1113 lines
39 KiB
Plaintext
1113 lines
39 KiB
Plaintext
-- ==================================================================
|
|
-- Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P.
|
|
--
|
|
-- Description: ACFP MIB
|
|
-- Reference:
|
|
-- Version: V1.5
|
|
-- History:
|
|
-- V1.0 2006-07-04 Created by Wang Haidong
|
|
-- V1.1 2007-03-23 Modified by Hao Chunbo
|
|
-- Delete the default value of hpnicfAcfpPolicyAdminStatus.
|
|
-- V1.2 2007-07-03 Modified by Hao Chunbo
|
|
-- Add a new trap node for hpnicfAcfpPolicyLifetime.
|
|
-- V1.3 2007-11-07 Modified by Li Yugang
|
|
-- Modify the value of hpnicfAcfpServerCurContextType.
|
|
-- Destroy the node of hpnicfAcfpRuleEstablish.
|
|
-- Add a new node for HpnicfAcfpPolicyDestIfFailAction.
|
|
-- Add a new node for HpnicfAcfpPolicyPriority.
|
|
-- Add a new node for hpnicfAcfpRuleTCPFlag.
|
|
-- V1.4 2007-12-19 Modified by Li Yugang
|
|
-- Modify the description of hpnicfAcfpPolicyRowStatus.
|
|
-- Modify the description of hpnicfAcfpRuleRowStatus.
|
|
-- Modify the status of hpnicfAcfpRuleEstablish.
|
|
-- Modify the value of hpnicfAcfpRuleTCPFlag.
|
|
-- V1.5 2009-11-30 Modified by Zhu Dengfeng
|
|
-- Add a new node for hpnicfAcfpRuleSrcIPV6Address
|
|
-- Add a new node for hpnicfAcfpRuleSrcPrefixLen
|
|
-- Add a new node for hpnicfAcfpRuleDstIPV6Address
|
|
-- Add a new node for hpnicfAcfpRuleDstPrefixLen
|
|
-- Add a new node for hpnicfAcfpRuleTrafficType
|
|
-- Add a new node for hpnicfAcfpRuleTypeOrLen
|
|
-- ==================================================================
|
|
HPN-ICF-ACFP-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
IpAddress, Integer32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
RowStatus, TruthValue, MacAddress, DisplayString
|
|
FROM SNMPv2-TC
|
|
Ipv6Address
|
|
FROM IPV6-TC
|
|
InetAddressPrefixLength
|
|
FROM INET-ADDRESS-MIB
|
|
hpnicfCommon
|
|
FROM HPN-ICF-OID-MIB;
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
|
|
hpnicfAcfp MODULE-IDENTITY
|
|
LAST-UPDATED "200607041936Z"
|
|
ORGANIZATION
|
|
""
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"This MIB module defines a set of basic objects for
|
|
configuring switches and routers to enable ACFP."
|
|
REVISION "200607041936Z"
|
|
DESCRIPTION
|
|
"Initial version"
|
|
::= { hpnicfCommon 74 }
|
|
|
|
hpnicfAcfpObjects OBJECT IDENTIFIER ::= { hpnicfAcfp 1 }
|
|
|
|
hpnicfAcfpOAP OBJECT IDENTIFIER ::= { hpnicfAcfpObjects 1 }
|
|
|
|
-- ACFP server information
|
|
-- ACFP server should create this object and
|
|
-- advertise its capability
|
|
|
|
hpnicfAcfpServer OBJECT IDENTIFIER ::= { hpnicfAcfpOAP 1 }
|
|
|
|
hpnicfAcfpServerInfo OBJECT-TYPE
|
|
SYNTAX BITS
|
|
{
|
|
ipserver(0),
|
|
redirect(1),
|
|
mirror(2),
|
|
passThrough(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When retrieved, this object returns a set of bits
|
|
indicating the capabilities (or configuration) of the
|
|
switch or router. The set bit is indication that a
|
|
router or switch can support the action for
|
|
security rule."
|
|
::= { hpnicfAcfpServer 1 }
|
|
|
|
hpnicfAcfpServerMaxLifetime OBJECT-TYPE
|
|
SYNTAX Integer32(0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When retrieved, this object returns the maximum
|
|
lifetime in seconds, that this router or switch allows
|
|
policy rules to have."
|
|
::= { hpnicfAcfpServer 2 }
|
|
|
|
hpnicfAcfpServerPersistentRules OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When retrieved, this object returns true(1) if the
|
|
ACFP MIB implementation can store policy rules
|
|
persistently. Otherwise, it returns false(2)."
