FOUNDRY-SN-IP-ACL-MIB DEFINITIONS::=BEGIN-- ImportsIMPORTSIpAddressFROM RFC1155-SMI
OBJECT-TYPEFROM RFC-1212
Counter64FROM SNMPv2-SMI
snIp
FROM FOUNDRY-SN-ROOT-MIB;-- textual conventionsDisplayString::=OCTETSTRING-- RtrStatus ValuesRtrStatus ::=INTEGER{ disabled(0), enabled (1)}-- Row StatusSnRowStatus ::=INTEGER{other(1),valid(2),delete(3),create(4)
}-- ActionAction ::=INTEGER{ deny(0), permit(1)}-- Boolean ValuesTruthVal ::=INTEGER{ false (0), true (1)}-- ACL numberAclNumber ::=INTEGER(1..199)-- OperatorOperator ::=INTEGER{ eq(0), neq(1), lt(2), gt(3), range(4), undefined(7)}-- IP ProtocolIpProtocol ::=INTEGER(0..255)-- Precedence ValuePrecedenceValue ::=INTEGER{ critical(5), flash(3), flashoverride(4),
immediate(2), internet(6), network(7),priority(1), routine(0), undefined(8)}-- Tos ValueTosValue ::=INTEGER{normal(0),minMonetaryCost(1),maxReliability(2),tosValue3(3),maxThroughput(4),tosValue5(5),tosValue6(6),tosValue7(7),
minDelay(8),tosValue9(9),tosValue10(10),tosValue11(11),tosValue12(12),tosValue13(13),tosValue14(14),tosValue15(15),undefined(16)}-- DirectionDirection ::=INTEGER{ inbound(0), outbound(1)}------Access Control ListsnAgAcl OBJECTIDENTIFIER::={ snIp 15}snAgAclGlobal OBJECTIDENTIFIER::={ snAgAcl 1}
snAgAclGblCurRowIndex OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"The current row index of the ACL table entry."::={ snAgAclGlobal 1}--
-- ACL Table
--snAgAclTable OBJECT-TYPESYNTAXSEQUENCEOF SnAgAclEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"Table of Access Control List"::={ snAgAcl 2}snAgAclEntry OBJECT-TYPESYNTAX SnAgAclEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"An entry in the IP access control list table."INDEX{ snAgAclIndex }::={ snAgAclTable 1}
SnAgAclEntry ::=SEQUENCE{
snAgAclIndex
INTEGER,
snAgAclNumber
AclNumber,
snAgAclName
DisplayString,
snAgAclAction
Action,
snAgAclProtocol
IpProtocol,
snAgAclSourceIp
IpAddress,
snAgAclSourceMask
IpAddress,
snAgAclSourceOperator
Operator,
snAgAclSourceOperand1
INTEGER,
snAgAclSourceOperand2
INTEGER,
snAgAclDestinationIp
IpAddress,
snAgAclDestinationMask
IpAddress,
snAgAclDestinationOperator
Operator,
snAgAclDestinationOperand1
INTEGER,
snAgAclDestinationOperand2
INTEGER,
snAgAclPrecedence
PrecedenceValue,
snAgAclTos
TosValue,
snAgAclEstablished
RtrStatus,
snAgAclLogOption
TruthVal,
snAgAclStandardFlag
TruthVal,
snAgAclRowStatus
SnRowStatus,
snAgAclFlowCounter
Counter64,
snAgAclPacketCounter
Counter64,
snAgAclComments
DisplayString}snAgAclIndex OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"The access control list item number for an entry.
This is a unique number that identifies different
Access list entries combined with the access list
name and access list number. This one has to be
unique even though the name and number are not unique
for a give access list with same or different source
address, subnet mask, destination address and destination
mask, protocol type, action (permit/deny) type and the
operator (neq, eq, gt and , lt) which makes the index a
unique tuple (name, number, itemnumber)."::={ snAgAclEntry 1}snAgAclNumber OBJECT-TYPESYNTAX AclNumber
ACCESSread-writeSTATUSmandatoryDESCRIPTION"The access control list number for an entry.
The standard access list is in the range <1..99>.
The extended access list is in the range <100-199>."::={ snAgAclEntry 2}snAgAclName OBJECT-TYPESYNTAXDisplayString(SIZE(0..255))ACCESSread-writeSTATUSmandatoryDESCRIPTION"ACL name for an entry."::={ snAgAclEntry 3}snAgAclAction OBJECT-TYPESYNTAX Action
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Action to take if the ip packet matches
with this access control list."::={ snAgAclEntry 4}snAgAclProtocol OBJECT-TYPESYNTAX IpProtocol
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Transport protocol. 0 means any protocol."::={ snAgAclEntry 5}snAgAclSourceIp OBJECT-TYPESYNTAXIpAddressACCESSread-writeSTATUSmandatoryDESCRIPTION"Source IP address."::={ snAgAclEntry 6}snAgAclSourceMask OBJECT-TYPESYNTAXIpAddressACCESSread-writeSTATUSmandatoryDESCRIPTION"Source IP subnet mask."::={ snAgAclEntry 7}snAgAclSourceOperator OBJECT-TYPESYNTAX Operator
ACCESSread-writeSTATUSmandatory
DESCRIPTION"Type of comparison to perform.
