783 lines
26 KiB
Plaintext
783 lines
26 KiB
Plaintext
-- Copyright (C) 2006-2012 Aricent Group . All Rights Reserved
|
|
|
|
-- $Id: fsissext.mib,v 1.11 2012/09/07 09:52:14 siva Exp $
|
|
|
|
ARICENT-ISS-EXT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
Counter32, enterprises, IpAddress, Integer32, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
RowStatus, TEXTUAL-CONVENTION, MacAddress FROM SNMPv2-TC;
|
|
|
|
issExt MODULE-IDENTITY
|
|
LAST-UPDATED "201209050000Z"
|
|
ORGANIZATION "ARICENT COMMUNICATIONS SOFTWARE"
|
|
CONTACT-INFO "support@aricent.com"
|
|
DESCRIPTION
|
|
"The MIB for FutureISSExtension."
|
|
REVISION "201209050000Z"
|
|
DESCRIPTION
|
|
"The MIB for FutureISSExtension."
|
|
::= { enterprises futuresoftware (2076) 81 8}
|
|
|
|
|
|
PortList ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each octet within this value specifies a set of eight
|
|
ports, with the first octet specifying ports 1 through
|
|
8, the second octet specifying ports 9 through 16, etc.
|
|
Within each octet, the most significant bit represents
|
|
the lowest numbered port, and the least significant bit
|
|
represents the highest numbered port. Thus, each port
|
|
of the bridge is represented by a single bit within the
|
|
value of this object. If that bit has a value of '1'
|
|
then that port is included in the set of ports; the port
|
|
is not included if its bit has a value of '0'."
|
|
SYNTAX OCTET STRING
|
|
|
|
iss OBJECT IDENTIFIER ::= { enterprises 2076 81 }
|
|
|
|
-- ----------------------------------------------------------------- --
|
|
-- groups in the MIB
|
|
-- ----------------------------------------------------------------- --
|
|
|
|
issExtRateControl OBJECT IDENTIFIER ::= { issExt 1 }
|
|
issExtL2Filter OBJECT IDENTIFIER ::= { issExt 2 }
|
|
issExtL3Filter OBJECT IDENTIFIER ::= { issExt 3 }
|
|
|
|
-- Rate Control Group --------------------------------------------- --
|
|
|
|
issExtRateCtrlTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IssExtRateCtrlEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table to control the rate limiting parameters
|
|
either for the entire switch or for each physical and port-channel
|
|
interface in the switch."
|
|
::= { issExtRateControl 1 }
|
|
|
|
issExtRateCtrlEntry OBJECT-TYPE
|
|
SYNTAX IssExtRateCtrlEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry appears in this table for each physical and port-channel
|
|
interface in the switch."
|
|
INDEX { issExtRateCtrlIndex }
|
|
::= { issExtRateCtrlTable 1 }
|
|
|
|
IssExtRateCtrlEntry ::=
|
|
SEQUENCE {
|
|
issExtRateCtrlIndex
|
|
Integer32,
|
|
issExtRateCtrlDLFLimitValue
|
|
Integer32,
|
|
issExtRateCtrlBCASTLimitValue
|
|
Integer32,
|
|
issExtRateCtrlMCASTLimitValue
|
|
Integer32,
|
|
issExtRateCtrlPortRateLimit
|
|
Integer32,
|
|
issExtRateCtrlPortBurstSize
|
|
Integer32
|
|
}
|
|
|
|
issExtRateCtrlIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface index for which the configuration in this
|
|
entry applies."
|
|
::= { issExtRateCtrlEntry 1 }
|
|
|
|
issExtRateCtrlDLFLimitValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Allows to configure the limiting value for the maximum number
|
|
of dlf packets that can be transmitted per second over this interface.
