HUAWEI-ACL-MIB

File: HUAWEI-ACL-MIB.mib (151833 bytes)

Imported modules

HUAWEI-MIB SNMPv2-CONF SNMPv2-SMI
SNMPv2-TC P-BRIDGE-MIB IPV6-TC

Imported symbols

huaweiMgmt OBJECT-GROUP MODULE-COMPLIANCE
NOTIFICATION-GROUP IpAddress Integer32
Unsigned32 Gauge32 Counter32
OBJECT-TYPE Counter64 MODULE-IDENTITY
NOTIFICATION-TYPE RowStatus TruthValue
MacAddress EnabledStatus Ipv6Address

Defined Types

HwAclNumGroupEntry  
SEQUENCE    
  hwAclNumGroupAclNum Integer32
  hwAclNumGroupMatchOrder INTEGER
  hwAclNumGroupSubitemNum Counter32
  hwAclNumGroupStep Integer32
  hwAclNumGroupDescription OCTET STRING
  hwAclNumGroupCountClear INTEGER
  hwAclNumGroupRowStatus RowStatus
  hwAclNumGroupAclName OCTET STRING
  hwAclNumGroupAclType INTEGER

HwAclBasicRuleEntry  
SEQUENCE    
  hwAclBasicAclNum Integer32
  hwAclBasicSubitem Unsigned32
  hwAclBasicAct INTEGER
  hwAclBasicSrcIp IpAddress
  hwAclBasicSrcWild IpAddress
  hwAclBasicTimeRangeIndex Integer32
  hwAclBasicFragments INTEGER
  hwAclBasicLog TruthValue
  hwAclBasicEnable TruthValue
  hwAclBasicCount Counter64
  hwAclBasicVrfName OCTET STRING
  hwAclBasicRowStatus RowStatus
  hwAclBasicDescription OCTET STRING

HwAclAdvancedRuleEntry  
SEQUENCE    
  hwAclAdvancedAclNum Integer32
  hwAclAdvancedSubitem Unsigned32
  hwAclAdvancedAct INTEGER
  hwAclAdvancedProtocol Integer32
  hwAclAdvancedSrcIp IpAddress
  hwAclAdvancedSrcWild IpAddress
  hwAclAdvancedSrcOp INTEGER
  hwAclAdvancedSrcPort1 Integer32
  hwAclAdvancedSrcPort2 Integer32
  hwAclAdvancedDestIp IpAddress
  hwAclAdvancedDestWild IpAddress
  hwAclAdvancedDestOp INTEGER
  hwAclAdvancedDestPort1 Integer32
  hwAclAdvancedDestPort2 Integer32
  hwAclAdvancedPrecedence Integer32
  hwAclAdvancedTos Integer32
  hwAclAdvancedDscp Integer32
  hwAclAdvancedEstablish TruthValue
  hwAclAdvancedTimeRangeIndex Integer32
  hwAclAdvancedIcmpType Integer32
  hwAclAdvancedIcmpCode Integer32
  hwAclAdvancedFragments INTEGER
  hwAclAdvancedLog TruthValue
  hwAclAdvancedEnable TruthValue
  hwAclAdvancedCount Counter64
  hwAclAdvancedVrfName OCTET STRING
  hwAclAdvancedRowStatus RowStatus
  hwAclAdvancedTcpSyncFlag Integer32
  hwAclAdvancedDescription OCTET STRING
  hwAclAdvancedSrcPoolName OCTET STRING
  hwAclAdvancedDestPoolName OCTET STRING
  hwAclAdvancedProtocolNew Integer32
  hwAclAdvancedVni Integer32
  hwAclAdvancedIgmpType Integer32
  hwAclAdvancedTtlOp INTEGER
  hwAclAdvancedTtlExpire Integer32
  hwAclAdvancedTtlExpireEnd Integer32
  hwAclAdvancedPktLenOp INTEGER
  hwAclAdvancedPktLenBegin Integer32
  hwAclAdvancedPktLenEnd Integer32

HwAclIfRuleEntry  
SEQUENCE    
  hwAclIfAclNum Integer32
  hwAclIfSubitem Unsigned32
  hwAclIfAct INTEGER
  hwAclIfIndex Integer32
  hwAclIfAny TruthValue
  hwAclIfTimeRangeIndex Integer32
  hwAclIfLog TruthValue
  hwAclIfEnable TruthValue
  hwAclIfCount Counter64
  hwAclIfRowStatus RowStatus

HwAclUserRuleEntry  
SEQUENCE    
  hwAclUserAclNum Integer32
  hwAclUserSubitem Unsigned32
  hwAclUserAct INTEGER
  hwAclUserProtocol Integer32
  hwAclUserSrcIp IpAddress
  hwAclUserSrcWild IpAddress
  hwAclUserSrcOp INTEGER
  hwAclUserSrcPort1 Integer32
  hwAclUserSrcPort2 Integer32
  hwAclUserDestIp IpAddress
  hwAclUserDestWild IpAddress
  hwAclUserDestOp INTEGER
  hwAclUserDestPort1 Integer32
  hwAclUserDestPort2 Integer32
  hwAclUserPrecedence Integer32
  hwAclUserTos Integer32
  hwAclUserDscp Integer32
  hwAclUserEstablish TruthValue
  hwAclUserTimeRangeIndex Integer32
  hwAclUserIcmpType Integer32
  hwAclUserIcmpCode Integer32
  hwAclUserFragments TruthValue
  hwAclUserLog TruthValue
  hwAclUserEnable TruthValue
  hwAclUserCount Counter32
  hwAclUserVrfName OCTET STRING
  hwAclUserSrcUserGroupName OCTET STRING
  hwAclUserDestUserGroupName OCTET STRING
  hwAclUserSrcModeType Integer32
  hwAclUserDestModeType Integer32
  hwAclUserRowStatus RowStatus
  hwAclUserTcpSyncFlag Integer32
  hwAclUserSrcUserGroupNum Integer32
  hwAclUserDestUserGroupNum Integer32

HwAclCompileNumGroupEntry  
SEQUENCE    
  hwAclCompileNumGroupStatus INTEGER

HwAclIpv6BasicRuleEntry  
SEQUENCE    
  hwAclIpv6BasicAclNum Integer32
  hwAclIpv6BasicSubitem Unsigned32
  hwAclIpv6BasicAct INTEGER
  hwAclIpv6BasicSrcIp Ipv6Address
  hwAclIpv6BasicSrcPrefix Integer32
  hwAclIpv6BasicTimeRangeIndex Integer32
  hwAclIpv6BasicFragment INTEGER
  hwAclIpv6BasicLog TruthValue
  hwAclIpv6BasicEnable EnabledStatus
  hwAclIpv6BasicCount Counter64
  hwAclIpv6BasicVrfName OCTET STRING
  hwAclIpv6BasicRowStatus RowStatus
  hwAclIpv6BasicDescription OCTET STRING
  hwAclIpv6BasicSrcMask Ipv6Address

