7228 lines
252 KiB
Plaintext
7228 lines
252 KiB
Plaintext
-- ============================================================================
|
|
-- Copyright (c) 2010-2014 Hewlett-Packard Development Company, L.P.
|
|
--
|
|
-- Description:
|
|
-- Reference:
|
|
-- Version: V3.3
|
|
-- History:
|
|
-- V1.0 created by yuhui.
|
|
-- V2.0 2004-10-12 updated by gaolong
|
|
-- Define MODULE-IDENTITY for hpnicfAcl
|
|
-- Remove chinese characters
|
|
-- Add limitation(0..65535) for some table index
|
|
-- Fix a default value error of hpnicfAclAdvancedEstablish
|
|
-- V2.1 2004-11-18 updated by yubo
|
|
-- Add 'hpnicfAclIDSTable' for IDS
|
|
-- V2.2 2004-12-13
|
|
-- Fix syntax bugs and adjust format of the whole file by jinyi
|
|
-- Modify description of hpnicfAclAdvancedDscp by zhuangyu
|
|
-- V2.3 2005-1-26 updated by WuZhao02557
|
|
-- Change MAX-ACCESS from read-create to not-accessible for the
|
|
-- following MIB nodes:
|
|
-- hpnicfAclNumGroupAclNum, hpnicfAclNameGroupIndex, hpnicfAclBasicAclNum,
|
|
-- hpnicfAclBasicSubitem, hpnicfAclAdvancedAclNum, hpnicfAclAdvancedSubitem
|
|
-- hpnicfAclIfAclNum, hpnicfAclIfSubitem, hpnicfAclLinkAclNum, hpnicfAclLinkSubitem
|
|
-- hpnicfAclUserAclNum, hpnicfAclUserSubitem, hpnicfAclActiveAclIndex,
|
|
-- hpnicfAclActiveIfIndex, hpnicfAclActiveVlanID, hpnicfAclActiveDirection
|
|
-- Adjust format of whole file.
|
|
-- 2005-01-27 updated by zhangyinxi
|
|
-- 1. Add objects hpnicfAclLinkL2LabelRangeOp, hpnicfAclLinkL2LabelRangeBegin
|
|
-- hpnicfAclLinkL2LabelRangeEnd and hpnicfAclLinkMplsExp in hpnicfAclLinkTable
|
|
-- 2. Add an enumeration mpls(34887) to object hpnicfAclLinkProtocol
|
|
-- 3. Expand the range of object hpnicfAclActiveVlanID to Integer32
|
|
-- V2.4 2005-2-24
|
|
-- Make the index of hpnicfAclIDSTable IMPLIED by fuzhenyu because IDS devices
|
|
-- require fixed length index to be used. IDS devices only provide index
|
|
-- with no sub-identifier indicating the length of the string.
|
|
-- Modify enum name(value is 4) of hpnicfAclLinkFormatType to ieee802Dot3 by daishijun
|
|
-- V2.5 2005-7-25
|
|
-- Add objects hpnicfAclMib2Mode, hpnicfAclVersion, hpnicfAclMib2ObjectsCapabilities,
|
|
-- hpnicfAclIPAclNumGroupTable, hpnicfAclIPAclBasicTable, hpnicfAclIPAclAdvancedTable,
|
|
-- hpnicfAclMACTable, hpnicfAclEnUserTable by tangshun.
|
|
-- V2.6 2006-01-03
|
|
-- Add objects hpnicfAclIPAclBasicComment, hpnicfAclIPAclAdvancedComment,
|
|
-- hpnicfAclMACComment, hpnicfAclEnUserComment by tangshun.
|
|
-- V2.7 2006-03-09 updated by changhuifeng
|
|
-- Add object hpnicfAclIPAclAdvancedReflective in hpnicfAclIPAclAdvancedTable.
|
|
-- Modify the description of object hpnicfAclIPAclAdvancedFragmentFlag.
|
|
-- Modify the description of object hpnicfAclMib2Version.
|
|
-- Modify the description of object hpnicfAclLinkDestAny for text error.
|
|
-- Modify the description of object hpnicfAclMib2CharacteristicsValue.
|
|
-- V2.8 2006-07-06 updated by xialei
|
|
-- Modify the description of hpnicfAclIPAclAdvancedIcmpType
|
|
-- and hpnicfAclIPAclAdvancedIcmpCode.
|
|
-- Change value range of hpnicfAclIPAclAdvancedIcmpCode.
|
|
-- V2.9 2006-08-08 updated by chenzhaojie
|
|
-- Add enumeration value to hpnicfAclActiveDirection.
|
|
-- V3.0 2010-09-01 updated by zhaixiaoxiang
|
|
-- Add hpnicfAclResourceUsageTable.
|
|
-- V3.1 2012-02-06 updated by wangchenxiao
|
|
-- Add hpnicfPacketfilterTrapObjects
|
|
-- Add hpnicfPacketfilterTrap
|
|
-- 2012-02-14 updated by mouxuanli
|
|
-- Add hpnicfAclMib2ProcessingStatus of object hpnicfAclMib2NodesGroup
|
|
-- Add hpnicfAclNumberGroupName of object hpnicfAclNumberGroupTable
|
|
-- Add hpnicfAclIPAclBasicCounting of object hpnicfAclIPAclBasicTable
|
|
-- Add hpnicfAclIPAclBasicRouteTypeAny of object hpnicfAclIPAclBasicTable
|
|
-- Add hpnicfAclIPAclBasicRouteTypeValue of object hpnicfAclIPAclBasicTable
|
|
-- Add hpnicfAclIPAclAdvancedCounting of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedTCPFlagMask of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedTCPFlagValue of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedRouteTypeAny of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedRouteTypeValue of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedFlowLabel of object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclMACLog of object hpnicfAclMACTable
|
|
-- Add hpnicfAclMACCounting of object hpnicfAclMACTable
|
|
-- Add hpnicfAclEnUserLog of object hpnicfAclEnUserTable
|
|
-- Add hpnicfAclEnUserCounting of object hpnicfAclEnUserTable
|
|
-- Modify the description of hpnicfAclResourceType
|
|
-- Add hpnicfAclResourceTypeDescription of object hpnicfAclResourceUsageTable
|
|
-- Add hpnicfAclPacketFilterObjects
|
|
-- V3.2 2012-11-30 updated by gaoyu
|
|
-- Add hpnicfPfilterRunApplyObjType of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- Add hpnicfPfilterRunApplyObjIndex of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- Add hpnicfPfilterRunApplyDirection of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- Add hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- Add hpnicfPfilterRunApplyAclIndex of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- modify the hpnicfPfilterRunApplyObjType of object hpnicfPfilterAclRuleRunInfoTable
|
|
-- modify the hpnicfPfilterRunApplyObjIndex of object hpnicfPfilterAclRuleRunInfoTable
|
|
-- modify the hpnicfPfilterRunApplyDirection of object hpnicfPfilterAclRuleRunInfoTable
|
|
-- modify the hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclRuleRunInfoTable
|
|
-- modify the hpnicfPfilterRunApplyAclIndex of object hpnicfPfilterAclRuleRunInfoTable
|
|
-- V3.3 2013-11-30 updated by gaoyu
|
|
-- Add hpnicfAclNamedGroupTable to object hpnicfAclMib2GlobalGroup
|
|
-- Add hpnicfAclIPAclNamedBscTable to object hpnicfAclIPAclGroup
|
|
-- Add hpnicfAclIPAclNamedAdvTable to object hpnicfAclIPAclGroup
|
|
-- Add hpnicfAclNamedMACTable to object hpnicfAclMACAclGroup
|
|
-- Add hpnicfAclIntervalGroup to object hpnicfAclMib2Objects
|
|
-- Modify hpnicfPfilterApplyAclType of object hpnicfPfilterApplyTable
|
|
-- Modify hpnicfPfilterRunApplyAclType of object hpnicfPfilterAclGroupRunInfoTable
|
|
-- Modify hpnicfPfilterSumAclType of object hpnicfPfilterStatisticSumTable
|
|
-- Add hpnicfPfilter2ApplyTable to object hpnicfAclPacketFilterObjects
|
|
-- Add hpnicfPfilter2AclGroupRunInfoTable to object hpnicfAclPacketFilterObjects
|
|
-- Add hpnicfPfilter2AclRuleRunInfoTable to object hpnicfAclPacketFilterObjects
|
|
-- Add hpnicfPfilter2StatisticSumTable to object hpnicfAclPacketFilterObjects
|
|
-- Add hpnicfAclPacketIfName to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketDirection to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketBAGG to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketVlanID to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketSrcIP to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketDstIP to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketProtocol to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketDscp to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketFlowLabel to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketIcmpIgmpType to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketIcmpIgmpCode to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketTcpFlags to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketSrcPort to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketDstPort to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketSrcMacAddr to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketDstMacAddr to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketMacTypeLen to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclPacketVlanPCP to object hpnicfAclPacketfilterTrapObjects
|
|
-- Add hpnicfAclRuleMatchCount to object hpnicfPfilterTrapPrefix
|
|
-- Add hpnicfAclFirstIPv4PktCaptured to object hpnicfPfilterTrapPrefix
|
|
-- Add hpnicfAclFirstIPv6PktCaptured to object hpnicfPfilterTrapPrefix
|
|
-- Add hpnicfAclFirstEthernetPktCaptured to object hpnicfPfilterTrapPrefix
|
|
-- 2014-2-20 updated by gaoyu
|
|
-- Add hpnicfAclNamedUserTable to object hpnicfAclEnUserAclGroup
|
|
-- 2014-07-08 updated by gaoyu
|
|
-- Add hpnicfAclIPAclAdvancedSrcSuffix to object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclAdvancedDestSuffix to object hpnicfAclIPAclAdvancedTable
|
|
-- Add hpnicfAclIPAclNamedAdvSrcSuffix to object hpnicfAclIPAclNamedAdvTable
|
|
-- Add hpnicfAclIPAclNamedAdvDstSuffix to object hpnicfAclIPAclNamedAdvTable
|
|
-- ============================================================================
|
|
HPN-ICF-ACL-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
hpnicfCommon
|
|
FROM HPN-ICF-OID-MIB
|
|
IpAddress, Integer32, Counter32, OBJECT-TYPE, MODULE-IDENTITY,
|
|
NOTIFICATION-TYPE, Unsigned32, Counter64
|
|
FROM SNMPv2-SMI
|
|
InetAddressType, InetAddress, InetAddressPrefixLength
|
|
FROM INET-ADDRESS-MIB
|
|
RowStatus, TruthValue, MacAddress, TEXTUAL-CONVENTION
|
|
FROM SNMPv2-TC;
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
|
|
hpnicfAcl MODULE-IDENTITY
|
|
LAST-UPDATED "201407221000Z" -- Jul 22, 2014 at 10:00 GMT
|
|
ORGANIZATION
|
|
""
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"ACL management information base for managing devices
|
|
that support access control list and packet filtering.
|
|
"
|
|
REVISION "201407221000Z" -- Jul 22, 2014 at 10:00 GMT
|
|
DESCRIPTION
|
|
"Added four nodes for configuring an IPv6 suffix length."
|
|
::= { hpnicfCommon 8 }
|
|
|
|
-- Rule action value
|
|
RuleAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of rule's action.
|
|
permit: The packet matching the rule will be permitted to forward.
|
|
deny: The packet matching the rule will be denied.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(1),
|
|
permit(2),
|
|
deny(3)
|
|
}
|
|
|
|
-- CounterClear value
|
|
CounterClear ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"cleared: Reset the value of the rule's counter.
|
|
nouse: 'nouse' will be returned when getting.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
cleared(1),
|
|
nouse(2)
|
|
}
|
|
|
|
-- PortOp value
|
|
PortOp ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The operation type of TCP and UDP.
|
|
lt : Less than given port number.
|
|
eq : Equal to given port number.
|
|
gt : Greater than given port number.
|
|
neq : Not equal to given port number.
|
|
range : Between two port numbers.
|
|
Default value is 'invalid'.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
lt(1),
|
|
eq(2),
|
|
gt(3),
|
|
neq(4),
|
|
range(5)
|
|
}
|
|
|
|
-- DSCP value
|
|
DSCPValue ::= TEXTUAL-CONVENTION
|
|
DISPLAY-HINT "d"
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of DSCP.
|
|
<0-63> Value of DSCP
|
|
af11 Specify Assured Forwarding 11 service(10)
|
|
af12 Specify Assured Forwarding 12 service(12)
|
|
af13 Specify Assured Forwarding 13 service(14)
|
|
af21 Specify Assured Forwarding 21 service(18)
|
|
af22 Specify Assured Forwarding 22 service(20)
|
|
af23 Specify Assured Forwarding 23 service(22)
|
|
af31 Specify Assured Forwarding 31 service(26)
|
|
af32 Specify Assured Forwarding 32 service(28)
|
|
af33 Specify Assured Forwarding 33 service(30)
|
|
af41 Specify Assured Forwarding 41 service(34)
|
|
af42 Specify Assured Forwarding 42 service(36)
|
|
af43 Specify Assured Forwarding 43 service(38)
|
|
be Specify Best Effort service(0)
|
|
cs1 Specify Class Selector 1 service(8)
|
|
cs2 Specify Class Selector 2 service(16)
|
|
cs3 Specify Class Selector 3 service(24)
|
|
cs4 Specify Class Selector 4 service(32)
|
|
cs5 Specify Class Selector 5 service(40)
|
|
cs6 Specify Class Selector 6 service(48)
|
|
cs7 Specify Class Selector 7 service(56)
|
|
ef Specify Expedited Forwarding service(46)
|
|
"
|
|
SYNTAX Integer32 (0..63|255)
|
|
|
|
-- TCP Flags
|
|
TCPFlag ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Type of TCP.
|
|
invalid(0)
|
|
tcpack(1) TCP protocol ACK Packet
|
|
tcpfin(2) TCP protocol PIN Packet
|
|
tcppsh(3) TCP protocol PUSH Packet
|
|
tcprst(4) TCP protocol RST Packet
|
|
tcpsyn(5) TCP protocol SYN Packet
|
|
tcpurg(6) TCP protocol URG Packet
|
|
Default value is 'invalid'.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
tcpack(1),
|
|
tcpfin(2),
|
|
tcppsh(3),
|
|
tcprst(4),
|
|
tcpsyn(5),
|
|
tcpurg(6)
|
|
}
|
|
|
|
-- Fragment Flags
|
|
FragmentFlag ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Type of fragment.
|
|
invalid(0)
|
|
fragment(1) Frag-Type Fragment
|
|
fragmentSubseq(2) Frag-Type Fragment-subsequent
|
|
nonFragment(3) Frag-Type non-Fragment
|
|
nonSubseq(4) Frag-Type non-subsequent
|
|
Default value is 'invalid'.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
fragment(1),
|
|
fragmentSubseq(2),
|
|
nonFragment(3),
|
|
nonSubseq(4)
|
|
}
|
|
|
|
-- Address Flags
|
|
AddressFlag ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Address flag to select IPv6 Address.
|
|
Default value is 'invalid'.
|
|
|
|
t64SrcAddrPre64DestAddrPre(1):
|
|
The mean of the enumeration 't64SrcAddrPre64DestAddrPre' is
|
|
that system gets the 64 bits prefix of source address and
|
|
the 64 bits prefix of destination address.
|
|
|
|
t64SrcAddrPre64DestAddrSuf(2):
|
|
The mean of the enumeration 't64SrcAddrPre64DestAddrSuf' is
|
|
that system gets the 64 bits prefix of source address and
|
|
the 64 bits suffix of destination address.
|
|
|
|
t64SrcAddrSuf64DestAddrPre(3):
|
|
The mean of the enumeration 't64SrcAddrSuf64DestAddrPre' is
|
|
that system gets the 64 bits suffix of source address and
|
|
the 64 bits prefix of destination address.
|
|
|
|
t64SrcAddrSuf64DestAddrSuf(4):
|
|
The mean of the enumeration 't64SrcAddrSuf64DestAddrSuf' is
|
|
that system gets the 64 bits suffix of source address and
|
|
the 64 bits suffix of destination address.
|
|
|
|
t128SourceAddress(5):
|
|
The mean of the enumeration 't128SourceAddress' is that
|
|
system gets the 128 bits of source address.
|
|
|
|
t128DestinationAddress(6):
|
|
The mean of the enumeration 't128SourceAddress' is that
|
|
system gets the 128 bits of destination address.
|
|
"
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
t64SrcAddrPre64DestAddrPre(1),
|
|
t64SrcAddrPre64DestAddrSuf(2),
|
|
t64SrcAddrSuf64DestAddrPre(3),
|
|
t64SrcAddrSuf64DestAddrSuf(4),
|
|
t128SourceAddress(5),
|
|
t128DestinationAddress(6)
|
|
}
|
|
|
|
-- Direction type
|
|
DirectionType ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction: inbound or outbound."
|
|
SYNTAX INTEGER
|
|
{
|
|
inbound(1),
|
|
outbound(2)
|
|
}
|
|
|
|
--
|
|
-- nodes defined
|
|
--
|
|
hpnicfAclMibObjects OBJECT IDENTIFIER ::= { hpnicfAcl 1 }
|
|
|
|
hpnicfAclMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
linkBased(1),
|
|
ipBased(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access-list mode."
|
|
DEFVAL { ipBased }
|
|
::= { hpnicfAclMibObjects 1 }
|
|
|
|
--
|
|
-- Node of hpnicfAclNumGroupTable
|
|
--
|
|
hpnicfAclNumGroupTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNumGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure the match-order of number-acl group."
|
|
::= { hpnicfAclMibObjects 2 }
|
|
|
|
hpnicfAclNumGroupEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNumGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Define the index of hpnicfAclNumGroupTable."
|
|
INDEX { hpnicfAclNumGroupAclNum }
|
|
::= { hpnicfAclNumGroupTable 1 }
|
|
|
|
HpnicfAclNumGroupEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclNumGroupAclNum
|
|
Integer32,
|
|
hpnicfAclNumGroupMatchOrder
|
|
INTEGER,
|
|
hpnicfAclNumGroupSubitemNum
|
|
Integer32,
|
|
hpnicfAclNumGroupDescription
|
|
OCTET STRING,
|
|
hpnicfAclNumGroupCountClear
|
|
INTEGER,
|
|
hpnicfAclNumGroupRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclNumGroupAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (1000..5999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of number-acl group
|
|
Interface type:1000..1999
|
|
Basic type:2000..2999
|
|
Advance type:3000..3999
|
|
Link type:4000..4999
|
|
User type:5000..5999"
|
|
::= { hpnicfAclNumGroupEntry 1 }
|
|
|
|
hpnicfAclNumGroupMatchOrder OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
config(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The match-order of number-acl group."
|
|
DEFVAL { config }
|
|
::= { hpnicfAclNumGroupEntry 2 }
|
|
|
|
hpnicfAclNumGroupSubitemNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of number-acl group's node."
|
|
::= { hpnicfAclNumGroupEntry 3 }
|
|
|
|
hpnicfAclNumGroupDescription OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of this acl group."
|
|
::= { hpnicfAclNumGroupEntry 4 }
|
|
|
|
hpnicfAclNumGroupCountClear OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cleared(1),
|
|
nouse(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of rules' counter, which belong to this group."
|
|
::= { hpnicfAclNumGroupEntry 5 }
|
|
|
|
hpnicfAclNumGroupRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclNumGroupEntry 6 }
|
|
|
|
--
|
|
-- Node of hpnicfAclNameGroupTable
|
|
--
|
|
hpnicfAclNameGroupTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNameGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Create acl-group that identified by name."
