diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/hp/HP-SN-IP-ACL-MIB | |
| download | mibs-main.tar.gz mibs-main.zip | |
Diffstat (limited to 'MIBS/hp/HP-SN-IP-ACL-MIB')
| -rw-r--r-- | MIBS/hp/HP-SN-IP-ACL-MIB | 526 |
1 files changed, 526 insertions, 0 deletions
diff --git a/MIBS/hp/HP-SN-IP-ACL-MIB b/MIBS/hp/HP-SN-IP-ACL-MIB new file mode 100644 index 0000000..6bed98a --- /dev/null +++ b/MIBS/hp/HP-SN-IP-ACL-MIB @@ -0,0 +1,526 @@ +HP-SN-IP-ACL-MIB DEFINITIONS ::= BEGIN + +-- Imports + +IMPORTS + IpAddress + FROM RFC1155-SMI + OBJECT-TYPE + FROM RFC-1212 + Counter64 + FROM SNMPv2-SMI + snIp + FROM HP-SN-ROOT-MIB; + + -- textual conventions + DisplayString ::= OCTET STRING + + -- RtrStatus Values + RtrStatus ::= INTEGER { disabled(0), enabled (1) } + + -- Row Status + SnRowStatus ::= INTEGER { + other(1), + valid(2), + delete(3), + create(4) + } + + -- Action + Action ::= INTEGER { deny(0), permit(1) } + + -- Boolean Values + TruthVal ::= INTEGER { false (0), true (1) } + + -- ACL number + AclNumber ::= INTEGER (1..199) + + -- Operator + Operator ::= INTEGER { eq(0), neq(1), lt(2), gt(3), range(4), undefined(7) } + + -- IP Protocol + IpProtocol ::= INTEGER (0..255) + + -- Precedence Value + PrecedenceValue ::= INTEGER { critical(5), flash(3), flashoverride(4), + immediate(2), internet(6), network(7), + priority(1), routine(0), undefined(8) } + + -- Tos Value + TosValue ::= INTEGER { + normal(0), + minMonetaryCost(1), + maxReliability(2), + tosValue3(3), + maxThroughput(4), + tosValue5(5), + tosValue6(6), + tosValue7(7), + minDelay(8), + tosValue9(9), + tosValue10(10), + tosValue11(11), + tosValue12(12), + tosValue13(13), + tosValue14(14), + tosValue15(15), + undefined(16) + } + + -- Direction + Direction ::= INTEGER { inbound(0), outbound(1) } + +------Access Control List + +snAgAcl OBJECT IDENTIFIER ::= { snIp 15 } + +snAgAclGlobal OBJECT IDENTIFIER ::= { snAgAcl 1 } + +snAgAclGblCurRowIndex OBJECT-TYPE + SYNTAX INTEGER + ACCESS read-only + STATUS mandatory + DESCRIPTION + "The current row index of the ACL table entry." + ::= { snAgAclGlobal 1 } + +-- +-- ACL Table +-- + +snAgAclTable OBJECT-TYPE + SYNTAX SEQUENCE OF SnAgAclEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "Table of Access Control List" + ::= { snAgAcl 2 } + +snAgAclEntry OBJECT-TYPE + SYNTAX SnAgAclEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "An entry in the IP access control list table." + INDEX { snAgAclIndex } + ::= { snAgAclTable 1 } + +SnAgAclEntry ::= SEQUENCE { + snAgAclIndex + INTEGER, + snAgAclNumber + AclNumber, + snAgAclName + DisplayString, + snAgAclAction + Action, + snAgAclProtocol + IpProtocol, + snAgAclSourceIp + IpAddress, + snAgAclSourceMask + IpAddress, + snAgAclSourceOperator + Operator, + snAgAclSourceOperand1 + INTEGER, + snAgAclSourceOperand2 + INTEGER, + snAgAclDestinationIp + IpAddress, + snAgAclDestinationMask + IpAddress, + snAgAclDestinationOperator + Operator, + snAgAclDestinationOperand1 + INTEGER, + snAgAclDestinationOperand2 + INTEGER, + snAgAclPrecedence + PrecedenceValue, + snAgAclTos + TosValue, + snAgAclEstablished + RtrStatus, + snAgAclLogOption + TruthVal, + snAgAclStandardFlag + TruthVal, + snAgAclRowStatus + SnRowStatus, + snAgAclFlowCounter + Counter64, + snAgAclPacketCounter + Counter64, + snAgAclComments + DisplayString, + snAgAclIpPriority + INTEGER, + snAgAclPriorityForce + INTEGER, + snAgAclPriorityMapping + INTEGER, + snAgAclDscpMarking + INTEGER, + snAgAclDscpMapping + INTEGER + } + +snAgAclIndex OBJECT-TYPE + SYNTAX INTEGER + ACCESS read-only + STATUS mandatory + DESCRIPTION + "The access control list item number for an entry. + This is a unique number that identifies different + Access list entries combined with the access list + name and access list number. This one has to be + unique even though the name and number are not unique + for a give access list with same or different source + address, subnet mask, destination