|
|
::= { hpnicfAcfpServer 3 }
|
|
|
|
hpnicfAcfpServerCurContextType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
no-context(1),
|
|
context-VLANID(2),
|
|
context-HG(3),
|
|
context-FlowID(4),
|
|
context-HGPlus(5)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"In some circumstances, it's necessary that packets go to
|
|
ACFP client with context from ACFP server. However, the context
|
|
perhaps is different. hpnicfAcfpServerCurContextType is
|
|
used to distinguish this difference, ACFP client may
|
|
process distinctively."
|
|
::= { hpnicfAcfpServer 4 }
|
|
|
|
-- ACFP client Information.
|
|
-- This object is used for network management purpose.
|
|
|
|
hpnicfAcfpClientInfo OBJECT IDENTIFIER ::= { hpnicfAcfpOAP 2 }
|
|
|
|
hpnicfAcfpClientInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAcfpClientInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains the basic information about ACFP client."
|
|
::= { hpnicfAcfpClientInfo 1 }
|
|
|
|
hpnicfAcfpClientInfoEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAcfpClientInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This list contains the basic information about ACFP client."
|
|
INDEX
|
|
{
|
|
hpnicfAcfpClientID
|
|
}
|
|
::= { hpnicfAcfpClientInfoTable 1 }
|
|
|
|
HpnicfAcfpClientInfoEntry ::= SEQUENCE
|
|
{
|
|
hpnicfAcfpClientID Integer32,
|
|
hpnicfAcfpClientDescription DisplayString,
|
|
hpnicfAcfpClientHwVersion DisplayString,
|
|
hpnicfAcfpClientOSVersion DisplayString,
|
|
hpnicfAcfpClientAppVersion DisplayString,
|
|
hpnicfAcfpClientIP IpAddress,
|
|
hpnicfAcfpClientMode BITS,
|
|
hpnicfAcfpClientRowStatus RowStatus
|
|
}
|
|
|
|
hpnicfAcfpClientID OBJECT-TYPE
|
|
SYNTAX Integer32(1..2147483647)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of ACFP client."
|
|
::= { hpnicfAcfpClientInfoEntry 1 }
|
|
|
|
hpnicfAcfpClientDescription OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Description of the application that is running on ACFP
|
|
client, eg. IPS, VCX."
|
|
::= { hpnicfAcfpClientInfoEntry 2 }
|
|
|
|
hpnicfAcfpClientHwVersion OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The hardware revision of ACFP client."
|
|
::= { hpnicfAcfpClientInfoEntry 3 }
|
|
|
|
hpnicfAcfpClientOSVersion OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The operating system version running ACFP client."
|
|
::= { hpnicfAcfpClientInfoEntry 4 }
|
|
|
|
hpnicfAcfpClientAppVersion OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE(0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The application version running on ACFP client"
|
|
::= { hpnicfAcfpClientInfoEntry 5 }
|
|
|
|
hpnicfAcfpClientIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of ACFP client."
|
|
::= { hpnicfAcfpClientInfoEntry 6 }
|
|
|
|
hpnicfAcfpClientMode OBJECT-TYPE
|
|
SYNTAX BITS
|
|
{
|
|
ipserver(0),
|
|
redirect(1),
|
|
mirror(2),
|
|
passThrough(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACFP client informs Router or switch which mode it is operating.
|
|
Router or switch checks hpnicfAcfpServerInfo to see whether it is
|
|
capable of fulfilling this function. If not, router or switch
|
|
generates a trap informing ACFP client such OAP mode is not
|
|
supported."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAcfpClientInfoEntry 7 }
|
|
|
|
hpnicfAcfpClientRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, supports three states: createAndGo, active, destroy.
|
|
Creation Operation Restriction:
|
|
Node hpnicfAcfpClientMode must be bound while creating a row. It is
|
|
optional for other nodes.
|
|
ACFP module must be enabled for the server while creating a row.
|
|
The number of rows created must not exceed upper limit.
|
|
|
|
Modification Operation Restriction:
|
|
Nodes that do not support modification: hpnicfAcfpClientMode.
|
|
Nodes that support modification: hpnicfAcfpClientDescription,
|
|
hpnicfAcfpClientHwVersion, hpnicfAcfpClientOSVersion,
|
|
hpnicfAcfpClientAppVersion and hpnicfAcfpClientIP.
|
|
If the row to be modified does not exist, error returns directly.
|
|
|
|
Deletion Operation Restriction:
|
|
If the row to be deleted does not exist, success returns directly.
|
|
"
|
|
::= { hpnicfAcfpClientInfoEntry 8 }
|
|
|
|
-- Policy Information applied to Router or switch
|
|
|
|
hpnicfAcfpPolicy OBJECT IDENTIFIER ::= { hpnicfAcfpOAP 3 }
|
|
|
|
hpnicfAcfpPolicyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAcfpPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists all current policies for ACFP
|
|
client(s). Entries in this table are created or removed
|
|
implicitly when entries in the hpnicfAcfpRuleTable are
|
|
created or removed, respectively. A policy entry in this
|
|
table only exists as long as there is rule of this policy
|
|
in the hpnicfAcfpRuleTable. The table serves for listing the
|
|
existing policies and their remaining lifetimes and for
|
|
changing lifetimes of policies and implicitly of all policy
|
|
members and all their member policy rules can be
|
|
deleted by setting hpnicfAcfpPolicyLifetime to 0."
