WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/zte/ZTE-AN-SECURITY-SERVICE-MIB

2107 lines
77 KiB
Plaintext
Raw Permalink Blame History

--------------------------------------------------------------------------------
-- File Name : ZTE-AN-SECURITY-SERVICE-MIB.mib
-- Date : 2008-06-17
-- Author : ZTE Nms dept.
--
-- Zte Service Mib for Access Node
--
--
--------------------------------------------------------------------------------
ZTE-AN-SECURITY-SERVICE-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
NOTIFICATION-TYPE, Integer32 FROM SNMPv2-SMI
MacAddress,TruthValue,RowStatus FROM SNMPv2-TC
ifIndex FROM RFC1213-MIB
ZxAnIfindex FROM ZTE-AN-TC-MIB
InetAddress,InetAddressType,InetAddressPrefixLength FROM INET-ADDRESS-MIB
zxAn, VlanId FROM ZTE-AN-TC-MIB;
zxAnSecSvcMib MODULE-IDENTITY
LAST-UPDATED "200806171630Z"
ORGANIZATION "ZTE Corporation"
CONTACT-INFO "Guo Jingwen
Mail: guo.jingwen@zte.com.cn
Tel : 021-68897124"
DESCRIPTION "This MIB defines zte Access Node managed objects."
::= { zxAn 11 }
zxAnSecSvcObjects OBJECT IDENTIFIER ::= { zxAnSecSvcMib 1 }
zxAnSecSvcTrapObjects OBJECT IDENTIFIER ::= { zxAnSecSvcMib 2 }
--------------------------------------------------------------------------------
-- Following objects are defined.
-- 1.Security Mgmt
-- 1.7 IP Source Guard Mgmt
-- 1.8 Reserved MAC Mgmt
-- 1.9 L2CP Mgmt
-- 1.10 Ipv6Filter Mgmt
-- 2.Trap
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
-- 1.Security Mgmt
--------------------------------------------------------------------------------
zxAnSecSvcAntiAttack OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 1 }
zxAnSecSvcPktLimit OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 2 }
zxAnSecSvcMacAntiSnoofing OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 3 }
zxAnSecSvcPrivateNetwork OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 4 }
-- zxAnSecSvcVlanTable OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 5 }
zxAnSecSvcIpSourceGuard OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 7 }
zxAnSecSvcReservedMac OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 8 }
zxAnSecSvcL2cp OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 9 }
zxAnSecSvcIpv6Filter OBJECT IDENTIFIER ::= { zxAnSecSvcObjects 10}
--------------------------------------------------------------------------------
-- 1.1 Security Mgmt-AntiAttack
--------------------------------------------------------------------------------
zxAnSecSvcAntiDosMgmt OBJECT IDENTIFIER ::= { zxAnSecSvcAntiAttack 1 }
zxAnSecSvcAntiDosAdminState OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the anti-dos.If the state is disable,
anti-dos doesnot work up,and also there will be not any alarm
raised."
DEFVAL { disable }
::= { zxAnSecSvcAntiDosMgmt 1 }
zxAnSecSvcAntiDosDropState OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired state of the drop packets.If the state is enable,
system will discard packets from MAC which in blacklist."
DEFVAL { disable }
::= { zxAnSecSvcAntiDosMgmt 2 }
zxAnSecSvcAntiDosCurrentPackets OBJECT-TYPE
SYNTAX Integer32
UNITS "pps"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current packets per second that system checking."
::= { zxAnSecSvcAntiDosMgmt 3 }
zxAnSecSvcAntiDosAscThreshold OBJECT-TYPE
SYNTAX Integer32
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The threshold that if current packets per second over it, system
will put the source MAC of packet into blacklist and raise a
alarm."
::= { zxAnSecSvcAntiDosMgmt 4 }
zxAnSecSvcAntiDosDescThreshold OBJECT-TYPE
SYNTAX Integer32
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The threshold that if current packets per second below it, system
will remove the source MAC of packet from blacklist and raise a
alarm restore."
::= { zxAnSecSvcAntiDosMgmt 5 }
zxAnSecSvcAntiDosSourceMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source MAC of packets,which will put into blacklist or remove
from blaklist."
::= { zxAnSecSvcAntiDosMgmt 6 }
zxAnSecSvcAntiDosPortVlan OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The port VLAN that attack packet from."
::= { zxAnSecSvcAntiDosMgmt 7 }
zxAnSecSvrAntiDosBlockDuration OBJECT-TYPE
SYNTAX Integer32(1..600)
UNITS "Seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Blocking duration indicates how long the packet which the source
MAC address is in the blacklist is blocked.
When zxAnSecSvcAntiDosDropState is enabled(1), the blocked
packets will be discarded."
DEFVAL { 1 }
::= { zxAnSecSvcAntiDosMgmt 8 }
zxAnSecAntiDosPktLmtByHwEnable OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable/disable the packet limit by hardware."
DEFVAL { disabled }
::= { zxAnSecSvcAntiDosMgmt 9 }
zxAnSecAntiDosVportShutdownDur OBJECT-TYPE
SYNTAX Integer32(0..60)
UNITS "Seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"VPort shutdown duration.
The VPort will be shutdown when receiving the packets which the
source MAC address is in the blacklist.
Value 0 means not to shutdown VPort."
DEFVAL { 0 }
::= { zxAnSecSvcAntiDosMgmt 10 }
--------------------------------------------------------------------------------
-- 1.2 MAC Snoofing Mgmt
--------------------------------------------------------------------------------
zxAnMasEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable or disable Mac drift.1-truth,2-false.
"
DEFVAL { 1 }
::= { zxAnSecSvcMacAntiSnoofing 1 }
zxAnMasUplinkProtectEnable OBJECT-TYPE
SYNTAX INTEGER
{
nniprotectenable(1),
nniprotectdisable(2),
uniprotect(3),
unimacprotect(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable or disable uplink protect Mac drift."
DEFVAL { nniprotectenable }
::= { zxAnSecSvcMacAntiSnoofing 2 }
zxAnGlobalMacAntiSpfMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnGlobalMacAntiSpfMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcMacAntiSnoofing 3 }
zxAnGlobalMacAntiSpfMacEntry OBJECT-TYPE
SYNTAX ZxAnGlobalMacAntiSpfMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing anti drift mac address information."
