1562 lines
58 KiB
Plaintext
1562 lines
58 KiB
Plaintext
-- ===========================================================
|
|
-- Copyright (C) 2013 by HUAWEI TECHNOLOGIES. All rights reserved.
|
|
--
|
|
-- Description: HUAWEI-FIREWALL-MIB
|
|
-- Reference:
|
|
-- Version: 1.0
|
|
-- History:
|
|
-- ===========================================================
|
|
|
|
HUAWEI-FIREWALL-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
hwDatacomm
|
|
FROM HUAWEI-MIB
|
|
InterfaceIndexOrZero
|
|
FROM IF-MIB
|
|
SnmpAdminString
|
|
FROM SNMP-FRAMEWORK-MIB
|
|
OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
IpAddress, Unsigned32, Gauge32, Counter32, Integer32,
|
|
TimeTicks, OBJECT-TYPE, MODULE-IDENTITY,
|
|
NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
DateAndTime, DisplayString, TEXTUAL-CONVENTION, TruthValue
|
|
FROM SNMPv2-TC
|
|
|
|
PortList
|
|
FROM Q-BRIDGE-MIB;
|
|
|
|
|
|
|
|
hwFirewallMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201307302005Z" -- November 02, 2009 at 20:30 GMT
|
|
ORGANIZATION
|
|
"Huawei Technologies Co.,Ltd.
|
|
"
|
|
CONTACT-INFO
|
|
"Huawei Industrial Base
|
|
Bantian, Longgang
|
|
Shenzhen 518129
|
|
People's Republic of China
|
|
Website: http://www.huawei.com
|
|
Email: support@huawei.com
|
|
"
|
|
DESCRIPTION
|
|
"The MIB contains objects of firewall , referencing the draft-grall-firewall-mib-01."
|
|
|
|
REVISION "201307302005Z"
|
|
DESCRIPTION "Modify hwFwBasicEventTime attribute type from DateAndTime to SnmpAdminString,
|
|
make it analyze OCTET type time string successfully"
|
|
::= { hwDatacomm 222 }
|
|
|
|
|
|
|
|
-- Textual conventions
|
|
SecurityEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various
|
|
security-related events and statistics on a firewall.
|
|
|
|
attack : A packet forwarding attack has been detected.
|
|
atkTerm : An attack has terminated
|
|
blklstAdd : A black list is added manually or dynamically.
|
|
blklstDel : A black list is deleted manually or dynamically."
|
|
SYNTAX INTEGER
|
|
{
|
|
attack(1),
|
|
atkTerm(2),
|
|
blklstAdd(3),
|
|
blklstDel(4)
|
|
}
|
|
|
|
Services ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various services
|
|
that are monitored by the firewall.
|
|
|
|
protoIcmp : identifies ICMP, Internet Control Message Protocol.
|
|
protoTcp : identifies TCP, Transmission Control Protocol.
|
|
protoUdp : identifies UDP, User Datagram Protocol.
|
|
protoIp : identifies IP, Internet Protocol.
|
|
protoSnmp : identifies SNMP, Simple Network Management Protocol."
|
|
SYNTAX INTEGER
|
|
{
|
|
protoIcmp(1),
|
|
protoTcp(2),
|
|
protoUdp(3)
|
|
}
|
|
|
|
ConnectionStat ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various
|
|
connections statistics.
|
|
|
|
totalOpen : Total open connections since reboot.
|
|
currentOpen : The number of connections currently open.
|
|
currentHalfOpen : The number of connections currently half-open.
|
|
remote : The number of connections synchronized from remote
|
|
backup firewall.
|
|
high : The highest number of connections in use at
|
|
any one time since system startup."
|
|
SYNTAX INTEGER
|
|
{
|
|
totalOpen(1),
|
|
currentOpen(2),
|
|
currentHalfOpen(3),
|
|
remote(4),
|
|
high(5)
|
|
}
|
|
|
|
|
|
ConnectionEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various events
|
|
and statistics that are related to the connections that
|
|
occur on a firewall.
|
|
|
|
other : A generic connection event.
|
|
accept : A connection has been acccepted.
|
|
error : An error has occurred for a connection.
|
|
drop : The connection has been dropped.
|
|
close : A connection has been closed.
|
|
timeout : A connection has been timed out.
|
|
refused : A connection has been refused.
|
|
reset : A connection has been reset.
|
|
noResp : A connection has received no response."
|
|
SYNTAX INTEGER
|
|
{
|
|
other(1),
|
|
accept(2),
|
|
error(3),
|
|
drop(4),
|
|
close(5),
|
|
timeout(6),
|
|
refused(7),
|
|
reset(8),
|
|
noResp(9)
|
|
}
|
|
|
|
Hardware ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various hardware
|
|
resouces that can be monitored by the firewall.
|
|
|
|
memory : identifies memory.
|
|
disk : identifies disk.
|
|
power : identifies power.
|
|
netInterface : identifies a network interface.
|
|
tape : identifies a tape drive.
|
|
controller : identifies hardware controller.
|
|
cpu : identifies CPU.
|
|
primaryUnit : identifies the primary unit of the two
|
|
identical firewalls configured redundancy.
|
|
secondaryUnit : identifies the secondary unit of the two
|
|
identical firewalls configured redundancy.
|
|
other : identifies other hardware."
|
|
SYNTAX INTEGER
|
|
{
|
|
memory(1),
|
|
disk(2),
|
|
power(3),
|
|
netInterface(4),
|
|
cpu(5),
|
|
primaryUnit(6),
|
|
secondaryUnit(7),
|
|
other(8)
|
|
}
|
|
|
|
HardwareStatus ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various events
|
|
that are related to the resources on a firewall.
|
|
other : Generic resource event.