address and destination + mask, protocol type, action (permit/deny) type and the + operator (neq, eq, gt and , lt) which makes the index a + unique tuple (name, number, itemnumber)." + ::= { snAgAclEntry 1 } + +snAgAclNumber OBJECT-TYPE + SYNTAX AclNumber + ACCESS read-write + STATUS mandatory + DESCRIPTION + "The access control list number for an entry. + The standard access list is in the range <1..99>. + The extended access list is in the range <100-199>." + ::= { snAgAclEntry 2 } + +snAgAclName OBJECT-TYPE + SYNTAX DisplayString + ACCESS read-write + STATUS mandatory + DESCRIPTION + "ACL name for an entry." + ::= { snAgAclEntry 3 } + +snAgAclAction OBJECT-TYPE + SYNTAX Action + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Action to take if the ip packet matches + with this access control list." + ::= { snAgAclEntry 4 } + +snAgAclProtocol OBJECT-TYPE + SYNTAX IpProtocol + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Transport protocol. 0 means any protocol." + ::= { snAgAclEntry 5 } + +snAgAclSourceIp OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Source IP address." + ::= { snAgAclEntry 6 } + +snAgAclSourceMask OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Source IP subnet mask." + ::= { snAgAclEntry 7 } + +snAgAclSourceOperator OBJECT-TYPE + SYNTAX Operator + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Type of comparison to perform. + for now, this only applys to tcp or udp + to compare the port number" + ::= { snAgAclEntry 8 } + +snAgAclSourceOperand1 OBJECT-TYPE + SYNTAX INTEGER(0..65535) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "For now this only refers to transport + protocol port number. 0 means NA" + ::= { snAgAclEntry 9 } + +snAgAclSourceOperand2 OBJECT-TYPE + SYNTAX INTEGER(0..65535) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "For now this only refers to transport + protocol port number. 0 means NA" + ::= { snAgAclEntry 10 } + +snAgAclDestinationIp OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Destination IP address." + ::= { snAgAclEntry 11 } + +snAgAclDestinationMask OBJECT-TYPE + SYNTAX IpAddress + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Destination IP subnet mask." + ::= { snAgAclEntry 12 } + +snAgAclDestinationOperator OBJECT-TYPE + SYNTAX Operator + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Type of comparison to perform. + for now, this only applys to tcp or udp + to compare the port number" + ::= { snAgAclEntry 13 } + +snAgAclDestinationOperand1 OBJECT-TYPE + SYNTAX INTEGER(0..65535) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "For now this only refers to transport + protocol port number. 0 means NA" + ::= { snAgAclEntry 14 } + +snAgAclDestinationOperand2 OBJECT-TYPE + SYNTAX INTEGER(0..65535) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "For now this only refers to transport + protocol port number. 0 means NA" + ::= { snAgAclEntry 15 } + +snAgAclPrecedence OBJECT-TYPE + SYNTAX PrecedenceValue + ACCESS read-write + STATUS mandatory + DESCRIPTION + "This refers to IP precedence value in the range <0-7> + critical(5), + flash(3), + flash-override(4), + immediate(2), + internet(6), + network(7), + priority(1), + routine(0)" + ::= { snAgAclEntry 16 } + +snAgAclTos OBJECT-TYPE + SYNTAX TosValue + ACCESS read-write + STATUS mandatory + DESCRIPTION + "This refers to the IP type of service value in range + <0-15> which is the sum of numeric vlaues of the + following options - + match packets with maximum reliability TOS (2) + match packets with maximum throughput TOS (4) + match packets with minimum delay (8) + match packets with minimum monetary cost TOS (1) + match packets with normal TOS (0)" + ::= { snAgAclEntry 17 } + +snAgAclEstablished OBJECT-TYPE + SYNTAX RtrStatus + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Enable/Disable the filtering of established TCP + packets of which the ACK or RESET flag is on. This + additional