1637 lines
70 KiB
Plaintext
1637 lines
70 KiB
Plaintext
-- ============================================================================
|
|
-- Copyright (c) 2004-2017 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
|
|
-- Description: This MIB file is used for configuration of NAT.
|
|
-- include :1.NAT pool
|
|
-- 2.NAT out bound
|
|
-- 3.NAT inside server
|
|
-- 4.NAT aging-time
|
|
-- 5.NAT blacklist
|
|
-- 6.NAT statistics information
|
|
-- 7.NAT DNS
|
|
-- Reference:
|
|
-- Version: V1.5
|
|
-- History:
|
|
-- V1.0 2004/09/17 created by xiaoshuchao
|
|
-- V1.1 2005/06/01 Modified by liguanmin
|
|
-- Modify the value range of the node h3cNATOutboundPoolIdx
|
|
-- V1.2 2007/05/22 Modified by tangjiafeng
|
|
-- Modify the value range of the node h3cNATSessionPeerPort
|
|
-- V1.3 2014/07/11 Modified by hupengfei
|
|
-- Add the h3cNATTotalNATSessionCount, h3cNATEimTableCount,
|
|
-- h3cNATInboundNoPATTableCount, h3cNATOutboundNoPATTableCount,
|
|
-- h3cNATMaxDynamicPortblock, h3cNATMaxStaticPortblock,
|
|
-- h3cNATActiveDynamicPortblock, h3cNATActiveStaticPortblock
|
|
-- V1.4 2016/12/25 Modified by wangxiaohua
|
|
-- Add the h3cNATSessionCreateRate
|
|
-- V1.5 2017/04/07 Modified by wangfuchao
|
|
-- Add the h3cNATAddrGrpStatTable
|
|
-- ============================================================================
|
|
H3C-NAT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
h3cCommon
|
|
FROM HUAWEI-3COM-OID-MIB
|
|
ifIndex
|
|
FROM IF-MIB
|
|
TimeTicks, IpAddress, Integer32, Counter32, Counter64, Unsigned32, OBJECT-TYPE,
|
|
MODULE-IDENTITY
|
|
FROM SNMPv2-SMI
|
|
RowStatus, DisplayString
|
|
FROM SNMPv2-TC;
|
|
|
|
|
|
h3cNat MODULE-IDENTITY
|
|
LAST-UPDATED "201704071503Z" -- April 7, 2017 at 15:03 GMT
|
|
ORGANIZATION
|
|
"Hangzhou H3C Tech. Co., Ltd."
|
|
CONTACT-INFO
|
|
"Platform Team Hangzhou H3C Tech. Co., Ltd.
|
|
Hai-Dian District Beijing P.R. China
|
|
http://www.h3c.com
|
|
Zip:100085
|
|
"
|
|
DESCRIPTION
|
|
"This MIB contains objects to manage configuration of NAT.
|
|
There are no constraints on this MIB."
|
|
|
|
REVISION "201704071503Z" -- April 7, 2017 at 15:03 GMT
|
|
DESCRIPTION
|
|
"Add the h3cNATAddrGrpStatTable."
|
|
|
|
REVISION "201612251105Z" -- December 25, 2016 at 11:05 GMT
|
|
DESCRIPTION
|
|
"Add the h3cNATSessionCreateRate."
|
|
|
|
REVISION "201407111115Z" -- July 11, 2014 at 11:15 GMT
|
|
DESCRIPTION
|
|
"Add the h3cNATTotalNATSessionCount,
|
|
h3cNATEimTableCount,
|
|
h3cNATInboundNoPATTableCount,
|
|
h3cNATOutboundNoPATTableCount,
|
|
h3cNATMaxDynamicPortblock,
|
|
h3cNATMaxStaticPortblock,
|
|
h3cNATActiveDynamicPortblock,
|
|
h3cNATActiveStaticPortblock."
|
|
|
|
REVISION "200501201518Z" -- January 20, 2005 at 15:18 GMT
|
|
DESCRIPTION
|
|
"The initial revision of this MIB module."
|
|
::= { h3cCommon 18 }
|
|
|
|
|
|
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
|
|
-- Global Variants
|
|
h3cNATGlobalVars OBJECT IDENTIFIER ::= { h3cNat 1 }
|
|
|
|
|
|
-- **************Global Variants***************
|
|
-- NAT Clear Session
|
|
h3cNATClearSession OBJECT IDENTIFIER ::= { h3cNATGlobalVars 1 }
|
|
|
|
|
|
h3cNATClearSessionSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board in which administrator wants to
|
|
clear data of the session. In router, the value is 255
|
|
because no NAT board in it. This node only supports 'set' operation.
|
|
The return value of 'get' operation is meaningless."
|
|
::= { h3cNATClearSession 1 }
|
|
|
|
|
|
-- NAT blacklist UserConnectLimitPara
|
|
h3cNATBLConnectLimitPara OBJECT IDENTIFIER ::= { h3cNATGlobalVars 2 }
|
|
|
|
|
|
h3cNATBLConnectHighValue OBJECT-TYPE
|
|
SYNTAX Integer32 (20..20000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximal connection amount. If the connection amount exceeds the
|
|
value, the IP address will be added into blacklist. The IP address
|
|
will not be removed from blacklist until the connection amount is
|
|
less than the minimal connection amount."