|
|
::= { hpnicfAcfpPolicy 1 }
|
|
|
|
hpnicfAcfpPolicyEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAcfpPolicyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The list contains basic information of ACFP Policy."
|
|
INDEX
|
|
{
|
|
hpnicfAcfpClientID,
|
|
hpnicfAcfpPolicyIndex
|
|
}
|
|
::= { hpnicfAcfpPolicyTable 1 }
|
|
|
|
HpnicfAcfpPolicyEntry ::= SEQUENCE
|
|
{
|
|
hpnicfAcfpPolicyIndex Integer32,
|
|
hpnicfAcfpPolicyInIfIndex Integer32,
|
|
hpnicfAcfpPolicyOutIfIndex Integer32,
|
|
hpnicfAcfpPolicyDestIfIndex Integer32,
|
|
hpnicfAcfpPolicyContextID Integer32,
|
|
hpnicfAcfpPolicyAdminStatus INTEGER,
|
|
hpnicfAcfpPolicyLifetime Integer32,
|
|
hpnicfAcfpPolicyTimeStart OCTET STRING,
|
|
hpnicfAcfpPolicyTimeEnd OCTET STRING,
|
|
hpnicfAcfpPolicyRowStatus RowStatus,
|
|
hpnicfAcfpPolicyDestIfFailAction INTEGER,
|
|
hpnicfAcfpPolicyPriority INTEGER
|
|
}
|
|
|
|
hpnicfAcfpPolicyIndex OBJECT-TYPE
|
|
SYNTAX Integer32(1..2147483647)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of the Policy of ACFP client"
|
|
::= { hpnicfAcfpPolicyEntry 1 }
|
|
|
|
hpnicfAcfpPolicyInIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32(0..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet is received from this interface. The value of this object
|
|
contains the same value of ifIndex of ifTable."
|
|
DEFVAL {0}
|
|
::= { hpnicfAcfpPolicyEntry 2}
|
|
|
|
|
|
hpnicfAcfpPolicyOutIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32(0..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet is sent to this interface. The value of this object
|
|
contains the same value of ifIndex of ifTable."
|
|
DEFVAL {0}
|
|
::= { hpnicfAcfpPolicyEntry 3 }
|
|
|
|
hpnicfAcfpPolicyDestIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Through this interface, packet go to ACFP client from
|
|
ACFP server. The value of this object contains the same
|
|
value of ifIndex of ifTable."
|
|
DEFVAL {0}
|
|
::= { hpnicfAcfpPolicyEntry 4 }
|
|
|
|
hpnicfAcfpPolicyContextID OBJECT-TYPE
|
|
SYNTAX Integer32(0..2147483647)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Internal id ACFP server allocated used to map to the interface.
|
|
ACFP server may send packet with this hpnicfAcfpPolicyContextID to
|
|
ACFP client, ACFP client can make use of this hpnicfAcfpPolicyContextID
|
|
and find the policy. "
|
|
::= { hpnicfAcfpPolicyEntry 5 }
|
|
|
|
hpnicfAcfpPolicyAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1), -- policy is applied
|
|
disable(2) -- policy is not applied
|
|
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object indicates the desired status of the
|
|
policy."
|
|
::= { hpnicfAcfpPolicyEntry 6 }
|
|
|
|
hpnicfAcfpPolicyLifetime OBJECT-TYPE
|
|
SYNTAX Integer32(0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When retrieved, this object delivers the maximum lifetime (seconds)
|
|
of all the rules of this, i.e., of all the rows in hpnicfAcfpRuleTable
|
|
that have the same values of hpnicfAcfpRulePolicyIndex and
|
|
hpnicfAcfpClientID. Successfully writing to this object modifies the
|
|
lifetime of all the rules of this. Successfully writing a value
|
|
of 0 terminates all the rules and implicitly deletes this as soon as
|
|
all member entries are removed from the hpnicfAcfpRuleTable. Note that
|
|
after a lifetime expired, all the corresponding entry in the
|
|
hpnicfAcfpRuleTable will be removed and this will be deleted
|
|
implicitly. Writing to this object is processed by the ACFP MIB
|
|
implementation by choosing a lifetime value that is greater than
|
|
or equal to zero and less than or equal to the minimum of the requested
|
|
value and the value specified by object hpnicfAcfpServerMaxLifetime:
|
|
|
|
0 <= lt_granted <= MINIMUM(lt_requested, lt_maximum)
|
|
|
|
whereas:
|
|
lt_granted is the actually granted lifetime by the ACFP MIB
|
|
implementation.
