diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/huawei/HUAWEI-ACL-MIB | |
| download | mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.tar.gz mibs-98a672123c7872f6b9b75a9a2b6bb3aea504de6a.zip | |
Diffstat (limited to 'MIBS/huawei/HUAWEI-ACL-MIB')
| -rw-r--r-- | MIBS/huawei/HUAWEI-ACL-MIB | 4741 |
1 files changed, 4741 insertions, 0 deletions
diff --git a/MIBS/huawei/HUAWEI-ACL-MIB b/MIBS/huawei/HUAWEI-ACL-MIB new file mode 100644 index 0000000..e16a3b6 --- /dev/null +++ b/MIBS/huawei/HUAWEI-ACL-MIB @@ -0,0 +1,4741 @@ +-- ====================================================================
+-- Copyright (C) 2017 by HUAWEI TECHNOLOGIES. All rights reserved.
+--
+-- Description: Huawei Acl MIB Definition
+-- Reference: Huawei Enterprise MIB
+-- Version: V2.20
+-- History:
+-- Version: V2.0
+-- Wang Ning,2002-11-29,Reunification version based on the Fix-Net MIBs
+-- baseline by the MIB Standard community.
+-- Version: V2.1
+-- Yang Hongjie,2003-04-11,Reunification version based on V2.0.
+-- Version: V2.2
+-- Yang Yuhui,2004-05-17,Reunification version based on V2.1.
+-- Version: V2.3
+-- Xu xinjun, 2009-04-13.
+-- 1, Add five new rule tables based on V2.2.
+-- hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable,
+-- hwAclIpv6AdvanceRuleTable, hwAclIpv6NumGroupTable,
+-- hwAclIpv6IfRuleTable.
+-- 2, Change Name-ACL range from [42768..45767] to [42768..59151]
+-- Version: V2.04
+-- wen shuangquan, 2014-01-17.
+-- 1, Add two new rule nodes based on V2.0.3
+-- hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew.
+-- Version: V2.05
+-- wang chengyuan, 2014-03-25.
+-- 1, Add acl resource trap table based on V2.0.4
+-- Version: V2.06
+-- zhang liang, 2014-04-09.
+-- 1, Add acl resource trap table based on V2.0.5
+-- Version: V2.07
+-- zhengfeng, 2014-06-20.
+-- 1, Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd based on V2.0.6
+-- Version: V2.08
+-- zhang liang, 2014-08-05.
+-- 1, Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length on V2.0.7
+-- Version: V2.09
+-- chenyang, 2014-10-28.
+-- 1, Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable, based on V2.0.8
+-- chenyang, 2015-02-07.
+-- 1, Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable, based on V2.0.9
+-- Version: V2.11
+-- suxunjin, 2015-2-27.
+-- 1, Add hwAclUserDestDomainName in hwAclUserRuleTable, Add hwAclDomainNameConfigTable based on V2.10
+-- Version: V2.12
+-- chenyang, 2015-11-27.
+-- 1, Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable, based on V2.11
+-- 2, Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable, based on V2.11
+-- Version: V2.13
+-- mengfanlu, 2015-12-17.
+-- 1, Add hwAclIfDescription in hwAclIfRuleTable, based on V2.12
+-- Version: V2.14
+-- chenyang, 2016-02-24.
+-- 1, Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable, based on V2.13
+-- 2, Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable, based on V2.13
+-- Version: V2.15
+-- chenyang, 2016-05-6.
+-- 1, Add hwAclBasicVrfAny in hwAclBasicRuleTable, based on V2.14
+-- 2, Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable, based on V2.14
+-- 3, Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable, based on V2.14
+-- 4, Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable, based on V2.14
+-- Version: V2.16
+-- qihui, 2016-08-26.
+-- 1, hwAclIpv6NumGroupAclType, add key interface(3), based on V2.15
+-- Version: V2.17
+-- fuzhichao, 2016-12-26.
+-- 1, Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable, based on V2.16
+-- 2, Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable, based on V2.16
+-- 3, Add hwAclIPPool6Table, based on V2.16
+-- Version: V2.18
+-- fuzhichao, 2017-6-6.
+-- 1, Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable, based on V2.17
+-- Version: V2.19
+-- qiujindou, 2017-7-3.
+-- 1, Amend some English descriptions, based on V2.18
+-- ========================================================================
+
+HUAWEI-ACL-MIB DEFINITIONS ::= BEGIN
+
+ IMPORTS
+ huaweiMgmt
+ FROM HUAWEI-MIB
+ OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
+ FROM SNMPv2-CONF
+ IpAddress, Integer32, Unsigned32, Gauge32, Counter32, OBJECT-TYPE, Counter64,
+ MODULE-IDENTITY, NOTIFICATION-TYPE
+ FROM SNMPv2-SMI
+ RowStatus, TruthValue, MacAddress FROM SNMPv2-TC
+ EnabledStatus FROM P-BRIDGE-MIB
+ Ipv6Address FROM IPV6-TC;
+
+ hwAcl MODULE-IDENTITY
+ LAST-UPDATED "201708171200Z" -- Aug 17, 2017 at 15:00 GMT
+ ORGANIZATION "Huawei Technologies Co.,Ltd."
+ CONTACT-INFO
+ "Huawei Industrial Base
+ Bantian, Longgang
+ Shenzhen 518129
+ People's Republic of China
+ Website: http://www.huawei.com
+ Email: support@huawei.com"
+ DESCRIPTION
+ "The HUAWEI-ACL-MIB contains objects to configure ACL module,
+ including ACL group, rule and acl accelerate,
+ and query the current ACL configuration and status.
+ This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable,
+ hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable,
+ hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable,
+ hwAclCompileEnableFlag, hwAclCompileNumGroupTable,
+ hwAclIpv6NumGroupTable and acl trap.
+
+ To filter data packets, a series of rules need to be configured
+ on the device. These rules are defined by ACL (Access Control List),
+ which are a series of sequential rules consisting of rule
+ permit or deny statements. The rules are described by source
+ address, destination address and port number of data packets.
+ ACL classifies data packets through these device interface applied
+ rules, by which the device decides which packets can be received
+ and which should be rejected."
+ REVISION "201708171200Z"
+ DESCRIPTION
+ "modify description of hwAclNumGroupTable and hwAclIpv6NumGroupTable"
+ REVISION "201707031200Z"
+ DESCRIPTION
+ "Amend some English descriptions"
+ REVISION "201706061200Z"
+ DESCRIPTION
+ "Add hwAclIpv6AdvancedVni in hwAclIpv6AdvancedRuleTable"
+ REVISION "201612261200Z"
+ DESCRIPTION
+ "Add hwAclIpv6AdvancedSrcPoolName in hwAclIpv6AdvancedRuleTable
+ Add hwAclIPPoolApplyBGPPeer in hwAclIPPoolTable.
+ Add hwAclIPPool6Table."
+ REVISION "201605061200Z"
+ DESCRIPTION
+ "Add hwAclBasicVrfAny in hwAclBasicRuleTable
+ Add hwAclAdvancedVrfAny in hwAclAdvancedRuleTable.
+ Add hwAclIpv6BasicVrfAny in hwAclIpv6BasicRuleTable.
+ Add hwAclIpv6AdvancedVrfAny in hwAclIpv6AdvancedRuleTable."
+ REVISION "201602241200Z"
+ DESCRIPTION
+ "Add hwAclAdvancedIcmpTypeEnd in hwAclAdvancedRuleTable.
+ Add hwAclIpv6AdvancedIcmpTypeEnd in hwAclIpv6AdvancedRuleTable."
+ REVISION "201512172100Z"
+ DESCRIPTION
+ "Add hwAclIfDescription in hwAclIfRuleTable."
+ REVISION "201511272100Z"
+ DESCRIPTION
+ "Add hwAclAdvancedSrcPortPoolName and hwAclAdvancedDestPortPoolName in hwAclAdvancedRuleTable.
+ Add hwAclIPPoolTable, hwAclIPPoolIPTable, hwAclPortPoolTable and hwAclPortPoolPortTable."
+ REVISION "201502272100Z"
+ DESCRIPTION
+ "Add hwAclUserDestDomainName in hwAclUserRuleTable, and Add hwAclDomainNameConfigTable."
+ REVISION "201502072100Z"
+ DESCRIPTION
+ "Add hwAclAdvancedTcpFlagMask in hwAclAdvancedRuleTable."
+ REVISION "201410282100Z"
+ DESCRIPTION
+ "Add hwAclAdvancedPktLenOp, hwAclAdvancedPktLenBegin and hwAclAdvancedPktLenEnd in hwAclAdvancedRuleTable."
+ REVISION "201406200948Z"
+ DESCRIPTION
+ "Add hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire, hwAclAdvancedTtlExpireEnd in hwAclAdvancedRuleTable."
+ REVISION "201404090948Z"
+ DESCRIPTION
+ "Add hwAclUserSrcUserGroupNum, hwAclUserDstUserGroupNum in hwAclUserRuleTable."
+ REVISION "201403260926Z"
+ DESCRIPTION
+ "Add hwAclResourceTrapsTable."
+ REVISION "201401171338Z"
+ DESCRIPTION
+ "Add hwAclAdvancedProtocolNew, hwAclIpv6AdvancedProtocolNew in hwAclAdvancedRuleTable."
+ REVISION "201311282100Z"
+ DESCRIPTION
+ "Change the range of hwAclNumGroupAclNum in hwAclNumGroupTable, hwAclBasicAclNum in hwAclBasicRuleTable,
+ hwAclAdvancedAclNum in hwAclAdvancedRuleTable, hwAclIfAclNum in hwAclIfRuleTable,
+ hwAclUserAclNum in hwAclUserRuleTable, hwAclIpv6BasicAclNum in hwAclIpv6BasicRuleTable,
+ hwAclIpv6AdvancedAclNum in hwAclIpv6AdvancedRuleTable, hwAclEthernetFrameAclNum in hwAclEthernetFrameRuleTable,
+ hwAclIpv6NumGroupAclNum ihwAclAdvancedSubitemn hwAclIpv6NumGroupTable, hwAclIpv6IfAclNum in hwAclIpv6IfRuleTable, hwAclMplsAclNum in hwAclMplsRuleTable."
+ REVISION "201310281900Z"
+ DESCRIPTION
+ "Add hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName in hwAclAdvancedRuleTable"
+ REVISION "201309050000Z"
+ DESCRIPTION
+ "Add hwAclIpv6BasicSrcMask in hwAclIpv6BasicRuleTable; Add hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask in hwAclIpv6AdvancedRuleTable"
+ REVISION "201408051606Z"
+ DESCRIPTION
+ "Chang hwAclNumGroupAclName in hwAclIpv6NumGroupTable and hwAclIpv6NumGroupAclName in hwAclNumGroupTable value length"
+ REVISION "201608260000Z"
+ DESCRIPTION
+ " hwAclIpv6NumGroupAclType, add key interface(3) "
+ ::= { huaweiMgmt 1 }
+
+ --
+ -- Node definitions
+ --
+
+ -- 1.3.6.1.4.1.2011.5.1.1
+ hwAclMibObjects OBJECT IDENTIFIER ::= { hwAcl 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2
+ hwAclNumGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclNumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description."
+ ::= { hwAclMibObjects 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1
+ hwAclNumGroupEntry OBJECT-TYPE
+ SYNTAX HwAclNumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing characters of an acl group "
+ INDEX { hwAclNumGroupAclNum }
+ ::= { hwAclNumGroupTable 1 }
+
+ HwAclNumGroupEntry ::=
+ SEQUENCE {
+ hwAclNumGroupAclNum
+ Integer32,
+ hwAclNumGroupMatchOrder
+ INTEGER,
+ hwAclNumGroupSubitemNum
+ Counter32,
+ hwAclNumGroupStep
+ Integer32,
+ hwAclNumGroupDescription
+ OCTET STRING,
+ hwAclNumGroupCountClear
+ INTEGER,
+ hwAclNumGroupRowStatus
+ RowStatus,
+ hwAclNumGroupAclName
+ OCTET STRING,
+ hwAclNumGroupAclType
+ INTEGER
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.1
+ hwAclNumGroupAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of acl group, identifying an ACL.
+ The object specifies the range of an ACL number.
+ The basic ACL is represented by the number
+ in the range 2000 through 2999. The advanced ACL is
+ represented by the number in the range 3000 through
+ 3999. The interface-based ACL is represented by the
+ number in the range 1000 to 1999. The User Defined ACL is
+ represented by the number in the range 5000 through
+ 5999. The User ACL is represented by the number in the range 6000 through
+ 9999. The Mpls ACL is represented by the number in the range 10000 through
+ 10999. The name ACL is represented by the number
+ in the range 42768 through 76535."
+ ::= { hwAclNumGroupEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.2
+ hwAclNumGroupMatchOrder OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ config(1),
+ auto(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the match order of rules.
+ 'config' means matching ACL rules in the configuration sequence,
+ 'auto' means the ACL rules are matched following the 'Depth-first' principle."
+ DEFVAL { config }
+ ::= { hwAclNumGroupEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.3
+ hwAclNumGroupSubitemNum OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of the rules in the acl group."
+ ::= { hwAclNumGroupEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.4
+ hwAclNumGroupStep OBJECT-TYPE
+ SYNTAX Integer32 (1..20)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the step value of number acl.
+ Step here refers to the difference between each ID.
+ For instance, given the step is set to 5,
+ the IDs are the multiples of 5 beginning with 5.
+ The ACL IDs change along with the step. When the step is 5,
+ the ACL IDs are 5, 10, and 15 and so on.
+ However, when the step is set to 2, the IDs turn to 2, 4,
+ and 6 and so on."
+ ::= { hwAclNumGroupEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.5
+ hwAclNumGroupDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the description of a rule group.
+ The description length cannot exceed 127 characters."
