1169 lines
48 KiB
Plaintext
1169 lines
48 KiB
Plaintext
-- ******************************************************
|
|
-- $Id: zxr10SwitchACL.mib 12 2008-08-26 Caosl $
|
|
--
|
|
-- zxr10SwitchACL.mib: ZXR10 Switch Access List MIB file
|
|
--
|
|
-- August. 2008, Cao shuling
|
|
--
|
|
-- Copyright(c) 2008 by ZTE Corporaton
|
|
-- All rights reservered
|
|
--
|
|
--
|
|
-- ******************************************************
|
|
|
|
ZXR10-SWITCH-ACL-MIB-59 DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
-- MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
NOTIFICATION-TYPE,
|
|
experimental,
|
|
Integer32,
|
|
Unsigned32,
|
|
Counter32
|
|
FROM SNMPv2-SMI
|
|
|
|
MODULE-COMPLIANCE,
|
|
OBJECT-GROUP,
|
|
NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
enterprises
|
|
FROM SNMPv2-SMI
|
|
MacAddress,
|
|
TEXTUAL-CONVENTION,
|
|
RowStatus
|
|
FROM SNMPv2-TC
|
|
|
|
mgmt,
|
|
NetworkAddress,
|
|
IpAddress,
|
|
Counter,
|
|
Gauge
|
|
FROM RFC1155-SMI;
|
|
|
|
zte OBJECT IDENTIFIER ::= { enterprises 3902 }
|
|
zxr10 OBJECT IDENTIFIER ::= { zte 3}
|
|
|
|
zxr10switch OBJECT IDENTIFIER ::= { zxr10 102}
|
|
zxr10ACL OBJECT IDENTIFIER ::= { zxr10switch 2}
|
|
|
|
|
|
--The follow part defined some data types which will be used in this acl mib file later
|
|
DisplayString ::= OCTET STRING
|
|
-- This data type is used to model textual information taken
|
|
-- from the NVT ASCII character set. By convention, objects
|
|
-- with this syntax are declared as having
|
|
-- SIZE (0..255)
|
|
|
|
|
|
zxr10StandardACLTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Zxr10StandardACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Standard ACL"
|
|
::= { zxr10ACL 1 }
|
|
|
|
zxr10StandardACLEntry OBJECT-TYPE
|
|
SYNTAX Zxr10StandardACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Standard ACL"
|
|
INDEX { zxr10StandardACLNo,
|
|
zxr10StandardACLRuleID }
|
|
::= { zxr10StandardACLTable 1 }
|
|
|
|
Zxr10StandardACLEntry ::=
|
|
SEQUENCE {
|
|
zxr10StandardACLNo
|
|
Integer32,
|
|
zxr10StandardACLName
|
|
DisplayString,
|
|
zxr10StandardACLAlias
|
|
DisplayString,
|
|
zxr10StandardACLMatchorder
|
|
INTEGER,
|
|
zxr10StandardACLRuleID
|
|
Integer32,
|
|
zxr10StandardACLPermitDeny
|
|
INTEGER,
|
|
zxr10StandardACLSrcAddr
|
|
IpAddress,
|
|
zxr10StandardACLSrcAddrSrcWildcard
|
|
IpAddress,
|
|
zxr10StandardACLSrcAny
|
|
INTEGER,
|
|
zxr10StandardACLFlag
|
|
INTEGER,
|
|
zxr10StandardACLTimeRangeName
|
|
DisplayString,
|
|
zxr10StandardACLRuleDescription
|
|
DisplayString
|
|
}
|
|
|
|
zxr10StandardACLNo OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Standard ACL number
|
|
<1-99> Configure standard ACL number
|
|
<1000-1499> Configure standard ACL number (expanded range)"
|
|
::= { zxr10StandardACLEntry 1 }
|
|
|
|
zxr10StandardACLName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Standard ACL name (1-31 characters)"
|
|
::= { zxr10StandardACLEntry 2 }
|
|
|
|
|
|
zxr10StandardACLAlias OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Standard ACL alias (1-31 characters)"
|
|
::= { zxr10StandardACLEntry 3 }
|
|
|
|
zxr10StandardACLMatchorder OBJECT-TYPE
|
|
SYNTAX INTEGER{config(0),auto(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Select match order
|
|
auto Sort rules automatically
|
|
config Sort rules by configuration order"
|
|
::= { zxr10StandardACLEntry 4 }
|
|
|
|
zxr10StandardACLRuleID OBJECT-TYPE
|
|
SYNTAX Integer32(1..100)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"rule
|
|
<1-100> ACL rule ID"