|
|
up : The resource is in service.
|
|
down : The resource is not in service.
|
|
error : There has been an error for this resource.
|
|
overTemp : The resource is overheating.
|
|
busy : The resource is busy.
|
|
noMedia : A device doesn't have its needed media.
|
|
backup : Processing has switched to the backup.
|
|
active : This is the active unit.
|
|
standby : This is the standby unit."
|
|
SYNTAX INTEGER
|
|
{
|
|
other(1),
|
|
up(2),
|
|
down(3),
|
|
error(4),
|
|
overTemp(5),
|
|
busy(6),
|
|
noMedia(7),
|
|
backup(8),
|
|
active(9),
|
|
standby(10)
|
|
}
|
|
|
|
ResourceStatistics ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to identify various statistics
|
|
that are related to the resources on a firewall.
|
|
|
|
highUse : The highest load the resource has had for a
|
|
time period. The time period will be
|
|
implementation dependent.
|
|
highLoad : The highest load the resource has had since
|
|
startup.
|
|
maximum : The maximum amount of the resource that is
|
|
available.
|
|
minimum : The minimum amount of the resource that is
|
|
available.
|
|
low : The lowest amount of the resource that has been
|
|
available since startup.
|
|
high : The highest amount of the resource that has been
|
|
available since startup.
|
|
average : The average amount of the resource that has been
|
|
available since startup.
|
|
free : The amount of the resource that is currently
|
|
available since startup.
|
|
inUse : The amount of the resource that is currently
|
|
in use, eg. CPU usage, memory usage."
|
|
SYNTAX INTEGER
|
|
{
|
|
highUse(1),
|
|
highLoad(2),
|
|
maximum(3),
|
|
minimum(4),
|
|
low(5),
|
|
high(6),
|
|
average(7),
|
|
free(8),
|
|
inUse(9)
|
|
}
|
|
|
|
ContentInspectionEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Content inspection events, these events report that
|
|
something was found in the application payload. The
|
|
details entry in the event can report on what was
|
|
found (eg., virus, company private info., etc), what it
|
|
was found in (eg., html, win32 executable, e-mail), and
|
|
what was done with it (eg., the quarantine location).
|
|
|
|
other : A content inspection event. Used to indicate
|
|
that some content inspection has occurred that
|
|
is not covered by the other content inspection
|
|
enumerations.
|
|
okay : The check of the content was okay, nothing 'bad'
|
|
was found.
|
|
error : There was an error while checking the content.
|
|
found : Something was found that the content inspection
|
|
engine has determined merits attention.
|
|
clean : The content inspection engine has found something
|
|
that violates the security policy and has
|
|
neutralized the content in the data flow.
|
|
reject : The content inspection engine has found something
|
|
that violates the security policy and has discarded
|
|
the content.
|
|
saved : The content inspection engine has found something
|
|
that violates the security policy and has stored
|
|
it in a quarentine storage area."
|
|
SYNTAX INTEGER
|
|
{
|
|
other(1),
|
|
okay(2),
|
|
error(3),
|
|
found(4),
|
|
clean(5),
|
|
reject(6),
|
|
saved(7)
|
|
}
|
|
|
|
AccessEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various events
|
|
and statistics that are related to the access control on a
|
|
firewall.
|
|
|
|
other : Miscellaneous access event.
|
|
grant : A service has allowed access based on all
|
|
of its access checks.
|
|
deny : a client was denied use of a service.
|
|
denyMult : A client was denied use of a service
|
|
multiple times.
|
|
error : An error has ocurred during the access
|
|
control process."
|
|
SYNTAX INTEGER
|
|
{
|
|
other(1),
|
|
grant(2),
|
|
deny(3),
|
|
denyMult(4),
|
|
error(5)
|
|
}
|
|
|
|
AuthenticationEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This textual convention is used to describe various events
|
|
and statistics that are related to authorization.
|
|
|
|
other : Miscellaneous authentication event.
|
|
succ : A client successfuly authenticated.
|
|
error : Error while authenticating.
|
|
fail : A client failed an authenticating.
|
|
succPriv : A client accessed a service with special
|
|
privileges.
|
|
failPriv : A client failed to access a service with
|
|
special privileges.
|
|
failMult : Multiple failed authentication attempts by
|
|
a client."
|
|
SYNTAX INTEGER
|
|
{
|
|
other(1),
|
|
succ(2),
|
|
error(3),
|
|
fail(4),
|
|
succPriv(5),
|
|
failPriv(6),
|
|
failMult(7)
|
|
}
|
|
|
|
GenericEvent ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Generic Events : events for which there is no more specific
|
|
enumeration
|
|
abnormal : An abnormal event has occurred that is neither
|
|
'okay' nor an 'error'.
|
|
okay : A normal event occurred or the system has changed
|
|
from an abnormal state to a normal state
|
|
error : An error event occurred"
|
|
SYNTAX INTEGER
|
|
{
|
|
abnormal(1),
|
|
okay(2),
|
|
error(3)
|
|
}
|
|
|
|
|
|
PktFltDefaultRule ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Default rule of the packet filtering.
|
|
|
|
permit : Allows all packets to pass.
|
|
deny : Rejects all packets."
|
|
SYNTAX INTEGER
|
|
{
|
|
permit(1),
|
|
deny(2)
|
|
}
|
|
|
|
AspfProto ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Protocol enabled ASPF check function in interzone."
