2226 lines
93 KiB
Plaintext
2226 lines
93 KiB
Plaintext
-- ============================================================================
|
|
-- Copyright (C) 2018 by HUAWEI TECHNOLOGIES. All rights reserved.
|
|
-- Description: The MIB object implements the management of the CLI and NE users.
|
|
-- Reference:
|
|
-- Version: V1.55
|
|
-- ============================================================================
|
|
HUAWEI-MNGT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
|
|
TimeTicks, IpAddress, Integer32, Unsigned32, OBJECT-TYPE, MODULE-IDENTITY,
|
|
NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
DisplayString, DateAndTime, TruthValue, RowStatus
|
|
FROM SNMPv2-TC
|
|
huaweiUtility
|
|
FROM HUAWEI-MIB
|
|
hwLogSynType
|
|
FROM HUAWEI-SNMP-NOTIFICATION-MIB
|
|
hwDev, hwConfigLockState
|
|
FROM HUAWEI-DEVICE-MIB
|
|
InetAddressType,InetAddress,InetAddressPrefixLength,InetPortNumber
|
|
FROM INET-ADDRESS-MIB
|
|
Ipv6Address
|
|
FROM IPV6-TC;
|
|
|
|
hwCliUserMgmt MODULE-IDENTITY
|
|
LAST-UPDATED "201811150000Z"
|
|
ORGANIZATION "Huawei Technologies Co.,Ltd."
|
|
CONTACT-INFO
|
|
"Huawei Industrial Base
|
|
Bantian, Longgang
|
|
Shenzhen 518129
|
|
People's Republic of China
|
|
Website: http://www.huawei.com
|
|
Email: support@huawei.com
|
|
"
|
|
DESCRIPTION
|
|
"
|
|
The MIB object implements the management of the CLI and NE users.
|
|
"
|
|
-- Revision history
|
|
REVISION "201811150000Z"
|
|
DESCRIPTION "V1.55, 1. FIREWALL IPV6 NEW."
|
|
REVISION "201811150000Z"
|
|
DESCRIPTION "V1.54,
|
|
1. Add trap node hwMngtIpv6UserLockedTrap.
|
|
2. Add trap node hwMngtIpv6UserUnlockedTrap.
|
|
3. Add the hwCliIPv6ManualUnlock to hwCliSysCmdTable"
|
|
REVISION "201809190000Z"
|
|
DESCRIPTION "V1.53, 1. Modified description in hwCliClientInetAddressType."
|
|
|
|
REVISION "201808200000Z"
|
|
DESCRIPTION "V1.52,
|
|
1. Add the hwCliClientInetAddressType to hwCliClientEntry.
|
|
2. Add the hwCliClientInetAddress to hwCliClientEntry.
|
|
3. Add the hwSourceIPv6Address to hwSysManSourceInterfaceEntry.
|
|
4. Add trap node hwMngtUserLogonStateInetTrap.
|
|
5. Add trap node hwMngtUserStateChangeInetTrap"
|
|
|
|
REVISION "201801230000Z"
|
|
DESCRIPTION "V1.51, 1. Deleted the invalid reference hwLogSynType."
|
|
|
|
REVISION "201702080000Z"
|
|
DESCRIPTION "V1.50, 1. Add the hwSourceInterfaceIPAddress to hwSysManSourceInterfaceEntry"
|
|
|
|
REVISION "201611030000Z"
|
|
DESCRIPTION "V1.49, 1. Modify the number of user login attempts in one time of the hwCliUserLogins from 16 to 20."
|
|
|
|
REVISION "201607270000Z"
|
|
DESCRIPTION "V1.48, 1. Modified the description of hwCliOnlineUserNum."
|
|
|
|
REVISION "201607140000Z"
|
|
DESCRIPTION "V1.47,
|
|
1. Add the hwCliOnlineUserNum node to hwMngtUserAlarmTrapsVbOids.
|
|
2. Add trap node hwMngtUserLogonStateTrap.
|
|
3. Add enumerate value adminVs(14) for hwUserLogMode.
|
|
4. Add enumerate value adminVs(7) for hwCliClientType."
|
|
|
|
REVISION "201512220000Z"
|
|
DESCRIPTION "V1.46, 1. Added enumerated value tftpproxy(12) in hwSysManProtocolType. "
|
|
|
|
REVISION "201411080000Z"
|
|
DESCRIPTION "V1.45,
|
|
1. Added the hwCliSysNewUserLevel node to hwMngtUserAlarmTrapsVbOids."
|
|
|
|
REVISION "201409250000Z"
|
|
DESCRIPTION "V1.44,
|
|
1. modify the description of hwCliClientID."
|
|
|
|
REVISION "201409090000Z"
|
|
DESCRIPTION "V1.43,
|
|
1. modify the description of hwSysManSourceInterfaceTable.
|
|
2. modify the description of hwSysManSourceInterfaceEntry."
|
|
|
|
REVISION "201408270000Z"
|
|
DESCRIPTION "V1.42,
|
|
1. modify the size of hwCliAuthenDefaultDomainName."
|
|
|
|
REVISION "201408190000Z"
|
|
DESCRIPTION "V1.41,
|
|
1. modify hwCliUserProfileName index types is implied index."
|
|
|
|
REVISION "201407030000Z"
|
|
DESCRIPTION "V1.40,
|
|
1. modified 'MAX-ACCESS not-accessible' to 'MAX-ACCESS accessible-for-notify' of hwCliUserName.
|
|
2. removed all hyphens (-) from enumerated values of hwCliUserDeclarSwitch.
|
|
3. removed all hyphens (-) from enumerated values of hwUserLogMode.
|
|
4. delete node hwConfigLock.
|
|
5. added enumerate value omci(5) and ethoam(6) for hwCliClientType."
|
|
|
|
REVISION "201403110000Z"
|
|
DESCRIPTION "V1.39, 1. Added enumerate value ethoam(13) for hwUserLogMode."
|
|
|
|
REVISION "201403060000Z"
|
|
DESCRIPTION "V1.38, 1. Modified the description of hwCliSysUnlockType."
|
|
|
|
REVISION "201402260000Z"
|
|
DESCRIPTION "V1.37, 1. Modified the description of hwCliUserPassword."
|
|
|
|
REVISION "201402210000Z"
|
|
DESCRIPTION "V1.36, 1. Added enumerate value toolbox(11) and toolbox-ssh(12) for hwUserLogMode."
|
|
|
|
REVISION "201311140000Z"
|
|
DESCRIPTION "V1.35, 1. add trap node hwConfigLockStateTrap."
|
|
|
|
REVISION "201311110000Z"
|
|
DESCRIPTION "V1.34, 1. Added enumerate value modem(9) and none(10) for hwUserLogMode.
|
|
2. Modify access type of hwCliSysOldUserLevel."
|
|
|
|
REVISION "201308100000Z"
|
|
DESCRIPTION "V1.33, 1. Modified the description of hwCliUserPassword."
|
|
|
|
REVISION "201308080000Z"
|
|
DESCRIPTION "V1.32, 1. Modified the description of hwCliUserPassword."
|
|
|
|
REVISION "201308080000Z"
|
|
DESCRIPTION "V1.31, 1. add trap node hwMngtUserModifyAuthTrap.
|
|
2. add hwCliSysOldUserLevel node for hwMngtUserAlarmTrapsVbOids"
|
|
|
|
REVISION "201305270000Z"
|
|
DESCRIPTION "V1.30, 1. modify the max length of the hwCliUserPassword from 32 to 64.
|
|
2. Modified the description of hwCliUserPassword."
|
|
|
|
REVISION "201305040000Z"
|
|
DESCRIPTION "V1.29, 1. Added enumerated value ipdr(11) in hwSysManProtocolType. "
|
|
|
|
REVISION "201303070000Z"
|
|
DESCRIPTION "V1.28, 1. Modified the description of hwCliSysUnlockType."
|
|
|
|
REVISION "201303070000Z"
|
|
DESCRIPTION "V1.27, 1. Added trap node hwMngtUserUnlockedTrap.
|
|
2. Added hwCliSysUnlockType node for hwCliSysPara."
|
|
|
|
REVISION "201205300000Z"
|
|
DESCRIPTION "V1.26, 1. Added trap node hwUserPasswordFaultTrap and hwUserPasswordRestoreTrap. "
|
|
|
|
REVISION "201203080000Z"
|
|
DESCRIPTION "V1.25, 1. Added enumerated value stelnet(10) in hwSysManProtocolType.
