-- ***************************************************************** -- FS-ACL-MIB.mib: FS Acl MIB file -- -- March 2002, Wuzg -- -- Copyright (c) 2002 by FS.COM Inc.. -- All rights reserved. -- -- ***************************************************************** -- FS-ACL-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, IpAddress FROM SNMPv2-SMI TruthValue, DisplayString, RowStatus, MacAddress FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF IfIndex, ConfigStatus FROM FS-TC fsMgmt FROM FS-SMI; fsAclMIB MODULE-IDENTITY LAST-UPDATED "200203200000Z" ORGANIZATION "FS.COM Inc.." CONTACT-INFO " Tel: 400-865-2852 E-mail: https://www.fs.com/live_chat_service_mail.html" DESCRIPTION "This module defines fs acl mibs." REVISION "200203200000Z" DESCRIPTION "Initial version of this MIB module." ::= { fsMgmt 17} --ACLNO ::= TEXTUAL-CONVENTION -- STATUS current -- DESCRIPTION -- " Serial number of Access control list entry, Access control list entry of -- bigger ACL number will have higher implement priority. One ACL number -- corresponding to only one entry." -- SYNTAX INTEGER -- Access control list fsAclMIBObjects OBJECT IDENTIFIER ::= { fsAclMIB 1 } fsAclTable OBJECT-TYPE SYNTAX SEQUENCE OF FSAclEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of acl request entries." ::= { fsAclMIBObjects 1 } fsAclEntry OBJECT-TYPE SYNTAX FSAclEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry contains acl name and mode." INDEX { fsAclName } ::= { fsAclTable 1 } FSAclEntry ::= SEQUENCE { fsAclName DisplayString, fsAclMode INTEGER, fsAclEntryStatus ConfigStatus } fsAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Access list name of this entry.This value is unique for every entry When this string be used as an index,Value of a sub-identifier equal ASCII value of corresponding character(first sub-identifier corresponds first character of string). The number of sub-identifiers of this string must be 32,If length of string is less than 32 the sub-identifier(0x0) will be filled in tail." ::= { fsAclEntry 1 } fsAclMode OBJECT-TYPE SYNTAX INTEGER{ acl-ip-standard(1), acl-ip-extended(2), acl-mac-extended(3), acl-expert(4), acl-ipv6-extended(5) } MAX-ACCESS read-create STATUS current DESCRIPTION " Config mode of this ACL" ::= { fsAclEntry 2 } fsAclEntryStatus OBJECT-TYPE SYNTAX ConfigStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Status of this entry, set its value to invalid will delete this entry. set its value to valid has no effect." ::= { fsAclEntry 3 } --fsAceTable OBJECT-TYPEV -- SYNTAX SEQUENCE OF FSAceEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION -- "A table of ACE request entries." -- ::= { fsAclMIBObjects 2 } this OID is obsolete --fsAceEntry OBJECT-TYPE -- SYNTAX FSAceEntry -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION -- "Entry contains ace parameters and results. -- -- A management station wishing to create an entry should -- first generate a pseudo-random serial number to be used -- as the index to a ace entry of a acl. The station should -- then create the associated entry. -- -- We must set all specifies valid values for the -- non-defaulted configuration objects, certainly, it should -- also modify the default values for the other configuration -- objects if the defaults are not appropriate. -- -- Once the appropriate instance of all the configuration -- objects have been created or set,the row status should be set -- to active to initiate the request." -- INDEX { fsAceAclName,fsAceIndex } -- ::= { fsAceTable 1 } -- --FSAceEntry ::= -- SEQUENCE { -- fsAceAclName DisplayString, -- fsAceIndex Integer32, -- fsAceIfAnyVID TruthValue, -- fsAceVID Unsigned32, -- fsAceIfAnySourceIp TruthValue, -- fsAceSourceIp IpAddress, -- fsAceIfAnySourceWildCard TruthValue, -- fsAceSourceWildCard IpAddress, -- fsAceIfAnySourceMacAddr TruthValue, -- fsAceSourceMacAddr MacAddress, -- fsAceIfAnyDestIp TruthValue, -- fsAceDestIp IpAddress, -- fsAceIfAnyDestWildCard TruthValue, -- fsAceDestIpWildCard