CISCO-FIREWALL-MIB

File: CISCO-FIREWALL-MIB.mib (50720 bytes)

Imported modules

SNMPv2-CONF SNMPv2-SMI SNMPv2-TC
SNMP-FRAMEWORK-MIB IF-MIB CISCO-SMI

Imported symbols

OBJECT-GROUP NOTIFICATION-GROUP MODULE-COMPLIANCE
MODULE-IDENTITY OBJECT-TYPE NOTIFICATION-TYPE
Counter32 Gauge32 Unsigned32
IpAddress DateAndTime TEXTUAL-CONVENTION
RowPointer SnmpAdminString InterfaceIndexOrZero
ciscoMgmt

Defined Types

ResourceStatistics  
TEXTUAL-CONVENTION    
  current INTEGER highUse(1), highLoad(2), maximum(3), minimum(4), low(5), high(6), average(7), free(8), inUse(9)

Hardware  
TEXTUAL-CONVENTION    
  current INTEGER memory(1), disk(2), power(3), netInterface(4), cpu(5), primaryUnit(6), secondaryUnit(7), other(8)

Services  
TEXTUAL-CONVENTION    
  current INTEGER otherFWService(1), fileXferFtp(2), fileXferTftp(3), fileXferFtps(4), loginTelnet(5), loginRlogin(6), loginTelnets(7), remoteExecSunRPC(8), remoteExecMSRPC(9), remoteExecRsh(10), remoteExecXserver(11), webHttp(12), webHttps(13), mailSmtp(14), multimediaStreamworks(15), multimediaH323(16), multimediaNetShow(17), multimediaVDOLive(18), multimediaRealAV(19), multimediaRTSP(20), dbOracle(21), dbMSsql(22), contInspProgLang(23), contInspUrl(24), directoryNis(25), directoryDns(26), directoryNetbiosns(27), directoryNetbiosdgm(28), directoryNetbiosssn(29), directoryWins(30), qryWhois(31), qryFinger(32), qryIdent(33), fsNfsStatus(34), fsNfs(35), fsCifs(36), protoIcmp(37), protoTcp(38), protoUdp(39), protoIp(40), protoSnmp(41)

HardwareStatus  
TEXTUAL-CONVENTION    
  current INTEGER other(1), up(2), down(3), error(4), overTemp(5), busy(6), noMedia(7), backup(8), active(9), standby(10)

SecurityEvent  
TEXTUAL-CONVENTION    
  current INTEGER other(1), none(2), dos(3), recon(4), pakFwd(5), addrSpoof(6), svcSpoof(7), thirdParty(8), complete(9), invalPak(10), illegCom(11), policy(12)

ContentInspectionEvent  
TEXTUAL-CONVENTION    
  current INTEGER other(1), okay(2), error(3), found(4), clean(5), reject(6), saved(7)

ConnectionEvent  
TEXTUAL-CONVENTION    
  current INTEGER other(1), accept(2), error(3), drop(4), close(5), timeout(6), refused(7), reset(8), noResp(9)

ConnectionStat  
TEXTUAL-CONVENTION    
  current INTEGER other(1), totalOpen(2), currentOpen(3), currentClosing(4), currentHalfOpen(5), currentInUse(6), high(7)

AccessEvent  
TEXTUAL-CONVENTION    
  current INTEGER other(1), grant(2), deny(3), denyMult(4), error(5)

AuthenticationEvent  
TEXTUAL-CONVENTION    
  current INTEGER other(1), succ(2), error(3), fail(4), succPriv(5), failPriv(6), failMult(7)

GenericEvent  
TEXTUAL-CONVENTION    
  current INTEGER abnormal(1), okay(2), error(3)

CfwBasicEventsEntry  
SEQUENCE    
  cfwBasicEventIndex Unsigned32
  cfwBasicEventTime DateAndTime
  cfwBasicSecurityEventType SecurityEvent
  cfwBasicContentInspEventType ContentInspectionEvent
  cfwBasicConnectionEventType ConnectionEvent
  cfwBasicAccessEventType AccessEvent
  cfwBasicAuthenticationEventType AuthenticationEvent
  cfwBasicGenericEventType GenericEvent
  cfwBasicEventDescription SnmpAdminString
  cfwBasicEventDetailsTableRow RowPointer