HwAclIpv6AdvancedRuleEntry  
SEQUENCE    
  hwAclIpv6AdvancedAclNum Integer32
  hwAclIpv6AdvancedSubitem Unsigned32
  hwAclIpv6AdvancedAct INTEGER
  hwAclIpv6AdvancedProtocol Integer32
  hwAclIpv6AdvancedSrcIp Ipv6Address
  hwAclIpv6AdvancedSrcPrefix Integer32
  hwAclIpv6AdvancedSrcOp INTEGER
  hwAclIpv6AdvancedSrcPort1 Integer32
  hwAclIpv6AdvancedSrcPort2 Integer32
  hwAclIpv6AdvancedDestIp Ipv6Address
  hwAclIpv6AdvancedDestPrefix Integer32
  hwAclIpv6AdvancedDestOp INTEGER
  hwAclIpv6AdvancedDestPort1 Integer32
  hwAclIpv6AdvancedDestPort2 Integer32
  hwAclIpv6AdvancedPrecedence Integer32
  hwAclIpv6AdvancedTos Integer32
  hwAclIpv6AdvancedDscp Integer32
  hwAclIpv6AdvancedEstablish TruthValue
  hwAclIpv6AdvancedTimeRangeIndex Integer32
  hwAclIpv6AdvancedIcmpType Integer32
  hwAclIpv6AdvancedIcmpCode Integer32
  hwAclIpv6AdvancedFragment INTEGER
  hwAclIpv6AdvancedLog TruthValue
  hwAclIpv6AdvancedEnable EnabledStatus
  hwAclIpv6AdvancedCount Counter64
  hwAclIpv6AdvancedVrfName OCTET STRING
  hwAclIpv6AdvancedRowStatus RowStatus
  hwAclIpv6AdvancedDescription OCTET STRING
  hwAclIpv6AdvancedSrcMask Ipv6Address
  hwAclIpv6AdvancedDestMask Ipv6Address
  hwAclIpv6AdvancedProtocolNew Integer32

HwAclEthernetFrameRuleEntry  
SEQUENCE    
  hwAclEthernetFrameAclNum Integer32
  hwAclEthernetFrameSubitem Unsigned32
  hwAclEthernetFrameAct INTEGER
  hwAclEthernetFrameType Integer32
  hwAclEthernetFrameTypeMask Integer32
  hwAclEthernetFrameSrcMac MacAddress
  hwAclEthernetFrameSrcMacMask MacAddress
  hwAclEthernetFrameDstMac MacAddress
  hwAclEthernetFrameDstMacMask MacAddress
  hwAclEthernetFrameTimeRangeIndex Integer32
  hwAclEthernetFrameLog TruthValue
  hwAclEthernetFrameEnable EnabledStatus
  hwAclEthernetFrameCount Counter64
  hwAclEthernetFrameRowStatus RowStatus
  hwAclEthernetFrameEncapType INTEGER
  hwAclEthernetFrameDoubleTag TruthValue
  hwAclEthernetFrameVlanId Integer32
  hwAclEthernetFrameVlanIdMask Integer32
  hwAclEthernetFrameCVlanId Integer32
  hwAclEthernetFrameCVlanIdMask Integer32
  hwAclEthernetFrameRule8021p Integer32
  hwAclEthernetFrameRuleCVlan8021p Integer32
  hwAclEthernetFrameDescription OCTET STRING

HwAclAppliedEntry  
SEQUENCE    
  hwAclAppliedOperation INTEGER
  hwAclAppliedScopeType INTEGER
  hwAclAppliedScopeIndex Integer32
  hwAclAppliedDirection INTEGER
  hwAclAppliedAclNum Integer32
  hwAclAppliedSubitem Integer32
  hwAclAppliedAclNum2 Integer32
  hwAclAppliedSubitem2 Integer32
  hwAclAppliedStatMode INTEGER
  hwAclAppliedStatCount Counter64
  hwAclAppliedLimitCir Integer32
  hwAclAppliedLimitPir Integer32
  hwAclAppliedLimitCbs Integer32
  hwAclAppliedLimitPbs Integer32
  hwAclAppliedLimitGreenAction INTEGER
  hwAclAppliedLimitGreenValue Integer32
  hwAclAppliedLimitYellowAction INTEGER
  hwAclAppliedLimitYellowValue Integer32
  hwAclAppliedLimitRedAction INTEGER
  hwAclAppliedLimitRedValue Integer32
  hwAclAppliedMirrObservedPort Integer32
  hwAclAppliedMirrRspanVlan Integer32
  hwAclAppliedRedirectIfIndex Integer32
  hwAclAppliedRedirectIpAddr IpAddress
  hwAclAppliedRedirectIpv6Addr Ipv6Address
  hwAclAppliedRemarkVlan Integer32
  hwAclAppliedRemarkCVlan Integer32
  hwAclAppliedRemark8021p Integer32
  hwAclAppliedRemarkDscp Integer32
  hwAclAppliedRemarkIpPre Integer32
  hwAclAppliedRemarkLocalPre Integer32
  hwAclAppliedRemarkMacAddr MacAddress
  hwAclAppliedIsIPv6Acl TruthValue
  hwAclAppliedRowStatus RowStatus

HwAclIpv6NumGroupEntry  
SEQUENCE    
  hwAclIpv6NumGroupAclNum Integer32
  hwAclIpv6NumGroupMatchOrder INTEGER
  hwAclIpv6NumGroupSubitemNum Counter32
  hwAclIpv6NumGroupCountClear INTEGER
  hwAclIpv6NumGroupAclName OCTET STRING
  hwAclIpv6NumGroupDescription OCTET STRING
  hwAclIpv6NumGroupAclType INTEGER
  hwAclIpv6NumGroupRowStatus RowStatus
  hwAclIpv6NumGroupStep Integer32

HwAclIpv6IfRuleEntry  
SEQUENCE    
  hwAclIpv6IfAclNum Integer32
  hwAclIpv6IfSubitem Unsigned32
  hwAclIpv6IfAct INTEGER
  hwAclIpv6IfIndex Integer32
  hwAclIpv6IfAny TruthValue
  hwAclIpv6IfTimeRangeIndex Integer32
  hwAclIpv6IfLog TruthValue
  hwAclIpv6IfEnable TruthValue
  hwAclIpv6IfCount Counter64
  hwAclIpv6IfRowStatus RowStatus

HwAclMplsRuleEntry  
SEQUENCE    
  hwAclMplsAclNum Integer32
  hwAclMplsSubitem Unsigned32
  hwAclMplsAct INTEGER
  hwAclMplsExp1 Integer32
  hwAclMplsExp2 Integer32
  hwAclMplsExp3 Integer32
  hwAclMplsExp4 Integer32
  hwAclMplsLabel1 Integer32
  hwAclMplsLabel2 Integer32
  hwAclMplsLabel3 Integer32
  hwAclMplsLabel4 Integer32
  hwAclMplsTTLOP1 INTEGER
  hwAclMplsTTL1Begin Integer32
  hwAclMplsTTL1End Integer32
  hwAclMplsTTLOP2 INTEGER
  hwAclMplsTTL2Begin Integer32
  hwAclMplsTTL2End Integer32
  hwAclMplsTTLOP3 INTEGER
  hwAclMplsTTL3Begin Integer32
  hwAclMplsTTL3End Integer32
  hwAclMplsRowStatus RowStatus
  hwAclMplsCount Counter64