+ ::= { hwAclNumGroupEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.6
+ hwAclNumGroupCountClear OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ cleared(1),
+ notUsed(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies whether to clear up the count of rule groups.
+ The value can be:
+ cleared(1)
+ notUsed(2)
+ This field is effective only when you perform the Set operation to this object."
+ ::= { hwAclNumGroupEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.7
+ hwAclNumGroupRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three value:CreateAndGo,Active,Destroy."
+ ::= { hwAclNumGroupEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.8
+ hwAclNumGroupAclName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..64))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the name of an acl group,
+ The first character must be start with a to z or A to Z,
+ and the length cannot exceed 64 character."
+ ::= { hwAclNumGroupEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.2.1.9
+ hwAclNumGroupAclType OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ basic(1),
+ advanced(2),
+ link(3),
+ user(4),
+ interface(5),
+ mpls(6),
+ mac(7),
+ ucl(8)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The type of ACL group."
+ ::= { hwAclNumGroupEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4
+ hwAclBasicRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclBasicRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for basic acl group."
+ ::= { hwAclMibObjects 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1
+ hwAclBasicRuleEntry OBJECT-TYPE
+ SYNTAX HwAclBasicRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a rule of basic acl."
+ INDEX { hwAclBasicAclNum, hwAclBasicSubitem }
+ ::= { hwAclBasicRuleTable 1 }
+
+ HwAclBasicRuleEntry ::=
+ SEQUENCE {
+ hwAclBasicAclNum
+ Integer32,
+ hwAclBasicSubitem
+ Unsigned32,
+ hwAclBasicAct
+ INTEGER,
+ hwAclBasicSrcIp
+ IpAddress,
+ hwAclBasicSrcWild
+ IpAddress,
+ hwAclBasicTimeRangeIndex
+ Integer32,
+ hwAclBasicFragments
+ INTEGER,
+ hwAclBasicLog
+ TruthValue,
+ hwAclBasicEnable
+ TruthValue,
+ hwAclBasicCount
+ Counter64,
+ hwAclBasicVrfName
+ OCTET STRING,
+ hwAclBasicRowStatus
+ RowStatus,
+ hwAclBasicVrfAny
+ TruthValue,
+ hwAclBasicDescription
+ OCTET STRING
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.1
+ hwAclBasicAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 )."
+ ::= { hwAclBasicRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.2
+ hwAclBasicSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The objects specifies the number of an ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ by step automatically;otherwise,this rule will not be created."
+ ::= { hwAclBasicRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.3
+ hwAclBasicAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of a basic acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclBasicRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.4
+ hwAclBasicSrcIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IP-address of a basic acl rule."
+ ::= { hwAclBasicRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.5
+ hwAclBasicSrcWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the wildcard mask of the source IP address.
+ The value ranges from 0.0.0.0 to 255.255.255.255."
+ ::= { hwAclBasicRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.6
+ hwAclBasicTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the index of a time range of an ACL rule.
+ The value ranges from 0 to 256.
+ The value 0 is invalid, indicating that no time range is specified for the rule."
+ ::= { hwAclBasicRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.7
+ hwAclBasicFragments OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ fragmentSubseq(0),
+ fragment(1),
+ nonFragment(2),
+ nonSubseq(3),
+ fragmentSpeFirst(4),
+ none(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of the packet.
+ 0: fragmentSubseq, indicating that the packet is a subsequent fragment
+ 1: fragment, indicating that the packet is a fragment
+ 2: nonFragment, indicating that the packet is not a fragment
+ 3: nonSubseq, indicating that the packet is not a subsequent fragment
+ 4: fragmentSpeFirst, indicating that the packet is the first fragment
+ 255: none, invalid value
+ This object cannot be modified once a rule is created."
+ ::= { hwAclBasicRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.8
+ hwAclBasicLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets.
+ The log contents include sequence number of ACL rule, packets passed
+ or discarded, upper layer protocol type over IP, source/destination
+ address, source/destination port number, and number of packets."
+ ::= { hwAclBasicRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.9
+ hwAclBasicEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclBasicRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.10
+ hwAclBasicCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the rule."
+ ::= { hwAclBasicRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.11
+ hwAclBasicVrfName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..31))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates an VPN instance.
+ The length of a VPN instance name cannot exceed 31 characters."
+ ::= { hwAclBasicRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.12
+ hwAclBasicRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three value:CreateAndGo,Active and Destroy."
+ ::= { hwAclBasicRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.13
+ hwAclBasicDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this basic rule.
+ The object describes the usage of an ACL with a word or a sentence."
+ ::= { hwAclBasicRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.14
+ hwAclBasicVrfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any VPN-instance."
+ ::= { hwAclBasicRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5
+ hwAclAdvancedRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclAdvancedRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for advanced acl group."
+ ::= { hwAclMibObjects 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1
+ hwAclAdvancedRuleEntry OBJECT-TYPE
+ SYNTAX HwAclAdvancedRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of advanced acl group."
+ INDEX { hwAclAdvancedAclNum, hwAclAdvancedSubitem }
+ ::= { hwAclAdvancedRuleTable 1 }
+
+ HwAclAdvancedRuleEntry ::=
+ SEQUENCE {
+ hwAclAdvancedAclNum
+ Integer32,
+ hwAclAdvancedSubitem
+ Unsigned32,
+ hwAclAdvancedAct
+ INTEGER,
+ hwAclAdvancedProtocol
+ Integer32,
+ hwAclAdvancedSrcIp
+ IpAddress,
+ hwAclAdvancedSrcWild
+ IpAddress,
+ hwAclAdvancedSrcOp
+ INTEGER,
+ hwAclAdvancedSrcPort1
+ Integer32,
+ hwAclAdvancedSrcPort2
+ Integer32,
+ hwAclAdvancedDestIp
+ IpAddress,
+ hwAclAdvancedDestWild
+ IpAddress,
+ hwAclAdvancedDestOp
+ INTEGER,
+ hwAclAdvancedDestPort1
+ Integer32,
+ hwAclAdvancedDestPort2
+ Integer32,
+ hwAclAdvancedPrecedence
+ Integer32,
+ hwAclAdvancedTos
+ Integer32,
+ hwAclAdvancedDscp
+ Integer32,
+ hwAclAdvancedEstablish
+ TruthValue,
+ hwAclAdvancedTimeRangeIndex
+ Integer32,
+ hwAclAdvancedIcmpType
+ Integer32,
+ hwAclAdvancedIcmpCode
+ Integer32,
+ hwAclAdvancedFragments
+ INTEGER,
+ hwAclAdvancedLog
+ TruthValue,
+ hwAclAdvancedEnable
+ TruthValue,
+ hwAclAdvancedCount
+ Counter64,
+ hwAclAdvancedVrfName
+ OCTET STRING,
+ hwAclAdvancedRowStatus
+ RowStatus,
+ hwAclAdvancedTcpSyncFlag
+ Integer32,
+ hwAclAdvancedDescription
+ OCTET STRING,
+ hwAclAdvancedSrcPoolName
+ OCTET STRING,
+ hwAclAdvancedDestPoolName
+ OCTET STRING,
+ hwAclAdvancedProtocolNew
+ Integer32,
+ hwAclAdvancedVni
+ Integer32,
+ hwAclAdvancedIgmpType
+ Integer32,
+ hwAclAdvancedTtlOp
+ INTEGER,
+ hwAclAdvancedTtlExpire
+ Integer32,
+ hwAclAdvancedTtlExpireEnd
+ Integer32,
+ hwAclAdvancedPktLenOp
+ INTEGER,
+ hwAclAdvancedPktLenBegin
+ Integer32,
+ hwAclAdvancedPktLenEnd
+ Integer32,
+ hwAclAdvancedTcpFlagMask
+ Integer32,
+ hwAclAdvancedSrcPortPoolName
+ OCTET STRING,
+ hwAclAdvancedDestPortPoolName
+ OCTET STRING,
+ hwAclAdvancedIcmpTypeEnd
+ Integer32,
+ hwAclAdvancedVrfAny
+ TruthValue
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.1
+ hwAclAdvancedAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535)."
+ ::= { hwAclAdvancedRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.2
+ hwAclAdvancedSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an advanced ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ by step automatically;otherwise,this rule will not be created."
+ ::= { hwAclAdvancedRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.3
+ hwAclAdvancedAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an advanced acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclAdvancedRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.4
+ hwAclAdvancedProtocol OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the number of the protocol over IP.
+ The value ranges from 0 to 255. The value 0 indicates the IP protocol."
+ ::= { hwAclAdvancedRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.5
+ hwAclAdvancedSrcIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the source IP address.
+ The value ranges from 0.0.0.0 to 255.255.255.255."
+ ::= { hwAclAdvancedRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.6
+ hwAclAdvancedSrcWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the wildcard mask of the source IP address.
+ The value ranges from 0.0.0.0 to 255.255.255.255."
+ ::= { hwAclAdvancedRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.7
+ hwAclAdvancedSrcOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source Port operation symbol of an advanced acl
+ rule. It compares the port operators of source address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclAdvancedRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.8
+ hwAclAdvancedSrcPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the end source port number."
+ ::= { hwAclAdvancedRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.9
+ hwAclAdvancedSrcPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the start source port number."
+ ::= { hwAclAdvancedRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.10
+ hwAclAdvancedDestIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the destination IP address.
+ The value ranges from 0.0.0.0 to 255.255.255.255."
+ ::= { hwAclAdvancedRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.11
+ hwAclAdvancedDestWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the mask of the destination IP address.
+ The value ranges from 0.0.0.0 to 255.255.255.255."
+ ::= { hwAclAdvancedRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.12
+ hwAclAdvancedDestOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination Port operation symbol of an advanced
+ acl group. It compares the port operators of destination address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclAdvancedRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.13
+ hwAclAdvancedDestPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the end destination port number."
+ ::= { hwAclAdvancedRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.14
+ hwAclAdvancedDestPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the start destination port number."
+ ::= { hwAclAdvancedRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.15
+ hwAclAdvancedPrecedence OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the precedence sub-field.
+ It is the higher three bits of the ToS field in an IP header.
+ The value ranges from 0 to 7."
+ ::= { hwAclAdvancedRuleEntry 15 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.16
+ hwAclAdvancedTos OBJECT-TYPE
+ SYNTAX Integer32 (0..15|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the ToS sub-field.
+ This field covers four bits after the higher three bits of the ToS field in an IP header.
+ The value ranges from 0 to 15."
+ ::= { hwAclAdvancedRuleEntry 16 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.17
+ hwAclAdvancedDscp OBJECT-TYPE
+ SYNTAX Integer32 (0..63|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the higher six bits of the ToS field in an IP header.
+ The value ranges from 0 to 63."
+ ::= { hwAclAdvancedRuleEntry 17 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.18
+ hwAclAdvancedEstablish OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not establishing."
+ DEFVAL { false }
+ ::= { hwAclAdvancedRuleEntry 18 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.19
+ hwAclAdvancedTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the time range of an advanced acl rule.
+ When the current time is in the time range, the rule is valid.
+ Zero value declares that the acl rule has no time range.The
+ invalid value is 0."
+ ::= { hwAclAdvancedRuleEntry 19 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.20
+ hwAclAdvancedIcmpType OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of ICMP packet.
+ It filters ICMP packets according to the ICMP message type.
+ The invalid value is 65535."
+ ::= { hwAclAdvancedRuleEntry 20 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.21
+ hwAclAdvancedIcmpCode OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the code of ICMP packet.
+ It filters ICMP packets according to the message code.
+ The invalid value is 65535."
+ ::= { hwAclAdvancedRuleEntry 21 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.22
+ hwAclAdvancedFragments OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ fragmentSubseq(0),
+ fragment(1),
+ nonFragment(2),
+ nonSubseq(3),
+ fragmentSpeFirst(4),
+ none(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of the packet.
+ 0: fragmentSubseq, indicating that the packet is a subsequent fragment
+ 1: fragment, indicating that the packet is a fragment
+ 2: nonFragment, indicating that the packet is not a fragment
+ 3: nonSubseq, indicating that the packet is not a subsequent fragment
+ 4: fragmentSpeFirst, indicating that the packet is the first fragment
+ 255: none, invalid value
+ This object cannot be modified once a rule is created."
+ ::= { hwAclAdvancedRuleEntry 22 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.23
+ hwAclAdvancedLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets. The log
+ contents include sequence number of ACL rule,
+ packets passed or discarded, upper layer protocol type over IP,
+ source/destination address, source/destination port number,
+ and number of packets"
+ ::= { hwAclAdvancedRuleEntry 23 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.24
+ hwAclAdvancedEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclAdvancedRuleEntry 24 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.25
+ hwAclAdvancedCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the rule."
+ ::= { hwAclAdvancedRuleEntry 25 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.26
+ hwAclAdvancedVrfName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..31))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the VRF name of this rule,
+ It specifies the VPN-instance to which the packet belongs."
+ ::= { hwAclAdvancedRuleEntry 26 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.27
+ hwAclAdvancedRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclAdvancedRuleEntry 27 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.28
+ hwAclAdvancedTcpSyncFlag OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the code of TCP Sync flag(0~63),
+ The invalid value is -1."
+ ::= { hwAclAdvancedRuleEntry 28 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.29
+ hwAclAdvancedDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this advanced rule.
+ The object describes the usage of an ACL with a word or a sentence."
+ ::= { hwAclAdvancedRuleEntry 29 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.30
+ hwAclAdvancedSrcPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source pool name."
+ ::= { hwAclAdvancedRuleEntry 30 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.31
+ hwAclAdvancedDestPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination pool name."
+ ::= { hwAclAdvancedRuleEntry 31 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.32
+ hwAclAdvancedProtocolNew OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the protocol type of the rule.
+ It specifies the protocol type over IP.The number of IP protocol is 65535."