|
|
SYNTAX INTEGER
|
|
{
|
|
ftp(1),
|
|
http(2),
|
|
httpJavaBlock(3),
|
|
httpActiveXBlock(4),
|
|
sip(5),
|
|
rstp(6)
|
|
}
|
|
|
|
|
|
-- Node definitions
|
|
|
|
hwFirewallMIBObjects OBJECT IDENTIFIER ::= { hwFirewallMIB 1 }
|
|
|
|
|
|
hwFwEvents OBJECT IDENTIFIER ::= { hwFirewallMIBObjects 1 }
|
|
|
|
|
|
hwFwNetEvents OBJECT IDENTIFIER ::= { hwFwEvents 2 }
|
|
|
|
|
|
-- Network Events
|
|
--
|
|
-- A details table with information related to network events
|
|
-- or events involving "users" of the firewall resources and services
|
|
-- (eg., traffic flows through the firewall or a user authenticating
|
|
-- to use a firewall service).
|
|
|
|
hwFwNetEventsTableLastRow OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index value of the last row in the
|
|
hwFwNetEventsTable. This number starts at 1 and
|
|
increase by one with each new log entry. When this
|
|
number wraps, all events are deleted."
|
|
::= { hwFwNetEvents 1 }
|
|
|
|
|
|
hwFwBasicEvents OBJECT IDENTIFIER ::= { hwFwNetEvents 3 }
|
|
|
|
|
|
-- The cfwBasicEventsGroup
|
|
--
|
|
-- This group defines the table containing information that is
|
|
-- for every logged event on the firewall. The table is
|
|
-- defined along with one variable to obtain the index value of
|
|
-- the last row in the table. The table is indexed by the
|
|
-- integer-valued cfwBasicEventIndex which is assigned to events
|
|
-- in ascending chronological order, such that the oldest event
|
|
-- stored in the table has the numerically smallest value of
|
|
-- cfwBasicEventIndex."
|
|
--
|
|
-- The index of the last row also indicates the total number
|
|
-- modulo 2**32 of events logged in the table since reboot.
|
|
-- Events are not retained across reboots.
|
|
--
|
|
|
|
hwFwBasicEventsTableLastRow OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index value of the most recently created row
|
|
in the cfwBasicEventsTable. This number starts at
|
|
1 and increase by one with each new log entry. When
|
|
this number wraps, all events are deleted."
|
|
::= { hwFwBasicEvents 1 }
|
|
|
|
|
|
hwFwBasicEventsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFwBasicEventsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of basic data for firewall events. The agent
|
|
may choose to delete the instances of cfwBasicEventsEntry
|
|
as required because of lack of memory. The oldest Events
|
|
will be selected first for deletion."
|
|
::= { hwFwBasicEvents 2 }
|
|
|
|
|
|
hwFwBasicEventsEntry OBJECT-TYPE
|
|
SYNTAX HwFwBasicEventsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the table, containing general information
|
|
about an event. This table will always be sparse, i.e.,
|
|
each row will instanciate only a subet of the columnar
|
|
objects."
|
|
INDEX { hwFwBasicEventIndex }
|
|
::= { hwFwBasicEventsTable 1 }
|
|
|
|
|
|
HwFwBasicEventsEntry ::=
|
|
SEQUENCE {
|
|
hwFwBasicEventIndex
|
|
Unsigned32,
|
|
hwFwBasicEventTime
|
|
SnmpAdminString,
|
|
hwFwBasicSecurityEventType
|
|
SecurityEvent,
|
|
hwFwBasicEventDescription
|
|
SnmpAdminString,
|
|
hwFwBasicEventDetailsTableRow
|
|
Unsigned32
|
|
}
|
|
|
|
|
|
hwFwBasicEventIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An index that uniquely identifies an entry in the
|
|
log table. These indices are assigned beginning
|
|
with 1 and increase by one with each new event logged."
|
|
::= { hwFwBasicEventsEntry 1 }
|
|
|
|
|
|
hwFwBasicEventTime OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time that the event occurred."
|
|
::= { hwFwBasicEventsEntry 2 }
|
|
|
|
|
|
|
|
hwFwBasicSecurityEventType OBJECT-TYPE
|
|
SYNTAX SecurityEvent
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of security-related event that this row contains.
|
|
If the event is not security-related this object will not
|
|
be instantiated."
|
|
::= { hwFwBasicEventsEntry 3 }
|
|
|
|
|
|
|
|
hwFwBasicEventDescription OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A description of the event. The value of the object may
|
|
be a zero-length string."
|
|
::= { hwFwBasicEventsEntry 4 }
|
|
|
|
|
|
|
|
hwFwBasicEventDetailsTableRow OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A pointer to a row in the table containing details
|
|
about this event. Generally, the table will be the
|
|
cfwNetEventsTable but a Cisco-defined table may also
|
|
appear here. If there there is no more detailed
|
|
information for this event the value of this object
|
|
will have the value {0 0}."
|
|
::= { hwFwBasicEventsEntry 5 }
|
|
|
|
|
|
|
|
hwFwNetEventsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFwNetEventsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of detailed data for network events. The
|
|
agent may choose to delete the instances of
|
|
hwFwBasicEventsEntry as required because of lack of
|
|
memory. It is an implementation-specific matter as
|
|
to when this deletion may occur. It is recommended
|
|
that the oldest log instances are deleted first."
|
|
::= { hwFwNetEvents 4 }
|
|
|
|
|
|
|
|
hwFwNetEventsEntry OBJECT-TYPE
|
|
SYNTAX HwFwNetEventsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the table, containing detailed information
|
|
about an event. Note that this table may be sparse.
|
|
If Network Address Translation is not enabled
|
|
hwFwNetEventInsideSrcIpAddress and
|
|
hwFwNetEventInsideDstIpAddress will not be instantiated
|
|
in the row. If Port Address Translation is not enabled
|
|
hwFwNetEventInsideSrcIpPort and
|
|
hwFwNetEventInsideDstIpPort will not be instantiated
|
|
in the row. Entries are added to this table at the
|
|
same time that events are added to the hwFwBasicEventsTable.