Defined Values

hwAcl 1.3.6.1.4.1.2011.5.1
The HUAWEI-ACL-MIB contains objects to configure ACL module, including ACL group, rule and acl accelerate, and query the current ACL configuration and status. This MIB module objects indicate hwAclNumGroupTable, hwAclBasicRuleTable, hwAclAdvanceRuleTable, hwAclIfRuleTable, hwAclEthernetFrameRuleTable, hwAclIpv6BasicRuleTable, hwAclIpv6AdvanceRuleTable, hwAclIpv6IfRuleTable, hwAclCompileEnableFlag, hwAclCompileNumGroupTable, hwAclIpv6NumGroupTable and acl trap. To filter data packets, a series of rules need to be configured on the device. These rules are defined by ACL (Access Control List), which are a series of sequential rules consisting of rule permit or deny statements. The rules are described by source address, destination address and port number of data packets. ACL classifies data packets through these device interface applied rules, by which the device decides which packets can be received and which should be rejected.
MODULE-IDENTITY    

hwAclMibObjects 1.3.6.1.4.1.2011.5.1.1
OBJECT IDENTIFIER    

hwAclNumGroupTable 1.3.6.1.4.1.2011.5.1.1.2
The table of ACL group information including match order, step, description and so on
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclNumGroupEntry

hwAclNumGroupEntry 1.3.6.1.4.1.2011.5.1.1.2.1
An entry containing characters of an acl group
OBJECT-TYPE    
  HwAclNumGroupEntry  

hwAclNumGroupAclNum 1.3.6.1.4.1.2011.5.1.1.2.1.1
The index of acl group, identifying an ACL. The object specifies the range of an ACL number. The basic ACL is represented by the number in the range 2000 through 2999. The advanced ACL is represented by the number in the range 3000 through 3999. The interface-based ACL is represented by the number in the range 1000 to 1999. The User Defined ACL is represented by the number in the range 5000 through 5999. The User ACL is represented by the number in the range 6000 through 9999. The Mpls ACL is represented by the number in the range 10000 through 10999. The name ACL is represented by the number in the range 42768 through 76535.
OBJECT-TYPE    
  Integer32  

hwAclNumGroupMatchOrder 1.3.6.1.4.1.2011.5.1.1.2.1.2
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL rules are matched following the 'Depth-first' principle.
OBJECT-TYPE    
  INTEGER config(1), auto(2)  

hwAclNumGroupSubitemNum 1.3.6.1.4.1.2011.5.1.1.2.1.3
The total number of the rules in the acl group.
OBJECT-TYPE    
  Counter32  

hwAclNumGroupStep 1.3.6.1.4.1.2011.5.1.1.2.1.4
The object indicates the step value of number acl. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The ACL IDs change along with the step. When the step is 5, the ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on.
OBJECT-TYPE    
  Integer32 1..20  

hwAclNumGroupDescription 1.3.6.1.4.1.2011.5.1.1.2.1.5
The object indicates the description of this acl group. The object describes the usage of an ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclNumGroupCountClear 1.3.6.1.4.1.2011.5.1.1.2.1.6
Reset the statistics of ACL group.
OBJECT-TYPE    
  INTEGER cleared(1), notUsed(2)  

hwAclNumGroupRowStatus 1.3.6.1.4.1.2011.5.1.1.2.1.7
RowStatus, Now support three value:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclNumGroupAclName 1.3.6.1.4.1.2011.5.1.1.2.1.8
The object indicates the name of an acl group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character.
OBJECT-TYPE    
  OCTET STRING Size(0..64)  

hwAclNumGroupAclType 1.3.6.1.4.1.2011.5.1.1.2.1.9
The type of ACL group.
OBJECT-TYPE    
  INTEGER basic(1), advanced(2), link(3), user(4), interface(5), mpls(6), mac(7), ucl(8)  

hwAclBasicRuleTable 1.3.6.1.4.1.2011.5.1.1.4
Configure the rule for basic acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclBasicRuleEntry

hwAclBasicRuleEntry 1.3.6.1.4.1.2011.5.1.1.4.1
Each entry is a rule of basic acl.
OBJECT-TYPE    
  HwAclBasicRuleEntry  

hwAclBasicAclNum 1.3.6.1.4.1.2011.5.1.1.4.1.1
The index of basic acl group, the index range is (1..99 | 2000..2999 | 42768..76535 ).
OBJECT-TYPE    
  Integer32  

hwAclBasicSubitem 1.3.6.1.4.1.2011.5.1.1.4.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclBasicAct 1.3.6.1.4.1.2011.5.1.1.4.1.3
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclBasicSrcIp 1.3.6.1.4.1.2011.5.1.1.4.1.4
The object indicates the source IP-address of a basic acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclBasicSrcWild 1.3.6.1.4.1.2011.5.1.1.4.1.5
The object indicates the source IP-address wild of a basic acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclBasicTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.4.1.6
The object indicates the time range of a basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclBasicFragments 1.3.6.1.4.1.2011.5.1.1.4.1.7
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created.
OBJECT-TYPE    
  INTEGER fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255)  

hwAclBasicLog 1.3.6.1.4.1.2011.5.1.1.4.1.8
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
OBJECT-TYPE    
  TruthValue  

hwAclBasicEnable 1.3.6.1.4.1.2011.5.1.1.4.1.9
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  TruthValue  

hwAclBasicCount 1.3.6.1.4.1.2011.5.1.1.4.1.10
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclBasicVrfName 1.3.6.1.4.1.2011.5.1.1.4.1.11
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs.
OBJECT-TYPE    
  OCTET STRING Size(0..31)  

hwAclBasicRowStatus 1.3.6.1.4.1.2011.5.1.1.4.1.12
RowStatus, Now support three value:CreateAndGo,Active and Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclBasicDescription 1.3.6.1.4.1.2011.5.1.1.4.1.13
The object indicates the description of this basic rule. The object describes the usage of an ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclAdvancedRuleTable 1.3.6.1.4.1.2011.5.1.1.5
Configure the rule for advanced acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclAdvancedRuleEntry

hwAclAdvancedRuleEntry 1.3.6.1.4.1.2011.5.1.1.5.1
Each entry contains a rule of advanced acl group.
OBJECT-TYPE    
  HwAclAdvancedRuleEntry  

hwAclAdvancedAclNum 1.3.6.1.4.1.2011.5.1.1.5.1.1
The index of advanced acl table, the index range is (100..199 | 3000..3999 | 42768..76535).
OBJECT-TYPE    
  Integer32  

hwAclAdvancedSubitem 1.3.6.1.4.1.2011.5.1.1.5.1.2
The object specifies the number of an advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclAdvancedAct 1.3.6.1.4.1.2011.5.1.1.5.1.3
The object indicates the action of an advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclAdvancedProtocol 1.3.6.1.4.1.2011.5.1.1.5.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0.
OBJECT-TYPE    
  Integer32 0..255  

