1224 lines
42 KiB
Plaintext
1224 lines
42 KiB
Plaintext
-- *****************************************************************
|
|
-- FS-ACL-MIB.mib: FS Acl MIB file
|
|
--
|
|
-- March 2002, Wuzg
|
|
--
|
|
-- Copyright (c) 2002 by FS.COM Inc..
|
|
-- All rights reserved.
|
|
--
|
|
-- *****************************************************************
|
|
--
|
|
|
|
FS-ACL-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
Integer32,
|
|
Unsigned32,
|
|
IpAddress
|
|
FROM SNMPv2-SMI
|
|
TruthValue,
|
|
DisplayString,
|
|
RowStatus,
|
|
MacAddress
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
IfIndex,
|
|
ConfigStatus
|
|
FROM FS-TC
|
|
fsMgmt
|
|
FROM FS-SMI;
|
|
|
|
fsAclMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200203200000Z"
|
|
ORGANIZATION "FS.COM Inc.."
|
|
CONTACT-INFO
|
|
"
|
|
Tel: 400-865-2852
|
|
|
|
E-mail: https://www.fs.com/live_chat_service_mail.html"
|
|
DESCRIPTION
|
|
"This module defines fs acl mibs."
|
|
REVISION "200203200000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
::= { fsMgmt 17}
|
|
|
|
--ACLNO ::= TEXTUAL-CONVENTION
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- " Serial number of Access control list entry, Access control list entry of
|
|
-- bigger ACL number will have higher implement priority. One ACL number
|
|
-- corresponding to only one entry."
|
|
-- SYNTAX INTEGER
|
|
|
|
-- Access control list
|
|
fsAclMIBObjects OBJECT IDENTIFIER ::= { fsAclMIB 1 }
|
|
|
|
|
|
fsAclTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FSAclEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of acl request entries."
|
|
::= { fsAclMIBObjects 1 }
|
|
|
|
fsAclEntry OBJECT-TYPE
|
|
SYNTAX FSAclEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Entry contains acl name and mode."
|
|
INDEX { fsAclName }
|
|
::= { fsAclTable 1 }
|
|
|
|
FSAclEntry ::=
|
|
SEQUENCE {
|
|
fsAclName DisplayString,
|
|
fsAclMode INTEGER,
|
|
fsAclEntryStatus ConfigStatus
|
|
}
|
|
|
|
fsAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (1..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of this entry.This value is unique for every entry
|
|
When this string be used as an index,Value of a sub-identifier equal
|
|
ASCII value of corresponding character(first sub-identifier corresponds
|
|
first character of string). The number of sub-identifiers of this string
|
|
must be 32,If length of string is less than 32 the sub-identifier(0x0)
|
|
will be filled in tail."
|
|
::= { fsAclEntry 1 }
|
|
|
|
fsAclMode OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
acl-ip-standard(1),
|
|
acl-ip-extended(2),
|
|
acl-mac-extended(3),
|
|
acl-expert(4),
|
|
acl-ipv6-extended(5)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Config mode of this ACL"
|
|
::= { fsAclEntry 2 }
|
|
|
|
fsAclEntryStatus OBJECT-TYPE
|
|
SYNTAX ConfigStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Status of this entry, set its value to invalid will delete this entry.
|
|
set its value to valid has no effect."
|
|
::= { fsAclEntry 3 }
|
|
|
|
--fsAceTable OBJECT-TYPEV
|
|
-- SYNTAX SEQUENCE OF FSAceEntry
|
|
-- MAX-ACCESS not-accessible
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "A table of ACE request entries."
|
|
-- ::= { fsAclMIBObjects 2 } this OID is obsolete
|
|
|
|
--fsAceEntry OBJECT-TYPE
|
|
-- SYNTAX FSAceEntry
|
|
-- MAX-ACCESS not-accessible
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Entry contains ace parameters and results.
|
|
--
|
|
-- A management station wishing to create an entry should
|
|
-- first generate a pseudo-random serial number to be used
|
|
-- as the index to a ace entry of a acl. The station should
|
|
-- then create the associated entry.
