-- *******************************************************************
-- CISCO-LWAPP-ACL-MIB.my
-- August 2006, Sheeba Kamra
--
-- Copyright (c) 2005-2006 by Cisco Systems, Inc.
-- All rights reserved.
-- *******************************************************************CISCO-LWAPP-ACL-MIB DEFINITIONS::=BEGIN
IMPORTSMODULE-IDENTITY,OBJECT-TYPE,Unsigned32FROM SNMPv2-SMI
MODULE-COMPLIANCE,OBJECT-GROUPFROM SNMPv2-CONF
DisplayStringFROM SNMPv2-TC
ciscoMgmt
FROM CISCO-SMI;-- ********************************************************************
-- * MODULE IDENTITY
-- ********************************************************************ciscoLwappAclMIB MODULE-IDENTITYLAST-UPDATED"200608290000Z"ORGANIZATION"Cisco Systems Inc."CONTACT-INFO"Cisco Systems,
Customer Service
Postal: 170 West Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
Email: cs-wnbu-snmp@cisco.com"DESCRIPTION"This MIB is intended to be implemented on all those
devices operating as Central Controllers (CC) that
terminate the Light Weight Access Point Protocol
tunnel from Light-weight LWAPP Access Points.
This MIB provides configuration and status information
about the ACLs on the controller.
Particularly this mib covers the CPU ACLs for the wireless
controllers.
Traffic to the controller CPU comes from the NPU (Network
Processing Unit).
Using CPU ACLs, the user can place restrictions on type of
traffic reaching the CPU of the controller from the NPU.
CPU ACLs introduce an ACL for the traffic to the CPU of
controller. With this ACL the type of packets reaching the
CPU can be controlled. The mode of operation is as follows.
The administrator designates one ACL for the traffic to the
CPU. The ACL kicks in for packets from the NPU to the CPU.
Each ACL is an ordered set of rules. If a rule matches then
action for that rule is applied to the packet. The decision
to send or drop the packet is taken based on the action
parameter of the ACL.
There will be no ACL for the packets from the CPU to the
NPU.
GLOSSARY
Access Control List ( ACL )
A list of rules used to restrict the traffic reaching an
interface or the CPU. Each ACL is an ordered set of rules
and actions. If a rule matches then the action for that
rule is applied to the packet.
Access Point ( AP )
An entity that contains an 802.11 medium access control
( MAC ) and physical layer ( PHY ) interface and provides
acess to the distribution services via the wireless medium
for associated clients.
CPU ACL ( CPU ACL )
The ACL applied to the CPU. This controls the type of
traffic reaching the CPU of the controller.
Network Processing Unit ( NPU )
This entity is responsible for forwarding traffic to the
CPU. The only exceptions are data coming thorugh the
console port and the Service port i.e. these communicate
directly with the CPU and not via the NPU.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the communciation
between the Access Points and the Central Controller.
REFERENCE
[1] Part 11 Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications.
"REVISION"200608290000Z"DESCRIPTION"Moved scalar attributes to claCpuAclTable."REVISION"200607190000Z"DESCRIPTION"Initial version of this MIB module."::={ ciscoMgmt 577}ciscoLwappAclMIBNotifs OBJECTIDENTIFIER::={ ciscoLwappAclMIB 0}ciscoLwappAclMIBObjects OBJECTIDENTIFIER::={ ciscoLwappAclMIB 1}ciscoLwappAclMIBConform OBJECTIDENTIFIER::={ ciscoLwappAclMIB 2}ciscoLwappCpuAcl OBJECTIDENTIFIER::={ ciscoLwappAclMIBObjects 1}claCpuAclTable OBJECT-TYPE
SYNTAXSEQUENCEOF ClaCpuAclEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"This table represents the ACL related parameters on the
CPU of the controller.
"::={ ciscoLwappCpuAcl 1}claCpuAclEntry OBJECT-TYPESYNTAX ClaCpuAclEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Each entry represents a conceptual row in this table.
For each CPU of the controller, there will be a row.
"INDEX{ claCpuAclIndex }::={ claCpuAclTable 1}
ClaCpuAclEntry ::=SEQUENCE{
claCpuAclIndex Unsigned32,
claCpuAclName DisplayString,
claCpuAclPacketApplicability INTEGER}claCpuAclIndex OBJECT-TYPESYNTAXUnsigned32MAX-ACCESSnot-accessible
STATUScurrentDESCRIPTION"This object uniquely identifies one instance of
a CPU on the controller.
"::={ claCpuAclEntry 1}claCpuAclName OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Name of the Access Control List applied to the CPU.
The access list to be applied should already exist
on the controller.
If it is required to remove the ACL for the CPU,
this field should be set to an empty string.
"::={ claCpuAclEntry 2}claCpuAclPacketApplicability OBJECT-TYPESYNTAXINTEGER{none(1),wired(2),wireless(3),
both(4)}MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This indicates whether the CPU ACL applies for only
wired(2) packets, only the wireless(3) packets
or both(4) types of packets.
If there is no ACL applied to the CPU, then
this field will be set to none(1) .
If earlier there was no ACL applied to the CPU and the
user just sets the claCpuAclName attribute, then
this field will be set to both(4).
"::={ claCpuAclEntry 3}-- ********************************************************************
-- * Compliance statements
-- ********************************************************************ciscoLwappAclMIBCompliances OBJECTIDENTIFIER::={ ciscoLwappAclMIBConform 1}ciscoLwappAclMIBGroups OBJECTIDENTIFIER::={ ciscoLwappAclMIBConform 2}ciscoLwappAclMIBCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for the SNMP entities that
implement the ciscoLwappAclMIB module."MODULE-- this moduleMANDATORY-GROUPS{ ciscoLwappCpuAclGroup }::={ ciscoLwappAclMIBCompliances 1}-- ********************************************************************
-- * Units of conformance
-- ********************************************************************ciscoLwappCpuAclGroup OBJECT-GROUPOBJECTS{
claCpuAclName,
claCpuAclPacketApplicability
}STATUScurrentDESCRIPTION"This collection of objects represents the information
about the general attributes of CPU ACL."::={ ciscoLwappAclMIBGroups 1}END