-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathFDRY-ACL-MIB
321 lines (284 loc) · 8.3 KB
/
FDRY-ACL-MIB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
FDRY-ACL-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Unsigned32 FROM SNMPv2-SMI -- [RFC2578]
TEXTUAL-CONVENTION, RowStatus,
DisplayString, TruthValue FROM SNMPv2-TC -- [RFC2579]
Ipv6Address FROM IPV6-TC -- [RFC2465]
fdryAcl FROM FOUNDRY-SN-ROOT-MIB -- [snroo101]
;
fdryAclMIB MODULE-IDENTITY
LAST-UPDATED "201006020000Z" -- 04 June 2010
ORGANIZATION "Brocade Communications Systems, Inc."
CONTACT-INFO
"Technical Support Center
130 Holger Way,
San Jose, CA 95134
Email: [email protected]
Phone: 1-800-752-8061
URL: www.brocade.com"
DESCRIPTION
"The Brocade proprietary MIB module for Ipv6 Access Control List.
It has new tables for Ipv6 Access Control List.
Copyright 1996-2010 Brocade Communications Systems, Inc.
All rights reserved.
This Brocade Communications Systems SNMP Management Information Base Specification
embodies Brocade Communications Systems' confidential and proprietary
intellectual property. Brocade Communications Systems retains all
title and ownership in the Specification, including any revisions.
This Specification is supplied AS IS, and Brocade Communications Systems makes
no warranty, either express or implied, as to the use,
operation, condition, or performance of the specification, and any unintended
consequence it may on the user environment."
REVISION "201006020000Z" -- 04 June 2010
DESCRIPTION
"Changed the ORGANIZATION, CONTACT-INFO and DESCRIPTION fields."
REVISION "200802140000Z" -- 14 February 2008
DESCRIPTION "Initial version"
::= { fdryAcl 1 }
--
-- Textual Conventions
--
RtrStatus ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Represents a status value such as disabled or enabled."
SYNTAX INTEGER {
disabled(0),
enabled (1)
}
Action ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Represents a action value such as deny or permit."
SYNTAX INTEGER {
deny(0),
permit (1)
}
Operator ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Represents a operators value, such as equal, not-equal, lesser than,
greater than, range and undefined."
SYNTAX INTEGER {
eq(0),
neq (1),
lt (2),
gt (3),
range (4),
undefined (7)
}
IpProtocol ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Represents a transport protocol value."
SYNTAX Unsigned32 (0..255)
--
-- Top level components of this MIB.
--
fdryIpv6Acl OBJECT IDENTIFIER ::= { fdryAclMIB 1 }
--
-- Ipv6 Access Control List Table
--
fdryIpv6AclTable OBJECT-TYPE
SYNTAX SEQUENCE OF FdryIpv6AclEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table of Ipv6 Access Control List"
::= { fdryIpv6Acl 1 }
fdryIpv6AclEntry OBJECT-TYPE
SYNTAX FdryIpv6AclEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the Ipv6 Access Control List table."
INDEX { fdryIpv6AclIndex }
::= { fdryIpv6AclTable 1 }
FdryIpv6AclEntry ::= SEQUENCE {
fdryIpv6AclIndex
Unsigned32,
fdryIpv6AclName
DisplayString,
fdryIpv6AclAction
Action,
fdryIpv6AclProtocol
IpProtocol,
fdryIpv6AclSourceIp
Ipv6Address,
fdryIpv6AclSourcePrefixLen
Unsigned32,
fdryIpv6AclSourceOperator
Operator,
fdryIpv6AclSourceOperand1
Unsigned32,
fdryIpv6AclSourceOperand2
Unsigned32,
fdryIpv6AclDestinationIp
Ipv6Address,
fdryIpv6AclDestinationPrefixLen
Unsigned32,
fdryIpv6AclDestinationOperator
Operator,
fdryIpv6AclDestinationOperand1
Unsigned32,
fdryIpv6AclDestinationOperand2
Unsigned32,
fdryIpv6AclEstablished
RtrStatus,
fdryIpv6AclLogOption
TruthValue,
fdryIpv6AclComments
DisplayString,
fdryIpv6AclRowStatus
RowStatus
}
fdryIpv6AclIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The access control list item number for an entry.
This is a unique number that identifies different
Access list entries. This one has to be
unique even though the name is not unique
for a give access list with same or different source
address, prefix length, destination address and destination
prefix length, protocol type, action (permit/deny) type and the
operator (neq, eq, gt and , lt)."
::= { fdryIpv6AclEntry 1 }
fdryIpv6AclName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..199))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Access Control List name for an entry."
::= { fdryIpv6AclEntry 2 }
fdryIpv6AclAction OBJECT-TYPE
SYNTAX Action
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Action to take if the ip packet matches
with this access control list."
::= { fdryIpv6AclEntry 3 }
fdryIpv6AclProtocol OBJECT-TYPE
SYNTAX IpProtocol
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Transport protocols. 0 means any protocol."
::= { fdryIpv6AclEntry 4 }
fdryIpv6AclSourceIp OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source Ipv6 address."
::= { fdryIpv6AclEntry 5 }
fdryIpv6AclSourcePrefixLen OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Source IPv6 address prefix length."
DEFVAL {64}
::= { fdryIpv6AclEntry 6 }
fdryIpv6AclSourceOperator OBJECT-TYPE
SYNTAX Operator
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Type of comparison to perform.
for now, this only applys to tcp or udp
to compare the port number"
::= { fdryIpv6AclEntry 7 }
fdryIpv6AclSourceOperand1 OBJECT-TYPE
SYNTAX Unsigned32(0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For now this only refers to transport
protocol port number."
::= { fdryIpv6AclEntry 8 }
fdryIpv6AclSourceOperand2 OBJECT-TYPE
SYNTAX Unsigned32(0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For now this only refers to transport
protocol port number."
::= { fdryIpv6AclEntry 9 }
fdryIpv6AclDestinationIp OBJECT-TYPE
SYNTAX Ipv6Address
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination Ipv6 address."
::= { fdryIpv6AclEntry 10 }
fdryIpv6AclDestinationPrefixLen OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Destination IPv6 address prefix length."
DEFVAL {64}
::= { fdryIpv6AclEntry 11 }
fdryIpv6AclDestinationOperator OBJECT-TYPE
SYNTAX Operator
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Type of comparison to perform.
for now, this only applys to tcp or udp
to compare the port number"
::= { fdryIpv6AclEntry 12 }
fdryIpv6AclDestinationOperand1 OBJECT-TYPE
SYNTAX Unsigned32(0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For now this only refers to transport
protocol port number."
::= { fdryIpv6AclEntry 13 }
fdryIpv6AclDestinationOperand2 OBJECT-TYPE
SYNTAX Unsigned32(0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For now this only refers to transport
protocol port number."
::= { fdryIpv6AclEntry 14 }
fdryIpv6AclEstablished OBJECT-TYPE
SYNTAX RtrStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Enable/Disable the filtering of established TCP
packets of which the ACK or RESET flag is on. This
additional filter only applies to TCP transport
protocol."
::= { fdryIpv6AclEntry 15 }
fdryIpv6AclLogOption OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Log flag, should be set to one to enable logging"
::= { fdryIpv6AclEntry 16 }
fdryIpv6AclComments OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Remark description of individual Access Control List entry."
::= { fdryIpv6AclEntry 17 }
fdryIpv6AclRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"To create or delete a access list
entry."
::= { fdryIpv6AclEntry 18 }
END