|
|
Setting this object to the value zero disables rate limiting for
|
|
Destination lookup failure packets on this interface. The value that
|
|
can be set for this object is limited by the underlying hardware"
|
|
|
|
DEFVAL {0}
|
|
::= { issExtRateCtrlEntry 2 }
|
|
|
|
issExtRateCtrlBCASTLimitValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Allows to configure the limiting value for the maximum number
|
|
of broadcast packets that can be transmitted per second over this
|
|
interface. Setting this object to the value zero disables rate
|
|
limiting for Broadcast packets on this interface. The value that
|
|
can be set for this object is limited by the underlying hardware"
|
|
|
|
DEFVAL {0}
|
|
::= { issExtRateCtrlEntry 3 }
|
|
|
|
|
|
issExtRateCtrlMCASTLimitValue OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Allows to configure the limiting value for the maximum number
|
|
of multicast packets that can be transmitted per second over this
|
|
interface. Setting this object to the value zero disables rate
|
|
limiting for Multicast packets on this interface. The value that
|
|
can be set for this object is limited by the underlying hardware"
|
|
|
|
DEFVAL {0}
|
|
::= { issExtRateCtrlEntry 4}
|
|
|
|
issExtRateCtrlPortRateLimit OBJECT-TYPE
|
|
SYNTAX Integer32 (0..80000000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configures interface Rate Limit (Packet that can be transferred
|
|
on a port at a particular second).
|
|
|
|
This object's value will take effect on the interface speed. Based
|
|
on the operating speed of the port, the rate limit will be applied.
|
|
This value can also be affected by the metering. A value of zero(0)
|
|
disable rate limiting i.e. sets the port to full speed."
|
|
|
|
::= { issExtRateCtrlEntry 5 }
|
|
|
|
issExtRateCtrlPortBurstSize OBJECT-TYPE
|
|
SYNTAX Integer32 (0..80000000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configures interface Burst Pkt Rate. (Packet Burst that can be
|
|
transferred on a port at a particular second)
|
|
|
|
This object's value will take effect on the interface speed. Based
|
|
on the operating speed of the port, the burst size of the port
|
|
will be applied. This value can also be affected by the metering. A
|
|
value of zero(0) disable burst rate limiting i.e. sets the port burst
|
|
rate limit to full speed."
|
|
|
|
::= { issExtRateCtrlEntry 6 }
|
|
|
|
|
|
|
|
|
|
-- ------------------------------------------------------------------
|
|
-- L2 Filter Group --------------------------------------------------
|
|
|
|
issExtL2FilterTable OBJECT-TYPE
|
|
|
|
SYNTAX SEQUENCE OF IssExtL2FilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table to configure L2 filter rules in the system."
|
|
::= { issExtL2Filter 1 }
|
|
|
|
issExtL2FilterEntry OBJECT-TYPE
|
|
SYNTAX IssExtL2FilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry in this table is a L2 filter rule.
|
|
|
|
Index to the table is the L2 filter number."
|
|
INDEX { issExtL2FilterNo}
|
|
::= { issExtL2FilterTable 1 }
|
|
|
|
IssExtL2FilterEntry ::=
|
|
SEQUENCE {
|
|
issExtL2FilterNo
|
|
Integer32,
|
|
issExtL2FilterPriority
|
|
Integer32,
|
|
issExtL2FilterEtherType
|
|
Integer32,
|
|
issExtL2FilterProtocolType
|
|
Unsigned32,
|
|
issExtL2FilterDstMacAddr
|
|
MacAddress,
|
|
issExtL2FilterSrcMacAddr
|
|
MacAddress,
|
|
issExtL2FilterVlanId
|
|
Integer32,
|
|
issExtL2FilterInPortList
|
|
PortList,
|
|
issExtL2FilterAction
|
|
INTEGER,
|
|
issExtL2FilterMatchCount
|
|
Counter32,
|
|
issExtL2FilterStatus
|
|
RowStatus,
|
|
issExtL2FilterOutPortList
|
|
PortList,
|
|
issExtL2FilterDirection
|
|
INTEGER
|
|
|
|
}
|
|
|
|
issExtL2FilterNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"L2 Filter rule number."
|
|
::= { issExtL2FilterEntry 1 }
|
|
|
|
issExtL2FilterPriority OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The priority of the L2 filter can be used to decide which filter rule
|
|
is applicable when
|
|
--> the packet matches with more than one filter rules
|
|
--> All the filter rules result in 'allow'ing the packet
|
|
|
|
Higher value of 'filter priority' implies a higher priority.