|
|
::= { zxr10StandardACLEntry 6 }
|
|
|
|
zxr10StandardACLPermitDeny OBJECT-TYPE
|
|
SYNTAX INTEGER{permit(0),deny(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"deny Specify packets to reject
|
|
permit Specify packets to forward"
|
|
::= { zxr10StandardACLEntry 7 }
|
|
|
|
zxr10StandardACLSrcAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Source address"
|
|
::= { zxr10StandardACLEntry 8 }
|
|
|
|
zxr10StandardACLSrcAddrSrcWildcard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Wildcard bits"
|
|
::= { zxr10StandardACLEntry 9 }
|
|
|
|
zxr10StandardACLSrcAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),valid(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any source"
|
|
::= { zxr10StandardACLEntry 10 }
|
|
|
|
|
|
zxr10StandardACLFlag OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time range enable or disable flag"
|
|
::= { zxr10StandardACLEntry 11 }
|
|
|
|
zxr10StandardACLTimeRangeName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure time range name (1-31 characters)"
|
|
::= { zxr10StandardACLEntry 12 }
|
|
|
|
zxr10StandardACLRuleDescription OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule description (1-16 characters)"
|
|
::= { zxr10StandardACLEntry 13 }
|
|
|
|
|
|
--- extened ACL
|
|
|
|
zxr10ExtendedACLTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Zxr10ExtendedACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extended ACL"
|
|
::= { zxr10ACL 2 }
|
|
|
|
zxr10ExtendedACLEntry OBJECT-TYPE
|
|
SYNTAX Zxr10ExtendedACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extended ACL"
|
|
INDEX { zxr10ExtendedACLNo,
|
|
zxr10ExtendedACLRuleID }
|
|
::= { zxr10ExtendedACLTable 1 }
|
|
|
|
Zxr10ExtendedACLEntry ::=
|
|
SEQUENCE {
|
|
zxr10ExtendedACLNo
|
|
Integer32,
|
|
zxr10ExtendedACLName
|
|
DisplayString,
|
|
zxr10ExtendedACLAlias
|
|
DisplayString,
|
|
zxr10ExtendedACLMatchorder
|
|
INTEGER,
|
|
zxr10ExtendedACLRuleID
|
|
Integer32,
|
|
zxr10ExtendedACLPermitDeny
|
|
INTEGER,
|
|
zxr10ExtendedACLSrcAddr
|
|
IpAddress,
|
|
zxr10ExtendedACLSrcWildcard
|
|
IpAddress,
|
|
zxr10ExtendedACLSrcAny
|
|
INTEGER,
|
|
zxr10ExtendedACLDestAddr
|
|
IpAddress,
|
|
zxr10ExtendedACLDestWildcard
|
|
IpAddress,
|
|
zxr10ExtendedACLDestAny
|
|
INTEGER,
|
|
zxr10ExtendedACLProtocol
|
|
Integer32,
|
|
zxr10ExtendedACLSrcOpr
|
|
INTEGER,
|
|
zxr10ExtendedACLSrcPort
|
|
Integer32,
|
|
zxr10ExtendedACLSrcPort2
|
|
Integer32,
|
|
zxr10ExtendedACLDestOpr
|
|
INTEGER,
|
|
zxr10ExtendedACLDestPort
|
|
Integer32,
|
|
zxr10ExtendedACLDestPort2
|
|
Integer32,
|
|
zxr10ExtendedACLTCPEstablish
|
|
INTEGER,
|
|
zxr10ExtendedACLICMPType
|
|
Integer32,
|
|
zxr10ExtendedACLICMPCode
|
|
Integer32,
|
|
zxr10ExtendedACLPrecedence
|
|
Integer32,
|
|
zxr10ExtendedACLTOS
|
|
Integer32,
|
|
zxr10ExtendedACLDSCP
|
|
Integer32,
|
|
zxr10ExtendedACLFlag
|
|
INTEGER,
|
|
zxr10ExtendedACLTimeRangeName
|
|
DisplayString,
|
|
zxr10ExtendedACLRuleDescription
|
|
DisplayString
|
|
}
|
|
|
|
zxr10ExtendedACLNo OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extended ACL number
|
|
<100-199> Configure extended ACL number
|
|
<1500-1999> Configure extended ACL number (expanded range)"
|
|
::= { zxr10ExtendedACLEntry 1 }
|
|
|
|
zxr10ExtendedACLName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extended ACL name
|
|
WORD Configure extended ACL name (1-31 characters)"
|
|
::= { zxr10ExtendedACLEntry 2 }
|
|
|
|
|
|
zxr10ExtendedACLAlias OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extended ACL alias