INDEX { zxAnGlobalMacAntiSpfMacAddress }
::= { zxAnGlobalMacAntiSpfMacTable 1 }
ZxAnGlobalMacAntiSpfMacEntry ::= SEQUENCE {
zxAnGlobalMacAntiSpfMacAddress MacAddress,
zxAnGlobalMacAntiSpfMacRowStatus RowStatus
}
zxAnGlobalMacAntiSpfMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"MAC address"
::= { zxAnGlobalMacAntiSpfMacEntry 1 }
zxAnGlobalMacAntiSpfMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry."
::= { zxAnGlobalMacAntiSpfMacEntry 50}
zxAnSecSvcMacAntiSpfGlobalObject OBJECT IDENTIFIER
::= { zxAnSecSvcMacAntiSnoofing 50 }
zxAnMasMacMoveReportEnable OBJECT-TYPE
SYNTAX INTEGER
{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable or disable zxAnIfMacDriftTrap and
zxAnIfMacAntiDriftNotify."
DEFVAL { disable }
::= { zxAnSecSvcMacAntiSpfGlobalObject 1 }
zxAnSecSvcMacDriftAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the MAC address that is drifted between
zxAnSecSvcMacDriftFromIfIndex and zxAnSecSvcMacDriftToIfIndex on
zxAnSecSvcMacDriftVlanId.
This object is instantiated only when
zxAnMasEnable and zxAnMasMacMoveReportEnable
value is set to enable(1) and a MAC drift is detected by the MAC
drift notification feature."
::= { zxAnSecSvcMacAntiSpfGlobalObject 2 }
zxAnSecSvcMacDriftVlanId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the VLAN on which the zxAnSecSvcMacDriftAddress is
drifted from zxAnSecSvcMacDriftFromIfIndex to
zxAnSecSvcMacDriftToIfIndex.
This object is instantiated only when
zxAnMasEnable and zxAnMasMacMoveReportEnable
value is set to enable(1) and a MAC drift is detected by the MAC
drift notification feature."
::= { zxAnSecSvcMacAntiSpfGlobalObject 3 }
zxAnSecSvcMacDriftFromIfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the port from which the zxAnSecSvcMacDriftAddress
is drifted to zxAnSecSvcMacDriftToIfIndex on
zxAnSecSvcMacDriftVlanId.
This object is instantiated only when
zxAnMasEnable and zxAnMasMacMoveReportEnable
value is set to enable(1) and a MAC drift is detected by the MAC
drift notification feature."
::= { zxAnSecSvcMacAntiSpfGlobalObject 4 }
zxAnSecSvcMacDriftToIfIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the port to which the zxAnSecSvcMacDriftAddress is
drifted from zxAnSecSvcMacDriftFromIfIndex on
zxAnSecSvcMacDriftVlanId.
This object is instantiated only when
zxAnMasEnable and zxAnMasMacMoveReportEnable
value is set to enable(1) and a MAC drift is detected by the MAC
drift notification feature."
::= { zxAnSecSvcMacAntiSpfGlobalObject 5 }
zxAnMasMacMoveReportInterval OBJECT-TYPE
SYNTAX INTEGER(1..300)
UNITS "minute"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The report interval of zxAnIfMacAntiDriftNotify which has the
same VLAN and MAC address.
"
DEFVAL { 30 }
::= { zxAnSecSvcMacAntiSpfGlobalObject 6 }
-----------------------------------------------------------
zxAnVlanMacAntiSpfTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnVlanMacAntiSpfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcMacAntiSnoofing 4 }
zxAnVlanMacAntiSpfEntry OBJECT-TYPE
SYNTAX ZxAnVlanMacAntiSpfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing anti drift mac address information."
INDEX { zxAnVlanMacAntiSpfVlanId }
::= { zxAnVlanMacAntiSpfTable 1 }
ZxAnVlanMacAntiSpfEntry ::= SEQUENCE {
zxAnVlanMacAntiSpfVlanId Integer32,
zxAnVlanMacAntiSpfEnable INTEGER,
zxAnVlanMacAntiSpfType INTEGER,
zxAnVlanMacAntiSpfRowStatus RowStatus
}
zxAnVlanMacAntiSpfVlanId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"mac address"
::= { zxAnVlanMacAntiSpfEntry 1 }
zxAnVlanMacAntiSpfEnable OBJECT-TYPE
SYNTAX INTEGER
{
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"mac address"
::= { zxAnVlanMacAntiSpfEntry 2 }
zxAnVlanMacAntiSpfType OBJECT-TYPE
SYNTAX INTEGER
{
nniprotect(1),
nnimacprotext(2),
uniprotect(3),
unimacprotect(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"mac address"
::= { zxAnVlanMacAntiSpfEntry 3 }
zxAnVlanMacAntiSpfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry."
::= { zxAnVlanMacAntiSpfEntry 50}
---------------------------------------------------------------
zxAnVlanMacAntiSpfMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnVlanMacAntiSpfMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcMacAntiSnoofing 5 }
zxAnVlanMacAntiSpfMacEntry OBJECT-TYPE
SYNTAX ZxAnVlanMacAntiSpfMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing anti drift mac address information."
INDEX { zxAnVlanMacAntiSpfVlanId, zxAnVlanMacAntiSpfMacAddress }
::= { zxAnVlanMacAntiSpfMacTable 1 }
ZxAnVlanMacAntiSpfMacEntry ::= SEQUENCE {
zxAnVlanMacAntiSpfMacAddress MacAddress,
zxAnVlanMacAntiSpfMacRowStatus RowStatus
}
zxAnVlanMacAntiSpfMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"mac address"
::= { zxAnVlanMacAntiSpfMacEntry 1 }
zxAnVlanMacAntiSpfMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry."
::= { zxAnVlanMacAntiSpfMacEntry 50}
--------------------------------------------------------------------------------
-- 1.3 Packet Limit
--------------------------------------------------------------------------------
zxAnSecSvcPacketLimitAllEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 1 }
zxAnSecSvcPacketLimitAll OBJECT-TYPE
SYNTAX INTEGER(100..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 2 }
zxAnSecSvcPacketLimitArpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 3 }
zxAnSecSvcPacketLimitArp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 4 }
zxAnSecSvcPacketLimitIcmpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 5 }
zxAnSecSvcPacketLimitIcmp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 6 }
zxAnSecSvcPacketLimitIgmpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 7 }
zxAnSecSvcPacketLimitIgmp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 8 }
zxAnSecSvcPacketLimitBpduEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 9 }
zxAnSecSvcPacketLimitBpdu OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 10 }
zxAnSecSvcPacketLimitDhcpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 11 }
zxAnSecSvcPacketLimitDhcp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 12 }
zxAnSecSvcPacketLimitVbasEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 13 }
zxAnSecSvcPacketLimitVbas OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 14 }
zxAnSecSvcPacketLimitPPPOEEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 15 }
zxAnSecSvcPacketLimitPPPOE OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 16 }
zxAnSecSvcPacketLimitSNMPEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 17 }
zxAnSecSvcPacketLimitSNMP OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcPktLimit 18 }
zxAnSecSvcPktLimitV6IcmpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The IPv6 ICMP packets rate limit switch.