|
|
|
|
Usage of 'L2FilterPriority' is implementation dependant."
|
|
DEFVAL { 1 }
|
|
::= { issExtL2FilterEntry 2 }
|
|
|
|
issExtL2FilterEtherType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value in the Type/Len field of a frame that will
|
|
be matched to trigger this filter. The default value of
|
|
this object is '0'. When this object is SET with the default
|
|
value, frames are not matched for the value in the Type/Len
|
|
field with the value set for this object."
|
|
DEFVAL { 0 }
|
|
::= { issExtL2FilterEntry 3 }
|
|
|
|
|
|
issExtL2FilterProtocolType OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the non IP protocol type to be filtered.
|
|
aarp | amber | dec-spanning | decnet-iv |
|
|
diagnostic | dsm |etype-6000 | etype-8042 |
|
|
lat | lavc-sca | mop-console | mop-dump |
|
|
msdos | mumps | netbios | vines-echo |
|
|
vines-ip | xns-idp: A non-IP protocol.
|
|
|
|
A value of '0' means, the filter is applicable for all protocols."
|
|
DEFVAL { 0 }
|
|
::= { issExtL2FilterEntry 4 }
|
|
|
|
issExtL2FilterDstMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination MAC address to be matched with the packet. By Default, the
|
|
Destination Mac Address will be zero which means dont care condition ie)
|
|
any Dst Mac Address ."
|
|
::= { issExtL2FilterEntry 5 }
|
|
|
|
issExtL2FilterSrcMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source MAC address to be matched with the packet. By Default, the Source
|
|
Mac Address will be zero which means dont care condition ie) any Src Mac
|
|
address"
|
|
::= { issExtL2FilterEntry 6 }
|
|
|
|
|
|
issExtL2FilterVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (0..4094)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan Id to be filtered. In case of Provider bridges, This Vlan Id will
|
|
be treated as customer Vlan Id.
|
|
A value of '0' means, this object is unused. Configuring this value is not
|
|
allowed."
|
|
DEFVAL { 0 }
|
|
::= { issExtL2FilterEntry 7 }
|
|
|
|
|
|
issExtL2FilterInPortList OBJECT-TYPE
|
|
SYNTAX PortList
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the complete set of ports over which this filter is applied
|
|
for packets ingress at ports in this list.
|
|
If the In port list is '0', the filter rule is applicable for the
|
|
incoming packets on all ports.
|
|
Even though the issExtL2FilterInPortList is configured, It is applicable only
|
|
if issExtL2FilterDirection is configured as 'in'.
|
|
By default inport list is maintained as '0'."
|
|
::= { issExtL2FilterEntry 8 }
|
|
|
|
issExtL2FilterAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
allow (1),
|
|
drop (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the action to be taken on the packet if the filter
|
|
rule matches.
|
|
If the action is 'allow', the packet will be forwarded according
|
|
to the forwarding rules.
|
|
If the action is 'drop', the packet will be discarded."
|
|
DEFVAL { allow }
|
|
::= { issExtL2FilterEntry 9 }
|
|
|
|
issExtL2FilterMatchCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of times this filter is matched."
|
|
|
|
::= { issExtL2FilterEntry 10 }
|
|
|
|
issExtL2FilterStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the status of this entry. An entry is
|
|
created in this table when this object is SET to 'createAndWait'.
|
|
The entry in this table is used when the status of this object
|
|
is SET 'active'. The entry in this table is not used when this
|
|
object is SET 'notInService'. An entry created in this table is
|
|
be deleted when this object is SET 'destroy'."
|
|
::= { issExtL2FilterEntry 11 }
|
|
|
|
issExtL2FilterOutPortList OBJECT-TYPE
|
|
SYNTAX PortList
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the complete set of ports over which this filter is applied
|
|
for packets egress at Ports in this list.
|
|
If the Out port list is '0', the filter rule is applicable for the
|
|
outgoing packets on all ports.
|
|
Even though the issExtL2FilterOutPortList is configured, It is applicable only
|
|
if issExtL2FilterDirection is configured as 'out'.
