-- ============================================================================ -- Copyright (c) 2010-2014 Hewlett-Packard Development Company, L.P. -- -- Description: -- Reference: -- Version: V3.3 -- History: -- V1.0 created by yuhui. -- V2.0 2004-10-12 updated by gaolong -- Define MODULE-IDENTITY for hpnicfAcl -- Remove chinese characters -- Add limitation(0..65535) for some table index -- Fix a default value error of hpnicfAclAdvancedEstablish -- V2.1 2004-11-18 updated by yubo -- Add 'hpnicfAclIDSTable' for IDS -- V2.2 2004-12-13 -- Fix syntax bugs and adjust format of the whole file by jinyi -- Modify description of hpnicfAclAdvancedDscp by zhuangyu -- V2.3 2005-1-26 updated by WuZhao02557 -- Change MAX-ACCESS from read-create to not-accessible for the -- following MIB nodes: -- hpnicfAclNumGroupAclNum, hpnicfAclNameGroupIndex, hpnicfAclBasicAclNum, -- hpnicfAclBasicSubitem, hpnicfAclAdvancedAclNum, hpnicfAclAdvancedSubitem -- hpnicfAclIfAclNum, hpnicfAclIfSubitem, hpnicfAclLinkAclNum, hpnicfAclLinkSubitem -- hpnicfAclUserAclNum, hpnicfAclUserSubitem, hpnicfAclActiveAclIndex, -- hpnicfAclActiveIfIndex, hpnicfAclActiveVlanID, hpnicfAclActiveDirection -- Adjust format of whole file. -- 2005-01-27 updated by zhangyinxi -- 1. Add objects hpnicfAclLinkL2LabelRangeOp, hpnicfAclLinkL2LabelRangeBegin -- hpnicfAclLinkL2LabelRangeEnd and hpnicfAclLinkMplsExp in hpnicfAclLinkTable -- 2. Add an enumeration mpls(34887) to object hpnicfAclLinkProtocol -- 3. Expand the range of object hpnicfAclActiveVlanID to Integer32 -- V2.4 2005-2-24 -- Make the index of hpnicfAclIDSTable IMPLIED by fuzhenyu because IDS devices -- require fixed length index to be used. IDS devices only provide index -- with no sub-identifier indicating the length of the string. -- Modify enum name(value is 4) of hpnicfAclLinkFormatType to ieee802Dot3 by daishijun -- V2.5 2005-7-25 -- Add objects hpnicfAclMib2Mode, hpnicfAclVersion, hpnicfAclMib2ObjectsCapabilities, -- hpnicfAclIPAclNumGroupTable, hpnicfAclIPAclBasicTable, hpnicfAclIPAclAdvancedTable, -- hpnicfAclMACTable, hpnicfAclEnUserTable by tangshun. -- V2.6 2006-01-03 -- Add objects hpnicfAclIPAclBasicComment, hpnicfAclIPAclAdvancedComment, -- hpnicfAclMACComment, hpnicfAclEnUserComment by tangshun. -- V2.7 2006-03-09 updated by changhuifeng -- Add object hpnicfAclIPAclAdvancedReflective in hpnicfAclIPAclAdvancedTable. -- Modify the description of object hpnicfAclIPAclAdvancedFragmentFlag. -- Modify the description of object hpnicfAclMib2Version. -- Modify the description of object hpnicfAclLinkDestAny for text error. -- Modify the description of object hpnicfAclMib2CharacteristicsValue. -- V2.8 2006-07-06 updated by xialei -- Modify the description of hpnicfAclIPAclAdvancedIcmpType -- and hpnicfAclIPAclAdvancedIcmpCode. -- Change value range of hpnicfAclIPAclAdvancedIcmpCode. -- V2.9 2006-08-08 updated by chenzhaojie -- Add enumeration value to hpnicfAclActiveDirection. -- V3.0 2010-09-01 updated by zhaixiaoxiang -- Add hpnicfAclResourceUsageTable. -- V3.1 2012-02-06 updated by wangchenxiao -- Add hpnicfPacketfilterTrapObjects -- Add hpnicfPacketfilterTrap -- 2012-02-14 updated by mouxuanli -- Add hpnicfAclMib2ProcessingStatus of object hpnicfAclMib2NodesGroup -- Add hpnicfAclNumberGroupName of object hpnicfAclNumberGroupTable -- Add hpnicfAclIPAclBasicCounting of object hpnicfAclIPAclBasicTable -- Add hpnicfAclIPAclBasicRouteTypeAny of object hpnicfAclIPAclBasicTable -- Add hpnicfAclIPAclBasicRouteTypeValue of object hpnicfAclIPAclBasicTable -- Add hpnicfAclIPAclAdvancedCounting of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedTCPFlagMask of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedTCPFlagValue of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedRouteTypeAny of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedRouteTypeValue of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedFlowLabel of object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclMACLog of object hpnicfAclMACTable -- Add hpnicfAclMACCounting of object hpnicfAclMACTable -- Add hpnicfAclEnUserLog of object hpnicfAclEnUserTable -- Add hpnicfAclEnUserCounting of object hpnicfAclEnUserTable -- Modify the description of hpnicfAclResourceType -- Add hpnicfAclResourceTypeDescription of object hpnicfAclResourceUsageTable -- Add hpnicfAclPacketFilterObjects -- V3.2 2012-11-30 updated by gaoyu -- Add hpnicfPfilterRunApplyObjType of object hpnicfPfilterAclGroupRunInfoTable -- Add hpnicfPfilterRunApplyObjIndex of object hpnicfPfilterAclGroupRunInfoTable -- Add hpnicfPfilterRunApplyDirection of object hpnicfPfilterAclGroupRunInfoTable -- Add hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclGroupRunInfoTable -- Add hpnicfPfilterRunApplyAclIndex of object hpnicfPfilterAclGroupRunInfoTable -- modify the hpnicfPfilterRunApplyObjType of object hpnicfPfilterAclRuleRunInfoTable -- modify the hpnicfPfilterRunApplyObjIndex of object hpnicfPfilterAclRuleRunInfoTable -- modify the hpnicfPfilterRunApplyDirection of object hpnicfPfilterAclRuleRunInfoTable -- modify the hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclRuleRunInfoTable -- modify the hpnicfPfilterRunApplyAclIndex of object hpnicfPfilterAclRuleRunInfoTable -- V3.3 2013-11-30 updated by gaoyu -- Add hpnicfAclNamedGroupTable to object hpnicfAclMib2GlobalGroup -- Add hpnicfAclIPAclNamedBscTable to object hpnicfAclIPAclGroup -- Add hpnicfAclIPAclNamedAdvTable to object hpnicfAclIPAclGroup -- Add hpnicfAclNamedMACTable to object hpnicfAclMACAclGroup -- Add hpnicfAclIntervalGroup to object hpnicfAclMib2Objects -- Modify hpnicfPfilterApplyAclType of object hpnicfPfilterApplyTable -- Modify hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclGroupRunInfoTable -- Modify hpnicfPfilterSumAclType of object hpnicfPfilterStatisticSumTable -- Add hpnicfPfilter2ApplyTable to object hpnicfAclPacketFilterObjects -- Add hpnicfPfilter2AclGroupRunInfoTable to object hpnicfAclPacketFilterObjects -- Add hpnicfPfilter2AclRuleRunInfoTable to object hpnicfAclPacketFilterObjects -- Add hpnicfPfilter2StatisticSumTable to object hpnicfAclPacketFilterObjects -- Add hpnicfAclPacketIfName to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketDirection to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketBAGG to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketVlanID to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketSrcIP to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketDstIP to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketProtocol to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketDscp to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketFlowLabel to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketIcmpIgmpType to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketIcmpIgmpCode to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketTcpFlags to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketSrcPort to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketDstPort to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketSrcMacAddr to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketDstMacAddr to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketMacTypeLen to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclPacketVlanPCP to object hpnicfAclPacketfilterTrapObjects -- Add hpnicfAclRuleMatchCount to object hpnicfPfilterTrapPrefix -- Add hpnicfAclFirstIPv4PktCaptured to object hpnicfPfilterTrapPrefix -- Add hpnicfAclFirstIPv6PktCaptured to object hpnicfPfilterTrapPrefix -- Add hpnicfAclFirstEthernetPktCaptured to object hpnicfPfilterTrapPrefix -- 2014-2-20 updated by gaoyu -- Add hpnicfAclNamedUserTable to object hpnicfAclEnUserAclGroup -- 2014-07-08 updated by gaoyu -- Add hpnicfAclIPAclAdvancedSrcSuffix to object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclAdvancedDestSuffix to object hpnicfAclIPAclAdvancedTable -- Add hpnicfAclIPAclNamedAdvSrcSuffix to object hpnicfAclIPAclNamedAdvTable -- Add hpnicfAclIPAclNamedAdvDstSuffix to object hpnicfAclIPAclNamedAdvTable -- ============================================================================ HPN-ICF-ACL-MIB DEFINITIONS ::= BEGIN IMPORTS hpnicfCommon FROM HPN-ICF-OID-MIB IpAddress, Integer32, Counter32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE, Unsigned32, Counter64 FROM SNMPv2-SMI InetAddressType, InetAddress, InetAddressPrefixLength FROM INET-ADDRESS-MIB RowStatus, TruthValue, MacAddress, TEXTUAL-CONVENTION FROM SNMPv2-TC; -- -- Node definitions -- hpnicfAcl MODULE-IDENTITY LAST-UPDATED "201407221000Z" -- Jul 22, 2014 at 10:00 GMT ORGANIZATION "" CONTACT-INFO "" DESCRIPTION "ACL management information base for managing devices that support access control list and packet filtering. " REVISION "201407221000Z" -- Jul 22, 2014 at 10:00 GMT DESCRIPTION "Added four nodes for configuring an IPv6 suffix length." ::= { hpnicfCommon 8 } -- Rule action value RuleAction ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The value of rule's action. permit: The packet matching the rule will be permitted to forward. deny: The packet matching the rule will be denied. " SYNTAX INTEGER { invalid(1), permit(2), deny(3) } -- CounterClear value CounterClear ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "cleared: Reset the value of the rule's counter. nouse: 'nouse' will be returned when getting. " SYNTAX INTEGER { cleared(1), nouse(2) } -- PortOp value PortOp ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The operation type of TCP and UDP. lt : Less than given port number. eq : Equal to given port number. gt : Greater than given port number. neq : Not equal to given port number. range : Between two port numbers. Default value is 'invalid'. " SYNTAX INTEGER { invalid(0), lt(1), eq(2), gt(3), neq(4), range(5) } -- DSCP value DSCPValue ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "The value of DSCP. <0-63> Value of DSCP af11 Specify Assured Forwarding 11 service(10) af12 Specify Assured Forwarding 12 service(12) af13 Specify Assured Forwarding 13 service(14) af21 Specify Assured Forwarding 21 service(18) af22 Specify Assured Forwarding 22 service(20) af23 Specify Assured Forwarding 23 service(22) af31 Specify Assured Forwarding 31 service(26) af32 Specify Assured Forwarding 32 service(28) af33 Specify Assured Forwarding 33 service(30) af41 Specify Assured Forwarding 41 service(34) af42 Specify Assured Forwarding 42 service(36) af43 Specify Assured Forwarding 43 service(38) be Specify Best Effort service(0) cs1 Specify Class Selector 1 service(8) cs2 Specify Class Selector 2 service(16) cs3 Specify Class Selector 3 service(24) cs4 Specify Class Selector 4 service(32) cs5 Specify Class Selector 5 service(40) cs6 Specify Class Selector 6 service(48) cs7 Specify Class Selector 7 service(56) ef Specify Expedited Forwarding service(46) " SYNTAX Integer32 (0..63|255) -- TCP Flags TCPFlag ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Type of TCP. invalid(0) tcpack(1) TCP protocol ACK Packet tcpfin(2) TCP protocol PIN Packet tcppsh(3) TCP protocol PUSH Packet tcprst(4) TCP protocol RST Packet tcpsyn(5) TCP protocol SYN Packet tcpurg(6) TCP protocol URG Packet Default value is 'invalid'. " SYNTAX INTEGER { invalid(0), tcpack(1), tcpfin(2), tcppsh(3), tcprst(4), tcpsyn(5), tcpurg(6) } -- Fragment Flags FragmentFlag ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Type of fragment. invalid(0) fragment(1) Frag-Type Fragment fragmentSubseq(2) Frag-Type Fragment-subsequent nonFragment(3) Frag-Type non-Fragment nonSubseq(4) Frag-Type non-subsequent Default value is 'invalid'. " SYNTAX INTEGER { invalid(0), fragment(1), fragmentSubseq(2), nonFragment(3), nonSubseq(4) } -- Address Flags AddressFlag ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Address flag to select IPv6 Address. Default value is 'invalid'. t64SrcAddrPre64DestAddrPre(1): The mean of the enumeration 't64SrcAddrPre64DestAddrPre' is that system gets the 64 bits prefix of source address and the 64 bits prefix of destination address. t64SrcAddrPre64DestAddrSuf(2): The mean of the enumeration 't64SrcAddrPre64DestAddrSuf' is that system gets the 64 bits prefix of source address and the 64 bits suffix of destination address. t64SrcAddrSuf64DestAddrPre(3): The mean of the enumeration 't64SrcAddrSuf64DestAddrPre' is that system gets the 64 bits suffix of source address and the 64 bits prefix of destination address. t64SrcAddrSuf64DestAddrSuf(4): The mean of the enumeration 't64SrcAddrSuf64DestAddrSuf' is that system gets the 64 bits suffix of source address and the 64 bits suffix of destination address. t128SourceAddress(5): The mean of the enumeration 't128SourceAddress' is that system gets the 128 bits of source address. t128DestinationAddress(6): The mean of the enumeration 't128SourceAddress' is that system gets the 128 bits of destination address. " SYNTAX INTEGER { invalid(0), t64SrcAddrPre64DestAddrPre(1), t64SrcAddrPre64DestAddrSuf(2), t64SrcAddrSuf64DestAddrPre(3), t64SrcAddrSuf64DestAddrSuf(4), t128SourceAddress(5), t128DestinationAddress(6) } -- Direction type DirectionType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The direction: inbound or outbound." SYNTAX INTEGER { inbound(1), outbound(2) } -- -- nodes defined -- hpnicfAclMibObjects OBJECT IDENTIFIER ::= { hpnicfAcl 1 } hpnicfAclMode OBJECT-TYPE SYNTAX INTEGER { linkBased(1), ipBased(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Access-list mode." DEFVAL { ipBased } ::= { hpnicfAclMibObjects 1 } -- -- Node of hpnicfAclNumGroupTable -- hpnicfAclNumGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the match-order of number-acl group." ::= { hpnicfAclMibObjects 2 } hpnicfAclNumGroupEntry OBJECT-TYPE SYNTAX HpnicfAclNumGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Define the index of hpnicfAclNumGroupTable." INDEX { hpnicfAclNumGroupAclNum } ::= { hpnicfAclNumGroupTable 1 } HpnicfAclNumGroupEntry ::= SEQUENCE { hpnicfAclNumGroupAclNum Integer32, hpnicfAclNumGroupMatchOrder INTEGER, hpnicfAclNumGroupSubitemNum Integer32, hpnicfAclNumGroupDescription OCTET STRING, hpnicfAclNumGroupCountClear INTEGER, hpnicfAclNumGroupRowStatus RowStatus } hpnicfAclNumGroupAclNum OBJECT-TYPE SYNTAX Integer32 (1000..5999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of number-acl group Interface type:1000..1999 Basic type:2000..2999 Advance type:3000..3999 Link type:4000..4999 User type:5000..5999" ::= { hpnicfAclNumGroupEntry 1 } hpnicfAclNumGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The match-order of number-acl group." DEFVAL { config } ::= { hpnicfAclNumGroupEntry 2 } hpnicfAclNumGroupSubitemNum OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of number-acl group's node." ::= { hpnicfAclNumGroupEntry 3 } hpnicfAclNumGroupDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-write STATUS current DESCRIPTION "The description of this acl group." ::= { hpnicfAclNumGroupEntry 4 } hpnicfAclNumGroupCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), nouse(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Reset the value of rules' counter, which belong to this group." ::= { hpnicfAclNumGroupEntry 5 } hpnicfAclNumGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclNumGroupEntry 6 } -- -- Node of hpnicfAclNameGroupTable -- hpnicfAclNameGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNameGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Create acl-group that identified by name." ::= { hpnicfAclMibObjects 3 } hpnicfAclNameGroupEntry OBJECT-TYPE SYNTAX HpnicfAclNameGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Define the index of hpnicfAclNameGroupTable." INDEX { hpnicfAclNameGroupIndex } ::= { hpnicfAclNameGroupTable 1 } HpnicfAclNameGroupEntry ::= SEQUENCE { hpnicfAclNameGroupIndex Integer32, hpnicfAclNameGroupCreateName OCTET STRING, hpnicfAclNameGroupTypes INTEGER, hpnicfAclNameGroupMatchOrder INTEGER, hpnicfAclNameGroupSubitemNum Integer32, hpnicfAclNameGroupRowStatus RowStatus } hpnicfAclNameGroupIndex OBJECT-TYPE SYNTAX Integer32 (10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of name-acl group." ::= { hpnicfAclNameGroupEntry 1 } hpnicfAclNameGroupCreateName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The name of name-acl group." ::= { hpnicfAclNameGroupEntry 2 } hpnicfAclNameGroupTypes OBJECT-TYPE SYNTAX INTEGER { basic(1), advanced(2), ifBased(3), link(4), user(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of name-acl group." ::= { hpnicfAclNameGroupEntry 3 } hpnicfAclNameGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The match-order of name-acl group." DEFVAL { config } ::= { hpnicfAclNameGroupEntry 4 } hpnicfAclNameGroupSubitemNum OBJECT-TYPE SYNTAX Integer32 (0..128) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of name-acl group's node." ::= { hpnicfAclNameGroupEntry 5 } hpnicfAclNameGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclNameGroupEntry 6 } -- -- hpnicfAclBasicRuleTable -- hpnicfAclBasicRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclBasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for basic acl group." ::= { hpnicfAclMibObjects 4 } hpnicfAclBasicRuleEntry OBJECT-TYPE SYNTAX HpnicfAclBasicRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Define the index of hpnicfAclBasicRuleTable." INDEX { hpnicfAclBasicAclNum, hpnicfAclBasicSubitem } ::= { hpnicfAclBasicRuleTable 1 } HpnicfAclBasicRuleEntry ::= SEQUENCE { hpnicfAclBasicAclNum