|
|
2. modify the max vale of the hwSNMPUserName from 34 to 32. "
|
|
|
|
REVISION "201202100000Z"
|
|
DESCRIPTION "V1.24, 1. Modified the description of hwCliUserNameLastDays, hwCliUserPwdLastDays, hwSourceInterfaceNumber. "
|
|
|
|
REVISION "201112150000Z"
|
|
DESCRIPTION "V1.23, 1. Added hwModemCallbackMngt node for modem callback function."
|
|
|
|
REVISION "201111300000Z"
|
|
DESCRIPTION "V1.22, added enumerate value ssh(4) for hwCliClientType."
|
|
|
|
REVISION "201011090000Z"
|
|
DESCRIPTION "V1.21, The description of this MIB is modified according to the tool."
|
|
|
|
REVISION "201008250000Z"
|
|
DESCRIPTION "V1.20, modified the contact-info and the revision history. Modified the description of leaves."
|
|
|
|
REVISION "201006170000Z"
|
|
DESCRIPTION "V1.19, 1. Modified and supplemented the description of the object.
|
|
2. Added hwUserLogMode node for DT requirements.
|
|
3. Added hwUserLogType node for trap node hwUserLogWillFullTrap.
|
|
4. Modified the OBJECTS of hwUserLogWillFullTrap as hwUserLogType."
|
|
|
|
REVISION "201005200000Z"
|
|
DESCRIPTION "V1.18, implemented DT requirements and changed the syntax and semantics of SIMPLETEST."
|
|
|
|
REVISION "201004140000Z"
|
|
DESCRIPTION "V1.17, added CliConsole table hwCliConsolePara."
|
|
|
|
REVISION "201004070000Z"
|
|
DESCRIPTION "V1.16, modified the value of hwCliAuthenDefaultDomainName.
|
|
Changed the MAX-ACCESS of hwCliUserPwdLastDays from accessible-for-notify to read-only according to simpletest rules.
|
|
Changed the state of hwCliUserTimeout from current to obsolete."
|
|
|
|
REVISION "201003030000Z"
|
|
DESCRIPTION "V1.15, implemented DT requirements and changed the syntax and semantics of SIMPLETEST."
|
|
|
|
REVISION "200901290000Z"
|
|
DESCRIPTION "V1.14, supported the definitions of standard trap nodes and associated trap parameter nodes."
|
|
|
|
REVISION "200901260000Z"
|
|
DESCRIPTION "V1.13, cleared alarms and errors of MIB BROWSER.
|
|
Added MIB description according to new requirements."
|
|
|
|
REVISION "200901200000Z"
|
|
DESCRIPTION "V1.12, added NMS user table hwSNMPUserTable."
|
|
|
|
REVISION "200807310000Z"
|
|
DESCRIPTION "V1.11, modified description of the hwCliSysLoginModifyPwd object."
|
|
|
|
REVISION "200801260000Z"
|
|
DESCRIPTION "V1.10, 1. Modified function description and creation & access constraints in hwCliUserParaTable.
|
|
2. Modified function description and creation & access constraints in hwCliClientTable.
|
|
3. Modified function description in hwCliUserProfileParaTable.
|
|
4. Modified function description in hwCliSysPara.
|
|
5. Modified function description in hwFirewallSwitchTable.
|
|
6. Modified function description in hwAccessIpTable.
|
|
7. Modified function description in hwRefuseIpTable.
|
|
8. Modified function description and constraints in hwCliSysCmdTable."
|
|
|
|
REVISION "200801090000Z"
|
|
DESCRIPTION "V1.08, added objects for unblocking users, IP addresses and legal statement."
|
|
|
|
REVISION "200711140000Z"
|
|
DESCRIPTION "V1.07, added MIB object for locking system resources."
|
|
|
|
REVISION "200705280000Z"
|
|
DESCRIPTION "V1.02, completed Interface Specifications."
|
|
|
|
REVISION "200611270000Z"
|
|
DESCRIPTION "V1.00, completed the first draft."
|
|
|
|
::= { hwDev 10 }
|
|
|
|
hwCliUserParaTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwCliUserParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
User parameter configuration table, which supports the functions of querying, adding,
|
|
deleting and modifying a user. The index of this table is hwCliUserName.
|
|
"
|
|
::= { hwCliUserMgmt 1 }
|
|
|
|
hwCliUserParaEntry OBJECT-TYPE
|
|
SYNTAX HwCliUserParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
User parameter configuration table, which supports the functions of querying, adding,
|
|
deleting and modifying a user. The index of this entry is hwCliUserName.
|
|
"
|
|
INDEX { IMPLIED hwCliUserName }
|
|
::= { hwCliUserParaTable 1 }
|
|
|
|
HwCliUserParaEntry ::=
|
|
SEQUENCE {
|
|
hwCliUserName
|
|
OCTET STRING,
|
|
hwCliUserPassword
|
|
OCTET STRING,
|
|
hwCliUserLevel
|
|
INTEGER,
|
|
hwCliUserLogins
|
|
Integer32,
|
|
hwCliUserDecr
|
|
OCTET STRING,
|
|
hwCliUserRowStatus
|
|
RowStatus,
|
|
hwCliUserprofile
|
|
OCTET STRING,
|
|
hwCliUserAccessType
|
|
INTEGER,
|
|
hwCliUserTimeout
|
|
Integer32,
|
|
hwCliUserNameLastDays
|
|
Integer32,
|
|
hwCliUserPwdLastDays
|
|
Integer32
|
|
}
|
|
|
|
hwCliUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..34))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Name of the CLI user. The user name is case
|
|
insensitive and the user name consists of 6-15 characters.
|
|
The minimum length of the name can be configured by user.
|
|
The range of the valid characters of the user name is
|
|
0x21- 0x7e and the user name cannot be 'all', 'online',
|
|
'index', or 'security'.
|
|
"
|
|
::= { hwCliUserParaEntry 1 }
|
|
|
|
hwCliUserPassword OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Password of the CLI user.
|
|
The user can directly modify the password of the CLI user and need not verify
|
|
the original password of the CLI user. The user password consists of 16 characters,
|
|
including at least one letter and one digit, and should be encrypted by MD5 or
|
|
SCRYPT. The SCRYPT encryption mode is recommended. The user password is not reported
|
|
to the NMS and a null character string is returned when the user password is queried.
|
|
"
|
|
::= { hwCliUserParaEntry 2 }
|
|
|
|
hwCliUserLevel OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
common(1),
|
|
operator(2),
|
|
administrator(3),
|
|
super(4),
|
|
guest(5),
|
|
custom(6)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The levels of CLI users.
|
|
Options:
|
|
1. common(1) -indicates the common user.
|
|
2. operator(2) -indicates the operator.
|
|
3. administrator(3) -indicates the administrator.
|
|
4. super(4) -indicates the super administrator.
|
|
5. guest(5) -indicates the guest user
|
|
6. custom(6) -indicates the custom user
|
|
The higher the user level is, the more rights the user has.
|
|
The user level must be bound to the user when the user is added.
|
|
The super administrator cannot be added.
|
|
"
|
|
::= { hwCliUserParaEntry 3 }
|
|
|
|
hwCliUserLogins OBJECT-TYPE
|
|
SYNTAX Integer32 (0..20)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The number of user login attempts in one time.
|
|
The same user name can be used for login to the device repeatedly.
|
|
For example, when two users log in to the device with the same name,
|
|
the number of times of re-login is two.
|
|
This object is used to define the number of times of re-login.
|
|
When the number of times of re-login is changed to 0,
|
|
the user is forbidden to log in to the device.
|
|
"
|
|
::= { hwCliUserParaEntry 4 }
|
|
|
|
hwCliUserDecr OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..100))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Description of CLI user.
|
|
You can add the basic information about the user,
|
|
such as the email box, telephone number, or other contact information.
|
|
"
|
|
::= { hwCliUserParaEntry 5 }
|
|
|
|
hwCliUserRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation status of CLI user, the CLI user can be added, deleted and modified.
|
|
The user level, number of times of re-login, user profile, available user password
|
|
and user description must be bound to the user when the user is added.
|
|
The online user cannot be deleted.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwCliUserParaEntry 6 }
|
|
|
|
hwCliUserprofile OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..15))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The name of user profile that CLI user belongs to.