|
|
These two tables may be configured to be different
|
|
sizes so there may not be a one-to-one correspondence
|
|
between rows in the two tables."
|
|
INDEX { hwFwNetEventIndex }
|
|
::= { hwFwNetEventsTable 1 }
|
|
|
|
|
|
HwFwNetEventsEntry ::=
|
|
SEQUENCE {
|
|
hwFwNetEventIndex
|
|
Unsigned32,
|
|
hwFwNetEventInterface
|
|
InterfaceIndexOrZero,
|
|
hwFwNetEventSrcVrfName
|
|
DisplayString,
|
|
hwFwNetEventSrcIpAddress
|
|
IpAddress,
|
|
hwFwNetEventInsideSrcIpAddress
|
|
IpAddress,
|
|
hwFwNetEventDstVrfName
|
|
DisplayString,
|
|
hwFwNetEventDstIpAddress
|
|
IpAddress,
|
|
hwFwNetEventInsideDstIpAddress
|
|
IpAddress,
|
|
hwFwNetEventSrcIpPort
|
|
Integer32,
|
|
hwFwNetEventInsideSrcIpPort
|
|
Integer32,
|
|
hwFwNetEventDstIpPort
|
|
Integer32,
|
|
hwFwNetEventInsideDstIpPort
|
|
Integer32,
|
|
hwFwNetEventService
|
|
Services,
|
|
hwFwNetEventServiceInformation
|
|
SnmpAdminString,
|
|
hwFwNetEventIdentity
|
|
SnmpAdminString,
|
|
hwFwNetEventDescription
|
|
SnmpAdminString
|
|
}
|
|
|
|
hwFwNetEventIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An index that uniquely identifies an entry in the
|
|
log table. These indices are assigned beginning with
|
|
one and increase by one with each new log entry. When
|
|
this number wraps, all events are deleted in order to
|
|
allow the NMS to differentiate between old and new
|
|
events."
|
|
::= { hwFwNetEventsEntry 1 }
|
|
|
|
|
|
|
|
hwFwNetEventInterface OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface most closely associated with this event.
|
|
For example, for an event that relates to the receipt of
|
|
a packet, this object identifies the interface on which
|
|
the packet was received. If there are multiple interfaces
|
|
associated with an event, the interface most closely
|
|
associated with the cause of the event will be used.
|
|
For example, for an event for the setup of a TCP
|
|
connection, the interface on the initiator's side
|
|
of the connection would be preferred. If there is no
|
|
associated interface, then this object has the value zero."
|
|
::= { hwFwNetEventsEntry 2 }
|
|
|
|
|
|
|
|
hwFwNetEventSrcVrfName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..31))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the VRF's name."
|
|
::= { hwFwNetEventsEntry 3 }
|
|
|
|
|
|
|
|
hwFwNetEventSrcIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP address in the IP packet that caused the
|
|
event. If there is no packet associated with the
|
|
event this object has the value of zero. If the event is
|
|
the result of multiple packets with different source
|
|
addresses, this value may be zero or an address taken
|
|
from an arbitrarily chosen packet in the sequence of
|
|
packets causing the event."
|
|
::= { hwFwNetEventsEntry 4 }
|
|
|
|
|
|
|
|
hwFwNetEventInsideSrcIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source IP address after Network Address Translation
|
|
has been applied. If NAT has not been applied to the
|
|
source address in this packet this object will not
|
|
be instantiated, resulting in a sparse table. If the
|
|
event is the result of multiple packets with different
|
|
source addresses, this value may be zero or an address
|
|
taken from an arbitrarily chosen packet in the sequence
|
|
of packets causing the event."
|
|
::= { hwFwNetEventsEntry 5 }
|
|
|
|
|
|
hwFwNetEventDstVrfName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..31))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the VRF's name."
|
|
::= { hwFwNetEventsEntry 6 }
|
|
|
|
|
|
|
|
hwFwNetEventDstIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP address in the IP packet that caused
|
|
the event. If there is no packet associated with
|
|
the event this object has the value of zero. If the event
|
|
is the result of multiple packets with different destination
|
|
addresses, this value may be zero or an address taken
|
|
from an arbitrarily chosen packet in the sequence of
|
|
packets causing the event."
|
|
::= { hwFwNetEventsEntry 7 }
|
|
|
|
|
|
|
|
hwFwNetEventInsideDstIpAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination IP address after Network Address Translation
|
|
has been applied. If NAT has not been applied to the
|
|
destination address in this packet this object will not
|
|
be instantiated, resulting in a sparse table. If the event
|
|
is the result of multiple packets with different destination
|
|
addresses, this value may be zero or an address taken
|
|
from an arbitrarily chosen packet in the sequence of
|
|
packets causing the event."
|
|
::= { hwFwNetEventsEntry 8 }
|
|
|
|
|
|
|
|
hwFwNetEventSrcIpPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source UDP/TCP port in the IP packet that caused
|
|
the event. If there is no packet associated with the
|
|
event this object has the value of zero. If the event
|
|
is the result of multiple packets with different source
|
|
ports, this value may be zero or a port taken from an
|
|
arbitrarily chosen packet in the sequence of packets
|
|
causing the event."
|
|
::= { hwFwNetEventsEntry 9 }
|
|
|
|
|
|
|
|
hwFwNetEventInsideSrcIpPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Source UDP/TCP port after Port Address Translation
|
|
has been applied. If PAT has not been applied to the
|
|
source port in this packet this object will not be
|
|
instantiated, resulting in a sparse table. If the
|
|
event is the result of multiple packets with different
|
|
source ports, this value may be zero or a port taken
|
|
from an arbitrarily chosen packet in the sequence of
|
|
packets causing the event."