Integer32, hpnicfAclBasicSubitem Integer32, hpnicfAclBasicAct INTEGER, hpnicfAclBasicSrcIp IpAddress, hpnicfAclBasicSrcWild IpAddress, hpnicfAclBasicTimeRangeName OCTET STRING, hpnicfAclBasicFragments TruthValue, hpnicfAclBasicLog TruthValue, hpnicfAclBasicEnable TruthValue, hpnicfAclBasicCount Counter32, hpnicfAclBasicCountClear INTEGER, hpnicfAclBasicRowStatus RowStatus } hpnicfAclBasicAclNum OBJECT-TYPE SYNTAX Integer32 (0|2000..2999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of basic acl group." ::= { hpnicfAclBasicRuleEntry 1 } hpnicfAclBasicSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subindex of basic acl group." ::= { hpnicfAclBasicRuleEntry 2 } hpnicfAclBasicAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of basic acl rule." ::= { hpnicfAclBasicRuleEntry 3 } hpnicfAclBasicSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address of basic acl rule." ::= { hpnicfAclBasicRuleEntry 4 } hpnicfAclBasicSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address wild of basic acl rule." ::= { hpnicfAclBasicRuleEntry 5 } hpnicfAclBasicTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of basic acl rule." ::= { hpnicfAclBasicRuleEntry 6 } hpnicfAclBasicFragments OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packet." ::= { hpnicfAclBasicRuleEntry 7 } hpnicfAclBasicLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of log." ::= { hpnicfAclBasicRuleEntry 8 } hpnicfAclBasicEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " ::= { hpnicfAclBasicRuleEntry 9 } hpnicfAclBasicCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by basic rule." ::= { hpnicfAclBasicRuleEntry 10 } hpnicfAclBasicCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), nouse(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Reset the value of counter." ::= { hpnicfAclBasicRuleEntry 11 } hpnicfAclBasicRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclBasicRuleEntry 12 } -- -- hpnicfAclAdvancedRuleTable -- hpnicfAclAdvancedRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclAdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for advanced acl group." ::= { hpnicfAclMibObjects 5 } hpnicfAclAdvancedRuleEntry OBJECT-TYPE SYNTAX HpnicfAclAdvancedRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Define the index of hpnicfAclAdvancedRuleTable." INDEX { hpnicfAclAdvancedAclNum, hpnicfAclAdvancedSubitem } ::= { hpnicfAclAdvancedRuleTable 1 } HpnicfAclAdvancedRuleEntry ::= SEQUENCE { hpnicfAclAdvancedAclNum Integer32, hpnicfAclAdvancedSubitem Integer32, hpnicfAclAdvancedAct INTEGER, hpnicfAclAdvancedProtocol Integer32, hpnicfAclAdvancedSrcIp IpAddress, hpnicfAclAdvancedSrcWild IpAddress, hpnicfAclAdvancedSrcOp INTEGER, hpnicfAclAdvancedSrcPort1 Integer32, hpnicfAclAdvancedSrcPort2 Integer32, hpnicfAclAdvancedDestIp IpAddress, hpnicfAclAdvancedDestWild IpAddress, hpnicfAclAdvancedDestOp INTEGER, hpnicfAclAdvancedDestPort1 Integer32, hpnicfAclAdvancedDestPort2 Integer32, hpnicfAclAdvancedPrecedence Integer32, hpnicfAclAdvancedTos Integer32, hpnicfAclAdvancedDscp Integer32, hpnicfAclAdvancedEstablish TruthValue, hpnicfAclAdvancedTimeRangeName OCTET STRING, hpnicfAclAdvancedIcmpType Integer32, hpnicfAclAdvancedIcmpCode Integer32, hpnicfAclAdvancedFragments TruthValue, hpnicfAclAdvancedLog TruthValue, hpnicfAclAdvancedEnable TruthValue, hpnicfAclAdvancedCount Counter32, hpnicfAclAdvancedCountClear INTEGER, hpnicfAclAdvancedRowStatus RowStatus } hpnicfAclAdvancedAclNum OBJECT-TYPE SYNTAX Integer32 (0|3000..3999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 1 } hpnicfAclAdvancedSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subindex of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 2 } hpnicfAclAdvancedAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of Advance acl rule." ::= { hpnicfAclAdvancedRuleEntry 3 } hpnicfAclAdvancedProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The protocol-type of advanced acl group. <1-255> Protocol number gre GRE tunneling(47) icmp Internet Control Message Protocol(1) igmp Internet Group Management Protocol(2) ip Any IP protocol ipinip IP in IP tunneling(4) ospf OSPF routing protocol(89) tcp Transmission Control Protocol (6) udp User Datagram Protocol (17)" ::= { hpnicfAclAdvancedRuleEntry 4 } hpnicfAclAdvancedSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 5 } hpnicfAclAdvancedSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address wild of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 6 } hpnicfAclAdvancedSrcOp OBJECT-TYPE SYNTAX INTEGER { invalid(0), lt(1), eq(2), gt(3), neq(4), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The source IP-address's operator of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 7 } hpnicfAclAdvancedSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port1." ::= { hpnicfAclAdvancedRuleEntry 8 } hpnicfAclAdvancedSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port2." ::= { hpnicfAclAdvancedRuleEntry 9 } hpnicfAclAdvancedDestIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IP-address of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 10 } hpnicfAclAdvancedDestWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IP-address wild of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 11 } hpnicfAclAdvancedDestOp OBJECT-TYPE SYNTAX INTEGER { invalid(0), lt(1), eq(2), gt(3), neq(4), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The destination IP-address's operator of advanced acl group." ::= { hpnicfAclAdvancedRuleEntry 12 } hpnicfAclAdvancedDestPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port1." ::= { hpnicfAclAdvancedRuleEntry 13 } hpnicfAclAdvancedDestPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port2." ::= { hpnicfAclAdvancedRuleEntry 14 } hpnicfAclAdvancedPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's precedence. <0-7> Value of precedence routine Specify routine precedence(0) priority Specify priority precedence(1) immediate Specify immediate precedence(2) flash Specify flash precedence(3) flash-override Specify flash-override precedence(4) critical Specify critical precedence(5) internet Specify internetwork control precedence(6) network Specify network control precedence(7) " ::= { hpnicfAclAdvancedRuleEntry 15 } hpnicfAclAdvancedTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's TOS. <0-15> Value of TOS(type of service) max-reliability Match packets with max reliable TOS(2) max-throughput Match packets with max throughput TOS(4) min-delay Match packets with min delay TOS(8) min-monetary-cost Match packets with min monetary cost TOS(1) normal Match packets with normal TOS(0) " ::= { hpnicfAclAdvancedRuleEntry 16 } hpnicfAclAdvancedDscp OBJECT-TYPE SYNTAX Integer32 (0..63|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of DSCP. <0-63> Value of DSCP af11 Specify Assured Forwarding 11 service(10) af12 Specify Assured Forwarding 12 service(12) af13 Specify Assured Forwarding 13 service(14) af21 Specify Assured Forwarding 21 service(18) af22 Specify Assured Forwarding 22 service(20) af23 Specify Assured Forwarding 23 service(22) af31 Specify Assured Forwarding 31 service(26) af32 Specify Assured Forwarding 32 service(28) af33 Specify Assured Forwarding 33 service(30) af41 Specify Assured Forwarding 41 service(34) af42 Specify Assured Forwarding 42 service(36) af43 Specify Assured Forwarding 43 service(38) be Specify Best Effort service(0) cs1 Specify Class Selector 1 service(8) cs2 Specify Class Selector 2 service(16) cs3 Specify Class Selector 3 service(24) cs4 Specify Class Selector 4 service(32) cs5 Specify Class Selector 5 service(40) cs6 Specify Class Selector 6 service(48) cs7 Specify Class Selector 7 service(56) ef Specify Expedited Forwarding service(46)" ::= { hpnicfAclAdvancedRuleEntry 17 } hpnicfAclAdvancedEstablish OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Establish flag." DEFVAL { false } ::= { hpnicfAclAdvancedRuleEntry 18 } hpnicfAclAdvancedTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of advanced acl rule." ::= { hpnicfAclAdvancedRuleEntry 19 } hpnicfAclAdvancedIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of ICMP packet. Integer32 ICMP type echo Type=8, Code=0 echo-reply Type=0, Code=0 fragmentneed-DFset Type=3, Code=4 host-redirect Type=5, Code=1 host-tos-redirect Type=5, Code=3 host-unreachable Type=3, Code=1 information-reply Type=16, Code=0 information-request Type=15, Code=0 net-redirect Type=5, Code=0 net-tos-redirect Type=5, Code=2 net-unreachable Type=3, Code=0 parameter-problem Type=12, Code=0 port-unreachable Type=3, Code=3 protocol-unreachable Type=3, Code=2 reassembly-timeout Type=11, Code=1 source-quench Type=4, Code=0 source-route-failed Type=3, Code=5 timestamp-reply Type=14, Code=0 timestamp-request Type=13, Code=0 ttl-exceeded Type=11, Code=0 " ::= { hpnicfAclAdvancedRuleEntry 20 } hpnicfAclAdvancedIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The code of ICMP packet." ::= { hpnicfAclAdvancedRuleEntry 21 } hpnicfAclAdvancedFragments OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packet." ::= { hpnicfAclAdvancedRuleEntry 22 } hpnicfAclAdvancedLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of log." ::= { hpnicfAclAdvancedRuleEntry 23 } hpnicfAclAdvancedEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " ::= { hpnicfAclAdvancedRuleEntry 24 } hpnicfAclAdvancedCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by advanced rule." ::= { hpnicfAclAdvancedRuleEntry 25 } hpnicfAclAdvancedCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), nouse(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Reset the value of counter." ::= { hpnicfAclAdvancedRuleEntry 26 } hpnicfAclAdvancedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclAdvancedRuleEntry 27 } -- -- hpnicfAclIfRuleTable -- hpnicfAclIfRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for interface-based acl group." ::= { hpnicfAclMibObjects 6 } hpnicfAclIfRuleEntry OBJECT-TYPE SYNTAX HpnicfAclIfRuleEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Define the index of hpnicfAclIfRuleTable." INDEX { hpnicfAclIfAclNum, hpnicfAclIfSubitem } ::= { hpnicfAclIfRuleTable 1 } HpnicfAclIfRuleEntry ::= SEQUENCE { hpnicfAclIfAclNum Integer32, hpnicfAclIfSubitem Integer32, hpnicfAclIfAct INTEGER, hpnicfAclIfIndex Integer32, hpnicfAclIfAny TruthValue, hpnicfAclIfTimeRangeName OCTET STRING, hpnicfAclIfLog TruthValue, hpnicfAclIfEnable TruthValue, hpnicfAclIfCount Counter32, hpnicfAclIfCountClear INTEGER, hpnicfAclIfRowStatus RowStatus } hpnicfAclIfAclNum OBJECT-TYPE SYNTAX Integer32 (0|1000..1999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of interface-based acl group." ::= { hpnicfAclIfRuleEntry 1 } hpnicfAclIfSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subindex of interface-based acl group." ::= { hpnicfAclIfRuleEntry 2 } hpnicfAclIfAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of interface-based acl group." ::= { hpnicfAclIfRuleEntry 3 } hpnicfAclIfIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The index of interface." ::= { hpnicfAclIfRuleEntry 4 } hpnicfAclIfAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any interface." ::= { hpnicfAclIfRuleEntry 5 } hpnicfAclIfTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of interface-based acl rule." ::= { hpnicfAclIfRuleEntry 6 } hpnicfAclIfLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of log." ::= { hpnicfAclIfRuleEntry 7 } hpnicfAclIfEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " ::= { hpnicfAclIfRuleEntry 8 } hpnicfAclIfCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by basic rule." ::= { hpnicfAclIfRuleEntry 9 } hpnicfAclIfCountClear OBJECT-TYPE SYNTAX INTEGER { cleared(1), nouse(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Reset the value of the rule's counter." ::= { hpnicfAclIfRuleEntry 10 } hpnicfAclIfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclIfRuleEntry 11 } -- -- hpnicfAclLinkTable -- hpnicfAclLinkTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclLinkEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Create link acl." ::= { hpnicfAclMibObjects 7 } hpnicfAclLinkEntry OBJECT-TYPE SYNTAX HpnicfAclLinkEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of the link acl table." INDEX { hpnicfAclLinkAclNum, hpnicfAclLinkSubitem } ::= { hpnicfAclLinkTable 1 } HpnicfAclLinkEntry ::= SEQUENCE { hpnicfAclLinkAclNum Integer32, hpnicfAclLinkSubitem Integer32, hpnicfAclLinkAct INTEGER, hpnicfAclLinkProtocol INTEGER, hpnicfAclLinkFormatType INTEGER, hpnicfAclLinkVlanTag INTEGER, hpnicfAclLinkVlanPri Integer32, hpnicfAclLinkSrcVlanId Integer32, hpnicfAclLinkSrcMac MacAddress, hpnicfAclLinkSrcMacWild MacAddress, hpnicfAclLinkSrcIfIndex Integer32, hpnicfAclLinkSrcAny TruthValue, hpnicfAclLinkDestVlanId Integer32, hpnicfAclLinkDestMac MacAddress, hpnicfAclLinkDestMacWild MacAddress, hpnicfAclLinkDestIfIndex Integer32, hpnicfAclLinkDestAny TruthValue, hpnicfAclLinkTimeRangeName OCTET STRING, hpnicfAclLinkEnable TruthValue, hpnicfAclLinkRowStatus RowStatus, hpnicfAclLinkTypeCode OCTET STRING, hpnicfAclLinkTypeMask OCTET STRING, hpnicfAclLinkLsapCode OCTET STRING, hpnicfAclLinkLsapMask OCTET STRING, hpnicfAclLinkL2LabelRangeOp INTEGER, hpnicfAclLinkL2LabelRangeBegin Integer32, hpnicfAclLinkL2LabelRangeEnd Integer32, hpnicfAclLinkMplsExp Integer32 } hpnicfAclLinkAclNum OBJECT-TYPE SYNTAX Integer32 (0|4000..4999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of link-based acl group." ::= { hpnicfAclLinkEntry 1 } hpnicfAclLinkSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subindex of link-based acl group." ::= { hpnicfAclLinkEntry 2 } hpnicfAclLinkAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of link-based acl group." ::= { hpnicfAclLinkEntry 3 } hpnicfAclLinkProtocol OBJECT-TYPE SYNTAX INTEGER { invalid(0), ip(2048), arp(2054), rarp(32821), mpls(34887), pppoeControl(34915), pppoeData(34916) } MAX-ACCESS read-create STATUS current DESCRIPTION "The layer 2 protocol-type of link acl rule." DEFVAL { invalid } ::= { hpnicfAclLinkEntry 4 } hpnicfAclLinkFormatType OBJECT-TYPE SYNTAX INTEGER { invalid(0), ethernetII(1), snap(2), ieee802Dot3And2(3), ieee802Dot3(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Format type of link acl rule." ::= { hpnicfAclLinkEntry 5 } hpnicfAclLinkVlanTag OBJECT-TYPE SYNTAX INTEGER { invalid(0), tagged(1), untagged(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of vlan tag of link acl rule." ::= { hpnicfAclLinkEntry 6 } hpnicfAclLinkVlanPri OBJECT-TYPE SYNTAX Integer32 (0..7 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "Vlan priority of link acl rule." ::= { hpnicfAclLinkEntry 7 } hpnicfAclLinkSrcVlanId OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "Source vlan ID of link acl rule." ::= { hpnicfAclLinkEntry 8 } hpnicfAclLinkSrcMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source mac of link acl rule." ::= { hpnicfAclLinkEntry 9 } hpnicfAclLinkSrcMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source mac wildzard of link acl rule." ::= { hpnicfAclLinkEntry 10 } hpnicfAclLinkSrcIfIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "Source IfIndex of link acl rule." ::= { hpnicfAclLinkEntry 11 } hpnicfAclLinkSrcAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any source." ::= { hpnicfAclLinkEntry 12 } hpnicfAclLinkDestVlanId OBJECT-TYPE SYNTAX Integer32 (0..