IpAddress, -- fsAceIfAnyDestMacAddr TruthValue, -- fsAceDestMacAddr MacAddress, -- fsAceIfAnyEtherLikeType TruthValue, -- fsAceEtherLikeType Integer32, -- fsAceIfAnyIpProtocolField TruthValue, -- fsAceIpProtocolField Integer32, -- fsAceIfAnySourceProtocolPort TruthValue, -- fsAceSourceProtocolPort Integer32, -- fsAceIfAnyDestProtocolPort TruthValue, -- fsAceDestProtocolPort Integer32, -- fsAceIfAnyProtocolType TruthValue, -- fsAceProtocolType Integer32, -- fsAceFlowAction INTEGER, -- fsAceEntryStauts RowStatus, -- fsAceTimeRangeName DisplayString -- } -- --fsAceAclName OBJECT-TYPE -- SYNTAX DisplayString(SIZE (1..32)) -- MAX-ACCESS read-only -- STATUS current -- DESCRIPTION -- "Access list name of this ace belong to. -- When this string be used as an index,Value of a sub-identifier equal -- ASCII value of corresponding character(first sub-identifier corresponds -- first character of string). The number of sub-identifiers of this string -- must be 32,If length of string is less than 32 the sub-identifier(0x0) -- will be filled in tail." -- ::= { fsAceEntry 1 } -- --fsAceIndex OBJECT-TYPE -- SYNTAX Integer32(1..2147483647) -- MAX-ACCESS read-only -- STATUS current -- DESCRIPTION -- "Object which specifies a unique entry in the -- fsAclTable. A management station wishing -- to initiate a acl operation should use a -- pseudo-random value for this object when creating -- or modifying an instance of a fsAclEntry. -- The RowStatus semantics of the fsAclEntryStatus -- object will prevent access conflicts." -- ::= { fsAceEntry 2 } -- --fsAceIfAnyVID OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "VID of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 3 } -- --fsAceVID OBJECT-TYPE -- SYNTAX Unsigned32(0..4094) -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "VID of Ace flow definition." -- ::= { fsAceEntry 4 } -- --fsAceIfAnySourceIp OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source Ip of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 5 } -- --fsAceSourceIp OBJECT-TYPE -- SYNTAX IpAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Sourece ip address of Ace flow definition." -- ::= { fsAceEntry 6 } -- --fsAceIfAnySourceWildCard OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source Ip wild card of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 7 } -- --fsAceSourceWildCard OBJECT-TYPE -- SYNTAX IpAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Sourece ip wild card(in reverse ip address mask)of Ace flow definition." -- ::= { fsAceEntry 8 } -- --fsAceIfAnySourceMacAddr OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source mac address of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 9 } -- --fsAceSourceMacAddr OBJECT-TYPE -- SYNTAX MacAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Sourece Mac address of Ace flow definition." -- ::= { fsAceEntry 10 } -- --fsAceIfAnyDestIp OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Destination Ip wild card of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 11 } -- --fsAceDestIp OBJECT-TYPE -- SYNTAX IpAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Destination ip address of Ace flow definition." -- ::= { fsAceEntry 12 } -- --fsAceIfAnyDestWildCard OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source Ip wild card of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 13 } -- --fsAceDestIpWildCard OBJECT-TYPE -- SYNTAX IpAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Destination ip wild card(in reverse ip address mask) of Ace flow definition." -- ::= { fsAceEntry 14 } -- --fsAceIfAnyDestMacAddr OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source Ip wild card of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 15 } -- --fsAceDestMacAddr OBJECT-TYPE -- SYNTAX MacAddress -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Destination Mac address of Ace flow definition." -- ::= { fsAceEntry 16 } -- --fsAceIfAnyEtherLikeType OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Ether Like Type in MAC packet will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 17 } -- --fsAceEtherLikeType OBJECT-TYPE -- SYNTAX Integer32 -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Ether Like Type in MAC packet of Ace flow definition. " -- ::= { fsAceEntry 18 } -- --fsAceIfAnyIpProtocolField OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Source Ip wild card of class will not be checked if this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 19 } -- --fsAceIpProtocolField OBJECT-TYPE -- SYNTAX Integer32 -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of protocol field in IP packet of Ace flow definition." -- ::= { fsAceEntry 20 } -- --fsAceIfAnySourceProtocolPort OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of source protocol port in IP packet will not be checked if -- this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 21 } -- --fsAceSourceProtocolPort OBJECT-TYPE -- SYNTAX Integer32 -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of source protocol port in IP packet of Ace flow definition. It is -- significative only to those protocol which support this field." -- ::= { fsAceEntry 22 } -- --fsAceIfAnyDestProtocolPort OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "he value of destination protocol port in IP packet will not be checked if -- this value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 23 } -- --fsAceDestProtocolPort OBJECT-TYPE -- SYNTAX Integer32 -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of destination protocol port in IP packet of Ace flow definition. It is -- significative only to those protocol which support this field(tcp,udp)." -- ::= { fsAceEntry 24 } -- --fsAceIfAnyProtocolType OBJECT-TYPE -- SYNTAX TruthValue -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of protocol type field in IP packet will not be checked if this -- value is true." -- DEFVAL{ true } -- ::= { fsAceEntry 25 } -- --fsAceProtocolType OBJECT-TYPE -- SYNTAX Integer32 -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "The value of protocol type field in IP packet of Ace flow definition. It is -- significative only to those protocol which support this field(icmp,igmp)." -- ::= { fsAceEntry 26 } -- --fsAceFlowAction OBJECT-TYPE -- SYNTAX INTEGER{ -- permit(1), -- delay(2) -- } -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "Permit indicate that the kind of flow which entry define will be allow to access , -- delay indicate that the kind of flow which entry define will be refuse to access" -- ::= { fsAceEntry 27 } -- --fsAceEntryStauts OBJECT-TYPE -- SYNTAX RowStatus -- MAX-ACCESS read-create -- STATUS current -- DESCRIPTION -- "entry status for this list." -- ::= { fsAceEntry 28 } -- --fsAceTimeRangeName OBJECT-TYPE -- SYNTAX DisplayString(SIZE (0..32)) -- MAX-ACCESS not-accessible -- STATUS current -- DESCRIPTION -- "Name of time-range of this ACE match. It indicate that -- this ACE doesn't match any time-range if this string is null" -- ::= { fsAceEntry 29 } fsAclIfTable OBJECT-TYPE SYNTAX SEQUENCE OF FSAclIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "list of ACL interface objects." ::= { fsAclMIBObjects 3 } fsAclIfEntry OBJECT-TYPE SYNTAX FSAclIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry ACL interface information." INDEX { fsAclIfIndex } ::= { fsAclIfTable 1 } FSAclIfEntry ::= SEQUENCE { fsAclIfIndex IfIndex, fsAclIfMaxEntryNum Integer32, fsAclIfCurruntEntryNum Integer32, fsIfInAclName DisplayString, fsIfOutAclName DisplayString, fsAclIf6MaxEntryNum Integer32, fsAclIf6CurruntEntryNum Integer32, fsIf6InAclName DisplayString, fsIf6OutAclName DisplayString } fsAclIfIndex OBJECT-TYPE SYNTAX IfIndex MAX-ACCESS read-only STATUS current DESCRIPTION " " ::= { fsAclIfEntry 1 } fsAclIfMaxEntryNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Max num of ACL entry(ACE) in a interface." ::= { fsAclIfEntry 2 } fsAclIfCurruntEntryNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Currunt