CfwNetEventsEntry  
SEQUENCE    
  cfwNetEventIndex Unsigned32
  cfwNetEventInterface InterfaceIndexOrZero
  cfwNetEventSrcIpAddress IpAddress
  cfwNetEventInsideSrcIpAddress IpAddress
  cfwNetEventDstIpAddress IpAddress
  cfwNetEventInsideDstIpAddress IpAddress
  cfwNetEventSrcIpPort INTEGER
  cfwNetEventInsideSrcIpPort INTEGER
  cfwNetEventDstIpPort INTEGER
  cfwNetEventInsideDstIpPort INTEGER
  cfwNetEventService Services
  cfwNetEventServiceInformation SnmpAdminString
  cfwNetEventIdentity SnmpAdminString
  cfwNetEventDescription SnmpAdminString

CfwHardwareStatusEntry  
SEQUENCE    
  cfwHardwareType Hardware
  cfwHardwareInformation SnmpAdminString
  cfwHardwareStatusValue HardwareStatus
  cfwHardwareStatusDetail SnmpAdminString

CfwBufferStatsEntry  
SEQUENCE    
  cfwBufferStatSize Unsigned32
  cfwBufferStatType ResourceStatistics
  cfwBufferStatInformation SnmpAdminString
  cfwBufferStatValue Gauge32

CfwConnectionStatEntry  
SEQUENCE    
  cfwConnectionStatService Services
  cfwConnectionStatType ConnectionStat
  cfwConnectionStatDescription SnmpAdminString
  cfwConnectionStatCount Counter32
  cfwConnectionStatValue Gauge32

Defined Values

ciscoFirewallMIB 1.3.6.1.4.1.9.9.147
MIB module for monitoring Cisco Firewalls.
MODULE-IDENTITY    

ciscoFirewallMIBObjects 1.3.6.1.4.1.9.9.147.1
OBJECT IDENTIFIER    

cfwEvents 1.3.6.1.4.1.9.9.147.1.1
OBJECT IDENTIFIER    

cfwBasicEvents 1.3.6.1.4.1.9.9.147.1.1.1
OBJECT IDENTIFIER    

cfwNetEvents 1.3.6.1.4.1.9.9.147.1.1.2
OBJECT IDENTIFIER    

cfwSystem 1.3.6.1.4.1.9.9.147.1.2
OBJECT IDENTIFIER    

cfwStatus 1.3.6.1.4.1.9.9.147.1.2.1
OBJECT IDENTIFIER    

cfwStatistics 1.3.6.1.4.1.9.9.147.1.2.2
OBJECT IDENTIFIER    

cfwBasicEventsTableLastRow 1.3.6.1.4.1.9.9.147.1.1.1.1
The index value of the most recently created row in the cfwBasicEventsTable. This number starts at 1 and increase by one with each new log entry. When this number wraps, all events are deleted.
OBJECT-TYPE    
  Unsigned32  

cfwBasicEventsTable 1.3.6.1.4.1.9.9.147.1.1.1.2
Table of basic data for firewall events. The agent may choose to delete the instances of cfwBasicEventsEntry as required because of lack of memory. The oldest Events will be selected first for deletion.
OBJECT-TYPE    
  SEQUENCE OF  
    CfwBasicEventsEntry

cfwBasicEventsEntry 1.3.6.1.4.1.9.9.147.1.1.1.2.1
An entry in the table, containing general information about an event. This table will always be sparse, i.e., each row will instanciate only a subet of the columnar objects.
OBJECT-TYPE    
  CfwBasicEventsEntry  

cfwBasicEventIndex 1.3.6.1.4.1.9.9.147.1.1.1.2.1.1
An index that uniquely identifies an entry in the log table. These indices are assigned beginning with 1 and increase by one with each new event logged.
OBJECT-TYPE    
  Unsigned32  

cfwBasicEventTime 1.3.6.1.4.1.9.9.147.1.1.1.2.1.2
The time that the event occurred.
OBJECT-TYPE    
  DateAndTime  

cfwBasicSecurityEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.3
The type of security-related event that this row contains. If the event is not security-related this object will not be instantiated.
OBJECT-TYPE    
  SecurityEvent  

cfwBasicContentInspEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.4
The type of content inspection-related event that this row contains. If the event is not content inspection-related this object will not be instantiated.
OBJECT-TYPE    
  ContentInspectionEvent  

cfwBasicConnectionEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.5
The type of connection-related event that this row contains. If the event is not connection-related this object will not be instantiated.
OBJECT-TYPE    
  ConnectionEvent  

cfwBasicAccessEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.6
The type of access-related event that this row contains. If the event is not access-related this object will not be instantiated.
OBJECT-TYPE    
  AccessEvent  

cfwBasicAuthenticationEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.7
The type of authentication-related event that this row contains. If the event is not authentication-related this object will not be instantiated.
OBJECT-TYPE    
  AuthenticationEvent  

