diff options
Diffstat (limited to 'MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB')
| -rw-r--r-- | MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB | 958 |
1 files changed, 958 insertions, 0 deletions
diff --git a/MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB b/MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB new file mode 100644 index 0000000..28fadf4 --- /dev/null +++ b/MIBS/ciena/CIENA-CES-ACCESS-LIST-MIB @@ -0,0 +1,958 @@ +-- This file was included in WWP MIB release 04-16-00-0047 + --
+ -- CIENA-CES-ACCESS-LIST-MIB
+ --
+
+ CIENA-CES-ACCESS-LIST-MIB DEFINITIONS ::= BEGIN
+
+
+ IMPORTS
+ Integer32, Unsigned32, Counter64, OBJECT-TYPE, MODULE-IDENTITY
+ FROM SNMPv2-SMI
+
+ DisplayString, MacAddress, TruthValue, TEXTUAL-CONVENTION
+ FROM SNMPv2-TC
+
+ cienaCesConfig
+ FROM CIENA-SMI
+
+ CienaGlobalState
+ FROM CIENA-TC
+
+ InetAddressType, InetAddress, InetAddressPrefixLength, InetPortNumber
+ FROM INET-ADDRESS-MIB;
+
+
+ cienaCesAccessListMIB MODULE-IDENTITY
+ LAST-UPDATED "201504020000Z"
+ ORGANIZATION "Ciena, Inc"
+ CONTACT-INFO
+ "Mib Meister
+ 115 North Sullivan Road
+ Spokane Valley, WA 99037
+ USA
+ Phone: +1 509 242 9000
+ Email: support@ciena.com"
+ DESCRIPTION
+ "This MIB module defines objects that describe Hardware
+ ACLs (Access Control Lists).
+ The MIB describes different objects that enable the
+ network administrator to remotely view ACL profile/rule,
+ configuration in addition to monitoring ACL rule statistics."
+
+ REVISION "201504020000Z"
+ DESCRIPTION
+ "The initial version of this MIB module."
+ ::= { cienaCesConfig 35 }
+
+
+
+ --
+ -- Node definitions
+ --
+
+ cienaCesAccessListMIBObjects OBJECT IDENTIFIER ::= { cienaCesAccessListMIB 1 }
+
+ cienaCesAclConfiguration OBJECT IDENTIFIER ::= { cienaCesAccessListMIBObjects 1 }
+ cienaCesAclStatistics OBJECT IDENTIFIER ::= { cienaCesAccessListMIBObjects 2 }
+
+ cienaCesAccessListMIBConformance OBJECT IDENTIFIER ::= { cienaCesAccessListMIB 2 }
+
+ cienaCesAccessListMIBCompliances OBJECT IDENTIFIER ::= { cienaCesAccessListMIBConformance 1 }
+ cienaCesAccessListMIBGroups OBJECT IDENTIFIER ::= { cienaCesAccessListMIBConformance 2 }
+
+
+
+ --
+ -- Textual Conventions
+ --
+
+ AclFilterAction ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the filter action applied by an ACL rule."
+ SYNTAX INTEGER
+ {
+ allow(1),
+ deny(2)
+ }
+
+ AclTrafficDirection ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the traffic direction to which
+ an ACL profile is applied."
+ SYNTAX INTEGER
+ {
+ ingress(1),
+ egress(2)
+ }
+
+ AclIpFragmentMatchType ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the type of IP fragment filtering
+ to be done as part of an ACL rule."
+ SYNTAX INTEGER
+ {
+ any(1),
+ isfragment(2),
+ notfragment(3)
+ }
+
+ AclL4PortMatchType ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the type of match to perform on
+ an L4 src/dst port filter term."
+ SYNTAX INTEGER
+ {
+ any(1),
+ single(2),
+ range(3)
+ }
+
+ AclInterfaceType ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the type of interface to which
+ an ACL profile is attached."
+ SYNTAX INTEGER
+ {
+ port(1),
+ vlan(2),
+ virtualswitch(3),
+ ipinterface(4),
+ remoteinterface(5),
+ localinterface(6)
+ }
+
+ AclL4DstProtocol ::= TEXTUAL-CONVENTION
+ STATUS current
+ DESCRIPTION "An enumeration value to indicate the L4 destination protocol
+ specified as part of an ACL rule filter term."