|
|
--
|
|
-- We must set all specifies valid values for the
|
|
-- non-defaulted configuration objects, certainly, it should
|
|
-- also modify the default values for the other configuration
|
|
-- objects if the defaults are not appropriate.
|
|
--
|
|
-- Once the appropriate instance of all the configuration
|
|
-- objects have been created or set,the row status should be set
|
|
-- to active to initiate the request."
|
|
-- INDEX { fsAceAclName,fsAceIndex }
|
|
-- ::= { fsAceTable 1 }
|
|
--
|
|
--FSAceEntry ::=
|
|
-- SEQUENCE {
|
|
-- fsAceAclName DisplayString,
|
|
-- fsAceIndex Integer32,
|
|
-- fsAceIfAnyVID TruthValue,
|
|
-- fsAceVID Unsigned32,
|
|
-- fsAceIfAnySourceIp TruthValue,
|
|
-- fsAceSourceIp IpAddress,
|
|
-- fsAceIfAnySourceWildCard TruthValue,
|
|
-- fsAceSourceWildCard IpAddress,
|
|
-- fsAceIfAnySourceMacAddr TruthValue,
|
|
-- fsAceSourceMacAddr MacAddress,
|
|
-- fsAceIfAnyDestIp TruthValue,
|
|
-- fsAceDestIp IpAddress,
|
|
-- fsAceIfAnyDestWildCard TruthValue,
|
|
-- fsAceDestIpWildCard IpAddress,
|
|
-- fsAceIfAnyDestMacAddr TruthValue,
|
|
-- fsAceDestMacAddr MacAddress,
|
|
-- fsAceIfAnyEtherLikeType TruthValue,
|
|
-- fsAceEtherLikeType Integer32,
|
|
-- fsAceIfAnyIpProtocolField TruthValue,
|
|
-- fsAceIpProtocolField Integer32,
|
|
-- fsAceIfAnySourceProtocolPort TruthValue,
|
|
-- fsAceSourceProtocolPort Integer32,
|
|
-- fsAceIfAnyDestProtocolPort TruthValue,
|
|
-- fsAceDestProtocolPort Integer32,
|
|
-- fsAceIfAnyProtocolType TruthValue,
|
|
-- fsAceProtocolType Integer32,
|
|
-- fsAceFlowAction INTEGER,
|
|
-- fsAceEntryStauts RowStatus,
|
|
-- fsAceTimeRangeName DisplayString
|
|
-- }
|
|
--
|
|
--fsAceAclName OBJECT-TYPE
|
|
-- SYNTAX DisplayString(SIZE (1..32))
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Access list name of this ace belong to.
|
|
-- When this string be used as an index,Value of a sub-identifier equal
|
|
-- ASCII value of corresponding character(first sub-identifier corresponds
|
|
-- first character of string). The number of sub-identifiers of this string
|
|
-- must be 32,If length of string is less than 32 the sub-identifier(0x0)
|
|
-- will be filled in tail."
|
|
-- ::= { fsAceEntry 1 }
|
|
--
|
|
--fsAceIndex OBJECT-TYPE
|
|
-- SYNTAX Integer32(1..2147483647)
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Object which specifies a unique entry in the
|
|
-- fsAclTable. A management station wishing
|
|
-- to initiate a acl operation should use a
|
|
-- pseudo-random value for this object when creating
|
|
-- or modifying an instance of a fsAclEntry.
|
|
-- The RowStatus semantics of the fsAclEntryStatus
|
|
-- object will prevent access conflicts."
|
|
-- ::= { fsAceEntry 2 }
|
|
--
|
|
--fsAceIfAnyVID OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "VID of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 3 }
|
|
--
|
|
--fsAceVID OBJECT-TYPE
|
|
-- SYNTAX Unsigned32(0..4094)
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "VID of Ace flow definition."
|
|
-- ::= { fsAceEntry 4 }
|
|
--
|
|
--fsAceIfAnySourceIp OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source Ip of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 5 }
|
|
--
|
|
--fsAceSourceIp OBJECT-TYPE
|
|
-- SYNTAX IpAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Sourece ip address of Ace flow definition."