|
|
::= { hpnicfAclMibObjects 3 }
|
|
|
|
hpnicfAclNameGroupEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNameGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Define the index of hpnicfAclNameGroupTable."
|
|
INDEX { hpnicfAclNameGroupIndex }
|
|
::= { hpnicfAclNameGroupTable 1 }
|
|
|
|
HpnicfAclNameGroupEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclNameGroupIndex
|
|
Integer32,
|
|
hpnicfAclNameGroupCreateName
|
|
OCTET STRING,
|
|
hpnicfAclNameGroupTypes
|
|
INTEGER,
|
|
hpnicfAclNameGroupMatchOrder
|
|
INTEGER,
|
|
hpnicfAclNameGroupSubitemNum
|
|
Integer32,
|
|
hpnicfAclNameGroupRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclNameGroupIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of name-acl group."
|
|
::= { hpnicfAclNameGroupEntry 1 }
|
|
|
|
hpnicfAclNameGroupCreateName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of name-acl group."
|
|
::= { hpnicfAclNameGroupEntry 2 }
|
|
|
|
hpnicfAclNameGroupTypes OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
basic(1),
|
|
advanced(2),
|
|
ifBased(3),
|
|
link(4),
|
|
user(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of name-acl group."
|
|
::= { hpnicfAclNameGroupEntry 3 }
|
|
|
|
hpnicfAclNameGroupMatchOrder OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
config(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The match-order of name-acl group."
|
|
DEFVAL { config }
|
|
::= { hpnicfAclNameGroupEntry 4 }
|
|
|
|
hpnicfAclNameGroupSubitemNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0..128)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of name-acl group's node."
|
|
::= { hpnicfAclNameGroupEntry 5 }
|
|
|
|
hpnicfAclNameGroupRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclNameGroupEntry 6 }
|
|
|
|
--
|
|
-- hpnicfAclBasicRuleTable
|
|
--
|
|
hpnicfAclBasicRuleTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclBasicRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure the rule for basic acl group."
|
|
::= { hpnicfAclMibObjects 4 }
|
|
|
|
hpnicfAclBasicRuleEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclBasicRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Define the index of hpnicfAclBasicRuleTable."
|
|
INDEX { hpnicfAclBasicAclNum, hpnicfAclBasicSubitem }
|
|
::= { hpnicfAclBasicRuleTable 1 }
|
|
|
|
HpnicfAclBasicRuleEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclBasicAclNum
|
|
Integer32,
|
|
hpnicfAclBasicSubitem
|
|
Integer32,
|
|
hpnicfAclBasicAct
|
|
INTEGER,
|
|
hpnicfAclBasicSrcIp
|
|
IpAddress,
|
|
hpnicfAclBasicSrcWild
|
|
IpAddress,
|
|
hpnicfAclBasicTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclBasicFragments
|
|
TruthValue,
|
|
hpnicfAclBasicLog
|
|
TruthValue,
|
|
hpnicfAclBasicEnable
|
|
TruthValue,
|
|
hpnicfAclBasicCount
|
|
Counter32,
|
|
hpnicfAclBasicCountClear
|
|
INTEGER,
|
|
hpnicfAclBasicRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclBasicAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|2000..2999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of basic acl group."
|
|
::= { hpnicfAclBasicRuleEntry 1 }
|
|
|
|
hpnicfAclBasicSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subindex of basic acl group."
|
|
::= { hpnicfAclBasicRuleEntry 2 }
|
|
|
|
hpnicfAclBasicAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of basic acl rule."
|
|
::= { hpnicfAclBasicRuleEntry 3 }
|
|
|
|
hpnicfAclBasicSrcIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address of basic acl rule."
|
|
::= { hpnicfAclBasicRuleEntry 4 }
|
|
|
|
hpnicfAclBasicSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address wild of basic acl rule."
|
|
::= { hpnicfAclBasicRuleEntry 5 }
|
|
|
|
hpnicfAclBasicTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of basic acl rule."
|
|
::= { hpnicfAclBasicRuleEntry 6 }
|
|
|
|
hpnicfAclBasicFragments OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packet."
|
|
::= { hpnicfAclBasicRuleEntry 7 }
|
|
|
|
hpnicfAclBasicLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of log."
|
|
::= { hpnicfAclBasicRuleEntry 8 }
|
|
|
|
hpnicfAclBasicEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
::= { hpnicfAclBasicRuleEntry 9 }
|
|
|
|
hpnicfAclBasicCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by basic rule."
|
|
::= { hpnicfAclBasicRuleEntry 10 }
|
|
|
|
hpnicfAclBasicCountClear OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cleared(1),
|
|
nouse(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
::= { hpnicfAclBasicRuleEntry 11 }
|
|
|
|
hpnicfAclBasicRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclBasicRuleEntry 12 }
|
|
|
|
--
|
|
-- hpnicfAclAdvancedRuleTable
|
|
--
|
|
hpnicfAclAdvancedRuleTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclAdvancedRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure the rule for advanced acl group."
|
|
::= { hpnicfAclMibObjects 5 }
|
|
|
|
hpnicfAclAdvancedRuleEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclAdvancedRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Define the index of hpnicfAclAdvancedRuleTable."
|
|
INDEX { hpnicfAclAdvancedAclNum, hpnicfAclAdvancedSubitem }
|
|
::= { hpnicfAclAdvancedRuleTable 1 }
|
|
|
|
HpnicfAclAdvancedRuleEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclAdvancedAclNum
|
|
Integer32,
|
|
hpnicfAclAdvancedSubitem
|
|
Integer32,
|
|
hpnicfAclAdvancedAct
|
|
INTEGER,
|
|
hpnicfAclAdvancedProtocol
|
|
Integer32,
|
|
hpnicfAclAdvancedSrcIp
|
|
IpAddress,
|
|
hpnicfAclAdvancedSrcWild
|
|
IpAddress,
|
|
hpnicfAclAdvancedSrcOp
|
|
INTEGER,
|
|
hpnicfAclAdvancedSrcPort1
|
|
Integer32,
|
|
hpnicfAclAdvancedSrcPort2
|
|
Integer32,
|
|
hpnicfAclAdvancedDestIp
|
|
IpAddress,
|
|
hpnicfAclAdvancedDestWild
|
|
IpAddress,
|
|
hpnicfAclAdvancedDestOp
|
|
INTEGER,
|
|
hpnicfAclAdvancedDestPort1
|
|
Integer32,
|
|
hpnicfAclAdvancedDestPort2
|
|
Integer32,
|
|
hpnicfAclAdvancedPrecedence
|
|
Integer32,
|
|
hpnicfAclAdvancedTos
|
|
Integer32,
|
|
hpnicfAclAdvancedDscp
|
|
Integer32,
|
|
hpnicfAclAdvancedEstablish
|
|
TruthValue,
|
|
hpnicfAclAdvancedTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclAdvancedIcmpType
|
|
Integer32,
|
|
hpnicfAclAdvancedIcmpCode
|
|
Integer32,
|
|
hpnicfAclAdvancedFragments
|
|
TruthValue,
|
|
hpnicfAclAdvancedLog
|
|
TruthValue,
|
|
hpnicfAclAdvancedEnable
|
|
TruthValue,
|
|
hpnicfAclAdvancedCount
|
|
Counter32,
|
|
hpnicfAclAdvancedCountClear
|
|
INTEGER,
|
|
hpnicfAclAdvancedRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclAdvancedAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|3000..3999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 1 }
|
|
|
|
hpnicfAclAdvancedSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subindex of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 2 }
|
|
|
|
hpnicfAclAdvancedAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of Advance acl rule."
|
|
|
|
::= { hpnicfAclAdvancedRuleEntry 3 }
|
|
|
|
hpnicfAclAdvancedProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol-type of advanced acl group.
|
|
<1-255> Protocol number
|
|
gre GRE tunneling(47)
|
|
icmp Internet Control Message Protocol(1)
|
|
igmp Internet Group Management Protocol(2)
|
|
ip Any IP protocol
|
|
ipinip IP in IP tunneling(4)
|
|
ospf OSPF routing protocol(89)
|
|
tcp Transmission Control Protocol (6)
|
|
udp User Datagram Protocol (17)"
|
|
::= { hpnicfAclAdvancedRuleEntry 4 }
|
|
|
|
hpnicfAclAdvancedSrcIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 5 }
|
|
|
|
hpnicfAclAdvancedSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address wild of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 6 }
|
|
|
|
hpnicfAclAdvancedSrcOp OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
lt(1),
|
|
eq(2),
|
|
gt(3),
|
|
neq(4),
|
|
range(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The source IP-address's operator of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 7 }
|
|
|
|
hpnicfAclAdvancedSrcPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port1."
|
|
::= { hpnicfAclAdvancedRuleEntry 8 }
|
|
|
|
hpnicfAclAdvancedSrcPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port2."
|
|
::= { hpnicfAclAdvancedRuleEntry 9 }
|
|
|
|
hpnicfAclAdvancedDestIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP-address of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 10 }
|
|
|
|
hpnicfAclAdvancedDestWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP-address wild of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 11 }
|
|
|
|
hpnicfAclAdvancedDestOp OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
lt(1),
|
|
eq(2),
|
|
gt(3),
|
|
neq(4),
|
|
range(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The destination IP-address's operator of advanced acl group."
|
|
::= { hpnicfAclAdvancedRuleEntry 12 }
|
|
|
|
hpnicfAclAdvancedDestPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port1."
|
|
::= { hpnicfAclAdvancedRuleEntry 13 }
|
|
|
|
hpnicfAclAdvancedDestPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port2."
|
|
::= { hpnicfAclAdvancedRuleEntry 14 }
|
|
|
|
hpnicfAclAdvancedPrecedence OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's precedence.
|
|
<0-7> Value of precedence
|
|
routine Specify routine precedence(0)
|
|
priority Specify priority precedence(1)
|
|
immediate Specify immediate precedence(2)
|
|
flash Specify flash precedence(3)
|
|
flash-override Specify flash-override precedence(4)
|
|
critical Specify critical precedence(5)
|
|
internet Specify internetwork control precedence(6)
|
|
network Specify network control precedence(7) "
|
|
::= { hpnicfAclAdvancedRuleEntry 15 }
|
|
|
|
hpnicfAclAdvancedTos OBJECT-TYPE
|
|
SYNTAX Integer32 (0..15|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's TOS.
|
|
<0-15> Value of TOS(type of service)
|
|
max-reliability Match packets with max reliable TOS(2)
|
|
max-throughput Match packets with max throughput TOS(4)
|
|
min-delay Match packets with min delay TOS(8)
|
|
min-monetary-cost Match packets with min monetary cost TOS(1)
|
|
normal Match packets with normal TOS(0) "
|
|
::= { hpnicfAclAdvancedRuleEntry 16 }
|
|
|
|
hpnicfAclAdvancedDscp OBJECT-TYPE
|
|
SYNTAX Integer32 (0..63|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of DSCP.
|
|
<0-63> Value of DSCP
|
|
af11 Specify Assured Forwarding 11 service(10)
|
|
af12 Specify Assured Forwarding 12 service(12)
|
|
af13 Specify Assured Forwarding 13 service(14)
|
|
af21 Specify Assured Forwarding 21 service(18)
|
|
af22 Specify Assured Forwarding 22 service(20)
|
|
af23 Specify Assured Forwarding 23 service(22)
|
|
af31 Specify Assured Forwarding 31 service(26)
|
|
af32 Specify Assured Forwarding 32 service(28)
|
|
af33 Specify Assured Forwarding 33 service(30)
|
|
af41 Specify Assured Forwarding 41 service(34)
|
|
af42 Specify Assured Forwarding 42 service(36)
|
|
af43 Specify Assured Forwarding 43 service(38)
|
|
be Specify Best Effort service(0)
|
|
cs1 Specify Class Selector 1 service(8)
|
|
cs2 Specify Class Selector 2 service(16)
|
|
cs3 Specify Class Selector 3 service(24)
|
|
cs4 Specify Class Selector 4 service(32)
|
|
cs5 Specify Class Selector 5 service(40)
|
|
cs6 Specify Class Selector 6 service(48)
|
|
cs7 Specify Class Selector 7 service(56)
|
|
ef Specify Expedited Forwarding service(46)"
|
|
::= { hpnicfAclAdvancedRuleEntry 17 }
|
|
|
|
hpnicfAclAdvancedEstablish OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Establish flag."
|
|
DEFVAL { false }
|
|
::= { hpnicfAclAdvancedRuleEntry 18 }
|
|
|
|
hpnicfAclAdvancedTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of advanced acl rule."
|
|
::= { hpnicfAclAdvancedRuleEntry 19 }
|
|
|
|
hpnicfAclAdvancedIcmpType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of ICMP packet.
|
|
Integer32 ICMP type
|
|
echo Type=8, Code=0
|
|
echo-reply Type=0, Code=0
|
|
fragmentneed-DFset Type=3, Code=4
|
|
host-redirect Type=5, Code=1
|
|
host-tos-redirect Type=5, Code=3
|
|
host-unreachable Type=3, Code=1
|
|
information-reply Type=16, Code=0
|
|
information-request Type=15, Code=0
|
|
net-redirect Type=5, Code=0
|
|
net-tos-redirect Type=5, Code=2
|
|
net-unreachable Type=3, Code=0
|
|
parameter-problem Type=12, Code=0
|
|
port-unreachable Type=3, Code=3
|
|
protocol-unreachable Type=3, Code=2
|
|
reassembly-timeout Type=11, Code=1
|
|
source-quench Type=4, Code=0
|
|
source-route-failed Type=3, Code=5
|
|
timestamp-reply Type=14, Code=0
|
|
timestamp-request Type=13, Code=0
|
|
ttl-exceeded Type=11, Code=0 "
|
|
::= { hpnicfAclAdvancedRuleEntry 20 }
|
|
|
|
hpnicfAclAdvancedIcmpCode OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The code of ICMP packet."
|
|
::= { hpnicfAclAdvancedRuleEntry 21 }
|
|
|
|
hpnicfAclAdvancedFragments OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packet."
|
|
::= { hpnicfAclAdvancedRuleEntry 22 }
|
|
|
|
hpnicfAclAdvancedLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of log."
|
|
::= { hpnicfAclAdvancedRuleEntry 23 }
|
|
|
|
hpnicfAclAdvancedEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
::= { hpnicfAclAdvancedRuleEntry 24 }
|
|
|
|
hpnicfAclAdvancedCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by advanced rule."
|
|
::= { hpnicfAclAdvancedRuleEntry 25 }
|
|
|
|
hpnicfAclAdvancedCountClear OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cleared(1),
|
|
nouse(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
::= { hpnicfAclAdvancedRuleEntry 26 }
|
|
|
|
hpnicfAclAdvancedRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclAdvancedRuleEntry 27 }
|
|
--
|
|
-- hpnicfAclIfRuleTable
|
|
--
|
|
hpnicfAclIfRuleTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIfRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure the rule for interface-based acl group."
|
|
::= { hpnicfAclMibObjects 6 }
|
|
|
|
hpnicfAclIfRuleEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIfRuleEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Define the index of hpnicfAclIfRuleTable."
|
|
INDEX { hpnicfAclIfAclNum, hpnicfAclIfSubitem }
|
|
::= { hpnicfAclIfRuleTable 1 }
|
|
|
|
HpnicfAclIfRuleEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclIfAclNum
|
|
Integer32,
|
|
hpnicfAclIfSubitem
|
|
Integer32,
|
|
hpnicfAclIfAct
|
|
INTEGER,
|
|
hpnicfAclIfIndex
|
|
Integer32,
|
|
hpnicfAclIfAny
|
|
TruthValue,
|
|
hpnicfAclIfTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclIfLog
|
|
TruthValue,
|
|
hpnicfAclIfEnable
|
|
TruthValue,
|
|
hpnicfAclIfCount
|
|
Counter32,
|
|
hpnicfAclIfCountClear
|
|
INTEGER,
|
|
hpnicfAclIfRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclIfAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|1000..1999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of interface-based acl group."
|
|
::= { hpnicfAclIfRuleEntry 1 }
|
|
|
|
hpnicfAclIfSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subindex of interface-based acl group."
|
|
::= { hpnicfAclIfRuleEntry 2 }
|
|
|
|
hpnicfAclIfAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of interface-based acl group."
|
|
::= { hpnicfAclIfRuleEntry 3 }
|
|
|
|
hpnicfAclIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of interface."
|
|
::= { hpnicfAclIfRuleEntry 4 }
|
|
|
|
hpnicfAclIfAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any interface."
|
|
::= { hpnicfAclIfRuleEntry 5 }
|
|
|
|
hpnicfAclIfTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of interface-based acl rule."
|
|
::= { hpnicfAclIfRuleEntry 6 }
|
|
|
|
hpnicfAclIfLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of log."
|
|
::= { hpnicfAclIfRuleEntry 7 }
|
|
|
|
hpnicfAclIfEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
::= { hpnicfAclIfRuleEntry 8 }
|
|
|
|
hpnicfAclIfCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by basic rule."
|
|
::= { hpnicfAclIfRuleEntry 9 }
|
|
|
|
hpnicfAclIfCountClear OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cleared(1),
|
|
nouse(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of the rule's counter."
|
|
::= { hpnicfAclIfRuleEntry 10 }
|
|
|
|
hpnicfAclIfRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclIfRuleEntry 11 }
|
|
|
|
--
|
|
-- hpnicfAclLinkTable
|
|
--
|
|
hpnicfAclLinkTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclLinkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Create link acl."
|
|
::= { hpnicfAclMibObjects 7 }
|
|
|
|
hpnicfAclLinkEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclLinkEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of the link acl table."
|
|
INDEX { hpnicfAclLinkAclNum, hpnicfAclLinkSubitem }
|
|
::= { hpnicfAclLinkTable 1 }
|
|
|
|
HpnicfAclLinkEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclLinkAclNum
|
|
Integer32,
|
|
hpnicfAclLinkSubitem
|
|
Integer32,
|
|
hpnicfAclLinkAct
|
|
INTEGER,
|
|
hpnicfAclLinkProtocol
|
|
INTEGER,
|
|
hpnicfAclLinkFormatType
|
|
INTEGER,
|
|
hpnicfAclLinkVlanTag
|
|
INTEGER,
|
|
hpnicfAclLinkVlanPri
|
|
Integer32,
|
|
hpnicfAclLinkSrcVlanId
|
|
Integer32,
|
|
hpnicfAclLinkSrcMac
|
|
MacAddress,
|
|
hpnicfAclLinkSrcMacWild
|
|
MacAddress,
|
|
hpnicfAclLinkSrcIfIndex
|
|
Integer32,
|
|
hpnicfAclLinkSrcAny
|
|
TruthValue,
|
|
hpnicfAclLinkDestVlanId
|
|
Integer32,
|
|
hpnicfAclLinkDestMac
|
|
MacAddress,
|
|
hpnicfAclLinkDestMacWild
|
|
MacAddress,
|
|
hpnicfAclLinkDestIfIndex
|
|
Integer32,
|
|
hpnicfAclLinkDestAny
|
|
TruthValue,
|
|
hpnicfAclLinkTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclLinkEnable
|
|
TruthValue,
|
|
hpnicfAclLinkRowStatus
|
|
RowStatus,
|
|
hpnicfAclLinkTypeCode
|
|
OCTET STRING,
|
|
hpnicfAclLinkTypeMask
|
|
OCTET STRING,
|
|
hpnicfAclLinkLsapCode
|
|
OCTET STRING,
|
|
hpnicfAclLinkLsapMask
|
|
OCTET STRING,
|
|
hpnicfAclLinkL2LabelRangeOp
|
|
INTEGER,
|
|
hpnicfAclLinkL2LabelRangeBegin
|
|
Integer32,
|
|
hpnicfAclLinkL2LabelRangeEnd
|
|
Integer32,
|
|
hpnicfAclLinkMplsExp
|
|
Integer32
|
|
}
|
|
|
|
hpnicfAclLinkAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|4000..4999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of link-based acl group."
