-- ZyXEL Communications Corporation -- Private Enterprise MIB definition -- This file describes the ZyXEL Communications Corporation Enterprise MIB. -- It contains ZyXEL products OIDs, and common managed objects. -- $Log: ZYXEL-ACL-MIB.mib $ -- Revision 1.11 2014/10/28 07:07:54 chchao -- move acl2 fields to zyxel-aclv2. -- Revision 1.10 2014/09/16 07:18:39 chchao -- seperate VLAN to 2 tables. -- Revision 1.9 2014/05/27 08:07:28 jasper -- Add ncessary imports. -- Revision 1.8 2014/01/08 02:30:03 chchao -- revised for supporting ACL2.0 -- add policy priority action -- move trap objects and notification under zyxelAcl. -- Revision 1.7 2013/12/06 07:02:02 ccho -- remove uncessary imports -- Revision 1.6 2013/11/20 06:50:47 ccho -- renaming identifier name for SMI.V2 -- Revision 1.5 2013/11/06 05:41:00 ccho -- fix mib style -- Revision 1.4 2012/09/19 07:28:37 Kevin -- if it's leaf node, revise the vender name from zyxel to zy -- Revision 1.3 2012/08/22 09:47:13 Kevin -- clean warning for SNMPc -- Revision 1.2 2012/07/05 06:22:00 Kevin -- 1. upgrade from SNMP to SNMPv2 -- 2. clean warning -- Revision 1.1 2012/05/30 07:48:09 Kevin -- Initial revision ZYXEL-ACL-MIB DEFINITIONS ::= BEGIN IMPORTS OBJECT-TYPE FROM SNMPv2-SMI -- RFC2578 MODULE-IDENTITY FROM SNMPv2-SMI RowStatus, MacAddress FROM SNMPv2-TC -- RFC2579 DisplayString FROM SNMPv2-TC EnabledStatus FROM P-BRIDGE-MIB PortList FROM Q-BRIDGE-MIB InetAddress FROM INET-ADDRESS-MIB -- RFC2851 IpAddress FROM SNMPv2-SMI esMgmt FROM ZYXEL-ES-SMI; zyxelAcl MODULE-IDENTITY LAST-UPDATED "201207010000Z" ORGANIZATION "Enterprise Solution ZyXEL" CONTACT-INFO "" DESCRIPTION "The subtree for access control list (ACL)" ::= { esMgmt 10 } zyxelClassifierStatus OBJECT IDENTIFIER ::= { zyxelAcl 1 } zyxelPolicyStatus OBJECT IDENTIFIER ::= { zyxelAcl 2 } -- ******************************************************************* -- * -- * zyxelClassifierStatus -- * -- ******************************************************************* -- zyxelClassifierTable zyxelClassifierTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelClassifierEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains classifier configuration." ::= { zyxelClassifierStatus 1 } zyxelClassifierEntry OBJECT-TYPE SYNTAX ZyxelClassifierEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains classifier configuration." INDEX { zyClassifierName } ::= { zyxelClassifierTable 1 } ZyxelClassifierEntry ::= SEQUENCE { zyClassifierName DisplayString, zyClassifierState EnabledStatus, zyClassifierPacketFormat INTEGER, zyClassifierVid INTEGER, zyClassifier8021pPriority INTEGER, zyClassifierEthernetType INTEGER, zyClassifierSourceMacAddress MacAddress, zyClassifierIncomingPort INTEGER, zyClassifierDestinationMacAddress MacAddress, zyClassifierDSCP INTEGER, zyClassifierIpProtocol INTEGER, zyClassifierEstablishOnly EnabledStatus, zyClassifierSourceIpAddress IpAddress, zyClassifierSourceIpMaskBits INTEGER, zyClassifierSourceSocket INTEGER, zyClassifierDestinationIpAddress IpAddress, zyClassifierDestinationIpMaskBits INTEGER, zyClassifierDestinationSocket INTEGER, zyClassifierIPv6DSCP INTEGER, zyClassifierIPv6NextHeader INTEGER, zyClassifierIPv6EstablishOnly EnabledStatus, zyClassifierIPv6SourceIpAddress InetAddress, zyClassifierIPv6SourceIpPrefixLength INTEGER, zyClassifierIPv6DestinationIpAddress InetAddress, zyClassifierIPv6DestinationIpPrefixLength INTEGER, zyClassifierRowstatus RowStatus } zyClassifierName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of classifier rule is used for identifying purposes." ::= { zyxelClassifierEntry 1 } zyClassifierState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Enable/Disable classifier rule on this switch." ::= { zyxelClassifierEntry 2 } zyClassifierPacketFormat OBJECT-TYPE SYNTAX INTEGER { all(1), ethernetIIUntagged(2), ethernetIITagged(3), ethernet802dot3Untagged(4), ethernet802dot3Tagged(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "Packet format for classifier rule. A value of 802.3 indicates that the packets are formatted according to the IEEE 802.3 standards. A value of Ethernet II indicates that the packets are formatted according to RFC 894, Ethernet II encapsulation." ::= { zyxelClassifierEntry 3 } zyClassifierVid OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Source VLAN ID for classifier rule. The range is 1~4094 and value 0 means any VLAN." ::= { zyxelClassifierEntry 4 } zyClassifier8021pPriority OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "802.1p priority for classifier rule. 0~7. The range is 0~7 and value -1 means any priority level." ::= { zyxelClassifierEntry 5 } zyClassifierEthernetType OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Ethernet type for classifier rule. It is represented in decimal expression and value 65535 means any Ethernet type." ::= { zyxelClassifierEntry 6 } zyClassifierSourceMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Source MAC address for classifier rule. 00:00:00:00:00:00 means any source MAC address." ::= { zyxelClassifierEntry 7 } zyClassifierIncomingPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Incoming Port for classifier rule. Value 65536 means any port." ::= { zyxelClassifierEntry 8 } zyClassifierDestinationMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Destination MAC address for classifier rule. 00:00:00:00:00:00 means any destination MAC address." ::= { zyxelClassifierEntry 9 } zyClassifierDSCP OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "DSCP (DiffServ Code Point) for classifier rule. The range is 0~63 and value -1 means any DSCP." ::= { zyxelClassifierEntry 10 } zyClassifierIpProtocol OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "IP Protocol for classifier rule. Value 255 means any IP protocol." ::= { zyxelClassifierEntry 11 } zyClassifierEstablishOnly OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Establish Only for TCP protocol type in classifier rule. This means that the switch will pick out the packets that are sent to establish TCP connections." ::= { zyxelClassifierEntry 12 } zyClassifierSourceIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Source IP address for classifier rule. 0.0.0.0 means any source IP address." ::= { zyxelClassifierEntry 13 } zyClassifierSourceIpMaskBits OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Source IP mask bits for classifier rule." ::= { zyxelClassifierEntry 14 } zyClassifierSourceSocket OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Source socket number for classifier rule. Value 0 means any socket number." ::= { zyxelClassifierEntry 15 } zyClassifierDestinationIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Destination IP address for classifier rule. 0.0.0.0 means any destination IP address." ::= { zyxelClassifierEntry 16 } zyClassifierDestinationIpMaskBits OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Destination IP mask bits for classifier rule." ::= { zyxelClassifierEntry 17 } zyClassifierDestinationSocket OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Destination socket number for classifier rule. Value 0 means any socket number." ::= { zyxelClassifierEntry 18 } zyClassifierIPv6DSCP OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "DSCP (DiffServ Code Point) for classifier rule. The range is 0~63 and value -1 means any DSCP." ::= { zyxelClassifierEntry 19 } zyClassifierIPv6NextHeader OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "IPv6 next header protocol type for classifier rule. Value 255 means any protocol type." ::= { zyxelClassifierEntry 20 } zyClassifierIPv6EstablishOnly OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Establish Only for TCP protocol type in classifier rule. This means that the switch will pick out the packets that are sent to establish TCP connections." ::= { zyxelClassifierEntry 21 } zyClassifierIPv6SourceIpAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IPv6 source address for classifier rule. :: means any IPv6 source ip address." ::= { zyxelClassifierEntry 22 } zyClassifierIPv6SourceIpPrefixLength OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "IPv6 source address prefix length for classifier rule." ::= { zyxelClassifierEntry 23 } zyClassifierIPv6DestinationIpAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IPv6 destination address for classifier rule. :: means any IPv6 destination ip address." ::= { zyxelClassifierEntry 24 } zyClassifierIPv6DestinationIpPrefixLength OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "IPv6 destination address prefix length for classifier rule." ::= { zyxelClassifierEntry 25 } zyClassifierRowstatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS current DESCRIPTION "This object shows the entry of classifier rule status." ::= { zyxelClassifierEntry 26 } -- ******************************************************************* -- * -- * zyxelPolicyStatus -- * -- ******************************************************************* -- zyxelPolicyTable zyxelPolicyTable OBJECT-TYPE SYNTAX SEQUENCE OF ZyxelPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains policy configuration." ::= { zyxelPolicyStatus 1 } zyxelPolicyEntry OBJECT-TYPE SYNTAX ZyxelPolicyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry contains policy configuration." INDEX { zyPolicyName } ::= { zyxelPolicyTable 1 } ZyxelPolicyEntry ::= SEQUENCE { zyPolicyName DisplayString, zyPolicyState EnabledStatus, zyPolicyClassifier DisplayString, zyPolicyVid INTEGER, zyPolicyEgressPort INTEGER, zyPolicy8021pPriority INTEGER, zyPolicyDSCP INTEGER, zyPolicyTOS INTEGER, zyPolicyBandwidth INTEGER, zyPolicyOutOfProfileDSCP INTEGER, zyPolicyForwardingAction INTEGER, zyPolicyPriorityAction INTEGER, zyPolicyDiffServAction INTEGER, zyPolicyOutgoingAction BITS, zyPolicyMeteringState INTEGER, zyPolicyOutOfProfileAction BITS, zyPolicyRowstatus RowStatus } zyPolicyName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of policy rule is used for identifying purposes." ::= { zyxelPolicyEntry 1 } zyPolicyState OBJECT-TYPE SYNTAX EnabledStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Enable/Disable policy rule on this