|
|
-- ::= { fsAceEntry 6 }
|
|
--
|
|
--fsAceIfAnySourceWildCard OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source Ip wild card of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 7 }
|
|
--
|
|
--fsAceSourceWildCard OBJECT-TYPE
|
|
-- SYNTAX IpAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Sourece ip wild card(in reverse ip address mask)of Ace flow definition."
|
|
-- ::= { fsAceEntry 8 }
|
|
--
|
|
--fsAceIfAnySourceMacAddr OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source mac address of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 9 }
|
|
--
|
|
--fsAceSourceMacAddr OBJECT-TYPE
|
|
-- SYNTAX MacAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Sourece Mac address of Ace flow definition."
|
|
-- ::= { fsAceEntry 10 }
|
|
--
|
|
--fsAceIfAnyDestIp OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Destination Ip wild card of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 11 }
|
|
--
|
|
--fsAceDestIp OBJECT-TYPE
|
|
-- SYNTAX IpAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Destination ip address of Ace flow definition."
|
|
-- ::= { fsAceEntry 12 }
|
|
--
|
|
--fsAceIfAnyDestWildCard OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source Ip wild card of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 13 }
|
|
--
|
|
--fsAceDestIpWildCard OBJECT-TYPE
|
|
-- SYNTAX IpAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Destination ip wild card(in reverse ip address mask) of Ace flow definition."
|
|
-- ::= { fsAceEntry 14 }
|
|
--
|
|
--fsAceIfAnyDestMacAddr OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source Ip wild card of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 15 }
|
|
--
|
|
--fsAceDestMacAddr OBJECT-TYPE
|
|
-- SYNTAX MacAddress
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Destination Mac address of Ace flow definition."
|
|
-- ::= { fsAceEntry 16 }
|
|
--
|
|
--fsAceIfAnyEtherLikeType OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Ether Like Type in MAC packet will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 17 }
|
|
--
|
|
--fsAceEtherLikeType OBJECT-TYPE
|
|
-- SYNTAX Integer32
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Ether Like Type in MAC packet of Ace flow definition. "
|
|
-- ::= { fsAceEntry 18 }
|
|
--
|
|
--fsAceIfAnyIpProtocolField OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Source Ip wild card of class will not be checked if this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 19 }
|
|
--
|
|
--fsAceIpProtocolField OBJECT-TYPE
|
|
-- SYNTAX Integer32
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of protocol field in IP packet of Ace flow definition."
|
|
-- ::= { fsAceEntry 20 }
|
|
--
|
|
--fsAceIfAnySourceProtocolPort OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of source protocol port in IP packet will not be checked if
|
|
-- this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 21 }
|
|
--
|
|
--fsAceSourceProtocolPort OBJECT-TYPE
|
|
-- SYNTAX Integer32
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of source protocol port in IP packet of Ace flow definition. It is
|
|
-- significative only to those protocol which support this field."
|
|
-- ::= { fsAceEntry 22 }
|
|
--
|
|
--fsAceIfAnyDestProtocolPort OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "he value of destination protocol port in IP packet will not be checked if
|
|
-- this value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 23 }
|
|
--
|
|
--fsAceDestProtocolPort OBJECT-TYPE
|
|
-- SYNTAX Integer32
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of destination protocol port in IP packet of Ace flow definition. It is
|
|
-- significative only to those protocol which support this field(tcp,udp)."
|
|
-- ::= { fsAceEntry 24 }
|
|
--
|
|
--fsAceIfAnyProtocolType OBJECT-TYPE
|
|
-- SYNTAX TruthValue
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of protocol type field in IP packet will not be checked if this
|
|
-- value is true."
|
|
-- DEFVAL{ true }
|
|
-- ::= { fsAceEntry 25 }
|
|
--
|
|
--fsAceProtocolType OBJECT-TYPE
|
|
-- SYNTAX Integer32
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The value of protocol type field in IP packet of Ace flow definition. It is
|
|
-- significative only to those protocol which support this field(icmp,igmp)."