cfwBasicGenericEventType 1.3.6.1.4.1.9.9.147.1.1.1.2.1.8
The type of generic event that this row contains. If the event does not fall into one of the other categories this object will be populated. Otherwise, this object will not be instantiated.
OBJECT-TYPE    
  GenericEvent  

cfwBasicEventDescription 1.3.6.1.4.1.9.9.147.1.1.1.2.1.9
A description of the event. The value of the object may be a zero-length string.
OBJECT-TYPE    
  SnmpAdminString  

cfwBasicEventDetailsTableRow 1.3.6.1.4.1.9.9.147.1.1.1.2.1.10
A pointer to a row in the table containing details about this event. Generally, the table will be the cfwNetEventsTable but a Cisco-defined table may also appear here. If there there is no more detailed information for this event the value of this object will have the value {0 0}.
OBJECT-TYPE    
  RowPointer  

cfwNetEventsTableLastRow 1.3.6.1.4.1.9.9.147.1.1.2.1
The index value of the last row in the cfwNetEventsTable. This number starts at 1 and increase by one with each new log entry. When this number wraps, all events are deleted.
OBJECT-TYPE    
  Unsigned32  

cfwNetEventsTable 1.3.6.1.4.1.9.9.147.1.1.2.2
Table of detailed data for network events. The agent may choose to delete the instances of cfwBasicEventsEntry as required because of lack of memory. It is an implementation-specific matter as to when this deletion may occur. It is recommended that the oldest log instances are deleted first.
OBJECT-TYPE    
  SEQUENCE OF  
    CfwNetEventsEntry

cfwNetEventsEntry 1.3.6.1.4.1.9.9.147.1.1.2.2.1
An entry in the table, containing detailed information about an event. Note that this table may be sparse. If Network Address Translation is not enabled cfwNetEventInsideSrcIpAddress and cfwNetEventInsideDstIpAddress will not be instantiated in the row. If Port Address Translation is not enabled cfwNetEventInsideSrcIpPort and cfwNetEventInsideDstIpPort will not be instantiated in the row. Entries are added to this table at the same time that events are added to the cfwBasicEventsTable. These two tables may be configured to be different sizes so there may not be a one-to-one correspondence between rows in the two tables.
OBJECT-TYPE    
  CfwNetEventsEntry  

cfwNetEventIndex 1.3.6.1.4.1.9.9.147.1.1.2.2.1.1
An index that uniquely identifies an entry in the log table. These indices are assigned beginning with one and increase by one with each new log entry. When this number wraps, all events are deleted in order to allow the NMS to differentiate between old and new events.
OBJECT-TYPE    
  Unsigned32  

cfwNetEventInterface 1.3.6.1.4.1.9.9.147.1.1.2.2.1.2
The interface most closely associated with this event. For example, for an event that relates to the receipt of a packet, this object identifies the interface on which the packet was received. If there are multiple interfaces associated with an event, the interface most closely associated with the cause of the event will be used. For example, for an event for the setup of a TCP connection, the interface on the initiator's side of the connection would be preferred. If there is no associated interface, then this object has the value zero.
OBJECT-TYPE    
  InterfaceIndexOrZero  

cfwNetEventSrcIpAddress 1.3.6.1.4.1.9.9.147.1.1.2.2.1.3
Source IP address in the IP packet that caused the event. If there is no packet associated with the event this object has the value of zero. If the event is the result of multiple packets with different source addresses, this value may be zero or an address taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  IpAddress  

cfwNetEventInsideSrcIpAddress 1.3.6.1.4.1.9.9.147.1.1.2.2.1.4
Source IP address after Network Address Translation has been applied. If NAT has not been applied to the source address in this packet this object will not be instantiated, resulting in a sparse table. If the event is the result of multiple packets with different source addresses, this value may be zero or an address taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  IpAddress  

cfwNetEventDstIpAddress 1.3.6.1.4.1.9.9.147.1.1.2.2.1.5
Destination IP address in the IP packet that caused the event. If there is no packet associated with the event this object has the value of zero. If the event is the result of multiple packets with different destination addresses, this value may be zero or an address taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  IpAddress  

cfwNetEventInsideDstIpAddress 1.3.6.1.4.1.9.9.147.1.1.2.2.1.6
Destination IP address after Network Address Translation has been applied. If NAT has not been applied to the destination address in this packet this object will not be instantiated, resulting in a sparse table. If the event is the result of multiple packets with different destination addresses, this value may be zero or an address taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  IpAddress  

cfwNetEventSrcIpPort 1.3.6.1.4.1.9.9.147.1.1.2.2.1.7
Source UDP/TCP port in the IP packet that caused the event. If there is no packet associated with the event this object has the value of zero. If the event is the result of multiple packets with different source ports, this value may be zero or a port taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  INTEGER 0..65535  