|
|
lt_requested is the requested lifetime of the ACFP client.
|
|
lt_maximum is the value of object hpnicfAcfpServerMaxLifetime.
|
|
SNMP set requests to this object may be rejected or the value of
|
|
the object after an accepted set operation may be less than the
|
|
value that was contained in the SNMP set request."
|
|
DEFVAL{ hpnicfAcfpServerMaxLifetime }
|
|
::= { hpnicfAcfpPolicyEntry 7 }
|
|
|
|
hpnicfAcfpPolicyTimeStart OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(8))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Beginning time of this policy every day. Eg. HH:MM:SS"
|
|
::= { hpnicfAcfpPolicyEntry 8 }
|
|
|
|
hpnicfAcfpPolicyTimeEnd OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(8))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ending time of this policy every day. Eg. HH:MM:SS"
|
|
::= { hpnicfAcfpPolicyEntry 9 }
|
|
|
|
hpnicfAcfpPolicyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, supports three states: createAndGo, active, destroy.
|
|
Creation Operation Restriction:
|
|
The client corresponding to the index hpnicfAcfpClientID must exist
|
|
while creating a row.
|
|
Nodes hpnicfAcfpPolicyTimeStart and hpnicfAcfpPolicyTimeEnd are
|
|
bound together, and hpnicfAcfpPolicyTimeEnd must be greater than
|
|
hpnicfAcfpPolicyTimeStart.
|
|
The number of rows created on an incoming/outgoing interface
|
|
cannot exceed the upper limit.
|
|
The number of rows created cannot exceed the upper limit for each client.
|
|
A packet matches a policy in the following order:
|
|
- It first matches the policy with the highest priority.
|
|
- For two policies with the same priority,
|
|
it matches the one with the smallest client index.
|
|
- For two policies with the same client index,
|
|
it matches the one with the smallest policy index.
|
|
|
|
Modification Operation Restriction:
|
|
Nodes that do not support modification: hpnicfAcfpPolicyInIfIndex,
|
|
hpnicfAcfpPolicyOutIfIndex, hpnicfAcfpPolicyDestIfIndex,
|
|
hpnicfAcfpPolicyDestIfFailAction, hpnicfAcfpPolicyPriority.
|
|
Nodes that support modification: hpnicfAcfpPolicyAdminStatus,
|
|
hpnicfAcfpPolicyLifetime, hpnicfAcfpPolicyTimeStart and hpnicfAcfpPolicyTimeEnd.
|
|
While modifying a row, if the row corresponding to the index configured
|
|
does not exist, error returns directly.
|
|
While modifying a node, the restriction over hpnicfAcfpPolicyTimeStart
|
|
and hpnicfAcfpPolicyTimeEnd is the same as creating a node.
|
|
|
|
Deletion Operation Restriction:
|
|
If the row to be deleted does not exist, success returns directly.
|
|
"
|
|
::= { hpnicfAcfpPolicyEntry 10 }
|
|
|
|
hpnicfAcfpPolicyDestIfFailAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
delete(1), -- delete all rules of the policy from driver
|
|
reserve(2) -- reserve all rules of the policy in driver
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object indicates the action of the
|
|
policy when the destination interface failed."
|
|
DEFVAL { 1 }
|
|
::= { hpnicfAcfpPolicyEntry 11 }
|
|
|
|
hpnicfAcfpPolicyPriority OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
priority1(1), -- Priority 1 (MIN)
|
|
priority2(2), -- Priority 2
|
|
priority3(3), -- Priority 3
|
|
priority4(4), -- Priority 4
|
|
priority5(5), -- Priority 5
|
|
priority6(6), -- Priority 6
|
|
priority7(7), -- Priority 7
|
|
priority8(8) -- Priority 8 (MAX)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object indicates the priority of the
|
|
policy.
|
|
Priority8 is maximal priority.
|
|
Priority1 is minimal priority."
|
|
DEFVAL { 4 }
|
|
::= { hpnicfAcfpPolicyEntry 12 }
|
|
|
|
-- Individual Rule policy Information applied to Router or switch
|
|
|
|
hpnicfAcfpRule OBJECT IDENTIFIER ::= { hpnicfAcfpOAP 4 }
|
|
|
|
hpnicfAcfpRuleTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAcfpRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists all the rules. It is indexed by
|
|
hpnicfAcfpClientID, hpnicfAcfpRulePolicyIndex and hpnicfAcfpRuleIndex.
|
|
Entries can be deleted by writing hpnicfAcfpPolicyLifetime to 0."