+ SYNTAX INTEGER
+ {
+ any(1),
+ bgp(2),
+ bootpclient(3),
+ bootpserver(4),
+ dhcpclient(5),
+ dhcpserver(6),
+ dhcpv6client(7),
+ dhcpv6server(8),
+ dns(9),
+ ftp(10),
+ http(11),
+ ldp(12),
+ ntp(13),
+ olsr(14),
+ rip(15),
+ rpc(16),
+ snmp(17),
+ snmptrap(18),
+ ssh(19),
+ syslog(20),
+ tacacs(21),
+ telnet(22),
+ tftp(23),
+ twampctrl(24)
+ }
+
+
+ --
+ -- ACL Global Config Objects
+ --
+
+ cienaCesAclGlobalConfig OBJECT IDENTIFIER ::= { cienaCesAclConfiguration 1 }
+
+ cienaCesAclAdminStatus OBJECT-TYPE
+ SYNTAX CienaGlobalState
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates whether the ACL feature is globally enabled or disabled."
+ ::= { cienaCesAclGlobalConfig 1 }
+
+ cienaCesAclFilterMode OBJECT-TYPE
+ SYNTAX INTEGER
+ {
+ l2l3combo(1),
+ l3only(2)
+ }
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates which global ACL device mode is currently in use."
+ ::= { cienaCesAclGlobalConfig 2 }
+
+ cienaCesAclNumAclProfileDefs OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the total number of configured ACL profile definitions on the device."
+ ::= { cienaCesAclGlobalConfig 3 }
+
+ cienaCesAclRemainingAclProfileDefs OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the number of remaining ACL profile definitions that can be configured on the device."
+ ::= { cienaCesAclGlobalConfig 4 }
+
+ cienaCesAclNumAclRuleDefs OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the total number of configured ACL rule definitions on the device."
+ ::= { cienaCesAclGlobalConfig 5 }
+
+ cienaCesAclRemainingAclRuleDefs OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the number of remaining ACL rule definitions that can be configured on the device."
+ ::= { cienaCesAclGlobalConfig 6 }
+
+
+
+ --
+ -- ACL Profile Config Table
+ --
+ cienaCesAclProfileConfigTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF CienaCesAclProfileConfigTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of ACL profiles configured on the device. Each
+ entry contains the ACL profile configuration data."
+ ::= { cienaCesAclConfiguration 2 }
+
+ cienaCesAclProfileConfigTableEntry OBJECT-TYPE
+ SYNTAX CienaCesAclProfileConfigTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing the ACL profile configuration data."
+ INDEX { cienaCesAclProfileId }
+ ::= { cienaCesAclProfileConfigTable 1 }
+
+ CienaCesAclProfileConfigTableEntry ::= SEQUENCE {
+ cienaCesAclProfileId Integer32,
+ cienaCesAclProfileName DisplayString,
+ cienaCesAclProfileAdminState CienaGlobalState,
+ cienaCesAclProfileOperState CienaGlobalState,
+ cienaCesAclProfileDefaultFilterAction AclFilterAction,
+ cienaCesAclProfileNumRules Integer32,
+ cienaCesAclProfileAttachedInterfaces Unsigned32
+ }
+
+ cienaCesAclProfileId OBJECT-TYPE
+ SYNTAX Integer32 (1..65535)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The unique identifier of this ACL profile."
+ ::= { cienaCesAclProfileConfigTableEntry 1 }
+
+ cienaCesAclProfileName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE (1..31))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The unique name of this ACL profile."
+ ::= { cienaCesAclProfileConfigTableEntry 2 }
+
+ cienaCesAclProfileAdminState OBJECT-TYPE
+ SYNTAX CienaGlobalState
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The configured administrative State of the ACL profile."
+ ::= { cienaCesAclProfileConfigTableEntry 3 }
+
+ cienaCesAclProfileOperState OBJECT-TYPE
+ SYNTAX CienaGlobalState
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The Operational State of the ACL profile.
+ A profile is operationally enabled if it is administratively enabled
+ and attached to at least one interface. It is otherwise disabled.
+ Note that the ACL feature must also be globally enabled for
+ any profile to be operationally enabled."
+ ::= { cienaCesAclProfileConfigTableEntry 4 }
+
+ cienaCesAclProfileDefaultFilterAction OBJECT-TYPE
+ SYNTAX AclFilterAction
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The configured default filter action for this ACL profile."