switch." ::= { zyxelPolicyEntry 2 } zyPolicyClassifier OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The classifier(s) applies in this policy rule." ::= { zyxelPolicyEntry 3 } zyPolicyVid OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "VLAN ID for policy rule." ::= { zyxelPolicyEntry 4 } zyPolicyEgressPort OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The outgoing port number in this policy rule." ::= { zyxelPolicyEntry 5 } zyPolicy8021pPriority OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Specify a 802.1p priority level for policy rule. The value of 802.1p is between 0 and 7." ::= { zyxelPolicyEntry 6 } zyPolicyDSCP OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Specify a DSCP (DiffServ Code Point) for policy rule. DSCP number is between 0 and 63." ::= { zyxelPolicyEntry 7 } zyPolicyTOS OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Specify the type of service (TOS) priority level for policy rule. The value of TOS is between 0 and 7." ::= { zyxelPolicyEntry 8 } zyPolicyBandwidth OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Specify the bandwidth for policy rule in kilobit per second (Kbps)." ::= { zyxelPolicyEntry 9 } zyPolicyOutOfProfileDSCP OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Specify a new DSCP number (between 0 and 63) for policy rule if you want to replace or remark the DSCP number for out-of-profile traffic." ::= { zyxelPolicyEntry 10 } zyPolicyForwardingAction OBJECT-TYPE SYNTAX INTEGER { noChange(1), discardThePacket(2), doNotDropTheMatchingFramePreviouslyMarkedForDropping(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "There are three forwarding actions for policy rule. 'No change' is forward the packets. 'Discard the packet' is drop the packets. 'Do not drop the matching frame previously marked for dropping' is retain the frames that were marked to be dropped before." ::= { zyxelPolicyEntry 11 } zyPolicyPriorityAction OBJECT-TYPE SYNTAX INTEGER { noChange(1), setThePackets802dot1Priority(2), sendThePacketToPriorityQueue(3), replaceThe802dot1PriorityFieldWithTheIpTosValue(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "There are four priority actions for policy rule. 'No change' is keep the priority setting of the frames. 'Set the packet's 802.1 priority' is replace the packet's 802.1 priority field with the value you set in the Priority field. 'Send the packet to priority queue' is put the packets in the designated queue. 'Replace the 802.1 priority field with the IP TOS value' to replace the packet's 802.1 priority field with the value you set in the TOS field." ::= { zyxelPolicyEntry 12 } zyPolicyDiffServAction OBJECT-TYPE SYNTAX INTEGER { noChange(1), setThePacketsTosField(2), replaceTheIpTosFieldWithThe802dot1PriorityValue(3), setTheDiffservCodepointFieldInTheFrame(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "There are four DiffServ actions for policy rule. 'No change' is keeping the TOS and/or DSCP fields in the packets. 'Set the packet's TOS field' is set the TOS field with the value you configure in the TOS field. 'Replace the IP TOS with the 802.1 priority value' is replace the TOS field with the value you configure in the Priority field. 'Set the Diffserv Codepoint field in the frame' to set the DSCP field with the value you configure in the DSCP field." ::= { zyxelPolicyEntry 13 } zyPolicyOutgoingAction OBJECT-TYPE SYNTAX BITS { sendThePacketToTheMirrorPort(0), sendThePacketToTheEgressPort(1), sendTheMatchingFramesToTheEgressPort(2), setThePacketVlanId(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "There are four outgoing actions for policy rule. 'Send the packet to the mirror port' is sent the packet to the mirror port. 'Send the packet to the egress port' is sent the packet to the egress port. 'Send the matching frames to the egress port' is sent the matching policy rule frames to the egress port. 'Set the packets VLAN ID' is set packet with tag." ::= { zyxelPolicyEntry 14 } zyPolicyMeteringState OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Enable/Disable bandwidth limitation on the traffic flow(s) then set the actions to be taken on out-of-profile packets." ::= { zyxelPolicyEntry 15 } zyPolicyOutOfProfileAction OBJECT-TYPE SYNTAX BITS { dropThePacket(0), changeTheDscpValue(1), setOutDropPrecedence(2), doNotDropTheMatchingFramePreviouslyMarkedForDropping(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "There are four out of profile actions for policy rule. 'Drop the packet' is discard the out-of-profile traffic. 'Change the DSCP value' is replace the DSCP field with the value specified in the Out of profile DSCP field. 'Set Out-Drop Precedence' is mark out-of-profile traffic and drop it when network is congested. 'Do not drop the matching frame previously marked for dropping' to queue the frames that are marked to be dropped." ::= { zyxelPolicyEntry 16 } zyPolicyRowstatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-only STATUS current DESCRIPTION "This object shows the entry of policy rule status." ::= { zyxelPolicyEntry 17 } END