|
|
DEFVAL { 500 }
|
|
::= { h3cNATBLConnectLimitPara 1 }
|
|
|
|
|
|
h3cNATBLConnectLowValue OBJECT-TYPE
|
|
SYNTAX Integer32 (20..20000)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimal connection amount."
|
|
DEFVAL { 200 }
|
|
::= { h3cNATBLConnectLimitPara 2 }
|
|
|
|
|
|
h3cNATBLConnectHighRate OBJECT-TYPE
|
|
SYNTAX Integer32 (20..21474836)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximal connection rate(in second). If the connection rate exceed the
|
|
value, the IP address will be added into blacklist. The IP address
|
|
will not be removed from blacklist until the connection rate is
|
|
less than the minimal connection rate."
|
|
DEFVAL { 250 }
|
|
::= { h3cNATBLConnectLimitPara 3 }
|
|
|
|
|
|
h3cNATBLConnectLowRate OBJECT-TYPE
|
|
SYNTAX Integer32 (20..21474836)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimal connection rate(in second)."
|
|
DEFVAL { 100 }
|
|
::= { h3cNATBLConnectLimitPara 4 }
|
|
|
|
|
|
h3cNATBLSpecialConnectHighRate OBJECT-TYPE
|
|
SYNTAX Integer32 (20..21474836)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximal special connection rate(in second). When administrator
|
|
wants to control the speed of connection, he can selects the connection
|
|
speed rate or special connection rate."
|
|
DEFVAL { 250 }
|
|
::= { h3cNATBLConnectLimitPara 5 }
|
|
|
|
|
|
h3cNATBLSpecialConnectLowRate OBJECT-TYPE
|
|
SYNTAX Integer32 (20..21474836)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimal special connection rate(in second)."
|
|
DEFVAL { 100 }
|
|
::= { h3cNATBLConnectLimitPara 6 }
|
|
|
|
|
|
-- NAT blacklist property control Enable
|
|
h3cNATBLCtrlEnable OBJECT IDENTIFIER ::= { h3cNATGlobalVars 3 }
|
|
|
|
|
|
h3cNATBLConnectSumEnable OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable the connection amount control."
|
|
DEFVAL { disable }
|
|
::= { h3cNATBLCtrlEnable 1 }
|
|
|
|
|
|
h3cNATBLConnectRateEnable OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable the connection rate control."
|
|
DEFVAL { disable }
|
|
::= { h3cNATBLCtrlEnable 2 }
|
|
|
|
|
|
-- NAT NP aging-time
|
|
h3cNATNPTimer OBJECT IDENTIFIER ::= { h3cNATGlobalVars 4 }
|
|
|
|
|
|
h3cNATNPAgingTime OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
fast(1),
|
|
slow(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"There are two kinds of aging time in NP. One is fast and the other is
|
|
slow. Administrator can select one or other. The defalult is fast."
|
|
DEFVAL { fast }
|
|
::= { h3cNATNPTimer 1 }
|
|
|
|
|
|
h3cNATMibObjects OBJECT IDENTIFIER ::= { h3cNat 2 }
|
|
|
|
|
|
-- **************MibObjects***************
|
|
-- NAT address pool table
|
|
h3cNATPoolInfoTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATPoolInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NAT address pool table : The address in the pool is
|
|
the IP address in the global network. The pool can span
|
|
255 IP addresses.All address pools configured by administrator
|
|
are recorded in this table."
|
|
::= { h3cNATMibObjects 1 }
|
|
|
|
|
|
h3cNATPoolInfoEntry OBJECT-TYPE
|
|
SYNTAX H3cNATPoolInfoEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of NAT address pool table."
|
|
INDEX { h3cNATPoolIdx }
|
|
::= { h3cNATPoolInfoTable 1 }
|
|
|
|
|
|
H3cNATPoolInfoEntry ::=
|
|
SEQUENCE {
|
|
h3cNATPoolIdx
|
|
Integer32,
|
|
h3cNATPoolStartIpAddr
|
|
IpAddress,
|
|
h3cNATPoolEndIpAddr
|
|
IpAddress,
|
|
h3cNATPoolSlotNo
|
|
Integer32,
|
|
h3cNATPoolRefCounter
|
|
Integer32,
|
|
h3cNATPoolRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATPoolIdx OBJECT-TYPE
|
|
SYNTAX Integer32 (1..320)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Index of the address pool: The index uniquely indicates
|
|
the address pool in the system, and its range is from 1 to 320. "
|
|
::= { h3cNATPoolInfoEntry 1 }
|
|
|
|
|
|
h3cNATPoolStartIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The start IP address of address pool:
|
|
It must be less than or equal to the end IP address."
|
|
::= { h3cNATPoolInfoEntry 2 }
|
|
|
|
|
|
h3cNATPoolEndIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The end IP address of address pool:
|
|
It must be more than or equal to the start IP address."
|
|
::= { h3cNATPoolInfoEntry 3 }
|
|
|
|
|
|
h3cNATPoolSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board to which the address pool is bound.
|
|
The address translation is processed by this NAT board .
|
|
The relation between address pool and slotNo is n:1.
|
|
When the address pool is not bound to the NAT board,the value is 255. "
|
|
::= { h3cNATPoolInfoEntry 4 }
|
|
|
|
|
|
h3cNATPoolRefCounter OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The counter of reference. An address pool can be associated with
|
|
more than one ACL and the counter of reference is recorded in this
|
|
field. When the address pool is not associated with ACL, the value is 0."