It will limit ICMPv6 rate first when zxAnSecSvcPktLimitV6IcmpEnable
is enabled and at least one of the other four subtype switchs is
enabled at the same time. Subtype switchs include
zxAnSecSvcPktLimitV6NsEnable, zxAnSecSvcPktLimitV6NaEnable,
zxAnSecSvcPktLimitV6RsEnable and zxAnSecSvcPktLimitV6RaEnable."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 19 }
zxAnSecSvcPktLimitV6Icmp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of IPv6 ICMP and unit is pps.
It can be set value when zxAnSecSvcPktLimitV6IcmpEnable
is enabled. "
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 20 }
zxAnSecSvcPktLimitV6NsEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The neighbor solicitation packets rate limit switch."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 21 }
zxAnSecSvcPktLimitV6Ns OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of neighbor solicitation
and unit is pps. It can be set value when
zxAnSecSvcPktLimitV6NsEnable is enabled."
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 22 }
zxAnSecSvcPktLimitV6NaEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The neighbor advertisement packets rate limit switch."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 23 }
zxAnSecSvcPktLimitV6Na OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of neighbor advertisement
and unit is pps. It can be set value when
zxAnSecSvcPktLimitV6NaEnable is enabled."
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 24 }
zxAnSecSvcPktLimitV6RsEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The router solicitation packets rate limit switch."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 25 }
zxAnSecSvcPktLimitV6Rs OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of router solicitation
and unit is pps. It can be set value when
zxAnSecSvcPktLimitV6RsEnable is enabled."
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 26 }
zxAnSecSvcPktLimitV6RaEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The router advertisement packets rate limit switch."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 27 }
zxAnSecSvcPktLimitV6Ra OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of router advertisement
and unit is pps. It can be set value when
zxAnSecSvcPktLimitV6RaEnable is enabled."
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 28 }
zxAnSecSvcPktLimitV6DhcpEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The IPv6 DHCP packets rate limit switch."
DEFVAL { disable }
::= { zxAnSecSvcPktLimit 29 }
zxAnSecSvcPktLimitV6Dhcp OBJECT-TYPE
SYNTAX INTEGER(1..200)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum packets per second of IPv6 DHCP and unit is pps.
It can be set value when zxAnSecSvcPktLimitV6DhcpEnable
is enabled. "
DEFVAL { 1 }
::= { zxAnSecSvcPktLimit 30 }
zxAnSecSvcPktLimitSshEnable OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The SSH packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 31 }
zxAnSecSvcPktLimitSsh OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The SSH packet rate limit.
It can be set value when zxAnSecSvcPktLimitSshEnable is enabled. "
::= { zxAnSecSvcPktLimit 32 }
zxAnSecSvcPktLimitTelnetEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The telnet packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 33 }
zxAnSecSvcPktLimitTelnet OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The telnet packet rate limit.
It can be set value when zxAnSecSvcPktLimitTelnetEnable
is enabled. "
::= { zxAnSecSvcPktLimit 34 }
zxAnSecSvcPktLimitBfdEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The bidirectional forwarding detection packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 35 }
zxAnSecSvcPktLimitBfd OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The bidirectional forwarding detection packet rate limit.
It can be set value when zxAnSecSvcPktLimitBfdEnable is enabled. "
::= { zxAnSecSvcPktLimit 36 }
zxAnSecSvcPktLimitZesrEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ZTE ethernet switch ring packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 37 }
zxAnSecSvcPktLimitZesr OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The ZTE ethernet switch ring packet rate limit.
It can be set value when zxAnSecSvcPktLimitZesrEnable is enabled. "
::= { zxAnSecSvcPktLimit 38 }
zxAnSecSvcPktLimitStpEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The spanning tree protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 39 }
zxAnSecSvcPktLimitStp OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The spanning tree protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitStpEnable is enabled. "
::= { zxAnSecSvcPktLimit 40 }
zxAnSecSvcPktLimitLacpEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The link aggregation control protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 41 }
zxAnSecSvcPktLimitLacp OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The link aggregation control protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitLacpEnable
is enabled. "
::= { zxAnSecSvcPktLimit 42 }
zxAnSecSvcPktLimitLldpEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The link layer discovery protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 43 }
zxAnSecSvcPktLimitLldp OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The link layer discovery protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitLldpEnable is enabled. "
::= { zxAnSecSvcPktLimit 44 }
zxAnSecSvcPktLimitRipEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The routing information protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 45 }
zxAnSecSvcPktLimitRip OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The routing information protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitRipEnable is enabled. "
::= { zxAnSecSvcPktLimit 46 }
zxAnSecSvcPktLimitBgpEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The border gateway protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 47 }
zxAnSecSvcPktLimitBgp OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The border gateway protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitBgpEnable is enabled. "
::= { zxAnSecSvcPktLimit 48 }
zxAnSecSvcPktLimitOspfEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The open shortest path first packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 49 }
zxAnSecSvcPktLimitOspf OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The open shortest path first packet rate limit.
It can be set value when zxAnSecSvcPktLimitOspfEnable is enabled. "
::= { zxAnSecSvcPktLimit 50 }
zxAnSecSvcPktLimitIsisEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The intermediate system to intermediate system packet rate limit
switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 51 }
zxAnSecSvcPktLimitIsis OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The intermediate system to intermediate system packet rate limit.
It can be set value when zxAnSecSvcPktLimitIsisEnable is enabled. "
::= { zxAnSecSvcPktLimit 52 }
zxAnSecSvcPktLimitLdpEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The label distribution protocol packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 53 }
zxAnSecSvcPktLimitLdp OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The label distribution protocol packet rate limit.
It can be set value when zxAnSecSvcPktLimitLdpEnable is enabled. "
::= { zxAnSecSvcPktLimit 54 }
zxAnSecSvcPktLimitCfmEnable OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The connectivity fault management packet rate limit switch."