|
|
-- ::= { fsAceEntry 26 }
|
|
--
|
|
--fsAceFlowAction OBJECT-TYPE
|
|
-- SYNTAX INTEGER{
|
|
-- permit(1),
|
|
-- delay(2)
|
|
-- }
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Permit indicate that the kind of flow which entry define will be allow to access ,
|
|
-- delay indicate that the kind of flow which entry define will be refuse to access"
|
|
-- ::= { fsAceEntry 27 }
|
|
--
|
|
--fsAceEntryStauts OBJECT-TYPE
|
|
-- SYNTAX RowStatus
|
|
-- MAX-ACCESS read-create
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "entry status for this list."
|
|
-- ::= { fsAceEntry 28 }
|
|
--
|
|
--fsAceTimeRangeName OBJECT-TYPE
|
|
-- SYNTAX DisplayString(SIZE (0..32))
|
|
-- MAX-ACCESS not-accessible
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Name of time-range of this ACE match. It indicate that
|
|
-- this ACE doesn't match any time-range if this string is null"
|
|
-- ::= { fsAceEntry 29 }
|
|
|
|
|
|
fsAclIfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FSAclIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"list of ACL interface objects."
|
|
::= { fsAclMIBObjects 3 }
|
|
|
|
fsAclIfEntry OBJECT-TYPE
|
|
SYNTAX FSAclIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Entry ACL interface information."
|
|
INDEX { fsAclIfIndex }
|
|
::= { fsAclIfTable 1 }
|
|
|
|
FSAclIfEntry ::=
|
|
SEQUENCE {
|
|
fsAclIfIndex IfIndex,
|
|
fsAclIfMaxEntryNum Integer32,
|
|
fsAclIfCurruntEntryNum Integer32,
|
|
fsIfInAclName DisplayString,
|
|
fsIfOutAclName DisplayString,
|
|
fsAclIf6MaxEntryNum Integer32,
|
|
fsAclIf6CurruntEntryNum Integer32,
|
|
fsIf6InAclName DisplayString,
|
|
fsIf6OutAclName DisplayString
|
|
}
|
|
|
|
fsAclIfIndex OBJECT-TYPE
|
|
SYNTAX IfIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" "
|
|
::= { fsAclIfEntry 1 }
|
|
|
|
fsAclIfMaxEntryNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Max num of ACL entry(ACE) in a interface."
|
|
::= { fsAclIfEntry 2 }
|
|
|
|
fsAclIfCurruntEntryNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Currunt valid num of ACL entry(ACE) in a interface."
|
|
::= { fsAclIfEntry 3 }
|
|
|
|
fsIfInAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of ACL of this interface match for input.
|
|
It indicate that this interface doesn't match any ACL for input
|
|
if this string is null"
|
|
::= { fsAclIfEntry 4 }
|
|
|
|
fsIfOutAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of ACL of this interface match for output.
|
|
It indicate that this interface doesn't match any ACL for output
|
|
if this string is null
|
|
|
|
This relation function apply only L3 interface."
|
|
::= { fsAclIfEntry 5 }
|
|
|
|
fsAclIf6MaxEntryNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Max num of ACL6 entry(ACE) in a interface."
|
|
::= { fsAclIfEntry 6 }
|
|
|
|
fsAclIf6CurruntEntryNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Currunt valid num of ACL6 entry(ACE) in a interface."
|
|
::= { fsAclIfEntry 7 }
|
|
|
|
fsIf6InAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of ACL6 of this interface match for input.
|
|
It indicate that this interface doesn't match any ACL for input
|
|
if this string is null"
|
|
::= { fsAclIfEntry 8 }
|
|
|
|
fsIf6OutAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of ACL6 of this interface match for output.
|
|
It indicate that this interface doesn't match any ACL for output
|
|
if this string is null
|
|
|
|
This relation function apply only L3 interface."
|
|
::= { fsAclIfEntry 9 }
|
|
|
|
fsAceExtTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FSAceExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of ACE request entries."
|
|
::= { fsAclMIBObjects 4 }
|
|
|
|
fsAceExtEntry OBJECT-TYPE
|
|
SYNTAX FSAceExtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Entry contains ace parameters and results.
|
|
|
|
A management station wishing to create an entry should
|
|
first generate a pseudo-random serial number to be used
|
|
as the index to a ace entry of a acl. The station should
|
|
then create the associated entry.
|
|
|
|
We must set all specifies valid values for the
|
|
non-defaulted configuration objects, certainly, it should
|
|
also modify the default values for the other configuration
|
|
objects if the defaults are not appropriate.