hwAclAdvancedSrcIp 1.3.6.1.4.1.2011.5.1.1.5.1.5
The object indicates the source IP-address of an advanced acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclAdvancedSrcWild 1.3.6.1.4.1.2011.5.1.1.5.1.6
The object indicates the source IP-address wild of an advanced acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclAdvancedSrcOp 1.3.6.1.4.1.2011.5.1.1.5.1.7
The object indicates the source Port operation symbol of an advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclAdvancedSrcPort1 1.3.6.1.4.1.2011.5.1.1.5.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclAdvancedSrcPort2 1.3.6.1.4.1.2011.5.1.1.5.1.9
The object indicates the fourth layer source port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclAdvancedDestIp 1.3.6.1.4.1.2011.5.1.1.5.1.10
The object indicates the destination IP-address of an advanced acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclAdvancedDestWild 1.3.6.1.4.1.2011.5.1.1.5.1.11
The object indicates the destination IP-address wild of an advanced acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclAdvancedDestOp 1.3.6.1.4.1.2011.5.1.1.5.1.12
The object indicates the destination Port operation symbol of an advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclAdvancedDestPort1 1.3.6.1.4.1.2011.5.1.1.5.1.13
The object indicates the fourth layer destination port1.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclAdvancedDestPort2 1.3.6.1.4.1.2011.5.1.1.5.1.14
The object indicates the fourth layer destination port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclAdvancedPrecedence 1.3.6.1.4.1.2011.5.1.1.5.1.15
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclAdvancedTos 1.3.6.1.4.1.2011.5.1.1.5.1.16
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..15 | 255  

hwAclAdvancedDscp 1.3.6.1.4.1.2011.5.1.1.5.1.17
The object indicates the value of frame.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..63 | 255  

hwAclAdvancedEstablish 1.3.6.1.4.1.2011.5.1.1.5.1.18
The object indicates whether or not establishing.
OBJECT-TYPE    
  TruthValue  

hwAclAdvancedTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.5.1.19
The object indicates the time range of an advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclAdvancedIcmpType 1.3.6.1.4.1.2011.5.1.1.5.1.20
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclAdvancedIcmpCode 1.3.6.1.4.1.2011.5.1.1.5.1.21
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclAdvancedFragments 1.3.6.1.4.1.2011.5.1.1.5.1.22
The object indicates the type of the packet. 0: fragmentSubseq, indicating that the packet is a subsequent fragment 1: fragment, indicating that the packet is a fragment 2: nonFragment, indicating that the packet is not a fragment 3: nonSubseq, indicating that the packet is not a subsequent fragment 4: fragmentSpeFirst, indicating that the packet is the first fragment 255: none, invalid value This object cannot be modified once a rule is created.
OBJECT-TYPE    
  INTEGER fragmentSubseq(0), fragment(1), nonFragment(2), nonSubseq(3), fragmentSpeFirst(4), none(255)  

hwAclAdvancedLog 1.3.6.1.4.1.2011.5.1.1.5.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
OBJECT-TYPE    
  TruthValue  

hwAclAdvancedEnable 1.3.6.1.4.1.2011.5.1.1.5.1.24
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  TruthValue  

hwAclAdvancedCount 1.3.6.1.4.1.2011.5.1.1.5.1.25
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclAdvancedVrfName 1.3.6.1.4.1.2011.5.1.1.5.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
OBJECT-TYPE    
  OCTET STRING Size(0..31)  

hwAclAdvancedRowStatus 1.3.6.1.4.1.2011.5.1.1.5.1.27
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclAdvancedTcpSyncFlag 1.3.6.1.4.1.2011.5.1.1.5.1.28
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1.
OBJECT-TYPE    
  Integer32 -1 | 0..63  

hwAclAdvancedDescription 1.3.6.1.4.1.2011.5.1.1.5.1.29
The object indicates the description of this advanced rule. The object describes the usage of an ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclAdvancedSrcPoolName 1.3.6.1.4.1.2011.5.1.1.5.1.30
The object indicates the source pool name.
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

hwAclAdvancedDestPoolName 1.3.6.1.4.1.2011.5.1.1.5.1.31
The object indicates the destination pool name.
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

hwAclAdvancedProtocolNew 1.3.6.1.4.1.2011.5.1.1.5.1.32
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclAdvancedVni 1.3.6.1.4.1.2011.5.1.1.5.1.33
The object indicates the ID of VXLAN, The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..16777215  

hwAclAdvancedIgmpType 1.3.6.1.4.1.2011.5.1.1.5.1.34
The object indicates the type of igmp, The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclAdvancedTtlOp 1.3.6.1.4.1.2011.5.1.1.5.1.35
The object indicates the ttl operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclAdvancedTtlExpire 1.3.6.1.4.1.2011.5.1.1.5.1.36
The object indicates the begin ttl value. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..255  

hwAclAdvancedTtlExpireEnd 1.3.6.1.4.1.2011.5.1.1.5.1.37
The object indicates the end ttl value. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..255  

hwAclAdvancedPktLenOp 1.3.6.1.4.1.2011.5.1.1.5.1.38
The object indicates the packet length operation symbol of an advanced acl rule. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclAdvancedPktLenBegin 1.3.6.1.4.1.2011.5.1.1.5.1.39
The object indicates the begin packet length value.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclAdvancedPktLenEnd 1.3.6.1.4.1.2011.5.1.1.5.1.40
The object indicates the end packet length value.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclIfRuleTable 1.3.6.1.4.1.2011.5.1.1.6
Configure the rule for interface-based acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclIfRuleEntry

hwAclIfRuleEntry 1.3.6.1.4.1.2011.5.1.1.6.1
Each entry contains a rule of interface-based acl group.
OBJECT-TYPE    
  HwAclIfRuleEntry  

hwAclIfAclNum 1.3.6.1.4.1.2011.5.1.1.6.1.1
The index of interface-based acl group, the index range is (1000..1999 | 42768..76535).
OBJECT-TYPE    
  Integer32  

hwAclIfSubitem 1.3.6.1.4.1.2011.5.1.1.6.1.2
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclIfAct 1.3.6.1.4.1.2011.5.1.1.6.1.3
The object indicates the action of an interface-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclIfIndex 1.3.6.1.4.1.2011.5.1.1.6.1.4
The object indicates the index of an interface. It specifies the interface information of the packets.The invalid interface index is 0.
OBJECT-TYPE    
  Integer32  

hwAclIfAny 1.3.6.1.4.1.2011.5.1.1.6.1.5
The object indicates whether or not matching any interface.
OBJECT-TYPE    
  TruthValue  

hwAclIfTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.6.1.6
The object indicates the time range of an interface-based acl rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclIfLog 1.3.6.1.4.1.2011.5.1.1.6.1.7
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
OBJECT-TYPE    
  TruthValue  

hwAclIfEnable 1.3.6.1.4.1.2011.5.1.1.6.1.8
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  TruthValue  

hwAclIfCount 1.3.6.1.4.1.2011.5.1.1.6.1.9
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclIfRowStatus 1.3.6.1.4.1.2011.5.1.1.6.1.11
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclUserRuleTable 1.3.6.1.4.1.2011.5.1.1.7
Configure the rule for user acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclUserRuleEntry

hwAclUserRuleEntry 1.3.6.1.4.1.2011.5.1.1.7.1
Each entry contains a rule of user acl group.
OBJECT-TYPE    
  HwAclUserRuleEntry  

hwAclUserAclNum 1.3.6.1.4.1.2011.5.1.1.7.1.1
The index of user acl table, the index range is (6000..9999).
OBJECT-TYPE    
  Integer32  