DEFVAL { disabled }
::= { zxAnSecSvcPktLimit 55 }
zxAnSecSvcPktLimitCfm OBJECT-TYPE
SYNTAX Integer32(1..200)
UNITS "pps"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The connectivity fault management packet rate limit.
It can be set value when zxAnSecSvcPktLimitCfmEnable is enabled. "
::= { zxAnSecSvcPktLimit 56 }
--------------------------------------------------------------------------------
-- 1.4 Private net work
--------------------------------------------------------------------------------
zxAnSecSvcPortInterworkInVlan OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0 .. 512))
MAX-ACCESS read-write
STATUS current
DESCRIPTION " This function in order to connect private network in accordance with
the specified VLAN .The use of 512-octet specifies 4094 VLAN.
Each octet within this field specifies a set of eight
VLAN, with the first octet specifying ports 1 through
8, the second octet specifying ports 9 through 16, etc.
Within each octet, the most significant bit represents
the lowest numbered VLAN, and the least significant bit
represents the highest numbered VLAN. Thus, each VLAN
of the service entity is represented by a single bit within the
value of this object. If that bit has a value of '1'
then that VLAN is interwork VLAN; the VLAN is not interwork VLAN
if its bit has a value of '0'. "
::= { zxAnSecSvcPrivateNetwork 1}
--------------------------------------------------------------------------------
zxAnSecSvcVlanTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
::= { zxAnSecSvcObjects 5 }
zxAnSecSvcVlanEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
""
INDEX { zxAnSecSvcVlanId}
::= { zxAnSecSvcVlanTable 1 }
ZxAnSecSvcVlanEntry ::= SEQUENCE {
zxAnSecSvcVlanId VlanId,
zxAnSecSvcVlanBroadcastRateLimit Integer32,
zxAnSecSvcVlanMulticastRateLimit Integer32,
zxAnSecSvcVlanUnknUcastRateLimit Integer32,
zxAnSecSvcVlanMulticastFloodMode INTEGER,
zxAnSecSvcVlanRateLimitRowStatus RowStatus
}
zxAnSecSvcVlanId OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"VlanId for Vlan interface."
::= { zxAnSecSvcVlanEntry 1 }
zxAnSecSvcVlanBroadcastRateLimit OBJECT-TYPE
SYNTAX Integer32
UNITS "kbps"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Indicates broadcast rate-limit"
::= { zxAnSecSvcVlanEntry 5 }
zxAnSecSvcVlanMulticastRateLimit OBJECT-TYPE
SYNTAX Integer32(0..1024000)
UNITS "kbs"
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Max Multicast rate limit."
DEFVAL { 1024000 }
::= { zxAnSecSvcVlanEntry 6 }
zxAnSecSvcVlanUnknUcastRateLimit OBJECT-TYPE
SYNTAX Integer32(0..1024000)
UNITS "kbs"
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Unknowcast rate limit."
DEFVAL { 1024000 }
::= { zxAnSecSvcVlanEntry 7 }
zxAnSecSvcVlanMulticastFloodMode OBJECT-TYPE
SYNTAX INTEGER
{
floodingAll(1),
floodingOnlyUnknown(2),
dropUnknown(3),
unsupported(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Vlan multicast packets flooding mode."
DEFVAL { floodingOnlyUnknown }
::= { zxAnSecSvcVlanEntry 8 }
zxAnSecSvcVlanRateLimitRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "RowStatus of this table."
::= { zxAnSecSvcVlanEntry 10 }
zxAnSecGlbVlanIsolationEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object is in accordance with 'zxAnSecSvcPortInterworkInVlan',
if the value is true then indicates 'zxAnSecSvcPortInterworkInVlan' is enable."
::= { zxAnSecSvcPrivateNetwork 2}
zxAnSecSvcPortBridgeEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object is in accordance with 'zxAnSecSvcPortBridgeEnable',
if the value is true then indicates 'zxAnSecSvcPortBridgeEnable' is enable."
::= { zxAnSecSvcPrivateNetwork 3}
zxAnSecSvcOnuSwitchEnable OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object is in accordance with 'zxAnSecSvcOnuSwitchEnable',
if the value is true then indicates 'zxAnSecSvcOnuSwitchEnable' is enable."
::= { zxAnSecSvcPrivateNetwork 4}
----------------------------------------------------------------------------
-- zxAnSecSvcInterworkVlanTable
----------------------------------------------------------------------------
zxAnSecSvcInterworkVlanTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcInterworkVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "When the value of 'zxAnSecGlbVlanIsolationEnable '
is enable,the table allowed be created,deleted,or the table can
not be created and deleted."
::= { zxAnSecSvcPrivateNetwork 5 }
zxAnSecSvcInterworkVlanEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcInterworkVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An entry in zxAnSecSvcInterworkVlanTable."
INDEX { zxAnSecVlanIsolationSVid,zxAnSecVlanIsolationCVid }
::= { zxAnSecSvcInterworkVlanTable 1 }
ZxAnSecSvcInterworkVlanEntry ::= SEQUENCE
{
zxAnSecVlanIsolationSVid VlanId,
zxAnSecVlanIsolationCVid Integer32,
zxAnSecVlanIsolationRowStatus RowStatus
}
zxAnSecVlanIsolationSVid OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This object indicates SVLAN id "
::= { zxAnSecSvcInterworkVlanEntry 1 }
zxAnSecVlanIsolationCVid OBJECT-TYPE
SYNTAX Integer32(0..4094)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This object indicates CVLAN id "
::= { zxAnSecSvcInterworkVlanEntry 2 }
zxAnSecVlanIsolationRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "RowStatus of this table. "
::= { zxAnSecSvcInterworkVlanEntry 30 }
--------------------------------------------------------------------------------
-- .reserved MAC table
--------------------------------------------------------------------------------
zxAnSecRsvdForwardMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecRsvdForwardMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table includes the reserved MAC for forwarding."
::= { zxAnSecSvcObjects 6 }
zxAnSecRsvdForwardMacEntry OBJECT-TYPE
SYNTAX ZxAnSecRsvdForwardMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An entry in zxAnSecRsvdForwardMacTable."