valid num of ACL entry(ACE) in a interface." ::= { fsAclIfEntry 3 } fsIfInAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Access list name of ACL of this interface match for input. It indicate that this interface doesn't match any ACL for input if this string is null" ::= { fsAclIfEntry 4 } fsIfOutAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Access list name of ACL of this interface match for output. It indicate that this interface doesn't match any ACL for output if this string is null This relation function apply only L3 interface." ::= { fsAclIfEntry 5 } fsAclIf6MaxEntryNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Max num of ACL6 entry(ACE) in a interface." ::= { fsAclIfEntry 6 } fsAclIf6CurruntEntryNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Currunt valid num of ACL6 entry(ACE) in a interface." ::= { fsAclIfEntry 7 } fsIf6InAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Access list name of ACL6 of this interface match for input. It indicate that this interface doesn't match any ACL for input if this string is null" ::= { fsAclIfEntry 8 } fsIf6OutAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Access list name of ACL6 of this interface match for output. It indicate that this interface doesn't match any ACL for output if this string is null This relation function apply only L3 interface." ::= { fsAclIfEntry 9 } fsAceExtTable OBJECT-TYPE SYNTAX SEQUENCE OF FSAceExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of ACE request entries." ::= { fsAclMIBObjects 4 } fsAceExtEntry OBJECT-TYPE SYNTAX FSAceExtEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry contains ace parameters and results. A management station wishing to create an entry should first generate a pseudo-random serial number to be used as the index to a ace entry of a acl. The station should then create the associated entry. We must set all specifies valid values for the non-defaulted configuration objects, certainly, it should also modify the default values for the other configuration objects if the defaults are not appropriate. Once the appropriate instance of all the configuration objects have been created or set,the row status should be set to active to initiate the request." INDEX { fsAceExtAclName,fsAceExtIndex } ::= { fsAceExtTable 1 } FSAceExtEntry ::= SEQUENCE { fsAceExtAclName DisplayString, fsAceExtIndex Integer32, fsAceExtIfAnyVID TruthValue, fsAceExtVID Unsigned32, fsAceExtIfAnySourceIp TruthValue, fsAceExtSourceIp IpAddress, fsAceExtIfAnySourceWildCard TruthValue, fsAceExtSourceWildCard IpAddress, fsAceExtIfAnySourceMacAddr TruthValue, fsAceExtSourceMacAddr MacAddress, fsAceExtIfAnyDestIp TruthValue, fsAceExtDestIp IpAddress, fsAceExtIfAnyDestWildCard TruthValue, fsAceExtDestIpWildCard IpAddress, fsAceExtIfAnyDestMacAddr TruthValue, fsAceExtDestMacAddr MacAddress, fsAceExtIfAnyEtherLikeType TruthValue, fsAceExtEtherLikeType Integer32, fsAceExtIfAnyIpProtocolField TruthValue, fsAceExtIpProtocolField Integer32, fsAceExtSourceProtocolPort Integer32, fsAceExtDestProtocolPort Integer32, fsAceExtIfAnyProtocolType TruthValue, fsAceExtProtocolType Integer32, fsAceExtFlowAction INTEGER, fsAceExtEntryStauts RowStatus, fsAceExtTimeRangeName DisplayString, fsAceExtSourcePortOp INTEGER, fsAceExtSourceProtocolPortRange Integer32, fsAceExtDestPortOp INTEGER, fsAceExtDestProtocolPortRange Integer32, fsAceExtIfAnyCos TruthValue, fsAceExtCos Integer32, fsAceExtIfAnyIpPrec TruthValue, fsAceExtIpPrec Integer32, fsAceExtIfAnyDscp TruthValue, fsAceExtDscp Integer32, fsAceExtIfAnySourceMacAddrWildCard TruthValue, fsAceExtSourceMacAddrWildCard MacAddress, fsAceExtIfAnyDestMacAddrWildCard TruthValue, fsAceExtDestMacAddrWildCard MacAddress, fsAceExtIfAnyTcpFlag TruthValue, fsAceExtTcpFlag Integer32, fsAceExtIfAnySourceIp6 TruthValue, fsAceExtSourceIp6 OCTET STRING, fsAceExtIfAnySourceIp6WildCard TruthValue, fsAceExtSourceIp6WildCard OCTET STRING, fsAceExtIfAnyDestIp6 TruthValue, fsAceExtDestIp6 OCTET STRING, fsAceExtIfAnyDestIp6WildCard TruthValue, fsAceExtDestIp6WildCard OCTET STRING } fsAceExtAclName OBJECT-TYPE SYNTAX DisplayString(SIZE (1..