hwAclUserSubitem 1.3.6.1.4.1.2011.5.1.1.7.1.2
The object specifies the number of an User ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle
OBJECT-TYPE    
  Unsigned32  

hwAclUserAct 1.3.6.1.4.1.2011.5.1.1.7.1.3
The object indicates the action of an User acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclUserProtocol 1.3.6.1.4.1.2011.5.1.1.7.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IP protocol is 0.
OBJECT-TYPE    
  Integer32 0..255  

hwAclUserSrcIp 1.3.6.1.4.1.2011.5.1.1.7.1.5
The object indicates the source IP-address of an User acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclUserSrcWild 1.3.6.1.4.1.2011.5.1.1.7.1.6
The object indicates the source IP-address wild of an User acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclUserSrcOp 1.3.6.1.4.1.2011.5.1.1.7.1.7
The object indicates the source Port operation symbol of an User acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclUserSrcPort1 1.3.6.1.4.1.2011.5.1.1.7.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclUserSrcPort2 1.3.6.1.4.1.2011.5.1.1.7.1.9
The object indicates the fourth layer source port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclUserDestIp 1.3.6.1.4.1.2011.5.1.1.7.1.10
The object indicates the destination IP-address of an User acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclUserDestWild 1.3.6.1.4.1.2011.5.1.1.7.1.11
The object indicates the destination IP-address wild of an User acl rule.
OBJECT-TYPE    
  IpAddress  

hwAclUserDestOp 1.3.6.1.4.1.2011.5.1.1.7.1.12
The object indicates the destination Port operation symbol of an User acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), invalid(0), range(5)  

hwAclUserDestPort1 1.3.6.1.4.1.2011.5.1.1.7.1.13
The object indicates the fourth layer destination port1.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclUserDestPort2 1.3.6.1.4.1.2011.5.1.1.7.1.14
The object indicates the fourth layer destination port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclUserPrecedence 1.3.6.1.4.1.2011.5.1.1.7.1.15
The object indicates the value of IP-packet's precedence, It filters packets according to precedence field.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclUserTos 1.3.6.1.4.1.2011.5.1.1.7.1.16
The object indicates the value of IP-packet's TOS, It filters packets according to type of service.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..15 | 255  

hwAclUserDscp 1.3.6.1.4.1.2011.5.1.1.7.1.17
The object indicates the value of frame.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..63 | 255  

hwAclUserEstablish 1.3.6.1.4.1.2011.5.1.1.7.1.18
The object indicates whether or not establishing.
OBJECT-TYPE    
  TruthValue  

hwAclUserTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.7.1.19
The object indicates the time range of an User acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclUserIcmpType 1.3.6.1.4.1.2011.5.1.1.7.1.20
The object indicates the type of ICMP packet. It filters ICMP packets according to the ICMP message type. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclUserIcmpCode 1.3.6.1.4.1.2011.5.1.1.7.1.21
The object indicates the code of ICMP packet. It filters ICMP packets according to the message code. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclUserFragments 1.3.6.1.4.1.2011.5.1.1.7.1.22
The object indicates whether or not matching fragmented packet, It specifies that this rule is only valid for the non-first fragment packets.
OBJECT-TYPE    
  TruthValue  

hwAclUserLog 1.3.6.1.4.1.2011.5.1.1.7.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
OBJECT-TYPE    
  TruthValue  

hwAclUserEnable 1.3.6.1.4.1.2011.5.1.1.7.1.24
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  TruthValue  

hwAclUserCount 1.3.6.1.4.1.2011.5.1.1.7.1.25
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter32  

hwAclUserVrfName 1.3.6.1.4.1.2011.5.1.1.7.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

hwAclUserSrcUserGroupName 1.3.6.1.4.1.2011.5.1.1.7.1.27
The object indicates the source user group name of this rule. if modetype source is user, null sting means any user
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

hwAclUserDestUserGroupName 1.3.6.1.4.1.2011.5.1.1.7.1.28
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user
OBJECT-TYPE    
  OCTET STRING Size(0..32)  

hwAclUserSrcModeType 1.3.6.1.4.1.2011.5.1.1.7.1.29
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group
OBJECT-TYPE    
  Integer32 0..4  

hwAclUserDestModeType 1.3.6.1.4.1.2011.5.1.1.7.1.30
The object indicates ACL's mode type, Now support four state 0 Any match rule from any user group or any ip subnet, 1 NetAny match rule from any ip subnet, 2 UserAny match rule from any user group, 3 Net match rule from an ip subnet, 4 User match rule from a user group
OBJECT-TYPE    
  Integer32 0..4  

hwAclUserRowStatus 1.3.6.1.4.1.2011.5.1.1.7.1.31
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclUserTcpSyncFlag 1.3.6.1.4.1.2011.5.1.1.7.1.32
The object indicates the code of TCP Sync flag(0~63), The invalid value is -1.
OBJECT-TYPE    
  Integer32 -1 | 0..63  

hwAclUserSrcUserGroupNum 1.3.6.1.4.1.2011.5.1.1.7.1.33
The object indicates the source user group num of this rule. if modetype source is user, null sting means any user
OBJECT-TYPE    
  Integer32 0..64000 | 65535  

hwAclUserDestUserGroupNum 1.3.6.1.4.1.2011.5.1.1.7.1.34
The object indicates the destination user group name of this rule. if modetype destination is user, null sting means any user
OBJECT-TYPE    
  Integer32 0..64000 | 65535  

hwAclCompileEnableFlag 1.3.6.1.4.1.2011.5.1.1.10
The object indicates whether acl compiler is enabled. when acl compiler is enabled, and ACL accelerate function is enabled, then matching packets by rule is efficient.
OBJECT-TYPE    
  TruthValue  

hwAclCompileNumGroupTable 1.3.6.1.4.1.2011.5.1.1.11
The ACL compiler table extending the Acl-number-group table
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclCompileNumGroupEntry

hwAclCompileNumGroupEntry 1.3.6.1.4.1.2011.5.1.1.11.1
The entry of Acl-number-group compiler extended table
OBJECT-TYPE    
  HwAclCompileNumGroupEntry  

hwAclCompileNumGroupStatus 1.3.6.1.4.1.2011.5.1.1.11.1.1
The object indicates the status of Acl-number-group compiler. 'notCompile' means acl accelerate function is disabled, 'compiled' means acl accelerate function is enabled, 'changeAfterCompile' means acl is changed after compiled.
OBJECT-TYPE    
  INTEGER notCompile(1), compiled(2), changeAfterCompile(3)  

hwAclIpv6BasicRuleTable 1.3.6.1.4.1.2011.5.1.1.12
Configure the rule for ipv6 basic acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclIpv6BasicRuleEntry

hwAclIpv6BasicRuleEntry 1.3.6.1.4.1.2011.5.1.1.12.1
Each entry is a rule of ipv6 basic acl.
OBJECT-TYPE    
  HwAclIpv6BasicRuleEntry  

hwAclIpv6BasicAclNum 1.3.6.1.4.1.2011.5.1.1.12.1.1
The index of ipv6 basic acl group, the index range is (2000..2999 | 42768..75535).
OBJECT-TYPE    
  Integer32  