INDEX { zxAnSecRsvdForwardMacIndex }
::= { zxAnSecRsvdForwardMacTable 1 }
ZxAnSecRsvdForwardMacEntry ::= SEQUENCE
{
zxAnSecRsvdForwardMacIndex Integer32,
zxAnSecRsvdForwardMac MacAddress,
zxAnSecRsvdForwardMacMask MacAddress,
zxAnSecRsvdForwardMacRowStatus RowStatus
}
zxAnSecRsvdForwardMacIndex OBJECT-TYPE
SYNTAX Integer32(1..48)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This object indicates the mac index for forwarding. "
::= { zxAnSecRsvdForwardMacEntry 1 }
zxAnSecRsvdForwardMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION "This object indicates the mac address for forwarding. "
::= { zxAnSecRsvdForwardMacEntry 2 }
zxAnSecRsvdForwardMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION "This object indicates the mac address mask for forwarding. "
DEFVAL { 'FFFFFFFFFFFF'H }
::= { zxAnSecRsvdForwardMacEntry 3 }
zxAnSecRsvdForwardMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "RowStatus of this table."
::= { zxAnSecRsvdForwardMacEntry 10 }
--------------------------------------------------------------------------------
-- 1.7 IP Source Guard Mgmt
--------------------------------------------------------------------------------
zxAnSecSvcSrcGuardGlobalGroup OBJECT IDENTIFIER ::=
{ zxAnSecSvcIpSourceGuard 1 }
zxAnIpSrcGuardGlobalEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates whether IP Source Guard is enabled.
If this object is set to 'true', IP Source Guard is
enabled. If this object is set to 'false', IP Source Guard is
disabled.
"
DEFVAL { false }
::= { zxAnSecSvcSrcGuardGlobalGroup 1 }
zxAnSecSvcSrcGuardIpv4BindLimit OBJECT-TYPE
SYNTAX Integer32(0..8)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the maximum number of IPv4 addresses per U
reference point in the upstream.The total number of IPv4 and
IPv6 can not exceed 8."
DEFVAL { 8 }
::= { zxAnSecSvcSrcGuardGlobalGroup 2 }
zxAnSecSvcSrcGuardIpv6BindLimit OBJECT-TYPE
SYNTAX Integer32(0..8)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the maximum number of IPv6 prefixes per U
reference point in the upstream.The total number of IPv4 and
IPv6 can not exceed 8."
DEFVAL { 8 }
::= { zxAnSecSvcSrcGuardGlobalGroup 3 }
zxAnIpSrcGuardBindType OBJECT-TYPE
SYNTAX INTEGER
{
ip(1),
ipAndMac(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"IP source guar binding type.
ip(1) - IP source guard bind IP address only.
IipAndMac(2) - IP source guard bind both IP address and MAC
address."
DEFVAL { ip }
::= { zxAnSecSvcSrcGuardGlobalGroup 4 }
zxAnSecSvcIfSrcGuardConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcIfSrcGuardConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the mechanism to enable or disable
IP Source Guard at each interface capable of this feature.
When DHCP Snooping is enabled at an interface, a list of
IP addresses is obtained through DHCP Snooping for this
particular interface. If IP Source Guard is enabled, only
traffic from these IP addresses is allowed to pass through
the interface."
::= { zxAnSecSvcIpSourceGuard 2 }
zxAnSecSvcIfSrcGuardConfigEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcIfSrcGuardConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the configuration to enable
or disable IP Source Guard at each physical interface
capable of this feature."
INDEX { zxAnSecSvcRack,zxAnSecSvcShelf,zxAnSecSvcSlot,
zxAnSecSvcPort,zxAnSecSvcOnu,zxAnSecSvcCircuitType,
zxAnSecSvcLogicalId }
::= { zxAnSecSvcIfSrcGuardConfigTable 1 }
ZxAnSecSvcIfSrcGuardConfigEntry ::= SEQUENCE {
zxAnSecSvcRack INTEGER,
zxAnSecSvcShelf INTEGER,
zxAnSecSvcSlot INTEGER,
zxAnSecSvcPort INTEGER,
zxAnSecSvcOnu INTEGER,
zxAnSecSvcCircuitType INTEGER,
zxAnSecSvcLogicalId OBJECT IDENTIFIER,
zxAnIpSrcGuardIfEnable TruthValue
}
zxAnSecSvcRack OBJECT-TYPE
SYNTAX INTEGER(1..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the rack number."
::= { zxAnSecSvcIfSrcGuardConfigEntry 1 }
zxAnSecSvcShelf OBJECT-TYPE
SYNTAX INTEGER(1..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the shelf number."
::= { zxAnSecSvcIfSrcGuardConfigEntry 2 }
zxAnSecSvcSlot OBJECT-TYPE
SYNTAX INTEGER(1..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the slot number."
::= { zxAnSecSvcIfSrcGuardConfigEntry 3 }
zxAnSecSvcPort OBJECT-TYPE
SYNTAX INTEGER(1..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the physical port number."
::= { zxAnSecSvcIfSrcGuardConfigEntry 4 }
zxAnSecSvcOnu OBJECT-TYPE
SYNTAX INTEGER(0..255)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"When zxAnSecSvcCircuitType are 'onu' or 'gemportOrLlid' or
'servicePort' this object indicates 'onu ID'.
When zxAnSecSvcCircuitType are 'physicalPort' or 'bridgePort'
its value is '0'.
"
::= { zxAnSecSvcIfSrcGuardConfigEntry 5 }
zxAnSecSvcCircuitType OBJECT-TYPE
SYNTAX INTEGER
{
physicalPort(1),
bridgePort(2),
onu(3),
gemportOrLlid(4),
servicePort(11)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the type of port.
"
::= { zxAnSecSvcIfSrcGuardConfigEntry 6 }
zxAnSecSvcLogicalId OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This value is an oid which indicats the logical index.
When zxAnSecSvcCircuitType is 'physicalPort' its value is '0'.
When zxAnSecSvcCircuitType is 'bridgePort' this object includes
{pvc} , such as oid {1} indicates pvc1 .
When zxAnSecSvcCircuitType is 'onu' its value is '0'.
When zxAnSecSvcCircuitType is 'gemportOrLlid' this object includes
{gemport/llid} , such as oid {1} indicates gemport1/llid1 .
When zxAnSecSvcCircuitType is 'servicePort' this object includes
{serviceportID} , such as oid {1} indicates serviceportID1 .
"
::= { zxAnSecSvcIfSrcGuardConfigEntry 7 }
zxAnIpSrcGuardIfEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates whether IP Source Guard is enabled
at this interface.If this object is set to 'true', IP Source Guard
is enabled. Traffic coming to this interface will be forwarded if
it is from the list of IP addresses obtained through DHCP Snooping.
Otherwise, it is denied.
If this object is set to 'false', IP Source Guard is disabled.
1-truth,2-false."
