1.1.18.1.22 + hwAclMplsCount OBJECT-TYPE + SYNTAX Counter64 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The object indicates the statistics of matched packets by the rule." + ::= { hwAclMplsRuleEntry 22 } +-- chenjing 43944 + + -- 1.3.6.1.4.1.2011.5.1.1.19 + hwAclDomainNameConfigTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclDomainNameConfigEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the domain name." + ::= { hwAclMibObjects 19 } + + + -- 1.3.6.1.4.1.2011.5.1.1.19.1 + hwAclDomainNameConfigEntry OBJECT-TYPE + SYNTAX HwAclDomainNameConfigEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a domain name." + INDEX { hwAclDomainID } + ::= { hwAclDomainNameConfigTable 1 } + + + HwAclDomainNameConfigEntry ::= + SEQUENCE { + hwAclDomainID + Integer32, + hwAclDomainName + OCTET STRING, + hwAclDomainNameConfigRowStatus + RowStatus + } + + -- 1.3.6.1.4.1.2011.5.1.1.19.1.1 + hwAclDomainID OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index of DomianName table, the index range is (0..31)." + ::= { hwAclDomainNameConfigEntry 1 } + + + -- 1.3.6.1.4.1.2011.5.1.1.19.1.2 + hwAclDomainName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (3..127)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The domian name." + ::= { hwAclDomainNameConfigEntry 2 } + + + -- 1.3.6.1.4.1.2011.5.1.1.19.1.3 + hwAclDomainNameConfigRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status,Two actions are used: createAndGo(4), destroy(6)." + ::= { hwAclDomainNameConfigEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.20 + hwAclIPPoolTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIPPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the IP pool name." + ::= { hwAclMibObjects 20 } + + -- 1.3.6.1.4.1.2011.5.1.1.20.1 + hwAclIPPoolEntry OBJECT-TYPE + SYNTAX HwAclIPPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a IP pool name." + INDEX { hwAclIPPoolIndex } + ::= { hwAclIPPoolTable 1 } + + HwAclIPPoolEntry ::= + SEQUENCE { + hwAclIPPoolIndex + Integer32, + hwAclIPPoolName + OCTET STRING, + hwAclIPPoolRowStatus + RowStatus, + hwAclIPPoolApplyBGPPeer + TruthValue + } + + -- 1.3.6.1.4.1.2011.5.1.1.20.1.1 + hwAclIPPoolIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ACL IP pool table." + ::= { hwAclIPPoolEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.20.1.2 + hwAclIPPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The IP pool name." + ::= { hwAclIPPoolEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.20.1.3 + hwAclIPPoolRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status." + ::= { hwAclIPPoolEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.20.1.4 + hwAclIPPoolApplyBGPPeer OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not BGP peers are applied." + ::= { hwAclIPPoolEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.21 + hwAclIPPoolIPTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIPPoolIPEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the IP address of IP pool." + ::= { hwAclMibObjects 21 } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1 + hwAclIPPoolIPEntry OBJECT-TYPE + SYNTAX HwAclIPPoolIPEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a IP address of IP pool." + INDEX { hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex } + ::= { hwAclIPPoolIPTable 1 } + + HwAclIPPoolIPEntry ::= + SEQUENCE { + hwAclIPPoolIPPoolIndex + Integer32, + hwAclIPPoolIPIndex + Integer32, + hwAclIPPoolIPIpAdd + IpAddress, + hwAclIPPoolIPIpWild + IpAddress, + hwAclIPPoolIPRowStatus + RowStatus + } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1.1 + hwAclIPPoolIPPoolIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the level 1 index, that is, the index of an IP address pool used by an ACL." + ::= { hwAclIPPoolIPEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1.2 + hwAclIPPoolIPIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the level 2 index, that is, the index