|
|
WORD ACL alias (1-31 characters)"
|
|
::= { zxr10ExtendedACLEntry 3 }
|
|
|
|
zxr10ExtendedACLMatchorder OBJECT-TYPE
|
|
SYNTAX INTEGER{config(0),auto(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Select match order
|
|
auto Sort rules automatically
|
|
config Sort rules by configuration order "
|
|
::= { zxr10ExtendedACLEntry 4 }
|
|
|
|
zxr10ExtendedACLRuleID OBJECT-TYPE
|
|
SYNTAX Integer32(1..100)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"rule
|
|
<1-100> ACL rule ID"
|
|
::= { zxr10ExtendedACLEntry 6 }
|
|
|
|
zxr10ExtendedACLPermitDeny OBJECT-TYPE
|
|
SYNTAX INTEGER{permit(0),deny(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"deny Specify packets to reject
|
|
permit Specify packets to forward"
|
|
::= { zxr10ExtendedACLEntry 7 }
|
|
|
|
zxr10ExtendedACLSrcAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Source address"
|
|
::= { zxr10ExtendedACLEntry 8 }
|
|
|
|
zxr10ExtendedACLSrcWildcard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Wildcard bits"
|
|
::= { zxr10ExtendedACLEntry 9 }
|
|
|
|
zxr10ExtendedACLSrcAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),valid(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any source"
|
|
::= { zxr10ExtendedACLEntry 10 }
|
|
|
|
zxr10ExtendedACLDestAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Destination address"
|
|
::= { zxr10ExtendedACLEntry 11 }
|
|
|
|
zxr10ExtendedACLDestWildcard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Destination wildcard bits"
|
|
::= { zxr10ExtendedACLEntry 12 }
|
|
|
|
zxr10ExtendedACLDestAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),valid(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any destination host"
|
|
::= { zxr10ExtendedACLEntry 13 }
|
|
|
|
|
|
zxr10ExtendedACLProtocol OBJECT-TYPE
|
|
SYNTAX Integer32(0..255)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"255 Any internet protocol (ip)
|
|
<0-254> An IP protocol number
|
|
47 Generic Routing Encapsulation (gre)
|
|
1 Internet Control Message Protocol (icmp)
|
|
2 Internet Group Management Protocol (igmp)
|
|
89 Open Shortest Path First Protocol (ospf)
|
|
103 Protocol Independent Multicast (pim)
|
|
6 Transmission Control Protocol (tcp)
|
|
17 User Datagram Protocol (udp)
|
|
112 Virtual Router Redundancy Protocol (vrrp)"
|
|
::= { zxr10ExtendedACLEntry 14 }
|
|
|
|
zxr10ExtendedACLSrcOpr OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),eq(1),ge(2),le(3),range(7)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"eq(1) Match only tcp,udp packets on a given port number
|
|
ge(2) Match only tcp,udp packets with a no lower port number
|
|
le(3) Match only tcp,udp packets with a no greater port number
|
|
range(7) Match tcp,udp packets with a given port range"
|
|
::= { zxr10ExtendedACLEntry 15 }
|
|
|
|
zxr10ExtendedACLSrcPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP)"
|
|
::= { zxr10ExtendedACLEntry 16 }
|
|
|
|
zxr10ExtendedACLSrcPort2 OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP)"
|
|
::= { zxr10ExtendedACLEntry 17 }
|
|
|
|
zxr10ExtendedACLDestOpr OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),eq(1),ge(2),le(3),range(7)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"eq(1) Match only tcp,udp packets on a given port number
|
|
ge(2) Match only tcp,udp packets with a no lower port number
|
|
le(3) Match only tcp,udp packets with a no greater port number
|
|
range(7) Match tcp,udp packets with a given port range"
|
|
::= { zxr10ExtendedACLEntry 18 }
|
|
|
|