|
|
|
|
Once the appropriate instance of all the configuration
|
|
objects have been created or set,the row status should be set
|
|
to active to initiate the request."
|
|
INDEX { fsAceExtAclName,fsAceExtIndex }
|
|
::= { fsAceExtTable 1 }
|
|
|
|
FSAceExtEntry ::=
|
|
SEQUENCE {
|
|
fsAceExtAclName DisplayString,
|
|
fsAceExtIndex Integer32,
|
|
fsAceExtIfAnyVID TruthValue,
|
|
fsAceExtVID Unsigned32,
|
|
fsAceExtIfAnySourceIp TruthValue,
|
|
fsAceExtSourceIp IpAddress,
|
|
fsAceExtIfAnySourceWildCard TruthValue,
|
|
fsAceExtSourceWildCard IpAddress,
|
|
fsAceExtIfAnySourceMacAddr TruthValue,
|
|
fsAceExtSourceMacAddr MacAddress,
|
|
fsAceExtIfAnyDestIp TruthValue,
|
|
fsAceExtDestIp IpAddress,
|
|
fsAceExtIfAnyDestWildCard TruthValue,
|
|
fsAceExtDestIpWildCard IpAddress,
|
|
fsAceExtIfAnyDestMacAddr TruthValue,
|
|
fsAceExtDestMacAddr MacAddress,
|
|
fsAceExtIfAnyEtherLikeType TruthValue,
|
|
fsAceExtEtherLikeType Integer32,
|
|
fsAceExtIfAnyIpProtocolField TruthValue,
|
|
fsAceExtIpProtocolField Integer32,
|
|
fsAceExtSourceProtocolPort Integer32,
|
|
fsAceExtDestProtocolPort Integer32,
|
|
fsAceExtIfAnyProtocolType TruthValue,
|
|
fsAceExtProtocolType Integer32,
|
|
fsAceExtFlowAction INTEGER,
|
|
fsAceExtEntryStauts RowStatus,
|
|
fsAceExtTimeRangeName DisplayString,
|
|
fsAceExtSourcePortOp INTEGER,
|
|
fsAceExtSourceProtocolPortRange Integer32,
|
|
fsAceExtDestPortOp INTEGER,
|
|
fsAceExtDestProtocolPortRange Integer32,
|
|
fsAceExtIfAnyCos TruthValue,
|
|
fsAceExtCos Integer32,
|
|
fsAceExtIfAnyIpPrec TruthValue,
|
|
fsAceExtIpPrec Integer32,
|
|
fsAceExtIfAnyDscp TruthValue,
|
|
fsAceExtDscp Integer32,
|
|
fsAceExtIfAnySourceMacAddrWildCard TruthValue,
|
|
fsAceExtSourceMacAddrWildCard MacAddress,
|
|
fsAceExtIfAnyDestMacAddrWildCard TruthValue,
|
|
fsAceExtDestMacAddrWildCard MacAddress,
|
|
fsAceExtIfAnyTcpFlag TruthValue,
|
|
fsAceExtTcpFlag Integer32,
|
|
fsAceExtIfAnySourceIp6 TruthValue,
|
|
fsAceExtSourceIp6 OCTET STRING,
|
|
fsAceExtIfAnySourceIp6WildCard TruthValue,
|
|
fsAceExtSourceIp6WildCard OCTET STRING,
|
|
fsAceExtIfAnyDestIp6 TruthValue,
|
|
fsAceExtDestIp6 OCTET STRING,
|
|
fsAceExtIfAnyDestIp6WildCard TruthValue,
|
|
fsAceExtDestIp6WildCard OCTET STRING
|
|
}
|
|
|
|
fsAceExtAclName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (1..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Access list name of this ace belong to.
|
|
When this string be used as an index,Value of a sub-identifier equal
|
|
ASCII value of corresponding character(first sub-identifier corresponds
|
|
first character of string). The number of sub-identifiers of this string
|
|
must be 32,If length of string is less than 32 the sub-identifier(0x0)
|
|
will be filled in tail."