filter only applies to TCP transport + protocol." + ::= { snAgAclEntry 18 } + +snAgAclLogOption OBJECT-TYPE + SYNTAX TruthVal + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Log flag" + ::= { snAgAclEntry 19 } + +snAgAclStandardFlag OBJECT-TYPE + SYNTAX TruthVal + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Return whether the ACL is standard or extended, 1 for standard ACL" + ::= { snAgAclEntry 20 } + +snAgAclRowStatus OBJECT-TYPE + SYNTAX SnRowStatus + ACCESS read-write + STATUS mandatory + DESCRIPTION + "To create or delete a access list + entry." + ::= { snAgAclEntry 21 } + +snAgAclFlowCounter OBJECT-TYPE + SYNTAX Counter64 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Approximate count of flows matching individual ACL entry." + ::= { snAgAclEntry 22 } + +snAgAclPacketCounter OBJECT-TYPE + SYNTAX Counter64 + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Accurate count of packets matching individual ACL entry." + ::= { snAgAclEntry 23 } + +snAgAclComments OBJECT-TYPE + SYNTAX DisplayString + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Remark description of individual ACL entry." + ::= { snAgAclEntry 24 } + +snAgAclIpPriority OBJECT-TYPE + SYNTAX INTEGER(0..3) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "QoS priority option for IP ACL entry." + ::= { snAgAclEntry 25 } + +snAgAclPriorityForce OBJECT-TYPE + SYNTAX INTEGER(0..4) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Force packet outgoing priority. Not defined(4)" + ::= { snAgAclEntry 26 } + +snAgAclPriorityMapping OBJECT-TYPE + SYNTAX INTEGER(0..8) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Map incoming packet priority. Not defined(8)" + ::= { snAgAclEntry 27 } + +snAgAclDscpMarking OBJECT-TYPE + SYNTAX INTEGER(0..64) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Mark packets with given DSCP value. Not defined(64)" + ::= { snAgAclEntry 28 } + +snAgAclDscpMapping OBJECT-TYPE + SYNTAX INTEGER(0..64) + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Map incoming DSCP value. Not defined(64)" + ::= { snAgAclEntry 29 } + +-- +-- Acl Port Table + +snAgAclBindToPortTable OBJECT-TYPE + SYNTAX SEQUENCE OF SnAgAclBindToPortEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "Table of ACL binding to port for router" + ::= { snAgAcl 3 } + +snAgAclBindToPortEntry OBJECT-TYPE + SYNTAX SnAgAclBindToPortEntry + ACCESS not-accessible + STATUS mandatory + DESCRIPTION + "An entry in the ACL-binding-to-port table." + INDEX { + snAgAclPortNum, + snAgAclPortBindDirection + } + ::= { snAgAclBindToPortTable 1 } + +SnAgAclBindToPortEntry ::= SEQUENCE { + snAgAclPortNum + INTEGER, + snAgAclPortBindDirection + Direction, + snAgAclNum + INTEGER, + snAgAclNameString + DisplayString, + snAgBindPortListInVirtualInterface + OCTET STRING, + snAgAclPortRowStatus + SnRowStatus + } + +snAgAclPortNum OBJECT-TYPE + SYNTAX INTEGER + ACCESS read-only + STATUS mandatory + DESCRIPTION + "Binding-to port num, either physical port or virtual interface." + ::= { snAgAclBindToPortEntry 1 } + +snAgAclPortBindDirection OBJECT-TYPE + SYNTAX Direction + ACCESS read-only + STATUS mandatory + DESCRIPTION + "ACL port direction, inbound or outbound" + ::= { snAgAclBindToPortEntry 2 } + +snAgAclNum OBJECT-TYPE + SYNTAX INTEGER + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Defined ACL number" + ::= { snAgAclBindToPortEntry 3 } + +snAgAclNameString OBJECT-TYPE + SYNTAX DisplayString + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Defined ACL name" + ::= { snAgAclBindToPortEntry 4 } + +snAgBindPortListInVirtualInterface OBJECT-TYPE + SYNTAX OCTET STRING + ACCESS read-write + STATUS mandatory + DESCRIPTION + "Port list for binding virtual interface" + ::= { snAgAclBindToPortEntry 5 } + +snAgAclPortRowStatus OBJECT-TYPE + SYNTAX SnRowStatus + ACCESS read-write + STATUS mandatory + DESCRIPTION + "To create or delete a ACL port entry." + ::= { snAgAclBindToPortEntry 6 } + +END |