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "Destination vlan ID of link acl rule." ::= { hpnicfAclLinkEntry 13 } hpnicfAclLinkDestMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination mac of link acl rule." ::= { hpnicfAclLinkEntry 14 } hpnicfAclLinkDestMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination mac wildzard of link acl rule." ::= { hpnicfAclLinkEntry 15 } hpnicfAclLinkDestIfIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IfIndex of link acl rule." ::= { hpnicfAclLinkEntry 16 } hpnicfAclLinkDestAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any destination." ::= { hpnicfAclLinkEntry 17 } hpnicfAclLinkTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of link-based acl rule." ::= { hpnicfAclLinkEntry 18 } hpnicfAclLinkEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " ::= { hpnicfAclLinkEntry 19 } hpnicfAclLinkRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclLinkEntry 20 } hpnicfAclLinkTypeCode OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..32) ) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of layer 2 protocol.0x0000...0xffff." ::= { hpnicfAclLinkEntry 21 } hpnicfAclLinkTypeMask OBJECT-TYPE SYNTAX OCTET STRING ( SIZE(0..32) ) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of layer 2 protocol.0x0000...0xffff." ::= { hpnicfAclLinkEntry 22 } hpnicfAclLinkLsapCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of LSAP.0x0000...0xffff." ::= { hpnicfAclLinkEntry 23 } hpnicfAclLinkLsapMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of LSAP.0x0000...0xffff." ::= { hpnicfAclLinkEntry 24 } hpnicfAclLinkL2LabelRangeOp OBJECT-TYPE SYNTAX INTEGER { invalid(0), lt(1), eq(2), gt(3), neq(4), range(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "Operation symbol of the MPLS label. If the symbol is range(5), the objects hpnicfAclLinkL2LabelRangeBegin and hpnicfAclLinkL2LabelRangeEnd should have different values indicating a range. Otherwise, only hpnicfAclLinkL2LabelRangeBegin counts, object hpnicfAclLinkL2LabelRangeEnd is ignored. invalid(0) -- unavailable lt(1) -- less than eq(2) -- equal gt(3) -- great than neq(4) -- not equal range(5) -- a range with two ends included " ::= { hpnicfAclLinkEntry 25 } hpnicfAclLinkL2LabelRangeBegin OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The beginning of VPLS VC label." ::= { hpnicfAclLinkEntry 26 } hpnicfAclLinkL2LabelRangeEnd OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The end of VPLS VC label." ::= { hpnicfAclLinkEntry 27 } hpnicfAclLinkMplsExp OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The value of MPLS-packet's Exp." ::= { hpnicfAclLinkEntry 28 } -- -- hpnicfAclUserTable -- hpnicfAclUserTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Create user acl." ::= { hpnicfAclMibObjects 8 } hpnicfAclUserEntry OBJECT-TYPE SYNTAX HpnicfAclUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of user acl table." INDEX { hpnicfAclUserAclNum, hpnicfAclUserSubitem } ::= { hpnicfAclUserTable 1 } HpnicfAclUserEntry ::= SEQUENCE { hpnicfAclUserAclNum Integer32, hpnicfAclUserSubitem Integer32, hpnicfAclUserAct INTEGER, hpnicfAclUserFormatType INTEGER, hpnicfAclUserVlanTag INTEGER, hpnicfAclUserRuleStr OCTET STRING, hpnicfAclUserRuleMask OCTET STRING, hpnicfAclUserTimeRangeName OCTET STRING, hpnicfAclUserEnable TruthValue, hpnicfAclUserRowStatus RowStatus } hpnicfAclUserAclNum OBJECT-TYPE SYNTAX Integer32 (0|5000..5999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The number of the user acl." ::= { hpnicfAclUserEntry 1 } hpnicfAclUserSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subitem of the user acl." ::= { hpnicfAclUserEntry 2 } hpnicfAclUserAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of the user acl." ::= { hpnicfAclUserEntry 3 } hpnicfAclUserFormatType OBJECT-TYPE SYNTAX INTEGER { invalid(0), ethernetII(1), snap(2), ieee802Dot2And3(3), ieee802Dot4(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Format type." DEFVAL { invalid } ::= { hpnicfAclUserEntry 4 } hpnicfAclUserVlanTag OBJECT-TYPE SYNTAX INTEGER { invalid(0), tagged(1), untagged(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Vlan tag exits or not." DEFVAL { invalid } ::= { hpnicfAclUserEntry 5 } hpnicfAclUserRuleStr OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..80)) MAX-ACCESS read-create STATUS current DESCRIPTION "Rule string." ::= { hpnicfAclUserEntry 6 } hpnicfAclUserRuleMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..80)) MAX-ACCESS read-create STATUS current DESCRIPTION "Rule mask." ::= { hpnicfAclUserEntry 7 } hpnicfAclUserTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of the user defined acl." ::= { hpnicfAclUserEntry 8 } hpnicfAclUserEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " ::= { hpnicfAclUserEntry 9 } hpnicfAclUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclUserEntry 10 } -- -- hpnicfAclActiveTable -- hpnicfAclActiveTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclActiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Active acl." ::= { hpnicfAclMibObjects 9 } hpnicfAclActiveEntry OBJECT-TYPE SYNTAX HpnicfAclActiveEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of active acl table." INDEX { hpnicfAclActiveAclIndex, hpnicfAclActiveIfIndex, hpnicfAclActiveVlanID, hpnicfAclActiveDirection } ::= { hpnicfAclActiveTable 1 } HpnicfAclActiveEntry ::= SEQUENCE { hpnicfAclActiveAclIndex Integer32, hpnicfAclActiveIfIndex Integer32, hpnicfAclActiveVlanID Integer32, hpnicfAclActiveDirection INTEGER, hpnicfAclActiveUserAclNum Integer32, hpnicfAclActiveUserAclSubitem Integer32, hpnicfAclActiveIpAclNum Integer32, hpnicfAclActiveIpAclSubitem Integer32, hpnicfAclActiveLinkAclNum Integer32, hpnicfAclActiveLinkAclSubitem Integer32, hpnicfAclActiveRuntime TruthValue, hpnicfAclActiveRowStatus RowStatus } hpnicfAclActiveAclIndex OBJECT-TYPE SYNTAX Integer32 (0|1..5999|10000..12999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Acl index." ::= { hpnicfAclActiveEntry 1 } hpnicfAclActiveIfIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "IfIndex." ::= { hpnicfAclActiveEntry 2 } hpnicfAclActiveVlanID OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The lower 16 bits is Vlan ID, the higher 16 bits, if not zero, it describes the slot ID of the L3plus board. " ::= { hpnicfAclActiveEntry 3 } hpnicfAclActiveDirection OBJECT-TYPE SYNTAX INTEGER { invalid(0), input(1), output(2), both(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "Direction." ::= { hpnicfAclActiveEntry 4 } hpnicfAclActiveUserAclNum OBJECT-TYPE SYNTAX Integer32 (0|5000..5999|10000..12999) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of the user acl." ::= { hpnicfAclActiveEntry 5 } hpnicfAclActiveUserAclSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The subitem of the user acl." ::= { hpnicfAclActiveEntry 6 } hpnicfAclActiveIpAclNum OBJECT-TYPE SYNTAX Integer32 (0|2000..3999|10000..12999) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of the IP acl." ::= { hpnicfAclActiveEntry 7 } hpnicfAclActiveIpAclSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The subitem of the IP acl." ::= { hpnicfAclActiveEntry 8 } hpnicfAclActiveLinkAclNum OBJECT-TYPE SYNTAX Integer32 (0|4000..4999|10000..12999) MAX-ACCESS read-create STATUS current DESCRIPTION "The num of the link acl." ::= { hpnicfAclActiveEntry 9 } hpnicfAclActiveLinkAclSubitem OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The subitem of the link acl." ::= { hpnicfAclActiveEntry 10 } hpnicfAclActiveRuntime OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Is run or not." ::= { hpnicfAclActiveEntry 11 } hpnicfAclActiveRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now support three state: CreateAndGo, Active, Destroy." ::= { hpnicfAclActiveEntry 12 } -- -- hpnicfAclIDSTable -- hpnicfAclIDSTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Configure the rule for IDS." ::= { hpnicfAclMibObjects 10 } hpnicfAclIDSEntry OBJECT-TYPE SYNTAX HpnicfAclIDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entry of acl ids table." INDEX { IMPLIED hpnicfAclIDSName} ::= { hpnicfAclIDSTable 1 } HpnicfAclIDSEntry ::= SEQUENCE { hpnicfAclIDSName OCTET STRING, hpnicfAclIDSSrcMac MacAddress, hpnicfAclIDSDestMac MacAddress, hpnicfAclIDSSrcIp IpAddress, hpnicfAclIDSSrcWild IpAddress, hpnicfAclIDSDestIp IpAddress, hpnicfAclIDSDestWild IpAddress, hpnicfAclIDSSrcPort Integer32, hpnicfAclIDSDestPort Integer32, hpnicfAclIDSProtocol Integer32, hpnicfAclIDSDenyTime Unsigned32, hpnicfAclIDSAct INTEGER, hpnicfAclIDSRowStatus RowStatus } hpnicfAclIDSName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name index of the IDS table." ::= { hpnicfAclIDSEntry 1 } hpnicfAclIDSSrcMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source mac of IDS acl rule." ::= { hpnicfAclIDSEntry 2 } hpnicfAclIDSDestMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination mac of IDS acl rule." ::= { hpnicfAclIDSEntry 3 } hpnicfAclIDSSrcIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address of IDS acl rule." ::= { hpnicfAclIDSEntry 4 } hpnicfAclIDSSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IP-address wild of IDS acl rule." ::= { hpnicfAclIDSEntry 5 } hpnicfAclIDSDestIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IP-address of IDS acl rule." ::= { hpnicfAclIDSEntry 6 } hpnicfAclIDSDestWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IP-address wild of IDS acl rule." ::= { hpnicfAclIDSEntry 7 } hpnicfAclIDSSrcPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port." ::= { hpnicfAclIDSEntry 8 } hpnicfAclIDSDestPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port." ::= { hpnicfAclIDSEntry 9 } hpnicfAclIDSProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The protocol-type of advanced acl group. <1-255> Protocol number gre GRE tunneling(47) icmp Internet Control Message Protocol(1) igmp Internet Group Management Protocol(2) ip Any IP protocol ipinip IP in IP tunneling(4) ospf OSPF routing protocol(89) tcp Transmission Control Protocol (6) udp User Datagram Protocol (17) " ::= { hpnicfAclIDSEntry 10 } hpnicfAclIDSDenyTime OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of seconds which deny for this acl rule." DEFVAL { 0 } ::= { hpnicfAclIDSEntry 11 } hpnicfAclIDSAct OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The action of IDS acl rule." ::= { hpnicfAclIDSEntry 12 } hpnicfAclIDSRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus, now supports three states: CreateAndGo, Active, and Destroy." ::= { hpnicfAclIDSEntry 13 } -- -- Nodes of hpnicfAclMib2Objects -- hpnicfAclMib2Objects OBJECT IDENTIFIER ::= { hpnicfAcl 2 } -- -- Nodes of hpnicfAclMib2GlobalGroup -- hpnicfAclMib2GlobalGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 1 } hpnicfAclMib2NodesGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2GlobalGroup 1 } hpnicfAclMib2Mode OBJECT-TYPE SYNTAX INTEGER { linkBased(1), ipBased(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The applying mode of ACL." ::= { hpnicfAclMib2NodesGroup 1 } hpnicfAclMib2Version OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The version of this file. The output value has the format of 'xx'or 'xxx'. For example: 10 means 1.0; 125 means 12.5. " ::= { hpnicfAclMib2NodesGroup 2 } hpnicfAclMib2ObjectsCapabilities OBJECT-TYPE SYNTAX BITS { hpnicfAclMib2Mode(0), hpnicfAclVersion(1), hpnicfAclMib2ObjectsCapabilities(2), hpnicfAclMib2CapabilityTable(3), hpnicfAclNumberGroupTable(4), hpnicfAclIPAclBasicTable(5), hpnicfAclIPAclAdvancedTable(6), hpnicfAclMACTable(7), hpnicfAclEnUserTable(8), hpnicfAclMib2ProcessingStatus(9) } MAX-ACCESS read-only STATUS current DESCRIPTION "The objects of hpnicfAclMib2Objects." ::= { hpnicfAclMib2NodesGroup 3 } hpnicfAclMib2ProcessingStatus OBJECT-TYPE SYNTAX INTEGER { processing(1), done(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The processing status of ACL operation." ::= { hpnicfAclMib2NodesGroup 4 } hpnicfAclMib2CapabilityTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclMib2CapabilityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The capability of mib2." ::= { hpnicfAclMib2GlobalGroup 2 } hpnicfAclMib2CapabilityEntry OBJECT-TYPE SYNTAX HpnicfAclMib2CapabilityEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The information of Capability of mib2." INDEX { hpnicfAclMib2EntityType, hpnicfAclMib2EntityIndex, hpnicfAclMib2ModuleIndex, hpnicfAclMib2CharacteristicsIndex } ::= { hpnicfAclMib2CapabilityTable 1 } HpnicfAclMib2CapabilityEntry ::= SEQUENCE { hpnicfAclMib2EntityType INTEGER, hpnicfAclMib2EntityIndex Integer32, hpnicfAclMib2ModuleIndex INTEGER, hpnicfAclMib2CharacteristicsIndex Integer32, hpnicfAclMib2CharacteristicsDesc OCTET STRING, hpnicfAclMib2CharacteristicsValue Unsigned32 } hpnicfAclMib2EntityType OBJECT-TYPE SYNTAX INTEGER { system(1), interface(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of entity. system: The entity is systemic level. interface: The entity is interface level. " ::= { hpnicfAclMib2CapabilityEntry 1 } hpnicfAclMib2EntityIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of entity. If hpnicfAclMib2EntityType is system, the value of this object is 0. If hpnicfAclMib2EntityType is interface, the value of this object is equal to 'ifIndex'. " ::= { hpnicfAclMib2CapabilityEntry 2 } hpnicfAclMib2ModuleIndex OBJECT-TYPE SYNTAX INTEGER { layer3(1), layer2(2), userDefined(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The module index of ACL." ::= { hpnicfAclMib2CapabilityEntry 3 } hpnicfAclMib2CharacteristicsIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The characteristics index of mib2. See DESCRIPTION of hpnicfAclMib2CharacteristicsValue to get detail information about the value of this object. " ::= { hpnicfAclMib2CapabilityEntry 4 } hpnicfAclMib2CharacteristicsDesc OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The description of characteristics." ::= { hpnicfAclMib2CapabilityEntry 5 } hpnicfAclMib2CharacteristicsValue OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of capability of this object. TypeOfRuleStringValue : notSupport(0) and the length of RuleString. TypeOfCodeValue : OnlyOneNotSupport(0), MoreThanOneNotSupport(1) If hpnicfAclMib2CharacteristicsValue is 'moreThanOneNotSupport', hpnicfAclMib2CharacteristicsDesc must be used to depict which protocols are not supported. The output value of hpnicfAclMib2CharacteristicsDesc has the format of 'a,b'. For example, 'ip,rarp'. layer3 Module: Index Characteristics value 1 SourceIPAddress notSupport(0) 2 DestinationIPAddress notSupport(0) 3 SourcePort notSupport(0) 4 DestinationPort notSupport(0) 5 IPPrecedence notSupport(0) 6 TOS notSupport(0) 7 DSCP notSupport(0) 8 TCPFlag notSupport(0) 9 FragmentFlag notSupport(0) 10 Log notSupport(0) 11 RuleMatchCounter notSupport(0) 12 ResetRuleMatchCounter notSupport(0) 13 VPN notSupport(0) 15 protocol notSupport(0) 16 AddressFlag notSupport(0) layer2 Module: Index Characteristics value 1 ProtocolType TypeOfCodeValue 2 SourceMAC notSupport(0) 3 DestinationMAC notSupport(0) 4 LSAPType TypeOfCodeValue 5 CoS notSupport(0) UserDefined Module: Index Characteristics value 1 UserDefaultOffset TypeOfRuleStringValue 2 UserL2RuleOffset TypeOfRuleStringValue 3 UserMplsOffset TypeOfRuleStringValue 4 UserIPv4Offset TypeOfRuleStringValue 5 UserIPv6Offset TypeOfRuleStringValue 6 UserL4Offset TypeOfRuleStringValue 7 UserL5Offset TypeOfRuleStringValue " ::= { hpnicfAclMib2CapabilityEntry 6 } -- -- Nodes of number group -- hpnicfAclNumberGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNumberGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the number acl group information." ::= { hpnicfAclMib2GlobalGroup 3 } hpnicfAclNumberGroupEntry OBJECT-TYPE SYNTAX HpnicfAclNumberGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Number acl group information entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex } ::= { hpnicfAclNumberGroupTable 1 } HpnicfAclNumberGroupEntry ::= SEQUENCE { hpnicfAclNumberGroupType INTEGER, hpnicfAclNumberGroupIndex Integer32, hpnicfAclNumberGroupRowStatus RowStatus, hpnicfAclNumberGroupMatchOrder INTEGER, hpnicfAclNumberGroupStep Integer32, hpnicfAclNumberGroupDescription OCTET STRING, hpnicfAclNumberGroupCountClear CounterClear, hpnicfAclNumberGroupRuleCounter Counter32, hpnicfAclNumberGroupName OCTET STRING } hpnicfAclNumberGroupType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), mac(3), user(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of number group. Basic ACL and Advanced ACL support ipv4 and ipv6. The range of Basic ACL is from 2000 to 2999. The range of Advanced ACL is from 3000 to 3999. Simple ACL supports ipv6 only. The range of Simple ACL is from 10000 to 42767. MAC ACL support mac only. The range of MAC ACL is from 4000 to 4999. User-defined ACL support user only. The range of user-defined ACL is from 5000 to 5999. " ::= { hpnicfAclNumberGroupEntry 1 } hpnicfAclNumberGroupIndex OBJECT-TYPE SYNTAX Integer32 (2000..5999|10000..42767) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The group index of number acl. Basic type:2000..2999 Advanced type:3000..3999 MAC type:4000..4999 User type:5000..5999 Simple type:10000..42767 " ::= { hpnicfAclNumberGroupEntry 2 } hpnicfAclNumberGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclNumberGroupEntry 3 } hpnicfAclNumberGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The match-order of number acl group." DEFVAL { config } ::= { hpnicfAclNumberGroupEntry 4 } hpnicfAclNumberGroupStep OBJECT-TYPE SYNTAX Integer32 (1..20) MAX-ACCESS read-create STATUS current DESCRIPTION "The step of rule index." DEFVAL { 5 } ::= { hpnicfAclNumberGroupEntry 5 } hpnicfAclNumberGroupDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "Description of this acl group." ::= { hpnicfAclNumberGroupEntry 6 } hpnicfAclNumberGroupCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counters of this group." DEFVAL { nouse } ::= { hpnicfAclNumberGroupEntry 7 } hpnicfAclNumberGroupRuleCounter OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The rule count of number acl group." ::= { hpnicfAclNumberGroupEntry 8 } hpnicfAclNumberGroupName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..63)) MAX-ACCESS read-create STATUS current DESCRIPTION "Name of this acl group." ::= { hpnicfAclNumberGroupEntry 9 } -- -- Nodes of named ACL group -- hpnicfAclNamedGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNamedGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of the named ACL group." ::= { hpnicfAclMib2GlobalGroup 4 } hpnicfAclNamedGroupEntry OBJECT-TYPE SYNTAX HpnicfAclNamedGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Named ACL group entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNamedGroupCategory, hpnicfAclNamedGroupName } ::= { hpnicfAclNamedGroupTable 1 } HpnicfAclNamedGroupEntry ::= SEQUENCE { hpnicfAclNamedGroupCategory INTEGER, hpnicfAclNamedGroupName OCTET STRING, hpnicfAclNamedGroupRowStatus RowStatus, hpnicfAclNamedGroupMatchOrder INTEGER, hpnicfAclNamedGroupStep Integer32, hpnicfAclNamedGroupDescription OCTET STRING, hpnicfAclNamedGroupCountClear CounterClear, hpnicfAclNamedGroupRuleCounter Counter32 } hpnicfAclNamedGroupCategory OBJECT-TYPE SYNTAX INTEGER { invalid(0), basic(1), advanced(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The category of number group. 