|
|
"
|
|
::= { hwCliUserParaEntry 7 }
|
|
|
|
hwCliUserAccessType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
cli(1),
|
|
oss(2),
|
|
web(4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The user can log in to the device through the following three modes.
|
|
Options:
|
|
1. cli(1) -indicates CLI terminal.
|
|
2. oss(2) -indicates OSS terminal.
|
|
3. web(4) -indicates Web terminal.
|
|
"
|
|
DEFVAL { cli }
|
|
::= { hwCliUserParaEntry 8 }
|
|
|
|
hwCliUserTimeout OBJECT-TYPE
|
|
SYNTAX Integer32 (1..120)
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"
|
|
This object is not used any longer. Login timeout duration of the user.
|
|
If the CLI user performs no operation during a period,
|
|
the user automatically quits the system.
|
|
This object is used to query and set the login timeout duration.
|
|
"
|
|
::= { hwCliUserParaEntry 9 }
|
|
|
|
hwCliUserNameLastDays OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Service life of the user name.
|
|
The hwCliUserNameLastDays value of -1 indicates the username expired.
|
|
"
|
|
::= { hwCliUserParaEntry 10 }
|
|
|
|
hwCliUserPwdLastDays OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Service life of the user password.
|
|
The hwCliUserPwdLastDays value of -1 indicates the user password expired.
|
|
"
|
|
::= { hwCliUserParaEntry 11 }
|
|
|
|
|
|
hwCliClientTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwCliClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
CLI online user information table, which can be used to
|
|
force an online user to go offline.
|
|
The table cannot be created and deleted.
|
|
The table supports only the functions of querying the user
|
|
terminal status and forcing an online user to go offline.
|
|
The index of this table is hwCliClientID.
|
|
"
|
|
::= { hwCliUserMgmt 2 }
|
|
|
|
hwCliClientEntry OBJECT-TYPE
|
|
SYNTAX HwCliClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
CLI online user information table, which can be used to
|
|
force an online user to go offline.
|
|
The table cannot be created and deleted.
|
|
The table supports only the functions of querying the user
|
|
terminal status and forcing an online user to go offline.
|
|
The index of this entry is hwCliClientID.
|
|
"
|
|
INDEX { hwCliClientID }
|
|
::= { hwCliClientTable 1 }
|
|
|
|
HwCliClientEntry ::=
|
|
SEQUENCE {
|
|
hwCliClientID
|
|
Integer32,
|
|
hwCliClientUserName
|
|
OCTET STRING,
|
|
hwCliClientType
|
|
INTEGER,
|
|
hwCliClientIp
|
|
IpAddress,
|
|
hwCliClientLoginTime
|
|
DateAndTime,
|
|
hwCliClientAdminStatus
|
|
INTEGER,
|
|
hwCliUserIdleTimeOut
|
|
Integer32,
|
|
hwCliClientInetAddressType
|
|
InetAddressType,
|
|
hwCliClientInetAddress
|
|
InetAddress
|
|
}
|
|
|
|
hwCliClientID OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Client ID(1..255). Index object, this ID is allocated by device.
|
|
Value 255 indicates that the device does not allocate client IDs.
|
|
"
|
|
::= { hwCliClientEntry 1 }
|
|
|
|
hwCliClientUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..34))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
User name of client.
|
|
"
|
|
::= { hwCliClientEntry 2 }
|
|
|
|
hwCliClientType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
serial(1),
|
|
telnet(2),
|
|
proxy(3),
|
|
ssh(4),
|
|
omci(5),
|
|
ethoam(6),
|
|
adminVs(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Type of client. The modes of login to the client are as follows:
|
|
Options:
|
|
1. serial(1) -indicates serial port.
|
|
2. telnet(2) -indicates telnet.
|
|
3. proxy(3) -indicates proxy.
|
|
4. ssh(4) -indicates ssh.
|
|
5. omci(5) -indicates omci.
|
|
6. ethoam(6) -indicates ethoam.
|
|
7. adminVs(7) -indicates adminVs.
|
|
"
|
|
::= { hwCliClientEntry 3 }
|
|
|
|
hwCliClientIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The IP address of client.
|
|
"
|
|
::= { hwCliClientEntry 4 }
|
|
|
|
hwCliClientLoginTime OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The login time of client.
|
|
"
|
|
::= { hwCliClientEntry 5 }
|
|
|
|
hwCliClientAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
disconnect(1),
|
|
connect(-1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Admin status of client, can disconnect client.
|
|
Options:
|
|
1. disconnect(1) -indicates the user who logs in to the system in the modes
|
|
except serial port mode can be forced to go offline when
|
|
the object value is set to disconnect(1).
|
|
2. connect(-1) -indicates the user is online.
|
|
"
|
|
::= { hwCliClientEntry 6 }
|
|
|
|
hwCliUserIdleTimeOut OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This object is not used any longer.Idleness timeout duration of the online user.
|
|
When the online user is idle for a period longer than the preset time,
|
|
the online user automatically quits the system.
|
|
This object is used to set the timeout duration.
|
|
"
|
|
::= { hwCliClientEntry 7 }
|
|
|
|
hwCliClientInetAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6(2) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The type of address in hwCliClientInetAddress.
|
|
Options:
|
|
1. unknown(0) -If a user accesses through the serial port,
|
|
the IP address type is unknown(0).
|
|
2. ipv4(1) -indicates that the IP address type is ipv4.
|
|
3. ipv6(2) -indicates that the IP address type is ipv6.
|
|
"
|
|
::= { hwCliClientEntry 8 }
|
|
|
|
hwCliClientInetAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The object specifies the IP address of client.
|
|
"
|
|
::= { hwCliClientEntry 9 }
|
|
|
|
hwCliSysCmdTable OBJECT IDENTIFIER ::= { hwCliUserMgmt 3 }
|
|
|
|
hwCliUserManualUnlock OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Unlock users manually. Enter the user name to unlock the user.
|
|
"
|
|
::= { hwCliSysCmdTable 2 }
|
|
|
|
hwCliUserDeclarSwitch OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
show(1),
|
|
notShow(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The object specifies whether show the declaration after users login successfully.
|
|
Options:
|
|
1. show(1) -indicates that show the declaration after users login successfully.
|
|
2. notShow(2) -indicates that does not show the declaration after users login successfully.
|
|
"
|
|
::= { hwCliSysCmdTable 3 }
|
|
|
|
hwCliIPManualUnlock OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Unlock IP manually. Enter the IP address of the user to unlock the
|
|
user who uses the IP address to log in to the device.
|
|
"
|
|
::= { hwCliSysCmdTable 4 }
|
|
|
|
hwCliIPv6ManualUnlock OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Unlock IP manually. Enter the IPv6 address of the user to unlock the
|
|
user who uses the IPv6 address to log in to the device.
|
|
"
|
|
::= { hwCliSysCmdTable 5 }
|
|
|
|
hwTelnetMaxSessionNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The max number of simultaneous telnet sessions.
|
|
This object is used to set the maximum number of users
|
|
who can log in to the system through telnet at a time.
|
|
If the current number of users is equal to the maximum number,
|
|
the rest users cannot log in to the system through telnet.
|
|
"
|
|
::= { hwCliUserMgmt 4 }
|
|
|
|
hwCliUserProfileParaTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwCliUserProfileParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
User profile management table, which is used to query, modify, add and delete the user profile.
|
|
The user profile is a set of public user attributes, including the user name and password
|
|
validity period, permitted earliest time of login, and permitted latest time of login.
|
|
The MIB supports the functions of querying and setting the values of the preceding parameters.
|
|
A user needs to be created based on a user profile. In this case, the new user inherits the
|
|
preceding parameter values in the user profile. The index of this table is hwCliUserProfileName.
|
|
The index value is the user profile name, it uniquely identifies the user profile.
|
|
By default, four system profiles exist in the system.
|
|
The names of the four system profiles are as follows:
|
|
root, admin, operator and commonuser.
|
|
"
|
|
::= { hwCliUserMgmt 5 }
|
|
|
|
hwCliUserProfileParaEntry OBJECT-TYPE
|
|
SYNTAX HwCliUserProfileParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
User profile management table, which is used to query, modify, add and delete the user profile.