+ ::= { hwAclAdvancedRuleEntry 32 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.33
+ hwAclAdvancedVni OBJECT-TYPE
+ SYNTAX Integer32 (0..16777215)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ID of VXLAN,
+ The invalid value is 0."
+ ::= { hwAclAdvancedRuleEntry 33 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.34
+ hwAclAdvancedIgmpType OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of igmp,
+ The invalid value is 65535."
+ ::= { hwAclAdvancedRuleEntry 34 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.35
+ hwAclAdvancedTtlOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ttl operation symbol of an advanced acl
+ rule.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclAdvancedRuleEntry 35 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.36
+ hwAclAdvancedTtlExpire OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin ttl value.
+ The invalid value is 0."
+ ::= { hwAclAdvancedRuleEntry 36 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.37
+ hwAclAdvancedTtlExpireEnd OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end ttl value.
+ The invalid value is 0."
+ ::= { hwAclAdvancedRuleEntry 37 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.38
+ hwAclAdvancedPktLenOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the packet length operation symbol of an advanced acl
+ rule.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclAdvancedRuleEntry 38 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.39
+ hwAclAdvancedPktLenBegin OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin packet length value."
+ ::= { hwAclAdvancedRuleEntry 39 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.40
+ hwAclAdvancedPktLenEnd OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end packet length value."
+ ::= { hwAclAdvancedRuleEntry 40 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.41
+ hwAclAdvancedTcpFlagMask OBJECT-TYPE
+ SYNTAX Integer32 (0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the mask of tcp-flag.
+ The invalid value is 0."
+ ::= { hwAclAdvancedRuleEntry 41 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.42
+ hwAclAdvancedSrcPortPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source port pool name."
+ ::= { hwAclAdvancedRuleEntry 42 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.43
+ hwAclAdvancedDestPortPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination port pool name."
+ ::= { hwAclAdvancedRuleEntry 43 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.44
+ hwAclAdvancedIcmpTypeEnd OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the ICMP message type.
+ The value ranges from 0 to 255. The value 65535 is invalid.
+ This object is used together with hwAclAdvancedIcmpType to indicate the value range of the ICMP message type."
+ ::= { hwAclAdvancedRuleEntry 44 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.5.1.45
+ hwAclAdvancedVrfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any VPN-instance."
+ ::= { hwAclAdvancedRuleEntry 45 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6
+ hwAclIfRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIfRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for interface-based acl group."
+ ::= { hwAclMibObjects 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1
+ hwAclIfRuleEntry OBJECT-TYPE
+ SYNTAX HwAclIfRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of interface-based acl group."
+ INDEX { hwAclIfAclNum, hwAclIfSubitem }
+ ::= { hwAclIfRuleTable 1 }
+
+ HwAclIfRuleEntry ::=
+ SEQUENCE {
+ hwAclIfAclNum
+ Integer32,
+ hwAclIfSubitem
+ Unsigned32,
+ hwAclIfAct
+ INTEGER,
+ hwAclIfIndex
+ Integer32,
+ hwAclIfAny
+ TruthValue,
+ hwAclIfTimeRangeIndex
+ Integer32,
+ hwAclIfLog
+ TruthValue,
+ hwAclIfEnable
+ TruthValue,
+ hwAclIfCount
+ Counter64,
+ hwAclIfRowStatus
+ RowStatus,
+ hwAclIfDescription
+ OCTET STRING
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.1
+ hwAclIfAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of interface-based acl group, the index range is (1000..1999 | 42768..76535)."
+ ::= { hwAclIfRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.2
+ hwAclIfSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ by step automatically;otherwise,this rule will not be created."
+ ::= { hwAclIfRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.3
+ hwAclIfAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an interface-based acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclIfRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.4
+ hwAclIfIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the index of an interface.
+ It specifies the interface information of the packets.The invalid
+ interface index is 0."
+ ::= { hwAclIfRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.5
+ hwAclIfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any interface."
+ ::= { hwAclIfRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.6
+ hwAclIfTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the index of the time
+ range during which an ACL rule can be applied. When the current
+ time is in the time range, the rule is valid. The value 0 is
+ invalid, indicating that no time range is specified for the rule.
+ The value ranges from 0 to 256."
+ ::= { hwAclIfRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.7
+ hwAclIfLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets.
+ The log contents include sequence number of ACL rule,
+ packets passed or discarded, upper layer protocol type over IP,
+ source/destination address, source/destination port number,
+ and number of packets."
+ ::= { hwAclIfRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.8
+ hwAclIfEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclIfRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.9
+ hwAclIfCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the rule."
+ ::= { hwAclIfRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.11
+ hwAclIfRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus,Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclIfRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.6.1.12
+ hwAclIfDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this if rule.
+ The object describes the usage of an ACL with a word or a sentence."
+ ::= { hwAclIfRuleEntry 12 }
+
+ --user acl
+ -- 1.3.6.1.4.1.2011.5.1.1.7
+ hwAclUserRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclUserRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for user acl group."
+ ::= { hwAclMibObjects 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1
+ hwAclUserRuleEntry OBJECT-TYPE
+ SYNTAX HwAclUserRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of user acl group."
+ INDEX { hwAclUserAclNum, hwAclUserSubitem }
+ ::= { hwAclUserRuleTable 1 }
+
+ HwAclUserRuleEntry ::=
+ SEQUENCE {
+ hwAclUserAclNum
+ Integer32,
+ hwAclUserSubitem
+ Unsigned32,
+ hwAclUserAct
+ INTEGER,
+ hwAclUserProtocol
+ Integer32,
+ hwAclUserSrcIp
+ IpAddress,
+ hwAclUserSrcWild
+ IpAddress,
+ hwAclUserSrcOp
+ INTEGER,
+ hwAclUserSrcPort1
+ Integer32,
+ hwAclUserSrcPort2
+ Integer32,
+ hwAclUserDestIp
+ IpAddress,
+ hwAclUserDestWild
+ IpAddress,
+ hwAclUserDestOp
+ INTEGER,
+ hwAclUserDestPort1
+ Integer32,
+ hwAclUserDestPort2
+ Integer32,
+ hwAclUserPrecedence
+ Integer32,
+ hwAclUserTos
+ Integer32,
+ hwAclUserDscp
+ Integer32,
+ hwAclUserEstablish
+ TruthValue,
+ hwAclUserTimeRangeIndex
+ Integer32,
+ hwAclUserIcmpType
+ Integer32,
+ hwAclUserIcmpCode
+ Integer32,
+ hwAclUserFragments
+ TruthValue,
+ hwAclUserLog
+ TruthValue,
+ hwAclUserEnable
+ TruthValue,
+ hwAclUserCount
+ Counter32,
+ hwAclUserVrfName
+ OCTET STRING,
+ hwAclUserSrcUserGroupName
+ OCTET STRING,
+ hwAclUserDestUserGroupName
+ OCTET STRING,
+ hwAclUserSrcModeType
+ Integer32,
+ hwAclUserDestModeType
+ Integer32,
+ hwAclUserRowStatus
+ RowStatus,
+ hwAclUserTcpSyncFlag
+ Integer32,
+ hwAclUserSrcUserGroupNum
+ Integer32,
+ hwAclUserDestUserGroupNum
+ Integer32 ,
+ hwAclUserDestDomainName
+ OCTET STRING
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.1
+ hwAclUserAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of user acl table, the index range is (6000..9999)."
+ ::= { hwAclUserRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.2
+ hwAclUserSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an User ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle"
+ ::= { hwAclUserRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.3
+ hwAclUserAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an User acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclUserRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.4
+ hwAclUserProtocol OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the protocol type of the rule.
+ It specifies the protocol type over IP.The number of IP protocol is 0."
+ ::= { hwAclUserRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.5
+ hwAclUserSrcIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IP-address of an User acl rule."
+ ::= { hwAclUserRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.6
+ hwAclUserSrcWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IP-address wild of an User acl rule."
+ ::= { hwAclUserRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.7
+ hwAclUserSrcOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source Port operation symbol of an User acl
+ rule. It compares the port operators of source address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclUserRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.8
+ hwAclUserSrcPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the fourth layer sourec port 1.
+ It specifies the source port information of UDP or TCP packets."
+ ::= { hwAclUserRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.9
+ hwAclUserSrcPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the fourth layer source port2."
+ ::= { hwAclUserRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.10
+ hwAclUserDestIp OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination IP-address of an User acl rule."
+ ::= { hwAclUserRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.11
+ hwAclUserDestWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination IP-address wild of an User acl rule."
+ ::= { hwAclUserRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.12
+ hwAclUserDestOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ invalid(0),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination Port operation symbol of an User
+ acl group. It compares the port operators of destination address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclUserRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.13
+ hwAclUserDestPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the fourth layer destination port1."
+ ::= { hwAclUserRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.14
+ hwAclUserDestPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the fourth layer destination port2."
+ ::= { hwAclUserRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.15
+ hwAclUserPrecedence OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the value of IP-packet's precedence,
+ It filters packets according to precedence field.The invalid
+ value is 255."
+ ::= { hwAclUserRuleEntry 15 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.16
+ hwAclUserTos OBJECT-TYPE
+ SYNTAX Integer32 (0..15|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the value of IP-packet's TOS,
+ It filters packets according to type of service.The invalid
+ value is 255."
+ ::= { hwAclUserRuleEntry 16 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.17
+ hwAclUserDscp OBJECT-TYPE
+ SYNTAX Integer32 (0..63|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the value of frame.The invalid
+ value is 255."
+ ::= { hwAclUserRuleEntry 17 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.18
+ hwAclUserEstablish OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not establishing."
+ DEFVAL { false }
+ ::= { hwAclUserRuleEntry 18 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.19
+ hwAclUserTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the time range of an User acl rule.
+ When the current time is in the time range, the rule is valid.
+ Zero value declares that the acl rule has no time range.The
+ invalid value is 0."
+ ::= { hwAclUserRuleEntry 19 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.20
+ hwAclUserIcmpType OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of ICMP packet.
+ It filters ICMP packets according to the ICMP message type.
+ The invalid value is 65535."
+ ::= { hwAclUserRuleEntry 20 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.21
+ hwAclUserIcmpCode OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the code of ICMP packet.
+ It filters ICMP packets according to the message code.
+ The invalid value is 65535."
+ ::= { hwAclUserRuleEntry 21 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.22
+ hwAclUserFragments OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching fragmented packet,
+ It specifies that this rule is only valid for
+ the non-first fragment packets."
+ ::= { hwAclUserRuleEntry 22 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.23
+ hwAclUserLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets. The log
+ contents include sequence number of ACL rule,
+ packets passed or discarded, upper layer protocol type over IP,
+ source/destination address, source/destination port number,
+ and number of packets"
+ ::= { hwAclUserRuleEntry 23 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.24
+ hwAclUserEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclUserRuleEntry 24 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.25
+ hwAclUserCount OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the rule."
+ ::= { hwAclUserRuleEntry 25 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.26
+ hwAclUserVrfName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the VRF name of this rule,
+ It specifies the VPN-instance to which the packet belongs."
+ ::= { hwAclUserRuleEntry 26 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.27
+ hwAclUserSrcUserGroupName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source user group name of this rule.
+ if modetype source is user, null sting means any user"
+ ::= { hwAclUserRuleEntry 27 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.28
+ hwAclUserDestUserGroupName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination user group name of this rule.
+ if modetype destination is user, null sting means any user"
+ ::= { hwAclUserRuleEntry 28 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.29
+ hwAclUserSrcModeType OBJECT-TYPE
+ SYNTAX Integer32 (0..4)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates ACL's mode type,
+ Now support four state
+ 0 Any match rule from any user group or any ip subnet,
+ 1 NetAny match rule from any ip subnet,
+ 2 UserAny match rule from any user group,
+ 3 Net match rule from an ip subnet,
+ 4 User match rule from a user group"
+ ::= { hwAclUserRuleEntry 29 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.30
+ hwAclUserDestModeType OBJECT-TYPE
+ SYNTAX Integer32 (0..6)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates ACL's mode type,
+ Now support four state
+ 0 Any match rule from any user group or any ip subnet or any doamin name,
+ 1 NetAny match rule from any ip subnet,
+ 2 UserAny match rule from any user group,
+ 3 Net match rule from an ip subnet,
+ 4 User match rule from a user group,
+ 5 domain match rule from a domain name,
+ 6 domainAny match rule from any doamin name"
+ ::= { hwAclUserRuleEntry 30 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.31
+ hwAclUserRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclUserRuleEntry 31 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.32
+ hwAclUserTcpSyncFlag OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the code of TCP Sync flag(0~63),
+ The invalid value is -1."
+ ::= { hwAclUserRuleEntry 32 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.33
+ hwAclUserSrcUserGroupNum OBJECT-TYPE
+ SYNTAX Integer32 (0..64000|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source user group num of this rule.
+ if modetype source is user, null sting means any user"
+ ::= { hwAclUserRuleEntry 33 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.7.1.34
+ hwAclUserDestUserGroupNum OBJECT-TYPE
+ SYNTAX Integer32 (0..64000|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination user group name of this rule.
+ if modetype destination is user, null sting means any user"
+ ::= { hwAclUserRuleEntry 34 }
+
+ hwAclUserDestDomainName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (3..127))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination domain name of this rule.
+ if modetype destination is domain, null sting means any domain."
+ ::= { hwAclUserRuleEntry 35 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.10
+ hwAclCompileEnableFlag OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether acl compiler is enabled. when acl compiler
+ is enabled, and ACL accelerate function is enabled, then matching packets
+ by rule is efficient."