|
|
::= { hpnicfAcfpRule 1 }
|
|
|
|
hpnicfAcfpRuleEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAcfpRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The list contains basic information of the rule."
|
|
INDEX
|
|
{
|
|
hpnicfAcfpClientID,
|
|
hpnicfAcfpPolicyIndex,
|
|
hpnicfAcfpRuleIndex
|
|
}
|
|
::= { hpnicfAcfpRuleTable 1 }
|
|
|
|
HpnicfAcfpRuleEntry ::= SEQUENCE
|
|
{
|
|
hpnicfAcfpRuleIndex Integer32,
|
|
hpnicfAcfpRuleOperStatus INTEGER,
|
|
hpnicfAcfpRuleAction INTEGER,
|
|
hpnicfAcfpRuleAll TruthValue,
|
|
hpnicfAcfpRuleSrcMAC MacAddress,
|
|
hpnicfAcfpRuleDstMAC MacAddress,
|
|
hpnicfAcfpRuleVlanStart Integer32,
|
|
hpnicfAcfpRuleVlanEnd Integer32,
|
|
hpnicfAcfpRuleProtocol Integer32,
|
|
hpnicfAcfpRuleSrcIP IpAddress,
|
|
hpnicfAcfpRuleSrcIPMask IpAddress,
|
|
hpnicfAcfpRuleSrcOp INTEGER,
|
|
hpnicfAcfpRuleSrcStartPort Integer32,
|
|
hpnicfAcfpRuleSrcEndPort Integer32,
|
|
hpnicfAcfpRuleDstIP IpAddress,
|
|
hpnicfAcfpRuleDstIPMask IpAddress,
|
|
hpnicfAcfpRuleDstOp INTEGER,
|
|
hpnicfAcfpRuleDstStartPort Integer32,
|
|
hpnicfAcfpRuleDstEndPort Integer32,
|
|
hpnicfAcfpRulePrecedence Integer32,
|
|
hpnicfAcfpRuleTos Integer32,
|
|
hpnicfAcfpRuleDscp Integer32,
|
|
hpnicfAcfpRuleEstablish TruthValue,
|
|
hpnicfAcfpRuleFragment TruthValue,
|
|
hpnicfAcfpRulePacketRate Integer32,
|
|
hpnicfAcfpRuleRowStatus RowStatus,
|
|
hpnicfAcfpRuleTCPFlag Integer32,
|
|
hpnicfAcfpRuleSrcIPV6Address Ipv6Address,
|
|
hpnicfAcfpRuleSrcPrefixLen InetAddressPrefixLength,
|
|
hpnicfAcfpRuleDstIPV6Address Ipv6Address,
|
|
hpnicfAcfpRuleDstPrefixLen InetAddressPrefixLength,
|
|
hpnicfAcfpRuleTrafficType BITS,
|
|
hpnicfAcfpRuleTypeOrLen Integer32
|
|
}
|
|
|
|
hpnicfAcfpRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32(1..2147483647)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identifier of the rules which have the same hpnicfAcfpPolicyIndex
|
|
and hpnicfAcfpClientID.hpnicfAcfpRuleIndex indicates rule sequence in the
|
|
same policy."
|
|
::= { hpnicfAcfpRuleEntry 1 }
|
|
|
|
hpnicfAcfpRuleOperStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1), -- rule applied successfully to interface
|
|
fail(2) -- rule failed to apply to interface
|
|
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of this object indicates the status of a rule.
|
|
success : Applied rule to interface successfully.
|
|
fail : Failed to apply rule to interface.
|
|
"
|
|
DEFVAL { fail }
|
|
::= { hpnicfAcfpRuleEntry 2 }
|
|
|
|
hpnicfAcfpRuleAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2),
|
|
redirect(3),
|
|
mirror(4),
|
|
rate(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of this rule."
|
|
::= { hpnicfAcfpRuleEntry 3 }
|
|
|
|
hpnicfAcfpRuleAll OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule match all packet or does not.
|
|
true : all
|
|
false : not all
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAcfpRuleEntry 4 }
|
|
|
|
hpnicfAcfpRuleSrcMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC of this rule."
|
|
::= { hpnicfAcfpRuleEntry 5 }
|
|
|
|
hpnicfAcfpRuleDstMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC of this rule."
|
|
::= { hpnicfAcfpRuleEntry 6 }
|
|
|
|
hpnicfAcfpRuleVlanStart OBJECT-TYPE
|
|
SYNTAX Integer32(0..4094)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Starting VLAN id of this rule.
|
|
0 : Invalid value"
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAcfpRuleEntry 7 }
|
|
|
|
hpnicfAcfpRuleVlanEnd OBJECT-TYPE
|
|
SYNTAX Integer32(0..4094)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ending VLAN id of this rule.