|
|
The user profile is a set of public user attributes, including the user name and password
|
|
validity period, permitted earliest time of login, and permitted latest time of login.
|
|
The MIB supports the functions of querying and setting the values of the preceding parameters.
|
|
A user needs to be created based on a user profile. In this case, the new user inherits the
|
|
preceding parameter values in the user profile. The index of this entry is hwCliUserProfileName.
|
|
The index value is the user profile name, it uniquely identifies the user profile.
|
|
By default, four system profiles exist in the system.
|
|
The names of the four system profiles are as follows:
|
|
root, admin, operator and commonuser.
|
|
"
|
|
INDEX { IMPLIED hwCliUserProfileName }
|
|
::= { hwCliUserProfileParaTable 1 }
|
|
|
|
HwCliUserProfileParaEntry ::=
|
|
SEQUENCE {
|
|
hwCliUserProfileName
|
|
OCTET STRING,
|
|
hwCliUserNameAvailableInterval
|
|
Unsigned32,
|
|
hwCliUserPwdAvailableInterval
|
|
Unsigned32,
|
|
hwCliUserLoginTime
|
|
OCTET STRING,
|
|
hwCliUserLogoutTime
|
|
OCTET STRING,
|
|
hwCliUserProfileRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hwCliUserProfileName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..15))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The name of the user profile. The name of the new profile must be different from
|
|
the names of the system profiles. The profile name consists of 1-15 characters.
|
|
"
|
|
::= { hwCliUserProfileParaEntry 1 }
|
|
|
|
|
|
hwCliUserNameAvailableInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..999)
|
|
UNITS "day"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Validity period of user name.
|
|
For example, if the validity period of the user name is 10,
|
|
it indicates that the user name cannot be used for login after ten days since it is created.
|
|
In addition, a message is displayed indicating that the user name expires, that is,
|
|
the validity period of the user name times out.
|
|
0 indicates that the user name is valid forever.
|
|
Range: 0-999
|
|
Default: 0
|
|
Unit: day
|
|
"
|
|
DEFVAL { 0 }
|
|
|
|
::= { hwCliUserProfileParaEntry 4 }
|
|
|
|
hwCliUserPwdAvailableInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..999)
|
|
UNITS "day"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Validity period of user password.
|
|
For example, if the validity period of the user password is 10,
|
|
it indicates that the user password cannot be used for login after ten days since it is created.
|
|
In addition, a message is displayed indicating that the user password expires,
|
|
that is, the validity period of the user password times out.
|
|
0 indicates that the user password is valid forever.
|
|
Range: 0-999
|
|
Default: 0
|
|
Unit: day
|
|
"
|
|
DEFVAL { 0 }
|
|
|
|
::= { hwCliUserProfileParaEntry 5 }
|
|
|
|
hwCliUserLoginTime OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (5..5))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Permitted earliest time of login. The user can log in to the system
|
|
at any time between 00:00 and 23:59.
|
|
"
|
|
::= { hwCliUserProfileParaEntry 6 }
|
|
|
|
hwCliUserLogoutTime OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (5..5))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Permitted latest time of login.
|
|
The user can log in to the system at the time from the permitted earliest time to
|
|
the permitted latest time. In other periods, the user cannot log in to the system.
|
|
"
|
|
::= { hwCliUserProfileParaEntry 7 }
|
|
|
|
hwCliUserProfileRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This object is used to operate the user profile.
|
|
The system profile cannot be modified or deleted.
|
|
When a user is bound with the user profile, the user profile cannot be modified or deleted.
|
|
The parameter settings of the user profile can be queried through the user profile name.
|
|
In addition, the information about the system profile can be queried.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwCliUserProfileParaEntry 10 }
|
|
|
|
hwCliSysPara OBJECT IDENTIFIER ::= { hwCliUserMgmt 6 }
|
|
|
|
hwCliSyslockInterval OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
UNITS "minute"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The time interval of user locked.
|
|
When the number of times of login failure reaches the preset value for locking,
|
|
the user is locked. This object is used to query and set the locking duration.
|
|
Unit: minute
|
|
DEFVAL { 15 }
|
|
"
|
|
::= { hwCliSysPara 1 }
|
|
|
|
hwCliSyslockCondition OBJECT-TYPE
|
|
SYNTAX Integer32 (1..15)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The times of login failure.
|
|
This object is used to query and set the times of login failure.
|
|
When the number of login failure reaches the preset value, the user is locked.
|
|
DEFVAL { 3 }
|
|
"
|
|
::= { hwCliSysPara 2 }
|
|
|
|
hwCliSysLoginModifyPwd OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The flag of whether the password need to be changed in the case of first login.
|
|
Options:
|
|
1. enable(1) -indicates that the password needs to be changed for the first login.
|
|
2. disable(2) -indicates that the password need not be changed for the first login.
|
|
DEFVAL { disable }
|
|
"
|
|
::= { hwCliSysPara 3 }
|
|
|
|
hwCliSysLockType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
none(0),
|
|
user(1),
|
|
ip(2),
|
|
all(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Lock type. When the number of times of repeated login failure exceeds the preset value,
|
|
the system automatically locks the user. This object is used to set the locking type.
|
|
Options:
|
|
1. none(0) -indicates that the user need not be locked.
|
|
2. user(1) -indicates that the user name is locked.
|
|
When the user logs in to the system with the user name again,
|
|
'The user has been locked and you cannot log on.' message is displayed.
|
|
3. ip(2) -indicates that the IP address with which the user logs in to the system
|
|
is locked. When the user logs in to the system with the IP address again,
|
|
the 'The IP address has been locked and you cannot log on.' message is displayed.
|
|
4. all(3) -indicates that both the user name and the IP address are locked.
|
|
DEFVAL { none }
|
|
"
|
|
|
|
::= { hwCliSysPara 4 }
|
|
|
|
hwCliSysSecurityMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The object specifies whether security mode is enable.
|
|
Options:
|
|
1. enable(1) -indicates that the security administrator,
|
|
whose name is security, can log in to the system.
|
|
2. disable(2) -indicates that the rights of user root are
|
|
separated and are assigned to user security.
|
|
User security can perform the querying operation and the operations
|
|
corresponding to the rights separated from the rights of user root.
|
|
That is, when the security mode switch is enabled(1), certain operations
|
|
that can be performed by user root originally cannot be performed by user
|
|
root but by user security. When the security mode is set to disable(2),
|
|
the rights of user root and user security are combined and all the rights
|
|
are owned by user root. In this case, user security cannot log in to the system.
|
|
DEFVAL { disable }
|
|
"
|
|
|
|
::= { hwCliSysPara 5 }
|
|
|
|
hwCliAuthenDefaultDomainName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (0..20))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Domain name in the AAA authentication mode. When the value is null,
|
|
it indicates that the authentication mode is local mode.
|
|
If the AAA authentication mode is set successfully, the system
|
|
changes to the AAA authentication mode.
|
|
"
|
|
::= { hwCliSysPara 6 }
|
|
|
|
hwCliSysUnlockType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
none(0),
|
|
user(1),
|
|
ip(2),
|
|
all(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Unlock type. When a user is unlocked manually using commands or the preset locking criteria times out,
|
|
the system generates an unlock event. This object is used to set the unlocking type.
|
|
Options:
|
|
1. none(0) -user need not be unlocked .
|
|
2. user(1) -Unlock user.
|
|
3. ip(2) -Unlock IP.
|
|
4. all(3) -Unlock user and IP.
|
|
DEFVAL { none }
|
|
"
|
|
|
|
::= { hwCliSysPara 7 }
|
|
|
|
hwSNMPUserTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwSNMPUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
NMS user management table, which supports the login and logout of the NMS user
|
|
and the function of querying the information about the online NMS user.
|
|
The index of this table is hwSNMPUserID. The index value is the user ID.
|
|
"
|
|
::= { hwCliUserMgmt 7 }
|
|
|
|
hwSNMPUserEntry OBJECT-TYPE
|
|
SYNTAX HwSNMPUserEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
NMS user management table, which supports the login and logout of the NMS user
|
|
and the function of querying the information about the online NMS user.
|
|
The index of this entry is hwSNMPUserID. The index value is the user ID.