|
|
::= { h3cNATPoolInfoEntry 5 }
|
|
|
|
|
|
h3cNATPoolRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATPoolIdx, h3cNATPoolStartIpAddr and
|
|
h3cNATPoolEndIpAddr were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATPoolInfoEntry 6 }
|
|
|
|
|
|
-- NAT Out bound Table
|
|
h3cNATOutboundTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATOutboundEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NAT out bound table: through associating ACL number,
|
|
address pool with NAT board, administrator can designate
|
|
which inside IP address can be translated to global IP
|
|
address in the pool and the translation is processed by
|
|
which NAT board."
|
|
::= { h3cNATMibObjects 2 }
|
|
|
|
|
|
h3cNATOutboundEntry OBJECT-TYPE
|
|
SYNTAX H3cNATOutboundEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of NAT out bound table."
|
|
INDEX { ifIndex, h3cNATOutboundAclNo }
|
|
::= { h3cNATOutboundTable 1 }
|
|
|
|
|
|
H3cNATOutboundEntry ::=
|
|
SEQUENCE {
|
|
h3cNATOutboundAclNo
|
|
Integer32,
|
|
h3cNATOutboundPoolIdx
|
|
Integer32,
|
|
h3cNATOutboundIsNoPat
|
|
INTEGER,
|
|
h3cNATOutboundSlotNo
|
|
Integer32,
|
|
h3cNATOutboundRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATOutboundAclNo OBJECT-TYPE
|
|
SYNTAX Integer32 (2000..3999)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of ACL(Access Control List). When the packet accords with
|
|
the rule in the ACL, its source IP address will be translated to IP
|
|
address in Address pool."
|
|
::= { h3cNATOutboundEntry 1 }
|
|
|
|
|
|
h3cNATOutboundPoolIdx OBJECT-TYPE
|
|
SYNTAX Integer32 (0..320 | 2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of address pool in h3cNATPoolInfoTable.
|
|
when administrator doesn't use the address pool and
|
|
use the IP address of the interface as the address of
|
|
global network, the value is 2147483647."
|
|
::= { h3cNATOutboundEntry 2 }
|
|
|
|
|
|
h3cNATOutboundIsNoPat OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
true(1),
|
|
false(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether to use no pat manner. The translation of no pat
|
|
is that the translation doesn't use the port information of packet."
|
|
DEFVAL { false }
|
|
::= { h3cNATOutboundEntry 3 }
|
|
|
|
|
|
h3cNATOutboundSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board. In router, the value is 255 because no NAT board in it."
|
|
::= { h3cNATOutboundEntry 4 }
|
|
|
|
|
|
h3cNATOutboundRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATOutboundAclNo or h3cNATOutboundAclNo
|
|
and h3cNATOutboundPoolIdx were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATOutboundEntry 5 }
|
|
|
|
|
|
-- NAT inside Server Table
|
|
h3cNATServerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NAT inside Server Table. Administrator can configure server in the
|
|
private network which can provide service for people in the public network.
|
|
The translation map is :
|
|
(InsideIP , InsidePort--> GlobalIP, GlobalPort )
|
|
(InsideIP + 1 , InsidePort--> GlobalIP, GlobalPort + 1)
|
|
(InsideIP + 2 , InsidePort--> GlobalIP, GlobalPort + 2)
|
|
...
|
|
...
|
|
...
|
|
(InsideIP+n(=InsideIP2),InsidePort--> GlobalIP,GlobalPort+n(=GlobalPort2))
|
|
"
|
|
::= { h3cNATMibObjects 3 }
|
|
|
|
|
|
h3cNATServerEntry OBJECT-TYPE
|
|
SYNTAX H3cNATServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of NAT inside server table."
|
|
INDEX { ifIndex, h3cNATServerProType, h3cNATServerGlobalIP, h3cNATServerStartGlobalPort, h3cNATServerVpnIndex
|
|
}
|
|
::= { h3cNATServerTable 1 }
|
|
|
|
|
|
H3cNATServerEntry ::=
|
|
SEQUENCE {
|
|
h3cNATServerProType
|
|
Integer32,
|
|
h3cNATServerGlobalIP
|
|
IpAddress,
|
|
h3cNATServerStartGlobalPort
|
|
Integer32,
|
|
h3cNATServerEndGlobalPort
|
|
Integer32,
|
|
h3cNATServerStartInsideIP
|
|
IpAddress,
|
|
h3cNATServerEndInsideIP
|
|
IpAddress,
|
|
h3cNATServerInsidePort
|
|
Integer32,
|
|
h3cNATServerSlotNo
|
|
Integer32,
|
|
h3cNATServerVpnIndex
|
|
Integer32,
|
|
h3cNATServerAclNumber
|
|
Integer32,
|
|
h3cNATServerRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATServerProType OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of protocol: icmp(1), tcp(6), udp(17) and others."
|
|
::= { h3cNATServerEntry 1 }
|
|
|
|
|
|
h3cNATServerGlobalIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The global IP address of Inside Server."
|
|
::= { h3cNATServerEntry 2 }
|
|
|
|
|
|
h3cNATServerStartGlobalPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The start global port of Inside Server.
|
|
When the port need not be configured, the value is 0."
|
|
::= { h3cNATServerEntry 3 }
|
|
|
|
|
|
h3cNATServerEndGlobalPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The end global port of Inside Server. When administrator doesn't
|
|
configure a series of inside server, the value is 0.