zxr10ExtendedACLDestPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP)"
|
|
::= { zxr10ExtendedACLEntry 19 }
|
|
|
|
zxr10ExtendedACLDestPort2 OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP)"
|
|
::= { zxr10ExtendedACLEntry 20 }
|
|
|
|
zxr10ExtendedACLTCPEstablish OBJECT-TYPE
|
|
SYNTAX INTEGER{true(1),false(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Match established connections"
|
|
::= { zxr10ExtendedACLEntry 21 }
|
|
|
|
|
|
zxr10ExtendedACLICMPType OBJECT-TYPE
|
|
SYNTAX Integer32(0..254)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-254> ICMP message type
|
|
6 Alternate address
|
|
8 Echo (ping)
|
|
0 Echo reply
|
|
16 Information replies
|
|
15 Information requests
|
|
18 Mask replies
|
|
17 Mask requests
|
|
12 All parameter problems
|
|
5 All redirects
|
|
9 Router discovery advertisements
|
|
10 Router discovery solicitations
|
|
4 Source quenches
|
|
11 All time exceededs
|
|
14 Timestamp replies
|
|
13 Timestamp requests
|
|
30 Traceroute
|
|
3 All unreachables "
|
|
::= { zxr10ExtendedACLEntry 23 }
|
|
|
|
zxr10ExtendedACLICMPCode OBJECT-TYPE
|
|
SYNTAX Integer32(0..254)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-254> ICMP message code"
|
|
::= { zxr10ExtendedACLEntry 24 }
|
|
|
|
zxr10ExtendedACLPrecedence OBJECT-TYPE
|
|
SYNTAX Integer32(0..7)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-7> IP precedence"
|
|
::= { zxr10ExtendedACLEntry 25 }
|
|
|
|
zxr10ExtendedACLTOS OBJECT-TYPE
|
|
SYNTAX Integer32(0..15)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP TOS
|
|
<0-15> Tos value"
|
|
::= { zxr10ExtendedACLEntry 26 }
|
|
|
|
zxr10ExtendedACLDSCP OBJECT-TYPE
|
|
SYNTAX Integer32(0..63)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-63> Dscp value"
|
|
::= { zxr10ExtendedACLEntry 27 }
|
|
|
|
zxr10ExtendedACLFlag OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time range enable or disable flag"
|
|
::= { zxr10ExtendedACLEntry 28 }
|
|
|
|
zxr10ExtendedACLTimeRangeName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure time range name (1-31 characters)"
|
|
::= { zxr10ExtendedACLEntry 29 }
|
|
|
|
zxr10ExtendedACLRuleDescription OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule description (1-16 characters)"
|
|
::= { zxr10ExtendedACLEntry 30 }
|
|
|
|
|
|
--- link ACL
|
|
|
|
zxr10LinkACLTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Zxr10LinkACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Link ACL"
|
|
::= { zxr10ACL 3 }
|
|
|
|
zxr10LinkACLEntry OBJECT-TYPE
|
|
SYNTAX Zxr10LinkACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Link ACL"
|
|
INDEX { zxr10LinkACLNo,
|
|
zxr10LinkACLRuleID }
|
|
::= { zxr10LinkACLTable 1 }
|
|
|
|
Zxr10LinkACLEntry ::=
|
|
SEQUENCE {
|
|
zxr10LinkACLNo
|
|
Integer32,
|
|
zxr10LinkACLName
|
|
DisplayString,
|
|
zxr10LinkACLAlias
|
|
DisplayString,
|
|
zxr10LinkACLMatchorder
|
|
INTEGER,
|
|
zxr10LinkACLRuleID
|
|
Integer32,
|
|
zxr10LinkACLPermitDeny
|
|
INTEGER,
|
|
zxr10LinkACLProtocol
|
|
Integer32,
|
|
zxr10LinkACLCos
|
|
Integer32,
|
|
zxr10LinkACLDoutVlanID
|
|
Integer32,
|
|
zxr10LinkACLInMAC
|
|
MacAddress,
|
|
zxr10LinkACLInMACWildcard
|
|
MacAddress,
|
|
zxr10LinkACLInMACAny
|
|
INTEGER,
|
|
zxr10LinkACLOutMAC
|
|
MacAddress,
|
|
zxr10LinkACLOutMACWildCard
|
|
MacAddress,
|
|
zxr10LinkACLOutMACAny
|
|
INTEGER,
|
|
zxr10LinkACLFlag
|
|
INTEGER,
|
|
zxr10LinkACLTimeRangeName
|
|
DisplayString,
|
|
zxr10LinkACLRuleDescription
|
|
DisplayString
|
|
}
|
|
|
|
zxr10LinkACLNo OBJECT-TYPE
|
|