|
|
"
|
|
INDEX { hwSNMPUserID }
|
|
::= { hwSNMPUserTable 1 }
|
|
|
|
HwSNMPUserEntry ::=
|
|
SEQUENCE {
|
|
hwSNMPUserID
|
|
Integer32,
|
|
hwSNMPUserName
|
|
OCTET STRING,
|
|
hwSNMPUserAdminStatus
|
|
INTEGER,
|
|
hwSNMPUserType
|
|
INTEGER,
|
|
hwSNMPUserIP
|
|
IpAddress
|
|
}
|
|
|
|
hwSNMPUserID OBJECT-TYPE
|
|
SYNTAX Integer32 (1..8)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
SNMP user ID(1..8) and index object.
|
|
The value that the device returns to the NMS, which uniquely identifies a user.
|
|
"
|
|
::= { hwSNMPUserEntry 1 }
|
|
|
|
hwSNMPUserName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Name of the SNMP user.
|
|
"
|
|
::= { hwSNMPUserEntry 2 }
|
|
|
|
hwSNMPUserAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
logon(1),
|
|
logoff(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
SNMP user admin status(1:logon,2:logoff).
|
|
Visual local craft terminal (LCT).
|
|
Options:
|
|
1. logon(1) -indicates that the user can be set to go online.
|
|
2. logoff(2) -indicates that the user can be set to go offline.
|
|
The user needs to be bound with the hwSNMPUserType object
|
|
when the user is set to go online.
|
|
"
|
|
::= { hwSNMPUserEntry 3 }
|
|
|
|
hwSNMPUserType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
lct(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
SNMP user type(1:lct).
|
|
Options:
|
|
1.lct(1) -indicates that visual LCT, which is an NMS user type.
|
|
"
|
|
::= { hwSNMPUserEntry 4 }
|
|
|
|
hwSNMPUserIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
IP address that SNMP user use.
|
|
"
|
|
::= { hwSNMPUserEntry 5 }
|
|
|
|
hwMngtUserAlarmTrapsVbOids OBJECT IDENTIFIER ::= { hwCliUserMgmt 8 }
|
|
|
|
hwUserAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
logon(0),
|
|
logoff(1),
|
|
logonfail(2)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The Status of the user login.
|
|
Options:
|
|
1. logon(0) -indicates that the user goes online.
|
|
2. logoff(1) -indicates that the user goes offline.
|
|
3. logonfail(2) -indicates that the user login fails.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 1 }
|
|
|
|
hwUserLogMode OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
serial(0),
|
|
clipry(1),
|
|
telnet(2),
|
|
ssh(3),
|
|
web(4),
|
|
xml(5),
|
|
nms(6),
|
|
omci(7),
|
|
lct(8),
|
|
modem(9),
|
|
none(10),
|
|
toolbox(11),
|
|
toolboxSsh(12),
|
|
ethoam(13),
|
|
adminVs(14)
|
|
}
|
|
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The modes of login to the client.
|
|
Options:
|
|
1. serial(0) -serial mode.
|
|
2. clipry(1) -clipry mode.
|
|
3. telnet(2) -telnet mode.
|
|
4. ssh(3) -ssh mode.
|
|
5. web(4) -web mode.
|
|
6. xml(5) -xml mode.
|
|
7. nms(6) -nms mode.
|
|
8. omci(7) -omci mode.
|
|
9. lct(8) -lct mode.
|
|
10. modem(9) -modem mode.
|
|
11. none(10) -none(Indicates that the user does not log in).
|
|
12. toolbox(11) -toolbox mode.
|
|
13. toolboxSsh(12) -toolbox ssh mode.
|
|
14. ethoam(13) -ethoam mode.
|
|
15. adminVs(14) -adminVs mode.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 2 }
|
|
|
|
hwUserLogType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
operating(0),
|
|
security(1)
|
|
}
|
|
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Types of the user log.
|
|
Currently, the logs are classified into two types.
|
|
Options:
|
|
1. operating(0) -indicates the operating log.
|
|
2. security(1) -indicates the security log.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 3 }
|
|
|
|
hwCliSysOldUserLevel OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
common(1),
|
|
operator(2),
|
|
administrator(3),
|
|
super(4),
|
|
guest(5),
|
|
custom(6)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The levels of CLI users.
|
|
Options:
|
|
1. common(1) -indicates the common user.
|
|
2. operator(2) -indicates the operator.
|
|
3. administrator(3) -indicates the administrator.
|
|
4. super(4) -indicates the super administrator.
|
|
5. guest(5) -indicates the guest user
|
|
6. custom(6) -indicates the custom user
|
|
The higher the user level is, the more rights the user has.
|
|
The user level must be bound to the user when the user is added.
|
|
The super administrator cannot be added.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 4 }
|
|
|
|
hwCliSysNewUserLevel OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
common(1),
|
|
operator(2),
|
|
administrator(3),
|
|
super(4),
|
|
guest(5),
|
|
custom(6)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The levels of CLI users after modification.
|
|
Options:
|
|
1. common(1) -indicates the common user.
|
|
2. operator(2) -indicates the operator.
|
|
3. administrator(3) -indicates the administrator.
|
|
4. super(4) -indicates the super administrator.
|
|
5. guest(5) -indicates the guest user
|
|
6. custom(6) -indicates the custom user
|
|
The higher the user level is, the more rights the user has.
|
|
The user level must be bound to the user when the user is added.
|
|
The super administrator cannot be added.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 5 }
|
|
|
|
hwCliOnlineUserNum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The number of online users.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsVbOids 6 }
|
|
|
|
hwMngtUserTraps OBJECT IDENTIFIER ::= { hwCliUserMgmt 9 }
|
|
|
|
hwMngtUserCommonTraps OBJECT IDENTIFIER ::= { hwMngtUserTraps 1 }
|
|
|
|
hwMngtUserCommonTrapsPrefix OBJECT IDENTIFIER ::= { hwMngtUserCommonTraps 0 }
|
|
|
|
hwMngtUserLogonStateTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientIp,
|
|
hwUserAdminStatus,
|
|
hwCliOnlineUserNum
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the user login or logoff.
|
|
"
|
|
::= { hwMngtUserCommonTrapsPrefix 1 }
|
|
|
|
hwMngtUserLogonStateInetTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientInetAddress,
|
|
hwUserAdminStatus,
|
|
hwCliOnlineUserNum
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the user login or logoff.
|
|
"
|
|
::= { hwMngtUserCommonTrapsPrefix 2 }
|
|
|
|
hwMngtUserAlarmTraps OBJECT IDENTIFIER ::= { hwMngtUserTraps 2 }
|
|
|
|
hwMngtUserAlarmTrapsPrefix OBJECT IDENTIFIER ::= { hwMngtUserAlarmTraps 0 }
|
|
|
|
hwUserLogWillFullTrap NOTIFICATION-TYPE
|
|
OBJECTS { hwUserLogType }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the system log database will be full.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 1 }
|
|
|
|
hwMngtUserLockedTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientIp,
|
|
hwCliSysLockType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the managing user of the equipment is locked.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 2 }
|
|
|
|
hwMngtUserStateChangeTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientIp,
|
|
hwUserAdminStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the maintenance user's state changes.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 3 }
|
|
|
|
hwMngtUserNameWillExpireTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwCliUserNameLastDays
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the user name will expire soon.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 4 }
|
|
|
|
hwMngtUserPasswordWillExpireTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwCliUserPwdLastDays
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the user password will expire soon.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 5 }
|
|
|
|
hwUserPasswordFaultTrap NOTIFICATION-TYPE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap is sent when the default password for user root is not changed.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 6 }
|
|
|
|
hwUserPasswordRestoreTrap NOTIFICATION-TYPE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap is sent when the default password for user root is changed.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 7 }
|
|
|
|
hwMngtUserUnlockedTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwCliClientIp,
|
|
hwCliSysUnlockType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the managing user of the equipment is unlocked.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 8 }
|
|
|
|
hwMngtUserModifyAuthTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwCliSysOldUserLevel,
|
|
hwCliSysNewUserLevel
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the managing user change the permissions .