1 indicates basic ACL, 2 indicates advanced ACL." ::= { hpnicfAclNamedGroupEntry 1 } hpnicfAclNamedGroupName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..63)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Name of an ACL group, a case-insensitive string of 1 to 63 characters. It must start with an English letter. " ::= { hpnicfAclNamedGroupEntry 2 } hpnicfAclNamedGroupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclNamedGroupEntry 3 } hpnicfAclNamedGroupMatchOrder OBJECT-TYPE SYNTAX INTEGER { config(1), auto(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The match-order of name acl group." DEFVAL { config } ::= { hpnicfAclNamedGroupEntry 4 } hpnicfAclNamedGroupStep OBJECT-TYPE SYNTAX Integer32 (1..20) MAX-ACCESS read-create STATUS current DESCRIPTION "The numbering step of the increment of the rule index." DEFVAL { 5 } ::= { hpnicfAclNamedGroupEntry 5 } hpnicfAclNamedGroupDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "Description of this ACL group." ::= { hpnicfAclNamedGroupEntry 6 } hpnicfAclNamedGroupCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the statistics counter of this group." DEFVAL { nouse } ::= { hpnicfAclNamedGroupEntry 7 } hpnicfAclNamedGroupRuleCounter OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of rules of this group." ::= { hpnicfAclNamedGroupEntry 8 } -- -- Node of hpnicfAclIPv6Group -- hpnicfAclIPAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 2 } -- -- Nodes of hpnicfAclIPAclBasicTable -- hpnicfAclIPAclBasicTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIPAclBasicEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of basic rule group. If some objects of this table are not supported by some products, these objects can't be created, changed or applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclIPAclGroup 2 } hpnicfAclIPAclBasicEntry OBJECT-TYPE SYNTAX HpnicfAclIPAclBasicEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Basic rule group information." INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex, hpnicfAclIPAclBasicRuleIndex } ::= { hpnicfAclIPAclBasicTable 1 } HpnicfAclIPAclBasicEntry ::= SEQUENCE { hpnicfAclIPAclBasicRuleIndex Integer32, hpnicfAclIPAclBasicRowStatus RowStatus, hpnicfAclIPAclBasicAct RuleAction, hpnicfAclIPAclBasicSrcAddrType InetAddressType, hpnicfAclIPAclBasicSrcAddr InetAddress, hpnicfAclIPAclBasicSrcPrefix InetAddressPrefixLength, hpnicfAclIPAclBasicSrcAny TruthValue, hpnicfAclIPAclBasicSrcWild IpAddress, hpnicfAclIPAclBasicTimeRangeName OCTET STRING, hpnicfAclIPAclBasicFragmentFlag FragmentFlag, hpnicfAclIPAclBasicLog TruthValue, hpnicfAclIPAclBasicCount Unsigned32, hpnicfAclIPAclBasicCountClear CounterClear, hpnicfAclIPAclBasicEnable TruthValue, hpnicfAclIPAclBasicVpnInstanceName OCTET STRING, hpnicfAclIPAclBasicComment OCTET STRING, hpnicfAclIPAclBasicCounting TruthValue, hpnicfAclIPAclBasicRouteTypeAny TruthValue, hpnicfAclIPAclBasicRouteTypeValue Integer32 } hpnicfAclIPAclBasicRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The rule index of basic acl group." ::= { hpnicfAclIPAclBasicEntry 1 } hpnicfAclIPAclBasicRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclIPAclBasicEntry 2 } hpnicfAclIPAclBasicAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of basic acl rule." ::= { hpnicfAclIPAclBasicEntry 3 } hpnicfAclIPAclBasicSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP addresses type of IP pool." ::= { hpnicfAclIPAclBasicEntry 4 } hpnicfAclIPAclBasicSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of a local IP address is available for this association. The type of this address is determined by the value of hpnicfAclIPAclBasicSrcAddrType. " ::= { hpnicfAclIPAclBasicEntry 5 } hpnicfAclIPAclBasicSrcPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclBasicEntry 6 } hpnicfAclIPAclBasicSrcAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any IP address." DEFVAL { true } ::= { hpnicfAclIPAclBasicEntry 7 } hpnicfAclIPAclBasicSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IPv4 address wildcard mask. Only IPv4 Basic Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclBasicEntry 8 } hpnicfAclIPAclBasicTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of basic acl rule. Default value is zero-length. " ::= { hpnicfAclIPAclBasicEntry 9 } hpnicfAclIPAclBasicFragmentFlag OBJECT-TYPE SYNTAX FragmentFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packets." DEFVAL { invalid } ::= { hpnicfAclIPAclBasicEntry 10 } hpnicfAclIPAclBasicLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule." DEFVAL { false } ::= { hpnicfAclIPAclBasicEntry 11 } hpnicfAclIPAclBasicCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matches by the rule." ::= { hpnicfAclIPAclBasicEntry 12 } hpnicfAclIPAclBasicCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." DEFVAL { nouse } ::= { hpnicfAclIPAclBasicEntry 13 } hpnicfAclIPAclBasicEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclIPAclBasicEntry 14 } hpnicfAclIPAclBasicVpnInstanceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The VPN name, to which the rule will be applied. Default value is zero-length. " ::= { hpnicfAclIPAclBasicEntry 15 } hpnicfAclIPAclBasicComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclIPAclBasicEntry 16 } hpnicfAclIPAclBasicCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclIPAclBasicEntry 17 } hpnicfAclIPAclBasicRouteTypeAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any type of routing header of IPv6 packet. " DEFVAL { false } ::= { hpnicfAclIPAclBasicEntry 18 } hpnicfAclIPAclBasicRouteTypeValue OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "Match specific type of routing header of IPv6 packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclBasicEntry 19 } -- -- Notes of hpnicfAclIPAclAdvancedTable -- hpnicfAclIPAclAdvancedTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIPAclAdvancedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of advanced and simple acl group. If some objects of this table are not supported by some products, these objects can't be created, changed and applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclIPAclGroup 3 } hpnicfAclIPAclAdvancedEntry OBJECT-TYPE SYNTAX HpnicfAclIPAclAdvancedEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Advanced acl group information." INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex, hpnicfAclIPAclAdvancedRuleIndex } ::= { hpnicfAclIPAclAdvancedTable 1 } HpnicfAclIPAclAdvancedEntry ::= SEQUENCE { hpnicfAclIPAclAdvancedRuleIndex Integer32, hpnicfAclIPAclAdvancedRowStatus RowStatus, hpnicfAclIPAclAdvancedAct RuleAction, hpnicfAclIPAclAdvancedProtocol Integer32, hpnicfAclIPAclAdvancedAddrFlag AddressFlag, hpnicfAclIPAclAdvancedSrcAddrType InetAddressType, hpnicfAclIPAclAdvancedSrcAddr InetAddress, hpnicfAclIPAclAdvancedSrcPrefix InetAddressPrefixLength, hpnicfAclIPAclAdvancedSrcAny TruthValue, hpnicfAclIPAclAdvancedSrcWild IpAddress, hpnicfAclIPAclAdvancedSrcOp PortOp, hpnicfAclIPAclAdvancedSrcPort1 Integer32, hpnicfAclIPAclAdvancedSrcPort2 Integer32, hpnicfAclIPAclAdvancedDestAddrType InetAddressType, hpnicfAclIPAclAdvancedDestAddr InetAddress, hpnicfAclIPAclAdvancedDestPrefix InetAddressPrefixLength, hpnicfAclIPAclAdvancedDestAny TruthValue, hpnicfAclIPAclAdvancedDestWild IpAddress, hpnicfAclIPAclAdvancedDestOp PortOp, hpnicfAclIPAclAdvancedDestPort1 Integer32, hpnicfAclIPAclAdvancedDestPort2 Integer32, hpnicfAclIPAclAdvancedIcmpType Integer32, hpnicfAclIPAclAdvancedIcmpCode Integer32, hpnicfAclIPAclAdvancedPrecedence Integer32, hpnicfAclIPAclAdvancedTos Integer32, hpnicfAclIPAclAdvancedDscp DSCPValue, hpnicfAclIPAclAdvancedTimeRangeName OCTET STRING, hpnicfAclIPAclAdvancedTCPFlag TCPFlag, hpnicfAclIPAclAdvancedFragmentFlag FragmentFlag, hpnicfAclIPAclAdvancedLog TruthValue, hpnicfAclIPAclAdvancedCount Unsigned32, hpnicfAclIPAclAdvancedCountClear CounterClear, hpnicfAclIPAclAdvancedEnable TruthValue, hpnicfAclIPAclAdvancedVpnInstanceName OCTET STRING, hpnicfAclIPAclAdvancedComment OCTET STRING, hpnicfAclIPAclAdvancedReflective TruthValue, hpnicfAclIPAclAdvancedCounting TruthValue, hpnicfAclIPAclAdvancedTCPFlagMask BITS, hpnicfAclIPAclAdvancedTCPFlagValue BITS, hpnicfAclIPAclAdvancedRouteTypeAny TruthValue, hpnicfAclIPAclAdvancedRouteTypeValue Integer32, hpnicfAclIPAclAdvancedFlowLabel Unsigned32, hpnicfAclIPAclAdvancedSrcSuffix Unsigned32, hpnicfAclIPAclAdvancedDestSuffix Unsigned32 } hpnicfAclIPAclAdvancedRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The rule index of advanced acl group. As a Simple ACL group, the value of this object must be 0. As an Advanced ACL group, the value of this object is ranging from 0 to 65534. " ::= { hpnicfAclIPAclAdvancedEntry 1 } hpnicfAclIPAclAdvancedRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclIPAclAdvancedEntry 2 } hpnicfAclIPAclAdvancedAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of advanced acl rule." ::= { hpnicfAclIPAclAdvancedEntry 3 } hpnicfAclIPAclAdvancedProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The protocol-type of advanced acl group. 0 indicates any IPv4 or IPv6 protocol. <1-255> Protocol number gre GRE tunneling(47) icmp Internet Control Message Protocol(1) icmpv6 Internet Control Message Protocol6(58) igmp Internet Group Management Protocol(2) ipinip IP in IP tunneling(4) ospf OSPF routing protocol(89) tcp Transmission Control Protocol (6) udp User Datagram Protocol (17) ipv6-ah IPv6 Authentication Header(51) ipv6-esp IPv6 Encapsulating Security Payload(50) " ::= { hpnicfAclIPAclAdvancedEntry 4 } hpnicfAclIPAclAdvancedAddrFlag OBJECT-TYPE SYNTAX AddressFlag MAX-ACCESS read-create STATUS current DESCRIPTION "Address flag to select address." DEFVAL { invalid } ::= { hpnicfAclIPAclAdvancedEntry 5 } hpnicfAclIPAclAdvancedSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP addresses type of IP pool." ::= { hpnicfAclIPAclAdvancedEntry 6 } hpnicfAclIPAclAdvancedSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of a local IP address available for this association. The type of this address is determined by the value of hpnicfAclIPAclAdvancedSrcAddrType. " ::= { hpnicfAclIPAclAdvancedEntry 7 } hpnicfAclIPAclAdvancedSrcPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask which has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclAdvancedEntry 8 } hpnicfAclIPAclAdvancedSrcAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any IP address." DEFVAL { true } ::= { hpnicfAclIPAclAdvancedEntry 9 } hpnicfAclIPAclAdvancedSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IPv4 address wildcard mask. Only IPv4 Advanced Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclAdvancedEntry 10 } hpnicfAclIPAclAdvancedSrcOp OBJECT-TYPE SYNTAX PortOp MAX-ACCESS read-create STATUS current DESCRIPTION "Source port operation symbol of advanced acl group." DEFVAL { invalid } ::= { hpnicfAclIPAclAdvancedEntry 11 } hpnicfAclIPAclAdvancedSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port1." DEFVAL { 0 } ::= { hpnicfAclIPAclAdvancedEntry 12 } hpnicfAclIPAclAdvancedSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port2." DEFVAL { 65535 } ::= { hpnicfAclIPAclAdvancedEntry 13 } hpnicfAclIPAclAdvancedDestAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP addresses type of IP pool." ::= { hpnicfAclIPAclAdvancedEntry 14 } hpnicfAclIPAclAdvancedDestAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The value of a local IP address available for this association. The type of this address is determined by the value of hpnicfAclIPAclAdvancedDestAddrType. " ::= { hpnicfAclIPAclAdvancedEntry 15 } hpnicfAclIPAclAdvancedDestPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask which has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclAdvancedEntry 16 } hpnicfAclIPAclAdvancedDestAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any IP address." DEFVAL { true } ::= { hpnicfAclIPAclAdvancedEntry 17 } hpnicfAclIPAclAdvancedDestWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IPv4 address wildcard mask. Only IPv4 Advanced Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclAdvancedEntry 18 } hpnicfAclIPAclAdvancedDestOp OBJECT-TYPE SYNTAX PortOp MAX-ACCESS read-create STATUS current DESCRIPTION "Destination port operation symbol of advanced acl group." DEFVAL { invalid } ::= { hpnicfAclIPAclAdvancedEntry 19 } hpnicfAclIPAclAdvancedDestPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port1." DEFVAL { 0 } ::= { hpnicfAclIPAclAdvancedEntry 20 } hpnicfAclIPAclAdvancedDestPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port2." DEFVAL { 65535 } ::= { hpnicfAclIPAclAdvancedEntry 21 } hpnicfAclIPAclAdvancedIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of ICMP packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclAdvancedEntry 22 } hpnicfAclIPAclAdvancedIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The code of ICMP packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclAdvancedEntry 23 } hpnicfAclIPAclAdvancedPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's precedence. <0-7> Value of precedence routine Specify routine precedence(0) priority Specify priority precedence(1) immediate Specify immediate precedence(2) flash Specify flash precedence(3) flash-override Specify flash-override precedence(4) critical Specify critical precedence(5) internet Specify internetwork control precedence(6) network Specify network control precedence(7) " DEFVAL { 255 } ::= { hpnicfAclIPAclAdvancedEntry 24 } hpnicfAclIPAclAdvancedTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's TOS. <0-15> Value of TOS(type of service) max-reliability Match packets with max reliable TOS(2) max-throughput Match packets with max throughput TOS(4) min-delay Match packets with min delay TOS(8) min-monetary-cost Match packets with min monetary cost TOS(1) normal Match packets with normal TOS(0) " DEFVAL { 255 } ::= { hpnicfAclIPAclAdvancedEntry 25 } hpnicfAclIPAclAdvancedDscp OBJECT-TYPE SYNTAX DSCPValue MAX-ACCESS read-create STATUS current DESCRIPTION "The value of DSCP of IP packet." DEFVAL { 255 } ::= { hpnicfAclIPAclAdvancedEntry 26 } hpnicfAclIPAclAdvancedTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of advanced acl rule. Default value is zero-length. " ::= { hpnicfAclIPAclAdvancedEntry 27 } hpnicfAclIPAclAdvancedTCPFlag OBJECT-TYPE SYNTAX TCPFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The packet type of TCP protocol." DEFVAL { invalid } ::= { hpnicfAclIPAclAdvancedEntry 28 } hpnicfAclIPAclAdvancedFragmentFlag OBJECT-TYPE SYNTAX FragmentFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packet, and now support two value: 0 or 2." DEFVAL { invalid } ::= { hpnicfAclIPAclAdvancedEntry 29 } hpnicfAclIPAclAdvancedLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Log matched packets." DEFVAL { false } ::= { hpnicfAclIPAclAdvancedEntry 30 } hpnicfAclIPAclAdvancedCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by the rule." ::= { hpnicfAclIPAclAdvancedEntry 31 } hpnicfAclIPAclAdvancedCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." DEFVAL { nouse } ::= { hpnicfAclIPAclAdvancedEntry 32 } hpnicfAclIPAclAdvancedEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclIPAclAdvancedEntry 33 } hpnicfAclIPAclAdvancedVpnInstanceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The VPN name that the rule will be applied. Default value is zero-length. " ::= { hpnicfAclIPAclAdvancedEntry 34 } hpnicfAclIPAclAdvancedComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclIPAclAdvancedEntry 35 } hpnicfAclIPAclAdvancedReflective OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of reflective." ::= { hpnicfAclIPAclAdvancedEntry 36 } hpnicfAclIPAclAdvancedCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclIPAclAdvancedEntry 37 } hpnicfAclIPAclAdvancedTCPFlagMask OBJECT-TYPE SYNTAX BITS { tcpack(0), tcpfin(1), tcppsh(2), tcprst(3), tcpsyn(4), tcpurg(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The TCP Flag Mask. This is a bit-map of possible conditions. The various bit positions are: |0 |tcpack | |1 |tcpfin | |2 |tcppsh | |3 |tcprst | |4 |tcpsyn | |5 |tcpurg | " DEFVAL { { } } ::= { hpnicfAclIPAclAdvancedEntry 38 } hpnicfAclIPAclAdvancedTCPFlagValue OBJECT-TYPE SYNTAX BITS { tcpack(0), tcpfin(1), tcppsh(2), tcprst(3), tcpsyn(4), tcpurg(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The TCP Flag Value. This is a bit-map of possible conditions. The various bit positions are: |0 |tcpack | |1 |tcpfin | |2 |tcppsh | |3 |tcprst | |4 |tcpsyn | |5 |tcpurg | " DEFVAL { { } } ::= { hpnicfAclIPAclAdvancedEntry 39 } hpnicfAclIPAclAdvancedRouteTypeAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any type of routing header of IPv6 packet. " DEFVAL { false } ::= { hpnicfAclIPAclAdvancedEntry 40 } hpnicfAclIPAclAdvancedRouteTypeValue OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of routing header of IPv6 packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclAdvancedEntry 41 } hpnicfAclIPAclAdvancedFlowLabel OBJECT-TYPE SYNTAX Unsigned32 (0..1048575|4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of flow label of IPv6 packet header." DEFVAL { 4294967295 } ::= { hpnicfAclIPAclAdvancedEntry 42 } hpnicfAclIPAclAdvancedSrcSuffix OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address suffix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the least significant bit and all other bits set to 0. " ::= { hpnicfAclIPAclAdvancedEntry 43 } hpnicfAclIPAclAdvancedDestSuffix OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address suffix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the least significant bit and all other bits set to 0. " ::= { hpnicfAclIPAclAdvancedEntry 44 } -- --Nodes of hpnicfAclIPAclNamedBscTable -- hpnicfAclIPAclNamedBscTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIPAclNamedBscEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of basic rule of named ACL. The name of ACL group will be used as an index in this table, which differs from the table hpnicfAclIPAclBasicTable. If some objects of this table are not supported by some products, these objects can't be created, changed or applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclIPAclGroup 4 } hpnicfAclIPAclNamedBscEntry OBJECT-TYPE SYNTAX HpnicfAclIPAclNamedBscEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Basic named ACL rule entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNamedGroupName, hpnicfAclIPAclBasicRuleIndex } ::= { hpnicfAclIPAclNamedBscTable 1 } HpnicfAclIPAclNamedBscEntry ::= SEQUENCE { hpnicfAclIPAclNamedBscRowStatus RowStatus, hpnicfAclIPAclNamedBscAct RuleAction, hpnicfAclIPAclNamedBscSrcAddrType InetAddressType, hpnicfAclIPAclNamedBscSrcAddr InetAddress, hpnicfAclIPAclNamedBscSrcPrefix InetAddressPrefixLength, hpnicfAclIPAclNamedBscSrcAny TruthValue, hpnicfAclIPAclNamedBscSrcWild IpAddress, hpnicfAclIPAclNamedBscTRangeName OCTET STRING, hpnicfAclIPAclNamedBscFragmentFlag FragmentFlag, hpnicfAclIPAclNamedBscLog TruthValue, hpnicfAclIPAclNamedBscCount Unsigned32, hpnicfAclIPAclNamedBscCountClear CounterClear, hpnicfAclIPAclNamedBscEnable TruthValue, hpnicfAclIPAclNamedBscVpnInstName OCTET STRING, hpnicfAclIPAclNamedBscComment OCTET STRING, hpnicfAclIPAclNamedBscCounting TruthValue, hpnicfAclIPAclNamedBscRouteTypeAny TruthValue, hpnicfAclIPAclNamedBscRouteTypeValue Integer32 } hpnicfAclIPAclNamedBscRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclIPAclNamedBscEntry 1 } hpnicfAclIPAclNamedBscAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of basic ACL rule." ::= { hpnicfAclIPAclNamedBscEntry 2 } hpnicfAclIPAclNamedBscSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP addresses type of IP pool." ::= { hpnicfAclIPAclNamedBscEntry 3 } hpnicfAclIPAclNamedBscSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The specified source IP address. The type of this address is determined by the value of hpnicfAclIPAclNamedBscSrcAddrType. " ::= { hpnicfAclIPAclNamedBscEntry 4 } hpnicfAclIPAclNamedBscSrcPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Specify the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclNamedBscEntry 5 } hpnicfAclIPAclNamedBscSrcAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any source IP address." DEFVAL { true } ::= { hpnicfAclIPAclNamedBscEntry 6 } hpnicfAclIPAclNamedBscSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IPv4 address wildcard mask. Only IPv4 Basic Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclNamedBscEntry 7 } hpnicfAclIPAclNamedBscTRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of basic acl rule. Default value is zero-length. " ::= { hpnicfAclIPAclNamedBscEntry 8 } hpnicfAclIPAclNamedBscFragmentFlag OBJECT-TYPE SYNTAX FragmentFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packets." DEFVAL { invalid } ::= { hpnicfAclIPAclNamedBscEntry 9 } hpnicfAclIPAclNamedBscLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule." DEFVAL { false } ::= { hpnicfAclIPAclNamedBscEntry 10 } hpnicfAclIPAclNamedBscCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matches by the rule." ::= { hpnicfAclIPAclNamedBscEntry 11 } hpnicfAclIPAclNamedBscCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the statistics counter of the rule." DEFVAL { nouse } ::= { hpnicfAclIPAclNamedBscEntry 12 } hpnicfAclIPAclNamedBscEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclIPAclNamedBscEntry 13 } hpnicfAclIPAclNamedBscVpnInstName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The VPN name, to which the rule will be applied. Default value is zero-length. " ::= { hpnicfAclIPAclNamedBscEntry 14 } hpnicfAclIPAclNamedBscComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclIPAclNamedBscEntry 15 } hpnicfAclIPAclNamedBscCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclIPAclNamedBscEntry 16 } hpnicfAclIPAclNamedBscRouteTypeAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any type of routing header of IPv6 packet. " DEFVAL { false } ::= { hpnicfAclIPAclNamedBscEntry 17 } hpnicfAclIPAclNamedBscRouteTypeValue OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "Value of the routing header type of IPv6 packet, in the range of 0 to 255. " DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedBscEntry 18 } -- -- Notes of hpnicfAclIPAclNamedAdvTable -- hpnicfAclIPAclNamedAdvTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIPAclNamedAdvEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of advanced rule of named ACL. The name of ACL group will be used as an index in this table, which differs from the table hpnicfAclIPAclAdvancedTable. If some objects of this table are not supported by some products, these objects can't be created, changed or applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclIPAclGroup 5 } hpnicfAclIPAclNamedAdvEntry OBJECT-TYPE SYNTAX HpnicfAclIPAclNamedAdvEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Advanced ACL rule information entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNamedGroupName, hpnicfAclIPAclAdvancedRuleIndex } ::= { hpnicfAclIPAclNamedAdvTable 1 } HpnicfAclIPAclNamedAdvEntry ::= SEQUENCE { hpnicfAclIPAclNamedAdvRowStatus RowStatus, hpnicfAclIPAclNamedAdvAct RuleAction, hpnicfAclIPAclNamedAdvProtocol Integer32, hpnicfAclIPAclNamedAdvAddrFlag AddressFlag, hpnicfAclIPAclNamedAdvSrcAddrType InetAddressType, hpnicfAclIPAclNamedAdvSrcAddr InetAddress, hpnicfAclIPAclNamedAdvSrcPrefix InetAddressPrefixLength, hpnicfAclIPAclNamedAdvSrcAny TruthValue, hpnicfAclIPAclNamedAdvSrcWild IpAddress, hpnicfAclIPAclNamedAdvSrcOp PortOp, hpnicfAclIPAclNamedAdvSrcPort1 Integer32, hpnicfAclIPAclNamedAdvSrcPort2 Integer32, hpnicfAclIPAclNamedAdvDstAddrType InetAddressType, hpnicfAclIPAclNamedAdvDstAddr InetAddress, hpnicfAclIPAclNamedAdvDstPrefix InetAddressPrefixLength, hpnicfAclIPAclNamedAdvDstAny TruthValue, hpnicfAclIPAclNamedAdvDstWild IpAddress, hpnicfAclIPAclNamedAdvDstOp PortOp, hpnicfAclIPAclNamedAdvDstPort1 Integer32, hpnicfAclIPAclNamedAdvDstPort2 Integer32, hpnicfAclIPAclNamedAdvIcmpType Integer32, hpnicfAclIPAclNamedAdvIcmpCode Integer32, hpnicfAclIPAclNamedAdvPrecedence Integer32, hpnicfAclIPAclNamedAdvTos Integer32, hpnicfAclIPAclNamedAdvDscp DSCPValue, hpnicfAclIPAclNamedAdvTRangeName OCTET STRING, hpnicfAclIPAclNamedAdvTCPFlag TCPFlag, hpnicfAclIPAclNamedAdvFragmentFlag FragmentFlag, hpnicfAclIPAclNamedAdvLog TruthValue, hpnicfAclIPAclNamedAdvCount Unsigned32, hpnicfAclIPAclNamedAdvCountClear CounterClear, hpnicfAclIPAclNamedAdvEnable TruthValue, hpnicfAclIPAclNamedAdvVpnInstName OCTET STRING, hpnicfAclIPAclNamedAdvComment OCTET STRING, hpnicfAclIPAclNamedAdvReflective TruthValue, hpnicfAclIPAclNamedAdvCounting TruthValue, hpnicfAclIPAclNamedAdvTCPFlagMask BITS, hpnicfAclIPAclNamedAdvTCPFlagValue BITS, hpnicfAclIPAclNamedAdvRouteTypeAny TruthValue, hpnicfAclIPAclNamedAdvRouteTypeValue Integer32, hpnicfAclIPAclNamedAdvFlowLabel Unsigned32, hpnicfAclIPAclNamedAdvSrcSuffix Unsigned32, hpnicfAclIPAclNamedAdvDstSuffix Unsigned32 } hpnicfAclIPAclNamedAdvRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclIPAclNamedAdvEntry 1 } hpnicfAclIPAclNamedAdvAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of advanced ACL rule." ::= { hpnicfAclIPAclNamedAdvEntry 2 } hpnicfAclIPAclNamedAdvProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The protocol-type of advanced ACL rule. 0 indicates any IPv4 or IPv6 protocol. <1-255> Protocol number gre GRE tunneling(47) icmp Internet Control Message Protocol(1) icmpv6 Internet Control Message Protocol6(58) igmp Internet Group Management Protocol(2) ipinip IP in IP tunneling(4) ospf OSPF routing protocol(89) tcp Transmission Control Protocol (6) udp User Datagram Protocol (17) ipv6-ah IPv6 Authentication Header(51) ipv6-esp IPv6 Encapsulating Security Payload(50) " ::= { hpnicfAclIPAclNamedAdvEntry 3 } hpnicfAclIPAclNamedAdvAddrFlag OBJECT-TYPE SYNTAX AddressFlag MAX-ACCESS read-create STATUS current DESCRIPTION "Address flag to select address." DEFVAL { invalid } ::= { hpnicfAclIPAclNamedAdvEntry 4 } hpnicfAclIPAclNamedAdvSrcAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of source IP address. " ::= { hpnicfAclIPAclNamedAdvEntry 5 } hpnicfAclIPAclNamedAdvSrcAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The specified source IP address. The type of this address is determined by the value of hpnicfAclIPAclNamedAdvSrcAddrType. " ::= { hpnicfAclIPAclNamedAdvEntry 6 } hpnicfAclIPAclNamedAdvSrcPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Specify the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclNamedAdvEntry 7 } hpnicfAclIPAclNamedAdvSrcAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any IP address." DEFVAL { true } ::= { hpnicfAclIPAclNamedAdvEntry 8 } hpnicfAclIPAclNamedAdvSrcWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source IPv4 address wildcard mask. Only IPv4 Advanced Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclNamedAdvEntry 9 } hpnicfAclIPAclNamedAdvSrcOp OBJECT-TYPE SYNTAX PortOp MAX-ACCESS read-create STATUS current DESCRIPTION "Source port operation symbol of advanced acl group." DEFVAL { invalid } ::= { hpnicfAclIPAclNamedAdvEntry 10 } hpnicfAclIPAclNamedAdvSrcPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port1." DEFVAL { 0 } ::= { hpnicfAclIPAclNamedAdvEntry 11 } hpnicfAclIPAclNamedAdvSrcPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer source port2." DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedAdvEntry 12 } hpnicfAclIPAclNamedAdvDstAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of destination IP address. " ::= { hpnicfAclIPAclNamedAdvEntry 13 } hpnicfAclIPAclNamedAdvDstAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The specified destination IP address. The type of this address is determined by the value of hpnicfAclIPAclNamedAdvDstAddrType. " ::= { hpnicfAclIPAclNamedAdvEntry 14 } hpnicfAclIPAclNamedAdvDstPrefix OBJECT-TYPE SYNTAX InetAddressPrefixLength MAX-ACCESS read-create STATUS current DESCRIPTION "Specify the length of a generic Internet network address prefix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0. " ::= { hpnicfAclIPAclNamedAdvEntry 15 } hpnicfAclIPAclNamedAdvDstAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any IP address." DEFVAL { true } ::= { hpnicfAclIPAclNamedAdvEntry 16 } hpnicfAclIPAclNamedAdvDstWild OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination IPv4 address wildcard mask. Only IPv4 Advanced Rule supports this object. Default value is '0.0.0.0'. " ::= { hpnicfAclIPAclNamedAdvEntry 17 } hpnicfAclIPAclNamedAdvDstOp OBJECT-TYPE SYNTAX PortOp MAX-ACCESS read-create STATUS current DESCRIPTION "Destination port operation symbol of advanced acl group." DEFVAL { invalid } ::= { hpnicfAclIPAclNamedAdvEntry 18 } hpnicfAclIPAclNamedAdvDstPort1 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port1." DEFVAL { 0 } ::= { hpnicfAclIPAclNamedAdvEntry 19 } hpnicfAclIPAclNamedAdvDstPort2 OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The fourth layer destination port2." DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedAdvEntry 20 } hpnicfAclIPAclNamedAdvIcmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of ICMP packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedAdvEntry 21 } hpnicfAclIPAclNamedAdvIcmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The code of ICMP packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedAdvEntry 22 } hpnicfAclIPAclNamedAdvPrecedence OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's precedence. <0-7> Value of precedence routine Specify routine precedence(0) priority Specify priority precedence(1) immediate Specify immediate precedence(2) flash Specify flash precedence(3) flash-override Specify flash-override precedence(4) critical Specify critical precedence(5) internet Specify internetwork control precedence(6) network Specify network control precedence(7) " DEFVAL { 255 } ::= { hpnicfAclIPAclNamedAdvEntry 23 } hpnicfAclIPAclNamedAdvTos OBJECT-TYPE SYNTAX Integer32 (0..15|255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of IP-packet's TOS. <0-15> Value of TOS(type of service) max-reliability Match packets with max reliable TOS(2) max-throughput Match packets with max throughput TOS(4) min-delay Match packets with min delay TOS(8) min-monetary-cost Match packets with min monetary cost TOS(1) normal Match packets with normal TOS(0) " DEFVAL { 255 } ::= { hpnicfAclIPAclNamedAdvEntry 24 } hpnicfAclIPAclNamedAdvDscp OBJECT-TYPE SYNTAX DSCPValue MAX-ACCESS read-create STATUS current DESCRIPTION "The value of DSCP of IP packet." DEFVAL { 255 } ::= { hpnicfAclIPAclNamedAdvEntry 25 } hpnicfAclIPAclNamedAdvTRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of advanced ACL rule. Default value is zero-length. " ::= { hpnicfAclIPAclNamedAdvEntry 26 } hpnicfAclIPAclNamedAdvTCPFlag OBJECT-TYPE SYNTAX TCPFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The packet type of TCP protocol." DEFVAL { invalid } ::= { hpnicfAclIPAclNamedAdvEntry 27 } hpnicfAclIPAclNamedAdvFragmentFlag OBJECT-TYPE SYNTAX FragmentFlag MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching fragmented packet, and now support two value: 0 or 2. " DEFVAL { invalid } ::= { hpnicfAclIPAclNamedAdvEntry 28 } hpnicfAclIPAclNamedAdvLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Log matched packets." DEFVAL { false } ::= { hpnicfAclIPAclNamedAdvEntry 29 } hpnicfAclIPAclNamedAdvCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matches by the rule." ::= { hpnicfAclIPAclNamedAdvEntry 30 } hpnicfAclIPAclNamedAdvCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the statistics counter of this rule." DEFVAL { nouse } ::= { hpnicfAclIPAclNamedAdvEntry 31 } hpnicfAclIPAclNamedAdvEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclIPAclNamedAdvEntry 32 } hpnicfAclIPAclNamedAdvVpnInstName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The VPN name to which the rule will be applied. Default value is zero-length. " ::= { hpnicfAclIPAclNamedAdvEntry 33 } hpnicfAclIPAclNamedAdvComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is zero-length String. " ::= { hpnicfAclIPAclNamedAdvEntry 34 } hpnicfAclIPAclNamedAdvReflective OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of reflective." ::= { hpnicfAclIPAclNamedAdvEntry 35 } hpnicfAclIPAclNamedAdvCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclIPAclNamedAdvEntry 36 } hpnicfAclIPAclNamedAdvTCPFlagMask OBJECT-TYPE SYNTAX BITS { tcpack(0), tcpfin(1), tcppsh(2), tcprst(3), tcpsyn(4), tcpurg(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The TCP Flag Mask. This is a bit-map of possible conditions. The various bit positions are: |0 |tcpack | |1 |tcpfin | |2 |tcppsh | |3 |tcprst | |4 |tcpsyn | |5 |tcpurg | " ::= { hpnicfAclIPAclNamedAdvEntry 37 } hpnicfAclIPAclNamedAdvTCPFlagValue OBJECT-TYPE SYNTAX BITS { tcpack(0), tcpfin(1), tcppsh(2), tcprst(3), tcpsyn(4), tcpurg(5) } MAX-ACCESS read-create STATUS current DESCRIPTION "The TCP Flag Value. This is a bit-map of possible conditions. The various bit positions are: |0 |tcpack | |1 |tcpfin | |2 |tcppsh | |3 |tcprst | |4 |tcpsyn | |5 |tcpurg | " ::= { hpnicfAclIPAclNamedAdvEntry 38 } hpnicfAclIPAclNamedAdvRouteTypeAny OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag of matching any type of routing header of IPv6 packet. " DEFVAL { false } ::= { hpnicfAclIPAclNamedAdvEntry 39 } hpnicfAclIPAclNamedAdvRouteTypeValue OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of routing header of IPv6 packet." DEFVAL { 65535 } ::= { hpnicfAclIPAclNamedAdvEntry 40 } hpnicfAclIPAclNamedAdvFlowLabel OBJECT-TYPE SYNTAX Unsigned32 (0..1048575|4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of flow label of IPv6 packet header." DEFVAL { 4294967295 } ::= { hpnicfAclIPAclNamedAdvEntry 41 } hpnicfAclIPAclNamedAdvSrcSuffix OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address suffix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the least significant bit and all other bits set to 0. " ::= { hpnicfAclIPAclNamedAdvEntry 42 } hpnicfAclIPAclNamedAdvDstSuffix OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the length of a generic Internet network address suffix. A value of n corresponds to an IP address mask that has n contiguous 1-bits from the least significant bit and all other bits set to 0. " ::= { hpnicfAclIPAclNamedAdvEntry 43 } -- -- Node of hpnicfAclMACAclGroup -- hpnicfAclMACAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 3 } -- -- Nodes of hpnicfAclMACTable -- hpnicfAclMACTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclMACEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of MAC acl group. If some objects of this table are not supported by some products, these objects can't be created, changed or applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclMACAclGroup 1 } hpnicfAclMACEntry OBJECT-TYPE SYNTAX HpnicfAclMACEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC acl group information." INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex, hpnicfAclMACRuleIndex } ::= { hpnicfAclMACTable 1 } HpnicfAclMACEntry ::= SEQUENCE { hpnicfAclMACRuleIndex Integer32, hpnicfAclMACRowStatus RowStatus, hpnicfAclMACAct RuleAction, hpnicfAclMACTypeCode OCTET