SYNTAX Integer32(200..299)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Link ACL number
|
|
<200-299> Configure link ACL number"
|
|
::= { zxr10LinkACLEntry 1 }
|
|
|
|
zxr10LinkACLName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Link ACL name (1-31 characters)"
|
|
::= { zxr10LinkACLEntry 2 }
|
|
|
|
zxr10LinkACLAlias OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Link ACL alias (1-31 characters)"
|
|
::= { zxr10LinkACLEntry 3 }
|
|
|
|
zxr10LinkACLMatchorder OBJECT-TYPE
|
|
SYNTAX INTEGER{config(0),auto(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Select match order
|
|
auto Sort rules automatically
|
|
config Sort rules by configuration order "
|
|
::= { zxr10LinkACLEntry 4 }
|
|
|
|
zxr10LinkACLRuleID OBJECT-TYPE
|
|
SYNTAX Integer32(1..1000)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"rule
|
|
<1-100> ACL rule ID"
|
|
::= { zxr10LinkACLEntry 6 }
|
|
|
|
zxr10LinkACLPermitDeny OBJECT-TYPE
|
|
SYNTAX INTEGER{permit(0),deny(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"deny Specify packets to reject
|
|
permit Specify packets to forward"
|
|
::= { zxr10LinkACLEntry 7 }
|
|
|
|
zxr10LinkACLProtocol OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"65535 Any protocol type(any)
|
|
<1536-65534> Ether protocol number
|
|
2054 Address resolution protocol (arp)
|
|
2048 Internet protocol (ip) "
|
|
::= { zxr10LinkACLEntry 8 }
|
|
|
|
zxr10LinkACLCos OBJECT-TYPE
|
|
SYNTAX Integer32(0..7)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-7> Cos vlan-priority"
|
|
::= { zxr10LinkACLEntry 9 }
|
|
|
|
zxr10LinkACLDoutVlanID OBJECT-TYPE
|
|
SYNTAX Integer32(1..4094)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<1-4094> Source outer vlan id"
|
|
::= { zxr10LinkACLEntry 12 }
|
|
|
|
|
|
zxr10LinkACLInMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Source-mac"
|
|
::= { zxr10LinkACLEntry 13 }
|
|
|
|
zxr10LinkACLInMACWildcard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Source wildcard bits"
|
|
::= { zxr10LinkACLEntry 14 }
|
|
|
|
zxr10LinkACLInMACAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any source host"
|
|
::= { zxr10LinkACLEntry 15 }
|
|
|
|
zxr10LinkACLOutMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Destination-mac"
|
|
::= { zxr10LinkACLEntry 16 }
|
|
|
|
zxr10LinkACLOutMACWildCard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Destination wildcard bits"
|
|
::= { zxr10LinkACLEntry 17 }
|
|
|
|
zxr10LinkACLOutMACAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any destination host"
|
|
::= { zxr10LinkACLEntry 18 }
|
|
|
|
zxr10LinkACLFlag OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time range enable or disable flag"
|
|
::= { zxr10LinkACLEntry 19 }
|
|
|
|
zxr10LinkACLTimeRangeName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure time range name (1-31 characters)"
|
|
::= { zxr10LinkACLEntry 20 }
|
|
|
|
zxr10LinkACLRuleDescription OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL rule description (1-16 characters)"
|
|
::= { zxr10LinkACLEntry 21 }
|
|
|
|
|
|
--- Hybrid ACL
|
|
|
|
|
|
zxr10HybridACLTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Zxr10HybridACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hybrid ACL"
|
|
::= { zxr10ACL 4 }
|
|
|
|
zxr10HybridACLEntry OBJECT-TYPE
|
|
SYNTAX Zxr10HybridACLEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hybrid ACL"
|
|
INDEX { zxr10HybridACLNo,
|
|
zxr10HybridACLRuleID }
|
|
::= { zxr10HybridACLTable 1 }
|
|
|
|
Zxr10HybridACLEntry ::=
|
|
SEQUENCE {