|
|
::= { hpnicfAclLinkEntry 1 }
|
|
|
|
hpnicfAclLinkSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subindex of link-based acl group."
|
|
::= { hpnicfAclLinkEntry 2 }
|
|
|
|
hpnicfAclLinkAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of link-based acl group."
|
|
::= { hpnicfAclLinkEntry 3 }
|
|
|
|
hpnicfAclLinkProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
ip(2048),
|
|
arp(2054),
|
|
rarp(32821),
|
|
mpls(34887),
|
|
pppoeControl(34915),
|
|
pppoeData(34916)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The layer 2 protocol-type of link acl rule."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclLinkEntry 4 }
|
|
|
|
hpnicfAclLinkFormatType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
ethernetII(1),
|
|
snap(2),
|
|
ieee802Dot3And2(3),
|
|
ieee802Dot3(4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Format type of link acl rule."
|
|
::= { hpnicfAclLinkEntry 5 }
|
|
|
|
hpnicfAclLinkVlanTag OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
tagged(1),
|
|
untagged(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of vlan tag of link acl rule."
|
|
::= { hpnicfAclLinkEntry 6 }
|
|
|
|
hpnicfAclLinkVlanPri OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan priority of link acl rule."
|
|
::= { hpnicfAclLinkEntry 7 }
|
|
|
|
hpnicfAclLinkSrcVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..4094)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source vlan ID of link acl rule."
|
|
::= { hpnicfAclLinkEntry 8 }
|
|
|
|
hpnicfAclLinkSrcMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source mac of link acl rule."
|
|
::= { hpnicfAclLinkEntry 9 }
|
|
|
|
hpnicfAclLinkSrcMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source mac wildzard of link acl rule."
|
|
::= { hpnicfAclLinkEntry 10 }
|
|
|
|
hpnicfAclLinkSrcIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IfIndex of link acl rule."
|
|
::= { hpnicfAclLinkEntry 11 }
|
|
|
|
hpnicfAclLinkSrcAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any source."
|
|
::= { hpnicfAclLinkEntry 12 }
|
|
|
|
hpnicfAclLinkDestVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..4094)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination vlan ID of link acl rule."
|
|
::= { hpnicfAclLinkEntry 13 }
|
|
|
|
hpnicfAclLinkDestMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination mac of link acl rule."
|
|
::= { hpnicfAclLinkEntry 14 }
|
|
|
|
hpnicfAclLinkDestMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination mac wildzard of link acl rule."
|
|
::= { hpnicfAclLinkEntry 15 }
|
|
|
|
hpnicfAclLinkDestIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IfIndex of link acl rule."
|
|
::= { hpnicfAclLinkEntry 16 }
|
|
|
|
hpnicfAclLinkDestAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any destination."
|
|
::= { hpnicfAclLinkEntry 17 }
|
|
|
|
hpnicfAclLinkTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of link-based acl rule."
|
|
::= { hpnicfAclLinkEntry 18 }
|
|
|
|
hpnicfAclLinkEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
::= { hpnicfAclLinkEntry 19 }
|
|
|
|
hpnicfAclLinkRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclLinkEntry 20 }
|
|
|
|
hpnicfAclLinkTypeCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING ( SIZE(0..32) )
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of layer 2 protocol.0x0000...0xffff."
|
|
::= { hpnicfAclLinkEntry 21 }
|
|
|
|
hpnicfAclLinkTypeMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING ( SIZE(0..32) )
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of layer 2 protocol.0x0000...0xffff."
|
|
::= { hpnicfAclLinkEntry 22 }
|
|
|
|
hpnicfAclLinkLsapCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of LSAP.0x0000...0xffff."
|
|
::= { hpnicfAclLinkEntry 23 }
|
|
|
|
hpnicfAclLinkLsapMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of LSAP.0x0000...0xffff."
|
|
::= { hpnicfAclLinkEntry 24 }
|
|
|
|
hpnicfAclLinkL2LabelRangeOp OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
lt(1),
|
|
eq(2),
|
|
gt(3),
|
|
neq(4),
|
|
range(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Operation symbol of the MPLS label.
|
|
If the symbol is range(5), the objects hpnicfAclLinkL2LabelRangeBegin and
|
|
hpnicfAclLinkL2LabelRangeEnd should have different values indicating a range.
|
|
Otherwise, only hpnicfAclLinkL2LabelRangeBegin counts,
|
|
object hpnicfAclLinkL2LabelRangeEnd is ignored.
|
|
|
|
invalid(0) -- unavailable
|
|
lt(1) -- less than
|
|
eq(2) -- equal
|
|
gt(3) -- great than
|
|
neq(4) -- not equal
|
|
range(5) -- a range with two ends included
|
|
"
|
|
::= { hpnicfAclLinkEntry 25 }
|
|
|
|
hpnicfAclLinkL2LabelRangeBegin OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The beginning of VPLS VC label."
|
|
::= { hpnicfAclLinkEntry 26 }
|
|
|
|
hpnicfAclLinkL2LabelRangeEnd OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The end of VPLS VC label."
|
|
::= { hpnicfAclLinkEntry 27 }
|
|
|
|
hpnicfAclLinkMplsExp OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of MPLS-packet's Exp."
|
|
::= { hpnicfAclLinkEntry 28 }
|
|
--
|
|
-- hpnicfAclUserTable
|
|
--
|
|
hpnicfAclUserTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Create user acl."
|
|
::= { hpnicfAclMibObjects 8 }
|
|
|
|
hpnicfAclUserEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of user acl table."
|
|
INDEX { hpnicfAclUserAclNum, hpnicfAclUserSubitem }
|
|
::= { hpnicfAclUserTable 1 }
|
|
|
|
HpnicfAclUserEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclUserAclNum
|
|
Integer32,
|
|
hpnicfAclUserSubitem
|
|
Integer32,
|
|
hpnicfAclUserAct
|
|
INTEGER,
|
|
hpnicfAclUserFormatType
|
|
INTEGER,
|
|
hpnicfAclUserVlanTag
|
|
INTEGER,
|
|
hpnicfAclUserRuleStr
|
|
OCTET STRING,
|
|
hpnicfAclUserRuleMask
|
|
OCTET STRING,
|
|
hpnicfAclUserTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclUserEnable
|
|
TruthValue,
|
|
hpnicfAclUserRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclUserAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|5000..5999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of the user acl."
|
|
::= { hpnicfAclUserEntry 1 }
|
|
|
|
hpnicfAclUserSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subitem of the user acl."
|
|
::= { hpnicfAclUserEntry 2 }
|
|
|
|
hpnicfAclUserAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of the user acl."
|
|
::= { hpnicfAclUserEntry 3 }
|
|
|
|
hpnicfAclUserFormatType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
ethernetII(1),
|
|
snap(2),
|
|
ieee802Dot2And3(3),
|
|
ieee802Dot4(4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Format type."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclUserEntry 4 }
|
|
|
|
hpnicfAclUserVlanTag OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
tagged(1),
|
|
untagged(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan tag exits or not."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclUserEntry 5 }
|
|
|
|
hpnicfAclUserRuleStr OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..80))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Rule string."
|
|
::= { hpnicfAclUserEntry 6 }
|
|
|
|
hpnicfAclUserRuleMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..80))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Rule mask."
|
|
::= { hpnicfAclUserEntry 7 }
|
|
|
|
hpnicfAclUserTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of the user defined acl."
|
|
::= { hpnicfAclUserEntry 8 }
|
|
|
|
hpnicfAclUserEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
::= { hpnicfAclUserEntry 9 }
|
|
|
|
hpnicfAclUserRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclUserEntry 10 }
|
|
--
|
|
-- hpnicfAclActiveTable
|
|
--
|
|
hpnicfAclActiveTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclActiveEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active acl."
|
|
::= { hpnicfAclMibObjects 9 }
|
|
|
|
hpnicfAclActiveEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclActiveEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of active acl table."
|
|
INDEX { hpnicfAclActiveAclIndex,
|
|
hpnicfAclActiveIfIndex,
|
|
hpnicfAclActiveVlanID,
|
|
hpnicfAclActiveDirection
|
|
}
|
|
::= { hpnicfAclActiveTable 1 }
|
|
|
|
HpnicfAclActiveEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclActiveAclIndex
|
|
Integer32,
|
|
hpnicfAclActiveIfIndex
|
|
Integer32,
|
|
hpnicfAclActiveVlanID
|
|
Integer32,
|
|
hpnicfAclActiveDirection
|
|
INTEGER,
|
|
hpnicfAclActiveUserAclNum
|
|
Integer32,
|
|
hpnicfAclActiveUserAclSubitem
|
|
Integer32,
|
|
hpnicfAclActiveIpAclNum
|
|
Integer32,
|
|
hpnicfAclActiveIpAclSubitem
|
|
Integer32,
|
|
hpnicfAclActiveLinkAclNum
|
|
Integer32,
|
|
hpnicfAclActiveLinkAclSubitem
|
|
Integer32,
|
|
hpnicfAclActiveRuntime
|
|
TruthValue,
|
|
hpnicfAclActiveRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclActiveAclIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0|1..5999|10000..12999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Acl index."
|
|
::= { hpnicfAclActiveEntry 1 }
|
|
|
|
hpnicfAclActiveIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IfIndex."
|
|
::= { hpnicfAclActiveEntry 2 }
|
|
|
|
hpnicfAclActiveVlanID OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The lower 16 bits is Vlan ID, the higher 16 bits,
|
|
if not zero, it describes the slot ID of the L3plus board.
|
|
"
|
|
::= { hpnicfAclActiveEntry 3 }
|
|
|
|
hpnicfAclActiveDirection OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
input(1),
|
|
output(2),
|
|
both(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Direction."
|
|
::= { hpnicfAclActiveEntry 4 }
|
|
|
|
hpnicfAclActiveUserAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|5000..5999|10000..12999)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of the user acl."
|
|
::= { hpnicfAclActiveEntry 5 }
|
|
|
|
hpnicfAclActiveUserAclSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subitem of the user acl."
|
|
::= { hpnicfAclActiveEntry 6 }
|
|
|
|
hpnicfAclActiveIpAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|2000..3999|10000..12999)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of the IP acl."
|
|
::= { hpnicfAclActiveEntry 7 }
|
|
|
|
hpnicfAclActiveIpAclSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subitem of the IP acl."
|
|
::= { hpnicfAclActiveEntry 8 }
|
|
|
|
hpnicfAclActiveLinkAclNum OBJECT-TYPE
|
|
SYNTAX Integer32 (0|4000..4999|10000..12999)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The num of the link acl."
|
|
::= { hpnicfAclActiveEntry 9 }
|
|
|
|
hpnicfAclActiveLinkAclSubitem OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subitem of the link acl."
|
|
::= { hpnicfAclActiveEntry 10 }
|
|
|
|
hpnicfAclActiveRuntime OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Is run or not."
|
|
::= { hpnicfAclActiveEntry 11 }
|
|
|
|
hpnicfAclActiveRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now support three state: CreateAndGo, Active, Destroy."
|
|
::= { hpnicfAclActiveEntry 12 }
|
|
|
|
--
|
|
-- hpnicfAclIDSTable
|
|
--
|
|
hpnicfAclIDSTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIDSEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure the rule for IDS."
|
|
::= { hpnicfAclMibObjects 10 }
|
|
|
|
hpnicfAclIDSEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIDSEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of acl ids table."
|
|
INDEX { IMPLIED hpnicfAclIDSName}
|
|
::= { hpnicfAclIDSTable 1 }
|
|
|
|
HpnicfAclIDSEntry ::=
|
|
SEQUENCE {
|
|
hpnicfAclIDSName
|
|
OCTET STRING,
|
|
hpnicfAclIDSSrcMac
|
|
MacAddress,
|
|
hpnicfAclIDSDestMac
|
|
MacAddress,
|
|
hpnicfAclIDSSrcIp
|
|
IpAddress,
|
|
hpnicfAclIDSSrcWild
|
|
IpAddress,
|
|
hpnicfAclIDSDestIp
|
|
IpAddress,
|
|
hpnicfAclIDSDestWild
|
|
IpAddress,
|
|
hpnicfAclIDSSrcPort
|
|
Integer32,
|
|
hpnicfAclIDSDestPort
|
|
Integer32,
|
|
hpnicfAclIDSProtocol
|
|
Integer32,
|
|
hpnicfAclIDSDenyTime
|
|
Unsigned32,
|
|
hpnicfAclIDSAct
|
|
INTEGER,
|
|
hpnicfAclIDSRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclIDSName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name index of the IDS table."
|
|
::= { hpnicfAclIDSEntry 1 }
|
|
|
|
hpnicfAclIDSSrcMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source mac of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 2 }
|
|
|
|
|
|
hpnicfAclIDSDestMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination mac of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 3 }
|
|
|
|
hpnicfAclIDSSrcIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 4 }
|
|
|
|
hpnicfAclIDSSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP-address wild of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 5 }
|
|
|
|
hpnicfAclIDSDestIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP-address of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 6 }
|
|
|
|
hpnicfAclIDSDestWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP-address wild of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 7 }
|
|
|
|
hpnicfAclIDSSrcPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port."
|
|
::= { hpnicfAclIDSEntry 8 }
|
|
|
|
hpnicfAclIDSDestPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port."
|
|
::= { hpnicfAclIDSEntry 9 }
|
|
|
|
hpnicfAclIDSProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol-type of advanced acl group.
|
|
<1-255> Protocol number
|
|
gre GRE tunneling(47)
|
|
icmp Internet Control Message Protocol(1)
|
|
igmp Internet Group Management Protocol(2)
|
|
ip Any IP protocol
|
|
ipinip IP in IP tunneling(4)
|
|
ospf OSPF routing protocol(89)
|
|
tcp Transmission Control Protocol (6)
|
|
udp User Datagram Protocol (17)
|
|
"
|
|
::= { hpnicfAclIDSEntry 10 }
|
|
|
|
hpnicfAclIDSDenyTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum number of seconds which deny for this acl rule."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclIDSEntry 11 }
|
|
|
|
|
|
hpnicfAclIDSAct OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of IDS acl rule."
|
|
::= { hpnicfAclIDSEntry 12 }
|
|
|
|
hpnicfAclIDSRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus, now supports three states: CreateAndGo, Active, and Destroy."
|
|
::= { hpnicfAclIDSEntry 13 }
|
|
--
|
|
-- Nodes of hpnicfAclMib2Objects
|
|
--
|
|
hpnicfAclMib2Objects OBJECT IDENTIFIER ::= { hpnicfAcl 2 }
|
|
--
|
|
-- Nodes of hpnicfAclMib2GlobalGroup
|
|
--
|
|
hpnicfAclMib2GlobalGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 1 }
|
|
|
|
hpnicfAclMib2NodesGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2GlobalGroup 1 }
|
|
|
|
hpnicfAclMib2Mode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
linkBased(1),
|
|
ipBased(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The applying mode of ACL."
|
|
::= { hpnicfAclMib2NodesGroup 1 }
|
|
|
|
hpnicfAclMib2Version OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The version of this file.
|
|
The output value has the format of 'xx'or 'xxx'.
|
|
For example: 10 means 1.0; 125 means 12.5.
|
|
"
|
|
::= { hpnicfAclMib2NodesGroup 2 }
|
|
|
|
hpnicfAclMib2ObjectsCapabilities OBJECT-TYPE
|
|
SYNTAX BITS
|
|
{
|
|
hpnicfAclMib2Mode(0),
|
|
hpnicfAclVersion(1),
|
|
hpnicfAclMib2ObjectsCapabilities(2),
|
|
hpnicfAclMib2CapabilityTable(3),
|
|
hpnicfAclNumberGroupTable(4),
|
|
hpnicfAclIPAclBasicTable(5),
|
|
hpnicfAclIPAclAdvancedTable(6),
|
|
hpnicfAclMACTable(7),
|
|
hpnicfAclEnUserTable(8),
|
|
hpnicfAclMib2ProcessingStatus(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The objects of hpnicfAclMib2Objects."
|
|
::= { hpnicfAclMib2NodesGroup 3 }
|
|
|
|
hpnicfAclMib2ProcessingStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
processing(1),
|
|
done(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The processing status of ACL operation."
|
|
::= { hpnicfAclMib2NodesGroup 4 }
|
|
|
|
hpnicfAclMib2CapabilityTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclMib2CapabilityEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The capability of mib2."
|
|
::= { hpnicfAclMib2GlobalGroup 2 }
|
|
|
|
hpnicfAclMib2CapabilityEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclMib2CapabilityEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The information of Capability of mib2."
|
|
INDEX { hpnicfAclMib2EntityType,
|
|
hpnicfAclMib2EntityIndex,
|
|
hpnicfAclMib2ModuleIndex,
|
|
hpnicfAclMib2CharacteristicsIndex
|
|
}
|
|
::= { hpnicfAclMib2CapabilityTable 1 }
|
|
|
|
HpnicfAclMib2CapabilityEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclMib2EntityType
|
|
INTEGER,
|
|
hpnicfAclMib2EntityIndex
|
|
Integer32,
|
|
hpnicfAclMib2ModuleIndex
|
|
INTEGER,
|
|
hpnicfAclMib2CharacteristicsIndex
|
|
Integer32,
|
|
hpnicfAclMib2CharacteristicsDesc
|
|
OCTET STRING,
|
|
hpnicfAclMib2CharacteristicsValue
|
|
Unsigned32
|
|
}
|
|
|
|
hpnicfAclMib2EntityType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
system(1),
|
|
interface(2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of entity.
|
|
system: The entity is systemic level.
|
|
interface: The entity is interface level.
|
|
"
|
|
::= { hpnicfAclMib2CapabilityEntry 1 }
|
|
|
|
hpnicfAclMib2EntityIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of entity.
|
|
If hpnicfAclMib2EntityType is system, the value of this object is 0.
|
|
|
|
If hpnicfAclMib2EntityType is interface,
|
|
the value of this object is equal to 'ifIndex'.
|
|
"
|
|
::= { hpnicfAclMib2CapabilityEntry 2 }
|
|
|
|
hpnicfAclMib2ModuleIndex OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
layer3(1),
|
|
layer2(2),
|
|
userDefined(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The module index of ACL."
|
|
::= { hpnicfAclMib2CapabilityEntry 3 }
|
|
|
|
hpnicfAclMib2CharacteristicsIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The characteristics index of mib2.
|
|
See DESCRIPTION of hpnicfAclMib2CharacteristicsValue
|
|
to get detail information about the value of this object.
|
|
"
|
|
::= { hpnicfAclMib2CapabilityEntry 4 }
|
|
|
|
hpnicfAclMib2CharacteristicsDesc OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of characteristics."
|
|
::= { hpnicfAclMib2CapabilityEntry 5 }
|
|
|
|
hpnicfAclMib2CharacteristicsValue OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of capability of this object.
|
|
TypeOfRuleStringValue : notSupport(0) and the length of
|
|
RuleString.
|
|
|
|
TypeOfCodeValue : OnlyOneNotSupport(0),
|
|
MoreThanOneNotSupport(1)
|
|
If hpnicfAclMib2CharacteristicsValue is 'moreThanOneNotSupport',
|
|
hpnicfAclMib2CharacteristicsDesc must be used to depict which
|
|
protocols are not supported. The output value of
|
|
hpnicfAclMib2CharacteristicsDesc has the format of 'a,b'.