cfwNetEventInsideSrcIpPort 1.3.6.1.4.1.9.9.147.1.1.2.2.1.8
Source UDP/TCP port after Port Address Translation has been applied. If PAT has not been applied to the source port in this packet this object will not be instantiated, resulting in a sparse table. If the event is the result of multiple packets with different source ports, this value may be zero or a port taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  INTEGER 0..65535  

cfwNetEventDstIpPort 1.3.6.1.4.1.9.9.147.1.1.2.2.1.9
Destination UDP/TCP port in the IP packet that caused the event. If there is no packet associated with the event this object has the value of zero. If the event is the result of multiple packets with different destination ports, this value may be zero or a port taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  INTEGER 0..65535  

cfwNetEventInsideDstIpPort 1.3.6.1.4.1.9.9.147.1.1.2.2.1.10
Destination UDP/TCP port after Port Address Translation has been applied. If PAT has not been applied to the Destination port in this packet this object will not be instantiated, resulting in a sparse table. If the event is the result of multiple packets with different destination ports, this value may be zero or a port taken from an arbitrarily chosen packet in the sequence of packets causing the event.
OBJECT-TYPE    
  INTEGER 0..65535  

cfwNetEventService 1.3.6.1.4.1.9.9.147.1.1.2.2.1.11
The identification of the type of service involved with this event.
OBJECT-TYPE    
  Services  

cfwNetEventServiceInformation 1.3.6.1.4.1.9.9.147.1.1.2.2.1.12
Specific service information. This can be used to describe the particular service indentified by cfwNetEventService and can reflect whether the service is a local service or a gateway service. For example, if the value for cfwNetEventService is loginTelnet then the string provided might be 'local telnet'.
OBJECT-TYPE    
  SnmpAdminString  

cfwNetEventIdentity 1.3.6.1.4.1.9.9.147.1.1.2.2.1.13
This object will contain a description of the entity that caused the event. The entity could be a userid, username, processid or other identifier for the entity using the service. If there is no such information then this object will contain a zero-length string.
OBJECT-TYPE    
  SnmpAdminString  

cfwNetEventDescription 1.3.6.1.4.1.9.9.147.1.1.2.2.1.14
A detailed description of the event.
OBJECT-TYPE    
  SnmpAdminString  

cfwHardwareStatusTable 1.3.6.1.4.1.9.9.147.1.2.1.1
Table of firewall cfwHardwareStatusEntry entries.
OBJECT-TYPE    
  SEQUENCE OF  
    CfwHardwareStatusEntry

cfwHardwareStatusEntry 1.3.6.1.4.1.9.9.147.1.2.1.1.1
An entry in the table, containing status information about a resource.
OBJECT-TYPE    
  CfwHardwareStatusEntry  

cfwHardwareType 1.3.6.1.4.1.9.9.147.1.2.1.1.1.1
The hardware type for which this row provides status information.
OBJECT-TYPE    
  Hardware  

cfwHardwareInformation 1.3.6.1.4.1.9.9.147.1.2.1.1.1.2
A detailed textual description of the resource identified by cfwHardwareType.
OBJECT-TYPE    
  SnmpAdminString  

cfwHardwareStatusValue 1.3.6.1.4.1.9.9.147.1.2.1.1.1.3
This object contains the current status of the resource.
OBJECT-TYPE    
  HardwareStatus  

cfwHardwareStatusDetail 1.3.6.1.4.1.9.9.147.1.2.1.1.1.4
A detailed textual description of the current status of the resource which may provide a more specific description than cfwHardwareStatusValue.
OBJECT-TYPE    
  SnmpAdminString  

cfwBufferStatsTable 1.3.6.1.4.1.9.9.147.1.2.2.1
A table conatining status information about a firewall's buffers.
OBJECT-TYPE    
  SEQUENCE OF  
    CfwBufferStatsEntry

cfwBufferStatsEntry 1.3.6.1.4.1.9.9.147.1.2.2.1.1
An entry in the table, containing status information about a particular statistic for the set of buffers of a particular size.
OBJECT-TYPE    
  CfwBufferStatsEntry  

cfwBufferStatSize 1.3.6.1.4.1.9.9.147.1.2.2.1.1.1
This object contains the size of the set of buffers for which this row contains the statistics given by cfwBufferStatType.
OBJECT-TYPE    
  Unsigned32  

cfwBufferStatType 1.3.6.1.4.1.9.9.147.1.2.2.1.1.2
This object identifies the type of statistic given by this row for the particular set of buffers identified by cfwBufferStatSize.
OBJECT-TYPE    
  ResourceStatistics  