+ ::= { hwAclMibObjects 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.11
+ hwAclCompileNumGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclCompileNumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The ACL compiler table extending the Acl-number-group table"
+ ::= { hwAclMibObjects 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.11.1
+ hwAclCompileNumGroupEntry OBJECT-TYPE
+ SYNTAX HwAclCompileNumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The entry of Acl-number-group compiler extended table"
+ AUGMENTS { hwAclNumGroupEntry }
+ ::= { hwAclCompileNumGroupTable 1 }
+
+ HwAclCompileNumGroupEntry ::=
+ SEQUENCE {
+ hwAclCompileNumGroupStatus
+ INTEGER
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.11.1.1
+ hwAclCompileNumGroupStatus OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ notCompile(1),
+ compiled(2),
+ changeAfterCompile(3)
+ }
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "The object indicates the status of Acl-number-group compiler.
+ 'notCompile' means acl accelerate function is disabled,
+ 'compiled' means acl accelerate function is enabled,
+ 'changeAfterCompile' means acl is changed after compiled."
+ DEFVAL { notCompile }
+ ::= { hwAclCompileNumGroupEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12
+ hwAclIpv6BasicRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIpv6BasicRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for ipv6 basic acl group."
+ ::= { hwAclMibObjects 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1
+ hwAclIpv6BasicRuleEntry OBJECT-TYPE
+ SYNTAX HwAclIpv6BasicRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a rule of ipv6 basic acl."
+ INDEX { hwAclIpv6BasicAclNum, hwAclIpv6BasicSubitem }
+ ::= { hwAclIpv6BasicRuleTable 1 }
+
+ HwAclIpv6BasicRuleEntry ::=
+ SEQUENCE {
+ hwAclIpv6BasicAclNum
+ Integer32,
+ hwAclIpv6BasicSubitem
+ Unsigned32,
+ hwAclIpv6BasicAct
+ INTEGER,
+ hwAclIpv6BasicSrcIp
+ Ipv6Address,
+ hwAclIpv6BasicSrcPrefix
+ Integer32,
+ hwAclIpv6BasicTimeRangeIndex
+ Integer32,
+ hwAclIpv6BasicFragment
+ INTEGER,
+ hwAclIpv6BasicLog
+ TruthValue,
+ hwAclIpv6BasicEnable
+ EnabledStatus,
+ hwAclIpv6BasicCount
+ Counter64,
+ hwAclIpv6BasicVrfName
+ OCTET STRING,
+ hwAclIpv6BasicRowStatus
+ RowStatus,
+ hwAclIpv6BasicDescription
+ OCTET STRING,
+ hwAclIpv6BasicSrcMask
+ Ipv6Address,
+ hwAclIpv6BasicVrfAny
+ TruthValue
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.1
+ hwAclIpv6BasicAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535)."
+ ::= { hwAclIpv6BasicRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.4.1.2
+ hwAclIpv6BasicSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The objects specifies the number of an ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ automatically; otherwise, this rule will not be created."
+ ::= { hwAclIpv6BasicRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.3
+ hwAclIpv6BasicAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of a ipv6 basic acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclIpv6BasicRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.4
+ hwAclIpv6BasicSrcIp OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IPv6-address of a ipv6 basic acl rule."
+ ::= { hwAclIpv6BasicRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.5
+ hwAclIpv6BasicSrcPrefix OBJECT-TYPE
+ SYNTAX Integer32 (0..128)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the mask length of the source IPv6 address.
+ The value ranges from 0 to 128."
+ ::= { hwAclIpv6BasicRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.6
+ hwAclIpv6BasicTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the index of the time range during which an
+ ACL6 rule can be applied.The value ranges from 0 to 256.The value 0 is invalid,
+ indicating that no time range is specified for the rule."
+ ::= { hwAclIpv6BasicRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.7
+ hwAclIpv6BasicFragment OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ fragmentSubseq(0),
+ fragment(1),
+ none(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of the packet.
+ 1: fragment, indicating that the packet is a fragment
+ 255: none, invalid value
+ This object cannot be modified once a rule is created."
+ ::= { hwAclIpv6BasicRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.8
+ hwAclIpv6BasicLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets.
+ The log contents include sequence number of ACL rule, packets passed
+ or discarded, upper layer protocol type over IP, source/destination
+ address, source/destination port number, and number of packets."
+ ::= { hwAclIpv6BasicRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.9
+ hwAclIpv6BasicEnable OBJECT-TYPE
+ SYNTAX EnabledStatus
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclIpv6BasicRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.10
+ hwAclIpv6BasicCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of matched packets by a rule. A maximum
+ of 64 bits are supported."
+ ::= { hwAclIpv6BasicRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.11
+ hwAclIpv6BasicVrfName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..31))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates a VPN instance. The length of a VPN instance name cannot exceed 31 characters."
+ ::= { hwAclIpv6BasicRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.12
+ hwAclIpv6BasicRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three value: CreateAndGo, Active and Destroy."
+ ::= { hwAclIpv6BasicRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.13
+ hwAclIpv6BasicDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this IPv6 basic rule.
+ The object describes the usage of an IPv6 ACL with a word or a sentence."
+ ::= { hwAclIpv6BasicRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.14
+ hwAclIpv6BasicSrcMask OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive."
+ ::= { hwAclIpv6BasicRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.12.1.15
+ hwAclIpv6BasicVrfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any VPN-instance."
+ ::= { hwAclIpv6BasicRuleEntry 15 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13
+ hwAclIpv6AdvancedRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIpv6AdvancedRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for ipv6 advanced acl group."
+ ::= { hwAclMibObjects 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1
+ hwAclIpv6AdvancedRuleEntry OBJECT-TYPE
+ SYNTAX HwAclIpv6AdvancedRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of ipv6 advanced acl group."
+ INDEX { hwAclIpv6AdvancedAclNum, hwAclIpv6AdvancedSubitem }
+ ::= { hwAclIpv6AdvancedRuleTable 1 }
+
+ HwAclIpv6AdvancedRuleEntry ::=
+ SEQUENCE {
+ hwAclIpv6AdvancedAclNum
+ Integer32,
+ hwAclIpv6AdvancedSubitem
+ Unsigned32,
+ hwAclIpv6AdvancedAct
+ INTEGER,
+ hwAclIpv6AdvancedProtocol
+ Integer32,
+ hwAclIpv6AdvancedSrcIp
+ Ipv6Address,
+ hwAclIpv6AdvancedSrcPrefix
+ Integer32,
+ hwAclIpv6AdvancedSrcOp
+ INTEGER,
+ hwAclIpv6AdvancedSrcPort1
+ Integer32,
+ hwAclIpv6AdvancedSrcPort2
+ Integer32,
+ hwAclIpv6AdvancedDestIp
+ Ipv6Address,
+ hwAclIpv6AdvancedDestPrefix
+ Integer32,
+ hwAclIpv6AdvancedDestOp
+ INTEGER,
+ hwAclIpv6AdvancedDestPort1
+ Integer32,
+ hwAclIpv6AdvancedDestPort2
+ Integer32,
+ hwAclIpv6AdvancedPrecedence
+ Integer32,
+ hwAclIpv6AdvancedTos
+ Integer32,
+ hwAclIpv6AdvancedDscp
+ Integer32,
+ hwAclIpv6AdvancedEstablish
+ TruthValue,
+ hwAclIpv6AdvancedTimeRangeIndex
+ Integer32,
+ hwAclIpv6AdvancedIcmpType
+ Integer32,
+ hwAclIpv6AdvancedIcmpCode
+ Integer32,
+ hwAclIpv6AdvancedFragment
+ INTEGER,
+ hwAclIpv6AdvancedLog
+ TruthValue,
+ hwAclIpv6AdvancedEnable
+ EnabledStatus,
+ hwAclIpv6AdvancedCount
+ Counter64,
+ hwAclIpv6AdvancedVrfName
+ OCTET STRING,
+ hwAclIpv6AdvancedRowStatus
+ RowStatus,
+ hwAclIpv6AdvancedDescription
+ OCTET STRING,
+ hwAclIpv6AdvancedSrcMask
+ Ipv6Address,
+ hwAclIpv6AdvancedDestMask
+ Ipv6Address,
+ hwAclIpv6AdvancedProtocolNew
+ Integer32,
+ hwAclIpv6AdvancedIcmpTypeEnd
+ Integer32,
+ hwAclIpv6AdvancedVrfAny
+ TruthValue,
+ hwAclIpv6AdvancedSrcPoolName
+ OCTET STRING,
+ hwAclIpv6AdvancedVni
+ Integer32
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.1
+ hwAclIpv6AdvancedAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535)."
+ ::= { hwAclIpv6AdvancedRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.2
+ hwAclIpv6AdvancedSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ipv6 advanced ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ automatically;otherwise,this rule will not be created."
+ ::= { hwAclIpv6AdvancedRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.3
+ hwAclIpv6AdvancedAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an ipv6 advanced acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclIpv6AdvancedRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.4
+ hwAclIpv6AdvancedProtocol OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the number of the protocol over IPv6.
+ The value ranges from 0 to 255. The value 0 indicates the IPv6 protocol."
+ ::= { hwAclIpv6AdvancedRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.5
+ hwAclIpv6AdvancedSrcIp OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IPv6-address of an ipv6 advanced acl rule."
+ ::= { hwAclIpv6AdvancedRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.6
+ hwAclIpv6AdvancedSrcPrefix OBJECT-TYPE
+ SYNTAX Integer32 (0..128)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the mask length of the source IPv6 address.
+ The value ranges from 0 to 128."
+ ::= { hwAclIpv6AdvancedRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.7
+ hwAclIpv6AdvancedSrcOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ range(5),
+ invalid(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source Port operation symbol of an ipv6 advanced acl
+ rule. It compares the port operators of source address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclIpv6AdvancedRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.8
+ hwAclIpv6AdvancedSrcPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the end source port number."
+ ::= { hwAclIpv6AdvancedRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.9
+ hwAclIpv6AdvancedSrcPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the start source port number."
+ ::= { hwAclIpv6AdvancedRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.10
+ hwAclIpv6AdvancedDestIp OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination IPv6-address of an ipv6 advanced acl rule."
+ ::= { hwAclIpv6AdvancedRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.11
+ hwAclIpv6AdvancedDestPrefix OBJECT-TYPE
+ SYNTAX Integer32 (0..128)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the mask length of the destination IPv6 address. The value ranges from 0 to 128."
+ ::= { hwAclIpv6AdvancedRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.12
+ hwAclIpv6AdvancedDestOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ range(5),
+ invalid(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination Port operation symbol of an ipv6 advanced
+ acl group. It compares the port operators of destination address.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclIpv6AdvancedRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.13
+ hwAclIpv6AdvancedDestPort1 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the largest destination port number."
+ ::= { hwAclIpv6AdvancedRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.14
+ hwAclIpv6AdvancedDestPort2 OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the smallest destination port number."
+ ::= { hwAclIpv6AdvancedRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.15
+ hwAclIpv6AdvancedPrecedence OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the precedence sub-field.
+ It is the higher three bits of the ToS field in an IPv6 header.
+ The value ranges from 0 to 7."
+ ::= { hwAclIpv6AdvancedRuleEntry 15 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.16
+ hwAclIpv6AdvancedTos OBJECT-TYPE
+ SYNTAX Integer32 (0..15|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the ToS sub-field.
+ This field covers four bits after the higher three bits of the ToS field in an IPv6 header.
+ The value ranges from 0 to 15."
+ ::= { hwAclIpv6AdvancedRuleEntry 16 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.17
+ hwAclIpv6AdvancedDscp OBJECT-TYPE
+ SYNTAX Integer32 (0..63|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the higher seven bits of the ToS field in an IPv6 header.
+ The value ranges from 0 to 63."
+ ::= { hwAclIpv6AdvancedRuleEntry 17 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.18
+ hwAclIpv6AdvancedEstablish OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not establishing."
+ DEFVAL { false }
+ ::= { hwAclIpv6AdvancedRuleEntry 18 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.19
+ hwAclIpv6AdvancedTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the index of the time range during which an ACL6 rule can be applied.
+ The value ranges from 0 to 256.
+ The value 0 indicates that no time range is specified for the rule."
+ ::= { hwAclIpv6AdvancedRuleEntry 19 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.20
+ hwAclIpv6AdvancedIcmpType OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the ICMPv6 message type.
+ The value ranges from 0 to 255. The value 65535 is invalid."
+ ::= { hwAclIpv6AdvancedRuleEntry 20 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.21
+ hwAclIpv6AdvancedIcmpCode OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this obejct identifies the code of an ICMPv6 message.
+ The value ranges from 0 to 255. The value 65535 is invalid."
+ ::= { hwAclIpv6AdvancedRuleEntry 21 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.22
+ hwAclIpv6AdvancedFragment OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ fragmentSubseq(0),
+ fragment(1),
+ none(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the type of the packet.
+ 1: fragment, indicating that the packet is a fragment
+ 255: none, invalid value
+ This object cannot be modified once a rule is created."
+ ::= { hwAclIpv6AdvancedRuleEntry 22 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.23
+ hwAclIpv6AdvancedLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets. The log
+ contents include sequence number of ACL rule,
+ packets passed or discarded, upper layer protocol type over IP,
+ source/destination address, source/destination port number,
+ and number of packets"
+ ::= { hwAclIpv6AdvancedRuleEntry 23 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.24
+ hwAclIpv6AdvancedEnable OBJECT-TYPE
+ SYNTAX EnabledStatus
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclIpv6AdvancedRuleEntry 24 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.25
+ hwAclIpv6AdvancedCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of packets matched by a rule. A maximum of 64 bits are supported."
+ ::= { hwAclIpv6AdvancedRuleEntry 25 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.26
+ hwAclIpv6AdvancedVrfName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..31))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates a VPN instance.
+ The length of a VPN instance name cannot exceed 31 characters."
+ ::= { hwAclIpv6AdvancedRuleEntry 26 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.27
+ hwAclIpv6AdvancedRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclIpv6AdvancedRuleEntry 27 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.28
+ hwAclIpv6AdvancedDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this IPv6 advanced rule.
+ The object describes the usage of an IPv6 ACL with a word or a sentence."