|
|
If the value is not zero, the value of (GlobalPort2-GlobalPort)
|
|
must be equal to (InsideIP2 - InsideIP)."
|
|
::= { h3cNATServerEntry 4 }
|
|
|
|
|
|
h3cNATServerStartInsideIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The start private IP address of Inside Server."
|
|
::= { h3cNATServerEntry 5 }
|
|
|
|
|
|
h3cNATServerEndInsideIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The end private IP address of Inside Server. When administrator doesn't
|
|
configure a series of inside server, the value is 0.0.0.0."
|
|
::= { h3cNATServerEntry 6 }
|
|
|
|
|
|
h3cNATServerInsidePort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The private port of Inside Server."
|
|
::= { h3cNATServerEntry 7 }
|
|
|
|
|
|
h3cNATServerSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board. In router, the value is 255 because no NAT board in it."
|
|
::= { h3cNATServerEntry 8 }
|
|
|
|
|
|
h3cNATServerVpnIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN index of server."
|
|
::= { h3cNATServerEntry 10 }
|
|
|
|
|
|
h3cNATServerAclNumber OBJECT-TYPE
|
|
SYNTAX Integer32 (1..10000)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Number of basic or advanced ACL."
|
|
::= { h3cNATServerEntry 11 }
|
|
|
|
|
|
h3cNATServerRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATServerProType, h3cNATServerGlobalIP, h3cNATServerGlobalPort
|
|
and h3cNATServerInsideIP were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATServerEntry 12 }
|
|
|
|
|
|
-- NAT Time out Table
|
|
h3cNATTimeOutTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATTimeOutEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NAT Time out Table. When a connection is established,
|
|
if there are not any actives in this connection between
|
|
the time, it will be disconnected."
|
|
::= { h3cNATMibObjects 4 }
|
|
|
|
|
|
h3cNATTimeOutEntry OBJECT-TYPE
|
|
SYNTAX H3cNATTimeOutEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of NAT Time out Table."
|
|
INDEX { h3cNATTimeOutProtocol }
|
|
::= { h3cNATTimeOutTable 1 }
|
|
|
|
|
|
H3cNATTimeOutEntry ::=
|
|
SEQUENCE {
|
|
h3cNATTimeOutProtocol
|
|
INTEGER,
|
|
h3cNATTimeOutTimeValue
|
|
Integer32
|
|
}
|
|
|
|
h3cNATTimeOutProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
tcp(1),
|
|
udp(2),
|
|
icmp(3),
|
|
pptp(4),
|
|
dns(5),
|
|
tcpFin(6),
|
|
tcpSyn(7),
|
|
ftpCtrl(8),
|
|
ftpData(9)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of protocol."
|
|
::= { h3cNATTimeOutEntry 1 }
|
|
|
|
|
|
h3cNATTimeOutTimeValue OBJECT-TYPE
|
|
SYNTAX Integer32 (10..86400)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time of time out."
|
|
::= { h3cNATTimeOutEntry 2 }
|
|
|
|
|
|
-- NAT blacklist Enable(start/stop) Table
|
|
h3cNATBLEnableTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATBLEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"NAT blacklist function Enable Table. In this table, administrator can decide
|
|
whether to start the function of blacklist in the NAT board.
|
|
When the function of blacklist can't be set for a NAT board,
|
|
the number of NAT board is 256."
|
|
::= { h3cNATMibObjects 5 }
|
|
|
|
|
|
h3cNATBLEnableEntry OBJECT-TYPE
|
|
SYNTAX H3cNATBLEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of NAT blacklist Enable Table."
|
|
INDEX { h3cNATBLEnableSlotNo }
|
|
::= { h3cNATBLEnableTable 1 }
|
|
|
|
|
|
H3cNATBLEnableEntry ::=
|
|
SEQUENCE {
|
|
h3cNATBLEnableSlotNo
|
|
Integer32,
|
|
h3cNATBLEnable
|
|
INTEGER
|
|
}
|
|
|
|
h3cNATBLEnableSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board.
|
|
When the function of blacklist can't be set for a NAT board,
|
|
the value is 255."
|
|
::= { h3cNATBLEnableEntry 1 }
|
|
|
|
|
|
h3cNATBLEnable OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Start or stop of function of balcklist."
|
|
DEFVAL { disable }
|
|
::= { h3cNATBLEnableEntry 2 }
|
|
|
|
|
|
-- NAT special IP ConnectLimitPara Table
|
|
h3cNATBLIPConnectLimitParaTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATBLIPConnectLimitParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table of connection control of special IP address. In this table, administrator can decide to
|
|
adopt which manner to control the connection which IP address is the
|
|
special IP address."
|
|
::= { h3cNATMibObjects 6 }
|
|
|
|
|
|
h3cNATBLIPConnectLimitParaEntry OBJECT-TYPE
|
|
SYNTAX H3cNATBLIPConnectLimitParaEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of the table of connection control of special IP address."
|
|
INDEX { h3cNATBLIPConnectLimitParaIP }
|
|
::= { h3cNATBLIPConnectLimitParaTable 1 }
|
|
|
|
|
|
H3cNATBLIPConnectLimitParaEntry ::=
|
|
SEQUENCE {
|
|
h3cNATBLIPConnectLimitParaIP
|
|
IpAddress,
|
|
h3cNATBLIPConnectHighValue
|
|
Integer32,
|
|
h3cNATBLIPConnectLowValue
|
|
Integer32,
|
|
h3cNATBLIPUseSpecialConnectRate
|
|
INTEGER,
|
|
h3cNATBLIPConnectLimitRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATBLIPConnectLimitParaIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The special IP address. The IP is private IP address."