|
|
By default outport list is maintained as '0'."
|
|
::= { issExtL2FilterEntry 12 }
|
|
|
|
issExtL2FilterDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
in (1),
|
|
out (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the direction of this filter to be applied. By Default the
|
|
filter will be applied on ingress direction.
|
|
When the direction of this filter is 'in', It is applied on specified
|
|
ports of the issExtL2FilterInPortList.
|
|
When the direction of this filter is 'out', It is applied on specified
|
|
ports of the issExtL2FilterOutPortList."
|
|
DEFVAL { in }
|
|
::= { issExtL2FilterEntry 13 }
|
|
|
|
-- ------------------------------------------------------------------
|
|
-- L3 Filter Group --------------------------------------------------
|
|
|
|
issExtL3FilterTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF IssExtL3FilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" A table to configure L3 filter rules in the system.
|
|
"
|
|
::= { issExtL3Filter 1 }
|
|
|
|
issExtL3FilterEntry OBJECT-TYPE
|
|
SYNTAX IssExtL3FilterEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Each entry in this table is a L3 filter rule.
|
|
Index to the table is L3 filter number. "
|
|
INDEX { issExtL3FilterNo}
|
|
::= { issExtL3FilterTable 1 }
|
|
|
|
IssExtL3FilterEntry ::=
|
|
SEQUENCE {
|
|
issExtL3FilterNo
|
|
Integer32,
|
|
issExtL3FilterPriority
|
|
Integer32,
|
|
issExtL3FilterProtocol
|
|
Integer32,
|
|
issExtL3FilterMessageType
|
|
Integer32,
|
|
issExtL3FilterMessageCode
|
|
Integer32,
|
|
issExtL3FilterDstIpAddr
|
|
IpAddress,
|
|
issExtL3FilterSrcIpAddr
|
|
IpAddress,
|
|
issExtL3FilterDstIpAddrMask
|
|
IpAddress,
|
|
issExtL3FilterSrcIpAddrMask
|
|
IpAddress,
|
|
issExtL3FilterMinDstProtPort
|
|
Unsigned32,
|
|
issExtL3FilterMaxDstProtPort
|
|
Unsigned32,
|
|
issExtL3FilterMinSrcProtPort
|
|
Unsigned32,
|
|
issExtL3FilterMaxSrcProtPort
|
|
Unsigned32,
|
|
issExtL3FilterInPortList
|
|
PortList,
|
|
issExtL3FilterOutPortList
|
|
PortList,
|
|
issExtL3FilterAckBit
|
|
INTEGER,
|
|
issExtL3FilterRstBit
|
|
INTEGER,
|
|
issExtL3FilterTos
|
|
Integer32,
|
|
issExtL3FilterDscp
|
|
Integer32,
|
|
issExtL3FilterDirection
|
|
INTEGER,
|
|
issExtL3FilterAction
|
|
INTEGER,
|
|
issExtL3FilterMatchCount
|
|
Counter32,
|
|
issExtL3FilterStatus
|
|
RowStatus
|
|
}
|
|
|
|
issExtL3FilterNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"L3 Filter rule number."
|
|
::= { issExtL3FilterEntry 1 }
|
|
|
|
issExtL3FilterPriority OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The priority of the filter can be used to decide which filter rule
|
|
is applicable when
|
|
--> the packet matches with more than one filter rules
|
|
--> All the filter rules result in 'allow'ing the packet
|
|
Higher value of 'L3 filter priority' implies a higher priority.
|
|
Usage of 'L3FilterPriority' is implementation dependant."
|
|
DEFVAL { 1 }
|
|
::= { issExtL3FilterEntry 2 }
|
|
|
|
issExtL3FilterProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The type of protocol to be checked against the packet. The
|
|
default value is 255. If the value is 255, it means that the
|
|
protocol type can be anything and it will not be checked to
|
|
decide the action. "
|
|
DEFVAL { 255 }
|
|
::= { issExtL3FilterEntry 3 }
|
|
|
|
issExtL3FilterMessageType OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The message type to be checked against the packet. If the
|
|
message type matches with the packet, then the packet will be
|
|
dropped / allowed based on the action set in issExtL3FilterAction.