STRING, hpnicfAclMACTypeMask OCTET STRING, hpnicfAclMACSrcMac MacAddress, hpnicfAclMACSrcMacWild MacAddress, hpnicfAclMACDestMac MacAddress, hpnicfAclMACDestMacWild MacAddress, hpnicfAclMACLsapCode OCTET STRING, hpnicfAclMACLsapMask OCTET STRING, hpnicfAclMACCos Integer32, hpnicfAclMACTimeRangeName OCTET STRING, hpnicfAclMACCount Unsigned32, hpnicfAclMACCountClear CounterClear, hpnicfAclMACEnable TruthValue, hpnicfAclMACComment OCTET STRING, hpnicfAclMACLog TruthValue, hpnicfAclMACCounting TruthValue } hpnicfAclMACRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The rule index of MAC-based acl group." ::= { hpnicfAclMACEntry 1 } hpnicfAclMACRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclMACEntry 2 } hpnicfAclMACAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of MAC acl rule." ::= { hpnicfAclMACEntry 3 } hpnicfAclMACTypeCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of protocol." REFERENCE "rfc894, rfc1010." ::= { hpnicfAclMACEntry 4 } hpnicfAclMACTypeMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of protocol." ::= { hpnicfAclMACEntry 5 } hpnicfAclMACSrcMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source MAC of MAC acl rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclMACEntry 6 } hpnicfAclMACSrcMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source MAC wildzard of MAC acl rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclMACEntry 7 } hpnicfAclMACDestMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination MAC of MAC acl rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclMACEntry 8 } hpnicfAclMACDestMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination MAC wildzard of MAC acl rule. Default value is '00:00:00:00:00:00' " ::= { hpnicfAclMACEntry 9 } hpnicfAclMACLsapCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of LSAP." REFERENCE "ANSI/IEEE Std 802.3" ::= { hpnicfAclMACEntry 10 } hpnicfAclMACLsapMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of LSAP." ::= { hpnicfAclMACEntry 11 } hpnicfAclMACCos OBJECT-TYPE SYNTAX Integer32 (0..7 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "Vlan priority of MAC acl rule." DEFVAL { 255 } ::= { hpnicfAclMACEntry 12 } hpnicfAclMACTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of MAC acl rule. Default value is zero-length. " ::= { hpnicfAclMACEntry 13 } hpnicfAclMACCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched frames by the rule." ::= { hpnicfAclMACEntry 14 } hpnicfAclMACCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." DEFVAL { nouse } ::= { hpnicfAclMACEntry 15 } hpnicfAclMACEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclMACEntry 16 } hpnicfAclMACComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclMACEntry 17 } hpnicfAclMACLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclMACEntry 18 } hpnicfAclMACCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclMACEntry 19 } -- -- Nodes of named MAC ACL group -- hpnicfAclNamedMACTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNamedMACEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of named MAC ACL rule. The name of ACL group will be used as an index in this table, which differs from the table hpnicfAclMACTable. If some objects of this table are not supported by some products, these objects can't be created, changed or applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclMACAclGroup 2 } hpnicfAclNamedMACEntry OBJECT-TYPE SYNTAX HpnicfAclNamedMACEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC acl group information." INDEX { hpnicfAclNumberGroupType, hpnicfAclNamedGroupName, hpnicfAclMACRuleIndex } ::= { hpnicfAclNamedMACTable 1 } HpnicfAclNamedMACEntry ::= SEQUENCE { hpnicfAclNamedMACRowStatus RowStatus, hpnicfAclNamedMACAct RuleAction, hpnicfAclNamedMACTypeCode OCTET STRING, hpnicfAclNamedMACTypeMask OCTET STRING, hpnicfAclNamedMACSrcMac MacAddress, hpnicfAclNamedMACSrcMacWild MacAddress, hpnicfAclNamedMACDstMac MacAddress, hpnicfAclNamedMACDstMacWild MacAddress, hpnicfAclNamedMACLsapCode OCTET STRING, hpnicfAclNamedMACLsapMask OCTET STRING, hpnicfAclNamedMACCos Integer32, hpnicfAclNamedMACTimeRangeName OCTET STRING, hpnicfAclNamedMACCount Unsigned32, hpnicfAclNamedMACCountClear CounterClear, hpnicfAclNamedMACEnable TruthValue, hpnicfAclNamedMACComment OCTET STRING, hpnicfAclNamedMACLog TruthValue, hpnicfAclNamedMACCounting TruthValue } hpnicfAclNamedMACRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclNamedMACEntry 1 } hpnicfAclNamedMACAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of MAC ACL rule." ::= { hpnicfAclNamedMACEntry 2 } hpnicfAclNamedMACTypeCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of protocol." REFERENCE "rfc894, rfc1010." ::= { hpnicfAclNamedMACEntry 3 } hpnicfAclNamedMACTypeMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of protocol." ::= { hpnicfAclNamedMACEntry 4 } hpnicfAclNamedMACSrcMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source MAC of MAC ACL rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclNamedMACEntry 5 } hpnicfAclNamedMACSrcMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Source MAC wildcard of MAC ACL rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclNamedMACEntry 6 } hpnicfAclNamedMACDstMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination MAC of MAC ACL rule. Default value is '00:00:00:00:00:00'. " ::= { hpnicfAclNamedMACEntry 7 } hpnicfAclNamedMACDstMacWild OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Destination MAC wildcard of MAC ACL rule. Default value is '00:00:00:00:00:00' " ::= { hpnicfAclNamedMACEntry 8 } hpnicfAclNamedMACLsapCode OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The type of LSAP." REFERENCE "ANSI/IEEE Std 802.3" ::= { hpnicfAclNamedMACEntry 9 } hpnicfAclNamedMACLsapMask OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The mask of LSAP." ::= { hpnicfAclNamedMACEntry 10 } hpnicfAclNamedMACCos OBJECT-TYPE SYNTAX Integer32 (0..7 | 255) MAX-ACCESS read-create STATUS current DESCRIPTION "Vlan priority of MAC ACL rule." DEFVAL { 255 } ::= { hpnicfAclNamedMACEntry 11 } hpnicfAclNamedMACTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The time-range of MAC ACL rule. Default value is zero-length. " ::= { hpnicfAclNamedMACEntry 12 } hpnicfAclNamedMACCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched frames by the rule." ::= { hpnicfAclNamedMACEntry 13 } hpnicfAclNamedMACCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." DEFVAL { nouse } ::= { hpnicfAclNamedMACEntry 14 } hpnicfAclNamedMACEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclNamedMACEntry 15 } hpnicfAclNamedMACComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclNamedMACEntry 16 } hpnicfAclNamedMACLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclNamedMACEntry 17 } hpnicfAclNamedMACCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclNamedMACEntry 18 } -- -- Node of hpnicfAclEnUserGroup -- hpnicfAclEnUserAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 4 } -- -- Nodes of hpnicfAclEnUserTable -- hpnicfAclEnUserTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclEnUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of user acl group information. If some objects of this table are not supported by some products, these objects can't be created, changed and applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclEnUserAclGroup 3 } hpnicfAclEnUserEntry OBJECT-TYPE SYNTAX HpnicfAclEnUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "User defined acl group entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex, hpnicfAclEnUserRuleIndex } ::= { hpnicfAclEnUserTable 1 } HpnicfAclEnUserEntry ::= SEQUENCE { hpnicfAclEnUserRuleIndex Integer32, hpnicfAclEnUserRowStatus RowStatus, hpnicfAclEnUserAct RuleAction, hpnicfAclEnUserStartString OCTET STRING, hpnicfAclEnUserL2String OCTET STRING, hpnicfAclEnUserMplsString OCTET STRING, hpnicfAclEnUserIPv4String OCTET STRING, hpnicfAclEnUserIPv6String OCTET STRING, hpnicfAclEnUserL4String OCTET STRING, hpnicfAclEnUserL5String OCTET STRING, hpnicfAclEnUserTimeRangeName OCTET STRING, hpnicfAclEnUserCount Unsigned32, hpnicfAclEnUserCountClear CounterClear, hpnicfAclEnUserEnable TruthValue, hpnicfAclEnUserComment OCTET STRING, hpnicfAclEnUserLog TruthValue, hpnicfAclEnUserCounting TruthValue } hpnicfAclEnUserRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The subitem of the user acl." ::= { hpnicfAclEnUserEntry 1 } hpnicfAclEnUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclEnUserEntry 2 } hpnicfAclEnUserAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of user defined acl rule." ::= { hpnicfAclEnUserEntry 3 } hpnicfAclEnUserStartString OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value of this object is defined by product and it indicates the offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: 10,10af,ffff. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 4 } hpnicfAclEnUserL2String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 2 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 5 } hpnicfAclEnUserMplsString OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching mpls packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 6 } hpnicfAclEnUserIPv4String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching IPv4 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 7 } hpnicfAclEnUserIPv6String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching IPv6 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 8 } hpnicfAclEnUserL4String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 4 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 9 } hpnicfAclEnUserL5String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 5 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclEnUserEntry 10 } hpnicfAclEnUserTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of user acl rule. Default value is zero-length." ::= { hpnicfAclEnUserEntry 11 } hpnicfAclEnUserCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by the rule." ::= { hpnicfAclEnUserEntry 12 } hpnicfAclEnUserCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." ::= { hpnicfAclEnUserEntry 13 } hpnicfAclEnUserEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclEnUserEntry 14 } hpnicfAclEnUserComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclEnUserEntry 15 } hpnicfAclEnUserLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclEnUserEntry 16 } hpnicfAclEnUserCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclEnUserEntry 17 } -- -- Nodes of hpnicfAclNamedUserTable -- hpnicfAclNamedUserTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclNamedUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of named user acl rule. The name of ACL group will be used as an index in this table, which differs from the table hpnicfAclEnUserTable. If some objects of this table are not supported by some products, these objects can't be created, changed and applied. Default value of these objects will be returned when they are read. " ::= { hpnicfAclEnUserAclGroup 4 } hpnicfAclNamedUserEntry OBJECT-TYPE SYNTAX HpnicfAclNamedUserEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "User defined acl group entry." INDEX { hpnicfAclNumberGroupType, hpnicfAclNamedGroupName, hpnicfAclEnUserRuleIndex } ::= { hpnicfAclNamedUserTable 1 } HpnicfAclNamedUserEntry ::= SEQUENCE { hpnicfAclNamedUserRowStatus RowStatus, hpnicfAclNamedUserAct RuleAction, hpnicfAclNamedUserStartString OCTET STRING, hpnicfAclNamedUserL2String OCTET STRING, hpnicfAclNamedUserMplsString OCTET STRING, hpnicfAclNamedUserIPv4String OCTET STRING, hpnicfAclNamedUserIPv6String OCTET STRING, hpnicfAclNamedUserL4String OCTET STRING, hpnicfAclNamedUserL5String OCTET STRING, hpnicfAclNamedUserTimeRangeName OCTET STRING, hpnicfAclNamedUserCount Unsigned32, hpnicfAclNamedUserCountClear CounterClear, hpnicfAclNamedUserEnable TruthValue, hpnicfAclNamedUserComment OCTET STRING, hpnicfAclNamedUserLog TruthValue, hpnicfAclNamedUserCounting TruthValue } hpnicfAclNamedUserRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclNamedUserEntry 1 } hpnicfAclNamedUserAct OBJECT-TYPE SYNTAX RuleAction MAX-ACCESS read-create STATUS current DESCRIPTION "The action of user defined acl rule." ::= { hpnicfAclNamedUserEntry 2 } hpnicfAclNamedUserStartString OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value of this object is defined by product and it indicates the offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: 10,10af,ffff. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 3 } hpnicfAclNamedUserL2String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 2 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 4 } hpnicfAclNamedUserMplsString OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching mpls packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 5 } hpnicfAclNamedUserIPv4String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching IPv4 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 6 } hpnicfAclNamedUserIPv6String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching IPv6 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 7 } hpnicfAclNamedUserL4String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 4 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 8 } hpnicfAclNamedUserL5String OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-create STATUS current DESCRIPTION "The rule, matching layer 5 packets, input like this: 'RuleOffset','RuleString','RuleMask'. RuleOffset: The value is defined by product and it indicates offset of the rule mask in the packet(unit: byte). RuleString: The length of RuleString is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. RuleMask: The length of RuleMask is defined by product. The string must be hexadecimal. The length of string must be multiple of 2. For example: '10','10af','ffff'. Default value is zero-length. " ::= { hpnicfAclNamedUserEntry 9 } hpnicfAclNamedUserTimeRangeName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "The Time-range of user acl rule. Default value is zero-length." ::= { hpnicfAclNamedUserEntry 10 } hpnicfAclNamedUserCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The count of matched by the rule." ::= { hpnicfAclNamedUserEntry 11 } hpnicfAclNamedUserCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Reset the value of counter." ::= { hpnicfAclNamedUserEntry 12 } hpnicfAclNamedUserEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The rule is active or not. true : active false : inactive " DEFVAL { false } ::= { hpnicfAclNamedUserEntry 13 } hpnicfAclNamedUserComment OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS current DESCRIPTION "The description of ACL rule. Default value is Zero-length String. " ::= { hpnicfAclNamedUserEntry 14 } hpnicfAclNamedUserLog OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be logged when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclNamedUserEntry 15 } hpnicfAclNamedUserCounting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The packet will be counted when it matches the rule. It is disabled by default. " DEFVAL { false } ::= { hpnicfAclNamedUserEntry 16 } -- -- Node of hpnicfAclResourceGroup -- hpnicfAclResourceGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 5 } -- -- Nodes of hpnicfAclResourceUsageTable -- hpnicfAclResourceUsageTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclResourceUsageEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table shows ACL resource usage information. Support for resource types that are denoted by hpnicfAclResourceType object varies with products. If a type is not supported, the corresponding row for the type will not be instantiated in this table. " ::= { hpnicfAclResourceGroup 1 } hpnicfAclResourceUsageEntry OBJECT-TYPE SYNTAX HpnicfAclResourceUsageEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each row contains a brief description of the resource type, a port range associated with the chip, total, reserved, and configured amount of resource of this type, the percent of resource that has been allocated, and so on. " INDEX { hpnicfAclResourceChassis, hpnicfAclResourceSlot, hpnicfAclResourceChip, hpnicfAclResourceType } ::= { hpnicfAclResourceUsageTable 1 } HpnicfAclResourceUsageEntry ::= SEQUENCE { hpnicfAclResourceChassis Unsigned32, hpnicfAclResourceSlot Unsigned32, hpnicfAclResourceChip Unsigned32, hpnicfAclResourceType Integer32, hpnicfAclPortRange OCTET STRING, hpnicfAclResourceTotal Unsigned32, hpnicfAclResourceReserved Unsigned32, hpnicfAclResourceConfigured Unsigned32, hpnicfAclResourceUsagePercent Unsigned32, hpnicfAclResourceTypeDescription OCTET STRING } hpnicfAclResourceChassis OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The chassis number. On a centralized or distributed device, the value for this node is always zero. " ::= { hpnicfAclResourceUsageEntry 1 } hpnicfAclResourceSlot OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The slot number. On a centralized device, the value for this node is always zero." ::= { hpnicfAclResourceUsageEntry 2 } hpnicfAclResourceChip OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The chip number. On a single chip device, the value for this node is always zero." ::= { hpnicfAclResourceUsageEntry 3 } hpnicfAclResourceType OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The resource type." ::= { hpnicfAclResourceUsageEntry 4 } hpnicfAclPortRange OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The