+ ::= { hwAclIpv6AdvancedRuleEntry 28 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.29
+ hwAclIpv6AdvancedSrcMask OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive."
+ ::= { hwAclIpv6AdvancedRuleEntry 29 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.30
+ hwAclIpv6AdvancedDestMask OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive."
+ ::= { hwAclIpv6AdvancedRuleEntry 30 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.31
+ hwAclIpv6AdvancedProtocolNew OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the protocol type of the rule.
+ It specifies the protocol type over IP.The number of IPv6 protocol is 65535."
+ ::= { hwAclIpv6AdvancedRuleEntry 31 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.32
+ hwAclIpv6AdvancedIcmpTypeEnd OBJECT-TYPE
+ SYNTAX Integer32 (0..255|65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the ICMPv6 message type.
+ The value ranges from 0 to 255. The value 65535 is invalid.
+ This object is used together with hwAclIpv6AdvancedIcmpType to indicate the value range of the ICMPv6 type."
+ ::= { hwAclIpv6AdvancedRuleEntry 32 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.33
+ hwAclIpv6AdvancedVrfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any VPN-instance."
+ ::= { hwAclIpv6AdvancedRuleEntry 33 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.34
+ hwAclIpv6AdvancedSrcPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source Ipv6 pool name."
+ ::= { hwAclIpv6AdvancedRuleEntry 34 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.13.1.35
+ hwAclIpv6AdvancedVni OBJECT-TYPE
+ SYNTAX Integer32 (0..16777215)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ID of VXLAN,
+ The invalid value is 0."
+ ::= { hwAclIpv6AdvancedRuleEntry 35 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14
+ hwAclEthernetFrameRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclEthernetFrameRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for ethernet-frame-based acl group."
+ ::= { hwAclMibObjects 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1
+ hwAclEthernetFrameRuleEntry OBJECT-TYPE
+ SYNTAX HwAclEthernetFrameRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of ethernet-frame-based acl group."
+ INDEX { hwAclEthernetFrameAclNum, hwAclEthernetFrameSubitem }
+ ::= { hwAclEthernetFrameRuleTable 1 }
+
+ HwAclEthernetFrameRuleEntry ::=
+ SEQUENCE {
+ hwAclEthernetFrameAclNum
+ Integer32,
+ hwAclEthernetFrameSubitem
+ Unsigned32,
+ hwAclEthernetFrameAct
+ INTEGER,
+ hwAclEthernetFrameType
+ Integer32,
+ hwAclEthernetFrameTypeMask
+ Integer32,
+ hwAclEthernetFrameSrcMac
+ MacAddress,
+ hwAclEthernetFrameSrcMacMask
+ MacAddress,
+ hwAclEthernetFrameDstMac
+ MacAddress,
+ hwAclEthernetFrameDstMacMask
+ MacAddress,
+ hwAclEthernetFrameTimeRangeIndex
+ Integer32,
+ hwAclEthernetFrameLog
+ TruthValue,
+ hwAclEthernetFrameEnable
+ EnabledStatus,
+ hwAclEthernetFrameCount
+ Counter64,
+ hwAclEthernetFrameRowStatus
+ RowStatus,
+ hwAclEthernetFrameEncapType
+ INTEGER,
+ hwAclEthernetFrameDoubleTag
+ TruthValue,
+ hwAclEthernetFrameVlanId
+ Integer32,
+ hwAclEthernetFrameVlanIdMask
+ Integer32,
+ hwAclEthernetFrameCVlanId
+ Integer32,
+ hwAclEthernetFrameCVlanIdMask
+ Integer32,
+ hwAclEthernetFrameRule8021p
+ Integer32,
+ hwAclEthernetFrameRuleCVlan8021p
+ Integer32,
+ hwAclEthernetFrameDescription
+ OCTET STRING
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.1
+ hwAclEthernetFrameAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535)."
+ ::= { hwAclEthernetFrameRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.2
+ hwAclEthernetFrameSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ by step automatically;otherwise,this rule will not be created."
+ ::= { hwAclEthernetFrameRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.3
+ hwAclEthernetFrameAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an ethernet-frame-based acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclEthernetFrameRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.4
+ hwAclEthernetFrameType OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the protocol type of an Ethernet frame.
+ The value ranges from 0 to 65535."
+ ::= { hwAclEthernetFrameRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.5
+ hwAclEthernetFrameTypeMask OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the mask of the protocol type of an Ethernet frame.
+ The value ranges from 0 to 65535."
+ ::= { hwAclEthernetFrameRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.6
+ hwAclEthernetFrameSrcMac OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source mac address of rule."
+ ::= { hwAclEthernetFrameRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.7
+ hwAclEthernetFrameSrcMacMask OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the source mac mask of rule."
+ ::= { hwAclEthernetFrameRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.8
+ hwAclEthernetFrameDstMac OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination mac address of rule."
+ ::= { hwAclEthernetFrameRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.9
+ hwAclEthernetFrameDstMacMask OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the destination mac mask of rule."
+ ::= { hwAclEthernetFrameRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.10
+ hwAclEthernetFrameTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the time range of a ethernet frame
+ acl rule. When the current time is in time range, the rule
+ is valid. Zero value declares that the acl rule has no
+ time range. The invalid value is 0."
+ ::= { hwAclEthernetFrameRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.11
+ hwAclEthernetFrameLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets.
+ The log contents include sequence number of ACL rule,
+ packets passed or discarded, source/destination mac addr,
+ protocol of ethernet frame, and number of packets."
+ ::= { hwAclEthernetFrameRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.12
+ hwAclEthernetFrameEnable OBJECT-TYPE
+ SYNTAX EnabledStatus
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclEthernetFrameRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.13
+ hwAclEthernetFrameCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the number of matched packets by a rule. A maximum of 64 bits are supported."
+ ::= { hwAclEthernetFrameRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.14.1.14
+ hwAclEthernetFrameRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus,Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclEthernetFrameRuleEntry 14 }
+
+ hwAclEthernetFrameEncapType OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ ether2(1),
+ ieee802dot3(2),
+ snap(3),
+ none(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the encapsulation type of rule."
+ DEFVAL { none }
+ ::= { hwAclEthernetFrameRuleEntry 15 }
+
+ hwAclEthernetFrameDoubleTag OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates two tags of rule. False value do not
+ care the number of tags."
+ DEFVAL { false }
+ ::= { hwAclEthernetFrameRuleEntry 16 }
+
+ hwAclEthernetFrameVlanId OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the vlan ID of rule. The invalid
+ vlan ID is 0."
+ DEFVAL { 0 }
+ ::= { hwAclEthernetFrameRuleEntry 17 }
+
+ hwAclEthernetFrameVlanIdMask OBJECT-TYPE
+ SYNTAX Integer32 (0..4095)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the vlan ID mask of rule."
+ DEFVAL { 4095 }
+ ::= { hwAclEthernetFrameRuleEntry 18 }
+
+ hwAclEthernetFrameCVlanId OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ce-vlan ID of rule. The invalid
+ vlan ID is 0."
+ DEFVAL { 0 }
+ ::= { hwAclEthernetFrameRuleEntry 19 }
+
+ hwAclEthernetFrameCVlanIdMask OBJECT-TYPE
+ SYNTAX Integer32 (0..4095)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ce-vlan ID mask of rule."
+ DEFVAL { 4095 }
+ ::= { hwAclEthernetFrameRuleEntry 20 }
+
+ hwAclEthernetFrameRule8021p OBJECT-TYPE
+ SYNTAX Integer32 (0..7 | 255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the 8021p value of S-tag."
+ ::= { hwAclEthernetFrameRuleEntry 21 }
+
+ hwAclEthernetFrameRuleCVlan8021p OBJECT-TYPE
+ SYNTAX Integer32 (0..7 | 255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the 8021p value of C-tag."
+ ::= { hwAclEthernetFrameRuleEntry 22 }
+
+ hwAclEthernetFrameDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the description of this ethernetframe rule.
+ The object describes the usage of an ACL with a word or a sentence."
+ ::= { hwAclEthernetFrameRuleEntry 23 }
+
+ hwAclAppliedTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclAppliedEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the applied ACL."
+ ::= { hwAclMibObjects 15 }
+
+ hwAclAppliedEntry OBJECT-TYPE
+ SYNTAX HwAclAppliedEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a applied ACL."
+ INDEX { hwAclAppliedOperation, hwAclAppliedScopeType, hwAclAppliedScopeIndex, hwAclAppliedDirection, hwAclAppliedAclNum,
+ hwAclAppliedSubitem, hwAclAppliedAclNum2, hwAclAppliedSubitem2, hwAclAppliedIsIPv6Acl }
+ ::= { hwAclAppliedTable 1 }
+
+
+ HwAclAppliedEntry ::=
+ SEQUENCE {
+ hwAclAppliedOperation
+ INTEGER,
+ hwAclAppliedScopeType
+ INTEGER,
+ hwAclAppliedScopeIndex
+ Integer32,
+ hwAclAppliedDirection
+ INTEGER,
+ hwAclAppliedAclNum
+ Integer32,
+ hwAclAppliedSubitem
+ Integer32,
+ hwAclAppliedAclNum2
+ Integer32,
+ hwAclAppliedSubitem2
+ Integer32,
+ hwAclAppliedStatMode
+ INTEGER,
+ hwAclAppliedStatCount
+ Counter64,
+ hwAclAppliedLimitCir
+ Integer32,
+ hwAclAppliedLimitPir
+ Integer32,
+ hwAclAppliedLimitCbs
+ Integer32,
+ hwAclAppliedLimitPbs
+ Integer32,
+ hwAclAppliedLimitGreenAction
+ INTEGER,
+ hwAclAppliedLimitGreenValue
+ Integer32,
+ hwAclAppliedLimitYellowAction
+ INTEGER,
+ hwAclAppliedLimitYellowValue
+ Integer32,
+ hwAclAppliedLimitRedAction
+ INTEGER,
+ hwAclAppliedLimitRedValue
+ Integer32,
+ hwAclAppliedMirrObservedPort
+ Integer32,
+ hwAclAppliedMirrRspanVlan
+ Integer32,
+ hwAclAppliedRedirectIfIndex
+ Integer32,
+ hwAclAppliedRedirectIpAddr
+ IpAddress,
+ hwAclAppliedRedirectIpv6Addr
+ Ipv6Address,
+ hwAclAppliedRemarkVlan
+ Integer32,
+ hwAclAppliedRemarkCVlan
+ Integer32,
+ hwAclAppliedRemark8021p
+ Integer32,
+ hwAclAppliedRemarkDscp
+ Integer32,
+ hwAclAppliedRemarkIpPre
+ Integer32,
+ hwAclAppliedRemarkLocalPre
+ Integer32,
+ hwAclAppliedRemarkMacAddr
+ MacAddress,
+ hwAclAppliedIsIPv6Acl
+ TruthValue,
+ hwAclAppliedRowStatus
+ RowStatus
+ }
+
+ hwAclAppliedOperation OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ filter(1),
+ limit(2),
+ mirror(3),
+ redirectCpu(4),
+ redirectInterface(5),
+ redirectIpNextHop(6),
+ redirectIpv6NextHop(7),
+ remark8021p(8),
+ remarkDscp(9),
+ remarkIpPrecedence(10),
+ remarkLocalPrecedence(11),
+ remarkVlanId(12),
+ remarkCVlanId(13),
+ remarkDestMac(14),
+ statistic(15)
+ }
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The actions taken when packets conforming or exceeding the configured."
+ ::= { hwAclAppliedEntry 1 }
+
+ hwAclAppliedScopeType OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ global(1),
+ vlan(2),
+ interface(3)
+ }
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The scope that ACL apply on."
+ ::= { hwAclAppliedEntry 2 }
+
+ hwAclAppliedScopeIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "When the scope is global, this field is invalid;
+ When the scope is vlan, this field is vlan ID;
+ When the scope is interface, this field is interface index."
+ ::= { hwAclAppliedEntry 3 }
+
+
+ hwAclAppliedDirection OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ inbound(1),
+ outbound(2)
+ }
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The direction acl apply on."
+ ::= { hwAclAppliedEntry 4 }
+
+ hwAclAppliedAclNum OBJECT-TYPE
+ SYNTAX Integer32 (2000..4999)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The index of ACL group.
+ Basic ACL in range 2000~2999;
+ Advance ACL in range 3000~3999;
+ Link ACL in range 4000~4999;"
+ ::= { hwAclAppliedEntry 5 }
+
+ hwAclAppliedSubitem OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ACL rule."
+ ::= { hwAclAppliedEntry 6 }
+
+ hwAclAppliedAclNum2 OBJECT-TYPE
+ SYNTAX Integer32 (2000..3999|65535)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The index of ACL group.
+ 65535 means this field is valid."
+ ::= { hwAclAppliedEntry 7 }
+
+ hwAclAppliedSubitem2 OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ACL rule."
+ ::= { hwAclAppliedEntry 8 }
+
+ hwAclAppliedStatMode OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ byPackets(1),
+ byBytes(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object specifies the mode of statistics.
+ When action is statistic, this field is valid."
+ DEFVAL { byPackets }
+ ::= { hwAclAppliedEntry 9 }
+
+ hwAclAppliedStatCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the policy.
+ When action is statistic or limit, this field is valid."
+ ::= { hwAclAppliedEntry 10 }
+
+
+ hwAclAppliedLimitCir OBJECT-TYPE
+ SYNTAX Integer32 (0 | 64..10000000)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Committed information rate. Unit: kbps."
+ DEFVAL { 0 }
+ ::= { hwAclAppliedEntry 11 }
+
+
+ hwAclAppliedLimitPir OBJECT-TYPE
+ SYNTAX Integer32 (0 | 64..10000000)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Peak information rate. Unit: kbps.
+ 0 is the default value."