|
|
::= { h3cNATBLIPConnectLimitParaEntry 1 }
|
|
|
|
|
|
h3cNATBLIPConnectHighValue OBJECT-TYPE
|
|
SYNTAX Integer32 (20..20000)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximal connection amount. It must be more than the minimal connection amount."
|
|
DEFVAL { 500 }
|
|
::= { h3cNATBLIPConnectLimitParaEntry 2 }
|
|
|
|
|
|
h3cNATBLIPConnectLowValue OBJECT-TYPE
|
|
SYNTAX Integer32 (20..20000)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The minimal connection amount. It must be less than the maximal connection amount."
|
|
DEFVAL { 200 }
|
|
::= { h3cNATBLIPConnectLimitParaEntry 3 }
|
|
|
|
|
|
h3cNATBLIPUseSpecialConnectRate OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
true(1),
|
|
false(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether to use the special connection rate control."
|
|
DEFVAL { false }
|
|
::= { h3cNATBLIPConnectLimitParaEntry 4 }
|
|
|
|
|
|
h3cNATBLIPConnectLimitRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATBLIPConnectHighValue, h3cNATBLIPConnectLowValue
|
|
and h3cNATBLIPUseSpecialConnectRate were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATBLIPConnectLimitParaEntry 5 }
|
|
|
|
|
|
-- NAT blacklist Manager Table
|
|
h3cNATBLManagerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATBLManagerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The management table of blacklist.
|
|
The table doesn't support 'getnext' operation."
|
|
::= { h3cNATMibObjects 7 }
|
|
|
|
|
|
h3cNATBLManagerEntry OBJECT-TYPE
|
|
SYNTAX H3cNATBLManagerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of management table of blacklist."
|
|
INDEX { h3cNATBLIpAdress, h3cNATBLSlotNo }
|
|
::= { h3cNATBLManagerTable 1 }
|
|
|
|
|
|
H3cNATBLManagerEntry ::=
|
|
SEQUENCE {
|
|
h3cNATBLIpAdress
|
|
IpAddress,
|
|
h3cNATBLSlotNo
|
|
Integer32,
|
|
h3cNATBLConSum
|
|
Integer32,
|
|
h3cNATBLConSpd
|
|
INTEGER
|
|
}
|
|
|
|
h3cNATBLIpAdress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The IP address of entry of blacklist."
|
|
::= { h3cNATBLManagerEntry 1 }
|
|
|
|
|
|
h3cNATBLSlotNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board."
|
|
::= { h3cNATBLManagerEntry 2 }
|
|
|
|
|
|
h3cNATBLConSum OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The connection amount."
|
|
::= { h3cNATBLManagerEntry 3 }
|
|
|
|
|
|
h3cNATBLConSpd OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
red(1),
|
|
yellow(2),
|
|
green(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The state of connection rate:
|
|
red(1) : the connection rate is above the upper limit.
|
|
yellow(2): the connection rate is between the upper and lower limit.
|
|
green(3) : the connection rate is below the lower limit."
|
|
::= { h3cNATBLManagerEntry 4 }
|
|
|
|
|
|
-- NAT Statistics Info
|
|
h3cNATStatTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The statistics information table of NAT module."
|
|
::= { h3cNATMibObjects 8 }
|
|
|
|
|
|
h3cNATStatEntry OBJECT-TYPE
|
|
SYNTAX H3cNATStatEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of statistics information table of NAT module."
|
|
INDEX { h3cNATStatNATBoardNo }
|
|
::= { h3cNATStatTable 1 }
|
|
|
|
|
|
H3cNATStatEntry ::=
|
|
SEQUENCE {
|
|
h3cNATStatNATBoardNo
|
|
Integer32,
|
|
h3cNATStatActiveTblCount
|
|
Counter32,
|
|
h3cNATStatActiveTblCountInNP
|
|
Counter32,
|
|
h3cNATStatActiveNatTblCount
|
|
Counter32,
|
|
h3cNATStatActiveSvrTblCount
|
|
Counter32,
|
|
h3cNATStatActivePoolTblCount
|
|
Counter32,
|
|
h3cNATStatNumOfUsedPort
|
|
Counter32,
|
|
h3cNATStatNumOfGoodPkt
|
|
Counter32,
|
|
h3cNATStatNumOfBadPkt
|
|
Counter32,
|
|
h3cNATStaticSessionCount
|
|
Integer32,
|
|
h3cNATFragmentSessionCount
|
|
Integer32,
|
|
h3cNATSequenceSessionCount
|
|
Integer32,
|
|
h3cNATLogCount
|
|
Integer32
|
|
}
|
|
|
|
h3cNATStatNATBoardNo OBJECT-TYPE
|
|
SYNTAX Integer32 (1..14 | 255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of NAT board. In router, the value is 255 because no NAT board in it."
|
|
::= { h3cNATStatEntry 1 }
|
|
|
|
|
|
h3cNATStatActiveTblCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active PAT session count In software."
|
|
::= { h3cNATStatEntry 2 }
|
|
|
|
|
|
h3cNATStatActiveTblCountInNP OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active PAT session count In NP."