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Access list name of this ace belong to. When this string be used as an index,Value of a sub-identifier equal ASCII value of corresponding character(first sub-identifier corresponds first character of string). The number of sub-identifiers of this string must be 32,If length of string is less than 32 the sub-identifier(0x0) will be filled in tail." ::= { fsAceExtEntry 1 } fsAceExtIndex OBJECT-TYPE SYNTAX Integer32(1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "Object which specifies a unique entry in the fsAclTable. A management station wishing to initiate a acl operation should use a pseudo-random value for this object when creating or modifying an instance of a fsAclEntry. The RowStatus semantics of the fsAclEntryStatus object will prevent access conflicts." ::= { fsAceExtEntry 2 } fsAceExtIfAnyVID OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "VID of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 3 } fsAceExtVID OBJECT-TYPE SYNTAX Unsigned32(0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "VID of Ace flow definition." ::= { fsAceExtEntry 4 } fsAceExtIfAnySourceIp OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source Ip of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 5 } fsAceExtSourceIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Sourece ip address of Ace flow definition." ::= { fsAceExtEntry 6 } fsAceExtIfAnySourceWildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source Ip wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 7 } fsAceExtSourceWildCard OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Sourece ip wild card(in reverse ip address mask)of Ace flow definition." ::= { fsAceExtEntry 8 } fsAceExtIfAnySourceMacAddr OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source mac address of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 9 } fsAceExtSourceMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Sourece Mac address of Ace flow definition." ::= { fsAceExtEntry 10 } fsAceExtIfAnyDestIp OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Destination Ip wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 11 } fsAceExtDestIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination ip address of Ace flow definition." ::= { fsAceExtEntry 12 } fsAceExtIfAnyDestWildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source Ip wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 13 } fsAceExtDestIpWildCard OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination ip wild card(in reverse ip address mask) of Ace flow definition." ::= { fsAceExtEntry 14 } fsAceExtIfAnyDestMacAddr OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source Ip wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 15 } fsAceExtDestMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination Mac address of Ace flow definition." ::= { fsAceExtEntry 16 } fsAceExtIfAnyEtherLikeType OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Ether Like Type in MAC packet will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 17 } fsAceExtEtherLikeType OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "Ether Like Type in MAC packet of Ace flow definition. " ::= { fsAceExtEntry 18 } fsAceExtIfAnyIpProtocolField OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Source Ip wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 19 } fsAceExtIpProtocolField OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of protocol field in IP packet of Ace flow definition." ::= { fsAceExtEntry 20 } fsAceExtSourceProtocolPort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of source protocol port in IP packet of Ace flow definition. It is significative only to those protocol which support this field." ::= { fsAceExtEntry 