|
|
For example, 'ip,rarp'.
|
|
|
|
layer3 Module:
|
|
Index Characteristics value
|
|
1 SourceIPAddress notSupport(0)
|
|
2 DestinationIPAddress notSupport(0)
|
|
3 SourcePort notSupport(0)
|
|
4 DestinationPort notSupport(0)
|
|
5 IPPrecedence notSupport(0)
|
|
6 TOS notSupport(0)
|
|
7 DSCP notSupport(0)
|
|
8 TCPFlag notSupport(0)
|
|
9 FragmentFlag notSupport(0)
|
|
10 Log notSupport(0)
|
|
11 RuleMatchCounter notSupport(0)
|
|
12 ResetRuleMatchCounter notSupport(0)
|
|
13 VPN notSupport(0)
|
|
15 protocol notSupport(0)
|
|
16 AddressFlag notSupport(0)
|
|
|
|
layer2 Module:
|
|
Index Characteristics value
|
|
1 ProtocolType TypeOfCodeValue
|
|
2 SourceMAC notSupport(0)
|
|
3 DestinationMAC notSupport(0)
|
|
4 LSAPType TypeOfCodeValue
|
|
5 CoS notSupport(0)
|
|
|
|
UserDefined Module:
|
|
Index Characteristics value
|
|
1 UserDefaultOffset TypeOfRuleStringValue
|
|
2 UserL2RuleOffset TypeOfRuleStringValue
|
|
3 UserMplsOffset TypeOfRuleStringValue
|
|
4 UserIPv4Offset TypeOfRuleStringValue
|
|
5 UserIPv6Offset TypeOfRuleStringValue
|
|
6 UserL4Offset TypeOfRuleStringValue
|
|
7 UserL5Offset TypeOfRuleStringValue
|
|
"
|
|
::= { hpnicfAclMib2CapabilityEntry 6 }
|
|
|
|
--
|
|
-- Nodes of number group
|
|
--
|
|
hpnicfAclNumberGroupTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNumberGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of the number acl group information."
|
|
::= { hpnicfAclMib2GlobalGroup 3 }
|
|
|
|
hpnicfAclNumberGroupEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNumberGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number acl group information entry."
|
|
INDEX { hpnicfAclNumberGroupType, hpnicfAclNumberGroupIndex }
|
|
::= { hpnicfAclNumberGroupTable 1 }
|
|
|
|
HpnicfAclNumberGroupEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclNumberGroupType
|
|
INTEGER,
|
|
hpnicfAclNumberGroupIndex
|
|
Integer32,
|
|
hpnicfAclNumberGroupRowStatus
|
|
RowStatus,
|
|
hpnicfAclNumberGroupMatchOrder
|
|
INTEGER,
|
|
hpnicfAclNumberGroupStep
|
|
Integer32,
|
|
hpnicfAclNumberGroupDescription
|
|
OCTET STRING,
|
|
hpnicfAclNumberGroupCountClear
|
|
CounterClear,
|
|
hpnicfAclNumberGroupRuleCounter
|
|
Counter32,
|
|
hpnicfAclNumberGroupName
|
|
OCTET STRING
|
|
}
|
|
hpnicfAclNumberGroupType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
mac(3),
|
|
user(4)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of number group.
|
|
Basic ACL and Advanced ACL support ipv4 and ipv6.
|
|
The range of Basic ACL is from 2000 to 2999.
|
|
The range of Advanced ACL is from 3000 to 3999.
|
|
|
|
Simple ACL supports ipv6 only.
|
|
The range of Simple ACL is from 10000 to 42767.
|
|
|
|
MAC ACL support mac only.
|
|
The range of MAC ACL is from 4000 to 4999.
|
|
|
|
User-defined ACL support user only.
|
|
The range of user-defined ACL is from 5000 to 5999.
|
|
"
|
|
::= { hpnicfAclNumberGroupEntry 1 }
|
|
|
|
hpnicfAclNumberGroupIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (2000..5999|10000..42767)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group index of number acl.
|
|
Basic type:2000..2999
|
|
Advanced type:3000..3999
|
|
MAC type:4000..4999
|
|
User type:5000..5999
|
|
Simple type:10000..42767
|
|
"
|
|
::= { hpnicfAclNumberGroupEntry 2 }
|
|
|
|
hpnicfAclNumberGroupRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclNumberGroupEntry 3 }
|
|
|
|
hpnicfAclNumberGroupMatchOrder OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
config(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The match-order of number acl group."
|
|
DEFVAL { config }
|
|
::= { hpnicfAclNumberGroupEntry 4 }
|
|
|
|
hpnicfAclNumberGroupStep OBJECT-TYPE
|
|
SYNTAX Integer32 (1..20)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The step of rule index."
|
|
DEFVAL { 5 }
|
|
::= { hpnicfAclNumberGroupEntry 5 }
|
|
|
|
hpnicfAclNumberGroupDescription OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Description of this acl group."
|
|
::= { hpnicfAclNumberGroupEntry 6 }
|
|
|
|
hpnicfAclNumberGroupCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counters of this group."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclNumberGroupEntry 7 }
|
|
|
|
hpnicfAclNumberGroupRuleCounter OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule count of number acl group."
|
|
::= { hpnicfAclNumberGroupEntry 8 }
|
|
|
|
hpnicfAclNumberGroupName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..63))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of this acl group."
|
|
::= { hpnicfAclNumberGroupEntry 9 }
|
|
|
|
--
|
|
-- Nodes of named ACL group
|
|
--
|
|
hpnicfAclNamedGroupTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNamedGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of the named ACL group."
|
|
::= { hpnicfAclMib2GlobalGroup 4 }
|
|
|
|
hpnicfAclNamedGroupEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNamedGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Named ACL group entry."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNamedGroupCategory,
|
|
hpnicfAclNamedGroupName
|
|
}
|
|
::= { hpnicfAclNamedGroupTable 1 }
|
|
|
|
HpnicfAclNamedGroupEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclNamedGroupCategory
|
|
INTEGER,
|
|
hpnicfAclNamedGroupName
|
|
OCTET STRING,
|
|
hpnicfAclNamedGroupRowStatus
|
|
RowStatus,
|
|
hpnicfAclNamedGroupMatchOrder
|
|
INTEGER,
|
|
hpnicfAclNamedGroupStep
|
|
Integer32,
|
|
hpnicfAclNamedGroupDescription
|
|
OCTET STRING,
|
|
hpnicfAclNamedGroupCountClear
|
|
CounterClear,
|
|
hpnicfAclNamedGroupRuleCounter
|
|
Counter32
|
|
}
|
|
|
|
hpnicfAclNamedGroupCategory OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
invalid(0),
|
|
basic(1),
|
|
advanced(2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The category of number group. 1 indicates basic ACL, 2 indicates
|
|
advanced ACL."
|
|
::= { hpnicfAclNamedGroupEntry 1 }
|
|
|
|
hpnicfAclNamedGroupName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..63))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of an ACL group, a case-insensitive string of 1 to 63
|
|
characters. It must start with an English letter.
|
|
"
|
|
::= { hpnicfAclNamedGroupEntry 2 }
|
|
|
|
hpnicfAclNamedGroupRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclNamedGroupEntry 3 }
|
|
|
|
hpnicfAclNamedGroupMatchOrder OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
config(1),
|
|
auto(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The match-order of name acl group."
|
|
DEFVAL { config }
|
|
::= { hpnicfAclNamedGroupEntry 4 }
|
|
|
|
hpnicfAclNamedGroupStep OBJECT-TYPE
|
|
SYNTAX Integer32 (1..20)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The numbering step of the increment of the rule index."
|
|
DEFVAL { 5 }
|
|
::= { hpnicfAclNamedGroupEntry 5 }
|
|
|
|
hpnicfAclNamedGroupDescription OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Description of this ACL group."
|
|
::= { hpnicfAclNamedGroupEntry 6 }
|
|
|
|
hpnicfAclNamedGroupCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the statistics counter of this group."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclNamedGroupEntry 7 }
|
|
|
|
hpnicfAclNamedGroupRuleCounter OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The amount of rules of this group."
|
|
::= { hpnicfAclNamedGroupEntry 8 }
|
|
|
|
--
|
|
-- Node of hpnicfAclIPv6Group
|
|
--
|
|
hpnicfAclIPAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 2 }
|
|
|
|
--
|
|
-- Nodes of hpnicfAclIPAclBasicTable
|
|
--
|
|
|
|
hpnicfAclIPAclBasicTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIPAclBasicEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of basic rule group.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed or applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclIPAclGroup 2 }
|
|
|
|
hpnicfAclIPAclBasicEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIPAclBasicEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Basic rule group information."
|
|
INDEX { hpnicfAclNumberGroupType,
|
|
hpnicfAclNumberGroupIndex,
|
|
hpnicfAclIPAclBasicRuleIndex
|
|
}
|
|
::= { hpnicfAclIPAclBasicTable 1 }
|
|
|
|
HpnicfAclIPAclBasicEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclIPAclBasicRuleIndex
|
|
Integer32,
|
|
hpnicfAclIPAclBasicRowStatus
|
|
RowStatus,
|
|
hpnicfAclIPAclBasicAct
|
|
RuleAction,
|
|
hpnicfAclIPAclBasicSrcAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclBasicSrcAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclBasicSrcPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclBasicSrcAny
|
|
TruthValue,
|
|
hpnicfAclIPAclBasicSrcWild
|
|
IpAddress,
|
|
hpnicfAclIPAclBasicTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclBasicFragmentFlag
|
|
FragmentFlag,
|
|
hpnicfAclIPAclBasicLog
|
|
TruthValue,
|
|
hpnicfAclIPAclBasicCount
|
|
Unsigned32,
|
|
hpnicfAclIPAclBasicCountClear
|
|
CounterClear,
|
|
hpnicfAclIPAclBasicEnable
|
|
TruthValue,
|
|
hpnicfAclIPAclBasicVpnInstanceName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclBasicComment
|
|
OCTET STRING,
|
|
hpnicfAclIPAclBasicCounting
|
|
TruthValue,
|
|
hpnicfAclIPAclBasicRouteTypeAny
|
|
TruthValue,
|
|
hpnicfAclIPAclBasicRouteTypeValue
|
|
Integer32
|
|
}
|
|
|
|
hpnicfAclIPAclBasicRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule index of basic acl group."
|
|
::= { hpnicfAclIPAclBasicEntry 1 }
|
|
|
|
hpnicfAclIPAclBasicRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclIPAclBasicEntry 2 }
|
|
|
|
hpnicfAclIPAclBasicAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of basic acl rule."
|
|
::= { hpnicfAclIPAclBasicEntry 3 }
|
|
|
|
hpnicfAclIPAclBasicSrcAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP addresses type of IP pool."
|
|
::= { hpnicfAclIPAclBasicEntry 4 }
|
|
|
|
hpnicfAclIPAclBasicSrcAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of a local IP address is available for this association.
|
|
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclBasicSrcAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 5 }
|
|
|
|
hpnicfAclIPAclBasicSrcPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address prefix.
|
|
A value of n corresponds to an IP address mask
|
|
that has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 6 }
|
|
|
|
hpnicfAclIPAclBasicSrcAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclBasicEntry 7 }
|
|
|
|
hpnicfAclIPAclBasicSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv4 address wildcard mask.
|
|
Only IPv4 Basic Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 8 }
|
|
|
|
hpnicfAclIPAclBasicTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of basic acl rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 9 }
|
|
|
|
hpnicfAclIPAclBasicFragmentFlag OBJECT-TYPE
|
|
SYNTAX FragmentFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packets."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclBasicEntry 10 }
|
|
|
|
hpnicfAclIPAclBasicLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule."
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclBasicEntry 11 }
|
|
|
|
hpnicfAclIPAclBasicCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matches by the rule."
|
|
::= { hpnicfAclIPAclBasicEntry 12 }
|
|
|
|
hpnicfAclIPAclBasicCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclIPAclBasicEntry 13 }
|
|
|
|
hpnicfAclIPAclBasicEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclBasicEntry 14 }
|
|
|
|
hpnicfAclIPAclBasicVpnInstanceName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN name, to which the rule will be applied.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 15 }
|
|
|
|
hpnicfAclIPAclBasicComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclIPAclBasicEntry 16 }
|
|
|
|
hpnicfAclIPAclBasicCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclBasicEntry 17 }
|
|
|
|
hpnicfAclIPAclBasicRouteTypeAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any type of routing header of IPv6 packet.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclBasicEntry 18 }
|
|
|
|
hpnicfAclIPAclBasicRouteTypeValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Match specific type of routing header of IPv6 packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclBasicEntry 19 }
|
|
|
|
--
|
|
-- Notes of hpnicfAclIPAclAdvancedTable
|
|
--
|
|
hpnicfAclIPAclAdvancedTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIPAclAdvancedEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of advanced and simple acl group.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed and applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclIPAclGroup 3 }
|
|
|
|
hpnicfAclIPAclAdvancedEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIPAclAdvancedEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Advanced acl group information."
|
|
INDEX { hpnicfAclNumberGroupType,
|
|
hpnicfAclNumberGroupIndex,
|
|
hpnicfAclIPAclAdvancedRuleIndex
|
|
}
|
|
::= { hpnicfAclIPAclAdvancedTable 1 }
|
|
|
|
HpnicfAclIPAclAdvancedEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclIPAclAdvancedRuleIndex
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedRowStatus
|
|
RowStatus,
|
|
hpnicfAclIPAclAdvancedAct
|
|
RuleAction,
|
|
hpnicfAclIPAclAdvancedProtocol
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedAddrFlag
|
|
AddressFlag,
|
|
hpnicfAclIPAclAdvancedSrcAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclAdvancedSrcAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclAdvancedSrcPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclAdvancedSrcAny
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedSrcWild
|
|
IpAddress,
|
|
hpnicfAclIPAclAdvancedSrcOp
|
|
PortOp,
|
|
hpnicfAclIPAclAdvancedSrcPort1
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedSrcPort2
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedDestAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclAdvancedDestAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclAdvancedDestPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclAdvancedDestAny
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedDestWild
|
|
IpAddress,
|
|
hpnicfAclIPAclAdvancedDestOp
|
|
PortOp,
|
|
hpnicfAclIPAclAdvancedDestPort1
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedDestPort2
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedIcmpType
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedIcmpCode
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedPrecedence
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedTos
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedDscp
|
|
DSCPValue,
|
|
hpnicfAclIPAclAdvancedTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclAdvancedTCPFlag
|
|
TCPFlag,
|
|
hpnicfAclIPAclAdvancedFragmentFlag
|
|
FragmentFlag,
|
|
hpnicfAclIPAclAdvancedLog
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedCount
|
|
Unsigned32,
|
|
hpnicfAclIPAclAdvancedCountClear
|
|
CounterClear,
|
|
hpnicfAclIPAclAdvancedEnable
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedVpnInstanceName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclAdvancedComment
|
|
OCTET STRING,
|
|
hpnicfAclIPAclAdvancedReflective
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedCounting
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedTCPFlagMask
|
|
BITS,
|
|
hpnicfAclIPAclAdvancedTCPFlagValue
|
|
BITS,
|
|
hpnicfAclIPAclAdvancedRouteTypeAny
|
|
TruthValue,
|
|
hpnicfAclIPAclAdvancedRouteTypeValue
|
|
Integer32,
|
|
hpnicfAclIPAclAdvancedFlowLabel
|
|
Unsigned32,
|
|
hpnicfAclIPAclAdvancedSrcSuffix
|
|
Unsigned32,
|
|
hpnicfAclIPAclAdvancedDestSuffix
|
|
Unsigned32
|
|
}
|
|
|
|
hpnicfAclIPAclAdvancedRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule index of advanced acl group.
|
|
As a Simple ACL group, the value of this object must be 0.
|
|
As an Advanced ACL group, the value of this object is ranging
|
|
from 0 to 65534.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 1 }
|
|
|
|
hpnicfAclIPAclAdvancedRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclIPAclAdvancedEntry 2 }
|
|
|
|
hpnicfAclIPAclAdvancedAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of advanced acl rule."
|
|
::= { hpnicfAclIPAclAdvancedEntry 3 }
|
|
|
|
hpnicfAclIPAclAdvancedProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol-type of advanced acl group. 0 indicates any IPv4 or
|
|
IPv6 protocol.
|
|
<1-255> Protocol number
|
|
gre GRE tunneling(47)
|
|
icmp Internet Control Message Protocol(1)
|
|
icmpv6 Internet Control Message Protocol6(58)
|
|
igmp Internet Group Management Protocol(2)
|
|
ipinip IP in IP tunneling(4)
|
|
ospf OSPF routing protocol(89)
|
|
tcp Transmission Control Protocol (6)
|
|
udp User Datagram Protocol (17)
|
|
ipv6-ah IPv6 Authentication Header(51)
|
|
ipv6-esp IPv6 Encapsulating Security Payload(50)
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 4 }
|
|
|
|
hpnicfAclIPAclAdvancedAddrFlag OBJECT-TYPE
|
|
SYNTAX AddressFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Address flag to select address."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclAdvancedEntry 5 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP addresses type of IP pool."
|
|
::= { hpnicfAclIPAclAdvancedEntry 6 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of a local IP address available for this association.
|
|
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclAdvancedSrcAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 7 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address prefix.
|
|
A value of n corresponds to an IP address mask
|
|
which has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 8 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclAdvancedEntry 9 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv4 address wildcard mask.
|
|
Only IPv4 Advanced Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 10 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcOp OBJECT-TYPE
|
|
SYNTAX PortOp
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source port operation symbol of advanced acl group."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclAdvancedEntry 11 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port1."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 12 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port2."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 13 }
|
|
|
|
hpnicfAclIPAclAdvancedDestAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP addresses type of IP pool."
|
|
::= { hpnicfAclIPAclAdvancedEntry 14 }
|
|
|
|
hpnicfAclIPAclAdvancedDestAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of a local IP address available for this association.
|
|
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclAdvancedDestAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 15 }
|
|
|
|
hpnicfAclIPAclAdvancedDestPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address prefix.
|
|
A value of n corresponds to an IP address mask
|
|
which has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 16 }
|
|
|
|
hpnicfAclIPAclAdvancedDestAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclAdvancedEntry 17 }
|
|
|
|
hpnicfAclIPAclAdvancedDestWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IPv4 address wildcard mask.
|
|
Only IPv4 Advanced Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 18 }
|
|
|
|
hpnicfAclIPAclAdvancedDestOp OBJECT-TYPE
|
|
SYNTAX PortOp
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination port operation symbol of advanced acl group."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclAdvancedEntry 19 }
|
|
|
|
hpnicfAclIPAclAdvancedDestPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port1."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 20 }
|
|
|
|
hpnicfAclIPAclAdvancedDestPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port2."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 21 }
|
|
|
|
hpnicfAclIPAclAdvancedIcmpType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of ICMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 22 }
|
|
|
|
hpnicfAclIPAclAdvancedIcmpCode OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The code of ICMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 23 }
|
|
|
|
hpnicfAclIPAclAdvancedPrecedence OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's precedence.
|
|
<0-7> Value of precedence
|
|
routine Specify routine precedence(0)
|
|
priority Specify priority precedence(1)
|
|
immediate Specify immediate precedence(2)
|
|
flash Specify flash precedence(3)
|
|
flash-override Specify flash-override precedence(4)
|
|
critical Specify critical precedence(5)
|
|
internet Specify internetwork control precedence(6)
|
|
network Specify network control precedence(7)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 24 }
|
|
|
|
hpnicfAclIPAclAdvancedTos OBJECT-TYPE
|
|
SYNTAX Integer32 (0..15|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's TOS.
|
|
<0-15> Value of TOS(type of service)
|
|
max-reliability Match packets with max reliable TOS(2)
|
|
max-throughput Match packets with max throughput TOS(4)
|
|
min-delay Match packets with min delay TOS(8)
|
|
min-monetary-cost Match packets with min monetary cost TOS(1)
|
|
normal Match packets with normal TOS(0)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 25 }
|
|
|
|
hpnicfAclIPAclAdvancedDscp OBJECT-TYPE
|
|
SYNTAX DSCPValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of DSCP of IP packet."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 26 }
|
|
|
|
hpnicfAclIPAclAdvancedTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of advanced acl rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 27 }
|
|
|
|
hpnicfAclIPAclAdvancedTCPFlag OBJECT-TYPE
|
|
SYNTAX TCPFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet type of TCP protocol."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclAdvancedEntry 28 }
|
|
|
|
hpnicfAclIPAclAdvancedFragmentFlag OBJECT-TYPE
|
|
SYNTAX FragmentFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packet,
|
|
and now support two value: 0 or 2."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclAdvancedEntry 29 }
|
|
|
|
hpnicfAclIPAclAdvancedLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Log matched packets."