|
|
::= { fsAceExtEntry 1 }
|
|
|
|
fsAceExtIndex OBJECT-TYPE
|
|
SYNTAX Integer32(1..2147483647)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Object which specifies a unique entry in the
|
|
fsAclTable. A management station wishing
|
|
to initiate a acl operation should use a
|
|
pseudo-random value for this object when creating
|
|
or modifying an instance of a fsAclEntry.
|
|
The RowStatus semantics of the fsAclEntryStatus
|
|
object will prevent access conflicts."
|
|
::= { fsAceExtEntry 2 }
|
|
|
|
fsAceExtIfAnyVID OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"VID of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 3 }
|
|
|
|
fsAceExtVID OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..4094)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"VID of Ace flow definition."
|
|
::= { fsAceExtEntry 4 }
|
|
|
|
fsAceExtIfAnySourceIp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ip of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 5 }
|
|
|
|
fsAceExtSourceIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece ip address of Ace flow definition."
|
|
::= { fsAceExtEntry 6 }
|
|
|
|
fsAceExtIfAnySourceWildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ip wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 7 }
|
|
|
|
fsAceExtSourceWildCard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece ip wild card(in reverse ip address mask)of Ace flow definition."
|
|
::= { fsAceExtEntry 8 }
|
|
|
|
fsAceExtIfAnySourceMacAddr OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source mac address of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 9 }
|
|
|
|
fsAceExtSourceMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece Mac address of Ace flow definition."
|
|
::= { fsAceExtEntry 10 }
|
|
|
|
fsAceExtIfAnyDestIp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination Ip wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 11 }
|
|
|
|
fsAceExtDestIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination ip address of Ace flow definition."
|
|
::= { fsAceExtEntry 12 }
|
|
|
|
fsAceExtIfAnyDestWildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ip wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 13 }
|
|
|
|
fsAceExtDestIpWildCard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination ip wild card(in reverse ip address mask) of Ace flow definition."
|
|
::= { fsAceExtEntry 14 }
|
|
|
|
fsAceExtIfAnyDestMacAddr OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ip wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 15 }
|
|
|
|
fsAceExtDestMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination Mac address of Ace flow definition."
|
|
::= { fsAceExtEntry 16 }
|
|
|
|
fsAceExtIfAnyEtherLikeType OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ether Like Type in MAC packet will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 17 }
|
|
|
|
fsAceExtEtherLikeType OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ether Like Type in MAC packet of Ace flow definition. "
|
|
::= { fsAceExtEntry 18 }
|
|
|
|
fsAceExtIfAnyIpProtocolField OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ip wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 19 }
|
|
|
|
fsAceExtIpProtocolField OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of protocol field in IP packet of Ace flow definition."
|
|
::= { fsAceExtEntry 20 }
|
|
|
|
fsAceExtSourceProtocolPort OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of source protocol port in IP packet of Ace flow definition. It is
|
|
significative only to those protocol which support this field."
|
|
::= { fsAceExtEntry 21 }
|
|
|
|
fsAceExtDestProtocolPort OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of destination protocol port in IP packet of Ace flow definition. It is
|
|
significative only to those protocol which support this field(tcp,udp)."
|
|
::= { fsAceExtEntry 22 }
|
|
|
|
fsAceExtIfAnyProtocolType OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of protocol type field in IP packet will not be checked if this
|
|
value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 23 }
|
|
|
|
fsAceExtProtocolType OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of protocol type field in IP packet of Ace flow definition. It is
|
|
significative only to those protocol which support this field(icmp,igmp)."
|
|
::= { fsAceExtEntry 24 }
|
|
|
|
fsAceExtFlowAction OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Permit indicate that the kind of flow which entry define will be allow to access ,
|
|
deny indicate that the kind of flow which entry define will be refuse to access"
|
|
::= { fsAceExtEntry 25 }
|
|
|
|
fsAceExtEntryStauts OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"entry status for this list."