DEFVAL { false }
::= { zxAnSecSvcIfSrcGuardConfigEntry 8 }
zxAnSecSvcIfSrcGuardAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcIfSrcGuardAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table provides the information on IP addresses used
for IP Source Guard purpose at each interface capable
of this feature. "
::= { zxAnSecSvcIpSourceGuard 3 }
zxAnSecSvcIfSrcGuardAddrEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcIfSrcGuardAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row instance contains the IP address type and IP
address used for IP Source Guard purpose at each
interface capable of this feature."
INDEX { zxAnSecSvcRack,zxAnSecSvcShelf,
zxAnSecSvcSlot,zxAnSecSvcPort,zxAnSecSvcOnu,
zxAnSecSvcCircuitType,
zxAnSecSvcLogicalId,
zxAnSecSvcIfSrcGuardClntBindType,
zxAnSecSvcIfSrcGuardIpAddrType,
zxAnSecSvcIfSrcGuardIpAddress
}
::= { zxAnSecSvcIfSrcGuardAddrTable 1 }
ZxAnSecSvcIfSrcGuardAddrEntry ::= SEQUENCE {
zxAnSecSvcIfSrcGuardClntBindType INTEGER,
zxAnSecSvcIfSrcGuardIpAddrType InetAddressType,
zxAnSecSvcIfSrcGuardIpAddress InetAddress,
zxAnSecSvcIfSrcGuardPfxLen InetAddressPrefixLength,
zxAnSecSvcIfSrcGuardMacAddr MacAddress,
zxAnSecSvcIfSrcGuardVlan INTEGER,
zxAnSecSvcIfSrcGuardRowStatus RowStatus
}
zxAnSecSvcIfSrcGuardClntBindType OBJECT-TYPE
SYNTAX INTEGER
{
static(1),
dynamic(2)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates bind type of client ip address.
If this value is 'static' zxAnSecSvcIfSrcGuardPfxLen
and zxAnSecSvcIfSrcGuardVlan are optional property."
::= { zxAnSecSvcIfSrcGuardAddrEntry 1 }
zxAnSecSvcIfSrcGuardIpAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the type of IP address denoted
in zxAnSecSvcIfSrcGuardIpAddress object."
::= { zxAnSecSvcIfSrcGuardAddrEntry 2 }
zxAnSecSvcIfSrcGuardIpAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the IP address obtained at
this interface through DHCP Snooping or static configuration."
::= { zxAnSecSvcIfSrcGuardAddrEntry 3 }
zxAnSecSvcIfSrcGuardPfxLen OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the IPv6 address mask obtained at
this interface through DHCP Snooping or static configuration.
This object is an optional property,only available to IPv6.
If this object is invalid the value will be '0'.
"
::= { zxAnSecSvcIfSrcGuardAddrEntry 4 }
zxAnSecSvcIfSrcGuardMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the MAC address obtained at
this interface through DHCP Snooping or static configuration."
::= { zxAnSecSvcIfSrcGuardAddrEntry 5 }
zxAnSecSvcIfSrcGuardVlan OBJECT-TYPE
SYNTAX INTEGER(0..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the vlan obtained at
this interface through DHCP Snooping or static configuration.
If this object is invalid the value will be '0'."
::= { zxAnSecSvcIfSrcGuardAddrEntry 6 }
zxAnSecSvcIfSrcGuardRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry."
::= { zxAnSecSvcIfSrcGuardAddrEntry 20}
--------------------------------------------------------------------------------
-- 1.8 Reserved MAC Mgmt
--------------------------------------------------------------------------------
zxAnSecSvcIfRsvdMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcIfRsvdMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The table includes the reserved MAC address. L2 packets
will be forworded by the policy of this table first.
The note:the NE need to support get-next to the slot level."
::= { zxAnSecSvcReservedMac 1 }
zxAnSecSvcIfRsvdMacEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcIfRsvdMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An entry in zxAnSecSvcIfRsvdMacTable."
INDEX { zxAnSecSvcIfRsvdMacRack, zxAnSecSvcIfRsvdMacShelf,
zxAnSecSvcIfRsvdMacSlot, zxAnSecSvcIfRsvdMacPort,
zxAnSecSvcIfRsvdMacNumber}
::= { zxAnSecSvcIfRsvdMacTable 1 }
ZxAnSecSvcIfRsvdMacEntry ::= SEQUENCE
{
zxAnSecSvcIfRsvdMacRack Integer32,
zxAnSecSvcIfRsvdMacShelf Integer32,
zxAnSecSvcIfRsvdMacSlot Integer32,
zxAnSecSvcIfRsvdMacPort Integer32,
zxAnSecSvcIfRsvdMacNumber Integer32,
zxAnSecSvcIfRsvdMacStartAddr MacAddress,
zxAnSecSvcIfRsvdMacEndAddr MacAddress,
zxAnSecSvcIfRsvdMacForwardPolicy INTEGER,
zxAnSecSvcIfRsvdMacRowStatus RowStatus
}
zxAnSecSvcIfRsvdMacRack OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Rack number of the port. "
::= { zxAnSecSvcIfRsvdMacEntry 1 }
zxAnSecSvcIfRsvdMacShelf OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Shelf number of the port. "
::= { zxAnSecSvcIfRsvdMacEntry 2 }
zxAnSecSvcIfRsvdMacSlot OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Slot number of the port. "
::= { zxAnSecSvcIfRsvdMacEntry 3 }
zxAnSecSvcIfRsvdMacPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The port number. "
::= { zxAnSecSvcIfRsvdMacEntry 4 }
zxAnSecSvcIfRsvdMacNumber OBJECT-TYPE
SYNTAX Integer32(1..64)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "MAC address number. "
::= { zxAnSecSvcIfRsvdMacEntry 5 }
zxAnSecSvcIfRsvdMacStartAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Start MAC address. "
::= { zxAnSecSvcIfRsvdMacEntry 6 }
zxAnSecSvcIfRsvdMacEndAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION "End MAC address. "
::= { zxAnSecSvcIfRsvdMacEntry 7 }
zxAnSecSvcIfRsvdMacForwardPolicy OBJECT-TYPE
SYNTAX INTEGER
{
discard(1),
transparent(2),
localProcessing(3),
snooping(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the forwarding policy of L2 packets,
its values are as follow:
discard (1) - discard this packet;
transparent (2) - this packet is transmitted transparently;
localProcessing (3) - this packet is processed by local;
snooping (4) - transparent(2) + localProcessing(3);
"
DEFVAL { transparent }
::= { zxAnSecSvcIfRsvdMacEntry 8 }
zxAnSecSvcIfRsvdMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "RowStatus of this table."