21 } fsAceExtDestProtocolPort OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of destination protocol port in IP packet of Ace flow definition. It is significative only to those protocol which support this field(tcp,udp)." ::= { fsAceExtEntry 22 } fsAceExtIfAnyProtocolType OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The value of protocol type field in IP packet will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 23 } fsAceExtProtocolType OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of protocol type field in IP packet of Ace flow definition. It is significative only to those protocol which support this field(icmp,igmp)." ::= { fsAceExtEntry 24 } fsAceExtFlowAction OBJECT-TYPE SYNTAX INTEGER{ permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Permit indicate that the kind of flow which entry define will be allow to access , deny indicate that the kind of flow which entry define will be refuse to access" ::= { fsAceExtEntry 25 } fsAceExtEntryStauts OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "entry status for this list." ::= { fsAceExtEntry 26 } fsAceExtTimeRangeName OBJECT-TYPE SYNTAX DisplayString(SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Name of time-range of this ACE match. It indicate that this ACE doesn't match any time-range if this string is null" ::= { fsAceExtEntry 27 } fsAceExtSourcePortOp OBJECT-TYPE SYNTAX INTEGER { noOperator(1), lt(2), gt(3), eq(4), neq(5), range(6) } MAX-ACCESS read-write STATUS current DESCRIPTION "noOperator(1), which is the default value, means that no comparison is to be made with the Source TCP/UDP port number. lt(2) means less than. gt(3) means greater than. eq(4) means equal. neq(5) means not equal." ::= { fsAceExtEntry 28 } fsAceExtSourceProtocolPortRange OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The ending value of source protocol port in IP packet of Ace flow definition. It is significative only to those protocol which support this field. The fsAceExtSourcePortOp must set to range(6)." ::= { fsAceExtEntry 29 } fsAceExtDestPortOp OBJECT-TYPE SYNTAX INTEGER { noOperator(1), lt(2), gt(3), eq(4), neq(5), range(6) } MAX-ACCESS read-write STATUS current DESCRIPTION "noOperator(1), which is the default value, means that no comparison is to be made with the Dest TCP/UDP port number. lt(2) means less than. gt(3) means greater than. eq(4) means equal. neq(5) means not equal." ::= { fsAceExtEntry 30 } fsAceExtDestProtocolPortRange OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The ending value of dest protocol port in IP packet of Ace flow definition. It is significative only to those protocol which support this field. The fsAceExtSourcePortOp must set to range(6)." ::= { fsAceExtEntry 31 } fsAceExtIfAnyCos OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Cos will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 32 } fsAceExtCos OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Cos of Ace flow definition." ::= { fsAceExtEntry 33 } fsAceExtIfAnyIpPrec OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Ip precedence will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 34 } fsAceExtIpPrec OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Ip precedence of Ace flow definition." ::= { fsAceExtEntry 35 } fsAceExtIfAnyDscp OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Dscp will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 36 } fsAceExtDscp OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Dscp of Ace flow definition." ::= { fsAceExtEntry 37 } fsAceExtIfAnyTcpFlag OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Tcp flag will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 38 } fsAceExtTcpFlag OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Tcp flag of Ace flow definition." ::= { fsAceExtEntry 39 } fsAceExtIfAnySourceMacAddrWildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Source mac address wildcard of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 