|
|
::= { h3cNATStatEntry 3 }
|
|
|
|
|
|
h3cNATStatActiveNatTblCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active NO-PAT session count."
|
|
::= { h3cNATStatEntry 4 }
|
|
|
|
|
|
h3cNATStatActiveSvrTblCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active SERVER session count."
|
|
::= { h3cNATStatEntry 5 }
|
|
|
|
|
|
h3cNATStatActivePoolTblCount OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active address pool session count."
|
|
::= { h3cNATStatEntry 6 }
|
|
|
|
|
|
h3cNATStatNumOfUsedPort OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of used port in NP."
|
|
::= { h3cNATStatEntry 7 }
|
|
|
|
|
|
h3cNATStatNumOfGoodPkt OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of good packet in NP."
|
|
::= { h3cNATStatEntry 8 }
|
|
|
|
|
|
h3cNATStatNumOfBadPkt OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of bad packet in NP."
|
|
::= { h3cNATStatEntry 9 }
|
|
|
|
|
|
h3cNATStaticSessionCount OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active STATIC session count."
|
|
::= { h3cNATStatEntry 10 }
|
|
|
|
|
|
h3cNATFragmentSessionCount OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active fragment packet session count."
|
|
::= { h3cNATStatEntry 11 }
|
|
|
|
|
|
h3cNATSequenceSessionCount OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active session table count hash by private IP."
|
|
::= { h3cNATStatEntry 12 }
|
|
|
|
|
|
h3cNATLogCount OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Buffered Nat LOG table count."
|
|
::= { h3cNATStatEntry 13 }
|
|
|
|
|
|
-- nat session
|
|
h3cNATSessionTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The nat session information table. There is the address translation information in the table.
|
|
The sketch map of connection is
|
|
pc1(private Net)------------------>NAT Device ------------------>Server(public Net)
|
|
InsideIP, InsidePort---->translating to GlobalIP, GlobalPort------>PeerIP, PeerPort.
|
|
"
|
|
::= { h3cNATMibObjects 9 }
|
|
|
|
|
|
h3cNATSessionEntry OBJECT-TYPE
|
|
SYNTAX H3cNATSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of session information table."
|
|
INDEX { h3cNATSessionHashNumber, h3cNATSessionProtocol, h3cNATSessionInsideIP, h3cNATSessionInsidePort, h3cNATSessionPeerIP,
|
|
h3cNATSessionPeerPort, h3cNATSessionVpnIndex }
|
|
::= { h3cNATSessionTable 1 }
|
|
|
|
|
|
H3cNATSessionEntry ::=
|
|
SEQUENCE {
|
|
h3cNATSessionHashNumber
|
|
Integer32,
|
|
h3cNATSessionProtocol
|
|
Integer32,
|
|
h3cNATSessionGlobalIP
|
|
IpAddress,
|
|
h3cNATSessionGlobalPort
|
|
Integer32,
|
|
h3cNATSessionInsideIP
|
|
IpAddress,
|
|
h3cNATSessionInsidePort
|
|
Integer32,
|
|
h3cNATSessionPeerIP
|
|
IpAddress,
|
|
h3cNATSessionPeerPort
|
|
Integer32,
|
|
h3cNATSessionVpnIndex
|
|
Integer32,
|
|
h3cNATSessionTTL
|
|
Integer32,
|
|
h3cNATSessionStatus
|
|
Integer32,
|
|
h3cNATSessionLeftTime
|
|
TimeTicks
|
|
}
|
|
|
|
h3cNATSessionHashNumber OBJECT-TYPE
|
|
SYNTAX Integer32 (1..300000)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The row number of the hash table."
|
|
::= { h3cNATSessionEntry 1 }
|
|
|
|
|
|
h3cNATSessionProtocol OBJECT-TYPE
|
|
SYNTAX Integer32 (1..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The protocol type of session."
|
|
::= { h3cNATSessionEntry 2 }
|
|
|
|
|
|
h3cNATSessionGlobalIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The global IP of session. "
|
|
::= { h3cNATSessionEntry 3 }
|
|
|
|
|
|
h3cNATSessionGlobalPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The global port of session."
|
|
::= { h3cNATSessionEntry 4 }
|
|
|
|
|
|
h3cNATSessionInsideIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Inside IP of session."
|
|
::= { h3cNATSessionEntry 5 }
|
|
|
|
|
|
h3cNATSessionInsidePort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Inside port of session."
|
|
::= { h3cNATSessionEntry 6 }
|
|
|
|
|
|
h3cNATSessionPeerIP OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer IP of session."
|
|
::= { h3cNATSessionEntry 7 }
|
|
|
|
|
|
h3cNATSessionPeerPort OBJECT-TYPE
|
|
SYNTAX Integer32 (0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The peer port of session."
|
|
::= { h3cNATSessionEntry 8 }
|
|
|
|
|
|
h3cNATSessionVpnIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VPN index of session."
|
|
::= { h3cNATSessionEntry 9 }
|
|
|
|
|
|
h3cNATSessionTTL OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TTL of session."
|
|
::= { h3cNATSessionEntry 10 }
|
|
|
|
|
|
h3cNATSessionStatus OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of session."
|
|
::= { h3cNATSessionEntry 11 }
|
|
|
|
|
|
h3cNATSessionLeftTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Left time of session."