|
|
::= { fsAceExtEntry 26 }
|
|
|
|
fsAceExtTimeRangeName OBJECT-TYPE
|
|
SYNTAX DisplayString(SIZE (0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of time-range of this ACE match. It indicate that
|
|
this ACE doesn't match any time-range if this string is null"
|
|
::= { fsAceExtEntry 27 }
|
|
|
|
fsAceExtSourcePortOp OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noOperator(1),
|
|
lt(2),
|
|
gt(3),
|
|
eq(4),
|
|
neq(5),
|
|
range(6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"noOperator(1), which is the default value, means that no
|
|
comparison is to be made with the Source TCP/UDP port
|
|
number.
|
|
lt(2) means less than.
|
|
gt(3) means greater than.
|
|
eq(4) means equal.
|
|
neq(5) means not equal."
|
|
::= { fsAceExtEntry 28 }
|
|
|
|
fsAceExtSourceProtocolPortRange OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ending value of source protocol port in IP packet of Ace flow definition. It is
|
|
significative only to those protocol which support this field. The fsAceExtSourcePortOp
|
|
must set to range(6)."
|
|
::= { fsAceExtEntry 29 }
|
|
|
|
fsAceExtDestPortOp OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
noOperator(1),
|
|
lt(2),
|
|
gt(3),
|
|
eq(4),
|
|
neq(5),
|
|
range(6)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"noOperator(1), which is the default value, means that no
|
|
comparison is to be made with the Dest TCP/UDP port
|
|
number.
|
|
lt(2) means less than.
|
|
gt(3) means greater than.
|
|
eq(4) means equal.
|
|
neq(5) means not equal."
|
|
::= { fsAceExtEntry 30 }
|
|
|
|
fsAceExtDestProtocolPortRange OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The ending value of dest protocol port in IP packet of Ace flow definition. It is
|
|
significative only to those protocol which support this field. The fsAceExtSourcePortOp
|
|
must set to range(6)."
|
|
::= { fsAceExtEntry 31 }
|
|
|
|
fsAceExtIfAnyCos OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Cos will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 32 }
|
|
|
|
fsAceExtCos OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Cos of Ace flow definition."
|
|
::= { fsAceExtEntry 33 }
|
|
|
|
fsAceExtIfAnyIpPrec OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ip precedence will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 34 }
|
|
|
|
fsAceExtIpPrec OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Ip precedence of Ace flow definition."
|
|
::= { fsAceExtEntry 35 }
|
|
|
|
fsAceExtIfAnyDscp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dscp will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 36 }
|
|
|
|
fsAceExtDscp OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dscp of Ace flow definition."
|
|
::= { fsAceExtEntry 37 }
|
|
|
|
fsAceExtIfAnyTcpFlag OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Tcp flag will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 38 }
|
|
|
|
fsAceExtTcpFlag OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Tcp flag of Ace flow definition."
|
|
::= { fsAceExtEntry 39 }
|
|
|
|
fsAceExtIfAnySourceMacAddrWildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source mac address wildcard of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 40 }
|
|
|
|
fsAceExtSourceMacAddrWildCard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece Mac address wildcard of Ace flow definition."
|
|
::= { fsAceExtEntry 41 }
|
|
|
|
fsAceExtIfAnyDestMacAddrWildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest mac address wildcard of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 42 }
|
|
|
|
fsAceExtDestMacAddrWildCard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest Mac address wildcard of Ace flow definition."
|
|
::= { fsAceExtEntry 43 }
|
|
|
|
fsAceExtIfAnySourceIp6 OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ipv6 address of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 44 }
|
|
|
|
fsAceExtSourceIp6 OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece ipv6 address of Ace flow definition."
|
|
::= { fsAceExtEntry 45 }
|
|
|
|
fsAceExtIfAnySourceIp6WildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source Ipv6 address wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 46 }
|
|
|
|
fsAceExtSourceIp6WildCard OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sourece ipv6 address wild card(in reverse ip address mask)of Ace flow definition."
|
|
::= { fsAceExtEntry 47 }
|
|
|
|
fsAceExtIfAnyDestIp6 OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest Ipv6 address of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 48 }
|
|
|
|
fsAceExtDestIp6 OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest ipv6 address of Ace flow definition."
|
|
::= { fsAceExtEntry 49 }
|
|
|
|
fsAceExtIfAnyDestIp6WildCard OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest Ipv6 address wild card of class will not be checked if this value is true."