+ DEFVAL { 0 }
+ ::= { hwAclAppliedEntry 12 }
+
+ hwAclAppliedLimitCbs OBJECT-TYPE
+ SYNTAX Integer32 (0 | 4096..16773120)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Committed burst size. Unit: byte.
+ 0 is the default value."
+ DEFVAL { 0 }
+ ::= { hwAclAppliedEntry 13 }
+
+ hwAclAppliedLimitPbs OBJECT-TYPE
+ SYNTAX Integer32 (0 | 4096..16773120)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Peak burst size. Unit: byte.
+ 0 is the default value."
+ DEFVAL { 0 }
+ ::= { hwAclAppliedEntry 14 }
+
+ hwAclAppliedLimitGreenAction OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ pass(1),
+ drop(2),
+ passRemarkDscp(3),
+ passRemark8021p(4)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Green action."
+ DEFVAL { pass }
+ ::= { hwAclAppliedEntry 15 }
+
+ hwAclAppliedLimitGreenValue OBJECT-TYPE
+ SYNTAX Integer32 (0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value is to remark When green action is remarking.
+ For remarking DSCP, the range is 0~63;
+ For remarking 8021p, the range is 0~7."
+ ::= { hwAclAppliedEntry 16 }
+
+ hwAclAppliedLimitYellowAction OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ pass(1),
+ drop(2),
+ passRemarkDscp(3),
+ passRemark8021p(4)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Yellow action."
+ DEFVAL { pass }
+ ::= { hwAclAppliedEntry 17 }
+
+ hwAclAppliedLimitYellowValue OBJECT-TYPE
+ SYNTAX Integer32 (0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value is to remark When yellow action is remarking.
+ For remarking DSCP, the range is 0~63;
+ For remarking 8021p, the range is 0~7."
+ ::= { hwAclAppliedEntry 18 }
+
+ hwAclAppliedLimitRedAction OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ pass(1),
+ drop(2),
+ passRemarkDscp(3),
+ passRemark8021p(4)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Red action."
+ DEFVAL { drop }
+ ::= { hwAclAppliedEntry 19 }
+
+ hwAclAppliedLimitRedValue OBJECT-TYPE
+ SYNTAX Integer32 (0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value is to remark When red action is remarking.
+ For remarking DSCP, the range is 0~63;
+ For remarking 8021p, the range is 0~7."
+ ::= { hwAclAppliedEntry 20 }
+
+
+ hwAclAppliedMirrObservedPort OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The mirror observe port number."
+ ::= { hwAclAppliedEntry 21 }
+
+ hwAclAppliedMirrRspanVlan OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object specifies the RSPAN vlan.
+ 0 means mirror to local port."
+ ::= { hwAclAppliedEntry 22 }
+
+ hwAclAppliedRedirectIfIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The redirect output interface."
+ ::= { hwAclAppliedEntry 23 }
+
+ hwAclAppliedRedirectIpAddr OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The redirect IP next hop address."
+ ::= { hwAclAppliedEntry 24 }
+
+ hwAclAppliedRedirectIpv6Addr OBJECT-TYPE
+ SYNTAX Ipv6Address
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The redirect IPv6 next hop address."
+ ::= { hwAclAppliedEntry 25 }
+
+ hwAclAppliedRemarkVlan OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked vlan ID."
+ ::= { hwAclAppliedEntry 26 }
+
+ hwAclAppliedRemarkCVlan OBJECT-TYPE
+ SYNTAX Integer32 (0..4094)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked ce-vlan ID."
+ ::= { hwAclAppliedEntry 27 }
+
+ hwAclAppliedRemark8021p OBJECT-TYPE
+ SYNTAX Integer32 (0..7)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked 8021p value."
+ ::= { hwAclAppliedEntry 28 }
+
+ hwAclAppliedRemarkDscp OBJECT-TYPE
+ SYNTAX Integer32 (0..63)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked DSCP value."
+ ::= { hwAclAppliedEntry 29 }
+
+ hwAclAppliedRemarkIpPre OBJECT-TYPE
+ SYNTAX Integer32 (0..7)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked IP precedence value."
+ ::= { hwAclAppliedEntry 30 }
+
+ hwAclAppliedRemarkLocalPre OBJECT-TYPE
+ SYNTAX Integer32 (0..7)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked local precedence value."
+ ::= { hwAclAppliedEntry 31 }
+
+ hwAclAppliedRemarkMacAddr OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The remarked MAC address."
+ ::= { hwAclAppliedEntry 32 }
+
+ hwAclAppliedIsIPv6Acl OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether is IPv6 ACL."
+ ::= { hwAclAppliedEntry 33 }
+
+ hwAclAppliedRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus,Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclAppliedEntry 51 }
+
+ hwAclIpv6NumGroupTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIpv6NumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "This table is used to query information about an ACL rule group, including the ACL configuration order, step length, and description."
+ ::= { hwAclMibObjects 16 }
+
+ hwAclIpv6NumGroupEntry OBJECT-TYPE
+ SYNTAX HwAclIpv6NumGroupEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing characters of an IPv6 ACL group."
+ INDEX { hwAclIpv6NumGroupAclNum }
+ ::= { hwAclIpv6NumGroupTable 1 }
+
+
+ HwAclIpv6NumGroupEntry ::=
+ SEQUENCE {
+ hwAclIpv6NumGroupAclNum
+ Integer32,
+ hwAclIpv6NumGroupMatchOrder
+ INTEGER,
+ hwAclIpv6NumGroupSubitemNum
+ Counter32,
+ hwAclIpv6NumGroupCountClear
+ INTEGER,
+ hwAclIpv6NumGroupAclName
+ OCTET STRING,
+ hwAclIpv6NumGroupDescription
+ OCTET STRING,
+ hwAclIpv6NumGroupAclType
+ INTEGER,
+ hwAclIpv6NumGroupRowStatus
+ RowStatus,
+ hwAclIpv6NumGroupStep
+ Integer32
+ }
+
+ hwAclIpv6NumGroupAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies a table index, representing the number of an IPv6 ACL rule group.
+ The value range is as follows:
+ Interface-based ACL6: 1000 to 1999
+ Basic ACL6: 2000 to 2999
+ Advanced ACL6: 3000 to 3999
+ Named ACL6: 42768 to 75535"
+ ::= { hwAclIpv6NumGroupEntry 1 }
+
+
+ hwAclIpv6NumGroupMatchOrder OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ config(1),
+ auto(2),
+ default(3)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the match order of rules.
+ 'config' means matching ACL rules in the configuration sequence,
+ 'auto' means the ACL6 rules are matched following the 'Depth-first' principle."
+ DEFVAL { default }
+ ::= { hwAclIpv6NumGroupEntry 2 }
+
+
+ hwAclIpv6NumGroupSubitemNum OBJECT-TYPE
+ SYNTAX Counter32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The total number of the rules in the ACL6 group."
+ ::= { hwAclIpv6NumGroupEntry 3 }
+
+
+ hwAclIpv6NumGroupCountClear OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ cleared(1),
+ notUsed(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates whether to clear the statistics of an ACL6 rule group.
+ cleared(1): clear
+ notUsed(2): not clear
+ This object is valid only when the Set operation is performed for this object."
+ ::= { hwAclIpv6NumGroupEntry 4 }
+
+ hwAclIpv6NumGroupAclName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..64))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the name of an acl6 group,
+ The first character must be start with a to z or A to Z,
+ and the length cannot exceed 64 character."
+ ::= { hwAclIpv6NumGroupEntry 5 }
+
+ hwAclIpv6NumGroupDescription OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..127))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "This object indicates the description of an ACL6 rule group.
+ The description length cannot exceed 127 characters."
+ ::= { hwAclIpv6NumGroupEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.16.1.7
+ hwAclIpv6NumGroupAclType OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ basic(1),
+ advanced(2),
+ interface(3)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The type of IPv6 ACL group."
+ ::= { hwAclIpv6NumGroupEntry 7 }
+
+ hwAclIpv6NumGroupRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three value:CreateAndGo,Active,Destroy."
+ ::= { hwAclIpv6NumGroupEntry 51 }
+
+ hwAclIpv6NumGroupStep OBJECT-TYPE
+ SYNTAX Integer32 (1..20)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the step value of number IPv6 ACL.
+ Step here refers to the difference between each ID.
+ For instance, given the step is set to 5,
+ the IDs are the multiples of 5 beginning with 5.
+ The IPv6 ACL IDs change along with the step. When the step is 5,
+ the IPv6 ACL IDs are 5, 10, and 15 and so on.
+ However, when the step is set to 2, the IDs turn to 2, 4,
+ and 6 and so on."
+ ::= { hwAclIpv6NumGroupEntry 52 }
+
+ hwAclIpv6IfRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIpv6IfRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for interface-based acl6 group."
+ ::= { hwAclMibObjects 17 }
+
+ hwAclIpv6IfRuleEntry OBJECT-TYPE
+ SYNTAX HwAclIpv6IfRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry contains a rule of interface-based acl6 group."
+ INDEX { hwAclIpv6IfAclNum, hwAclIpv6IfSubitem }
+ ::= { hwAclIpv6IfRuleTable 1 }
+
+ HwAclIpv6IfRuleEntry ::=
+ SEQUENCE {
+ hwAclIpv6IfAclNum
+ Integer32,
+ hwAclIpv6IfSubitem
+ Unsigned32,
+ hwAclIpv6IfAct
+ INTEGER,
+ hwAclIpv6IfIndex
+ Integer32,
+ hwAclIpv6IfAny
+ TruthValue,
+ hwAclIpv6IfTimeRangeIndex
+ Integer32,
+ hwAclIpv6IfLog
+ TruthValue,
+ hwAclIpv6IfEnable
+ TruthValue,
+ hwAclIpv6IfCount
+ Counter64,
+ hwAclIpv6IfRowStatus
+ RowStatus
+ }
+
+ hwAclIpv6IfAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535)."
+ ::= { hwAclIpv6IfRuleEntry 1 }
+
+ hwAclIpv6IfSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object specifies the number of an ACL6 rule.
+ If the number specified has been assigned to an ACL6 rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL6. It will be placed at the end of the
+ ACL6 when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL6 rule must be given 0, but it will be assigned
+ automatically;otherwise, this rule will not be created."
+ ::= { hwAclIpv6IfRuleEntry 2 }
+
+ hwAclIpv6IfAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of an interface-based acl6 rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclIpv6IfRuleEntry 3 }
+
+ hwAclIpv6IfIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the index of an interface.
+ It specifies the interface information of the packets. The invalid
+ interface index is 0."
+ ::= { hwAclIpv6IfRuleEntry 4 }
+
+ hwAclIpv6IfAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not matching any interface."
+ ::= { hwAclIpv6IfRuleEntry 5 }
+
+ hwAclIpv6IfTimeRangeIndex OBJECT-TYPE
+ SYNTAX Integer32 (0..256)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the index of the time range during which an ACL rule can be applied.
+ When the current time is in the time range, the rule is valid. The value 0 is invalid,
+ indicating that no time range is specified for the rule.The value ranges from 0 to 256."
+ ::= { hwAclIpv6IfRuleEntry 6 }
+
+ hwAclIpv6IfLog OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether to log the matched packets.
+ The log contents include sequence number of ACL6 rule,
+ packets passed or discarded, upper layer protocol type over IP,
+ source/destination address, source/destination port number,
+ and number of packets."
+ ::= { hwAclIpv6IfRuleEntry 7 }
+
+ hwAclIpv6IfEnable OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether the rule is valid or invalid."
+ ::= { hwAclIpv6IfRuleEntry 8 }
+
+ hwAclIpv6IfCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by basic rule."
+ ::= { hwAclIpv6IfRuleEntry 9 }
+
+ hwAclIpv6IfRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus,Now support three state:CreateAndGo,Active,Destroy."
+ ::= { hwAclIpv6IfRuleEntry 11 }
+
+-- chenjing 43944
+ -- 1.3.6.1.4.1.2011.5.1.1.18
+ hwAclMplsRuleTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclMplsRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the rule for mpls acl group."
+ ::= { hwAclMibObjects 18 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1
+ hwAclMplsRuleEntry OBJECT-TYPE
+ SYNTAX HwAclMplsRuleEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a rule of mpls acl."
+ INDEX { hwAclMplsAclNum, hwAclMplsSubitem }
+ ::= { hwAclMplsRuleTable 1 }
+
+ HwAclMplsRuleEntry ::=
+ SEQUENCE {
+ hwAclMplsAclNum
+ Integer32,
+ hwAclMplsSubitem
+ Unsigned32,
+ hwAclMplsAct
+ INTEGER,
+ hwAclMplsExp1
+ Integer32,
+ hwAclMplsExp2
+ Integer32,
+ hwAclMplsExp3
+ Integer32,
+ hwAclMplsExp4
+ Integer32,
+ hwAclMplsLabel1
+ Integer32,
+ hwAclMplsLabel2
+ Integer32,
+ hwAclMplsLabel3
+ Integer32,
+ hwAclMplsLabel4
+ Integer32,
+ hwAclMplsTTLOP1
+ INTEGER,
+ hwAclMplsTTL1Begin
+ Integer32,
+ hwAclMplsTTL1End
+ Integer32,
+ hwAclMplsTTLOP2
+ INTEGER,
+ hwAclMplsTTL2Begin
+ Integer32,
+ hwAclMplsTTL2End
+ Integer32,
+ hwAclMplsTTLOP3
+ INTEGER,
+ hwAclMplsTTL3Begin
+ Integer32,
+ hwAclMplsTTL3End
+ Integer32,
+ hwAclMplsRowStatus
+ RowStatus,
+ hwAclMplsCount
+ Counter64
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.1
+ hwAclMplsAclNum OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of mpls acl group, the index range is (10000..10999 | 42768..76535)."
+ ::= { hwAclMplsRuleEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.2
+ hwAclMplsSubitem OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The objects specifies the number of an ACL rule.
+ If the number specified has been assigned to an ACL rule,
+ the new rule will overwrite the old one,
+ which is equal to editing the old rule.
+ If the number is not assigned, the system will define
+ a rule with the number and insert it to the place
+ corresponding to its number. If no number is specified,
+ the system will define a rule, assign a number to it and
+ add it into the ACL. It will be placed at the end of the
+ ACL when configuration sequence is adopted; otherwise,
+ it will be placed based on the 'Depth-first' principle.
+ When ACL rules are following the 'Depth-first' principle,
+ the number of an ACL rule must be given 0 ,but it will be assigned
+ by step automatically;otherwise,this rule will not be created."
+ ::= { hwAclMplsRuleEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.3
+ hwAclMplsAct OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ permit(1),
+ deny(2)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the action of a basic acl rule.
+ 'deny' means discarding the packets that meet the condition,
+ 'permit' means permitting the packets that meet the condition."
+ ::= { hwAclMplsRuleEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.4
+ hwAclMplsExp1 OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the EXP value in the first label of an MPLS packet.
+ The value ranges from 0 to 7. The default value is 255."
+ ::= { hwAclMplsRuleEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.5
+ hwAclMplsExp2 OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the EXP value in the second label of an MPLS packet.
+ The value ranges from 0 to 7. The default value is 255."
+ ::= { hwAclMplsRuleEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.6
+ hwAclMplsExp3 OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the EXP value in the third label of an MPLS packet.
+ The value ranges from 0 to 7. The default value is 255."
+ ::= { hwAclMplsRuleEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.7
+ hwAclMplsExp4 OBJECT-TYPE
+ SYNTAX Integer32 (0..7|255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the EXP value in the fourth label of an MPLS packet.
+ The value ranges from 0 to 7. The default value is 255."
+ ::= { hwAclMplsRuleEntry 7 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.8
+ hwAclMplsLabel1 OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..1048575)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the Label value in the first label of an MPLS packet.
+ The value ranges from 0 to 1048575. The default value is -1."
+ ::= { hwAclMplsRuleEntry 8 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.9
+ hwAclMplsLabel2 OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..1048575)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the Label value in the second label of an MPLS packet.
+ The value ranges from 0 to 1048575. The default value is -1."
+ ::= { hwAclMplsRuleEntry 9 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.10
+ hwAclMplsLabel3 OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..1048575)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the Label value in the third label of an MPLS packet.
+ The value ranges from 0 to 1048575. The default value is -1."
+ ::= { hwAclMplsRuleEntry 10 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.11
+ hwAclMplsLabel4 OBJECT-TYPE
+ SYNTAX Integer32 (-1|0..1048575)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The value of this object identifies the Label value in the fourth label of an MPLS packet.
+ The value ranges from 0 to 1048575. The default value is -1."
+ ::= { hwAclMplsRuleEntry 11 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.12
+ hwAclMplsTTLOP1 OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ range(5),
+ invalid(0),
+ any(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ttl operation symbol of a mpls
+ acl rule. It compares the operators of ttl value.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'range' means between,
+ 'invalid' means this operation of the ttl is invalid."
+ ::= { hwAclMplsRuleEntry 12 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.13
+ hwAclMplsTTL1Begin OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 13 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.14
+ hwAclMplsTTL1End OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 14 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.15
+ hwAclMplsTTLOP2 OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ range(5),
+ invalid(0),
+ any(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ttl operation symbol of a mpls
+ acl rule. It compares the operators of ttl value.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'range' means between,
+ 'invalid' means this operation of the ttl is invalid."
+ ::= { hwAclMplsRuleEntry 15 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.16
+ hwAclMplsTTL2Begin OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 16 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.17
+ hwAclMplsTTL2End OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 17 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.18
+ hwAclMplsTTLOP3 OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ lt(1),
+ eq(2),
+ gt(3),
+ range(5),
+ invalid(0),
+ any(255)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the ttl operation symbol of a mpls
+ acl rule. It compares the operators of ttl value.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'range' means between,
+ 'invalid' means this operation of the ttl is invalid."
+ ::= { hwAclMplsRuleEntry 18 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.19
+ hwAclMplsTTL3Begin OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 19 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.20
+ hwAclMplsTTL3End OBJECT-TYPE
+ SYNTAX Integer32 (0..255)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end value of a mpls ttl."
+ ::= { hwAclMplsRuleEntry 20 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.21
+ hwAclMplsRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "RowStatus, Now support three value:CreateAndGo,Active and Destroy."
+ ::= { hwAclMplsRuleEntry 21 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.18.1.22
+ hwAclMplsCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The object indicates the statistics of matched packets by the rule."
+ ::= { hwAclMplsRuleEntry 22 }
+-- chenjing 43944
+
+ -- 1.3.6.1.4.1.2011.5.1.1.19
+ hwAclDomainNameConfigTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclDomainNameConfigEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the domain name."
+ ::= { hwAclMibObjects 19 }
+
+
+ -- 1.3.6.1.4.1.2011.5.1.1.19.1
+ hwAclDomainNameConfigEntry OBJECT-TYPE
+ SYNTAX HwAclDomainNameConfigEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a domain name."
+ INDEX { hwAclDomainID }
+ ::= { hwAclDomainNameConfigTable 1 }
+
+
+ HwAclDomainNameConfigEntry ::=
+ SEQUENCE {
+ hwAclDomainID
+ Integer32,
+ hwAclDomainName
+ OCTET STRING,
+ hwAclDomainNameConfigRowStatus
+ RowStatus
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.19.1.1
+ hwAclDomainID OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The index of DomianName table, the index range is (0..31)."
+ ::= { hwAclDomainNameConfigEntry 1 }
+
+
+ -- 1.3.6.1.4.1.2011.5.1.1.19.1.2
+ hwAclDomainName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (3..127))
+ MAX-ACCESS read-write
+ STATUS current
+ DESCRIPTION
+ "The domian name."
+ ::= { hwAclDomainNameConfigEntry 2 }
+
+
+ -- 1.3.6.1.4.1.2011.5.1.1.19.1.3
+ hwAclDomainNameConfigRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status,Two actions are used: createAndGo(4), destroy(6)."
+ ::= { hwAclDomainNameConfigEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20
+ hwAclIPPoolTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIPPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the IP pool name."
+ ::= { hwAclMibObjects 20 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20.1
+ hwAclIPPoolEntry OBJECT-TYPE
+ SYNTAX HwAclIPPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a IP pool name."
+ INDEX { hwAclIPPoolIndex }
+ ::= { hwAclIPPoolTable 1 }
+
+ HwAclIPPoolEntry ::=
+ SEQUENCE {
+ hwAclIPPoolIndex
+ Integer32,
+ hwAclIPPoolName
+ OCTET STRING,
+ hwAclIPPoolRowStatus
+ RowStatus,
+ hwAclIPPoolApplyBGPPeer
+ TruthValue
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20.1.1
+ hwAclIPPoolIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ACL IP pool table."
+ ::= { hwAclIPPoolEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20.1.2
+ hwAclIPPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The IP pool name."
+ ::= { hwAclIPPoolEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20.1.3
+ hwAclIPPoolRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status."
+ ::= { hwAclIPPoolEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.20.1.4
+ hwAclIPPoolApplyBGPPeer OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not BGP peers are applied."
+ ::= { hwAclIPPoolEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21
+ hwAclIPPoolIPTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIPPoolIPEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the IP address of IP pool."
+ ::= { hwAclMibObjects 21 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1
+ hwAclIPPoolIPEntry OBJECT-TYPE
+ SYNTAX HwAclIPPoolIPEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a IP address of IP pool."
+ INDEX { hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex }
+ ::= { hwAclIPPoolIPTable 1 }
+
+ HwAclIPPoolIPEntry ::=
+ SEQUENCE {
+ hwAclIPPoolIPPoolIndex
+ Integer32,
+ hwAclIPPoolIPIndex
+ Integer32,
+ hwAclIPPoolIPIpAdd
+ IpAddress,
+ hwAclIPPoolIPIpWild
+ IpAddress,
+ hwAclIPPoolIPRowStatus
+ RowStatus
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1.1
+ hwAclIPPoolIPPoolIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the level 1 index, that is, the index of an IP address pool used by an ACL."
+ ::= { hwAclIPPoolIPEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1.2
+ hwAclIPPoolIPIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the level 2 index, that is, the index of an IPv4 address in an IP address pool used by an ACL."
+ ::= { hwAclIPPoolIPEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1.3
+ hwAclIPPoolIPIpAdd OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the IP-address."
+ ::= { hwAclIPPoolIPEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1.4
+ hwAclIPPoolIPIpWild OBJECT-TYPE
+ SYNTAX IpAddress
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the IP-address wild."
+ ::= { hwAclIPPoolIPEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.21.1.5
+ hwAclIPPoolIPRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status."
+ ::= { hwAclIPPoolIPEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.22
+ hwAclPortPoolTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclPortPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the port pool name."
+ ::= { hwAclMibObjects 22 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.22.1
+ hwAclPortPoolEntry OBJECT-TYPE
+ SYNTAX HwAclPortPoolEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a port pool name."
+ INDEX { hwAclPortPoolIndex }
+ ::= { hwAclPortPoolTable 1 }
+
+ HwAclPortPoolEntry ::=
+ SEQUENCE {
+ hwAclPortPoolIndex
+ Integer32,
+ hwAclPortPoolName
+ OCTET STRING,
+ hwAclPortPoolRowStatus
+ RowStatus
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.22.1.1
+ hwAclPortPoolIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ACL port pool table."
+ ::= { hwAclPortPoolEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.22.1.2
+ hwAclPortPoolName OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The Port pool name."
+ ::= { hwAclPortPoolEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.22.1.3
+ hwAclPortPoolRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status."
+ ::= { hwAclPortPoolEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23
+ hwAclPortPoolPortTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclPortPoolPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the port range of port pool."
+ ::= { hwAclMibObjects 23 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1
+ hwAclPortPoolPortEntry OBJECT-TYPE
+ SYNTAX HwAclPortPoolPortEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a port range of port pool."
+ INDEX { hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex }
+ ::= { hwAclPortPoolPortTable 1 }
+
+ HwAclPortPoolPortEntry ::=
+ SEQUENCE {
+ hwAclPortPoolPortPoolIndex
+ Integer32,
+ hwAclPortPoolPortIndex
+ Integer32,
+ hwAclPortPoolPortOp
+ INTEGER,
+ hwAclPortPoolPortNumBegin
+ Integer32,
+ hwAclPortPoolPortNumEnd
+ Integer32,
+ hwAclPortPoolPortRowStatus
+ RowStatus
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.1
+ hwAclPortPoolPortPoolIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the level 1 index, that is, the index of an ACL port pool."
+ ::= { hwAclPortPoolPortEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.2
+ hwAclPortPoolPortIndex OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "This object indicates the level 2 index, that is, the index of a port number in the ACL port pool."
+ ::= { hwAclPortPoolPortEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.3
+ hwAclPortPoolPortOp OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ invalid(0),
+ lt(1),
+ eq(2),
+ gt(3),
+ neq(4),
+ range(5)
+ }
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the Port operation.
+ 'lt' means less than,
+ 'eq' means equal to,
+ 'gt' means greater than,
+ 'neq' means not equal to,
+ 'range' means between,
+ 'invalid' means this operation of the rule is invalid."
+ ::= { hwAclPortPoolPortEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.4
+ hwAclPortPoolPortNumBegin OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the begin port number."
+ ::= { hwAclPortPoolPortEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.5
+ hwAclPortPoolPortNumEnd OBJECT-TYPE
+ SYNTAX Integer32 (0..65535)
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates the end port number."
+ ::= { hwAclPortPoolPortEntry 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.23.1.6
+ hwAclPortPoolPortRowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status."
+ ::= { hwAclPortPoolPortEntry 6 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24
+ hwAclIPPool6Table OBJECT-TYPE
+ SYNTAX SEQUENCE OF HwAclIPPool6Entry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Configure the IPv6 pool name."
+ ::= { hwAclMibObjects 24 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24.1
+ hwAclIPPool6Entry OBJECT-TYPE
+ SYNTAX HwAclIPPool6Entry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "Each entry is a IPv6 pool name."
+ INDEX { hwAclIPPool6Index }
+ ::= { hwAclIPPool6Table 1 }
+
+ HwAclIPPool6Entry ::=
+ SEQUENCE {
+ hwAclIPPool6Index
+ Integer32,
+ hwAclIPPool6Name
+ OCTET STRING,
+ hwAclIPPool6ApplyBGPIPv6Peer
+ TruthValue,
+ hwAclIPPool6RowStatus
+ RowStatus
+ }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24.1.1
+ hwAclIPPool6Index OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The index of ACL IPv6 pool table."
+ ::= { hwAclIPPool6Entry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24.1.2
+ hwAclIPPool6Name OBJECT-TYPE
+ SYNTAX OCTET STRING (SIZE (0..32))
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The IPv6 pool name."
+ ::= { hwAclIPPool6Entry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24.1.3
+ hwAclIPPool6ApplyBGPIPv6Peer OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "The object indicates whether or not BGP IPv6 peers are applied."
+ ::= { hwAclIPPool6Entry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.1.24.1.4
+ hwAclIPPool6RowStatus OBJECT-TYPE
+ SYNTAX RowStatus
+ MAX-ACCESS read-create
+ STATUS current
+ DESCRIPTION
+ "Row status."