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 9 }
|
|
|
|
hwConfigLockStateTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwConfigLockState
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when user change the config lock state.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 10 }
|
|
|
|
hwMngtUserStateChangeInetTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientInetAddress,
|
|
hwUserAdminStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the maintenance user's state changes.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 11 }
|
|
|
|
hwMngtIpv6UserLockedTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwUserLogMode,
|
|
hwCliClientInetAddress,
|
|
hwCliSysLockType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the managing user of the equipment is locked.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 12 }
|
|
|
|
hwMngtIpv6UserUnlockedTrap NOTIFICATION-TYPE
|
|
OBJECTS
|
|
{
|
|
hwCliUserName,
|
|
hwCliClientInetAddress,
|
|
hwCliSysUnlockType
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
This trap message is reported when the managing user of the equipment is unlocked.
|
|
"
|
|
::= { hwMngtUserAlarmTrapsPrefix 13 }
|
|
|
|
hwCliConsolePara OBJECT IDENTIFIER ::= { hwCliUserMgmt 10 }
|
|
|
|
hwCliConsoleSwitch OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Enable/disable management serial port.
|
|
Options:
|
|
1. enable(1) -indicates that the serial port is in the open state
|
|
and the serial port is available.
|
|
2. disable(2) -indicates that the serial port is in the shutdown state
|
|
and the serial port is unavailable.
|
|
"
|
|
::= { hwCliConsolePara 1 }
|
|
|
|
hwSysManFirewall OBJECT IDENTIFIER ::= { hwDev 12 }
|
|
|
|
hwFirewallSwitchTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFirewallSwitchEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Firewall switch table, which supports the functions of querying,
|
|
enabling and disabling the protocol-type firewall switch.
|
|
The index of this table is hwFirewallProtocolType.
|
|
"
|
|
::= { hwSysManFirewall 1 }
|
|
|
|
hwFirewallSwitchEntry OBJECT-TYPE
|
|
SYNTAX HwFirewallSwitchEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Firewall switch table, which supports the functions of querying,
|
|
enabling and disabling the protocol-type firewall switch.
|
|
The index of this entry is hwFirewallProtocolType.
|
|
"
|
|
INDEX { hwFirewallProtocolType }
|
|
::= { hwFirewallSwitchTable 1 }
|
|
|
|
HwFirewallSwitchEntry ::=
|
|
SEQUENCE {
|
|
hwFirewallProtocolType
|
|
INTEGER,
|
|
hwFirewallSwitch
|
|
INTEGER
|
|
}
|
|
|
|
hwFirewallProtocolType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
telnet(1),
|
|
ssh(2),
|
|
snmp(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Index object, index of the hwFirewallSwitchTable object.
|
|
Options:
|
|
1.telnet(1) -indicates that the firewall protocols is telnet.
|
|
2.ssh(2) -indicates that the firewall protocols is ssh.
|
|
3.snmp(3) -indicates that the firewall protocols is snmp.
|
|
"
|
|
::= { hwFirewallSwitchEntry 1 }
|
|
|
|
hwFirewallSwitch OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Firewall switch.
|
|
Options:
|
|
1. enable(1) -indicates that when the device needs to control the protocol used to access the device,
|
|
this command can be executed to enable(1) the firewall switch of the protocol.
|
|
After the firewall switch of the protocol is enabled(1), the device can control the operator
|
|
who accesses the device with the protocol and reject the access of the operator
|
|
whose IP address is not in the permitted address segment.
|
|
2. disable(2)-indicates that if the operator is already online, the device forces the operator to go offline.
|
|
The firewall switch can be disabled when the firewall switch mode is set to disable(2).
|
|
After the firewall switch is disabled(2), the device does not control the operator who
|
|
accesses the device with the protocol.
|
|
By default, the firewall in the system is in the disabled state.
|
|
"
|
|
DEFVAL { disable }
|
|
::= { hwFirewallSwitchEntry 2 }
|
|
|
|
hwAccessIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Access IP table, which supports the functions of querying, adding
|
|
and deleting the access IP table of a specified protocol.
|
|
The access IP table is used to configure the address segments
|
|
of the accessible devices under the specified protocol.
|
|
This can prevent the invalid users from logging in to the device, that is,
|
|
the operators whose IP addresses are not in the address segments
|
|
and access protocols do not meet the requirements cannot access the device.
|
|
The indexes of this table are hwFirewallProtocolType and hwAccessIpStartAddr.
|
|
For the hwFirewallProtocolType object, refer to hwFirewallSwitchTable.
|
|
hwAccessIpTable is used for configuring a list of accessible IP addresses.
|
|
The IP address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchTable is enabled.
|
|
"
|
|
::= { hwSysManFirewall 2 }
|
|
|
|
hwAccessIpEntry OBJECT-TYPE
|
|
SYNTAX HwAccessIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Access IP table, which supports the functions of querying, adding
|
|
and deleting the access IP table of a specified protocol.
|
|
The access IP table is used to configure the address segments
|
|
of the accessible devices under the specified protocol.
|
|
This can prevent the invalid users from logging in to the device, that is,
|
|
the operators whose IP addresses are not in the address segments
|
|
and access protocols do not meet the requirements cannot access the device.
|
|
The indexes of this entry are hwFirewallProtocolType and hwAccessIpStartAddr.
|
|
For the hwFirewallProtocolType object, refer to hwFirewallSwitchTable.
|
|
hwAccessIpTable is used for configuring a list of accessible IP addresses.
|
|
The IP address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchTable is enabled.
|
|
"
|
|
INDEX { hwFirewallProtocolType, hwAccessIpStartAddr }
|
|
::= { hwAccessIpTable 1 }
|
|
|
|
HwAccessIpEntry ::=
|
|
SEQUENCE {
|
|
hwAccessIpStartAddr
|
|
IpAddress,
|
|
hwAccessIpEndAddr
|
|
IpAddress,
|
|
hwAccessIpRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
|
|
hwAccessIpStartAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Start IP address of one record in access Ip table.
|
|
The IP address in the new record of the table must be valid,
|
|
that is, the IP address is not a class 0 address or class D address.
|
|
The record in which the start address is the same as the existing one
|
|
cannot be added to the table.
|
|
"
|
|
::= { hwAccessIpEntry 1 }
|
|
|
|
hwAccessIpEndAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
End IP address of one record in access Ip table.
|
|
The new IP address must be valid, that is,
|
|
the IP address is not a class 0 address or class D address.
|
|
The record in which the end address is smaller than the start
|
|
address cannot be added and each protocol supports a maximum of 10 IP addresses.
|
|
"
|
|
::= { hwAccessIpEntry 2 }
|
|
|
|
hwAccessIpRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation status of row.
|
|
The specified protocol type and the start and end addresses in
|
|
the start address permitting table can be modified.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwAccessIpEntry 3 }
|
|
|
|
hwRefuseIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwRefuseIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Refuse IP table. The table is used to configure the address segment
|
|
(under a specified protocol) with which the user cannot access the device.
|
|
This can prevent the invalid users from logging in to the device.
|
|
After address segment is configured in the table, the operators
|
|
with the IP addresses in the address segment cannot access the device.
|
|
The indexes of this table are hwFirewallProtocolType and hwRefuseIpStartAddr.
|
|
For the hwFirewallProtocolType object, refer to hwFirewallSwitchTable.
|
|
hwRefuseIpTable is used for configuring a list of prohibited IP addresses.
|
|
The IP address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchTable is enabled.
|
|
"
|
|
::= { hwSysManFirewall 3 }
|
|
|
|
hwRefuseIpEntry OBJECT-TYPE
|
|
SYNTAX HwRefuseIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Refuse IP table. The table is used to configure the address segment
|
|
(under a specified protocol) with which the user cannot access the device.
|
|
This can prevent the invalid users from logging in to the device.
|
|
After address segment is configured in the table, the operators
|
|
with the IP addresses in the address segment cannot access the device.
|
|
The indexes of this entry are hwFirewallProtocolType and hwRefuseIpStartAddr.
|
|
For the hwFirewallProtocolType object, refer to hwFirewallSwitchTable.
|
|
hwRefuseIpTable is used for configuring a list of prohibited IP addresses.
|
|
The IP address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchTable is enabled.
|
|
"
|
|
INDEX { hwFirewallProtocolType, hwRefuseIpStartAddr }
|
|
::= { hwRefuseIpTable 1 }
|
|
|
|
HwRefuseIpEntry ::=
|
|
SEQUENCE {
|
|
hwRefuseIpStartAddr
|
|
IpAddress,
|
|
hwRefuseIpEndAddr
|
|
IpAddress,
|
|
hwRefuseIpRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hwRefuseIpStartAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Start IP address of one record in refuse Ip table.
|
|
The IP address in the new record of the table must be valid,
|
|
that is, the IP address is neither a class 0 address nor class D address.