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclAdvancedEntry 30 }
|
|
|
|
hpnicfAclIPAclAdvancedCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by the rule."
|
|
::= { hpnicfAclIPAclAdvancedEntry 31 }
|
|
|
|
hpnicfAclIPAclAdvancedCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclIPAclAdvancedEntry 32 }
|
|
|
|
hpnicfAclIPAclAdvancedEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclAdvancedEntry 33 }
|
|
|
|
hpnicfAclIPAclAdvancedVpnInstanceName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN name that the rule will be applied.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 34 }
|
|
|
|
hpnicfAclIPAclAdvancedComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 35 }
|
|
|
|
hpnicfAclIPAclAdvancedReflective OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of reflective."
|
|
::= { hpnicfAclIPAclAdvancedEntry 36 }
|
|
|
|
hpnicfAclIPAclAdvancedCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclAdvancedEntry 37 }
|
|
|
|
hpnicfAclIPAclAdvancedTCPFlagMask OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
tcpack(0),
|
|
tcpfin(1),
|
|
tcppsh(2),
|
|
tcprst(3),
|
|
tcpsyn(4),
|
|
tcpurg(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TCP Flag Mask. This is a bit-map of possible conditions.
|
|
The various bit positions are:
|
|
|0 |tcpack |
|
|
|1 |tcpfin |
|
|
|2 |tcppsh |
|
|
|3 |tcprst |
|
|
|4 |tcpsyn |
|
|
|5 |tcpurg |
|
|
"
|
|
DEFVAL { { } }
|
|
::= { hpnicfAclIPAclAdvancedEntry 38 }
|
|
|
|
hpnicfAclIPAclAdvancedTCPFlagValue OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
tcpack(0),
|
|
tcpfin(1),
|
|
tcppsh(2),
|
|
tcprst(3),
|
|
tcpsyn(4),
|
|
tcpurg(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TCP Flag Value. This is a bit-map of possible conditions.
|
|
The various bit positions are:
|
|
|0 |tcpack |
|
|
|1 |tcpfin |
|
|
|2 |tcppsh |
|
|
|3 |tcprst |
|
|
|4 |tcpsyn |
|
|
|5 |tcpurg |
|
|
"
|
|
DEFVAL { { } }
|
|
::= { hpnicfAclIPAclAdvancedEntry 39 }
|
|
|
|
hpnicfAclIPAclAdvancedRouteTypeAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any type of routing header of IPv6 packet.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclAdvancedEntry 40 }
|
|
|
|
hpnicfAclIPAclAdvancedRouteTypeValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of routing header of IPv6 packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 41 }
|
|
|
|
hpnicfAclIPAclAdvancedFlowLabel OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..1048575|4294967295)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of flow label of IPv6 packet header."
|
|
DEFVAL { 4294967295 }
|
|
::= { hpnicfAclIPAclAdvancedEntry 42 }
|
|
|
|
hpnicfAclIPAclAdvancedSrcSuffix OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address suffix.
|
|
A value of n corresponds to an IP address mask
|
|
that has n contiguous 1-bits from the least significant bit
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 43 }
|
|
|
|
hpnicfAclIPAclAdvancedDestSuffix OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address suffix.
|
|
A value of n corresponds to an IP address mask
|
|
that has n contiguous 1-bits from the least significant bit
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclAdvancedEntry 44 }
|
|
|
|
--
|
|
--Nodes of hpnicfAclIPAclNamedBscTable
|
|
--
|
|
|
|
hpnicfAclIPAclNamedBscTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIPAclNamedBscEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of basic rule of named ACL.
|
|
The name of ACL group will be used as an index in this table,
|
|
which differs from the table hpnicfAclIPAclBasicTable.
|
|
If some objects of this table are not supported by some
|
|
products, these objects can't be created, changed or applied.
|
|
Default value of these objects will be returned when they are
|
|
read.
|
|
"
|
|
::= { hpnicfAclIPAclGroup 4 }
|
|
|
|
hpnicfAclIPAclNamedBscEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIPAclNamedBscEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Basic named ACL rule entry."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNamedGroupName,
|
|
hpnicfAclIPAclBasicRuleIndex
|
|
}
|
|
::= { hpnicfAclIPAclNamedBscTable 1 }
|
|
|
|
HpnicfAclIPAclNamedBscEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclIPAclNamedBscRowStatus
|
|
RowStatus,
|
|
hpnicfAclIPAclNamedBscAct
|
|
RuleAction,
|
|
hpnicfAclIPAclNamedBscSrcAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclNamedBscSrcAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclNamedBscSrcPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclNamedBscSrcAny
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedBscSrcWild
|
|
IpAddress,
|
|
hpnicfAclIPAclNamedBscTRangeName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedBscFragmentFlag
|
|
FragmentFlag,
|
|
hpnicfAclIPAclNamedBscLog
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedBscCount
|
|
Unsigned32,
|
|
hpnicfAclIPAclNamedBscCountClear
|
|
CounterClear,
|
|
hpnicfAclIPAclNamedBscEnable
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedBscVpnInstName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedBscComment
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedBscCounting
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedBscRouteTypeAny
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedBscRouteTypeValue
|
|
Integer32
|
|
}
|
|
|
|
hpnicfAclIPAclNamedBscRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclIPAclNamedBscEntry 1 }
|
|
|
|
hpnicfAclIPAclNamedBscAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of basic ACL rule."
|
|
::= { hpnicfAclIPAclNamedBscEntry 2 }
|
|
|
|
hpnicfAclIPAclNamedBscSrcAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP addresses type of IP pool."
|
|
::= { hpnicfAclIPAclNamedBscEntry 3 }
|
|
|
|
hpnicfAclIPAclNamedBscSrcAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified source IP address.
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclNamedBscSrcAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 4 }
|
|
|
|
hpnicfAclIPAclNamedBscSrcPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the length of a generic Internet network address
|
|
prefix. A value of n corresponds to an IP address mask that
|
|
has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 5 }
|
|
|
|
hpnicfAclIPAclNamedBscSrcAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any source IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclNamedBscEntry 6 }
|
|
|
|
hpnicfAclIPAclNamedBscSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv4 address wildcard mask.
|
|
Only IPv4 Basic Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 7 }
|
|
|
|
hpnicfAclIPAclNamedBscTRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of basic acl rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 8 }
|
|
|
|
hpnicfAclIPAclNamedBscFragmentFlag OBJECT-TYPE
|
|
SYNTAX FragmentFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packets."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedBscEntry 9 }
|
|
|
|
hpnicfAclIPAclNamedBscLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule."
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedBscEntry 10 }
|
|
|
|
hpnicfAclIPAclNamedBscCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matches by the rule."
|
|
::= { hpnicfAclIPAclNamedBscEntry 11 }
|
|
|
|
hpnicfAclIPAclNamedBscCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the statistics counter of the rule."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclIPAclNamedBscEntry 12 }
|
|
|
|
hpnicfAclIPAclNamedBscEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedBscEntry 13 }
|
|
|
|
hpnicfAclIPAclNamedBscVpnInstName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN name, to which the rule will be applied.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 14 }
|
|
|
|
hpnicfAclIPAclNamedBscComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclIPAclNamedBscEntry 15 }
|
|
|
|
hpnicfAclIPAclNamedBscCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedBscEntry 16 }
|
|
|
|
hpnicfAclIPAclNamedBscRouteTypeAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any type of routing header of IPv6 packet.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedBscEntry 17 }
|
|
|
|
hpnicfAclIPAclNamedBscRouteTypeValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Value of the routing header type of IPv6 packet,
|
|
in the range of 0 to 255.
|
|
"
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedBscEntry 18 }
|
|
|
|
--
|
|
-- Notes of hpnicfAclIPAclNamedAdvTable
|
|
--
|
|
hpnicfAclIPAclNamedAdvTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIPAclNamedAdvEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of advanced rule of named ACL.
|
|
The name of ACL group will be used as an index in this table,
|
|
which differs from the table hpnicfAclIPAclAdvancedTable.
|
|
If some objects of this table are not supported by some
|
|
products, these objects can't be created, changed or applied.
|
|
Default value of these objects will be returned when they are
|
|
read.
|
|
"
|
|
::= { hpnicfAclIPAclGroup 5 }
|
|
|
|
hpnicfAclIPAclNamedAdvEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIPAclNamedAdvEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Advanced ACL rule information entry."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNamedGroupName,
|
|
hpnicfAclIPAclAdvancedRuleIndex
|
|
}
|
|
::= { hpnicfAclIPAclNamedAdvTable 1 }
|
|
|
|
HpnicfAclIPAclNamedAdvEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclIPAclNamedAdvRowStatus
|
|
RowStatus,
|
|
hpnicfAclIPAclNamedAdvAct
|
|
RuleAction,
|
|
hpnicfAclIPAclNamedAdvProtocol
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvAddrFlag
|
|
AddressFlag,
|
|
hpnicfAclIPAclNamedAdvSrcAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclNamedAdvSrcAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclNamedAdvSrcPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclNamedAdvSrcAny
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvSrcWild
|
|
IpAddress,
|
|
hpnicfAclIPAclNamedAdvSrcOp
|
|
PortOp,
|
|
hpnicfAclIPAclNamedAdvSrcPort1
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvSrcPort2
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvDstAddrType
|
|
InetAddressType,
|
|
hpnicfAclIPAclNamedAdvDstAddr
|
|
InetAddress,
|
|
hpnicfAclIPAclNamedAdvDstPrefix
|
|
InetAddressPrefixLength,
|
|
hpnicfAclIPAclNamedAdvDstAny
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvDstWild
|
|
IpAddress,
|
|
hpnicfAclIPAclNamedAdvDstOp
|
|
PortOp,
|
|
hpnicfAclIPAclNamedAdvDstPort1
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvDstPort2
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvIcmpType
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvIcmpCode
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvPrecedence
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvTos
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvDscp
|
|
DSCPValue,
|
|
hpnicfAclIPAclNamedAdvTRangeName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedAdvTCPFlag
|
|
TCPFlag,
|
|
hpnicfAclIPAclNamedAdvFragmentFlag
|
|
FragmentFlag,
|
|
hpnicfAclIPAclNamedAdvLog
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvCount
|
|
Unsigned32,
|
|
hpnicfAclIPAclNamedAdvCountClear
|
|
CounterClear,
|
|
hpnicfAclIPAclNamedAdvEnable
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvVpnInstName
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedAdvComment
|
|
OCTET STRING,
|
|
hpnicfAclIPAclNamedAdvReflective
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvCounting
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvTCPFlagMask
|
|
BITS,
|
|
hpnicfAclIPAclNamedAdvTCPFlagValue
|
|
BITS,
|
|
hpnicfAclIPAclNamedAdvRouteTypeAny
|
|
TruthValue,
|
|
hpnicfAclIPAclNamedAdvRouteTypeValue
|
|
Integer32,
|
|
hpnicfAclIPAclNamedAdvFlowLabel
|
|
Unsigned32,
|
|
hpnicfAclIPAclNamedAdvSrcSuffix
|
|
Unsigned32,
|
|
hpnicfAclIPAclNamedAdvDstSuffix
|
|
Unsigned32
|
|
}
|
|
|
|
hpnicfAclIPAclNamedAdvRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclIPAclNamedAdvEntry 1 }
|
|
|
|
hpnicfAclIPAclNamedAdvAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of advanced ACL rule."
|
|
::= { hpnicfAclIPAclNamedAdvEntry 2 }
|
|
|
|
hpnicfAclIPAclNamedAdvProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol-type of advanced ACL rule. 0 indicates any IPv4 or
|
|
IPv6 protocol.
|
|
<1-255> Protocol number
|
|
gre GRE tunneling(47)
|
|
icmp Internet Control Message Protocol(1)
|
|
icmpv6 Internet Control Message Protocol6(58)
|
|
igmp Internet Group Management Protocol(2)
|
|
ipinip IP in IP tunneling(4)
|
|
ospf OSPF routing protocol(89)
|
|
tcp Transmission Control Protocol (6)
|
|
udp User Datagram Protocol (17)
|
|
ipv6-ah IPv6 Authentication Header(51)
|
|
ipv6-esp IPv6 Encapsulating Security Payload(50)
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 3 }
|
|
|
|
hpnicfAclIPAclNamedAdvAddrFlag OBJECT-TYPE
|
|
SYNTAX AddressFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Address flag to select address."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 4 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of source IP address.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 5 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified source IP address.
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclNamedAdvSrcAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 6 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the length of a generic Internet network address
|
|
prefix. A value of n corresponds to an IP address mask that
|
|
has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 7 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 8 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IPv4 address wildcard mask.
|
|
Only IPv4 Advanced Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 9 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcOp OBJECT-TYPE
|
|
SYNTAX PortOp
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source port operation symbol of advanced acl group."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 10 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port1."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 11 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer source port2."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 12 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstAddrType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of destination IP address.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 13 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstAddr OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The specified destination IP address.
|
|
The type of this address is determined by the value of
|
|
hpnicfAclIPAclNamedAdvDstAddrType.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 14 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstPrefix OBJECT-TYPE
|
|
SYNTAX InetAddressPrefixLength
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the length of a generic Internet network address
|
|
prefix. A value of n corresponds to an IP address mask that
|
|
has n contiguous 1-bits from the most significant bit (MSB)
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 15 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any IP address."
|
|
DEFVAL { true }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 16 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstWild OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IPv4 address wildcard mask.
|
|
Only IPv4 Advanced Rule supports this object.
|
|
Default value is '0.0.0.0'.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 17 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstOp OBJECT-TYPE
|
|
SYNTAX PortOp
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination port operation symbol of advanced acl group."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 18 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstPort1 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port1."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 19 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstPort2 OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The fourth layer destination port2."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 20 }
|
|
|
|
hpnicfAclIPAclNamedAdvIcmpType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of ICMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 21 }
|
|
|
|
hpnicfAclIPAclNamedAdvIcmpCode OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The code of ICMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 22 }
|
|
|
|
hpnicfAclIPAclNamedAdvPrecedence OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's precedence.
|
|
<0-7> Value of precedence
|
|
routine Specify routine precedence(0)
|
|
priority Specify priority precedence(1)
|
|
immediate Specify immediate precedence(2)
|
|
flash Specify flash precedence(3)
|
|
flash-override Specify flash-override precedence(4)
|
|
critical Specify critical precedence(5)
|
|
internet Specify internetwork control precedence(6)
|
|
network Specify network control precedence(7)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 23 }
|
|
|
|
hpnicfAclIPAclNamedAdvTos OBJECT-TYPE
|
|
SYNTAX Integer32 (0..15|255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of IP-packet's TOS.
|
|
<0-15> Value of TOS(type of service)
|
|
max-reliability Match packets with max reliable TOS(2)
|
|
max-throughput Match packets with max throughput TOS(4)
|
|
min-delay Match packets with min delay TOS(8)
|
|
min-monetary-cost Match packets with min monetary cost TOS(1)
|
|
normal Match packets with normal TOS(0)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 24 }
|
|
|
|
hpnicfAclIPAclNamedAdvDscp OBJECT-TYPE
|
|
SYNTAX DSCPValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of DSCP of IP packet."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 25 }
|
|
|
|
hpnicfAclIPAclNamedAdvTRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of advanced ACL rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 26 }
|
|
|
|
hpnicfAclIPAclNamedAdvTCPFlag OBJECT-TYPE
|
|
SYNTAX TCPFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet type of TCP protocol."
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 27 }
|
|
|
|
hpnicfAclIPAclNamedAdvFragmentFlag OBJECT-TYPE
|
|
SYNTAX FragmentFlag
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching fragmented packet,
|
|
and now support two value: 0 or 2.
|
|
"
|
|
DEFVAL { invalid }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 28 }
|
|
|
|
hpnicfAclIPAclNamedAdvLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Log matched packets."