|
|
0 : Invalid value"
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAcfpRuleEntry 8 }
|
|
|
|
hpnicfAcfpRuleProtocol OBJECT-TYPE
|
|
SYNTAX Integer32(0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol-type of this rule.
|
|
<0-255> Protocol number
|
|
gre GRE tunneling(47)
|
|
icmp Internet Control Message Protocol(1)
|
|
igmp Internet Management Protocol(2)
|
|
ip Any IP protocol(0)
|
|
ipinip IP in IP tunneling(4)
|
|
ospf OSPF routing protocol(89)
|
|
tcp Transmission Control Protocol (6)
|
|
udp User Datagram Protocol (17)
|
|
"
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAcfpRuleEntry 9 }
|
|
|
|
hpnicfAcfpRuleSrcIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP address of this rule."
|
|
::= { hpnicfAcfpRuleEntry 10 }
|
|
|
|
hpnicfAcfpRuleSrcIPMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address wild of this rule. Eg. 0.0.0.255."
|
|
::= { hpnicfAcfpRuleEntry 11 }
|
|
|
|
hpnicfAcfpRuleSrcOp OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
equal(1),
|
|
notEqual(2),
|
|
lessThan(3),
|
|
greaterThan(4),
|
|
range(5),
|
|
invalid(6)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Port operation for this rule"
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAcfpRuleEntry 12 }
|
|
|
|
hpnicfAcfpRuleSrcStartPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Starting UDP/TCP Source Port number of this rule."
|
|
::= { hpnicfAcfpRuleEntry 13 }
|
|
|
|
hpnicfAcfpRuleSrcEndPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ending UDP/TCP Source Port of this rule."
|
|
::= { hpnicfAcfpRuleEntry 14 }
|
|
|
|
hpnicfAcfpRuleDstIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP address of this rule."
|
|
::= { hpnicfAcfpRuleEntry 15 }
|
|
|
|
hpnicfAcfpRuleDstIPMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP-address wild of this rule. Eg. 0.0.0.255"
|
|
::= { hpnicfAcfpRuleEntry 16 }
|
|
|
|
hpnicfAcfpRuleDstOp OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
equal(1),
|
|
nonEqual(2),
|
|
lessThan(3),
|
|
greaterThan(4),
|
|
range(5),
|
|
invalid(6)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination Port operation for this rule"
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAcfpRuleEntry 17 }
|
|
|
|
hpnicfAcfpRuleDstStartPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Starting UDP/TCP Destination Port number of this rule."
|
|
::= { hpnicfAcfpRuleEntry 18 }
|
|
|
|
hpnicfAcfpRuleDstEndPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ending UDP/TCP Destination Port of this rule."
|
|
::= { hpnicfAcfpRuleEntry 19 }
|
|
|
|
hpnicfAcfpRulePrecedence OBJECT-TYPE
|
|
SYNTAX Integer32(0..7|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of precedence field in IP header.
|
|
<255> Invalid value
|
|
<0-7> value of precedence
|
|
routine(0) Routine precedence
|
|
priority(1) Priority precedence
|
|
immediate(2) Immediate precedence
|
|
flash(3) Flash precedence
|
|
flash-override(4) Flash Override precedence
|
|
critical(5) Critical precedence
|
|
internet(6) Network Control precedence
|
|
network(7) Internetwork Control precedence
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAcfpRuleEntry 20 }
|
|
|
|
hpnicfAcfpRuleTos OBJECT-TYPE
|
|
SYNTAX Integer32(0..15|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of TOS field in IP header.
|
|
<255> Invalid value
|
|
<0-15> value of ToS (Type of Service)
|
|
Normal(0) normal service
|
|
min-monetary-cost(1) minimum monetary cost
|
|
max-reliability(2) maximum reliability
|
|
max-throughput(4) maximum throughput
|
|
min-delay(8) minimum delay
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAcfpRuleEntry 21 }
|
|
|
|
hpnicfAcfpRuleDscp OBJECT-TYPE
|
|
SYNTAX Integer32(0..63|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of DSCP.
|
|
<255> Invalid value
|
|
<0-63> value of DSCP
|
|
Be(0) best effort
|
|
af11(10) assured forwarding 11 service
|
|
af12(12) assured forwarding 12 service
|
|
af13(14) assured forwarding 13 service
|
|
af21(18) assured forwarding 18 service
|
|
af22(20) assured forwarding 20 service
|
|
af23(22) assured forwarding 22 service
|
|
af31(26) assured forwarding 31 service
|
|
af32(28) assured forwarding 32 service
|
|
af33(30) assured forwarding 33 service
|
|
af41(34) assured forwarding 41 service
|
|
af42(36) assured forwarding 42 service
|
|
af43(38) assured forwarding 43 service
|
|
cs1(8) class selector 1 service
|
|
cs2(16) class selector 2 service
|
|
cs3(24) class selector 3 service
|
|
cs4(32) class selector 4 service
|
|
cs5(40) class selector 5 service
|
|
cs6(48) class selector 6 service
|
|
cs7(56) class selector 7 service
|
|
ef(46) expedited forwarding service
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAcfpRuleEntry 22 }
|
|
|
|
hpnicfAcfpRuleEstablish OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"Establish Flag. Matches the TCP packets with the ACK
|
|
and/or RST flag, including the TCP packets of these
|
|
types: SYN+ACK, ACK, FIN+ACK, RST, RST+ACK."