of an IPv4 address in an IP address pool used by an ACL." + ::= { hwAclIPPoolIPEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1.3 + hwAclIPPoolIPIpAdd OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the IP-address." + ::= { hwAclIPPoolIPEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1.4 + hwAclIPPoolIPIpWild OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the IP-address wild." + ::= { hwAclIPPoolIPEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.21.1.5 + hwAclIPPoolIPRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status." + ::= { hwAclIPPoolIPEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.22 + hwAclPortPoolTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclPortPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the port pool name." + ::= { hwAclMibObjects 22 } + + -- 1.3.6.1.4.1.2011.5.1.1.22.1 + hwAclPortPoolEntry OBJECT-TYPE + SYNTAX HwAclPortPoolEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a port pool name." + INDEX { hwAclPortPoolIndex } + ::= { hwAclPortPoolTable 1 } + + HwAclPortPoolEntry ::= + SEQUENCE { + hwAclPortPoolIndex + Integer32, + hwAclPortPoolName + OCTET STRING, + hwAclPortPoolRowStatus + RowStatus + } + + -- 1.3.6.1.4.1.2011.5.1.1.22.1.1 + hwAclPortPoolIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ACL port pool table." + ::= { hwAclPortPoolEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.22.1.2 + hwAclPortPoolName OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The Port pool name." + ::= { hwAclPortPoolEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.22.1.3 + hwAclPortPoolRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status." + ::= { hwAclPortPoolEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.23 + hwAclPortPoolPortTable OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclPortPoolPortEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the port range of port pool." + ::= { hwAclMibObjects 23 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1 + hwAclPortPoolPortEntry OBJECT-TYPE + SYNTAX HwAclPortPoolPortEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a port range of port pool." + INDEX { hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex } + ::= { hwAclPortPoolPortTable 1 } + + HwAclPortPoolPortEntry ::= + SEQUENCE { + hwAclPortPoolPortPoolIndex + Integer32, + hwAclPortPoolPortIndex + Integer32, + hwAclPortPoolPortOp + INTEGER, + hwAclPortPoolPortNumBegin + Integer32, + hwAclPortPoolPortNumEnd + Integer32, + hwAclPortPoolPortRowStatus + RowStatus + } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.1 + hwAclPortPoolPortPoolIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the level 1 index, that is, the index of an ACL port pool." + ::= { hwAclPortPoolPortEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.2 + hwAclPortPoolPortIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "This object indicates the level 2 index, that is, the index of a port number in the ACL port pool." + ::= { hwAclPortPoolPortEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.3 + hwAclPortPoolPortOp OBJECT-TYPE + SYNTAX INTEGER + { + invalid(0), + lt(1), + eq(2), + gt(3), + neq(4), + range(5) + } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the Port operation. + 'lt' means less than, + 'eq' means equal to, + 'gt' means greater than, + 'neq' means not equal to, + 'range' means between, + 'invalid' means this operation of the rule is invalid." + ::= { hwAclPortPoolPortEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.4 + hwAclPortPoolPortNumBegin OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the begin port number." + ::= { hwAclPortPoolPortEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.5 + hwAclPortPoolPortNumEnd OBJECT-TYPE + SYNTAX Integer32 (0..65535) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates the end port number." + ::= { hwAclPortPoolPortEntry 5 } + + -- 