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 29 }
|
|
|
|
hpnicfAclIPAclNamedAdvCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matches by the rule."
|
|
::= { hpnicfAclIPAclNamedAdvEntry 30 }
|
|
|
|
hpnicfAclIPAclNamedAdvCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the statistics counter of this rule."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 31 }
|
|
|
|
hpnicfAclIPAclNamedAdvEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 32 }
|
|
|
|
hpnicfAclIPAclNamedAdvVpnInstName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN name to which the rule will be applied.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 33 }
|
|
|
|
hpnicfAclIPAclNamedAdvComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is zero-length String.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 34 }
|
|
|
|
hpnicfAclIPAclNamedAdvReflective OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of reflective."
|
|
::= { hpnicfAclIPAclNamedAdvEntry 35 }
|
|
|
|
hpnicfAclIPAclNamedAdvCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 36 }
|
|
|
|
hpnicfAclIPAclNamedAdvTCPFlagMask OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
tcpack(0),
|
|
tcpfin(1),
|
|
tcppsh(2),
|
|
tcprst(3),
|
|
tcpsyn(4),
|
|
tcpurg(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TCP Flag Mask. This is a bit-map of possible conditions.
|
|
The various bit positions are:
|
|
|0 |tcpack |
|
|
|1 |tcpfin |
|
|
|2 |tcppsh |
|
|
|3 |tcprst |
|
|
|4 |tcpsyn |
|
|
|5 |tcpurg |
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 37 }
|
|
|
|
hpnicfAclIPAclNamedAdvTCPFlagValue OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
tcpack(0),
|
|
tcpfin(1),
|
|
tcppsh(2),
|
|
tcprst(3),
|
|
tcpsyn(4),
|
|
tcpurg(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TCP Flag Value. This is a bit-map of possible conditions.
|
|
The various bit positions are:
|
|
|0 |tcpack |
|
|
|1 |tcpfin |
|
|
|2 |tcppsh |
|
|
|3 |tcprst |
|
|
|4 |tcpsyn |
|
|
|5 |tcpurg |
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 38 }
|
|
|
|
hpnicfAclIPAclNamedAdvRouteTypeAny OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flag of matching any type of routing header of IPv6 packet.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 39 }
|
|
|
|
hpnicfAclIPAclNamedAdvRouteTypeValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of routing header of IPv6 packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 40 }
|
|
|
|
hpnicfAclIPAclNamedAdvFlowLabel OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..1048575|4294967295)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of flow label of IPv6 packet header."
|
|
DEFVAL { 4294967295 }
|
|
::= { hpnicfAclIPAclNamedAdvEntry 41 }
|
|
|
|
hpnicfAclIPAclNamedAdvSrcSuffix OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address suffix.
|
|
A value of n corresponds to an IP address mask
|
|
that has n contiguous 1-bits from the least significant bit
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 42 }
|
|
|
|
hpnicfAclIPAclNamedAdvDstSuffix OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Denotes the length of a generic Internet network address suffix.
|
|
A value of n corresponds to an IP address mask
|
|
that has n contiguous 1-bits from the least significant bit
|
|
and all other bits set to 0.
|
|
"
|
|
::= { hpnicfAclIPAclNamedAdvEntry 43 }
|
|
|
|
--
|
|
-- Node of hpnicfAclMACAclGroup
|
|
--
|
|
hpnicfAclMACAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 3 }
|
|
--
|
|
-- Nodes of hpnicfAclMACTable
|
|
--
|
|
hpnicfAclMACTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclMACEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of MAC acl group.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed or applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclMACAclGroup 1 }
|
|
|
|
hpnicfAclMACEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclMACEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC acl group information."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNumberGroupIndex,
|
|
hpnicfAclMACRuleIndex
|
|
}
|
|
::= { hpnicfAclMACTable 1 }
|
|
|
|
HpnicfAclMACEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclMACRuleIndex
|
|
Integer32,
|
|
hpnicfAclMACRowStatus
|
|
RowStatus,
|
|
hpnicfAclMACAct
|
|
RuleAction,
|
|
hpnicfAclMACTypeCode
|
|
OCTET STRING,
|
|
hpnicfAclMACTypeMask
|
|
OCTET STRING,
|
|
hpnicfAclMACSrcMac
|
|
MacAddress,
|
|
hpnicfAclMACSrcMacWild
|
|
MacAddress,
|
|
hpnicfAclMACDestMac
|
|
MacAddress,
|
|
hpnicfAclMACDestMacWild
|
|
MacAddress,
|
|
hpnicfAclMACLsapCode
|
|
OCTET STRING,
|
|
hpnicfAclMACLsapMask
|
|
OCTET STRING,
|
|
hpnicfAclMACCos
|
|
Integer32,
|
|
hpnicfAclMACTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclMACCount
|
|
Unsigned32,
|
|
hpnicfAclMACCountClear
|
|
CounterClear,
|
|
hpnicfAclMACEnable
|
|
TruthValue,
|
|
hpnicfAclMACComment
|
|
OCTET STRING,
|
|
hpnicfAclMACLog
|
|
TruthValue,
|
|
hpnicfAclMACCounting
|
|
TruthValue
|
|
}
|
|
|
|
hpnicfAclMACRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule index of MAC-based acl group."
|
|
::= { hpnicfAclMACEntry 1 }
|
|
|
|
hpnicfAclMACRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclMACEntry 2 }
|
|
|
|
hpnicfAclMACAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of MAC acl rule."
|
|
::= { hpnicfAclMACEntry 3 }
|
|
|
|
hpnicfAclMACTypeCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of protocol."
|
|
REFERENCE
|
|
"rfc894, rfc1010."
|
|
::= { hpnicfAclMACEntry 4 }
|
|
|
|
hpnicfAclMACTypeMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of protocol."
|
|
::= { hpnicfAclMACEntry 5 }
|
|
|
|
hpnicfAclMACSrcMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC of MAC acl rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclMACEntry 6 }
|
|
|
|
hpnicfAclMACSrcMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC wildzard of MAC acl rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclMACEntry 7 }
|
|
|
|
hpnicfAclMACDestMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC of MAC acl rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclMACEntry 8 }
|
|
|
|
hpnicfAclMACDestMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC wildzard of MAC acl rule.
|
|
Default value is '00:00:00:00:00:00'
|
|
"
|
|
::= { hpnicfAclMACEntry 9 }
|
|
|
|
hpnicfAclMACLsapCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of LSAP."
|
|
REFERENCE
|
|
"ANSI/IEEE Std 802.3"
|
|
::= { hpnicfAclMACEntry 10 }
|
|
|
|
hpnicfAclMACLsapMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of LSAP."
|
|
::= { hpnicfAclMACEntry 11 }
|
|
|
|
hpnicfAclMACCos OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan priority of MAC acl rule."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclMACEntry 12 }
|
|
|
|
hpnicfAclMACTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of MAC acl rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclMACEntry 13 }
|
|
|
|
hpnicfAclMACCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched frames by the rule."
|
|
::= { hpnicfAclMACEntry 14 }
|
|
|
|
hpnicfAclMACCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclMACEntry 15 }
|
|
|
|
hpnicfAclMACEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclMACEntry 16 }
|
|
|
|
hpnicfAclMACComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclMACEntry 17 }
|
|
|
|
hpnicfAclMACLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclMACEntry 18 }
|
|
|
|
hpnicfAclMACCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclMACEntry 19 }
|
|
|
|
--
|
|
-- Nodes of named MAC ACL group
|
|
--
|
|
hpnicfAclNamedMACTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNamedMACEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of named MAC ACL rule.
|
|
The name of ACL group will be used as an index in this table,
|
|
which differs from the table hpnicfAclMACTable.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed or applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclMACAclGroup 2 }
|
|
|
|
hpnicfAclNamedMACEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNamedMACEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC acl group information."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNamedGroupName,
|
|
hpnicfAclMACRuleIndex
|
|
}
|
|
::= { hpnicfAclNamedMACTable 1 }
|
|
|
|
HpnicfAclNamedMACEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclNamedMACRowStatus
|
|
RowStatus,
|
|
hpnicfAclNamedMACAct
|
|
RuleAction,
|
|
hpnicfAclNamedMACTypeCode
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACTypeMask
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACSrcMac
|
|
MacAddress,
|
|
hpnicfAclNamedMACSrcMacWild
|
|
MacAddress,
|
|
hpnicfAclNamedMACDstMac
|
|
MacAddress,
|
|
hpnicfAclNamedMACDstMacWild
|
|
MacAddress,
|
|
hpnicfAclNamedMACLsapCode
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACLsapMask
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACCos
|
|
Integer32,
|
|
hpnicfAclNamedMACTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACCount
|
|
Unsigned32,
|
|
hpnicfAclNamedMACCountClear
|
|
CounterClear,
|
|
hpnicfAclNamedMACEnable
|
|
TruthValue,
|
|
hpnicfAclNamedMACComment
|
|
OCTET STRING,
|
|
hpnicfAclNamedMACLog
|
|
TruthValue,
|
|
hpnicfAclNamedMACCounting
|
|
TruthValue
|
|
}
|
|
|
|
hpnicfAclNamedMACRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclNamedMACEntry 1 }
|
|
|
|
hpnicfAclNamedMACAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of MAC ACL rule."
|
|
::= { hpnicfAclNamedMACEntry 2 }
|
|
|
|
hpnicfAclNamedMACTypeCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of protocol."
|
|
REFERENCE
|
|
"rfc894, rfc1010."
|
|
::= { hpnicfAclNamedMACEntry 3 }
|
|
|
|
hpnicfAclNamedMACTypeMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of protocol."
|
|
::= { hpnicfAclNamedMACEntry 4 }
|
|
|
|
hpnicfAclNamedMACSrcMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC of MAC ACL rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 5 }
|
|
|
|
hpnicfAclNamedMACSrcMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC wildcard of MAC ACL rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 6 }
|
|
|
|
hpnicfAclNamedMACDstMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC of MAC ACL rule.
|
|
Default value is '00:00:00:00:00:00'.
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 7 }
|
|
|
|
hpnicfAclNamedMACDstMacWild OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC wildcard of MAC ACL rule.
|
|
Default value is '00:00:00:00:00:00'
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 8 }
|
|
|
|
hpnicfAclNamedMACLsapCode OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of LSAP."
|
|
REFERENCE
|
|
"ANSI/IEEE Std 802.3"
|
|
::= { hpnicfAclNamedMACEntry 9 }
|
|
|
|
hpnicfAclNamedMACLsapMask OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask of LSAP."
|
|
::= { hpnicfAclNamedMACEntry 10 }
|
|
|
|
hpnicfAclNamedMACCos OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan priority of MAC ACL rule."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclNamedMACEntry 11 }
|
|
|
|
hpnicfAclNamedMACTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time-range of MAC ACL rule.
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 12 }
|
|
|
|
hpnicfAclNamedMACCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched frames by the rule."
|
|
::= { hpnicfAclNamedMACEntry 13 }
|
|
|
|
hpnicfAclNamedMACCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfAclNamedMACEntry 14 }
|
|
|
|
hpnicfAclNamedMACEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedMACEntry 15 }
|
|
|
|
hpnicfAclNamedMACComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclNamedMACEntry 16 }
|
|
|
|
hpnicfAclNamedMACLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedMACEntry 17 }
|
|
|
|
hpnicfAclNamedMACCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedMACEntry 18 }
|
|
|
|
--
|
|
-- Node of hpnicfAclEnUserGroup
|
|
--
|
|
hpnicfAclEnUserAclGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 4 }
|
|
--
|
|
-- Nodes of hpnicfAclEnUserTable
|
|
--
|
|
hpnicfAclEnUserTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclEnUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of user acl group information.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed and applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclEnUserAclGroup 3 }
|
|
|
|
hpnicfAclEnUserEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclEnUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User defined acl group entry."
|
|
INDEX { hpnicfAclNumberGroupType,
|
|
hpnicfAclNumberGroupIndex,
|
|
hpnicfAclEnUserRuleIndex }
|
|
::= { hpnicfAclEnUserTable 1 }
|
|
|
|
HpnicfAclEnUserEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclEnUserRuleIndex
|
|
Integer32,
|
|
hpnicfAclEnUserRowStatus
|
|
RowStatus,
|
|
hpnicfAclEnUserAct
|
|
RuleAction,
|
|
hpnicfAclEnUserStartString
|
|
OCTET STRING,
|
|
hpnicfAclEnUserL2String
|
|
OCTET STRING,
|
|
hpnicfAclEnUserMplsString
|
|
OCTET STRING,
|
|
hpnicfAclEnUserIPv4String
|
|
OCTET STRING,
|
|
hpnicfAclEnUserIPv6String
|
|
OCTET STRING,
|
|
hpnicfAclEnUserL4String
|
|
OCTET STRING,
|
|
hpnicfAclEnUserL5String
|
|
OCTET STRING,
|
|
hpnicfAclEnUserTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclEnUserCount
|
|
Unsigned32,
|
|
hpnicfAclEnUserCountClear
|
|
CounterClear,
|
|
hpnicfAclEnUserEnable
|
|
TruthValue,
|
|
hpnicfAclEnUserComment
|
|
OCTET STRING,
|
|
hpnicfAclEnUserLog
|
|
TruthValue,
|
|
hpnicfAclEnUserCounting
|
|
TruthValue
|
|
}
|
|
|
|
hpnicfAclEnUserRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The subitem of the user acl."
|
|
::= { hpnicfAclEnUserEntry 1 }
|
|
|
|
hpnicfAclEnUserRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclEnUserEntry 2 }
|
|
|
|
hpnicfAclEnUserAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of user defined acl rule."
|
|
::= { hpnicfAclEnUserEntry 3 }
|
|
|
|
hpnicfAclEnUserStartString OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value of this object is defined by product and
|
|
it indicates the offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: 10,10af,ffff.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 4 }
|
|
|
|
hpnicfAclEnUserL2String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 2 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 5 }
|
|
|
|
hpnicfAclEnUserMplsString OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching mpls packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 6 }
|
|
|
|
hpnicfAclEnUserIPv4String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching IPv4 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 7 }
|
|
|
|
hpnicfAclEnUserIPv6String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching IPv6 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 8 }
|
|
|
|
hpnicfAclEnUserL4String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 4 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 9 }
|
|
|
|
hpnicfAclEnUserL5String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 5 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 10 }
|
|
|
|
hpnicfAclEnUserTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of user acl rule.
|
|
Default value is zero-length."
|
|
::= { hpnicfAclEnUserEntry 11 }
|
|
|
|
hpnicfAclEnUserCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by the rule."
|
|
::= { hpnicfAclEnUserEntry 12 }
|
|
|
|
hpnicfAclEnUserCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
::= { hpnicfAclEnUserEntry 13 }
|
|
|
|
hpnicfAclEnUserEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclEnUserEntry 14 }
|
|
|
|
hpnicfAclEnUserComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclEnUserEntry 15 }
|
|
|
|
hpnicfAclEnUserLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclEnUserEntry 16 }
|
|
|
|
hpnicfAclEnUserCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclEnUserEntry 17 }
|
|
|
|
--
|
|
-- Nodes of hpnicfAclNamedUserTable
|
|
--
|
|
hpnicfAclNamedUserTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclNamedUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of named user acl rule.
|
|
The name of ACL group will be used as an index in this table,
|
|
which differs from the table hpnicfAclEnUserTable.
|
|
If some objects of this table are not supported by some products,
|
|
these objects can't be created, changed and applied.
|
|
Default value of these objects will be returned when they are read.
|
|
"
|
|
::= { hpnicfAclEnUserAclGroup 4 }
|
|
|
|
hpnicfAclNamedUserEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclNamedUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User defined acl group entry."
|
|
INDEX
|
|
{
|
|
hpnicfAclNumberGroupType,
|
|
hpnicfAclNamedGroupName,
|
|
hpnicfAclEnUserRuleIndex
|
|
}
|
|
::= { hpnicfAclNamedUserTable 1 }
|
|
|
|
HpnicfAclNamedUserEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclNamedUserRowStatus
|
|
RowStatus,
|
|
hpnicfAclNamedUserAct
|
|
RuleAction,
|
|
hpnicfAclNamedUserStartString
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserL2String
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserMplsString
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserIPv4String
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserIPv6String
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserL4String
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserL5String
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserTimeRangeName
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserCount
|
|
Unsigned32,
|
|
hpnicfAclNamedUserCountClear
|
|
CounterClear,
|
|
hpnicfAclNamedUserEnable
|
|
TruthValue,
|
|
hpnicfAclNamedUserComment
|
|
OCTET STRING,
|
|
hpnicfAclNamedUserLog
|
|
TruthValue,
|
|
hpnicfAclNamedUserCounting
|
|
TruthValue
|
|
}
|
|
|
|
hpnicfAclNamedUserRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclNamedUserEntry 1 }
|
|
|
|
hpnicfAclNamedUserAct OBJECT-TYPE
|
|
SYNTAX RuleAction
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action of user defined acl rule."
|
|
::= { hpnicfAclNamedUserEntry 2 }
|
|
|
|
hpnicfAclNamedUserStartString OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value of this object is defined by product and
|
|
it indicates the offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: 10,10af,ffff.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 3 }
|
|
|
|
hpnicfAclNamedUserL2String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 2 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 4 }
|
|
|
|
hpnicfAclNamedUserMplsString OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching mpls packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 5 }
|
|
|
|
hpnicfAclNamedUserIPv4String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching IPv4 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 6 }
|
|
|
|
hpnicfAclNamedUserIPv6String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching IPv6 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 7 }
|
|
|
|
hpnicfAclNamedUserL4String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 4 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 8 }
|
|
|
|
hpnicfAclNamedUserL5String OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule, matching layer 5 packets, input like this:
|
|
'RuleOffset','RuleString','RuleMask'.
|
|
|
|
RuleOffset: The value is defined by product and
|
|
it indicates offset of the rule mask in the packet(unit: byte).
|
|
|
|
RuleString: The length of RuleString is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
RuleMask: The length of RuleMask is defined by product.
|
|
The string must be hexadecimal.
|
|
The length of string must be multiple of 2.
|
|
|
|
For example: '10','10af','ffff'.
|
|
|
|
Default value is zero-length.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 9 }
|
|
|
|
hpnicfAclNamedUserTimeRangeName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..32))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Time-range of user acl rule.
|
|
Default value is zero-length."
|
|
::= { hpnicfAclNamedUserEntry 10 }
|
|
|
|
hpnicfAclNamedUserCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of matched by the rule."
|
|
::= { hpnicfAclNamedUserEntry 11 }
|
|
|
|
hpnicfAclNamedUserCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reset the value of counter."
|
|
::= { hpnicfAclNamedUserEntry 12 }
|
|
|
|
hpnicfAclNamedUserEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rule is active or not.
|
|
true : active
|
|
false : inactive
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedUserEntry 13 }
|
|
|
|
hpnicfAclNamedUserComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..127))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of ACL rule.
|
|
Default value is Zero-length String.
|
|
"
|
|
::= { hpnicfAclNamedUserEntry 14 }
|
|
|
|
hpnicfAclNamedUserLog OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be logged when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedUserEntry 15 }
|
|
|
|
hpnicfAclNamedUserCounting OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The packet will be counted when it matches the rule.
|
|
It is disabled by default.