hwAclIpv6BasicSubitem 1.3.6.1.4.1.2011.5.1.1.12.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically; otherwise, this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclIpv6BasicAct 1.3.6.1.4.1.2011.5.1.1.12.1.3
The object indicates the action of a ipv6 basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclIpv6BasicSrcIp 1.3.6.1.4.1.2011.5.1.1.12.1.4
The object indicates the source IPv6-address of a ipv6 basic acl rule.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6BasicSrcPrefix 1.3.6.1.4.1.2011.5.1.1.12.1.5
The object indicates the source IPv6-address prefix length of a ipv6 basic acl rule.
OBJECT-TYPE    
  Integer32 0..128  

hwAclIpv6BasicTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.12.1.6
The object indicates the time range of a ipv6 basic acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclIpv6BasicFragment 1.3.6.1.4.1.2011.5.1.1.12.1.7
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created.
OBJECT-TYPE    
  INTEGER fragmentSubseq(0), fragment(1), none(255)  

hwAclIpv6BasicLog 1.3.6.1.4.1.2011.5.1.1.12.1.8
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
OBJECT-TYPE    
  TruthValue  

hwAclIpv6BasicEnable 1.3.6.1.4.1.2011.5.1.1.12.1.9
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  EnabledStatus  

hwAclIpv6BasicCount 1.3.6.1.4.1.2011.5.1.1.12.1.10
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclIpv6BasicVrfName 1.3.6.1.4.1.2011.5.1.1.12.1.11
The object indicates the VRF name of this rule. It specifies the VPN-instance to which the packet belongs.
OBJECT-TYPE    
  OCTET STRING Size(0..31)  

hwAclIpv6BasicRowStatus 1.3.6.1.4.1.2011.5.1.1.12.1.12
RowStatus, Now support three value: CreateAndGo, Active and Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclIpv6BasicDescription 1.3.6.1.4.1.2011.5.1.1.12.1.13
The object indicates the description of this IPv6 basic rule. The object describes the usage of an IPv6 ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclIpv6BasicSrcMask 1.3.6.1.4.1.2011.5.1.1.12.1.14
The object indicates the source IPv6-address mask of a ipv6 basic acl rule. Its mode is positive.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6AdvancedRuleTable 1.3.6.1.4.1.2011.5.1.1.13
Configure the rule for ipv6 advanced acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclIpv6AdvancedRuleEntry

hwAclIpv6AdvancedRuleEntry 1.3.6.1.4.1.2011.5.1.1.13.1
Each entry contains a rule of ipv6 advanced acl group.
OBJECT-TYPE    
  HwAclIpv6AdvancedRuleEntry  

hwAclIpv6AdvancedAclNum 1.3.6.1.4.1.2011.5.1.1.13.1.1
The index of ipv6 advanced acl table, the index range is (3000..3999 | 42768..75535).
OBJECT-TYPE    
  Integer32  

hwAclIpv6AdvancedSubitem 1.3.6.1.4.1.2011.5.1.1.13.1.2
The object specifies the number of an ipv6 advanced ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclIpv6AdvancedAct 1.3.6.1.4.1.2011.5.1.1.13.1.3
The object indicates the action of an ipv6 advanced acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclIpv6AdvancedProtocol 1.3.6.1.4.1.2011.5.1.1.13.1.4
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 0.
OBJECT-TYPE    
  Integer32 0..255  

hwAclIpv6AdvancedSrcIp 1.3.6.1.4.1.2011.5.1.1.13.1.5
The object indicates the source IPv6-address of an ipv6 advanced acl rule.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6AdvancedSrcPrefix 1.3.6.1.4.1.2011.5.1.1.13.1.6
The object indicates the source IPv6-address prefix length of an ipv6 advanced acl rule.
OBJECT-TYPE    
  Integer32 0..128  

hwAclIpv6AdvancedSrcOp 1.3.6.1.4.1.2011.5.1.1.13.1.7
The object indicates the source Port operation symbol of an ipv6 advanced acl rule. It compares the port operators of source address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), range(5), invalid(255)  

hwAclIpv6AdvancedSrcPort1 1.3.6.1.4.1.2011.5.1.1.13.1.8
The object indicates the fourth layer sourec port 1. It specifies the source port information of UDP or TCP packets.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclIpv6AdvancedSrcPort2 1.3.6.1.4.1.2011.5.1.1.13.1.9
The object indicates the fourth layer source port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclIpv6AdvancedDestIp 1.3.6.1.4.1.2011.5.1.1.13.1.10
The object indicates the destination IPv6-address of an ipv6 advanced acl rule.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6AdvancedDestPrefix 1.3.6.1.4.1.2011.5.1.1.13.1.11
The object indicates the destination IPv6-address prefix length of an ipv6 advanced acl rule.
OBJECT-TYPE    
  Integer32 0..128  

hwAclIpv6AdvancedDestOp 1.3.6.1.4.1.2011.5.1.1.13.1.12
The object indicates the destination Port operation symbol of an ipv6 advanced acl group. It compares the port operators of destination address. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'neq' means not equal to, 'range' means between, 'invalid' means this operation of the rule is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), neq(4), range(5), invalid(255)  

hwAclIpv6AdvancedDestPort1 1.3.6.1.4.1.2011.5.1.1.13.1.13
The object indicates the fourth layer destination port1.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclIpv6AdvancedDestPort2 1.3.6.1.4.1.2011.5.1.1.13.1.14
The object indicates the fourth layer destination port2.
OBJECT-TYPE    
  Integer32 0..65535  

hwAclIpv6AdvancedPrecedence 1.3.6.1.4.1.2011.5.1.1.13.1.15
The object indicates the value of IPv6-packet's precedence, It filters packets according to precedence field. The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclIpv6AdvancedTos 1.3.6.1.4.1.2011.5.1.1.13.1.16
The object indicates the value of IPv6-packet's TOS, It filters packets according to type of service. The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..15 | 255  

hwAclIpv6AdvancedDscp 1.3.6.1.4.1.2011.5.1.1.13.1.17
The object indicates the value of frame.The invalid value is 255.
OBJECT-TYPE    
  Integer32 0..63 | 255  

hwAclIpv6AdvancedEstablish 1.3.6.1.4.1.2011.5.1.1.13.1.18
The object indicates whether or not establishing.
OBJECT-TYPE    
  TruthValue  

hwAclIpv6AdvancedTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.13.1.19
The object indicates the time range of an ipv6 advanced acl rule. When the current time is in the time range, the rule is valid. Zero value declares that the acl rule has no time range.The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclIpv6AdvancedIcmpType 1.3.6.1.4.1.2011.5.1.1.13.1.20
The object indicates the type of ICMPv6 packet. It filters ICMP packets according to the ICMPv6 message type. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclIpv6AdvancedIcmpCode 1.3.6.1.4.1.2011.5.1.1.13.1.21
The object indicates the code of ICMPv6 packet. It filters ICMPv6 packets according to the message code. The invalid value is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclIpv6AdvancedFragment 1.3.6.1.4.1.2011.5.1.1.13.1.22
The object indicates the type of the packet. 1: fragment, indicating that the packet is a fragment 255: none, invalid value This object cannot be modified once a rule is created.
OBJECT-TYPE    
  INTEGER fragmentSubseq(0), fragment(1), none(255)  