port range associated with the chip. Commas are used to separate multiple port ranges, for example, Ethernet1/2 to Ethernet1/12, Ethernet1/31 to Ethernet1/48. " ::= { hpnicfAclResourceUsageEntry 5 } hpnicfAclResourceTotal OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total TCAM entries of the resource type." ::= { hpnicfAclResourceUsageEntry 6 } hpnicfAclResourceReserved OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of reserved TCAM entries of the resource type." ::= { hpnicfAclResourceUsageEntry 7 } hpnicfAclResourceConfigured OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of configured TCAM entries of the resource type." ::= { hpnicfAclResourceUsageEntry 8 } hpnicfAclResourceUsagePercent OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The percent of TCAM entries that have been used for this resource type. " ::= { hpnicfAclResourceUsageEntry 9 } hpnicfAclResourceTypeDescription OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "The description of this resource type." ::= { hpnicfAclResourceUsageEntry 10 } -- -- Node of hpnicfAclIntervalGroup -- hpnicfAclIntervalGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 6 } -- -- Nodes of hpnicfAclIntervalTable -- hpnicfAclIntervalTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfAclIntervalEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Log interval table." ::= { hpnicfAclIntervalGroup 1 } hpnicfAclIntervalEntry OBJECT-TYPE SYNTAX HpnicfAclIntervalEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Log interval entry." INDEX { hpnicfAclIntervalType } ::= { hpnicfAclIntervalTable 1 } HpnicfAclIntervalEntry ::= SEQUENCE { hpnicfAclIntervalType INTEGER, hpnicfAclIntervalValue Integer32, hpnicfAclIntervalRowStatus RowStatus } hpnicfAclIntervalType OBJECT-TYPE SYNTAX INTEGER { logging(1), trap(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The types of the interval specified for generating packet filtering logs or traps. " ::= { hpnicfAclIntervalEntry 1 } hpnicfAclIntervalValue OBJECT-TYPE SYNTAX Integer32 (5..1440) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of interval. It must be a multiple of 5 and in the range of 5 to 1440. " ::= { hpnicfAclIntervalEntry 2 } hpnicfAclIntervalRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfAclIntervalEntry 3 } -- -- Node of hpnicfAclPacketFilterObjects -- hpnicfAclPacketFilterObjects OBJECT IDENTIFIER ::= { hpnicfAcl 3 } hpnicfPfilterScalarGroup OBJECT IDENTIFIER ::= { hpnicfAclPacketFilterObjects 1 } hpnicfPfilterDefaultAction OBJECT-TYPE SYNTAX INTEGER { permit(1), deny(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The default action of packet filter. By default, the packet filter permits packets that do not match any ACL rule to pass. " ::= { hpnicfPfilterScalarGroup 1 } hpnicfPfilterProcessingStatus OBJECT-TYPE SYNTAX INTEGER { processing(1), done(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object shows the status of the system when applying packet filter. It is forbidden to set or read in hpnicfAclPacketFilterObjects MIB module when the value is processing. " ::= { hpnicfPfilterScalarGroup 2 } -- -- Nodes of hpnicfPfilterApplyTable -- hpnicfPfilterApplyTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilterApplyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of packet filter application. It's not supported to set default action on an entity, but supported to enable hardware count of default action on an entity. " ::= { hpnicfAclPacketFilterObjects 2 } hpnicfPfilterApplyEntry OBJECT-TYPE SYNTAX HpnicfPfilterApplyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Packet filter application information entry." INDEX { hpnicfPfilterApplyObjType, hpnicfPfilterApplyObjIndex, hpnicfPfilterApplyDirection, hpnicfPfilterApplyAclType, hpnicfPfilterApplyAclIndex } ::= { hpnicfPfilterApplyTable 1 } HpnicfPfilterApplyEntry ::= SEQUENCE { hpnicfPfilterApplyObjType INTEGER, hpnicfPfilterApplyObjIndex Integer32, hpnicfPfilterApplyDirection DirectionType, hpnicfPfilterApplyAclType INTEGER, hpnicfPfilterApplyAclIndex Integer32, hpnicfPfilterApplyHardCount TruthValue, hpnicfPfilterApplySequence Unsigned32, hpnicfPfilterApplyCountClear CounterClear, hpnicfPfilterApplyRowStatus RowStatus } hpnicfPfilterApplyObjType OBJECT-TYPE SYNTAX INTEGER { interface(1), vlan(2), global(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object type of packet filter application. interface: Apply an ACL to the interface to filter packets. vlan: Apply an ACL to the VLAN to filter packets. global: Apply an ACL globally to filter packets. " ::= { hpnicfPfilterApplyEntry 1 } hpnicfPfilterApplyObjIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object ID of packet filter application. Interface: interface index, equal to ifIndex VLAN: VLAN ID, 1..4094 Global: 0 " ::= { hpnicfPfilterApplyEntry 2 } hpnicfPfilterApplyDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction of packet filter application." ::= { hpnicfPfilterApplyEntry 3 } hpnicfPfilterApplyAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), default(3), mac(4), user(5) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL Type: IPv4, IPv6, default action, MAC, and user. Take default action as a special ACL group. " ::= { hpnicfPfilterApplyEntry 4 } hpnicfPfilterApplyAclIndex OBJECT-TYPE SYNTAX Integer32 (0|2000..5999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL group index. Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 Default action type: 0 " ::= { hpnicfPfilterApplyEntry 5 } hpnicfPfilterApplyHardCount OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Hardware count flag. true: enable hardware count false: disable hardware count " DEFVAL { false } ::= { hpnicfPfilterApplyEntry 6 } hpnicfPfilterApplySequence OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The configure sequence of packet filter application." ::= { hpnicfPfilterApplyEntry 7 } hpnicfPfilterApplyCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Clear the value of counters." ::= { hpnicfPfilterApplyEntry 8 } hpnicfPfilterApplyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfPfilterApplyEntry 9 } -- -- Nodes of hpnicfPfilterAclGroupRunInfoTable -- hpnicfPfilterAclGroupRunInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilterAclGroupRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of group running information of ACLs for packet filtering. If hardware count function is not supported or not enabled to the packet filter application, the statistics entry will be zero. " ::= { hpnicfAclPacketFilterObjects 3 } hpnicfPfilterAclGroupRunInfoEntry OBJECT-TYPE SYNTAX HpnicfPfilterAclGroupRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL group running information entry for packet filtering." INDEX { hpnicfPfilterRunApplyObjType, hpnicfPfilterRunApplyObjIndex, hpnicfPfilterRunApplyDirection, hpnicfPfilterRunApplyAclType, hpnicfPfilterRunApplyAclIndex } ::= { hpnicfPfilterAclGroupRunInfoTable 1 } HpnicfPfilterAclGroupRunInfoEntry ::= SEQUENCE { hpnicfPfilterRunApplyObjType INTEGER, hpnicfPfilterRunApplyObjIndex Integer32, hpnicfPfilterRunApplyDirection DirectionType, hpnicfPfilterRunApplyAclType INTEGER, hpnicfPfilterRunApplyAclIndex Integer32, hpnicfPfilterAclGroupStatus INTEGER, hpnicfPfilterAclGroupCountStatus INTEGER, hpnicfPfilterAclGroupPermitPkts Counter64, hpnicfPfilterAclGroupPermitBytes Counter64, hpnicfPfilterAclGroupDenyPkts Counter64, hpnicfPfilterAclGroupDenyBytes Counter64 } hpnicfPfilterRunApplyObjType OBJECT-TYPE SYNTAX INTEGER { interface(1), vlan(2), global(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object type of packet filter application. interface: Apply an ACL to the interface to filter packets. vlan: Apply an ACL to the VLAN to filter packets. global: Apply an ACL globally to filter packets. " ::= { hpnicfPfilterAclGroupRunInfoEntry 1 } hpnicfPfilterRunApplyObjIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object ID of packet filter application. Interface: interface index, equal to ifIndex VLAN: VLAN ID, 1..4094 Global: 0 " ::= { hpnicfPfilterAclGroupRunInfoEntry 2 } hpnicfPfilterRunApplyDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction of packet filter application." ::= { hpnicfPfilterAclGroupRunInfoEntry 3 } hpnicfPfilterRunApplyAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), default(3), mac(4), user(5) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL Type: IPv4, IPv6, default action, MAC, and user. Take default action as a special ACL group. " ::= { hpnicfPfilterAclGroupRunInfoEntry 4 } hpnicfPfilterRunApplyAclIndex OBJECT-TYPE SYNTAX Integer32 (1..3|2000..5999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL group index. Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 MAC default action: 1 IPv4 default action: 2 IPv6 default action: 3 " ::= { hpnicfPfilterAclGroupRunInfoEntry 5 } hpnicfPfilterAclGroupStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of ACL group applied. success: ACL applied successfully on all slots failed: failed to apply ACL on all slots partialSuccess: failed to apply ACL on some slots " ::= { hpnicfPfilterAclGroupRunInfoEntry 6 } hpnicfPfilterAclGroupCountStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of enabling hardware count. If hardware count is not enabled, it returns success. success: enable hardware count successfully on all slots failed: failed to enable hardware count on all slots partialSuccess: failed to enable hardware count on some slots " ::= { hpnicfPfilterAclGroupRunInfoEntry 7 } hpnicfPfilterAclGroupPermitPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets permitted." ::= { hpnicfPfilterAclGroupRunInfoEntry 8 } hpnicfPfilterAclGroupPermitBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes permitted." ::= { hpnicfPfilterAclGroupRunInfoEntry 9 } hpnicfPfilterAclGroupDenyPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets denied." ::= { hpnicfPfilterAclGroupRunInfoEntry 10 } hpnicfPfilterAclGroupDenyBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes denied." ::= { hpnicfPfilterAclGroupRunInfoEntry 11 } -- -- Nodes of hpnicfPfilterAclRuleRunInfoTable -- hpnicfPfilterAclRuleRunInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilterAclRuleRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of rule's running information of ACLs for packet filtering. If hardware count function is not supported or not enabled to the packet filter application, the hpnicfPfilterAclRuleMatchPackets and hpnicfPfilterAclRuleMatchBytes will be zero. " ::= { hpnicfAclPacketFilterObjects 4 } hpnicfPfilterAclRuleRunInfoEntry OBJECT-TYPE SYNTAX HpnicfPfilterAclRuleRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL rule's running information entry." INDEX { hpnicfPfilterRunApplyObjType, hpnicfPfilterRunApplyObjIndex, hpnicfPfilterRunApplyDirection, hpnicfPfilterRunApplyAclType, hpnicfPfilterRunApplyAclIndex, hpnicfPfilterAclRuleIndex } ::= { hpnicfPfilterAclRuleRunInfoTable 1 } HpnicfPfilterAclRuleRunInfoEntry ::= SEQUENCE { hpnicfPfilterAclRuleIndex Integer32, hpnicfPfilterAclRuleStatus INTEGER, hpnicfPfilterAclRuleCountStatus INTEGER, hpnicfPfilterAclRuleMatchPackets Counter64, hpnicfPfilterAclRuleMatchBytes Counter64 } hpnicfPfilterAclRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL rule index." ::= { hpnicfPfilterAclRuleRunInfoEntry 1 } hpnicfPfilterAclRuleStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of rule application. success: rule applied successfully on all slots failed: failed to apply rule on all slots partialSuccess: failed to apply rule on some slots " ::= { hpnicfPfilterAclRuleRunInfoEntry 2 } hpnicfPfilterAclRuleCountStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of enabling rule's hardware count. If hardware count is not enabled, it returns success. success: enable hardware count successfully on all slots failed: failed to enable hardware count on all slots partialSuccess: failed to enable hardware count on some slots " ::= { hpnicfPfilterAclRuleRunInfoEntry 3 } hpnicfPfilterAclRuleMatchPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets matched." ::= { hpnicfPfilterAclRuleRunInfoEntry 4 } hpnicfPfilterAclRuleMatchBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes matched." ::= { hpnicfPfilterAclRuleRunInfoEntry 5 } -- -- Nodes of hpnicfPfilterStatisticSumTable -- hpnicfPfilterStatisticSumTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilterStatisticSumEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of ACL rule's sum statistics information, accumulated by all entity application on all slots. " ::= { hpnicfAclPacketFilterObjects 5 } hpnicfPfilterStatisticSumEntry OBJECT-TYPE SYNTAX HpnicfPfilterStatisticSumEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL rule's sum statistics information entry." INDEX { hpnicfPfilterSumDirection, hpnicfPfilterSumAclType, hpnicfPfilterSumAclIndex, hpnicfPfilterSumRuleIndex } ::= { hpnicfPfilterStatisticSumTable 1 } HpnicfPfilterStatisticSumEntry ::= SEQUENCE { hpnicfPfilterSumDirection DirectionType, hpnicfPfilterSumAclType INTEGER, hpnicfPfilterSumAclIndex Integer32, hpnicfPfilterSumRuleIndex Integer32, hpnicfPfilterSumRuleMatchPackets Counter64, hpnicfPfilterSumRuleMatchBytes Counter64 } hpnicfPfilterSumDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction of application." ::= { hpnicfPfilterStatisticSumEntry 1 } hpnicfPfilterSumAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), mac(3), user(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL type: IPv4, IPv6, MAC, and user." ::= { hpnicfPfilterStatisticSumEntry 2 } hpnicfPfilterSumAclIndex OBJECT-TYPE SYNTAX Integer32 (2000..5999) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL group index. Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 " ::= { hpnicfPfilterStatisticSumEntry 3 } hpnicfPfilterSumRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL rule index." ::= { hpnicfPfilterStatisticSumEntry 4 } hpnicfPfilterSumRuleMatchPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The sum number of packets matched the ACL rule." ::= { hpnicfPfilterStatisticSumEntry 5 } hpnicfPfilterSumRuleMatchBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The sum number of bytes matched the ACL rule." ::= { hpnicfPfilterStatisticSumEntry 6 } -- -- Nodes of hpnicfPfilter2ApplyTable -- hpnicfPfilter2ApplyTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilter2ApplyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of packet filter application. It's not supported to set default action on an entity, but supported to enable hardware count of default action on an entity. " ::= { hpnicfAclPacketFilterObjects 6 } hpnicfPfilter2ApplyEntry OBJECT-TYPE SYNTAX HpnicfPfilter2ApplyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Packet filter application information entry." INDEX { hpnicfPfilter2ApplyObjType, hpnicfPfilter2ApplyObjIndex, hpnicfPfilter2ApplyDirection, hpnicfPfilter2ApplyAclType, hpnicfPfilter2ApplyAclIndex } ::= { hpnicfPfilter2ApplyTable 1 } HpnicfPfilter2ApplyEntry ::= SEQUENCE { hpnicfPfilter2ApplyObjType INTEGER, hpnicfPfilter2ApplyObjIndex Integer32, hpnicfPfilter2ApplyDirection DirectionType, hpnicfPfilter2ApplyAclType INTEGER, hpnicfPfilter2ApplyAclIndex OCTET STRING, hpnicfPfilter2ApplyHardCount TruthValue, hpnicfPfilter2ApplySequence Unsigned32, hpnicfPfilter2ApplyCountClear CounterClear, hpnicfPfilter2ApplyRowStatus RowStatus } hpnicfPfilter2ApplyObjType OBJECT-TYPE SYNTAX INTEGER { interface(1), vlan(2), global(3) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The object type of packet filter application. interface: Apply an ACL to the interface to filter packets. vlan: Apply an ACL to the VLAN to filter packets. global: Apply an ACL globally to filter packets. " ::= { hpnicfPfilter2ApplyEntry 1 } hpnicfPfilter2ApplyObjIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The object ID of packet filter application. Interface: interface index, equal to ifIndex VLAN: VLAN ID, 1..4094 Global: 0 " ::= { hpnicfPfilter2ApplyEntry 2 } hpnicfPfilter2ApplyDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The direction of packet filter application." ::= { hpnicfPfilter2ApplyEntry 3 } hpnicfPfilter2ApplyAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), default(3), mac(4), user(5) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "ACL Type: IPv4, IPv6, default action, MAC, and user. Take default action as a special ACL group. " ::= { hpnicfPfilter2ApplyEntry 4 } hpnicfPfilter2ApplyAclIndex OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..63)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The index of ACL group used by packet-filter. If the specified string comprises only digits, it is converted into a numerical sequence in decimal notation, and regarded as an ACL group index or a default action. If the string is a character string beginning with an English letter, it is regarded as an ACL group name. Group index range and default action: Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 Default action type: 0 " ::= { hpnicfPfilter2ApplyEntry 5 } hpnicfPfilter2ApplyHardCount OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Hardware count flag. true: enable hardware count false: disable hardware count " DEFVAL { false } ::= { hpnicfPfilter2ApplyEntry 6 } hpnicfPfilter2ApplySequence OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The configure sequence of packet filter application." ::= { hpnicfPfilter2ApplyEntry 