+ ::= { cienaCesAclProfileConfigTableEntry 5 }
+
+ cienaCesAclProfileNumRules OBJECT-TYPE
+ SYNTAX Integer32 (1..256)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of ACL rules configured in this profile. There will always
+ be at least one rule defined in each profile - the default rule."
+ ::= { cienaCesAclProfileConfigTableEntry 6 }
+
+ cienaCesAclProfileAttachedInterfaces OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of interfaces to which this profile is attached."
+ ::= { cienaCesAclProfileConfigTableEntry 7 }
+
+
+ --
+ -- ACL Rule Config Table
+ --
+ cienaCesAclRuleConfigTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF CienaCesAclRuleConfigTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of ACL rules configured on the device. Each
+ entry contains the ACL rule configuration data."
+ ::= { cienaCesAclConfiguration 3 }
+
+ cienaCesAclRuleConfigTableEntry OBJECT-TYPE
+ SYNTAX CienaCesAclRuleConfigTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing the ACL rule configuration data."
+ INDEX { cienaCesAclProfileId,
+ cienaCesAclRulePrecedence
+ }
+ ::= { cienaCesAclRuleConfigTable 1 }
+
+ CienaCesAclRuleConfigTableEntry ::= SEQUENCE {
+ cienaCesAclRulePrecedence Unsigned32,
+ cienaCesAclRuleName DisplayString,
+ cienaCesAclRuleFilterAction AclFilterAction,
+ cienaCesAclRuleMatchAny TruthValue,
+ cienaCesAclRuleMatchSrcMacAddr TruthValue,
+ cienaCesAclRuleSrcMacAddr MacAddress,
+ cienaCesAclRuleSrcMacAddrMask MacAddress,
+ cienaCesAclRuleMatchDstMacAddr TruthValue,
+ cienaCesAclRuleDstMacAddr MacAddress,
+ cienaCesAclRuleDstMacAddrMask MacAddress,
+ cienaCesAclRuleMatchOuterVid TruthValue,
+ cienaCesAclRuleOuterVid Unsigned32,
+ cienaCesAclRuleOuterVidMask Unsigned32,
+ cienaCesAclRuleMatchOuterPcp TruthValue,
+ cienaCesAclRuleOuterPcp Unsigned32,
+ cienaCesAclRuleOuterPcpMask Unsigned32,
+ cienaCesAclRuleMatchOuterDei TruthValue,
+ cienaCesAclRuleOuterDei Unsigned32,
+ cienaCesAclRuleMatchBaseEtype TruthValue,
+ cienaCesAclRuleBaseEtype Unsigned32,
+ cienaCesAclRuleMatchSrcIpAddr TruthValue,
+ cienaCesAclRuleSrcIpAddrType InetAddressType,
+ cienaCesAclRuleSrcIpAddr InetAddress,
+ cienaCesAclRuleSrcIpAddrPrefixLength InetAddressPrefixLength,
+ cienaCesAclRuleMatchDstIpAddr TruthValue,
+ cienaCesAclRuleDstIpAddrType InetAddressType,
+ cienaCesAclRuleDstIpAddr InetAddress,
+ cienaCesAclRuleDstIpAddrPrefixLength InetAddressPrefixLength,
+ cienaCesAclRuleMatchIpProtocol TruthValue,
+ cienaCesAclRuleIpProtocol Unsigned32,
+ cienaCesAclRuleMatchDscp TruthValue,
+ cienaCesAclRuleDscp Unsigned32,
+ cienaCesAclRuleDscpMask Unsigned32,
+ cienaCesAclRuleMatchL4SrcPort AclL4PortMatchType,
+ cienaCesAclRuleL4SrcPort InetPortNumber,
+ cienaCesAclRuleL4SrcPortUpper InetPortNumber,
+ cienaCesAclRuleMatchL4DstPort AclL4PortMatchType,
+ cienaCesAclRuleL4DstPort InetPortNumber,
+ cienaCesAclRuleL4DstPortUpper InetPortNumber,
+ cienaCesAclRuleMatchL4DstProtocol AclL4DstProtocol,
+ cienaCesAclRuleMatchIpFragment AclIpFragmentMatchType,
+ cienaCesAclRuleMatchTcpFlags TruthValue,
+ cienaCesAclRuleTcpFlags DisplayString
+ }
+
+ cienaCesAclRulePrecedence OBJECT-TYPE
+ SYNTAX Unsigned32 (0..255)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The unique precedence value (within the profile) of this ACL rule."