|
|
::= { h3cNATSessionEntry 12 }
|
|
|
|
|
|
h3cNATStaticConfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATStaticConfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Static Nat configuration table."
|
|
::= { h3cNATMibObjects 10 }
|
|
|
|
|
|
h3cNATStaticConfEntry OBJECT-TYPE
|
|
SYNTAX H3cNATStaticConfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Configure static Nat."
|
|
INDEX { h3cNATStaticInsideIp }
|
|
::= { h3cNATStaticConfTable 1 }
|
|
|
|
|
|
H3cNATStaticConfEntry ::=
|
|
SEQUENCE {
|
|
h3cNATStaticInsideIp
|
|
IpAddress,
|
|
h3cNATStaticGlobalIp
|
|
IpAddress,
|
|
h3cNATStaticRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATStaticInsideIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Inside ip address."
|
|
::= { h3cNATStaticConfEntry 1 }
|
|
|
|
|
|
h3cNATStaticGlobalIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Global Ip address."
|
|
::= { h3cNATStaticConfEntry 2 }
|
|
|
|
|
|
h3cNATStaticRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATStaticInsideIp and h3cNATStaticGlobalIp were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATStaticConfEntry 3 }
|
|
|
|
|
|
h3cNATStaticEnableTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATStaticEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active the static Nat on interface."
|
|
::= { h3cNATMibObjects 11 }
|
|
|
|
|
|
h3cNATStaticEnableEntry OBJECT-TYPE
|
|
SYNTAX H3cNATStaticEnableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Active the static Nat on interface."
|
|
INDEX { ifIndex }
|
|
::= { h3cNATStaticEnableTable 1 }
|
|
|
|
|
|
H3cNATStaticEnableEntry ::=
|
|
SEQUENCE {
|
|
h3cNATStaticEnable
|
|
INTEGER
|
|
}
|
|
|
|
h3cNATStaticEnable OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
disable(0),
|
|
enable(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/disable the static Nat on the interface(h3cNatStaticEnableIfIndex).
|
|
disable (0)
|
|
enable (1)
|
|
"
|
|
::= { h3cNATStaticEnableEntry 2 }
|
|
|
|
|
|
h3cNATDnsMapTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATDnsMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table is used to set mapping of DNS."
|
|
::= { h3cNATMibObjects 12 }
|
|
|
|
|
|
h3cNATDnsMapEntry OBJECT-TYPE
|
|
SYNTAX H3cNATDnsMapEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The entry of h3cNATDnsMapTable."
|
|
INDEX { h3cNATDnsMapDomainName }
|
|
::= { h3cNATDnsMapTable 1 }
|
|
|
|
|
|
H3cNATDnsMapEntry ::=
|
|
SEQUENCE {
|
|
h3cNATDnsMapDomainName
|
|
DisplayString,
|
|
h3cNATDnsMapGlobalIp
|
|
IpAddress,
|
|
h3cNATDnsMapGlobalPort
|
|
Integer32,
|
|
h3cNATDnsMapProtocolType
|
|
INTEGER,
|
|
h3cNATDnsMapLastUseTime
|
|
TimeTicks,
|
|
h3cNATDnsMapRowStatus
|
|
RowStatus
|
|
}
|
|
|
|
h3cNATDnsMapDomainName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Domain name."
|
|
::= { h3cNATDnsMapEntry 1 }
|
|
|
|
|
|
h3cNATDnsMapGlobalIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Global IP address."
|
|
::= { h3cNATDnsMapEntry 2 }
|
|
|
|
|
|
h3cNATDnsMapGlobalPort OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Global port number."
|
|
::= { h3cNATDnsMapEntry 3 }
|
|
|
|
|
|
h3cNATDnsMapProtocolType OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
any(0),
|
|
typeTCP(1),
|
|
typeUDP(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"TCP Transmission Control Protocol.
|
|
UDP User Datagram Protocol."
|
|
::= { h3cNATDnsMapEntry 4 }
|
|
|
|
|
|
h3cNATDnsMapLastUseTime OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Its value is the time that the device uses
|
|
from startup to last use 'Dns Map'record.
|
|
If the value is 0,the device never use this
|
|
record."
|
|
::= { h3cNATDnsMapEntry 5 }
|
|
|
|
|
|
h3cNATDnsMapRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Only support 'destroy' and 'createAndGo'.
|
|
If h3cNATDnsMapDomainName, h3cNATDnsMapGlobalIp
|
|
and h3cNATDnsMapGlobalPortor h3cNATDnsMapDomainName,
|
|
h3cNATDnsMapGlobalIp, h3cNATDnsMapGlobalPort and
|
|
h3cNATDnsMapProtocolType were provided correctly,
|
|
its value is changed 'active'."
|
|
::= { h3cNATDnsMapEntry 6 }
|
|
|
|
-- new NAT statistics
|
|
h3cNATStatVer2Table OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATStatVer2TableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The new statistics of NAT."
|
|
::= { h3cNATMibObjects 13 }
|
|
|
|
h3cNATStatVer2TableEntry OBJECT-TYPE
|
|
SYNTAX H3cNATStatVer2TableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) representing NAT
|
|
statistics information."