|
|
The record in which the start address is the same as the existing
|
|
one cannot be added to the table.
|
|
"
|
|
::= { hwRefuseIpEntry 1}
|
|
|
|
hwRefuseIpEndAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
End IP address of one record in refuse Ip table.
|
|
The IP address in the new record of the table must be valid, that is,
|
|
the IP address is not a class 0 address or class D address.
|
|
The record in which the end address is smaller than the start address
|
|
cannot be added and each protocol supports a maximum of 10 IP addresses.
|
|
"
|
|
::= { hwRefuseIpEntry 2}
|
|
|
|
hwRefuseIpRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation status of row.
|
|
The specified protocol type and the start and end addresses in the
|
|
start address rejecting table can be modified.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwRefuseIpEntry 3 }
|
|
|
|
hwFirewallSwitchV6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFirewallSwitchV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
IPv6 Firewall switch table, which supports the functions of querying,
|
|
enabling and disabling the protocol-type firewall switch.
|
|
The index of this table is hwFirewallV6ProtocolType.
|
|
"
|
|
::= { hwSysManFirewall 4 }
|
|
|
|
hwFirewallSwitchV6Entry OBJECT-TYPE
|
|
SYNTAX HwFirewallSwitchV6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
IPv6 Firewall switch table, which supports the functions of querying,
|
|
enabling and disabling the protocol-type firewall switch.
|
|
The index of this entry is hwFirewallV6ProtocolType.
|
|
"
|
|
INDEX { hwFirewallV6ProtocolType }
|
|
::= { hwFirewallSwitchV6Table 1 }
|
|
|
|
HwFirewallSwitchV6Entry ::=
|
|
SEQUENCE {
|
|
hwFirewallV6ProtocolType
|
|
INTEGER,
|
|
hwFirewallSwitchV6
|
|
INTEGER
|
|
}
|
|
|
|
hwFirewallV6ProtocolType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
telnet(1),
|
|
ssh(2),
|
|
snmp(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Index object, index of the hwFirewallSwitchV6Table object.
|
|
Options:
|
|
1.telnet(1) -indicates that the IPv6 firewall protocols is telnet.
|
|
2.ssh(2) -indicates that the IPv6 firewall protocols is ssh.
|
|
3.snmp(3) -indicates that the IPv6 firewall protocols is snmp.
|
|
"
|
|
::= { hwFirewallSwitchV6Entry 1 }
|
|
|
|
hwFirewallSwitchV6 OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Firewall switch.
|
|
Options:
|
|
1. enable(1) -indicates that when the device needs to control the protocol used to access the device,
|
|
this command can be executed to enable(1) the firewall switch of the protocol.
|
|
After the IPv6 firewall switch of the protocol is enabled(1), the device can control the operator
|
|
who accesses the device with the protocol and reject the access of the operator
|
|
whose IP address is not in the permitted address segment.
|
|
2. disable(2)-indicates that if the operator is already online, the device forces the operator to go offline.
|
|
The firewall switch can be disabled when the firewall switch mode is set to disable(2).
|
|
After the IPv6 firewall switch is disabled(2), the device does not control the operator who
|
|
accesses the device with the protocol.
|
|
By default, the firewall in the system is in the disabled state.
|
|
"
|
|
DEFVAL { disable }
|
|
::= { hwFirewallSwitchV6Entry 2 }
|
|
|
|
hwAccessIpv6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Access IPv6 table, which supports the functions of querying, adding
|
|
and deleting the access IPv6 table of a specified protocol.
|
|
The access IPv6 table is used to configure the address segments
|
|
of the accessible devices under the specified protocol.
|
|
This can prevent the invalid users from logging in to the device, that is,
|
|
the operators whose IPv6 addresses are not in the address segments
|
|
and access protocols do not meet the requirements cannot access the device.
|
|
The indexes of this table are hwFirewallV6ProtocolType and hwAccessIpv6StartAddr.
|
|
For the hwFirewallV6ProtocolType object, refer to hwFirewallSwitchV6Table.
|
|
hwAccessIpv6Table is used for configuring a list of accessible IPv6 addresses.
|
|
The IPv6 address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchV6Table is enabled.
|
|
"
|
|
::= { hwSysManFirewall 5 }
|
|
|
|
hwAccessIpv6Entry OBJECT-TYPE
|
|
SYNTAX HwAccessIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Access IPv6 table, which supports the functions of querying, adding
|
|
and deleting the access IPv6 table of a specified protocol.
|
|
The access IPv6 table is used to configure the address segments
|
|
of the accessible devices under the specified protocol.
|
|
This can prevent the invalid users from logging in to the device, that is,
|
|
the operators whose IP addresses are not in the address segments
|
|
and access protocols do not meet the requirements cannot access the device.
|
|
The indexes of this entry are hwFirewallV6ProtocolType and hwAccessIpv6StartAddr.
|
|
For the hwFirewallV6ProtocolType object, refer to hwFirewallSwitchV6Table.
|
|
hwAccessIpv6Table is used for configuring a list of accessible IPv6 addresses.
|
|
The IPv6 address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchV6Table is enabled.
|
|
"
|
|
INDEX { hwFirewallV6ProtocolType, hwAccessIpv6StartAddr }
|
|
::= { hwAccessIpv6Table 1 }
|
|
|
|
HwAccessIpv6Entry ::=
|
|
SEQUENCE {
|
|
hwAccessIpv6StartAddr
|
|
Ipv6Address,
|
|
hwAccessIpv6EndAddr
|
|
Ipv6Address,
|
|
hwAccessIpv6RowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hwAccessIpv6StartAddr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Start IPv6 address of one record in access IPv6 table.
|
|
The IPv6 address in the new record of the table must be valid.
|
|
The record in which the start address is the same as the existing one
|
|
cannot be added to the table.
|
|
"
|
|
::= { hwAccessIpv6Entry 1 }
|
|
|
|
hwAccessIpv6EndAddr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
End IPv6 address of one record in access IPv6 table.
|
|
The new IPv6 address must be valid, that is.
|
|
The record in which the end address is smaller than the start
|
|
address cannot be added and each protocol supports a maximum of 10 IPv6 addresses.
|
|
"
|
|
::= { hwAccessIpv6Entry 2 }
|
|
|
|
hwAccessIpv6RowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation status of row.
|
|
The specified protocol type and the start and end addresses in
|
|
the start address permitting table can be modified.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwAccessIpv6Entry 3 }
|
|
|
|
hwRefuseIpv6Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwRefuseIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Refuse IPv6 table. The table is used to configure the address segment
|
|
(under a specified protocol) with which the user cannot access the device.
|
|
This can prevent the invalid users from logging in to the device.
|
|
After address segment is configured in the table, the operators
|
|
with the IPv6 addresses in the address segment cannot access the device.
|
|
The indexes of this table are hwFirewallV6ProtocolType and hwRefuseIpv6StartAddr.
|
|
For the hwFirewallV6ProtocolType object, refer to hwFirewallSwitchV6Table.
|
|
hwRefuseIpv6Table is used for configuring a list of prohibited IPv6 addresses.
|
|
The IPv6 address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchV6Table is enabled.
|
|
"
|
|
::= { hwSysManFirewall 6 }
|
|
|
|
hwRefuseIpv6Entry OBJECT-TYPE
|
|
SYNTAX HwRefuseIpv6Entry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Refuse IPv6 table. The table is used to configure the address segment
|
|
(under a specified protocol) with which the user cannot access the device.
|
|
This can prevent the invalid users from logging in to the device.
|
|
After address segment is configured in the table, the operators
|
|
with the IPv6 addresses in the address segment cannot access the device.
|
|
The indexes of this entry are hwFirewallV6ProtocolType and hwRefuseIpv6StartAddr.
|
|
For the hwFirewallV6ProtocolType object, refer to hwFirewallSwitchV6Table.
|
|
hwRefuseIpv6Table is used for configuring a list of prohibited IPv6 addresses.
|
|
The IPv6 address list takes effect only when the protocol corresponding to
|
|
hwFirewallSwitchV6Table is enabled.