+ ::= { cienaCesAclRuleConfigTableEntry 1 }
+
+ cienaCesAclRuleName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE (1..31))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The unique name (within the profile) of this ACL rule."
+ ::= { cienaCesAclRuleConfigTableEntry 2 }
+
+ cienaCesAclRuleFilterAction OBJECT-TYPE
+ SYNTAX AclFilterAction
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The configured filter action for this ACL rule."
+ ::= { cienaCesAclRuleConfigTableEntry 3 }
+
+ cienaCesAclRuleMatchAny OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches any traffic, False otherwise.
+ Matching on any traffic automatically disregards all the remaining fields."
+ ::= { cienaCesAclRuleConfigTableEntry 4 }
+
+ cienaCesAclRuleMatchSrcMacAddr OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the source MAC address, False otherwise.
+ When True, the cienaCesAclRuleSrcMacAddr and cienaCesAclRuleSrcMacAddrMask fields
+ will contain the source MAC address and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 5 }
+
+ cienaCesAclRuleSrcMacAddr OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the source MAC address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchSrcMacAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 6 }
+
+ cienaCesAclRuleSrcMacAddrMask OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the source MAC address mask that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchSrcMacAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 7 }
+
+ cienaCesAclRuleMatchDstMacAddr OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the destination MAC address, False otherwise.
+ When True, the cienaCesAclRuleDstMacAddr and cienaCesAclRuleDstMacAddrMask fields
+ will contain the destination MAC address and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 8 }
+
+ cienaCesAclRuleDstMacAddr OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the destination MAC address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDstMacAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 9 }
+
+ cienaCesAclRuleDstMacAddrMask OBJECT-TYPE
+ SYNTAX MacAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the destination MAC address mask that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDstMacAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 10 }
+
+ cienaCesAclRuleMatchOuterVid OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the outer VID, False otherwise.
+ When True, the cienaCesAclRuleOuterVid and cienaCesAclRuleOuterVidMask fields
+ will contain the outer VID value and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 11 }
+
+ cienaCesAclRuleOuterVid OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer VID that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchOuterVid field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 12 }
+
+ cienaCesAclRuleOuterVidMask OBJECT-TYPE
+ SYNTAX Unsigned32
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer VID mask that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchOuterVid field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 13 }
+
+ cienaCesAclRuleMatchOuterPcp OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the outer PCP, False otherwise.
+ When True, the cienaCesAclRuleOuterPcp and cienaCesAclRuleOuterPcpMask fields
+ will contain the outer PCP value and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 14 }
+
+ cienaCesAclRuleOuterPcp OBJECT-TYPE
+ SYNTAX Unsigned32 (0..7)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer PCP that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchOuterPcp field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 15 }
+
+ cienaCesAclRuleOuterPcpMask OBJECT-TYPE
+ SYNTAX Unsigned32 (0..7)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer PCP mask that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchOuterPcp field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 16 }
+
+ cienaCesAclRuleMatchOuterDei OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the outer DEI bit, False otherwise.
+ When True, the cienaCesAclRuleOuterDei field
+ will contain the outer DEI value that is to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 17 }
+
+ cienaCesAclRuleOuterDei OBJECT-TYPE
+ SYNTAX Unsigned32 (0..1)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer DEI bit that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchOuterDei field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 18 }
+
+ cienaCesAclRuleMatchBaseEtype OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the base ethertype, False otherwise.
+ When True, the cienaCesAclRuleBaseEtype field
+ will contain the base ethertype value that is to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 19 }
+
+ cienaCesAclRuleBaseEtype OBJECT-TYPE
+ SYNTAX Unsigned32 (0..65535)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the base ethertype that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchBaseEtype field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 20 }
+
+ cienaCesAclRuleMatchSrcIpAddr OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the source IP address, False otherwise.