|
|
The default value is 255. It means that message type is not
|
|
configured and need not be checked.
|
|
Generally the value zero is given as default. But here
|
|
zero can be an ICMP Type value. Hence 255 is given as the
|
|
default value.
|
|
Some ICMP message types are:
|
|
echoReply(0),
|
|
destinationUnreachable(3),
|
|
sourceQuench(4),
|
|
redirect(5),
|
|
echoRequest(8),
|
|
timeExceeded(11),
|
|
parameterProblem(12),
|
|
timestampRequest(13),
|
|
timestampReply(14),
|
|
informationRequest(15),
|
|
informationReply(16),
|
|
addressMaskRequest(17),
|
|
addressMaskReply (18),
|
|
noICMPType(255)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { issExtL3FilterEntry 4 }
|
|
|
|
issExtL3FilterMessageCode OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The message code to be checked against the packet. If the
|
|
packet matches with the message code, then the packet will
|
|
be dropped / allowed based on the action set in issExtL3FilterAction.
|
|
The default value is 255. It means that message code is not
|
|
configured and need not be checked. Generally the value zero
|
|
will be given as default. But here, zero can be an ICMP Code
|
|
value. Hence 255 is given as the default value.
|
|
Some ICMP message codes are :
|
|
networkUnreachable(0),
|
|
hostUnreachable(1),
|
|
protocolUnreachable(2),
|
|
portUnreachable(3),
|
|
fragmentNeed(4),
|
|
sourceRouteFail(5),
|
|
destNetworkUnknown(6),
|
|
destHostUnknown(7),
|
|
srcHostIsolated(8),
|
|
destNetworkAdminProhibited(9),
|
|
destHostAdminProhibited(10),
|
|
networkUnreachableTOS(11),
|
|
hostUnreachableTOS(12),
|
|
noICMPCode(255)
|
|
"
|
|
DEFVAL { 255 }
|
|
::= { issExtL3FilterEntry 5 }
|
|
|
|
issExtL3FilterDstIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP address to be matched with the packet.
|
|
This object is valid only if the 'issExtFilterType' is 'l3filter'."
|
|
DEFVAL { '00000000'h }
|
|
::= { issExtL3FilterEntry 6 }
|
|
|
|
issExtL3FilterSrcIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP address to be matched with the packet.
|
|
This object is valid only if the 'issExtFilterType' is 'l3filter'."
|
|
DEFVAL { '00000000'h }
|
|
::= { issExtL3FilterEntry 7 }
|
|
|
|
issExtL3FilterDstIpAddrMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP subnet mask for Destination IP address.
|
|
This object is valid only if the 'issExtFilterType' is 'l3filter'."
|
|
DEFVAL { 'FFFFFFFF'h }
|
|
::= { issExtL3FilterEntry 8 }
|
|
|
|
issExtL3FilterSrcIpAddrMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP subnet mask for Source IP address.
|
|
This object is valid only if the 'issExtFilterType' is 'l3filter'."
|
|
DEFVAL { 'FFFFFFFF'h }
|
|
::= { issExtL3FilterEntry 9 }
|
|
|
|
issExtL3FilterMinDstProtPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimum port in the destination port range. Please note
|
|
these ports are the TCP / UDP ports."
|
|
DEFVAL { 0 }
|
|
::= { issExtL3FilterEntry 10 }
|
|
|
|
issExtL3FilterMaxDstProtPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum port in the destination port range. Please note
|
|
these ports are the TCP / UDP ports."
|
|
DEFVAL { 65535 }
|
|
::= { issExtL3FilterEntry 11 }
|
|
|
|
issExtL3FilterMinSrcProtPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimum port in the source port range. Please note
|
|
these ports are the TCP / UDP ports."
|
|
DEFVAL { 0 }
|
|
::= { issExtL3FilterEntry 12 }
|
|
|
|
issExtL3FilterMaxSrcProtPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum port in the source port range. Please note
|
|
these ports are the TCP / UDP ports."