+ ::= { hwAclIPPool6Entry 4 }
+
+ -- Acl Trap MIB definition
+ --
+ -- 1.3.6.1.4.1.2011.5.1.2
+ hwAclMibTrap OBJECT IDENTIFIER ::= { hwAcl 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.1
+ hwAclTrapOid OBJECT IDENTIFIER ::= { hwAclMibTrap 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2
+ hwAclTrapsDefine OBJECT IDENTIFIER ::= { hwAclMibTrap 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1
+ hwAclTraps OBJECT IDENTIFIER ::= { hwAclTrapsDefine 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1
+ hwAclResourceTrapsTable OBJECT IDENTIFIER ::= { hwAclTraps 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.1
+ hwAclResSlotStr OBJECT-TYPE
+ SYNTAX OCTET STRING
+ MAX-ACCESS accessible-for-notify
+ STATUS current
+ DESCRIPTION
+ "The infomation of slot."
+ ::= { hwAclResourceTrapsTable 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.2
+ hwAclResStage OBJECT-TYPE
+ SYNTAX OCTET STRING
+ MAX-ACCESS accessible-for-notify
+ STATUS current
+ DESCRIPTION
+ "The stage where trap infomation exists."
+ ::= { hwAclResourceTrapsTable 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.3
+ hwAclResLimit OBJECT-TYPE
+ SYNTAX Integer32
+ MAX-ACCESS accessible-for-notify
+ STATUS current
+ DESCRIPTION
+ "The usage of rule resource."
+ ::= { hwAclResourceTrapsTable 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4
+ hwAclResourceTrapsEntry OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1
+ hwAclResThresholdExceedClearTrap NOTIFICATION-TYPE
+ OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
+ STATUS current
+ DESCRIPTION
+ "Acl resource lack clear trap"
+ ::= { hwAclResourceTrapsEntry 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2
+ hwAclResThresholdExceedTrap NOTIFICATION-TYPE
+ OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
+ STATUS current
+ DESCRIPTION
+ "Acl resource lack trap"
+ ::= { hwAclResourceTrapsEntry 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3
+ hwAclResTotalCountExceedClearTrap NOTIFICATION-TYPE
+ OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
+ STATUS current
+ DESCRIPTION
+ "Acl resource full clear trap"
+ ::= { hwAclResourceTrapsEntry 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4
+ hwAclResTotalCountExceedTrap NOTIFICATION-TYPE
+ OBJECTS { hwAclResLimit, hwAclResSlotStr, hwAclResStage }
+ STATUS current
+ DESCRIPTION
+ "Acl resource full trap"
+ ::= { hwAclResourceTrapsEntry 4 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5
+ hwAclResourceTrapsGroups OBJECT IDENTIFIER ::= { hwAclResourceTrapsTable 5 }
+
+ -- 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1
+ hwAclResourceTrapsGroup NOTIFICATION-GROUP
+ NOTIFICATIONS { hwAclResThresholdExceedClearTrap, hwAclResThresholdExceedTrap, hwAclResTotalCountExceedClearTrap, hwAclResTotalCountExceedTrap }
+ STATUS current
+ DESCRIPTION
+ "Group for all acl resource traps."
+ ::= { hwAclResourceTrapsGroups 1 }
+
+
+ -- Acl MIB Conformance definition
+ --
+ -- 1.3.6.1.4.1.2011.5.1.3
+ hwAclMibConformance OBJECT IDENTIFIER ::= { hwAcl 3 }
+
+ -- 1.3.6.1.4.1.2011.5.1.3.1
+ hwAclMibCompliances OBJECT IDENTIFIER ::= { hwAclMibConformance 1 }
+
+ -- this module
+ -- 1.3.6.1.4.1.2011.5.1.3.1.1
+ hwAclMibCompliance MODULE-COMPLIANCE
+ STATUS current
+ DESCRIPTION
+ "The compliance statement for entities which
+ implement the Huawei acl MIB."
+ MODULE -- this module
+ MANDATORY-GROUPS { hwAclGroup }
+ OBJECT hwAclBasicRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destory(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclAdvancedRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destory(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclIfRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclIpv6BasicRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclIpv6AdvancedRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclEthernetFrameRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclAppliedRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclIpv6NumGroupRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclIpv6IfRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ OBJECT hwAclMplsRowStatus
+ SYNTAX INTEGER
+ {
+ active(1),
+ createAndGo(4),
+ destroy(6)
+ }
+ DESCRIPTION
+ "The value of creatAndWaite, notInservice and notReady are not required."
+ ::= { hwAclMibCompliances 1 }
+
+ -- 1.3.6.1.4.1.2011.5.1.3.2
+ hwAclMibGroups OBJECT IDENTIFIER ::= { hwAclMibConformance 2 }
+
+ -- 1.3.6.1.4.1.2011.5.1.3.2.1
+ hwAclGroup OBJECT-GROUP
+ OBJECTS { hwAclNumGroupMatchOrder, hwAclNumGroupSubitemNum, hwAclNumGroupAclName, hwAclBasicAct, hwAclBasicSrcIp,
+ hwAclBasicSrcWild, hwAclBasicTimeRangeIndex, hwAclBasicFragments, hwAclBasicLog, hwAclBasicEnable,
+ hwAclBasicCount, hwAclBasicVrfAny, hwAclBasicRowStatus, hwAclAdvancedAct, hwAclAdvancedProtocol, hwAclAdvancedSrcIp,
+ hwAclAdvancedSrcWild, hwAclAdvancedSrcOp, hwAclAdvancedSrcPort1, hwAclAdvancedSrcPort2, hwAclAdvancedDestIp,
+ hwAclAdvancedDestWild, hwAclAdvancedDestOp, hwAclAdvancedDestPort1, hwAclAdvancedDestPort2, hwAclAdvancedPrecedence,
+ hwAclAdvancedTos, hwAclAdvancedDscp, hwAclAdvancedEstablish, hwAclAdvancedTimeRangeIndex, hwAclAdvancedIcmpType,
+ hwAclAdvancedIcmpCode, hwAclAdvancedFragments, hwAclAdvancedLog, hwAclAdvancedEnable, hwAclAdvancedCount,
+ hwAclAdvancedRowStatus, hwAclAdvancedTcpSyncFlag, hwAclAdvancedSrcPoolName, hwAclAdvancedDestPoolName,
+ hwAclAdvancedProtocolNew, hwAclAdvancedVni, hwAclAdvancedIgmpType, hwAclAdvancedTtlOp, hwAclAdvancedTtlExpire,
+ hwAclAdvancedTtlExpireEnd, hwAclAdvancedSrcPortPoolName, hwAclAdvancedDestPortPoolName, hwAclAdvancedIcmpTypeEnd, hwAclAdvancedVrfAny, hwAclIfAct, hwAclIfIndex, hwAclIfAny,
+ hwAclIfTimeRangeIndex, hwAclIfLog, hwAclIfEnable, hwAclIfCount, hwAclIfRowStatus,
+ hwAclUserAct, hwAclUserProtocol, hwAclUserSrcIp, hwAclUserSrcWild, hwAclUserSrcOp,
+ hwAclUserSrcPort1, hwAclUserSrcPort2, hwAclUserDestIp, hwAclUserDestWild, hwAclUserDestOp,
+ hwAclUserDestPort1, hwAclUserDestPort2, hwAclUserPrecedence, hwAclUserTos, hwAclUserDscp,
+ hwAclUserEstablish, hwAclUserTimeRangeIndex, hwAclUserIcmpType, hwAclUserIcmpCode, hwAclUserFragments,
+ hwAclUserLog, hwAclUserEnable, hwAclUserCount, hwAclUserSrcUserGroupName, hwAclUserDestUserGroupName,
+ hwAclUserSrcModeType, hwAclUserDestModeType, hwAclUserRowStatus, hwAclCompileEnableFlag, hwAclNumGroupAclNum,
+ hwAclBasicAclNum, hwAclBasicSubitem, hwAclAdvancedAclNum, hwAclAdvancedSubitem, hwAclIfAclNum,
+ hwAclIfSubitem, hwAclUserAclNum, hwAclUserSubitem, hwAclUserVrfName, hwAclUserTcpSyncFlag,
+ hwAclEthernetFrameEncapType, hwAclEthernetFrameDoubleTag, hwAclEthernetFrameVlanId, hwAclEthernetFrameVlanIdMask, hwAclEthernetFrameCVlanId,
+ hwAclEthernetFrameCVlanIdMask, hwAclAppliedStatMode, hwAclAppliedStatCount, hwAclAppliedLimitCir, hwAclAppliedLimitPir,
+ hwAclAppliedLimitCbs, hwAclAppliedLimitPbs, hwAclAppliedLimitGreenAction, hwAclAppliedLimitGreenValue, hwAclAppliedLimitYellowAction,
+ hwAclAppliedLimitYellowValue, hwAclAppliedLimitRedAction, hwAclAppliedLimitRedValue, hwAclAppliedMirrObservedPort, hwAclAppliedMirrRspanVlan,
+ hwAclAppliedRedirectIfIndex, hwAclAppliedRedirectIpAddr, hwAclAppliedRedirectIpv6Addr, hwAclAppliedRemarkVlan, hwAclAppliedRemarkCVlan,
+ hwAclAppliedRemark8021p, hwAclAppliedRemarkDscp, hwAclAppliedRemarkIpPre, hwAclAppliedRemarkLocalPre, hwAclAppliedRemarkMacAddr,
+ hwAclAppliedRowStatus, hwAclCompileNumGroupStatus, hwAclNumGroupStep, hwAclNumGroupDescription, hwAclNumGroupCountClear,
+ hwAclNumGroupRowStatus, hwAclBasicVrfName, hwAclAdvancedVrfName, hwAclIpv6BasicAct, hwAclIpv6BasicSrcIp,
+ hwAclIpv6BasicSrcPrefix, hwAclIpv6BasicTimeRangeIndex, hwAclIpv6BasicFragment, hwAclIpv6BasicLog, hwAclIpv6BasicEnable,
+ hwAclIpv6BasicCount, hwAclIpv6BasicVrfName, hwAclIpv6BasicRowStatus, hwAclIpv6BasicVrfAny, hwAclIpv6AdvancedAct, hwAclIpv6AdvancedProtocol,
+ hwAclIpv6AdvancedSrcIp, hwAclIpv6AdvancedSrcPrefix, hwAclIpv6AdvancedSrcOp, hwAclIpv6AdvancedSrcPort1, hwAclIpv6AdvancedSrcPort2,
+ hwAclIpv6AdvancedDestIp, hwAclIpv6AdvancedDestPrefix, hwAclIpv6AdvancedDestOp, hwAclIpv6AdvancedDestPort1, hwAclIpv6AdvancedDestPort2,
+ hwAclIpv6AdvancedPrecedence, hwAclIpv6AdvancedTos, hwAclIpv6AdvancedDscp, hwAclIpv6AdvancedEstablish, hwAclIpv6AdvancedTimeRangeIndex,
+ hwAclIpv6AdvancedIcmpType, hwAclIpv6AdvancedIcmpCode, hwAclIpv6AdvancedFragment, hwAclIpv6AdvancedLog, hwAclIpv6AdvancedEnable,
+ hwAclIpv6AdvancedCount, hwAclIpv6AdvancedVrfName, hwAclIpv6AdvancedRowStatus, hwAclIpv6AdvancedProtocolNew, hwAclIpv6AdvancedIcmpTypeEnd, hwAclIpv6AdvancedVrfAny, hwAclEthernetFrameAct, hwAclEthernetFrameType,
+ hwAclEthernetFrameTypeMask, hwAclEthernetFrameSrcMac, hwAclEthernetFrameSrcMacMask, hwAclEthernetFrameDstMac, hwAclEthernetFrameDstMacMask,
+ hwAclEthernetFrameTimeRangeIndex, hwAclEthernetFrameLog, hwAclEthernetFrameEnable, hwAclEthernetFrameCount,
+ hwAclEthernetFrameRowStatus, hwAclEthernetFrameRule8021p, hwAclEthernetFrameRuleCVlan8021p,
+ hwAclIpv6NumGroupMatchOrder, hwAclIpv6NumGroupSubitemNum, hwAclIpv6NumGroupCountClear, hwAclIpv6NumGroupRowStatus, hwAclIpv6NumGroupAclName,
+ hwAclIpv6IfAct, hwAclIpv6IfIndex, hwAclIpv6IfAny, hwAclIpv6IfTimeRangeIndex, hwAclIpv6IfLog, hwAclIpv6IfEnable, hwAclIpv6IfCount, hwAclIpv6IfRowStatus,
+ hwAclMplsAct, hwAclMplsExp1, hwAclMplsExp2,
+ hwAclMplsExp3, hwAclMplsExp4, hwAclMplsLabel1, hwAclMplsLabel2, hwAclMplsLabel3,
+ hwAclMplsLabel4, hwAclMplsTTLOP1, hwAclMplsTTL1Begin, hwAclMplsTTL1End,
+ hwAclMplsTTLOP2, hwAclMplsTTL2Begin, hwAclMplsTTL2End,
+ hwAclMplsTTLOP3, hwAclMplsTTL3Begin, hwAclMplsTTL3End, hwAclMplsRowStatus, hwAclMplsCount, hwAclIpv6BasicSrcMask, hwAclIpv6AdvancedSrcMask, hwAclIpv6AdvancedDestMask,
+ hwAclIPPoolIndex, hwAclIPPoolName, hwAclIPPoolRowStatus,
+ hwAclIPPoolIPPoolIndex, hwAclIPPoolIPIndex, hwAclIPPoolIPIpAdd, hwAclIPPoolIPIpWild, hwAclIPPoolIPRowStatus,
+ hwAclPortPoolIndex, hwAclPortPoolName, hwAclPortPoolRowStatus,
+ hwAclPortPoolPortPoolIndex, hwAclPortPoolPortIndex, hwAclPortPoolPortOp, hwAclPortPoolPortNumBegin, hwAclPortPoolPortNumEnd, hwAclPortPoolPortRowStatus}
+ STATUS current
+ DESCRIPTION
+ "A collection of objects providing mandatory acl information."
+ ::= { hwAclMibGroups 1 }
+END
\ No newline at end of file |