|
|
zxr10HybridACLNo
|
|
Integer32,
|
|
zxr10HybridACLName
|
|
DisplayString,
|
|
zxr10HybridACLAlias
|
|
DisplayString,
|
|
zxr10HybridACLMatchorder
|
|
INTEGER,
|
|
zxr10HybridACLRuleID
|
|
Integer32,
|
|
zxr10HybridACLPermitDeny
|
|
INTEGER,
|
|
zxr10HybridACLProtocol
|
|
Integer32,
|
|
zxr10HybridACLSrcAddr
|
|
IpAddress,
|
|
zxr10HybridACLSrcAddrWildcard
|
|
IpAddress,
|
|
zxr10HybridACLSrcAny
|
|
INTEGER,
|
|
zxr10HybridACLDestAddr
|
|
IpAddress,
|
|
zxr10HybridACLDestAddrWildcard
|
|
IpAddress,
|
|
zxr10HybridACLDestAny
|
|
INTEGER,
|
|
zxr10HybridACLSrcOpr
|
|
INTEGER,
|
|
zxr10HybridACLSrcPort
|
|
Integer32,
|
|
zxr10HybridACLDestOpr
|
|
INTEGER,
|
|
zxr10HybridACLDestPort
|
|
Integer32,
|
|
zxr10HybridACLIPNumber
|
|
Integer32,
|
|
zxr10HybridACLCos
|
|
Integer32,
|
|
zxr10HybridACLDoutVlanID
|
|
Integer32,
|
|
zxr10HybridACLInMAC
|
|
MacAddress,
|
|
zxr10HybridACLInMACWildcard
|
|
MacAddress,
|
|
zxr10HybridACLInMACAny
|
|
INTEGER,
|
|
zxr10HybridACLOutMAC
|
|
MacAddress,
|
|
zxr10HybridACLOutMACWildcard
|
|
MacAddress,
|
|
zxr10HybridACLOutMACAny
|
|
INTEGER,
|
|
zxr10HybridACLFlag
|
|
INTEGER,
|
|
zxr10HybridACLTimeRangeName
|
|
DisplayString,
|
|
zxr10HybridACLRuleDescription
|
|
DisplayString
|
|
}
|
|
|
|
zxr10HybridACLNo OBJECT-TYPE
|
|
SYNTAX Integer32(300..349)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Hybrid ACL number
|
|
<300-349> Configure hybrid ACL number"
|
|
::= { zxr10HybridACLEntry 1 }
|
|
|
|
zxr10HybridACLName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hybrid ACL name (1-31 characters)"
|
|
::= { zxr10HybridACLEntry 2 }
|
|
|
|
|
|
zxr10HybridACLAlias OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Hybrid ACL alias (1-31 characters)"
|
|
::= { zxr10HybridACLEntry 3 }
|
|
|
|
zxr10HybridACLMatchorder OBJECT-TYPE
|
|
SYNTAX INTEGER{config(0),auto(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Select match order
|
|
auto Sort rules automatically
|
|
config Sort rules by configuration order"
|
|
::= { zxr10HybridACLEntry 4 }
|
|
|
|
zxr10HybridACLRuleID OBJECT-TYPE
|
|
SYNTAX Integer32(1..100)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"rule
|
|
<1-100> ACL rule ID"
|
|
::= { zxr10HybridACLEntry 6 }
|
|
|
|
zxr10HybridACLPermitDeny OBJECT-TYPE
|
|
SYNTAX INTEGER{permit(0),deny(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"deny Specify packets to reject
|
|
permit Specify packets to forward"
|
|
::= { zxr10HybridACLEntry 7 }
|
|
|
|
zxr10HybridACLProtocol OBJECT-TYPE
|
|
SYNTAX Integer32(0..255)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" 255 Any internet protocol
|
|
<0-254> An IP protocol number
|
|
47 Generic Routing Encapsulation (gre)
|
|
2 Internet Group Management Protocol (igmp)
|
|
89 Open Shortest Path First Protocol (ospf)
|
|
103 Protocol Independent Multicast (pim)
|
|
6 Transmission control protocol (tcp)
|
|
17 User datagram protocol (udp)
|
|
112 Virtual Router Redundancy Protocol (vrrp)"
|
|
::= { zxr10HybridACLEntry 8 }
|
|
|
|
zxr10HybridACLSrcAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Source address"
|
|
::= { zxr10HybridACLEntry 9 }
|
|
|
|
zxr10HybridACLSrcAddrWildcard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Wildcard bits"
|
|
::= { zxr10HybridACLEntry 10 }
|
|
|
|
zxr10HybridACLSrcAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),valid(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any source"
|
|
::= { zxr10HybridACLEntry 11 }
|
|
|
|
zxr10HybridACLDestAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Destination address"