|
|
DEFVAL { 65535 }
|
|
::= { issExtL3FilterEntry 13 }
|
|
|
|
issExtL3FilterInPortList OBJECT-TYPE
|
|
SYNTAX PortList
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the complete set of ports over which if the packet arrives
|
|
this filter rule will be applicable.
|
|
If the incoming port list is '0', the filter rule is applicable for all the
|
|
incoming ports.
|
|
By default inport list is maintained as '0'."
|
|
::= { issExtL3FilterEntry 14 }
|
|
|
|
issExtL3FilterOutPortList OBJECT-TYPE
|
|
SYNTAX PortList
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the complete set of ports over which if the packet goes out,
|
|
this filter rule will be applicable.
|
|
If the outgoing port list is '0', the filter rule is applicable for all the
|
|
outgoing packets in all ports.
|
|
By default outport list is maintained as '0'."
|
|
::= { issExtL3FilterEntry 15 }
|
|
|
|
issExtL3FilterAckBit OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
establish(1),
|
|
notEstablish(2),
|
|
any(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The TCP ACK bit to be checked against the packet. The default
|
|
value is 'any'(3). It means that ACK bit will not be checked
|
|
to decide the action. "
|
|
DEFVAL { any }
|
|
::= { issExtL3FilterEntry 16 }
|
|
|
|
issExtL3FilterRstBit OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
set(1),
|
|
notSet(2),
|
|
any(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The TCP RST bit to be checked against the packet. The default
|
|
value is 'any'(3). It means that RST bit will not be checked to
|
|
decide the action. "
|
|
DEFVAL { any }
|
|
::= { issExtL3FilterEntry 17 }
|
|
|
|
issExtL3FilterTos OBJECT-TYPE
|
|
SYNTAX Integer32 (-1..7)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The IP TOS bit to be checked against the packet. This is a
|
|
single byte integer of which the last three bits (least
|
|
significant bits) indicate Delay, Throughput and Reliability
|
|
i.e 'uuuuudtr', u-unused, d-delay, t-throughput, r-reliability.
|
|
For example '6' indicates low delay and high throughput.
|
|
A value of '-1' means, the Tos Field becomes dont care"
|
|
DEFVAL { -1 }
|
|
::= { issExtL3FilterEntry 18 }
|
|
|
|
issExtL3FilterDscp OBJECT-TYPE
|
|
SYNTAX Integer32 (-1..63)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" The IP Dscp value to be checked against the packet.
|
|
A value of '-1' means, the Dscp Field becomes dont care."
|
|
DEFVAL { -1 }
|
|
::= { issExtL3FilterEntry 19 }
|
|
|
|
issExtL3FilterDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
in (1),
|
|
out(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the direction of this filter to be applied. By Default the
|
|
filter will be applied on ingress direction.
|
|
When the direction of this filter is 'in', It is applied on specified
|
|
ports of the issExtL3FilterInPortList.
|
|
When the direction of this filter is 'out', It is applied on specified
|
|
ports of the issExtL3FilterOutPortList."
|
|
DEFVAL { in }
|
|
::= { issExtL3FilterEntry 20 }
|
|
|
|
issExtL3FilterAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
allow (1),
|
|
drop (2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the action to be taken on the packet if the filter
|
|
rule matches.
|
|
If the action is 'allow', the packet will be sent to the
|
|
ports in 'out port list'. If the out port list is '0',
|
|
the port over which the packet is to be switched will be decided
|
|
based on further processing on the packet.
|
|
If the action is 'drop', the packet will be discarded."
|
|
DEFVAL { allow }
|
|
::= { issExtL3FilterEntry 21 }
|
|
|
|
issExtL3FilterMatchCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of times this filter is matched."
|
|
::= { issExtL3FilterEntry 22 }
|
|
|
|
issExtL3FilterStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the status of this entry. An entry is
|
|
created in this table when this object is SET to 'createAndWait'.
|
|
The entry in this table is used when the status of this object
|
|
is SET 'active'. The entry in this table is not used when this
|
|
object is SET 'notInService'. An entry created in this table is
|
|
be deleted when this object is SET 'destroy'."
|
|
::= { issExtL3FilterEntry 23 }
|
|
|
|
END
|