hwAclIpv6AdvancedLog 1.3.6.1.4.1.2011.5.1.1.13.1.23
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets
OBJECT-TYPE    
  TruthValue  

hwAclIpv6AdvancedEnable 1.3.6.1.4.1.2011.5.1.1.13.1.24
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  EnabledStatus  

hwAclIpv6AdvancedCount 1.3.6.1.4.1.2011.5.1.1.13.1.25
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclIpv6AdvancedVrfName 1.3.6.1.4.1.2011.5.1.1.13.1.26
The object indicates the VRF name of this rule, It specifies the VPN-instance to which the packet belongs.
OBJECT-TYPE    
  OCTET STRING Size(0..31)  

hwAclIpv6AdvancedRowStatus 1.3.6.1.4.1.2011.5.1.1.13.1.27
RowStatus, Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclIpv6AdvancedDescription 1.3.6.1.4.1.2011.5.1.1.13.1.28
The object indicates the description of this IPv6 advanced rule. The object describes the usage of an IPv6 ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclIpv6AdvancedSrcMask 1.3.6.1.4.1.2011.5.1.1.13.1.29
The object indicates the source IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6AdvancedDestMask 1.3.6.1.4.1.2011.5.1.1.13.1.30
The object indicates the destination IPv6-address mask of an ipv6 advanced acl rule. Its mode is positive.
OBJECT-TYPE    
  Ipv6Address  

hwAclIpv6AdvancedProtocolNew 1.3.6.1.4.1.2011.5.1.1.13.1.31
The object indicates the protocol type of the rule. It specifies the protocol type over IP.The number of IPv6 protocol is 65535.
OBJECT-TYPE    
  Integer32 0..255 | 65535  

hwAclEthernetFrameRuleTable 1.3.6.1.4.1.2011.5.1.1.14
Configure the rule for ethernet-frame-based acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclEthernetFrameRuleEntry

hwAclEthernetFrameRuleEntry 1.3.6.1.4.1.2011.5.1.1.14.1
Each entry contains a rule of ethernet-frame-based acl group.
OBJECT-TYPE    
  HwAclEthernetFrameRuleEntry  

hwAclEthernetFrameAclNum 1.3.6.1.4.1.2011.5.1.1.14.1.1
The index of ethernet-frame-based acl group, the index range is (4000..4999 | 42768..76535).
OBJECT-TYPE    
  Integer32  

hwAclEthernetFrameSubitem 1.3.6.1.4.1.2011.5.1.1.14.1.2
The object specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclEthernetFrameAct 1.3.6.1.4.1.2011.5.1.1.14.1.3
The object indicates the action of an ethernet-frame-based acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclEthernetFrameType 1.3.6.1.4.1.2011.5.1.1.14.1.4
The object indicates the type of an ethernet frame. It specifies the interface information of the packets. The invalid ethernet frame type is 0.
OBJECT-TYPE    
  Integer32  

hwAclEthernetFrameTypeMask 1.3.6.1.4.1.2011.5.1.1.14.1.5
The object indicates the mask of ethernet frame.
OBJECT-TYPE    
  Integer32  

hwAclEthernetFrameSrcMac 1.3.6.1.4.1.2011.5.1.1.14.1.6
The object indicates the source mac address of rule.
OBJECT-TYPE    
  MacAddress  

hwAclEthernetFrameSrcMacMask 1.3.6.1.4.1.2011.5.1.1.14.1.7
The object indicates the source mac mask of rule.
OBJECT-TYPE    
  MacAddress  

hwAclEthernetFrameDstMac 1.3.6.1.4.1.2011.5.1.1.14.1.8
The object indicates the destination mac address of rule.
OBJECT-TYPE    
  MacAddress  

hwAclEthernetFrameDstMacMask 1.3.6.1.4.1.2011.5.1.1.14.1.9
The object indicates the destination mac mask of rule.
OBJECT-TYPE    
  MacAddress  

hwAclEthernetFrameTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.14.1.10
The object indicates the time range of a ethernet frame acl rule. When the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclEthernetFrameLog 1.3.6.1.4.1.2011.5.1.1.14.1.11
The object indicates whether to log the matched packets. The log contents include sequence number of ACL rule, packets passed or discarded, source/destination mac addr, protocol of ethernet frame, and number of packets.
OBJECT-TYPE    
  TruthValue  

hwAclEthernetFrameEnable 1.3.6.1.4.1.2011.5.1.1.14.1.12
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  EnabledStatus  

hwAclEthernetFrameCount 1.3.6.1.4.1.2011.5.1.1.14.1.13
The object indicates the statistics of matched packets by rule.
OBJECT-TYPE    
  Counter64  

hwAclEthernetFrameRowStatus 1.3.6.1.4.1.2011.5.1.1.14.1.14
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclEthernetFrameEncapType 1.3.6.1.4.1.2011.5.1.1.14.1.15
The object indicates the encapsulation type of rule.
OBJECT-TYPE    
  INTEGER ether2(1), ieee802dot3(2), snap(3), none(255)  

hwAclEthernetFrameDoubleTag 1.3.6.1.4.1.2011.5.1.1.14.1.16
The object indicates two tags of rule. False value do not care the number of tags.
OBJECT-TYPE    
  TruthValue  

hwAclEthernetFrameVlanId 1.3.6.1.4.1.2011.5.1.1.14.1.17
The object indicates the vlan ID of rule. The invalid vlan ID is 0.
OBJECT-TYPE    
  Integer32 0..4094  

hwAclEthernetFrameVlanIdMask 1.3.6.1.4.1.2011.5.1.1.14.1.18
The object indicates the vlan ID mask of rule.
OBJECT-TYPE    
  Integer32 0..4095  

hwAclEthernetFrameCVlanId 1.3.6.1.4.1.2011.5.1.1.14.1.19
The object indicates the ce-vlan ID of rule. The invalid vlan ID is 0.
OBJECT-TYPE    
  Integer32 0..4094  

hwAclEthernetFrameCVlanIdMask 1.3.6.1.4.1.2011.5.1.1.14.1.20
The object indicates the ce-vlan ID mask of rule.
OBJECT-TYPE    
  Integer32 0..4095  

hwAclEthernetFrameRule8021p 1.3.6.1.4.1.2011.5.1.1.14.1.21
The object indicates the 8021p value of S-tag.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclEthernetFrameRuleCVlan8021p 1.3.6.1.4.1.2011.5.1.1.14.1.22
The object indicates the 8021p value of C-tag.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclEthernetFrameDescription 1.3.6.1.4.1.2011.5.1.1.14.1.23
The object indicates the description of this ethernetframe rule. The object describes the usage of an ACL with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclAppliedTable 1.3.6.1.4.1.2011.5.1.1.15
Configure the applied ACL.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclAppliedEntry

hwAclAppliedEntry 1.3.6.1.4.1.2011.5.1.1.15.1
Each entry contains a applied ACL.
OBJECT-TYPE    
  HwAclAppliedEntry  

hwAclAppliedOperation 1.3.6.1.4.1.2011.5.1.1.15.1.1
The actions taken when packets conforming or exceeding the configured.
OBJECT-TYPE    
  INTEGER filter(1), limit(2), mirror(3), redirectCpu(4), redirectInterface(5), redirectIpNextHop(6), redirectIpv6NextHop(7), remark8021p(8), remarkDscp(9), remarkIpPrecedence(10), remarkLocalPrecedence(11), remarkVlanId(12), remarkCVlanId(13), remarkDestMac(14), statistic(15)  