7 } hpnicfPfilter2ApplyCountClear OBJECT-TYPE SYNTAX CounterClear MAX-ACCESS read-write STATUS current DESCRIPTION "Clear the value of counters." DEFVAL { nouse } ::= { hpnicfPfilter2ApplyEntry 8 } hpnicfPfilter2ApplyRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "RowStatus." ::= { hpnicfPfilter2ApplyEntry 9 } -- -- Nodes of hpnicfPfilter2AclGroupRunInfoTable -- hpnicfPfilter2AclGroupRunInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilter2AclGroupRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of group running information of ACLs for packet filtering. If hardware count function is not supported or not enabled to the packet filter application, the statistics entry will be zero. " ::= { hpnicfAclPacketFilterObjects 7 } hpnicfPfilter2AclGroupRunInfoEntry OBJECT-TYPE SYNTAX HpnicfPfilter2AclGroupRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL group running information entry for packet filtering." INDEX { hpnicfPfilter2RunApplyObjType, hpnicfPfilter2RunApplyObjIndex, hpnicfPfilter2RunApplyDirection, hpnicfPfilter2RunApplyAclType, hpnicfPfilter2RunApplyAclIndex } ::= { hpnicfPfilter2AclGroupRunInfoTable 1 } HpnicfPfilter2AclGroupRunInfoEntry ::= SEQUENCE { hpnicfPfilter2RunApplyObjType INTEGER, hpnicfPfilter2RunApplyObjIndex Integer32, hpnicfPfilter2RunApplyDirection DirectionType, hpnicfPfilter2RunApplyAclType INTEGER, hpnicfPfilter2RunApplyAclIndex OCTET STRING, hpnicfPfilter2AclGroupStatus INTEGER, hpnicfPfilter2AclGroupCountStatus INTEGER, hpnicfPfilter2AclGroupPermitPkts Counter64, hpnicfPfilter2AclGroupPermitBytes Counter64, hpnicfPfilter2AclGroupDenyPkts Counter64, hpnicfPfilter2AclGroupDenyBytes Counter64 } hpnicfPfilter2RunApplyObjType OBJECT-TYPE SYNTAX INTEGER { interface(1), vlan(2), global(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object type of packet filter application. interface: Apply an ACL to the interface to filter packets. vlan: Apply an ACL to the VLAN to filter packets. global: Apply an ACL globally to filter packets. " ::= { hpnicfPfilter2AclGroupRunInfoEntry 1 } hpnicfPfilter2RunApplyObjIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The object ID of packet filter application. Interface: interface index, equal to ifIndex VLAN: VLAN ID, 1..4094 Global: 0 " ::= { hpnicfPfilter2AclGroupRunInfoEntry 2 } hpnicfPfilter2RunApplyDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction of packet filter application." ::= { hpnicfPfilter2AclGroupRunInfoEntry 3 } hpnicfPfilter2RunApplyAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), default(3), mac(4), user(5) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL Type: IPv4, IPv6, default action, MAC, and user. Take default action as a special ACL group. " ::= { hpnicfPfilter2AclGroupRunInfoEntry 4 } hpnicfPfilter2RunApplyAclIndex OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..63)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of ACL group used by packet-filter. If the specified string comprises only digits, it is converted into a numerical sequence in decimal notation, and regarded as an ACL group index or a default action. If the string is a character string beginning with an English letter, it is regarded as an ACL group name. Group index range and default action: Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 MAC default action: 1 IPv4 default action: 2 IPv6 default action: 3 " ::= { hpnicfPfilter2AclGroupRunInfoEntry 5 } hpnicfPfilter2AclGroupStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of ACL group applied. success: ACL applied successfully on all slots failed: failed to apply ACL on all slots partialSuccess: failed to apply ACL on some slots " ::= { hpnicfPfilter2AclGroupRunInfoEntry 6 } hpnicfPfilter2AclGroupCountStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of enabling hardware count. If hardware count is not enabled, it returns success. success: enable hardware count successfully on all slots failed: failed to enable hardware count on all slots partialSuccess: failed to enable hardware count on some slots " ::= { hpnicfPfilter2AclGroupRunInfoEntry 7 } hpnicfPfilter2AclGroupPermitPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets permitted." ::= { hpnicfPfilter2AclGroupRunInfoEntry 8 } hpnicfPfilter2AclGroupPermitBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes permitted." ::= { hpnicfPfilter2AclGroupRunInfoEntry 9 } hpnicfPfilter2AclGroupDenyPkts OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets denied." ::= { hpnicfPfilter2AclGroupRunInfoEntry 10 } hpnicfPfilter2AclGroupDenyBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes denied." ::= { hpnicfPfilter2AclGroupRunInfoEntry 11 } -- -- Nodes of hpnicfPfilter2AclRuleRunInfoTable -- hpnicfPfilter2AclRuleRunInfoTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilter2AclRuleRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of rule's running information of ACLs for packet filtering. If hardware count function is not supported or not enabled to the packet filter application, the hpnicfPfilter2AclRuleMatchPackets and hpnicfPfilter2AclRuleMatchBytes will be zero. " ::= { hpnicfAclPacketFilterObjects 8 } hpnicfPfilter2AclRuleRunInfoEntry OBJECT-TYPE SYNTAX HpnicfPfilter2AclRuleRunInfoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL rule's running information entry." INDEX { hpnicfPfilter2RunApplyObjType, hpnicfPfilter2RunApplyObjIndex, hpnicfPfilter2RunApplyDirection, hpnicfPfilter2RunApplyAclType, hpnicfPfilter2RunApplyAclIndex, hpnicfPfilter2AclRuleIndex } ::= { hpnicfPfilter2AclRuleRunInfoTable 1 } HpnicfPfilter2AclRuleRunInfoEntry ::= SEQUENCE { hpnicfPfilter2AclRuleIndex Integer32, hpnicfPfilter2AclRuleStatus INTEGER, hpnicfPfilter2AclRuleCountStatus INTEGER, hpnicfPfilter2AclRuleMatchPackets Counter64, hpnicfPfilter2AclRuleMatchBytes Counter64 } hpnicfPfilter2AclRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The ACL rule index." ::= { hpnicfPfilter2AclRuleRunInfoEntry 1 } hpnicfPfilter2AclRuleStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of rule application. success: rule applied successfully on all slots failed: failed to apply rule on all slots partialSuccess: failed to apply rule on some slots " ::= { hpnicfPfilter2AclRuleRunInfoEntry 2 } hpnicfPfilter2AclRuleCountStatus OBJECT-TYPE SYNTAX INTEGER { success(1), failed(2), partialSuccess(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of enabling rule's hardware count. If hardware count is not enabled, it returns success. success: enable hardware count successfully on all slots failed: failed to enable hardware count on all slots partialSuccess: failed to enable hardware count on some slots " ::= { hpnicfPfilter2AclRuleRunInfoEntry 3 } hpnicfPfilter2AclRuleMatchPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets matched." ::= { hpnicfPfilter2AclRuleRunInfoEntry 4 } hpnicfPfilter2AclRuleMatchBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes matched." ::= { hpnicfPfilter2AclRuleRunInfoEntry 5 } -- -- Nodes of hpnicfPfilter2StatisticSumTable -- hpnicfPfilter2StatisticSumTable OBJECT-TYPE SYNTAX SEQUENCE OF HpnicfPfilter2StatisticSumEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of ACL rule's sum statistics information, accumulated by all entity application on all slots. " ::= { hpnicfAclPacketFilterObjects 9 } hpnicfPfilter2StatisticSumEntry OBJECT-TYPE SYNTAX HpnicfPfilter2StatisticSumEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL rule's sum statistics information entry." INDEX { hpnicfPfilter2SumDirection, hpnicfPfilter2SumAclType, hpnicfPfilter2SumAclIndex, hpnicfPfilter2SumRuleIndex } ::= { hpnicfPfilter2StatisticSumTable 1 } HpnicfPfilter2StatisticSumEntry ::= SEQUENCE { hpnicfPfilter2SumDirection DirectionType, hpnicfPfilter2SumAclType INTEGER, hpnicfPfilter2SumAclIndex OCTET STRING, hpnicfPfilter2SumRuleIndex Integer32, hpnicfPfilter2SumRuleMatchPackets Counter64, hpnicfPfilter2SumRuleMatchBytes Counter64 } hpnicfPfilter2SumDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The direction of application." ::= { hpnicfPfilter2StatisticSumEntry 1 } hpnicfPfilter2SumAclType OBJECT-TYPE SYNTAX INTEGER { ipv4(1), ipv6(2), mac(3), user(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "ACL type: IPv4, IPv6, MAC, and user." ::= { hpnicfPfilter2StatisticSumEntry 2 } hpnicfPfilter2SumAclIndex OBJECT-TYPE SYNTAX OCTET STRING (SIZE(1..63)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The index of ACL group used by packet-filter. If the specified string comprises only digits, it is converted into a numerical sequence in decimal notation, and regarded as an ACL group index. If the string is a character string beginning with an English letter, it is regarded as an ACL group name. Group index range and default action: Basic type: 2000..2999 Advanced type: 3000..3999 MAC type: 4000..4999 User type: 5000..5999 " ::= { hpnicfPfilter2StatisticSumEntry 3 } hpnicfPfilter2SumRuleIndex OBJECT-TYPE SYNTAX Integer32 (0..65534) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ACL rule index." ::= { hpnicfPfilter2StatisticSumEntry 4 } hpnicfPfilter2SumRuleMatchPackets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The sum number of packets matched the ACL rule." ::= { hpnicfPfilter2StatisticSumEntry 5 } hpnicfPfilter2SumRuleMatchBytes OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The sum number of bytes matched the ACL rule." ::= { hpnicfPfilter2StatisticSumEntry 6 } -- -- Nodes of hpnicfPacketfilterTrapObjects -- hpnicfAclPacketfilterTrapObjects OBJECT IDENTIFIER ::= { hpnicfAcl 4 } hpnicfPfilterInterface OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The interface which policy apply." ::= { hpnicfAclPacketfilterTrapObjects 1 } hpnicfPfilterDirection OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Inbound or outbound." ::= { hpnicfAclPacketfilterTrapObjects 2 } hpnicfPfilterACLNumber OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "ACL number." ::= { hpnicfAclPacketfilterTrapObjects 3 } hpnicfPfilterAction OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Permit or deny." ::= { hpnicfAclPacketfilterTrapObjects 4 } hpnicfMACfilterSourceMac OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source MAC address." ::= { hpnicfAclPacketfilterTrapObjects 5 } hpnicfMACfilterDestinationMac OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination MAC address." ::= { hpnicfAclPacketfilterTrapObjects 6 } hpnicfPfilterPacketNumber OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The number of packets permitted or denied by ACL." ::= { hpnicfAclPacketfilterTrapObjects 7 } hpnicfPfilterReceiveInterface OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The interface where packet come from." ::= { hpnicfAclPacketfilterTrapObjects 8 } hpnicfAclPacketIfName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The name of the interface on which the packet is matched." ::= { hpnicfAclPacketfilterTrapObjects 9 } hpnicfAclPacketDirection OBJECT-TYPE SYNTAX DirectionType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The direction the packet is going." ::= { hpnicfAclPacketfilterTrapObjects 10 } hpnicfAclPacketBAGG OBJECT-TYPE SYNTAX Integer32 (0..2048) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The bridge-aggregation-interface ID the interface belongs to. " DEFVAL { 0 } ::= { hpnicfAclPacketfilterTrapObjects 11 } hpnicfAclPacketVlanID OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The vlan the interface belongs to." ::= { hpnicfAclPacketfilterTrapObjects 12 } hpnicfAclPacketSrcIP OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source IP address of IPv4/IPv6 packet." ::= { hpnicfAclPacketfilterTrapObjects 13 } hpnicfAclPacketDstIP OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination IP address of IPv4/IPv6 packet." ::= { hpnicfAclPacketfilterTrapObjects 14 } hpnicfAclPacketProtocol OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The protocol of IPv4/IPv6 packet. icmp(1), tcp(6), udp(17), igmp(2), gre(47), ospf(89), ipinip(4), icmp6(58), ipv6_ah(51), ipv6_esp(50) " ::= { hpnicfAclPacketfilterTrapObjects 15 } hpnicfAclPacketDscp OBJECT-TYPE SYNTAX DSCPValue MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "DSCP of IPv4/IPv6 packet." DEFVAL { 255 } ::= { hpnicfAclPacketfilterTrapObjects 16 } hpnicfAclPacketFlowLabel OBJECT-TYPE SYNTAX Unsigned32 (0..1048575|4294967295) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Flow label value of IPv6 packet." DEFVAL { 4294967295 } ::= { hpnicfAclPacketfilterTrapObjects 17 } hpnicfAclPacketIcmpIgmpType OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The type of ICMP or IGMP packet." DEFVAL { 65535 } ::= { hpnicfAclPacketfilterTrapObjects 18 } hpnicfAclPacketIcmpIgmpCode OBJECT-TYPE SYNTAX Integer32 (0..255|65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The code of ICMP or IGMP packet." DEFVAL { 65535 } ::= { hpnicfAclPacketfilterTrapObjects 19 } hpnicfAclPacketTcpFlags OBJECT-TYPE SYNTAX INTEGER { tcpack(1), tcpfin(2), tcppsh(3), tcprst(4), tcpsyn(5), tcpurg(6), invalid(255) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The flags of TCP packet. tcpack(1), tcpfin(2), tcppsh(3), tcprst(4), tcpsyn(5), tcpurg(6), invalid(255) " DEFVAL { 255 } ::= { hpnicfAclPacketfilterTrapObjects 20 } hpnicfAclPacketSrcPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source port of TCP or UDP packet." DEFVAL { 0 } ::= { hpnicfAclPacketfilterTrapObjects 21 } hpnicfAclPacketDstPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination port of TCP or UDP packet." DEFVAL { 65535 } ::= { hpnicfAclPacketfilterTrapObjects 22 } hpnicfAclPacketSrcMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source MAC address of Ethernet packet." ::= { hpnicfAclPacketfilterTrapObjects 23 } hpnicfAclPacketDstMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination MAC address of Ethernet packet." ::= { hpnicfAclPacketfilterTrapObjects 24 } hpnicfAclPacketMacTypeLen OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Ethertype or 802.3 length of Ethernet packet." DEFVAL { 0 } ::= { hpnicfAclPacketfilterTrapObjects 25 } hpnicfAclPacketVlanPCP OBJECT-TYPE SYNTAX Integer32 (0..7|255) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "802.1p priority code point of Ethernet packet." DEFVAL { 255 } ::= { hpnicfAclPacketfilterTrapObjects 26 } -- -- Nodes of hpnicfPacketfilterTrap -- hpnicfAclPacketfilterTrap OBJECT IDENTIFIER ::= { hpnicfAcl 5 } hpnicfPfilterTrapPrefix OBJECT IDENTIFIER ::= { hpnicfAclPacketfilterTrap 0 } hpnicfMACfilterTrap NOTIFICATION-TYPE OBJECTS { hpnicfPfilterInterface, hpnicfPfilterDirection, hpnicfPfilterACLNumber, hpnicfPfilterAction, hpnicfMACfilterSourceMac, hpnicfMACfilterDestinationMac, hpnicfPfilterPacketNumber, hpnicfPfilterReceiveInterface } STATUS current DESCRIPTION "This notification is generated when a packet was processed by MAC address filter, but not every packet will generate one notification, the same notification only generate once in 30 seconds. " ::= { hpnicfPfilterTrapPrefix 1 } hpnicfAclRuleMatchCount NOTIFICATION-TYPE OBJECTS { hpnicfPfilter2ApplyObjType, hpnicfPfilter2ApplyObjIndex, hpnicfPfilter2ApplyDirection, hpnicfPfilter2ApplyAclType, hpnicfPfilter2ApplyAclIndex, hpnicfPfilter2AclRuleIndex, hpnicfPfilter2AclRuleMatchPackets } STATUS current DESCRIPTION "This notification is generated periodically due to a timer. The interval of the timer is configured in hpnicfAclIntervalTable. The notification details the entries about the packet-filter object, the matched ACL rule and the number of matching packets. " ::= { hpnicfPfilterTrapPrefix 2 } hpnicfAclFirstIPv4PktCaptured NOTIFICATION-TYPE OBJECTS { hpnicfPfilter2ApplyAclIndex, hpnicfPfilter2AclRuleIndex, hpnicfAclPacketIfName, hpnicfAclPacketDirection, hpnicfAclPacketBAGG, hpnicfAclPacketVlanID, hpnicfAclPacketSrcIP, hpnicfAclPacketDstIP, hpnicfAclPacketProtocol, hpnicfAclPacketDscp, hpnicfAclPacketIcmpIgmpType, hpnicfAclPacketIcmpIgmpCode, hpnicfAclPacketTcpFlags, hpnicfAclPacketSrcPort, hpnicfAclPacketDstPort } STATUS current DESCRIPTION "This notification is generated immediately when the first packet of the matched IPv4 flow is captured. Other packets of the matched flow won't be captured. " ::= { hpnicfPfilterTrapPrefix 3 } hpnicfAclFirstIPv6PktCaptured NOTIFICATION-TYPE OBJECTS { hpnicfPfilter2ApplyAclIndex, hpnicfPfilter2AclRuleIndex, hpnicfAclPacketIfName, hpnicfAclPacketDirection, hpnicfAclPacketBAGG, hpnicfAclPacketVlanID, hpnicfAclPacketSrcIP, hpnicfAclPacketDstIP, hpnicfAclPacketProtocol, hpnicfAclPacketDscp, hpnicfAclPacketFlowLabel, hpnicfAclPacketIcmpIgmpType, hpnicfAclPacketIcmpIgmpCode, hpnicfAclPacketTcpFlags, hpnicfAclPacketSrcPort, hpnicfAclPacketDstPort } STATUS current DESCRIPTION "This notification is generated immediately when the first packet of the matched IPv6 flow is captured. Other packets of the matched flow won't be captured. " ::= { hpnicfPfilterTrapPrefix 4 } hpnicfAclFirstEthernetPktCaptured NOTIFICATION-TYPE OBJECTS { hpnicfPfilter2ApplyAclIndex, hpnicfPfilter2AclRuleIndex, hpnicfAclPacketIfName, hpnicfAclPacketDirection, hpnicfAclPacketBAGG, hpnicfAclPacketVlanID, hpnicfAclPacketSrcMacAddr, hpnicfAclPacketDstMacAddr, hpnicfAclPacketMacTypeLen, hpnicfAclPacketVlanPCP } STATUS current DESCRIPTION "This notification is generated immediately when the first packet of the matched Ethernet flow is captured. Other packets of the matched flow won't be captured. " ::= { hpnicfPfilterTrapPrefix 5 } END