+ When True, the cienaCesAclRuleSrcIpAddrType field will contain the
+ IP address type (IPv4 or IPv6) and the cienaCesAclRuleSrcIpAddr and
+ cienaCesAclRuleSrcIpAddrPrefixLength fields will contain the IP address
+ value and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 21 }
+
+ cienaCesAclRuleSrcIpAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Identifies the address family of the source IP address (IPv4/IPv6). This field is
+ not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False"
+ ::= { cienaCesAclRuleConfigTableEntry 22 }
+
+ cienaCesAclRuleSrcIpAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the source IP address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 23 }
+
+ cienaCesAclRuleSrcIpAddrPrefixLength OBJECT-TYPE
+ SYNTAX InetAddressPrefixLength
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the prefix length of the source IP address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchSrcIpAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 24 }
+
+ cienaCesAclRuleMatchDstIpAddr OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the destination IP address, False otherwise.
+ When True, the cienaCesAclRuleDstIpAddrType field will contain the
+ IP address type (IPv4 or IPv6) and the cienaCesAclRuleDstIpAddr and
+ cienaCesAclRuleDstIpAddrPrefixLength fields will contain the IP address
+ value and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 25 }
+
+ cienaCesAclRuleDstIpAddrType OBJECT-TYPE
+ SYNTAX InetAddressType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Identifies the address family of the destination IP address (IPv4/IPv6).
+ This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False"
+ ::= { cienaCesAclRuleConfigTableEntry 26 }
+
+ cienaCesAclRuleDstIpAddr OBJECT-TYPE
+ SYNTAX InetAddress
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the destination IP address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 27 }
+
+ cienaCesAclRuleDstIpAddrPrefixLength OBJECT-TYPE
+ SYNTAX InetAddressPrefixLength
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the prefix length of the destination IP address that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDstIpAddr field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 28 }
+
+ cienaCesAclRuleMatchIpProtocol OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the IP protocol, False otherwise.
+ When True, the cienaCesAclRuleIpProtocol field
+ will contain the IP protocol value that is to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 29 }
+
+ cienaCesAclRuleIpProtocol OBJECT-TYPE
+ SYNTAX Unsigned32 (0..255)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the IP protocol value that is to be matched by this rule. This field is
+ not applicable when the cienaCesAclRuleMatchIpProtocol field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 30 }
+
+ cienaCesAclRuleMatchDscp OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on the DSCP value, False otherwise.
+ When True, the cienaCesAclRuleDscp and cienaCesAclRuleDscpMask fields
+ will contain the DSCP value and mask that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 31 }
+
+ cienaCesAclRuleDscp OBJECT-TYPE
+ SYNTAX Unsigned32 (0..63)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the DSCP value that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDscp field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 32 }
+
+ cienaCesAclRuleDscpMask OBJECT-TYPE
+ SYNTAX Unsigned32 (0..63)
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the outer DSCP mask that is to be matched by this rule.
+ This field is not applicable when the cienaCesAclRuleMatchDscp field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 33 }
+
+ cienaCesAclRuleMatchL4SrcPort OBJECT-TYPE
+ SYNTAX AclL4PortMatchType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the type of L4 source port matching that the ACL rule is performing.
+ A value of 'any' indicates that the rule matches any L4 source port.
+ A value of 'single' indicates that the rules matches on a single L4 source port
+ specified in the cienaCesAclRuleL4SrcPort field. A value of 'range' indicates that
+ the rule matches on a range of ports, with the cienaCesAclRuleL4SrcPort field specifiying
+ the lower bound and the cienaCesAclRuleL4SrcPortUpper specifying the upper bound of the range."
+ ::= { cienaCesAclRuleConfigTableEntry 34 }
+
+ cienaCesAclRuleL4SrcPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the lower bound or single L4 source port value that is to be matched by this rule
+ depending on the value of cienaCesAclRuleMatchL4SrcPort.
+ This field is not applicable when the cienaCesAclRuleMatchL4SrcPort field is set to 'any'."
+ ::= { cienaCesAclRuleConfigTableEntry 35 }
+
+ cienaCesAclRuleL4SrcPortUpper OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the upper bound of the L4 source port range that is to be matched by this rule
+ depending on the value of cienaCesAclRuleMatchL4SrcPort.
+ This field is not applicable when the cienaCesAclRuleMatchL4SrcPort field is set to 'any' or 'single'."
+ ::= { cienaCesAclRuleConfigTableEntry 36 }
+
+ cienaCesAclRuleMatchL4DstPort OBJECT-TYPE
+ SYNTAX AclL4PortMatchType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the type of L4 destination port matching that the ACL rule is performing.
