CISCO-LWAPP-ACL-MIB
File:
CISCO-LWAPP-ACL-MIB.mib (12417 bytes)
Imported modules
Imported symbols
Defined Types
ClaCpuAclEntry |
|
SEQUENCE |
|
|
|
|
claCpuAclIndex |
Unsigned32 |
|
|
claCpuAclName |
DisplayString |
|
|
claCpuAclPacketApplicability |
INTEGER |
|
ClaAclEntry |
|
SEQUENCE |
|
|
|
|
claAclName |
OCTET STRING |
|
|
claAclCounterClear |
TruthValue |
|
ClaAclRuleEntry |
|
SEQUENCE |
|
|
|
|
claAclRuleIndex |
Unsigned32 |
|
|
claAclRuleHits |
Counter32 |
|
Defined Values
ciscoLwappAclMIB |
1.3.6.1.4.1.9.9.577 |
This MIB is intended to be implemented on all those
devices operating as Central Controllers (CC) that
terminate the Light Weight Access Point Protocol
tunnel from Light-weight LWAPP Access Points.
This MIB provides configuration and status information
about the ACLs on the controller.
Particularly this mib covers the CPU ACLs for the wireless
controllers.
Traffic to the controller CPU comes from the NPU (Network
Processing Unit).
Using CPU ACLs, the user can place restrictions on type of
traffic reaching the CPU of the controller from the NPU.
CPU ACLs introduce an ACL for the traffic to the CPU of
controller. With this ACL the type of packets reaching the
CPU can be controlled. The mode of operation is as follows.
The administrator designates one ACL for the traffic to the
CPU. The ACL kicks in for packets from the NPU to the CPU.
Each ACL is an ordered set of rules. If a rule matches then
action for that rule is applied to the packet. The decision
to send or drop the packet is taken based on the action
parameter of the ACL.
There will be no ACL for the packets from the CPU to the
NPU.
GLOSSARY
Access Control List ( ACL )
A list of rules used to restrict the traffic reaching an
interface or the CPU. Each ACL is an ordered set of rules
and actions. If a rule matches then the action for that
rule is applied to the packet.
Access Point ( AP )
An entity that contains an 802.11 medium access control
( MAC ) and physical layer ( PHY ) interface and provides
acess to the distribution services via the wireless medium
for associated clients.
CPU ACL ( CPU ACL )
The ACL applied to the CPU. This controls the type of
traffic reaching the CPU of the controller.
Network Processing Unit ( NPU )
This entity is responsible for forwarding traffic to the
CPU. The only exceptions are data coming thorugh the
console port and the Service port i.e. these communicate
directly with the CPU and not via the NPU.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the communciation
between the Access Points and the Central Controller.
REFERENCE
[1] Part 11 Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications. |
MODULE-IDENTITY |
|
|
|
claAclCounterEnable |
1.3.6.1.4.1.9.9.577.1.3.1 |
This object represents the ACL Counters status
of the controller. Set this to 'true', if user
wants to see if packets are hitting any
of the ACLs that are configured on the controller |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
claCpuAclTable |
1.3.6.1.4.1.9.9.577.1.1.1 |
This table represents the ACL related parameters on the
CPU of the controller. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
ClaCpuAclEntry |
|
claCpuAclEntry |
1.3.6.1.4.1.9.9.577.1.1.1.1 |
Each entry represents a conceptual row in this table.
For each CPU of the controller, there will be a row. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
ClaCpuAclEntry |
|
|
claCpuAclIndex |
1.3.6.1.4.1.9.9.577.1.1.1.1.1 |
This object uniquely identifies one instance of
a CPU on the controller. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
claCpuAclName |
1.3.6.1.4.1.9.9.577.1.1.1.1.2 |
Name of the Access Control List applied to the CPU.
The access list to be applied should already exist
on the controller.
If it is required to remove the ACL for the CPU,
this field should be set to an empty string. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
DisplayString |
Size(0..32) |
|
claCpuAclPacketApplicability |
1.3.6.1.4.1.9.9.577.1.1.1.1.3 |
This indicates whether the CPU ACL applies for only
wired(2) packets, only the wireless(3) packets
or both(4) types of packets.
If there is no ACL applied to the CPU, then
this field will be set to none(1) .
If earlier there was no ACL applied to the CPU and the
user just sets the claCpuAclName attribute, then
this field will be set to both(4). |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
INTEGER |
none(1), wired(2), wireless(3), both(4) |
|
claAclTable |
1.3.6.1.4.1.9.9.577.1.2.1 |
The table listing ACLs (Access Control Lists)
and counter status on the Switch. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
ClaAclEntry |
|
claAclEntry |
1.3.6.1.4.1.9.9.577.1.2.1.1 |
Each entry represents a conceptual row in this table.
For each ACL on the controller, there will be a row. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
ClaAclEntry |
|
|
claAclName |
1.3.6.1.4.1.9.9.577.1.2.1.1.1 |
Name of the Access Control List. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(1..32) |
|
claAclCounterClear |
1.3.6.1.4.1.9.9.577.1.2.1.1.2 |
This object when set to 'true', will clear the
counter of the ACL represented by the
unique ACL name. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
claAclRuleTable |
1.3.6.1.4.1.9.9.577.1.2.2 |
The table listing rules and number of hits under ACL on the
Switch. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
ClaAclRuleEntry |
|
claAclRuleEntry |
1.3.6.1.4.1.9.9.577.1.2.2.1 |
Each entry represents a conceptual row in this table.
For each ACL rule of the controller, there will be a row. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
ClaAclRuleEntry |
|
|
claAclRuleIndex |
1.3.6.1.4.1.9.9.577.1.2.2.1.2 |
Index of the ACL rule. This can be updated to reset the
sequence of the rules of an ACL. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
1..64 |
|
claAclRuleHits |
1.3.6.1.4.1.9.9.577.1.2.2.1.3 |
Number of hits in the particular rule under the ACL.This object
is cleared by setting the claAclCounterClear object. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ciscoLwappAclMIBCompliance |
1.3.6.1.4.1.9.9.577.2.1.1 |
The compliance statement for the SNMP entities that
implement the ciscoLwappAclMIB module. |
Status: deprecated |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoLwappAclMIBComplianceRev1 |
1.3.6.1.4.1.9.9.577.2.1.2 |
The compliance statement for the SNMP entities that
implement the ciscoLwappAclMIB module. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoLwappCpuAclGroup |
1.3.6.1.4.1.9.9.577.2.2.1 |
This collection of objects represents the information
about the general attributes of CPU ACL. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoLwappAclGroup |
1.3.6.1.4.1.9.9.577.2.2.2 |
This collection of objects represents the information
about the general attributes of controller ACL. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|