|
|
"
|
|
INDEX { hwFirewallV6ProtocolType, hwRefuseIpv6StartAddr }
|
|
::= { hwRefuseIpv6Table 1 }
|
|
|
|
HwRefuseIpv6Entry ::=
|
|
SEQUENCE {
|
|
hwRefuseIpv6StartAddr
|
|
Ipv6Address,
|
|
hwRefuseIpv6EndAddr
|
|
Ipv6Address,
|
|
hwRefuseIpv6RowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hwRefuseIpv6StartAddr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Start IPv6 address of one record in refuse IPv6 table.
|
|
The IPv6 address in the new record of the table must be valid.
|
|
The record in which the start address is the same as the existing
|
|
one cannot be added to the table.
|
|
"
|
|
::= { hwRefuseIpv6Entry 1}
|
|
|
|
hwRefuseIpv6EndAddr OBJECT-TYPE
|
|
SYNTAX Ipv6Address
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
End IPv6 address of one record in refuse IPv6 table.
|
|
The IPv6 address in the new record of the table must be valid, that is.
|
|
The record in which the end address is smaller than the start address
|
|
cannot be added and each protocol supports a maximum of 10 IP addresses.
|
|
"
|
|
::= { hwRefuseIpv6Entry 2}
|
|
|
|
hwRefuseIpv6RowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation status of row.
|
|
The specified protocol type and the start and end addresses in the
|
|
start address rejecting table can be modified.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwRefuseIpv6Entry 3 }
|
|
|
|
hwSysManSourceInterface OBJECT IDENTIFIER ::= { hwDev 19 }
|
|
|
|
hwSysManSourceInterfaceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwSysManSourceInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Sysman source interface table.
|
|
The table is used to configure the source interfaces under the protocols
|
|
such as SNMP trap, TFTP, FTP, SFTP, Telnet, Ping and Tracert.
|
|
The addresses of the Loopback, meth and VLANIF interfaces can be used as
|
|
the source addresses from which the system sends packets.
|
|
The system uses the bound interface address as the source address to send
|
|
the protocol packet. The index of this table is hwSysManProtocolType.
|
|
"
|
|
::= { hwSysManSourceInterface 1 }
|
|
|
|
hwSysManSourceInterfaceEntry OBJECT-TYPE
|
|
SYNTAX HwSysManSourceInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Sysman source interface table.
|
|
The table is used to configure the source interfaces under the protocols
|
|
such as SNMP trap, TFTP, FTP, SFTP, Telnet, Ping and Tracert.
|
|
The addresses of the Loopback, meth and VLANIF interfaces can be used as
|
|
the source addresses from which the system sends packets.
|
|
The system uses the bound interface address as the source address to send
|
|
the protocol packet. The index of this entry is hwSysManProtocolType.
|
|
"
|
|
INDEX { hwSysManProtocolType }
|
|
::= { hwSysManSourceInterfaceTable 1 }
|
|
|
|
HwSysManSourceInterfaceEntry ::=
|
|
SEQUENCE {
|
|
hwSysManProtocolType
|
|
INTEGER,
|
|
hwSourceInterfaceType
|
|
INTEGER,
|
|
hwSourceInterfaceNumber
|
|
Integer32,
|
|
hwSourceInterfaceIPAddress
|
|
IpAddress,
|
|
hwSourceIPv6Address
|
|
InetAddress
|
|
}
|
|
|
|
hwSysManProtocolType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
trap(1),
|
|
syslog(2),
|
|
tftp(3),
|
|
ftp(4),
|
|
sftp(5),
|
|
telnet(6),
|
|
ping(7),
|
|
tracert(8),
|
|
license(9),
|
|
stelnet(10),
|
|
ipdr(11),
|
|
tftpproxy(12)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Application-layer packet type.
|
|
Options:
|
|
1. trap(1) -indicates the trap packet.
|
|
2. syslog(2) -indicates the syslog packet.
|
|
3. tftp(3) -indicates the tftp packet.
|
|
4. ftp(4) -indicates the ftp packet.
|
|
5. sftp(5) -indicates the sftp packet.
|
|
6. telnet(6) -indicates the telnet packet.
|
|
7. ping(7) -indicates the ping packet.
|
|
8. tracert(8) -indicates the tracert packet.
|
|
9. license(9) -indicates the license packet.
|
|
10.stelnet(10)-indicates the stelnet packet.
|
|
11.ipdr(11) -indicates the ipdr packet.
|
|
12.tftpproxy(12)-indicates the tftp-proxy packet.
|
|
"
|
|
::= { hwSysManSourceInterfaceEntry 1}
|
|
|
|
hwSourceInterfaceType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
auto(1),
|
|
loopback(2),
|
|
meth(3),
|
|
vlanif(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Source interface type, which is used with the interface number to
|
|
determine the interface from which packets are sent.
|
|
Options:
|
|
1. auto(1) -indicates the function of automatically searching for
|
|
the source interface according to the route.
|
|
2. loopback(2) -indicates the loopback interface.
|
|
3. meth(3) -indicates the meth interface.
|
|
4. vlanif(4) -indicates the vlanif interface.
|
|
"
|
|
DEFVAL { auto }
|
|
::= { hwSysManSourceInterfaceEntry 2}
|
|
|
|
hwSourceInterfaceNumber OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Source interface number, which is the interface number under the source interface type object
|
|
and is used with the interface type to determine the interface from which packets are sent.
|
|
The hwSourceInterfaceNumber value of -1 indicates the source interface is not configured.
|
|
"
|
|
::= { hwSysManSourceInterfaceEntry 3 }
|
|
|
|
hwSourceInterfaceIPAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Source interface ip address, which is the ip address set by user directly for the the source interface type object.
|
|
Currently this node is only used for tftp-proxy,which means other protocol doesn't support this operation.
|
|
0.0.0.0 - indicates the IP address is not configured for the corresponding protocol.
|
|
"
|
|
::= { hwSysManSourceInterfaceEntry 4 }
|
|
|
|
|
|
hwSourceIPv6Address OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Source interface ipv6 address, which is the ipv6 address set by user directly for the source interface type object.
|
|
Currently this node is used for tftp, ftp, sftp, telnet, stelnet, trap, syslog.
|
|
"
|
|
::= { hwSysManSourceInterfaceEntry 5 }
|
|
|
|
hwModemCallbackMngt OBJECT IDENTIFIER ::= { hwCliUserMgmt 11 }
|
|
|
|
hwModemCallbackSwitch OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
The object specifies whether callback function is enable.
|
|
Options:
|
|
1. enable(1) -indicates that the callback function is enable.
|
|
2. disable(2) -indicates that the callback function is disable.
|
|
Default: disable(2)
|
|
"
|
|
::= { hwModemCallbackMngt 1 }
|
|
|
|
hwModemCallbackMngtTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwModemCallbackMngtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The callback security configuration table.
|
|
This table is used to manage the callback telephone numbers and passwords.
|
|
The index of this table is hwModemCallbackIndex."
|
|
::= { hwModemCallbackMngt 2 }
|
|
|
|
hwModemCallbackMngtEntry OBJECT-TYPE
|
|
SYNTAX HwModemCallbackMngtEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The callback security configuration table.
|
|
This table is used to manage the callback telephone numbers and passwords.
|
|
The index of this entry is hwModemCallbackIndex."
|
|
INDEX { hwModemTelNumber }
|
|
::= { hwModemCallbackMngtTable 1 }
|
|
|
|
HwModemCallbackMngtEntry ::=
|
|
SEQUENCE {
|
|
hwModemTelNumber
|
|
DisplayString,
|
|
hwModemPassword
|
|
DisplayString,
|
|
hwModemCallbackRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
hwModemTelNumber OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..20))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Telephone number"
|
|
::= { hwModemCallbackMngtEntry 1 }
|
|
|
|
hwModemPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"User password. The password must be cipher encrypted by MD5,
|
|
it consists of 16 characters."
|
|
::= { hwModemCallbackMngtEntry 2 }
|
|
|
|
hwModemCallbackRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"
|
|
Operation user configration of the modem callback function, the user configration
|
|
can be added and deleted.
|
|
The user telephone number and password must be bound when the user is added.
|
|
The exist telephone number or password cannot be added.
|
|
createAndGo(4) is supplied to create a new instance of a conceptual row.
|
|
destroy(6) is supplied to delete the instances associated with an existing conceptual row.
|
|
"
|
|
::= { hwModemCallbackMngtEntry 3 }
|
|
|
|
END
|
|
|
|
--
|
|
-- HUAWEI-MNGT-MIB.mib
|
|
--
|