|
|
DEFVAL { false }
|
|
::= { hpnicfAcfpRuleEntry 23 }
|
|
|
|
hpnicfAcfpRuleFragment OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packet."
|
|
DEFVAL { false }
|
|
::= { hpnicfAcfpRuleEntry 24 }
|
|
|
|
hpnicfAcfpRulePacketRate OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet rate (Kbps) of this rule."
|
|
::= { hpnicfAcfpRuleEntry 25 }
|
|
|
|
hpnicfAcfpRuleRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, supports three states: createAndGo, active, destroy.
|
|
Creation Operation Restriction:
|
|
Node hpnicfAcfpRuleAction must be bound while creating a line.
|
|
Nodes hpnicfAcfpRuleAll and hpnicfAcfpRuleProtocol, hpnicfAcfpRuleSrcIP,
|
|
hpnicfAcfpRuleSrcIPMask, hpnicfAcfpRuleDstIP, hpnicfAcfpRuleSrcOp,
|
|
hpnicfAcfpRuleSrcStartPort, hpnicfAcfpRuleSrcEndPort, hpnicfAcfpRuleDstIP,
|
|
hpnicfAcfpRuleDstIPMask, hpnicfAcfpRuleDstOp, hpnicfAcfpRuleDstStartPort,
|
|
hpnicfAcfpRuleDstEndPort, hpnicfAcfpRulePrecedence, hpnicfAcfpRuleTos,
|
|
hpnicfAcfpRuleDscp, hpnicfAcfpRuleTCPFlag, hpnicfAcfpRuleFragment are
|
|
mutually exclusive.
|
|
Nodes hpnicfAcfpRuleSrcIP and hpnicfAcfpRuleSrcIPMask are bound together,
|
|
otherwise, the source IP address is neglected.
|
|
The restriction over hpnicfAcfpRuleDstIP and hpnicfAcfpRuleDstIPMask is the
|
|
same as hpnicfAcfpRuleSrcIP and hpnicfAcfpRuleSrcIPMask.
|
|
Nodes hpnicfAcfpRuleDscp and hpnicfAcfpRulePrecedence, hpnicfAcfpRuleTos are
|
|
mutually exclusive.
|
|
If the node hpnicfAcfpRuleSrcOp is bound to range(5),
|
|
hpnicfAcfpRuleSrcStartPort and hpnicfAcfpRuleSrcEndPort must be bound together,
|
|
and hpnicfAcfpRuleSrcEndPort must be greater than hpnicfAcfpRuleSrcStartPort.
|
|
If the node hpnicfAcfpRuleSrcOp is bound to equal(1), notEqual(2),
|
|
lessThan(3) or greaterThan(4), hpnicfAcfpRuleSrcStartPort must be bound
|
|
together, and hpnicfAcfpRuleSrcEndPort is neglected.
|
|
The restriction over hpnicfAcfpRuleDstOp, hpnicfAcfpRuleDstStartPort and
|
|
hpnicfAcfpRuleDstEndPort is the same as hpnicfAcfpRuleSrcOp,
|
|
hpnicfAcfpRuleSrcStartPort and hpnicfAcfpRuleSrcEndPort.
|
|
If the node hpnicfAcfpRuleAction is bound to redirect(3) or mirror(4),
|
|
the destination interfaces of the policy the rule belonging to must exist;
|
|
The number of rows created cannot exceed the upper limit for each policy,
|
|
each inbound interface and each outbound interface.
|
|
|
|
Modification Operation Restriction:
|
|
The row does not support modification.
|
|
|
|
Deletion Operation Restriction
|
|
If the row to be deleted does not exist, success returns directly.
|
|
"
|
|
::= { hpnicfAcfpRuleEntry 26 }
|
|
|
|
hpnicfAcfpRuleTCPFlag OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP Flag.
|
|
<0> don't care for TCP flag to match packets
|
|
<1-65535> care for TCP flag to match packets,
|
|
the value is combination of next list.