::= { zxAnSecSvcIfRsvdMacEntry 30 }
zxAnSecSvcRsvdMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcRsvdMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table includes the reserved MAC address.
L2 packets will be forworded by the policy of this table first.
"
::= { zxAnSecSvcReservedMac 2 }
zxAnSecSvcRsvdMacEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcRsvdMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in zxAnSecSvcRsvdMacTable."
INDEX
{
zxAnSecSvcRsvdMacNumber
}
::= { zxAnSecSvcRsvdMacTable 1 }
ZxAnSecSvcRsvdMacEntry ::= SEQUENCE
{
zxAnSecSvcRsvdMacNumber Integer32,
zxAnSecSvcRsvdMacStartAddr MacAddress,
zxAnSecSvcRsvdMacEndAddr MacAddress,
zxAnSecSvcRsvdMacForwardPolicy INTEGER,
zxAnSecSvcRsvdMacRowStatus RowStatus
}
zxAnSecSvcRsvdMacNumber OBJECT-TYPE
SYNTAX Integer32(1..64)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"MAC address number."
::= { zxAnSecSvcRsvdMacEntry 1 }
zxAnSecSvcRsvdMacStartAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Starting MAC address. "
::= { zxAnSecSvcRsvdMacEntry 2 }
zxAnSecSvcRsvdMacEndAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Ending MAC address. "
::= { zxAnSecSvcRsvdMacEntry 3 }
zxAnSecSvcRsvdMacForwardPolicy OBJECT-TYPE
SYNTAX INTEGER
{
discard(1),
transparent(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the forwarding policy of L2 packets,
its values are as follow:
discard (1) - discard this packet;
transparent (2) - this packet is transmitted transparently;
"
DEFVAL { discard }
::= { zxAnSecSvcRsvdMacEntry 4 }
zxAnSecSvcRsvdMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus of this table."
::= { zxAnSecSvcRsvdMacEntry 30 }
--------------------------------------------------------------------------------
-- 1.9 L2CP Mgmt
--------------------------------------------------------------------------------
zxAnSecSvcL2cpGlobal OBJECT IDENTIFIER ::= { zxAnSecSvcL2cp 1 }
zxAnSecSvcL2cpVlanConfNextId OBJECT-TYPE
SYNTAX Integer32(0..32)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an unused value for zxAnSecSvcL2cpVlanConfId
in the zxAnSecSvcL2cpVlanConfTable,or 0 to indicate that none
exist.
"
::= { zxAnSecSvcL2cpGlobal 1 }
zxAnSecSvcL2cpVlanConfTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcL2cpVlanConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table includes the L2CP records for forwarding or discarding."
::= { zxAnSecSvcL2cp 2 }
zxAnSecSvcL2cpVlanConfEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcL2cpVlanConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in zxAnSecSvcL2cpVlanConfTable."
INDEX { zxAnSecSvcL2cpVlanConfId }
::= { zxAnSecSvcL2cpVlanConfTable 1 }
ZxAnSecSvcL2cpVlanConfEntry ::= SEQUENCE
{
zxAnSecSvcL2cpVlanConfId Integer32,
zxAnSecSvcL2cpVlanConfDestMac MacAddress,
zxAnSecSvcL2cpVlanConfMacMask MacAddress,
zxAnSecSvcL2cpVlanConfVid Integer32,
zxAnSecSvcL2cpVlanConfVlanMask Integer32,
zxAnSecSvcL2cpVlanConfFwdPolicy INTEGER,
zxAnSecSvcL2cpVlanConfRowStatus RowStatus
}
zxAnSecSvcL2cpVlanConfId OBJECT-TYPE
SYNTAX Integer32(1..32)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the L2CP records ID. "
::= { zxAnSecSvcL2cpVlanConfEntry 1 }
zxAnSecSvcL2cpVlanConfDestMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the packet destination MAC address of the
L2CP record. "
::= { zxAnSecSvcL2cpVlanConfEntry 2 }
zxAnSecSvcL2cpVlanConfMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This is the wildcard mask for the zxAnSecSvcL2cpVlanConfDestMac
bits that must match. 1 bits in the mask indicate the
corresponding bits in the zxAnSecSvcL2cpVlanConfDestMac must match
in order for the matching to be successful, and 0 bits are don't
care bits in the matching.
A value of zero causes only packets of source address the same as
zxAnSecSvcL2cpVlanConfDestMac to match."
DEFVAL { 'FFFFFFFFFFFF'H }
::= { zxAnSecSvcL2cpVlanConfEntry 3 }
zxAnSecSvcL2cpVlanConfVid OBJECT-TYPE
SYNTAX Integer32(1..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the VLAN value of the packet."
::= { zxAnSecSvcL2cpVlanConfEntry 4 }
zxAnSecSvcL2cpVlanConfVlanMask OBJECT-TYPE
SYNTAX Integer32(0..4095)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This is the wildcard mask for the zxAnSecSvcL2cpVlanConfVid
bits that must match. 1 bits in the mask indicate the
corresponding bits in the zxAnSecSvcL2cpVlanConfVid must match
in order for the matching to be successful, and 0 bits are don't
care bits in the matching.
A value of zero causes only packets of source address the same as
zxAnSecSvcL2cpVlanConfVid to match."
DEFVAL { 4095 }
::= { zxAnSecSvcL2cpVlanConfEntry 5 }
zxAnSecSvcL2cpVlanConfFwdPolicy OBJECT-TYPE
SYNTAX INTEGER
{
discard(1),
forward(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the forwarding policy of L2 packets,
its values are as follow:
discard (1) - discard this packet;
forward (2) - the packet is transmitted transparently. "
DEFVAL { discard }
::= { zxAnSecSvcL2cpVlanConfEntry 6 }
zxAnSecSvcL2cpVlanConfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus of the zxAnSecSvcL2cpVlanConfTable table."
::= { zxAnSecSvcL2cpVlanConfEntry 50 }
zxAnSecSvcL2cpDefaultTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcL2cpDefaultEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table includes the default L2CP records."
::= { zxAnSecSvcL2cp 3 }
zxAnSecSvcL2cpDefaultEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcL2cpDefaultEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in zxAnSecSvcL2cpDefaultTable."