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfAclNamedUserEntry 16 }
|
|
|
|
--
|
|
-- Node of hpnicfAclResourceGroup
|
|
--
|
|
hpnicfAclResourceGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 5 }
|
|
--
|
|
-- Nodes of hpnicfAclResourceUsageTable
|
|
--
|
|
hpnicfAclResourceUsageTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclResourceUsageEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table shows ACL resource usage information. Support for
|
|
resource types that are denoted by hpnicfAclResourceType object
|
|
varies with products. If a type is not supported, the
|
|
corresponding row for the type will not be instantiated
|
|
in this table.
|
|
"
|
|
::= { hpnicfAclResourceGroup 1 }
|
|
|
|
hpnicfAclResourceUsageEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclResourceUsageEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each row contains a brief description of the resource type,
|
|
a port range associated with the chip, total, reserved, and
|
|
configured amount of resource of this type, the percent of
|
|
resource that has been allocated, and so on.
|
|
"
|
|
INDEX
|
|
{
|
|
hpnicfAclResourceChassis,
|
|
hpnicfAclResourceSlot,
|
|
hpnicfAclResourceChip,
|
|
hpnicfAclResourceType
|
|
}
|
|
::= { hpnicfAclResourceUsageTable 1 }
|
|
|
|
HpnicfAclResourceUsageEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclResourceChassis
|
|
Unsigned32,
|
|
hpnicfAclResourceSlot
|
|
Unsigned32,
|
|
hpnicfAclResourceChip
|
|
Unsigned32,
|
|
hpnicfAclResourceType
|
|
Integer32,
|
|
hpnicfAclPortRange
|
|
OCTET STRING,
|
|
hpnicfAclResourceTotal
|
|
Unsigned32,
|
|
hpnicfAclResourceReserved
|
|
Unsigned32,
|
|
hpnicfAclResourceConfigured
|
|
Unsigned32,
|
|
hpnicfAclResourceUsagePercent
|
|
Unsigned32,
|
|
hpnicfAclResourceTypeDescription
|
|
OCTET STRING
|
|
}
|
|
|
|
hpnicfAclResourceChassis OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The chassis number. On a centralized or distributed device,
|
|
the value for this node is always zero.
|
|
"
|
|
::= { hpnicfAclResourceUsageEntry 1 }
|
|
|
|
hpnicfAclResourceSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The slot number. On a centralized device, the value for
|
|
this node is always zero."
|
|
::= { hpnicfAclResourceUsageEntry 2 }
|
|
|
|
hpnicfAclResourceChip OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The chip number. On a single chip device, the value for
|
|
this node is always zero."
|
|
::= { hpnicfAclResourceUsageEntry 3 }
|
|
|
|
hpnicfAclResourceType OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The resource type."
|
|
::= { hpnicfAclResourceUsageEntry 4 }
|
|
|
|
hpnicfAclPortRange OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The port range associated with the chip. Commas are used to
|
|
separate multiple port ranges, for example, Ethernet1/2 to
|
|
Ethernet1/12, Ethernet1/31 to Ethernet1/48.
|
|
"
|
|
::= { hpnicfAclResourceUsageEntry 5 }
|
|
|
|
hpnicfAclResourceTotal OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Total TCAM entries of the resource type."
|
|
::= { hpnicfAclResourceUsageEntry 6 }
|
|
|
|
hpnicfAclResourceReserved OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The amount of reserved TCAM entries of the resource type."
|
|
::= { hpnicfAclResourceUsageEntry 7 }
|
|
|
|
hpnicfAclResourceConfigured OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The amount of configured TCAM entries of the resource type."
|
|
::= { hpnicfAclResourceUsageEntry 8 }
|
|
|
|
hpnicfAclResourceUsagePercent OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The percent of TCAM entries that have been used for
|
|
this resource type.
|
|
"
|
|
::= { hpnicfAclResourceUsageEntry 9 }
|
|
|
|
hpnicfAclResourceTypeDescription OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..31))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The description of this resource type."
|
|
::= { hpnicfAclResourceUsageEntry 10 }
|
|
|
|
--
|
|
-- Node of hpnicfAclIntervalGroup
|
|
--
|
|
hpnicfAclIntervalGroup OBJECT IDENTIFIER ::= { hpnicfAclMib2Objects 6 }
|
|
--
|
|
-- Nodes of hpnicfAclIntervalTable
|
|
--
|
|
hpnicfAclIntervalTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfAclIntervalEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Log interval table."
|
|
::= { hpnicfAclIntervalGroup 1 }
|
|
|
|
hpnicfAclIntervalEntry OBJECT-TYPE
|
|
SYNTAX HpnicfAclIntervalEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Log interval entry."
|
|
INDEX
|
|
{
|
|
hpnicfAclIntervalType
|
|
}
|
|
::= { hpnicfAclIntervalTable 1 }
|
|
|
|
HpnicfAclIntervalEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfAclIntervalType
|
|
INTEGER,
|
|
hpnicfAclIntervalValue
|
|
Integer32,
|
|
hpnicfAclIntervalRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfAclIntervalType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
logging(1),
|
|
trap(2)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The types of the interval specified for generating
|
|
packet filtering logs or traps.
|
|
"
|
|
::= { hpnicfAclIntervalEntry 1 }
|
|
|
|
hpnicfAclIntervalValue OBJECT-TYPE
|
|
SYNTAX Integer32 (5..1440)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of interval.
|
|
It must be a multiple of 5 and in the range of 5 to 1440.
|
|
"
|
|
::= { hpnicfAclIntervalEntry 2 }
|
|
|
|
hpnicfAclIntervalRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfAclIntervalEntry 3 }
|
|
|
|
--
|
|
-- Node of hpnicfAclPacketFilterObjects
|
|
--
|
|
hpnicfAclPacketFilterObjects OBJECT IDENTIFIER ::= { hpnicfAcl 3 }
|
|
|
|
hpnicfPfilterScalarGroup OBJECT IDENTIFIER ::= { hpnicfAclPacketFilterObjects 1 }
|
|
|
|
hpnicfPfilterDefaultAction OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The default action of packet filter.
|
|
By default, the packet filter permits packets that do not match
|
|
any ACL rule to pass.
|
|
"
|
|
::= { hpnicfPfilterScalarGroup 1 }
|
|
|
|
hpnicfPfilterProcessingStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
processing(1),
|
|
done(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object shows the status of the system when applying packet
|
|
filter. It is forbidden to set or read in hpnicfAclPacketFilterObjects
|
|
MIB module when the value is processing.
|
|
"
|
|
::= { hpnicfPfilterScalarGroup 2 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilterApplyTable
|
|
--
|
|
hpnicfPfilterApplyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilterApplyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of packet filter application.
|
|
It's not supported to set default action on an entity,
|
|
but supported to enable hardware count of default action
|
|
on an entity.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 2 }
|
|
|
|
hpnicfPfilterApplyEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilterApplyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet filter application information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilterApplyObjType,
|
|
hpnicfPfilterApplyObjIndex,
|
|
hpnicfPfilterApplyDirection,
|
|
hpnicfPfilterApplyAclType,
|
|
hpnicfPfilterApplyAclIndex
|
|
}
|
|
::= { hpnicfPfilterApplyTable 1 }
|
|
|
|
HpnicfPfilterApplyEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilterApplyObjType
|
|
INTEGER,
|
|
hpnicfPfilterApplyObjIndex
|
|
Integer32,
|
|
hpnicfPfilterApplyDirection
|
|
DirectionType,
|
|
hpnicfPfilterApplyAclType
|
|
INTEGER,
|
|
hpnicfPfilterApplyAclIndex
|
|
Integer32,
|
|
hpnicfPfilterApplyHardCount
|
|
TruthValue,
|
|
hpnicfPfilterApplySequence
|
|
Unsigned32,
|
|
hpnicfPfilterApplyCountClear
|
|
CounterClear,
|
|
hpnicfPfilterApplyRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfPfilterApplyObjType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
interface(1),
|
|
vlan(2),
|
|
global(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object type of packet filter application.
|
|
interface: Apply an ACL to the interface to filter packets.
|
|
vlan: Apply an ACL to the VLAN to filter packets.
|
|
global: Apply an ACL globally to filter packets.
|
|
"
|
|
::= { hpnicfPfilterApplyEntry 1 }
|
|
|
|
hpnicfPfilterApplyObjIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object ID of packet filter application.
|
|
Interface: interface index, equal to ifIndex
|
|
VLAN: VLAN ID, 1..4094
|
|
Global: 0
|
|
"
|
|
::= { hpnicfPfilterApplyEntry 2 }
|
|
|
|
hpnicfPfilterApplyDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of packet filter application."
|
|
::= { hpnicfPfilterApplyEntry 3 }
|
|
|
|
hpnicfPfilterApplyAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
default(3),
|
|
mac(4),
|
|
user(5)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL Type: IPv4, IPv6, default action, MAC, and user.
|
|
Take default action as a special ACL group.
|
|
"
|
|
::= { hpnicfPfilterApplyEntry 4 }
|
|
|
|
hpnicfPfilterApplyAclIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0|2000..5999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL group index.
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
Default action type: 0
|
|
"
|
|
::= { hpnicfPfilterApplyEntry 5 }
|
|
|
|
hpnicfPfilterApplyHardCount OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hardware count flag.
|
|
true: enable hardware count
|
|
false: disable hardware count
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfPfilterApplyEntry 6 }
|
|
|
|
hpnicfPfilterApplySequence OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The configure sequence of packet filter application."
|
|
::= { hpnicfPfilterApplyEntry 7 }
|
|
|
|
hpnicfPfilterApplyCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Clear the value of counters."
|
|
::= { hpnicfPfilterApplyEntry 8 }
|
|
|
|
hpnicfPfilterApplyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfPfilterApplyEntry 9 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilterAclGroupRunInfoTable
|
|
--
|
|
hpnicfPfilterAclGroupRunInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilterAclGroupRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of group running information of ACLs
|
|
for packet filtering. If hardware count function is not
|
|
supported or not enabled to the packet filter application, the
|
|
statistics entry will be zero.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 3 }
|
|
|
|
hpnicfPfilterAclGroupRunInfoEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilterAclGroupRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL group running information entry for packet filtering."
|
|
INDEX
|
|
{
|
|
hpnicfPfilterRunApplyObjType,
|
|
hpnicfPfilterRunApplyObjIndex,
|
|
hpnicfPfilterRunApplyDirection,
|
|
hpnicfPfilterRunApplyAclType,
|
|
hpnicfPfilterRunApplyAclIndex
|
|
}
|
|
::= { hpnicfPfilterAclGroupRunInfoTable 1 }
|
|
|
|
HpnicfPfilterAclGroupRunInfoEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilterRunApplyObjType
|
|
INTEGER,
|
|
hpnicfPfilterRunApplyObjIndex
|
|
Integer32,
|
|
hpnicfPfilterRunApplyDirection
|
|
DirectionType,
|
|
hpnicfPfilterRunApplyAclType
|
|
INTEGER,
|
|
hpnicfPfilterRunApplyAclIndex
|
|
Integer32,
|
|
hpnicfPfilterAclGroupStatus
|
|
INTEGER,
|
|
hpnicfPfilterAclGroupCountStatus
|
|
INTEGER,
|
|
hpnicfPfilterAclGroupPermitPkts
|
|
Counter64,
|
|
hpnicfPfilterAclGroupPermitBytes
|
|
Counter64,
|
|
hpnicfPfilterAclGroupDenyPkts
|
|
Counter64,
|
|
hpnicfPfilterAclGroupDenyBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilterRunApplyObjType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
interface(1),
|
|
vlan(2),
|
|
global(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object type of packet filter application.
|
|
interface: Apply an ACL to the interface to filter packets.
|
|
vlan: Apply an ACL to the VLAN to filter packets.
|
|
global: Apply an ACL globally to filter packets.
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 1 }
|
|
|
|
hpnicfPfilterRunApplyObjIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object ID of packet filter application.
|
|
Interface: interface index, equal to ifIndex
|
|
VLAN: VLAN ID, 1..4094
|
|
Global: 0
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 2 }
|
|
|
|
hpnicfPfilterRunApplyDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of packet filter application."
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 3 }
|
|
|
|
hpnicfPfilterRunApplyAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
default(3),
|
|
mac(4),
|
|
user(5)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL Type: IPv4, IPv6, default action, MAC, and user.
|
|
Take default action as a special ACL group.
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 4 }
|
|
|
|
hpnicfPfilterRunApplyAclIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..3|2000..5999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL group index.
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
MAC default action: 1
|
|
IPv4 default action: 2
|
|
IPv6 default action: 3
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 5 }
|
|
|
|
hpnicfPfilterAclGroupStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of ACL group applied.
|
|
success: ACL applied successfully on all slots
|
|
failed: failed to apply ACL on all slots
|
|
partialSuccess: failed to apply ACL on some slots
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 6 }
|
|
|
|
hpnicfPfilterAclGroupCountStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of enabling hardware count. If hardware count is
|
|
not enabled, it returns success.
|
|
success: enable hardware count successfully on all slots
|
|
failed: failed to enable hardware count on all slots
|
|
partialSuccess: failed to enable hardware count on some slots
|
|
"
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 7 }
|
|
|
|
hpnicfPfilterAclGroupPermitPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets permitted."
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 8 }
|
|
|
|
hpnicfPfilterAclGroupPermitBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes permitted."
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 9 }
|
|
|
|
hpnicfPfilterAclGroupDenyPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets denied."
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 10 }
|
|
|
|
hpnicfPfilterAclGroupDenyBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes denied."
|
|
::= { hpnicfPfilterAclGroupRunInfoEntry 11 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilterAclRuleRunInfoTable
|
|
--
|
|
hpnicfPfilterAclRuleRunInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilterAclRuleRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of rule's running information of ACLs
|
|
for packet filtering. If hardware count function is not
|
|
supported or not enabled to the packet filter application, the
|
|
hpnicfPfilterAclRuleMatchPackets and hpnicfPfilterAclRuleMatchBytes
|
|
will be zero.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 4 }
|
|
|
|
hpnicfPfilterAclRuleRunInfoEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilterAclRuleRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule's running information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilterRunApplyObjType,
|
|
hpnicfPfilterRunApplyObjIndex,
|
|
hpnicfPfilterRunApplyDirection,
|
|
hpnicfPfilterRunApplyAclType,
|
|
hpnicfPfilterRunApplyAclIndex,
|
|
hpnicfPfilterAclRuleIndex
|
|
}
|
|
::= { hpnicfPfilterAclRuleRunInfoTable 1 }
|
|
|
|
HpnicfPfilterAclRuleRunInfoEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilterAclRuleIndex
|
|
Integer32,
|
|
hpnicfPfilterAclRuleStatus
|
|
INTEGER,
|
|
hpnicfPfilterAclRuleCountStatus
|
|
INTEGER,
|
|
hpnicfPfilterAclRuleMatchPackets
|
|
Counter64,
|
|
hpnicfPfilterAclRuleMatchBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilterAclRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL rule index."
|
|
::= { hpnicfPfilterAclRuleRunInfoEntry 1 }
|
|
|
|
hpnicfPfilterAclRuleStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of rule application.
|
|
success: rule applied successfully on all slots
|
|
failed: failed to apply rule on all slots
|
|
partialSuccess: failed to apply rule on some slots
|
|
"
|
|
::= { hpnicfPfilterAclRuleRunInfoEntry 2 }
|
|
|
|
hpnicfPfilterAclRuleCountStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of enabling rule's hardware count.
|
|
If hardware count is not enabled, it returns success.
|
|
success: enable hardware count successfully on all slots
|
|
failed: failed to enable hardware count on all slots
|
|
partialSuccess: failed to enable hardware count on some slots
|
|
"
|
|
::= { hpnicfPfilterAclRuleRunInfoEntry 3 }
|
|
|
|
hpnicfPfilterAclRuleMatchPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets matched."
|
|
::= { hpnicfPfilterAclRuleRunInfoEntry 4 }
|
|
|
|
hpnicfPfilterAclRuleMatchBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes matched."
|
|
::= { hpnicfPfilterAclRuleRunInfoEntry 5 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilterStatisticSumTable
|
|
--
|
|
hpnicfPfilterStatisticSumTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilterStatisticSumEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of ACL rule's sum statistics information,
|
|
accumulated by all entity application on all slots.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 5 }
|
|
|
|
hpnicfPfilterStatisticSumEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilterStatisticSumEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule's sum statistics information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilterSumDirection,
|
|
hpnicfPfilterSumAclType,
|
|
hpnicfPfilterSumAclIndex,
|
|
hpnicfPfilterSumRuleIndex
|
|
}
|
|
::= { hpnicfPfilterStatisticSumTable 1 }
|
|
|
|
HpnicfPfilterStatisticSumEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilterSumDirection
|
|
DirectionType,
|
|
hpnicfPfilterSumAclType
|
|
INTEGER,
|
|
hpnicfPfilterSumAclIndex
|
|
Integer32,
|
|
hpnicfPfilterSumRuleIndex
|
|
Integer32,
|
|
hpnicfPfilterSumRuleMatchPackets
|
|
Counter64,
|
|
hpnicfPfilterSumRuleMatchBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilterSumDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of application."
|
|
::= { hpnicfPfilterStatisticSumEntry 1 }
|
|
|
|
hpnicfPfilterSumAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
mac(3),
|
|
user(4)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL type: IPv4, IPv6, MAC, and user."
|
|
::= { hpnicfPfilterStatisticSumEntry 2 }
|
|
|
|
hpnicfPfilterSumAclIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (2000..5999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL group index.
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
"
|
|
::= { hpnicfPfilterStatisticSumEntry 3 }
|
|
|
|
hpnicfPfilterSumRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL rule index."
|
|
::= { hpnicfPfilterStatisticSumEntry 4 }
|
|
|
|
hpnicfPfilterSumRuleMatchPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sum number of packets matched the ACL rule."
|
|
::= { hpnicfPfilterStatisticSumEntry 5 }
|
|
|
|
hpnicfPfilterSumRuleMatchBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sum number of bytes matched the ACL rule."
|
|
::= { hpnicfPfilterStatisticSumEntry 6 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilter2ApplyTable
|
|
--
|
|
hpnicfPfilter2ApplyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilter2ApplyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of packet filter application.
|
|
It's not supported to set default action on an entity,
|
|
but supported to enable hardware count of default action
|
|
on an entity.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 6 }
|
|
|
|
hpnicfPfilter2ApplyEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilter2ApplyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Packet filter application information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilter2ApplyObjType,
|
|
hpnicfPfilter2ApplyObjIndex,
|
|
hpnicfPfilter2ApplyDirection,
|
|
hpnicfPfilter2ApplyAclType,
|
|
hpnicfPfilter2ApplyAclIndex
|
|
}
|
|
::= { hpnicfPfilter2ApplyTable 1 }
|
|
|
|
HpnicfPfilter2ApplyEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilter2ApplyObjType
|
|
INTEGER,
|
|
hpnicfPfilter2ApplyObjIndex
|
|
Integer32,
|
|
hpnicfPfilter2ApplyDirection
|
|
DirectionType,
|
|
hpnicfPfilter2ApplyAclType
|
|
INTEGER,
|
|
hpnicfPfilter2ApplyAclIndex
|
|
OCTET STRING,
|
|
hpnicfPfilter2ApplyHardCount
|
|
TruthValue,
|
|
hpnicfPfilter2ApplySequence
|
|
Unsigned32,
|
|
hpnicfPfilter2ApplyCountClear
|
|
CounterClear,
|
|
hpnicfPfilter2ApplyRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hpnicfPfilter2ApplyObjType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
interface(1),
|
|
vlan(2),
|
|
global(3)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object type of packet filter application.
|
|
interface: Apply an ACL to the interface to filter packets.
|
|
vlan: Apply an ACL to the VLAN to filter packets.
|
|
global: Apply an ACL globally to filter packets.
|
|
"
|
|
::= { hpnicfPfilter2ApplyEntry 1 }
|
|
|
|
hpnicfPfilter2ApplyObjIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object ID of packet filter application.
|
|
Interface: interface index, equal to ifIndex
|
|
VLAN: VLAN ID, 1..4094
|
|
Global: 0
|
|
"
|
|
::= { hpnicfPfilter2ApplyEntry 2 }
|
|
|
|
hpnicfPfilter2ApplyDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of packet filter application."
|
|
::= { hpnicfPfilter2ApplyEntry 3 }
|
|
|
|
hpnicfPfilter2ApplyAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
default(3),
|
|
mac(4),
|
|
user(5)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL Type: IPv4, IPv6, default action, MAC, and user.
|
|
Take default action as a special ACL group.
|
|
"
|
|
::= { hpnicfPfilter2ApplyEntry 4 }
|
|
|
|
hpnicfPfilter2ApplyAclIndex OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..63))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of ACL group used by packet-filter.
|
|
If the specified string comprises only digits, it is converted
|
|
into a numerical sequence in decimal notation, and regarded as
|
|
an ACL group index or a default action. If the string is a
|
|
character string beginning with an English letter, it is
|
|
regarded as an ACL group name.
|
|
|
|
Group index range and default action:
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
Default action type: 0
|
|
"
|
|
::= { hpnicfPfilter2ApplyEntry 5 }
|
|
|
|
hpnicfPfilter2ApplyHardCount OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hardware count flag.
|
|
true: enable hardware count
|
|
false: disable hardware count
|
|
"
|
|
DEFVAL { false }
|
|
::= { hpnicfPfilter2ApplyEntry 6 }
|
|
|
|
hpnicfPfilter2ApplySequence OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The configure sequence of packet filter application."
|
|
::= { hpnicfPfilter2ApplyEntry 7 }
|
|
|
|
hpnicfPfilter2ApplyCountClear OBJECT-TYPE
|
|
SYNTAX CounterClear
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Clear the value of counters."
|
|
DEFVAL { nouse }
|
|
::= { hpnicfPfilter2ApplyEntry 8 }
|
|
|
|
hpnicfPfilter2ApplyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RowStatus."
|
|
::= { hpnicfPfilter2ApplyEntry 9 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilter2AclGroupRunInfoTable
|
|
--
|
|
hpnicfPfilter2AclGroupRunInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilter2AclGroupRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of group running information of ACLs
|
|
for packet filtering. If hardware count function is not
|
|
supported or not enabled to the packet filter application, the
|
|
statistics entry will be zero.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 7 }
|
|
|
|
hpnicfPfilter2AclGroupRunInfoEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilter2AclGroupRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL group running information entry for packet filtering."
|
|
INDEX
|
|
{
|
|
hpnicfPfilter2RunApplyObjType,
|
|
hpnicfPfilter2RunApplyObjIndex,
|
|
hpnicfPfilter2RunApplyDirection,
|
|
hpnicfPfilter2RunApplyAclType,
|
|
hpnicfPfilter2RunApplyAclIndex
|
|
}
|
|
::= { hpnicfPfilter2AclGroupRunInfoTable 1 }
|
|
|
|
HpnicfPfilter2AclGroupRunInfoEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilter2RunApplyObjType
|
|
INTEGER,
|
|
hpnicfPfilter2RunApplyObjIndex
|
|
Integer32,
|
|
hpnicfPfilter2RunApplyDirection
|
|
DirectionType,
|
|
hpnicfPfilter2RunApplyAclType
|
|
INTEGER,
|
|
hpnicfPfilter2RunApplyAclIndex
|
|
OCTET STRING,
|
|
hpnicfPfilter2AclGroupStatus
|
|
INTEGER,
|
|
hpnicfPfilter2AclGroupCountStatus
|
|
INTEGER,
|
|
hpnicfPfilter2AclGroupPermitPkts
|
|
Counter64,
|
|
hpnicfPfilter2AclGroupPermitBytes
|
|
Counter64,
|
|
hpnicfPfilter2AclGroupDenyPkts
|
|
Counter64,
|
|
hpnicfPfilter2AclGroupDenyBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilter2RunApplyObjType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
interface(1),
|
|
vlan(2),
|
|
global(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object type of packet filter application.
|
|
interface: Apply an ACL to the interface to filter packets.
|
|
vlan: Apply an ACL to the VLAN to filter packets.
|
|
global: Apply an ACL globally to filter packets.