|
|
URG_VALID (1 << 13)
|
|
URG_SET (1 << 5)
|
|
ACK_VALID (1 << 12)
|
|
ACK_SET (1 << 4)
|
|
PSH_VALID (1 << 11)
|
|
PSH_SET (1 << 3)
|
|
RST_VALID (1 << 10)
|
|
RST_SET (1 << 2)
|
|
SYN_VALID (1 << 9)
|
|
SYN_SET (1 << 1)
|
|
FIN_VALID (1 << 8)
|
|
FIN_SET 1
|
|
|
|
Matches the TCP packets with the URG and/or
|
|
ACK and/or PSH and/or RST and/or SYN and/or FIN flag,
|
|
including the TCP packets of these
|
|
types: SYN+ACK, ACK, FIN+ACK, RST, RST+ACK."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAcfpRuleEntry 27 }
|
|
|
|
hpnicfAcfpRuleSrcIPV6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv6 address of this rule."
|
|
::= { hpnicfAcfpRuleEntry 28 }
|
|
|
|
hpnicfAcfpRuleSrcPrefixLen OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv6 address prefix length of this rule. Eg. 64."
|
|
::= { hpnicfAcfpRuleEntry 29 }
|
|
|
|
hpnicfAcfpRuleDstIPV6Address OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IPv6 address of this rule."
|
|
::= { hpnicfAcfpRuleEntry 30 }
|
|
|
|
hpnicfAcfpRuleDstPrefixLen OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IPv6 address prefix length of this rule. Eg. 64."
|
|
::= { hpnicfAcfpRuleEntry 31 }
|
|
|
|
hpnicfAcfpRuleTrafficType OBJECT-TYPE
|
|
SYNTAX BITS
|
|
{
|
|
unicast(0),
|
|
multicast(1),
|
|
broadcast(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Traffic type of this rule. When retrieved, this object
|
|
returns a set of bits indicating the traffic type."
|
|
::= { hpnicfAcfpRuleEntry 32 }
|
|
|
|
hpnicfAcfpRuleTypeOrLen OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type or length of ethernet packet.
|
|
For Ethernet II encapsulation, it stands for packet type.
|
|
For 802.3 encapsulation, it stands for packet length."
|
|
::= { hpnicfAcfpRuleEntry 33 }
|
|
|
|
-- Notifications. The definition of hpnicfAcfpNotifications makes notification
|
|
-- registrations reversible (see STD 58, RFC 2578, section 8.5).
|
|
|
|
hpnicfAcfpNotifications OBJECT IDENTIFIER ::= { hpnicfAcfpOAP 5 }
|
|
|
|
hpnicfAcfpCurContextChanged NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpServerCurContextType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when router or switch changed
|
|
hpnicfAcfpServerCurContextType."
|
|
::= { hpnicfAcfpNotifications 1 }
|
|
|
|
hpnicfAcfpClientRegister NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpClientID
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when the ACFP client is registered."
|
|
::= { hpnicfAcfpNotifications 2 }
|
|
|
|
hpnicfAcfpClientUnRegister NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpClientID
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when the ACFP client is unregistered."
|
|
::= { hpnicfAcfpNotifications 3 }
|
|
|
|
hpnicfAcfpClientDead NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpClientID
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when the ACFP client is not responding."
|
|
::= { hpnicfAcfpNotifications 4 }
|
|
|
|
hpnicfAcfpNotSupportedOAPMode NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpClientID,
|
|
hpnicfAcfpClientMode,
|
|
hpnicfAcfpServerInfo
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when router or switch cannot support OAP
|
|
mode that ACFP client wants to operate on."
|
|
::= { hpnicfAcfpNotifications 5 }
|
|
|
|
hpnicfAcfpLifetimeChangeEvent NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpPolicyLifetime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification can be generated for indicating that
|
|
The lifetime of all member rules of the was
|
|
changed by successfully writing to object
|
|
hpnicfAcfpPolicyLifetime. Note that this notification
|
|
is only sent if the lifetime of a policy was changed by
|
|
successfully writing to object hpnicfAcfpPolicyLifetime."
|
|
::= { hpnicfAcfpNotifications 6 }
|
|
|
|
hpnicfAcfpRuleCreatedEvent NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpRuleIndex
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when a new rule is created."
|
|
::= { hpnicfAcfpNotifications 7 }
|
|
|
|
hpnicfAcfpRuleDeletedEvent NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpRuleIndex
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when a rule is deleted."
|
|
::= { hpnicfAcfpNotifications 8 }
|
|
|
|
hpnicfAcfpRuleErrorEvent NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpRuleIndex
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent when rule cannot be applied."
|
|
::= { hpnicfAcfpNotifications 9 }
|
|
|
|
hpnicfAcfpLifetimeExpireEvent NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfAcfpPolicyLifetime
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is sent
|
|
when the time of the policy existed exceeds its lifetime."
|
|
::= { hpnicfAcfpNotifications 10 }
|
|
|
|
END
|