cfwBufferStatInformation 1.3.6.1.4.1.9.9.147.1.2.2.1.1.3
A detailed textual description of the statistic identified by cfwBufferStatType.
OBJECT-TYPE    
  SnmpAdminString  

cfwBufferStatValue 1.3.6.1.4.1.9.9.147.1.2.2.1.1.4
The value of the buffer statistic.
OBJECT-TYPE    
  Gauge32  

cfwConnectionStatTable 1.3.6.1.4.1.9.9.147.1.2.2.2
Table of firewall statistic instances.
OBJECT-TYPE    
  SEQUENCE OF  
    CfwConnectionStatEntry

cfwConnectionStatEntry 1.3.6.1.4.1.9.9.147.1.2.2.2.1
An entry in the table, containing information about a firewall statistic.
OBJECT-TYPE    
  CfwConnectionStatEntry  

cfwConnectionStatService 1.3.6.1.4.1.9.9.147.1.2.2.2.1.1
The identification of the type of connection providing statistics.
OBJECT-TYPE    
  Services  

cfwConnectionStatType 1.3.6.1.4.1.9.9.147.1.2.2.2.1.2
The state of the connections that this row contains statistics for.
OBJECT-TYPE    
  ConnectionStat  

cfwConnectionStatDescription 1.3.6.1.4.1.9.9.147.1.2.2.2.1.3
A detailed textual description of this statistic.
OBJECT-TYPE    
  SnmpAdminString  

cfwConnectionStatCount 1.3.6.1.4.1.9.9.147.1.2.2.2.1.4
This is an integer that contains the value of the resource statistic. If a type of 'gauge' is more appropriate this object will be omitted resulting in a sparse table.
OBJECT-TYPE    
  Counter32  

cfwConnectionStatValue 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5
This is an integer that contains the value of the resource statistic. If a type of 'counter' is more appropriate this object will be omitted resulting in a sparse table.
OBJECT-TYPE    
  Gauge32  

ciscoFirewallMIBNotificationPrefix 1.3.6.1.4.1.9.9.147.2
OBJECT IDENTIFIER    

ciscoFirewallMIBNotifications 1.3.6.1.4.1.9.9.147.2.0
OBJECT IDENTIFIER    

cfwSecurityNotification 1.3.6.1.4.1.9.9.147.2.0.2
This notification is used for events involving security events. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

cfwContentInspectNotification 1.3.6.1.4.1.9.9.147.2.0.3
This notification is used to notify the NMS of content inspection events. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

cfwConnNotification 1.3.6.1.4.1.9.9.147.2.0.4
This notification is used to notify the NMS of connection-oriented events. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

cfwAccessNotification 1.3.6.1.4.1.9.9.147.2.0.5
This notification is used to notify the NMS of access events. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

cfwAuthNotification 1.3.6.1.4.1.9.9.147.2.0.6
This notification is used to notify the NMS of authentication events. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

cfwGenericNotification 1.3.6.1.4.1.9.9.147.2.0.7
This notification is used to notify the NMS of events that do not fall into the other categories. The included objects provide more detailed information about the event.
NOTIFICATION-TYPE    

ciscoFirewallMIBConformance 1.3.6.1.4.1.9.9.147.3
OBJECT IDENTIFIER    

ciscoFirewallMIBCompliances 1.3.6.1.4.1.9.9.147.3.1
OBJECT IDENTIFIER    

ciscoFirewallMIBGroups 1.3.6.1.4.1.9.9.147.3.2
OBJECT IDENTIFIER    

ciscoFirewallMIBCompliance 1.3.6.1.4.1.9.9.147.3.1.1
The compliance statement for entities which implement the Cisco FirewallMIB.
MODULE-COMPLIANCE    

ciscoFirewallMIBComplianceRev1 1.3.6.1.4.1.9.9.147.3.1.2
Implementation of these notifications is not required.
MODULE-COMPLIANCE    

ciscoFirewallMIBEventsGroup 1.3.6.1.4.1.9.9.147.3.2.1
Firewall events
OBJECT-GROUP    

ciscoFirewallMIBStatisticsGroup 1.3.6.1.4.1.9.9.147.3.2.2
Firewall statistics
OBJECT-GROUP    

ciscoFirewallMIBNotificationGroup 1.3.6.1.4.1.9.9.147.3.2.3
Firewall Notifications
OBJECT-GROUP    

ciscoFirewallMIBNotificationGroupRev1 1.3.6.1.4.1.9.9.147.3.2.4
Firewall Notifications
NOTIFICATION-GROUP