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 1 }
|
|
|
|
hpnicfPfilter2RunApplyObjIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object ID of packet filter application.
|
|
Interface: interface index, equal to ifIndex
|
|
VLAN: VLAN ID, 1..4094
|
|
Global: 0
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 2 }
|
|
|
|
hpnicfPfilter2RunApplyDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of packet filter application."
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 3 }
|
|
|
|
hpnicfPfilter2RunApplyAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
default(3),
|
|
mac(4),
|
|
user(5)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL Type: IPv4, IPv6, default action, MAC, and user.
|
|
Take default action as a special ACL group.
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 4 }
|
|
|
|
hpnicfPfilter2RunApplyAclIndex OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..63))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of ACL group used by packet-filter.
|
|
If the specified string comprises only digits, it is converted
|
|
into a numerical sequence in decimal notation, and regarded as
|
|
an ACL group index or a default action. If the string is a
|
|
character string beginning with an English letter, it is
|
|
regarded as an ACL group name.
|
|
|
|
Group index range and default action:
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
MAC default action: 1
|
|
IPv4 default action: 2
|
|
IPv6 default action: 3
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 5 }
|
|
|
|
hpnicfPfilter2AclGroupStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of ACL group applied.
|
|
success: ACL applied successfully on all slots
|
|
failed: failed to apply ACL on all slots
|
|
partialSuccess: failed to apply ACL on some slots
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 6 }
|
|
|
|
hpnicfPfilter2AclGroupCountStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of enabling hardware count. If hardware count is
|
|
not enabled, it returns success.
|
|
success: enable hardware count successfully on all slots
|
|
failed: failed to enable hardware count on all slots
|
|
partialSuccess: failed to enable hardware count on some slots
|
|
"
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 7 }
|
|
|
|
hpnicfPfilter2AclGroupPermitPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets permitted."
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 8 }
|
|
|
|
hpnicfPfilter2AclGroupPermitBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes permitted."
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 9 }
|
|
|
|
hpnicfPfilter2AclGroupDenyPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets denied."
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 10 }
|
|
|
|
hpnicfPfilter2AclGroupDenyBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes denied."
|
|
::= { hpnicfPfilter2AclGroupRunInfoEntry 11 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilter2AclRuleRunInfoTable
|
|
--
|
|
hpnicfPfilter2AclRuleRunInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilter2AclRuleRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of rule's running information of ACLs
|
|
for packet filtering. If hardware count function is not
|
|
supported or not enabled to the packet filter application, the
|
|
hpnicfPfilter2AclRuleMatchPackets and hpnicfPfilter2AclRuleMatchBytes
|
|
will be zero.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 8 }
|
|
|
|
hpnicfPfilter2AclRuleRunInfoEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilter2AclRuleRunInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule's running information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilter2RunApplyObjType,
|
|
hpnicfPfilter2RunApplyObjIndex,
|
|
hpnicfPfilter2RunApplyDirection,
|
|
hpnicfPfilter2RunApplyAclType,
|
|
hpnicfPfilter2RunApplyAclIndex,
|
|
hpnicfPfilter2AclRuleIndex
|
|
}
|
|
::= { hpnicfPfilter2AclRuleRunInfoTable 1 }
|
|
|
|
HpnicfPfilter2AclRuleRunInfoEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilter2AclRuleIndex
|
|
Integer32,
|
|
hpnicfPfilter2AclRuleStatus
|
|
INTEGER,
|
|
hpnicfPfilter2AclRuleCountStatus
|
|
INTEGER,
|
|
hpnicfPfilter2AclRuleMatchPackets
|
|
Counter64,
|
|
hpnicfPfilter2AclRuleMatchBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilter2AclRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL rule index."
|
|
::= { hpnicfPfilter2AclRuleRunInfoEntry 1 }
|
|
|
|
hpnicfPfilter2AclRuleStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of rule application.
|
|
success: rule applied successfully on all slots
|
|
failed: failed to apply rule on all slots
|
|
partialSuccess: failed to apply rule on some slots
|
|
"
|
|
::= { hpnicfPfilter2AclRuleRunInfoEntry 2 }
|
|
|
|
hpnicfPfilter2AclRuleCountStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failed(2),
|
|
partialSuccess(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of enabling rule's hardware count.
|
|
If hardware count is not enabled, it returns success.
|
|
success: enable hardware count successfully on all slots
|
|
failed: failed to enable hardware count on all slots
|
|
partialSuccess: failed to enable hardware count on some slots
|
|
"
|
|
::= { hpnicfPfilter2AclRuleRunInfoEntry 3 }
|
|
|
|
hpnicfPfilter2AclRuleMatchPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets matched."
|
|
::= { hpnicfPfilter2AclRuleRunInfoEntry 4 }
|
|
|
|
hpnicfPfilter2AclRuleMatchBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bytes matched."
|
|
::= { hpnicfPfilter2AclRuleRunInfoEntry 5 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPfilter2StatisticSumTable
|
|
--
|
|
hpnicfPfilter2StatisticSumTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HpnicfPfilter2StatisticSumEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of ACL rule's sum statistics information,
|
|
accumulated by all entity application on all slots.
|
|
"
|
|
::= { hpnicfAclPacketFilterObjects 9 }
|
|
|
|
hpnicfPfilter2StatisticSumEntry OBJECT-TYPE
|
|
SYNTAX HpnicfPfilter2StatisticSumEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule's sum statistics information entry."
|
|
INDEX
|
|
{
|
|
hpnicfPfilter2SumDirection,
|
|
hpnicfPfilter2SumAclType,
|
|
hpnicfPfilter2SumAclIndex,
|
|
hpnicfPfilter2SumRuleIndex
|
|
}
|
|
::= { hpnicfPfilter2StatisticSumTable 1 }
|
|
|
|
HpnicfPfilter2StatisticSumEntry ::=
|
|
SEQUENCE
|
|
{
|
|
hpnicfPfilter2SumDirection
|
|
DirectionType,
|
|
hpnicfPfilter2SumAclType
|
|
INTEGER,
|
|
hpnicfPfilter2SumAclIndex
|
|
OCTET STRING,
|
|
hpnicfPfilter2SumRuleIndex
|
|
Integer32,
|
|
hpnicfPfilter2SumRuleMatchPackets
|
|
Counter64,
|
|
hpnicfPfilter2SumRuleMatchBytes
|
|
Counter64
|
|
}
|
|
|
|
hpnicfPfilter2SumDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction of application."
|
|
::= { hpnicfPfilter2StatisticSumEntry 1 }
|
|
|
|
hpnicfPfilter2SumAclType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
ipv4(1),
|
|
ipv6(2),
|
|
mac(3),
|
|
user(4)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL type: IPv4, IPv6, MAC, and user."
|
|
::= { hpnicfPfilter2StatisticSumEntry 2 }
|
|
|
|
hpnicfPfilter2SumAclIndex OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..63))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of ACL group used by packet-filter.
|
|
If the specified string comprises only digits, it is converted
|
|
into a numerical sequence in decimal notation, and regarded as
|
|
an ACL group index. If the string is a character string
|
|
beginning with an English letter, it is regarded as an ACL
|
|
group name.
|
|
|
|
Group index range and default action:
|
|
Basic type: 2000..2999
|
|
Advanced type: 3000..3999
|
|
MAC type: 4000..4999
|
|
User type: 5000..5999
|
|
"
|
|
::= { hpnicfPfilter2StatisticSumEntry 3 }
|
|
|
|
hpnicfPfilter2SumRuleIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ACL rule index."
|
|
::= { hpnicfPfilter2StatisticSumEntry 4 }
|
|
|
|
hpnicfPfilter2SumRuleMatchPackets OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sum number of packets matched the ACL rule."
|
|
::= { hpnicfPfilter2StatisticSumEntry 5 }
|
|
|
|
hpnicfPfilter2SumRuleMatchBytes OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The sum number of bytes matched the ACL rule."
|
|
::= { hpnicfPfilter2StatisticSumEntry 6 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPacketfilterTrapObjects
|
|
--
|
|
|
|
hpnicfAclPacketfilterTrapObjects OBJECT IDENTIFIER ::= { hpnicfAcl 4 }
|
|
|
|
hpnicfPfilterInterface OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface which policy apply."
|
|
::= { hpnicfAclPacketfilterTrapObjects 1 }
|
|
|
|
hpnicfPfilterDirection OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Inbound or outbound."
|
|
::= { hpnicfAclPacketfilterTrapObjects 2 }
|
|
|
|
hpnicfPfilterACLNumber OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL number."
|
|
::= { hpnicfAclPacketfilterTrapObjects 3 }
|
|
|
|
hpnicfPfilterAction OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Permit or deny."
|
|
::= { hpnicfAclPacketfilterTrapObjects 4 }
|
|
|
|
hpnicfMACfilterSourceMac OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC address."
|
|
::= { hpnicfAclPacketfilterTrapObjects 5 }
|
|
|
|
hpnicfMACfilterDestinationMac OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC address."
|
|
::= { hpnicfAclPacketfilterTrapObjects 6 }
|
|
|
|
hpnicfPfilterPacketNumber OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of packets permitted or denied by ACL."
|
|
::= { hpnicfAclPacketfilterTrapObjects 7 }
|
|
|
|
hpnicfPfilterReceiveInterface OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface where packet come from."
|
|
::= { hpnicfAclPacketfilterTrapObjects 8 }
|
|
|
|
hpnicfAclPacketIfName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The name of the interface on which the packet is matched."
|
|
::= { hpnicfAclPacketfilterTrapObjects 9 }
|
|
|
|
hpnicfAclPacketDirection OBJECT-TYPE
|
|
SYNTAX DirectionType
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The direction the packet is going."
|
|
::= { hpnicfAclPacketfilterTrapObjects 10 }
|
|
|
|
hpnicfAclPacketBAGG OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2048)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The bridge-aggregation-interface ID the interface belongs to.
|
|
"
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 11 }
|
|
|
|
hpnicfAclPacketVlanID OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The vlan the interface belongs to."
|
|
::= { hpnicfAclPacketfilterTrapObjects 12 }
|
|
|
|
hpnicfAclPacketSrcIP OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP address of IPv4/IPv6 packet."
|
|
::= { hpnicfAclPacketfilterTrapObjects 13 }
|
|
|
|
hpnicfAclPacketDstIP OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP address of IPv4/IPv6 packet."
|
|
::= { hpnicfAclPacketfilterTrapObjects 14 }
|
|
|
|
hpnicfAclPacketProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol of IPv4/IPv6 packet.
|
|
icmp(1),
|
|
tcp(6),
|
|
udp(17),
|
|
igmp(2),
|
|
gre(47),
|
|
ospf(89),
|
|
ipinip(4),
|
|
icmp6(58),
|
|
ipv6_ah(51),
|
|
ipv6_esp(50)
|
|
"
|
|
::= { hpnicfAclPacketfilterTrapObjects 15 }
|
|
|
|
hpnicfAclPacketDscp OBJECT-TYPE
|
|
SYNTAX DSCPValue
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"DSCP of IPv4/IPv6 packet."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 16 }
|
|
|
|
hpnicfAclPacketFlowLabel OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..1048575|4294967295)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Flow label value of IPv6 packet."
|
|
DEFVAL { 4294967295 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 17 }
|
|
|
|
hpnicfAclPacketIcmpIgmpType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of ICMP or IGMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 18 }
|
|
|
|
hpnicfAclPacketIcmpIgmpCode OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255|65535)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The code of ICMP or IGMP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 19 }
|
|
|
|
hpnicfAclPacketTcpFlags OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
tcpack(1),
|
|
tcpfin(2),
|
|
tcppsh(3),
|
|
tcprst(4),
|
|
tcpsyn(5),
|
|
tcpurg(6),
|
|
invalid(255)
|
|
}
|
|
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The flags of TCP packet.
|
|
tcpack(1),
|
|
tcpfin(2),
|
|
tcppsh(3),
|
|
tcprst(4),
|
|
tcpsyn(5),
|
|
tcpurg(6),
|
|
invalid(255)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 20 }
|
|
|
|
hpnicfAclPacketSrcPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source port of TCP or UDP packet."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 21 }
|
|
|
|
hpnicfAclPacketDstPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination port of TCP or UDP packet."
|
|
DEFVAL { 65535 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 22 }
|
|
|
|
hpnicfAclPacketSrcMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC address of Ethernet packet."
|
|
::= { hpnicfAclPacketfilterTrapObjects 23 }
|
|
|
|
hpnicfAclPacketDstMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC address of Ethernet packet."
|
|
::= { hpnicfAclPacketfilterTrapObjects 24 }
|
|
|
|
hpnicfAclPacketMacTypeLen OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Ethertype or 802.3 length of Ethernet packet."
|
|
DEFVAL { 0 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 25 }
|
|
|
|
hpnicfAclPacketVlanPCP OBJECT-TYPE
|
|
SYNTAX Integer32 (0..7|255)
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"802.1p priority code point of Ethernet packet."
|
|
DEFVAL { 255 }
|
|
::= { hpnicfAclPacketfilterTrapObjects 26 }
|
|
|
|
--
|
|
-- Nodes of hpnicfPacketfilterTrap
|
|
--
|
|
|
|
hpnicfAclPacketfilterTrap OBJECT IDENTIFIER ::= { hpnicfAcl 5 }
|
|
|
|
hpnicfPfilterTrapPrefix OBJECT IDENTIFIER ::= { hpnicfAclPacketfilterTrap 0 }
|
|
|
|
hpnicfMACfilterTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfPfilterInterface,
|
|
hpnicfPfilterDirection,
|
|
hpnicfPfilterACLNumber,
|
|
hpnicfPfilterAction,
|
|
hpnicfMACfilterSourceMac,
|
|
hpnicfMACfilterDestinationMac,
|
|
hpnicfPfilterPacketNumber,
|
|
hpnicfPfilterReceiveInterface
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when a packet was processed
|
|
by MAC address filter, but not every packet will generate one
|
|
notification, the same notification only generate once in 30
|
|
seconds.
|
|
"
|
|
::= { hpnicfPfilterTrapPrefix 1 }
|
|
|
|
hpnicfAclRuleMatchCount NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfPfilter2ApplyObjType,
|
|
hpnicfPfilter2ApplyObjIndex,
|
|
hpnicfPfilter2ApplyDirection,
|
|
hpnicfPfilter2ApplyAclType,
|
|
hpnicfPfilter2ApplyAclIndex,
|
|
hpnicfPfilter2AclRuleIndex,
|
|
hpnicfPfilter2AclRuleMatchPackets
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated periodically due to a timer.
|
|
The interval of the timer is configured in hpnicfAclIntervalTable.
|
|
The notification details the entries about the packet-filter
|
|
object, the matched ACL rule and the number of matching packets.
|
|
"
|
|
::= { hpnicfPfilterTrapPrefix 2 }
|
|
|
|
hpnicfAclFirstIPv4PktCaptured NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfPfilter2ApplyAclIndex,
|
|
hpnicfPfilter2AclRuleIndex,
|
|
hpnicfAclPacketIfName,
|
|
hpnicfAclPacketDirection,
|
|
hpnicfAclPacketBAGG,
|
|
hpnicfAclPacketVlanID,
|
|
hpnicfAclPacketSrcIP,
|
|
hpnicfAclPacketDstIP,
|
|
hpnicfAclPacketProtocol,
|
|
hpnicfAclPacketDscp,
|
|
hpnicfAclPacketIcmpIgmpType,
|
|
hpnicfAclPacketIcmpIgmpCode,
|
|
hpnicfAclPacketTcpFlags,
|
|
hpnicfAclPacketSrcPort,
|
|
hpnicfAclPacketDstPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated immediately when the first
|
|
packet of the matched IPv4 flow is captured. Other packets
|
|
of the matched flow won't be captured.
|
|
"
|
|
::= { hpnicfPfilterTrapPrefix 3 }
|
|
|
|
hpnicfAclFirstIPv6PktCaptured NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfPfilter2ApplyAclIndex,
|
|
hpnicfPfilter2AclRuleIndex,
|
|
hpnicfAclPacketIfName,
|
|
hpnicfAclPacketDirection,
|
|
hpnicfAclPacketBAGG,
|
|
hpnicfAclPacketVlanID,
|
|
hpnicfAclPacketSrcIP,
|
|
hpnicfAclPacketDstIP,
|
|
hpnicfAclPacketProtocol,
|
|
hpnicfAclPacketDscp,
|
|
hpnicfAclPacketFlowLabel,
|
|
hpnicfAclPacketIcmpIgmpType,
|
|
hpnicfAclPacketIcmpIgmpCode,
|
|
hpnicfAclPacketTcpFlags,
|
|
hpnicfAclPacketSrcPort,
|
|
hpnicfAclPacketDstPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated immediately when the first
|
|
packet of the matched IPv6 flow is captured. Other packets
|
|
of the matched flow won't be captured.
|
|
"
|
|
::= { hpnicfPfilterTrapPrefix 4 }
|
|
|
|
hpnicfAclFirstEthernetPktCaptured NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hpnicfPfilter2ApplyAclIndex,
|
|
hpnicfPfilter2AclRuleIndex,
|
|
hpnicfAclPacketIfName,
|
|
hpnicfAclPacketDirection,
|
|
hpnicfAclPacketBAGG,
|
|
hpnicfAclPacketVlanID,
|
|
hpnicfAclPacketSrcMacAddr,
|
|
hpnicfAclPacketDstMacAddr,
|
|
hpnicfAclPacketMacTypeLen,
|
|
hpnicfAclPacketVlanPCP
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated immediately when the first
|
|
packet of the matched Ethernet flow is captured. Other packets
|
|
of the matched flow won't be captured.
|
|
"
|
|
::= { hpnicfPfilterTrapPrefix 5 }
|
|
|
|
END
|