for now, this only applys to tcp or udp
to compare the port number"::={ snAgAclEntry 8}snAgAclSourceOperand1 OBJECT-TYPESYNTAXINTEGER(0..65535)ACCESSread-writeSTATUSmandatoryDESCRIPTION"For now this only refers to transport
protocol port number. 0 means NA"::={ snAgAclEntry 9}snAgAclSourceOperand2 OBJECT-TYPESYNTAXINTEGER(0..65535)ACCESSread-writeSTATUSmandatoryDESCRIPTION"For now this only refers to transport
protocol port number. 0 means NA"::={ snAgAclEntry 10}snAgAclDestinationIp OBJECT-TYPESYNTAXIpAddressACCESSread-writeSTATUSmandatoryDESCRIPTION"Destination IP address."::={ snAgAclEntry 11}
snAgAclDestinationMask OBJECT-TYPESYNTAXIpAddressACCESSread-writeSTATUSmandatoryDESCRIPTION"Destination IP subnet mask."::={ snAgAclEntry 12}snAgAclDestinationOperator OBJECT-TYPESYNTAX Operator
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Type of comparison to perform.
for now, this only applys to tcp or udp
to compare the port number"::={ snAgAclEntry 13}snAgAclDestinationOperand1 OBJECT-TYPESYNTAXINTEGER(0..65535)ACCESSread-writeSTATUSmandatoryDESCRIPTION"For now this only refers to transport
protocol port number. 0 means NA"::={ snAgAclEntry 14}snAgAclDestinationOperand2 OBJECT-TYPESYNTAXINTEGER(0..65535)
ACCESSread-writeSTATUSmandatoryDESCRIPTION"For now this only refers to transport
protocol port number. 0 means NA"::={ snAgAclEntry 15}snAgAclPrecedence OBJECT-TYPESYNTAX PrecedenceValue
ACCESSread-writeSTATUSmandatoryDESCRIPTION"This refers to IP precedence value in the range <0-7>
critical(5),
flash(3),
flash-override(4),
immediate(2),
internet(6),
network(7),
priority(1),
routine(0)"::={ snAgAclEntry 16}snAgAclTos OBJECT-TYPESYNTAX TosValue
ACCESSread-writeSTATUSmandatoryDESCRIPTION"This refers to the IP type of service value in range
<0-15> which is the sum of numeric vlaues of the
following options -
match packets with maximum reliability TOS (2)
match packets with maximum throughput TOS (4)
match packets with minimum delay (8)
match packets with minimum monetary cost TOS (1)
match packets with normal TOS (0)"::={ snAgAclEntry 17}snAgAclEstablished OBJECT-TYPE
SYNTAX RtrStatus
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Enable/Disable the filtering of established TCP
packets of which the ACK or RESET flag is on. This
additional filter only applies to TCP transport
protocol."::={ snAgAclEntry 18}snAgAclLogOption OBJECT-TYPESYNTAX TruthVal
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Log flag"::={ snAgAclEntry 19}snAgAclStandardFlag OBJECT-TYPESYNTAX TruthVal
ACCESSread-writeSTATUSmandatoryDESCRIPTION"Return whether the ACL is standard or extended, 1 for standard ACL"::={ snAgAclEntry 20}snAgAclRowStatus OBJECT-TYPESYNTAX SnRowStatus
ACCESSread-writeSTATUSmandatoryDESCRIPTION"To create or delete a access list
entry."::={ snAgAclEntry 21}snAgAclFlowCounter OBJECT-TYPE
SYNTAXCounter64ACCESSread-onlySTATUSmandatoryDESCRIPTION"Approximate count of flows matching individual ACL entry."::={ snAgAclEntry 22}snAgAclPacketCounter OBJECT-TYPESYNTAXCounter64ACCESSread-onlySTATUSmandatoryDESCRIPTION"Accurate count of packets matching individual ACL entry."::={ snAgAclEntry 23}snAgAclComments OBJECT-TYPESYNTAXDisplayString(SIZE(0..255))ACCESSread-writeSTATUSmandatoryDESCRIPTION"Remark description of individual ACL entry."::={ snAgAclEntry 24}--
-- Acl Port TablesnAgAclBindToPortTable OBJECT-TYPESYNTAXSEQUENCEOF SnAgAclBindToPortEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION
"Table of ACL binding to port for router"::={ snAgAcl 3}snAgAclBindToPortEntry OBJECT-TYPESYNTAX SnAgAclBindToPortEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"An entry in the ACL-binding-to-port table."INDEX{
snAgAclPortNum,
snAgAclPortBindDirection
}::={ snAgAclBindToPortTable 1}
SnAgAclBindToPortEntry ::=SEQUENCE{
snAgAclPortNum
INTEGER,
snAgAclPortBindDirection
Direction,
snAgAclNum
INTEGER,
snAgAclNameString
DisplayString,
snAgBindPortListInVirtualInterface
OCTETSTRING,
snAgAclPortRowStatus
SnRowStatus
}snAgAclPortNum OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Binding-to port num, either physical port or virtual interface."::={ snAgAclBindToPortEntry 1}
snAgAclPortBindDirection OBJECT-TYPESYNTAX Direction
ACCESSread-onlySTATUSmandatoryDESCRIPTION"ACL port direction, inbound or outbound"::={ snAgAclBindToPortEntry 2}snAgAclNum OBJECT-TYPESYNTAXINTEGERACCESSread-writeSTATUSmandatoryDESCRIPTION"Defined ACL number"::={ snAgAclBindToPortEntry 3}snAgAclNameString OBJECT-TYPESYNTAXDisplayStringACCESSread-writeSTATUSmandatoryDESCRIPTION"Defined ACL name"::={ snAgAclBindToPortEntry 4}snAgBindPortListInVirtualInterface OBJECT-TYPESYNTAXOCTETSTRINGACCESSread-writeSTATUSmandatoryDESCRIPTION"Port list for binding virtual interface"::={ snAgAclBindToPortEntry 5}
snAgAclPortRowStatus OBJECT-TYPESYNTAX SnRowStatus
ACCESSread-writeSTATUSmandatoryDESCRIPTION"To create or delete a ACL port entry."::={ snAgAclBindToPortEntry 6}END