|
|
INDEX { h3cNATStatChassis, h3cNATStatSlot, h3cNATStatCPUID }
|
|
::= { h3cNATStatVer2Table 1 }
|
|
|
|
H3cNATStatVer2TableEntry ::= SEQUENCE {
|
|
h3cNATStatChassis Unsigned32,
|
|
h3cNATStatSlot Unsigned32,
|
|
h3cNATStatCPUID Unsigned32,
|
|
h3cNATTotalNATSessionCount Unsigned32,
|
|
h3cNATEimTableCount Unsigned32,
|
|
h3cNATInboundNoPATTableCount Unsigned32,
|
|
h3cNATOutboundNoPATTableCount Unsigned32,
|
|
h3cNATMaxDynamicPortblock Unsigned32,
|
|
h3cNATMaxStaticPortblock Unsigned32,
|
|
h3cNATActiveDynamicPortblock Unsigned32,
|
|
h3cNATActiveStaticPortblock Unsigned32,
|
|
h3cNATSessionCreateRate Unsigned32
|
|
}
|
|
|
|
h3cNATStatChassis OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An IRF member device ID."
|
|
::= { h3cNATStatVer2TableEntry 1 }
|
|
|
|
h3cNATStatSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The slot where the card resides."
|
|
::= { h3cNATStatVer2TableEntry 2 }
|
|
|
|
h3cNATStatCPUID OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..7)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CPU ID."
|
|
::= { h3cNATStatVer2TableEntry 3 }
|
|
|
|
h3cNATTotalNATSessionCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current NAT sessions."
|
|
::= { h3cNATStatVer2TableEntry 4 }
|
|
|
|
h3cNATEimTableCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current EIM tables."
|
|
::= { h3cNATStatVer2TableEntry 5 }
|
|
|
|
h3cNATInboundNoPATTableCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current NO-PAT tables built on NAT inbound
|
|
translation."
|
|
::= { h3cNATStatVer2TableEntry 6 }
|
|
|
|
h3cNATOutboundNoPATTableCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current NO-PAT tables built on NAT outbound
|
|
translation."
|
|
::= { h3cNATStatVer2TableEntry 7 }
|
|
|
|
h3cNATMaxDynamicPortblock OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current NAT444 dynamic port blocks."
|
|
::= { h3cNATStatVer2TableEntry 8 }
|
|
|
|
h3cNATMaxStaticPortblock OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current NAT444 static port blocks."
|
|
::= { h3cNATStatVer2TableEntry 9 }
|
|
|
|
h3cNATActiveDynamicPortblock OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current active NAT444 dynamic port blocks."
|
|
::= { h3cNATStatVer2TableEntry 10 }
|
|
|
|
h3cNATActiveStaticPortblock OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of current active NAT444 static port blocks."
|
|
::= { h3cNATStatVer2TableEntry 11 }
|
|
|
|
h3cNATSessionCreateRate OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rate of nat session create."
|
|
::= { h3cNATStatVer2TableEntry 12 }
|
|
|
|
-- Nodes of NAT Address Group Statistics
|
|
|
|
h3cNATAddrGrpStatTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF H3cNATAddrGrpStatTableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The statistics of NAT address groups."
|
|
::= { h3cNATMibObjects 14 }
|
|
|
|
h3cNATAddrGrpStatTableEntry OBJECT-TYPE
|
|
SYNTAX H3cNATAddrGrpStatTableEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) representing NAT
|
|
address group statistics."
|
|
INDEX
|
|
{
|
|
h3cNATAddrGrpStatChassis,
|
|
h3cNATAddrGrpStatSlot,
|
|
h3cNATAddrGrpStatCPUID,
|
|
h3cNATAddrGrpStatAddrGrpNum
|
|
}
|
|
::= { h3cNATAddrGrpStatTable 1 }
|
|
|
|
H3cNATAddrGrpStatTableEntry ::=
|
|
SEQUENCE
|
|
{
|
|
h3cNATAddrGrpStatChassis
|
|
Unsigned32,
|
|
h3cNATAddrGrpStatSlot
|
|
Unsigned32,
|
|
h3cNATAddrGrpStatCPUID
|
|
Unsigned32,
|
|
h3cNATAddrGrpStatAddrGrpNum
|
|
Unsigned32,
|
|
h3cNATAddrGrpStatFailAllocPort
|
|
Unsigned32,
|
|
h3cNATAddrGrpStatAddrGrpSessCnt
|
|
Counter64
|
|
}
|
|
|
|
h3cNATAddrGrpStatChassis OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An IRF member device ID."
|
|
::= { h3cNATAddrGrpStatTableEntry 1 }
|
|
|
|
h3cNATAddrGrpStatSlot OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..65534)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The slot where the card resides."
|
|
::= { h3cNATAddrGrpStatTableEntry 2 }
|
|
|
|
h3cNATAddrGrpStatCPUID OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..7)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"CPU ID."
|
|
::= { h3cNATAddrGrpStatTableEntry 3 }
|
|
|
|
h3cNATAddrGrpStatAddrGrpNum OBJECT-TYPE
|
|
SYNTAX Unsigned32(0..65535)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The NAT address group number."
|
|
::= { h3cNATAddrGrpStatTableEntry 4 }
|
|
|
|
h3cNATAddrGrpStatFailAllocPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The count of NAT port allocation failures."
|
|
::= { h3cNATAddrGrpStatTableEntry 5 }
|
|
|
|
h3cNATAddrGrpStatAddrGrpSessCnt OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The session count of current NAT address group."
|
|
::= { h3cNATAddrGrpStatTableEntry 6 }
|
|
|
|
END
|