40 } fsAceExtSourceMacAddrWildCard OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Sourece Mac address wildcard of Ace flow definition." ::= { fsAceExtEntry 41 } fsAceExtIfAnyDestMacAddrWildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Dest mac address wildcard of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 42 } fsAceExtDestMacAddrWildCard OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Dest Mac address wildcard of Ace flow definition." ::= { fsAceExtEntry 43 } fsAceExtIfAnySourceIp6 OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Source Ipv6 address of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 44 } fsAceExtSourceIp6 OBJECT-TYPE SYNTAX OCTET STRING (SIZE (16)) MAX-ACCESS read-write STATUS current DESCRIPTION "Sourece ipv6 address of Ace flow definition." ::= { fsAceExtEntry 45 } fsAceExtIfAnySourceIp6WildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Source Ipv6 address wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 46 } fsAceExtSourceIp6WildCard OBJECT-TYPE SYNTAX OCTET STRING (SIZE (16)) MAX-ACCESS read-write STATUS current DESCRIPTION "Sourece ipv6 address wild card(in reverse ip address mask)of Ace flow definition." ::= { fsAceExtEntry 47 } fsAceExtIfAnyDestIp6 OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Dest Ipv6 address of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 48 } fsAceExtDestIp6 OBJECT-TYPE SYNTAX OCTET STRING (SIZE (16)) MAX-ACCESS read-write STATUS current DESCRIPTION "Dest ipv6 address of Ace flow definition." ::= { fsAceExtEntry 49 } fsAceExtIfAnyDestIp6WildCard OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Dest Ipv6 address wild card of class will not be checked if this value is true." DEFVAL{ true } ::= { fsAceExtEntry 50 } fsAceExtDestIp6WildCard OBJECT-TYPE SYNTAX OCTET STRING (SIZE (16)) MAX-ACCESS read-write STATUS current DESCRIPTION "Dest ipv6 address wild card(in reverse ip address mask)of Ace flow definition." ::= { fsAceExtEntry 51 } -- conformance information fsAclMIBConformance OBJECT IDENTIFIER ::= { fsAclMIB 2 } fsAclMIBCompliances OBJECT IDENTIFIER ::= { fsAclMIBConformance 1 } fsAclMIBGroups OBJECT IDENTIFIER ::= { fsAclMIBConformance 2 } -- compliance statements fsAclMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the FS Acl MIB" MODULE -- this module MANDATORY-GROUPS { fsAclMIBGroup } ::= { fsAclMIBCompliances 1 } -- units of conformance fsAclMIBGroup OBJECT-GROUP OBJECTS { fsAclName, fsAclMode, fsAclEntryStatus, fsAceExtAclName, fsAceExtIndex, fsAceExtIfAnyVID, fsAceExtVID, fsAceExtIfAnySourceIp, fsAceExtSourceIp, fsAceExtIfAnySourceWildCard, fsAceExtSourceWildCard, fsAceExtIfAnySourceMacAddr, fsAceExtSourceMacAddr, fsAceExtIfAnyDestIp, fsAceExtDestIp, fsAceExtIfAnyDestWildCard, fsAceExtDestIpWildCard, fsAceExtIfAnyDestMacAddr, fsAceExtDestMacAddr, fsAceExtIfAnyEtherLikeType, fsAceExtEtherLikeType, fsAceExtIfAnyIpProtocolField, fsAceExtIpProtocolField, fsAceExtSourceProtocolPort, fsAceExtDestProtocolPort, fsAceExtProtocolType, fsAceExtProtocolType, fsAceExtFlowAction, fsAceExtEntryStauts, fsAceExtTimeRangeName, fsAceExtSourcePortOp, fsAceExtSourceProtocolPortRange, -- fsAceExtIfAnySourceProtocolPort, fsAceExtDestPortOp, fsAceExtDestProtocolPortRange, -- fsAceExtIfAnyDestProtocolPort, fsAceExtIfAnyCos, fsAceExtCos, fsAceExtIfAnyIpPrec, fsAceExtIpPrec, fsAceExtIfAnyDscp, fsAceExtDscp, fsAceExtIfAnyTcpFlag, fsAceExtTcpFlag, fsAceExtIfAnySourceMacAddrWildCard, fsAceExtSourceMacAddrWildCard, fsAceExtIfAnyDestMacAddrWildCard, fsAceExtDestMacAddrWildCard, fsAceExtIfAnySourceIp6, fsAceExtSourceIp6, fsAceExtIfAnySourceIp6WildCard, fsAceExtSourceIp6WildCard, fsAceExtIfAnyDestIp6, fsAceExtDestIp6, fsAceExtIfAnyDestIp6WildCard, fsAceExtDestIp6WildCard, fsAclIfIndex, fsAclIfMaxEntryNum, fsAclIfCurruntEntryNum, fsIfInAclName, fsIfOutAclName } STATUS current DESCRIPTION "A collection of objects providing acl (echo) ability to a FS agent." ::= { fsAclMIBGroups 1 } END