+ A value of 'any' indicates that the rule matches any L4 destination port.
+ A value of 'single' indicates that the rules matches on a single L4 destination port
+ specified in the cienaCesAclRuleL4SrcPort field. A value of 'range' indicates that
+ the rule matches on a range of ports, with the cienaCesAclRuleL4DstPort field specifiying
+ the lower bound and the cienaCesAclRuleL4DstPortUpper specifying the upper bound of the range."
+ ::= { cienaCesAclRuleConfigTableEntry 37 }
+
+ cienaCesAclRuleL4DstPort OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the lower bound or single L4 destination port value that is to be matched by this rule
+ depending on the value of cienaCesAclRuleMatchL4DstPort.
+ This field is not applicable when the cienaCesAclRuleMatchL4DstPort field is set to 'any'."
+ ::= { cienaCesAclRuleConfigTableEntry 38 }
+
+ cienaCesAclRuleL4DstPortUpper OBJECT-TYPE
+ SYNTAX InetPortNumber
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains the upper bound of the L4 destination port range that is to be matched by this rule
+ depending on the value of cienaCesAclRuleMatchL4DstPort.
+ This field is not applicable when the cienaCesAclRuleMatchL4DstPort field is set to 'any' or 'single'."
+ ::= { cienaCesAclRuleConfigTableEntry 39 }
+
+ cienaCesAclRuleMatchL4DstProtocol OBJECT-TYPE
+ SYNTAX AclL4DstProtocol
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the L4 destination protocol name that is to be matched by this rule.
+ A value of 'any' indicates that the rule will match any protocol. Note that
+ this field is mutually exclusive with cienaCesAclRuleMatchL4DstPort - i.e. only
+ one of these fields can have a value different from 'any' at a given time."
+ ::= { cienaCesAclRuleConfigTableEntry 40 }
+
+ cienaCesAclRuleMatchIpFragment OBJECT-TYPE
+ SYNTAX AclIpFragmentMatchType
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Indicates the type of IP fragment matching that is to be matched by this rule.
+ A value of 'any' indicates that the rule will match both fragmented and non-fragmented
+ packets. A value of 'fragment' indicates that the rule will match only fragmented packets.
+ A value of 'nonfragment' indicates that the rule will match only non-fragmented (head) packets."
+ ::= { cienaCesAclRuleConfigTableEntry 41 }
+
+ cienaCesAclRuleMatchTcpFlags OBJECT-TYPE
+ SYNTAX TruthValue
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "True if the ACL rule matches on specific TCP Flags, False otherwise.
+ When True, the cienaCesAclRuleTcpFlags field will contain the TCP Flags
+ that are to be matched by this rule."
+ ::= { cienaCesAclRuleConfigTableEntry 42 }
+
+ cienaCesAclRuleTcpFlags OBJECT-TYPE
+ SYNTAX DisplayString
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "Contains a comma-separated uppercase string list of TCP Flags
+ that are to be matched by this rule, i.e. 'SYN,ACK,RST,...'.
+ This field is not applicable when the cienaCesAclRuleMatchTcpFlags
+ field is set to False."
+ ::= { cienaCesAclRuleConfigTableEntry 43 }
+
+
+ --
+ -- ACL Profile Attachment Table
+ --
+ cienaCesAclProfileAttachmentTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF CienaCesAclProfileAttachmentTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table showing the interface attachments for each
+ profile on the device. Each entry contains the name of
+ the interface and the traffic direction on which the profile is applied."
+ ::= { cienaCesAclConfiguration 4 }
+
+ cienaCesAclProfileAttachmentTableEntry OBJECT-TYPE
+ SYNTAX CienaCesAclProfileAttachmentTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing the ACL profile attachment data."
+ INDEX { cienaCesAclProfileId,
+ cienaCesAclInterfaceType,
+ cienaCesAclInterfaceId
+ }
+ ::= { cienaCesAclProfileAttachmentTable 1 }
+
+ CienaCesAclProfileAttachmentTableEntry ::= SEQUENCE {
+ cienaCesAclInterfaceType AclInterfaceType,
+ cienaCesAclInterfaceId Integer32,
+ cienaCesAclInterfaceName DisplayString,
+ cienaCesAclDirection AclTrafficDirection
+ }
+
+ cienaCesAclInterfaceType OBJECT-TYPE
+ SYNTAX AclInterfaceType
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The type of the interface to which this ACL profile is attached."