1.3.6.1.4.1.2011.5.1.1.23.1.6 + hwAclPortPoolPortRowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status." + ::= { hwAclPortPoolPortEntry 6 } + + -- 1.3.6.1.4.1.2011.5.1.1.24 + hwAclIPPool6Table OBJECT-TYPE + SYNTAX SEQUENCE OF HwAclIPPool6Entry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Configure the IPv6 pool name." + ::= { hwAclMibObjects 24 } + + -- 1.3.6.1.4.1.2011.5.1.1.24.1 + hwAclIPPool6Entry OBJECT-TYPE + SYNTAX HwAclIPPool6Entry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Each entry is a IPv6 pool name." + INDEX { hwAclIPPool6Index } + ::= { hwAclIPPool6Table 1 } + + HwAclIPPool6Entry ::= + SEQUENCE { + hwAclIPPool6Index + Integer32, + hwAclIPPool6Name + OCTET STRING, + hwAclIPPool6ApplyBGPIPv6Peer + TruthValue, + hwAclIPPool6RowStatus + RowStatus + } + + -- 1.3.6.1.4.1.2011.5.1.1.24.1.1 + hwAclIPPool6Index OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The index of ACL IPv6 pool table." + ::= { hwAclIPPool6Entry 1 } + + -- 1.3.6.1.4.1.2011.5.1.1.24.1.2 + hwAclIPPool6Name OBJECT-TYPE + SYNTAX OCTET STRING (SIZE (0..32)) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The IPv6 pool name." + ::= { hwAclIPPool6Entry 2 } + + -- 1.3.6.1.4.1.2011.5.1.1.24.1.3 + hwAclIPPool6ApplyBGPIPv6Peer OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The object indicates whether or not BGP IPv6 peers are applied." + ::= { hwAclIPPool6Entry 3 } + + -- 1.3.6.1.4.1.2011.5.1.1.24.1.4 + hwAclIPPool6RowStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status." + ::= { hwAclIPPool6Entry 4 } + + -- Acl Trap MIB definition + -- + -- 1.3.6.1.4.1.2011.5.1.2 + hwAclMibTrap OBJECT IDENTIFIER ::= { hwAcl 2 } + + -- 1.3.6.1.4.1.2011.5.1.2.1 + hwAclTrapOid OBJECT IDENTIFIER ::= { hwAclMibTrap 1 } + + -- 1.3.6.1.4.1.2011.5.1.2.2 + hwAclTrapsDefine OBJECT IDENTIFIER ::= { hwAclMibTrap 2 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1 + hwAclTraps OBJECT IDENTIFIER ::= { hwAclTrapsDefine 1 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1 + hwAclResourceTrapsTable OBJECT IDENTIFIER ::= { hwAclTraps 1 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.1 + hwAclResSlotStr OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS accessible-for-notify + STATUS current + DESCRIPTION + "The infomation of slot." + ::= { hwAclResourceTrapsTable 1 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.2 + hwAclResStage OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS accessible-for-notify + STATUS current + DESCRIPTION + "The stage where trap infomation exists." + ::= { hwAclResourceTrapsTable 2 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.3 + hwAclResLimit OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS accessible-for-notify + STATUS current + DESCRIPTION + "The usage of rule resource." + ::= { hwAclResourceTrapsTable 3 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4 + hwAclResourceTrapsEntry OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 4 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1 + hwAclResThresholdExceedClearTrap NOTIFICATION-TYPE + OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } + STATUS current + DESCRIPTION + "Acl resource lack clear trap" + ::= { hwAclResourceTrapsEntry 1 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2 + hwAclResThresholdExceedTrap NOTIFICATION-TYPE + OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } + STATUS current + DESCRIPTION + "Acl resource lack trap" + ::= { hwAclResourceTrapsEntry 2 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3 + hwAclResTotalCountExceedClearTrap NOTIFICATION-TYPE + OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } + STATUS current + DESCRIPTION + "Acl resource full clear trap" + ::= { hwAclResourceTrapsEntry 3 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4 + hwAclResTotalCountExceedTrap NOTIFICATION-TYPE + OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage } + STATUS current + DESCRIPTION + "Acl resource full trap" + ::= { hwAclResourceTrapsEntry 4 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5 + hwAclResourceTrapsGroups OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 5 } + + -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1 + hwAclResourceTrapsGroup NOTIFICATION-GROUP + NOTIFICATIONS { hwAclResThresholdExceedClearTrap, hwAclResThresholdExceedTrap, hwAclResTotalCountExceedClearTrap, hwAclResTotalCountExceedTrap } + STATUS current + DESCRIPTION + "Group for all acl resource traps." + ::= { hwAclResourceTrapsGroups 1 } + + + -- Acl MIB Conformance definition + -- + -- 1.3.6.1.4.1.2011.5.1.3 + hwAclMibConformance OBJECT IDENTIFIER ::= { hwAcl 3 } + + -- 1.3.6.1.4.1.2011.5.1.3.1 + hwAclMibCompliances OBJECT IDENTIFIER ::= { hwAclMibConformance 1 } + + -- this module + -- 1.3.6.1.4.1.2011.5.1.3.1.1 + hwAclMibCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for entities which + implement the Huawei acl MIB." + MODULE -- this module + MANDATORY-GROUPS { hwAclGroup } + OBJECT hwAclBasicRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destory(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclAdvancedRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destory(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclIfRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclIpv6BasicRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclIpv6AdvancedRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclEthernetFrameRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclAppliedRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclIpv6NumGroupRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclIpv6IfRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + OBJECT hwAclMplsRowStatus + SYNTAX INTEGER + { + active(1), + createAndGo(4), + destroy(6) + } + DESCRIPTION + "The value of creatAndWaite, notInservice and notReady are not required." + ::= { hwAclMibCompliances 1 } + + -- 1.3.6.1.4.1.2011.5.1.3.2 + hwAclMibGroups OBJECT IDENTIFIER ::= { hwAclMibConformance 2 } + + -- 1.3.6.1.4.1.2011.5.1.3.2.1 + hwAclGroup OBJECT-GROUP + OBJECTS { hwAclNumGroupMatchOrder, hwAclNumGroupSubitemNum, hwAclNumGroupAclName, hwAclBasicAct, hwAclBasicSrcIp, + hwAclBasicSrcWild, hwAclBasicTimeRangeIndex, hwAclBasicFragments, hwAclBasicLog, hwAclBasicEnable, + hwAclBasicCount, hwAclBasicVrfAny, hwAclBasicRowStatus, hwAclAdvancedAct, hwAclAdvancedProtocol, hwAclAdvancedSrcIp, + hwAclAdvancedSrcWild, hwAclAdvancedSrcOp, hwAclAdvancedSrcPort1, hwAclAdvancedSrcPort2, hwAclAdvancedDestIp, + hwAclAdvancedDestWild, hwAclAdvancedDestOp, hwAclAdvancedDestPort1, hwAclAdvancedDestPort2, hwAclAdvancedPrecedence, + hwAclAdvancedTos, hwAclAdvancedDscp, hwAclAdvancedEstablish, hwAclAdvancedTimeRangeIndex, hwAclAdvancedIcmpType, + hwAclAdvancedIcmpCode, hwAclAdvancedFragments, hwAclAdvancedLog, hwAclAdvancedEnable, hwAclAdvancedCount, + hwAclAdvancedRowStatus, hwAclAdvancedTcpSyncFlag, hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName, + hwAclAdvancedProtocolNew, hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, + hwAclAdvancedTtlExpireEnd, hwAclAdvancedSrcPortPoolName, hwAclAdvancedDestPortPoolName, hwAclAdvancedIcmpTypeEnd, hwAclAdvancedVrfAny, hwAclIfAct, hwAclIfIndex, hwAclIfAny, + hwAclIfTimeRangeIndex, hwAclIfLog, hwAclIfEnable, hwAclIfCount, hwAclIfRowStatus, + hwAclUserAct, hwAclUserProtocol, hwAclUserSrcIp, hwAclUserSrcWild, hwAclUserSrcOp, + hwAclUserSrcPort1, hwAclUserSrcPort2, hwAclUserDestIp, hwAclUserDestWild, hwAclUserDestOp, + hwAclUserDestPort1, hwAclUserDestPort2, hwAclUserPrecedence, hwAclUserTos, hwAclUserDscp, + hwAclUserEstablish, hwAclUserTimeRangeIndex, hwAclUserIcmpType, hwAclUserIcmpCode, hwAclUserFragments, + hwAclUserLog, hwAclUserEnable, hwAclUserCount, hwAclUserSrcUserGroupName, hwAclUserDestUserGroupName, + hwAclUserSrcModeType, hwAclUserDestModeType, hwAclUserRowStatus, hwAclCompileEnableFlag, hwAclNumGroupAclNum, + hwAclBasicAclNum, hwAclBasicSubitem, hwAclAdvancedAclNum, hwAclAdvancedSubitem, hwAclIfAclNum, + hwAclIfSubitem, hwAclUserAclNum, hwAclUserSubitem, hwAclUserVrfName, hwAclUserTcpSyncFlag, + hwAclEthernetFrameEncapType, hwAclEthernetFrameDoubleTag, hwAclEthernetFrameVlanId, hwAclEthernetFrameVlanIdMask, hwAclEthernetFrameCVlanId, + hwAclEthernetFrameCVlanIdMask, hwAclAppliedStatMode, hwAclAppliedStatCount, hwAclAppliedLimitCir, hwAclAppliedLimitPir, + hwAclAppliedLimitCbs, hwAclAppliedLimitPbs, hwAclAppliedLimitGreenAction, hwAclAppliedLimitGreenValue, hwAclAppliedLimitYellowAction, + hwAclAppliedLimitYellowValue, hwAclAppliedLimitRedAction, hwAclAppliedLimitRedValue, hwAclAppliedMirrObservedPort, hwAclAppliedMirrRspanVlan, + hwAclAppliedRedirectIfIndex, hwAclAppliedRedirectIpAddr, hwAclAppliedRedirectIpv6Addr, hwAclAppliedRemarkVlan, hwAclAppliedRemarkCVlan, + hwAclAppliedRemark8021p, hwAclAppliedRemarkDscp, hwAclAppliedRemarkIpPre, hwAclAppliedRemarkLocalPre, hwAclAppliedRemarkMacAddr, + hwAclAppliedRowStatus, hwAclCompileNumGroupStatus, hwAclNumGroupStep, hwAclNumGroupDescription, hwAclNumGroupCountClear, + hwAclNumGroupRowStatus, hwAclBasicVrfName, hwAclAdvancedVrfName, hwAclIpv6BasicAct, hwAclIpv6BasicSrcIp, + hwAclIpv6BasicSrcPrefix, hwAclIpv6BasicTimeRangeIndex, hwAclIpv6BasicFragment, hwAclIpv6BasicLog, hwAclIpv6BasicEnable, + hwAclIpv6BasicCount, hwAclIpv6BasicVrfName, hwAclIpv6BasicRowStatus, hwAclIpv6BasicVrfAny, hwAclIpv6AdvancedAct, hwAclIpv6AdvancedProtocol, + hwAclIpv6AdvancedSrcIp, hwAclIpv6AdvancedSrcPrefix, hwAclIpv6AdvancedSrcOp, hwAclIpv6AdvancedSrcPort1, hwAclIpv6AdvancedSrcPort2, + hwAclIpv6AdvancedDestIp, hwAclIpv6AdvancedDestPrefix, hwAclIpv6AdvancedDestOp, hwAclIpv6AdvancedDestPort1, hwAclIpv6AdvancedDestPort2, + hwAclIpv6AdvancedPrecedence, hwAclIpv6AdvancedTos, hwAclIpv6AdvancedDscp, hwAclIpv6AdvancedEstablish, hwAclIpv6AdvancedTimeRangeIndex, + hwAclIpv6AdvancedIcmpType, hwAclIpv6AdvancedIcmpCode, hwAclIpv6AdvancedFragment, hwAclIpv6AdvancedLog, hwAclIpv6AdvancedEnable, + hwAclIpv6AdvancedCount, hwAclIpv6AdvancedVrfName, hwAclIpv6AdvancedRowStatus, hwAclIpv6AdvancedProtocolNew, hwAclIpv6AdvancedIcmpTypeEnd, hwAclIpv6AdvancedVrfAny, hwAclEthernetFrameAct, hwAclEthernetFrameType, + hwAclEthernetFrameTypeMask, hwAclEthernetFrameSrcMac, hwAclEthernetFrameSrcMacMask, hwAclEthernetFrameDstMac, hwAclEthernetFrameDstMacMask, + hwAclEthernetFrameTimeRangeIndex, hwAclEthernetFrameLog, hwAclEthernetFrameEnable, hwAclEthernetFrameCount, + hwAclEthernetFrameRowStatus, hwAclEthernetFrameRule8021p, hwAclEthernetFrameRuleCVlan8021p, + hwAclIpv6NumGroupMatchOrder, hwAclIpv6NumGroupSubitemNum, hwAclIpv6NumGroupCountClear, hwAclIpv6NumGroupRowStatus, hwAclIpv6NumGroupAclName, + hwAclIpv6IfAct, hwAclIpv6IfIndex, hwAclIpv6IfAny, hwAclIpv6IfTimeRangeIndex, hwAclIpv6IfLog, hwAclIpv6IfEnable, hwAclIpv6IfCount, hwAclIpv6IfRowStatus, + hwAclMplsAct, hwAclMplsExp1, hwAclMplsExp2, + hwAclMplsExp3, hwAclMplsExp4, hwAclMplsLabel1, hwAclMplsLabel2, hwAclMplsLabel3, + hwAclMplsLabel4, hwAclMplsTTLOP1, hwAclMplsTTL1Begin, hwAclMplsTTL1End, + hwAclMplsTTLOP2, hwAclMplsTTL2Begin, hwAclMplsTTL2End, + hwAclMplsTTLOP3, hwAclMplsTTL3Begin, hwAclMplsTTL3End, hwAclMplsRowStatus, hwAclMplsCount, hwAclIpv6BasicSrcMask, hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask, + hwAclIPPoolIndex, hwAclIPPoolName, hwAclIPPoolRowStatus, + hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex, hwAclIPPoolIPIpAdd, hwAclIPPoolIPIpWild, hwAclIPPoolIPRowStatus, + hwAclPortPoolIndex, hwAclPortPoolName, hwAclPortPoolRowStatus, + hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex, hwAclPortPoolPortOp, hwAclPortPoolPortNumBegin, hwAclPortPoolPortNumEnd, hwAclPortPoolPortRowStatus} + STATUS current + DESCRIPTION + "A collection of objects providing mandatory acl information." + ::= { hwAclMibGroups 1 } +END \ No newline at end of file -- cgit v1.2.3