|
|
::= { hwFwNetEventsEntry 10 }
|
|
|
|
|
|
|
|
hwFwNetEventDstIpPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination UDP/TCP port in the IP packet that caused
|
|
the event. If there is no packet associated with the
|
|
event this object has the value of zero. If the event is
|
|
the result of multiple packets with different destination
|
|
ports, this value may be zero or a port taken from an
|
|
arbitrarily chosen packet in the sequence of packets
|
|
causing the event."
|
|
::= { hwFwNetEventsEntry 11 }
|
|
|
|
|
|
|
|
hwFwNetEventInsideDstIpPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Destination UDP/TCP port after Port Address Translation
|
|
has been applied. If PAT has not been applied to the
|
|
Destination port in this packet this object will not be
|
|
instantiated, resulting in a sparse table. If the event
|
|
is the result of multiple packets with different
|
|
destination ports, this value may be zero or a port
|
|
taken from an arbitrarily chosen packet in the sequence
|
|
of packets causing the event."
|
|
::= { hwFwNetEventsEntry 12 }
|
|
|
|
|
|
|
|
hwFwNetEventService OBJECT-TYPE
|
|
SYNTAX Services
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identification of the type of service involved
|
|
with this event."
|
|
::= { hwFwNetEventsEntry 13 }
|
|
|
|
|
|
|
|
hwFwNetEventServiceInformation OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specific service information. This can be used to
|
|
describe the particular service indentified by
|
|
hwFwNetEventService and can reflect whether the service
|
|
is a local service or a gateway service. For example,
|
|
if the value for hwFwNetEventService is loginTelnet
|
|
then the string provided might be 'local telnet'."
|
|
::= { hwFwNetEventsEntry 14 }
|
|
|
|
|
|
|
|
hwFwNetEventIdentity OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object will contain a description of the entity that
|
|
caused the event. The entity could be a userid, username,
|
|
processid or other identifier for the entity using the service.
|
|
If there is no such information then this object will contain
|
|
a zero-length string."
|
|
::= { hwFwNetEventsEntry 15 }
|
|
|
|
|
|
|
|
hwFwNetEventDescription OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A detailed description of the event."
|
|
::= { hwFwNetEventsEntry 16 }
|
|
|
|
|
|
|
|
hwFwSystem OBJECT IDENTIFIER ::= { hwFirewallMIBObjects 2 }
|
|
|
|
|
|
|
|
hwFwStatistics OBJECT IDENTIFIER ::= { hwFwSystem 2 }
|
|
|
|
|
|
-- The Firewall Connection Statistics Table
|
|
--
|
|
-- This table can be used to provide the statistics for firewall
|
|
-- connection events or services. These "connections" can be
|
|
-- connections in a loose sense of the word - a UDP transaction
|
|
-- would qualify as a connection if the firewall maintains
|
|
-- state information to monitor the packets traversing the firewall
|
|
-- for this "connection". A uni-directional UDP "connection" could be
|
|
-- described as being "half-open" by a value of 'halfOpen' in
|
|
-- hwFwConnectionStatType.
|
|
--
|
|
-- This table contains multiple rows for each service to which the
|
|
-- statistic applies.
|
|
|
|
|
|
hwFwConnectionStatTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFwConnectionStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of firewall statistic instances."
|
|
::= { hwFwStatistics 2 }
|
|
|
|
|
|
|
|
hwFwConnectionStatEntry OBJECT-TYPE
|
|
SYNTAX HwFwConnectionStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the table, containing information about a
|
|
firewall statistic."
|
|
INDEX { hwFwConnectionStatService, hwFwConnectionStatType }
|
|
::= { hwFwConnectionStatTable 1 }
|
|
|
|
|
|
HwFwConnectionStatEntry ::=
|
|
SEQUENCE {
|
|
hwFwConnectionStatService
|
|
Services,
|
|
hwFwConnectionStatType
|
|
ConnectionStat,
|
|
hwFwConnectionStatDescription
|
|
SnmpAdminString,
|
|
hwFwConnectionStatCount
|
|
Counter32
|
|
}
|
|
|
|
|
|
hwFwConnectionStatService OBJECT-TYPE
|
|
SYNTAX Services
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The identification of the type of connection providing
|
|
statistics."
|
|
::= { hwFwConnectionStatEntry 1 }
|
|
|
|
|
|
|
|
hwFwConnectionStatType OBJECT-TYPE
|
|
SYNTAX ConnectionStat
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The state of the connections that this row contains
|
|
statistics for."
|
|
::= { hwFwConnectionStatEntry 2 }
|
|
|
|
|
|
|
|
hwFwConnectionStatDescription OBJECT-TYPE
|
|
SYNTAX SnmpAdminString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A detailed textual description of this statistic."
|
|
::= { hwFwConnectionStatEntry 3 }
|
|
|
|
|
|
|
|
hwFwConnectionStatCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is an integer that contains the value of the
|
|
resource statistic. If a type of 'gauge' is more
|
|
appropriate this object will be omitted resulting
|
|
in a sparse table."
|
|
::= { hwFwConnectionStatEntry 4 }
|
|
|
|
-- FireWall Zone table
|
|
hwFwZone OBJECT IDENTIFIER ::= { hwFwSystem 3 }
|
|
|
|
hwFwZoneNumOfEntries OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object maintains a count of the number of entries
|
|
that currently exist in the hwFwZoneTable."
|
|
::= { hwFwZone 1 }
|
|
|
|
hwFwZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFwZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of firewall zone instances."