+ ::= { cienaCesAclProfileAttachmentTableEntry 1 }
+
+ cienaCesAclInterfaceId OBJECT-TYPE
+ SYNTAX Integer32 (1..1048576)
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "The ID of the interface to which this ACL profile is attached."
+ ::= { cienaCesAclProfileAttachmentTableEntry 2 }
+
+ cienaCesAclInterfaceName OBJECT-TYPE
+ SYNTAX DisplayString (SIZE (1..31))
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The name of the interface to which this ACL profile is attached."
+ ::= { cienaCesAclProfileAttachmentTableEntry 3 }
+
+ cienaCesAclDirection OBJECT-TYPE
+ SYNTAX AclTrafficDirection
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The interface's traffic direction (ingress/egress) on which the ACL profile is applied."
+ ::= { cienaCesAclProfileAttachmentTableEntry 4 }
+
+
+
+ --
+ -- ACL Profile Global Rule Stats Table
+ --
+ cienaCesAclProfileGlobalRuleStatsTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF CienaCesAclProfileGlobalRuleStatsTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of global ACL profile rule statistics. Global ACL profile rule statistics
+ are the aggregate counts of the hit statistics for all instances of the ACL profile's rules."
+ ::= { cienaCesAclStatistics 1 }
+
+ cienaCesAclProfileGlobalRuleStatsTableEntry OBJECT-TYPE
+ SYNTAX CienaCesAclProfileGlobalRuleStatsTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing the ACL profile global rule hit statistics."
+ INDEX { cienaCesAclProfileId,
+ cienaCesAclRulePrecedence
+ }
+ ::= { cienaCesAclProfileGlobalRuleStatsTable 1 }
+
+ CienaCesAclProfileGlobalRuleStatsTableEntry ::= SEQUENCE {
+ cienaCesAclGlobalRuleStatsPacketCount Counter64,
+ cienaCesAclGlobalRuleStatsByteCount Counter64
+ }
+
+ cienaCesAclGlobalRuleStatsPacketCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of packets that matched this ACL rule."
+ ::= { cienaCesAclProfileGlobalRuleStatsTableEntry 1 }
+
+ cienaCesAclGlobalRuleStatsByteCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of bytes that matched this ACL rule."
+ ::= { cienaCesAclProfileGlobalRuleStatsTableEntry 2 }
+
+
+ --
+ -- ACL Profile Rule Instance Stats Table
+ --
+ cienaCesAclProfileRuleInstanceStatsTable OBJECT-TYPE
+ SYNTAX SEQUENCE OF CienaCesAclProfileRuleInstanceStatsTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "A table of ACL profile rule instance statistics. These ACL rule hit statistics are
+ specific to the rules applied on the particular interface."
+ ::= { cienaCesAclStatistics 2 }
+
+ cienaCesAclProfileRuleInstanceStatsTableEntry OBJECT-TYPE
+ SYNTAX CienaCesAclProfileRuleInstanceStatsTableEntry
+ MAX-ACCESS not-accessible
+ STATUS current
+ DESCRIPTION
+ "An entry containing the ACL profile rule instance hit statistics."
+ INDEX { cienaCesAclProfileId,
+ cienaCesAclInterfaceType,
+ cienaCesAclInterfaceId,
+ cienaCesAclRulePrecedence
+ }
+ ::= { cienaCesAclProfileRuleInstanceStatsTable 1 }
+
+ CienaCesAclProfileRuleInstanceStatsTableEntry ::= SEQUENCE {
+ cienaCesAclRuleInstanceStatsPacketCount Counter64,
+ cienaCesAclRuleInstanceStatsByteCount Counter64
+ }
+
+ cienaCesAclRuleInstanceStatsPacketCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of packets that matched this ACL rule instance."
+ ::= { cienaCesAclProfileRuleInstanceStatsTableEntry 1 }
+
+ cienaCesAclRuleInstanceStatsByteCount OBJECT-TYPE
+ SYNTAX Counter64
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+ "The number of bytes that matched this ACL rule instance."
+ ::= { cienaCesAclProfileRuleInstanceStatsTableEntry 2 }
+
+
+
+END
+
|