|
|
::= { zxr10HybridACLEntry 12 }
|
|
|
|
zxr10HybridACLDestAddrWildcard OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A.B.C.D Destination wildcard bits"
|
|
::= { zxr10HybridACLEntry 13 }
|
|
|
|
zxr10HybridACLDestAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),valid(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any destination host"
|
|
::= { zxr10HybridACLEntry 14 }
|
|
|
|
zxr10HybridACLSrcOpr OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),eq(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"eq(1) Match only tcp,udp packets on a given port number"
|
|
::= { zxr10HybridACLEntry 15 }
|
|
|
|
zxr10HybridACLSrcPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP, 80) "
|
|
::= { zxr10HybridACLEntry 16 }
|
|
|
|
zxr10HybridACLDestOpr OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(0),eq(1)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"eq Match only packets on a given port number"
|
|
::= { zxr10HybridACLEntry 17 }
|
|
|
|
zxr10HybridACLDestPort OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-65535> Port number
|
|
179 Border gateway protocol (bgp)
|
|
53 Domain name service (domain)
|
|
79 Finger
|
|
21 File transfer protocol (ftp)
|
|
513 Login (rlogin)
|
|
109 Post office protocol v2 (pop2)
|
|
110 Post office protocol v3 (pop3)
|
|
25 Simple mail transport protocol (smtp)
|
|
23 Telnet
|
|
80 World wide web (HTTP, 80)"
|
|
::= { zxr10HybridACLEntry 18 }
|
|
|
|
zxr10HybridACLIPNumber OBJECT-TYPE
|
|
SYNTAX Integer32(0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"65535 Any ether protocol type
|
|
<0-65534> Ether IP protocol number
|
|
2054 Address resolution protocol (arp)
|
|
2048 Internet protocol (ip) "
|
|
::= { zxr10HybridACLEntry 23 }
|
|
|
|
zxr10HybridACLCos OBJECT-TYPE
|
|
SYNTAX Integer32(0..7)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<0-7> Cos vlan-priority"
|
|
::= { zxr10HybridACLEntry 24 }
|
|
|
|
zxr10HybridACLDoutVlanID OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"<1-4094> Source outer vlan id"
|
|
::= { zxr10HybridACLEntry 27 }
|
|
|
|
zxr10HybridACLInMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Source-mac"
|
|
::= { zxr10HybridACLEntry 28 }
|
|
|
|
zxr10HybridACLInMACWildcard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Source wildcard bits"
|
|
::= { zxr10HybridACLEntry 29 }
|
|
|
|
zxr10HybridACLInMACAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any source host"
|
|
::= { zxr10HybridACLEntry 30 }
|
|
|
|
zxr10HybridACLOutMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Destination-mac"
|
|
::= { zxr10HybridACLEntry 31 }
|
|
|
|
zxr10HybridACLOutMACWildcard OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"xxxx.xxxx.xxxx Destination wildcard bits"
|
|
::= { zxr10HybridACLEntry 32 }
|
|
|
|
zxr10HybridACLOutMACAny OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Any destination host"
|
|
::= { zxr10HybridACLEntry 33 }
|
|
|
|
zxr10HybridACLFlag OBJECT-TYPE
|
|
SYNTAX INTEGER{invalid(1),valid(0)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time range enable or disable flag"
|
|
::= { zxr10HybridACLEntry 34 }
|
|
|
|
zxr10HybridACLTimeRangeName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure time range name (1-31 characters)"
|
|
::= { zxr10HybridACLEntry 35 }
|
|
|
|
zxr10HybridACLRuleDescription OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"ACL Rule Description (1-16 characters)"
|
|
::= { zxr10HybridACLEntry 36 }
|
|
|
|
|
|
END
|
|
|
|
|