|
|
::= { hwFwZone 2 }
|
|
|
|
|
|
|
|
hwFwZoneEntry OBJECT-TYPE
|
|
SYNTAX HwFwZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the table, containing information about a
|
|
firewall zone."
|
|
INDEX { hwFwZoneIndex }
|
|
::= { hwFwZoneTable 1 }
|
|
|
|
|
|
HwFwZoneEntry ::=
|
|
SEQUENCE {
|
|
hwFwZoneIndex
|
|
Unsigned32,
|
|
hwFwZoneName
|
|
OCTET STRING,
|
|
hwFwZonePriority
|
|
Unsigned32,
|
|
hwFwZoneIfList
|
|
OCTET STRING,
|
|
hwFwZoneIfNum
|
|
Gauge32
|
|
}
|
|
|
|
|
|
hwFwZoneIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..254)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the name of a firewall zone."
|
|
::= { hwFwZoneEntry 1 }
|
|
|
|
|
|
|
|
hwFwZoneName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the name of a firewall zone."
|
|
::= { hwFwZoneEntry 2 }
|
|
|
|
|
|
|
|
hwFwZonePriority OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..254)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the priority of a firewall zone."
|
|
::= { hwFwZoneEntry 3 }
|
|
|
|
|
|
|
|
hwFwZoneIfList OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..31))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The set of interface which belong to the firewall zone."
|
|
::= { hwFwZoneEntry 4 }
|
|
|
|
|
|
|
|
hwFwZoneIfNum OBJECT-TYPE
|
|
SYNTAX Gauge32 (0..1024)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of interface in this firewall zone."
|
|
::= { hwFwZoneEntry 5 }
|
|
|
|
|
|
-- FireWall Interzone table
|
|
|
|
hwFwInterZone OBJECT IDENTIFIER ::= { hwFwSystem 4 }
|
|
|
|
hwFwInterZoneNumOfEntries OBJECT-TYPE
|
|
SYNTAX Gauge32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object maintains a count of the number of entries
|
|
that currently exist in the hwFwInterZoneTable."
|
|
::= { hwFwInterZone 1 }
|
|
|
|
hwFwInterZoneTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF HwFwInterZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table of firewall Interzone instances."
|
|
::= { hwFwInterZone 2 }
|
|
|
|
|
|
|
|
hwFwInterZoneEntry OBJECT-TYPE
|
|
SYNTAX HwFwInterZoneEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the table, containing information about a
|
|
firewall Interzone."
|
|
INDEX { hwFwInterZoneIndex }
|
|
::= { hwFwInterZoneTable 1 }
|
|
|
|
|
|
HwFwInterZoneEntry ::=
|
|
SEQUENCE {
|
|
hwFwInterZoneIndex
|
|
Unsigned32,
|
|
hwFwInterZoneName
|
|
OCTET STRING,
|
|
hwFwInterZoneEnable
|
|
TruthValue,
|
|
hwFwInterZonePktFltInDefaultRule
|
|
PktFltDefaultRule,
|
|
hwFwInterZonePktFltInAcl
|
|
Unsigned32,
|
|
hwFwInterZonePktFltInMacAcl
|
|
Unsigned32,
|
|
hwFwInterZonePktFltOutDefaultRule
|
|
PktFltDefaultRule,
|
|
hwFwInterZonePktFltOutAcl
|
|
Unsigned32,
|
|
hwFwInterZonePktFltOutMacAcl
|
|
Unsigned32,
|
|
hwFwInterZoneAspf
|
|
AspfProto,
|
|
hwFwInterZoneSessLogInAcl
|
|
Unsigned32,
|
|
hwFwInterZoneSessLogOutAcl
|
|
Unsigned32
|
|
}
|
|
|
|
|
|
hwFwInterZoneIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Index of the firewall interzone."
|
|
::= { hwFwInterZoneEntry 1 }
|
|
|
|
|
|
|
|
|
|
hwFwInterZoneName OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the name of a firewall Interzone."
|
|
::= { hwFwInterZoneEntry 2 }
|
|
|
|
|
|
|
|
hwFwInterZoneEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable firewall on interzone, and show firewall
|
|
status on interzone."
|
|
::= { hwFwInterZoneEntry 3 }
|
|
|
|
|
|
|
|
hwFwInterZonePktFltInDefaultRule OBJECT-TYPE
|
|
SYNTAX PktFltDefaultRule
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Default rule of the packet filtering that the direction
|
|
is inbound."
|
|
::= { hwFwInterZoneEntry 4 }
|
|
|
|
|
|
|
|
hwFwInterZonePktFltInAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Basic or advanced acl number of the packet filtering
|
|
that the direction is inbound."
|
|
::= { hwFwInterZoneEntry 5 }
|
|
|
|
|
|
hwFwInterZonePktFltInMacAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Layer 2 acl number of the packet filtering that the
|
|
direction is inbound."
|
|
::= { hwFwInterZoneEntry 6 }
|
|
|
|
|
|
hwFwInterZonePktFltOutDefaultRule OBJECT-TYPE
|
|
SYNTAX PktFltDefaultRule
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Default rule of the packet filtering that the direction
|
|
is outbound."
|
|
::= { hwFwInterZoneEntry 7 }
|
|
|
|
|
|
|
|
hwFwInterZonePktFltOutAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Basic or advanced acl number of the packet filtering
|
|
that the direction is outbound."
|
|
::= { hwFwInterZoneEntry 8 }
|
|
|
|
hwFwInterZonePktFltOutMacAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Layer 2 acl number of the packet filtering that the
|
|
direction is outbound."
|
|
::= { hwFwInterZoneEntry 9 }
|
|
|
|
|
|
hwFwInterZoneAspf OBJECT-TYPE
|
|
SYNTAX AspfProto
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Type of protocol enabled aspf in this Interzone."