INDEX { zxAnSecSvcL2cpDefaultId }
::= { zxAnSecSvcL2cpDefaultTable 1 }
ZxAnSecSvcL2cpDefaultEntry ::= SEQUENCE
{
zxAnSecSvcL2cpDefaultId Integer32,
zxAnSecSvcL2cpDefaultDestMac MacAddress,
zxAnSecSvcL2cpDefaultMacMask MacAddress,
zxAnSecSvcL2cpDefaultFwdPolicy INTEGER
}
zxAnSecSvcL2cpDefaultId OBJECT-TYPE
SYNTAX Integer32(1..32)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the default L2CP records ID."
::= { zxAnSecSvcL2cpDefaultEntry 1 }
zxAnSecSvcL2cpDefaultDestMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the packet destination MAC address of the
default L2CP record. "
::= { zxAnSecSvcL2cpDefaultEntry 2 }
zxAnSecSvcL2cpDefaultMacMask OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This is the wildcard mask for the zxAnSecSvcL2cpDefaultDestMac bits
that must match. 1 bits in the mask indicate the corresponding bits
in the zxAnAclHybridRuleDestMac must match in order for the
matching to be successful, and 0 bits are don't care bits in the
matching.
A value of zero causes only packets of source address the same as
zxAnSecSvcL2cpDefaultDestMac to match."
DEFVAL { 'FFFFFFFFFFFF'H }
::= { zxAnSecSvcL2cpDefaultEntry 3 }
zxAnSecSvcL2cpDefaultFwdPolicy OBJECT-TYPE
SYNTAX INTEGER
{
discard(1),
forward(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the forwarding policy of L2 packets,
its values are as follow:
discard (1) - discard this packet;
forward (2) - the packet is transmitted transparently. "
DEFVAL { discard }
::= { zxAnSecSvcL2cpDefaultEntry 6 }
--------------------------------------------------------------------------------
-- 1.10 Ipv6Filter Mgmt
--------------------------------------------------------------------------------
zxAnSecSvcIpv6FiltGlobalObjects OBJECT IDENTIFIER
::= { zxAnSecSvcIpv6Filter 1 }
zxAnIpv6FiltVlanConfNextId OBJECT-TYPE
SYNTAX Integer32(0..32)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an unused value for zxAnIpv6FiltVlanConfId
in the zxAnSecSvcIpv6FiltVlanConfTable.
The value 0 indicates that no unassigned entries are available.
"
::= { zxAnSecSvcIpv6FiltGlobalObjects 1 }
zxAnSecSvcIpv6FiltVlanConfTable OBJECT-TYPE
SYNTAX SEQUENCE OF ZxAnSecSvcIpv6FiltVlanConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table includes the IPv6 filter records."
::= { zxAnSecSvcIpv6Filter 2 }
zxAnSecSvcIpv6FiltVlanConfEntry OBJECT-TYPE
SYNTAX ZxAnSecSvcIpv6FiltVlanConfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in zxAnSecSvcIpv6FiltVlanConfTable."
INDEX { zxAnIpv6FiltVlanConfId }
::= { zxAnSecSvcIpv6FiltVlanConfTable 1 }
ZxAnSecSvcIpv6FiltVlanConfEntry ::= SEQUENCE
{
zxAnIpv6FiltVlanConfId Integer32,
zxAnIpv6FiltVlanConfVid Integer32,
zxAnIpv6FiltVlanConfVlanMask Integer32,
zxAnIpv6FiltVlanConfRowStatus RowStatus
}
zxAnIpv6FiltVlanConfId OBJECT-TYPE
SYNTAX Integer32(1..32)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the IPv6 filter records ID. "
::= { zxAnSecSvcIpv6FiltVlanConfEntry 1 }
zxAnIpv6FiltVlanConfVid OBJECT-TYPE
SYNTAX Integer32(1..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the VLAN value of the packet."
::= { zxAnSecSvcIpv6FiltVlanConfEntry 2 }
zxAnIpv6FiltVlanConfVlanMask OBJECT-TYPE
SYNTAX Integer32(0..4095)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This is the wildcard mask for the zxAnIpv6FiltVlanConfVid bits
that must match.
1 bits in the mask indicate the corresponding bits in the
zxAnIpv6FiltVlanConfVid must match in order for the matching to
be successful, and 0 bits are don't care bits in the matching.
A value of zero causes only packets of source address the same as
zxAnIpv6FiltVlanConfVid to match."
DEFVAL { 4095 }
::= { zxAnSecSvcIpv6FiltVlanConfEntry 3 }
zxAnIpv6FiltVlanConfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"RowStatus of the zxAnSecSvcIpv6FiltVlanConfTable table."
::= { zxAnSecSvcIpv6FiltVlanConfEntry 50 }
--------------------------------------------------------------------------------
-- 2.Trap
--------------------------------------------------------------------------------
zxAnSecSvcAntiDosFault NOTIFICATION-TYPE
OBJECTS { ifIndex, zxAnSecSvcAntiDosSourceMac, zxAnSecSvcAntiDosPortVlan }
STATUS current
DESCRIPTION
"It indicate current packets per second over zxAnSecSvcAntiDosAscThreshold,
The source MAC of packet will put into blacklist.The variable ifIndex indicate
trap position,it's type is ZxAnIfindex,detail info about ZxAnIfindex please
refer to ZTE-AN-TC-MIB.mib file."
::= { zxAnSecSvcTrapObjects 1 }
zxAnSecSvcAntiDosFaultCleared NOTIFICATION-TYPE
OBJECTS { ifIndex, zxAnSecSvcAntiDosSourceMac, zxAnSecSvcAntiDosPortVlan }
STATUS current
DESCRIPTION
"It indicate current packets per second below zxAnSecSvcAntiDosDescThreshold,
The source MAC of packet will remove from blacklist.The variable ifIndex indicate
trap position,it's type is ZxAnIfindex,detail info about ZxAnIfindex please
refer to ZTE-AN-TC-MIB.mib file."
::= { zxAnSecSvcTrapObjects 2 }
zxAnIfMacAntiDriftNotify NOTIFICATION-TYPE
OBJECTS
{
zxAnSecSvcMacDriftAddress,
zxAnSecSvcMacDriftVlanId,
zxAnSecSvcMacDriftFromIfIndex,
zxAnSecSvcMacDriftToIfIndex
}
STATUS current
DESCRIPTION
"If both zxAnMasEnable and zxAnMasMacMoveReportEnable
is enable, zxAnIfMacAntiDriftNotify is generated when a MAC address
is drifted between two interfaces."
::= { zxAnSecSvcTrapObjects 3 }
END
View Git Blame Copy Permalink