|
|
DEFVAL{ true }
|
|
::= { fsAceExtEntry 50 }
|
|
|
|
fsAceExtDestIp6WildCard OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dest ipv6 address wild card(in reverse ip address mask)of Ace flow definition."
|
|
::= { fsAceExtEntry 51 }
|
|
|
|
-- conformance information
|
|
|
|
fsAclMIBConformance OBJECT IDENTIFIER ::= { fsAclMIB 2 }
|
|
fsAclMIBCompliances OBJECT IDENTIFIER ::= { fsAclMIBConformance 1 }
|
|
fsAclMIBGroups OBJECT IDENTIFIER ::= { fsAclMIBConformance 2 }
|
|
|
|
|
|
-- compliance statements
|
|
|
|
fsAclMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which implement
|
|
the FS Acl MIB"
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS { fsAclMIBGroup }
|
|
::= { fsAclMIBCompliances 1 }
|
|
|
|
|
|
-- units of conformance
|
|
|
|
fsAclMIBGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
fsAclName,
|
|
fsAclMode,
|
|
fsAclEntryStatus,
|
|
|
|
fsAceExtAclName,
|
|
fsAceExtIndex,
|
|
fsAceExtIfAnyVID,
|
|
fsAceExtVID,
|
|
fsAceExtIfAnySourceIp,
|
|
fsAceExtSourceIp,
|
|
fsAceExtIfAnySourceWildCard,
|
|
fsAceExtSourceWildCard,
|
|
fsAceExtIfAnySourceMacAddr,
|
|
fsAceExtSourceMacAddr,
|
|
fsAceExtIfAnyDestIp,
|
|
fsAceExtDestIp,
|
|
fsAceExtIfAnyDestWildCard,
|
|
fsAceExtDestIpWildCard,
|
|
fsAceExtIfAnyDestMacAddr,
|
|
fsAceExtDestMacAddr,
|
|
fsAceExtIfAnyEtherLikeType,
|
|
fsAceExtEtherLikeType,
|
|
fsAceExtIfAnyIpProtocolField,
|
|
fsAceExtIpProtocolField,
|
|
fsAceExtSourceProtocolPort,
|
|
fsAceExtDestProtocolPort,
|
|
fsAceExtProtocolType,
|
|
fsAceExtProtocolType,
|
|
fsAceExtFlowAction,
|
|
fsAceExtEntryStauts,
|
|
fsAceExtTimeRangeName,
|
|
fsAceExtSourcePortOp,
|
|
fsAceExtSourceProtocolPortRange,
|
|
-- fsAceExtIfAnySourceProtocolPort,
|
|
fsAceExtDestPortOp,
|
|
fsAceExtDestProtocolPortRange,
|
|
-- fsAceExtIfAnyDestProtocolPort,
|
|
fsAceExtIfAnyCos,
|
|
fsAceExtCos,
|
|
fsAceExtIfAnyIpPrec,
|
|
fsAceExtIpPrec,
|
|
fsAceExtIfAnyDscp,
|
|
fsAceExtDscp,
|
|
fsAceExtIfAnyTcpFlag,
|
|
fsAceExtTcpFlag,
|
|
fsAceExtIfAnySourceMacAddrWildCard,
|
|
fsAceExtSourceMacAddrWildCard,
|
|
fsAceExtIfAnyDestMacAddrWildCard,
|
|
fsAceExtDestMacAddrWildCard,
|
|
fsAceExtIfAnySourceIp6,
|
|
fsAceExtSourceIp6,
|
|
fsAceExtIfAnySourceIp6WildCard,
|
|
fsAceExtSourceIp6WildCard,
|
|
fsAceExtIfAnyDestIp6,
|
|
fsAceExtDestIp6,
|
|
fsAceExtIfAnyDestIp6WildCard,
|
|
fsAceExtDestIp6WildCard,
|
|
fsAclIfIndex,
|
|
fsAclIfMaxEntryNum,
|
|
fsAclIfCurruntEntryNum,
|
|
fsIfInAclName,
|
|
fsIfOutAclName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing acl (echo) ability to a
|
|
FS agent."
|
|
::= { fsAclMIBGroups 1 }
|
|
|
|
END
|