|
|
::= { hwFwInterZoneEntry 10 }
|
|
|
|
hwFwInterZoneSessLogInAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Acl number of interzone session log for inbound."
|
|
::= { hwFwInterZoneEntry 11 }
|
|
|
|
hwFwInterZoneSessLogOutAcl OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Acl number of interzone session log for outbound."
|
|
::= { hwFwInterZoneEntry 12 }
|
|
|
|
|
|
-- FireWall log
|
|
|
|
hwFwLog OBJECT IDENTIFIER ::= { hwFwSystem 5 }
|
|
|
|
hwFwBlackListLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether blacklist log is enabled. "
|
|
::= { hwFwLog 1 }
|
|
|
|
hwFwBlackListLogInterval OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interval of blacklist log. "
|
|
::= { hwFwLog 2 }
|
|
|
|
hwFwDefendLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether defend log is enabled. "
|
|
::= { hwFwLog 3 }
|
|
|
|
hwFwDefendLogInterval OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interval of defend log. "
|
|
::= { hwFwLog 4 }
|
|
|
|
hwFwStatisticLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether statistic log is enabled. "
|
|
::= { hwFwLog 5 }
|
|
|
|
hwFwStatisticLogInterval OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interval of statistic log. "
|
|
::= { hwFwLog 6 }
|
|
|
|
hwFwSessionLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether session log is enabled. "
|
|
::= { hwFwLog 7 }
|
|
|
|
hwFwSessionLogInterval OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interval of session log. "
|
|
::= { hwFwLog 8 }
|
|
|
|
hwFwSessionNatLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether session nat log is enabled. "
|
|
::= { hwFwLog 9 }
|
|
|
|
hwFwSessionOutBandLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether the out-of-band mode of sending log is enabled. "
|
|
::= { hwFwLog 10 }
|
|
|
|
hwFwBinaryLogStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether binary log is enabled. "
|
|
::= { hwFwLog 11 }
|
|
|
|
hwFwBinaryLogHostAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of log server. "
|
|
::= { hwFwLog 12 }
|
|
|
|
hwFwBinaryLogHostPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Port number of log server. "
|
|
::= { hwFwLog 13 }
|
|
|
|
hwFwBinaryLogSrcAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address used by the device to communicate with the log server. "
|
|
::= { hwFwLog 14 }
|
|
|
|
hwFwBinaryLogSrcPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Port number used by the device to communicate with the log server. "
|
|
::= { hwFwLog 15 }
|
|
|
|
hwFwBinaryLogVpnName OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of vpn-instance. "
|
|
::= { hwFwLog 16 }
|
|
|
|
-- FireWall port mapping
|
|
|
|
-- hwFwPortMap OBJECT IDENTIFIER ::= { hwFwSystem 6 }
|
|
|
|
-- hwFwPortMapSipPort OBJECT-TYPE
|
|
-- SYNTAX Unsigned32 (1..65535)
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Port number for Sip port-mapping . "
|
|
-- ::= { hwFwPortMap 1 }
|
|
|
|
-- hwFwPortMapSipAcl OBJECT-TYPE
|
|
-- SYNTAX Unsigned32 (2000..2999)
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "ACL number for Sip port-mapping . "
|
|
-- ::= { hwFwPortMap 2 }
|
|
|
|
-- hwFwPortMapRtspPort OBJECT-TYPE
|
|
-- SYNTAX Unsigned32 (1..65535)
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "Port number for Rtsp port-mapping . "
|
|
-- ::= { hwFwPortMap 3 }
|
|
|
|
-- hwFwPortMapRtspAcl OBJECT-TYPE
|
|
-- SYNTAX Unsigned32 (2000..2999)
|
|
-- MAX-ACCESS read-only
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "ACL number for Rtsp port-mapping . "
|
|
-- ::= { hwFwPortMap 4 }
|
|
|
|
-- FireWall protocol aging time
|
|
|
|
hwFwProtoAgingTime OBJECT IDENTIFIER ::= { hwFwSystem 7 }
|
|
|
|
hwFwSipAgingTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Aging time for Sip stream. "
|
|
::= { hwFwProtoAgingTime 1 }
|
|
|
|
hwFwSipMediaAgingTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Aging time for Sip media stream. "
|
|
::= { hwFwProtoAgingTime 2 }
|
|
|
|
hwFwRtspAgingTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Aging time for Rtsp stream. "
|
|
::= { hwFwProtoAgingTime 3 }
|
|
|
|
hwFwRtspMediaAgingTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Aging time for Rtsp media stream. "
|
|
::= { hwFwProtoAgingTime 4 }
|
|
|
|
hwFirewallMIBNotifications OBJECT IDENTIFIER ::= { hwFirewallMIBObjects 3 }
|
|
|
|
|
|
|
|
hwFwSecurityNotification NOTIFICATION-TYPE
|
|
OBJECTS { hwFwBasicEventTime, hwFwBasicSecurityEventType, hwFwBasicEventDescription, hwFwBasicEventDetailsTableRow }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is used for events involving security
|
|
events. The included objects provide more detailed
|
|
information about the event."
|
|
::= { hwFirewallMIBNotifications 2 }
|
|
|
|
|
|
hwFwInterzoneStatusNotification NOTIFICATION-TYPE
|
|
OBJECTS { hwFwBasicEventTime, hwFwBasicSecurityEventType, hwFwInterZoneName, hwFwBasicEventDescription }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is used for events involving security
|
|
events. Send out firewall enable or disable event in
|
|
Interzone."
|
|
::= { hwFirewallMIBNotifications 3 }
|
|
|
|
|
|
|
|
hwFirewallMIBConformance OBJECT IDENTIFIER ::= { hwFirewallMIB 3 }
|
|
|
|
|
|
|
|
hwFirewallMIBCompliances OBJECT IDENTIFIER ::= { hwFirewallMIBConformance 1 }
|
|
|
|
|
|
-- Conformance
|
|
|
|
|
|
|
|
hwFirewallMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which implement
|
|
the hwFirewallMIB."
|
|
MODULE
|
|
MANDATORY-GROUPS {hwFirewallMIBEventsGroup, hwFirewallMIBNotificationGroupRev1,
|
|
hwFirewallMIBZoneGroup, hwFirewallMIBInterZoneGroup,
|
|
hwFirewallMIBLogGroup, hwFirewallMIBAgingTimeGroup}
|
|
::= { hwFirewallMIBCompliances 1 }
|
|
|
|
|
|
|
|
hwFirewallMIBGroups OBJECT IDENTIFIER ::= { hwFirewallMIBConformance 2 }
|
|
|
|
|
|
-- Units of Conformance
|
|
|
|
hwFirewallMIBEventsGroup OBJECT-GROUP
|
|
OBJECTS { hwFwBasicEventsTableLastRow, hwFwBasicEventTime, hwFwBasicSecurityEventType, hwFwBasicEventDescription, hwFwNetEventDstVrfName,
|
|
hwFwNetEventSrcVrfName, hwFwBasicEventDetailsTableRow, hwFwNetEventsTableLastRow, hwFwNetEventInterface, hwFwNetEventSrcIpAddress,
|
|
hwFwNetEventInsideSrcIpAddress, hwFwNetEventDstIpAddress, hwFwNetEventInsideDstIpAddress, hwFwNetEventSrcIpPort, hwFwNetEventInsideSrcIpPort,
|
|
hwFwNetEventDstIpPort, hwFwNetEventInsideDstIpPort, hwFwNetEventService, hwFwNetEventServiceInformation, hwFwNetEventIdentity,
|
|
hwFwNetEventDescription }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Firewall events"
|
|
::= { hwFirewallMIBGroups 1 }
|
|
|
|
|
|
|
|
hwFirewallMIBStatisticsGroup OBJECT-GROUP
|
|
OBJECTS { hwFwConnectionStatDescription, hwFwConnectionStatCount }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Firewall statistics"
|
|
::= { hwFirewallMIBGroups 2 }
|
|
|
|
|
|
|
|
hwFirewallMIBNotificationGroup OBJECT-GROUP
|
|
OBJECTS { hwFwBasicEventTime, hwFwBasicSecurityEventType, hwFwBasicEventDescription, hwFwBasicEventDetailsTableRow }
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Firewall Notifications"
|
|
::= { hwFirewallMIBGroups 3 }
|
|
|
|
|
|
|
|
hwFirewallMIBNotificationGroupRev1 NOTIFICATION-GROUP
|
|
NOTIFICATIONS { hwFwSecurityNotification, hwFwInterzoneStatusNotification }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Firewall Notifications"
|
|
::= { hwFirewallMIBGroups 4 }
|
|
|
|
|
|
hwFirewallMIBZoneGroup OBJECT-GROUP
|
|
OBJECTS { hwFwZoneNumOfEntries, hwFwZoneName, hwFwZonePriority, hwFwZoneIfList, hwFwZoneIfNum }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is the firewall zone group."
|
|
::= { hwFirewallMIBGroups 5 }
|
|
|
|
hwFirewallMIBInterZoneGroup OBJECT-GROUP
|
|
OBJECTS { hwFwInterZoneNumOfEntries, hwFwInterZoneName, hwFwInterZoneEnable, hwFwInterZonePktFltInDefaultRule,
|
|
hwFwInterZonePktFltInAcl, hwFwInterZonePktFltInMacAcl, hwFwInterZonePktFltOutDefaultRule,
|
|
hwFwInterZonePktFltOutAcl, hwFwInterZonePktFltOutMacAcl, hwFwInterZoneAspf,
|
|
hwFwInterZoneSessLogInAcl, hwFwInterZoneSessLogOutAcl }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is the firewall interzone group."
|
|
::= { hwFirewallMIBGroups 6 }
|
|
|
|
hwFirewallMIBLogGroup OBJECT-GROUP
|
|
OBJECTS { hwFwBlackListLogStatus, hwFwBlackListLogInterval, hwFwDefendLogStatus, hwFwDefendLogInterval, hwFwStatisticLogStatus,
|
|
hwFwStatisticLogInterval, hwFwSessionLogStatus, hwFwSessionLogInterval, hwFwSessionNatLogStatus, hwFwSessionOutBandLogStatus,
|
|
hwFwBinaryLogStatus, hwFwBinaryLogHostAddr, hwFwBinaryLogHostPort, hwFwBinaryLogSrcAddr, hwFwBinaryLogSrcPort, hwFwBinaryLogVpnName }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is the firewall log group."
|
|
::= { hwFirewallMIBGroups 7 }
|
|
|
|
-- hwFirewallMIBPortMapGroup OBJECT-GROUP
|
|
-- OBJECTS { hwFwPortMapSipPort, hwFwPortMapSipAcl, hwFwPortMapRtspPort, hwFwPortMapRtspAcl }
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "This is the firewall portmap group."
|
|
-- ::= { hwFirewallMIBGroups 8 }
|
|
|
|
hwFirewallMIBAgingTimeGroup OBJECT-GROUP
|
|
OBJECTS { hwFwSipAgingTime, hwFwSipMediaAgingTime, hwFwRtspAgingTime, hwFwRtspMediaAgingTime }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This is the firewall Aging time group."
|
|
::= { hwFirewallMIBGroups 8 }
|
|
|
|
|
|
END
|