hwAclAppliedScopeType 1.3.6.1.4.1.2011.5.1.1.15.1.2
The scope that ACL apply on.
OBJECT-TYPE    
  INTEGER global(1), vlan(2), interface(3)  

hwAclAppliedScopeIndex 1.3.6.1.4.1.2011.5.1.1.15.1.3
When the scope is global, this field is invalid; When the scope is vlan, this field is vlan ID; When the scope is interface, this field is interface index.
OBJECT-TYPE    
  Integer32  

hwAclAppliedDirection 1.3.6.1.4.1.2011.5.1.1.15.1.4
The direction acl apply on.
OBJECT-TYPE    
  INTEGER inbound(1), outbound(2)  

hwAclAppliedAclNum 1.3.6.1.4.1.2011.5.1.1.15.1.5
The index of ACL group. Basic ACL in range 2000~2999; Advance ACL in range 3000~3999; Link ACL in range 4000~4999;
OBJECT-TYPE    
  Integer32 2000..4999  

hwAclAppliedSubitem 1.3.6.1.4.1.2011.5.1.1.15.1.6
The object specifies the number of an ACL rule.
OBJECT-TYPE    
  Integer32  

hwAclAppliedAclNum2 1.3.6.1.4.1.2011.5.1.1.15.1.7
The index of ACL group. 65535 means this field is valid.
OBJECT-TYPE    
  Integer32 2000..3999 | 65535  

hwAclAppliedSubitem2 1.3.6.1.4.1.2011.5.1.1.15.1.8
The object specifies the number of an ACL rule.
OBJECT-TYPE    
  Integer32  

hwAclAppliedStatMode 1.3.6.1.4.1.2011.5.1.1.15.1.9
The object specifies the mode of statistics. When action is statistic, this field is valid.
OBJECT-TYPE    
  INTEGER byPackets(1), byBytes(2)  

hwAclAppliedStatCount 1.3.6.1.4.1.2011.5.1.1.15.1.10
The object indicates the statistics of matched packets by the policy. When action is statistic or limit, this field is valid.
OBJECT-TYPE    
  Counter64  

hwAclAppliedLimitCir 1.3.6.1.4.1.2011.5.1.1.15.1.11
Committed information rate. Unit: kbps.
OBJECT-TYPE    
  Integer32 0 | 64..10000000  

hwAclAppliedLimitPir 1.3.6.1.4.1.2011.5.1.1.15.1.12
Peak information rate. Unit: kbps. 0 is the default value.
OBJECT-TYPE    
  Integer32 0 | 64..10000000  

hwAclAppliedLimitCbs 1.3.6.1.4.1.2011.5.1.1.15.1.13
Committed burst size. Unit: byte. 0 is the default value.
OBJECT-TYPE    
  Integer32 0 | 4096..16773120  

hwAclAppliedLimitPbs 1.3.6.1.4.1.2011.5.1.1.15.1.14
Peak burst size. Unit: byte. 0 is the default value.
OBJECT-TYPE    
  Integer32 0 | 4096..16773120  

hwAclAppliedLimitGreenAction 1.3.6.1.4.1.2011.5.1.1.15.1.15
Green action.
OBJECT-TYPE    
  INTEGER pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)  

hwAclAppliedLimitGreenValue 1.3.6.1.4.1.2011.5.1.1.15.1.16
The value is to remark When green action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
OBJECT-TYPE    
  Integer32 0..63  

hwAclAppliedLimitYellowAction 1.3.6.1.4.1.2011.5.1.1.15.1.17
Yellow action.
OBJECT-TYPE    
  INTEGER pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)  

hwAclAppliedLimitYellowValue 1.3.6.1.4.1.2011.5.1.1.15.1.18
The value is to remark When yellow action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
OBJECT-TYPE    
  Integer32 0..63  

hwAclAppliedLimitRedAction 1.3.6.1.4.1.2011.5.1.1.15.1.19
Red action.
OBJECT-TYPE    
  INTEGER pass(1), drop(2), passRemarkDscp(3), passRemark8021p(4)  

hwAclAppliedLimitRedValue 1.3.6.1.4.1.2011.5.1.1.15.1.20
The value is to remark When red action is remarking. For remarking DSCP, the range is 0~63; For remarking 8021p, the range is 0~7.
OBJECT-TYPE    
  Integer32 0..63  

hwAclAppliedMirrObservedPort 1.3.6.1.4.1.2011.5.1.1.15.1.21
The mirror observe port number.
OBJECT-TYPE    
  Integer32  

hwAclAppliedMirrRspanVlan 1.3.6.1.4.1.2011.5.1.1.15.1.22
The object specifies the RSPAN vlan. 0 means mirror to local port.
OBJECT-TYPE    
  Integer32 0..4094  

hwAclAppliedRedirectIfIndex 1.3.6.1.4.1.2011.5.1.1.15.1.23
The redirect output interface.
OBJECT-TYPE    
  Integer32  

hwAclAppliedRedirectIpAddr 1.3.6.1.4.1.2011.5.1.1.15.1.24
The redirect IP next hop address.
OBJECT-TYPE    
  IpAddress  

hwAclAppliedRedirectIpv6Addr 1.3.6.1.4.1.2011.5.1.1.15.1.25
The redirect IPv6 next hop address.
OBJECT-TYPE    
  Ipv6Address  

hwAclAppliedRemarkVlan 1.3.6.1.4.1.2011.5.1.1.15.1.26
The remarked vlan ID.
OBJECT-TYPE    
  Integer32 0..4094  

hwAclAppliedRemarkCVlan 1.3.6.1.4.1.2011.5.1.1.15.1.27
The remarked ce-vlan ID.
OBJECT-TYPE    
  Integer32 0..4094  

hwAclAppliedRemark8021p 1.3.6.1.4.1.2011.5.1.1.15.1.28
The remarked 8021p value.
OBJECT-TYPE    
  Integer32 0..7  

hwAclAppliedRemarkDscp 1.3.6.1.4.1.2011.5.1.1.15.1.29
The remarked DSCP value.
OBJECT-TYPE    
  Integer32 0..63  

hwAclAppliedRemarkIpPre 1.3.6.1.4.1.2011.5.1.1.15.1.30
The remarked IP precedence value.
OBJECT-TYPE    
  Integer32 0..7  

hwAclAppliedRemarkLocalPre 1.3.6.1.4.1.2011.5.1.1.15.1.31
The remarked local precedence value.
OBJECT-TYPE    
  Integer32 0..7  

hwAclAppliedRemarkMacAddr 1.3.6.1.4.1.2011.5.1.1.15.1.32
The remarked MAC address.
OBJECT-TYPE    
  MacAddress  

hwAclAppliedIsIPv6Acl 1.3.6.1.4.1.2011.5.1.1.15.1.33
The object indicates whether is IPv6 ACL.
OBJECT-TYPE    
  TruthValue  

hwAclAppliedRowStatus 1.3.6.1.4.1.2011.5.1.1.15.1.51
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclIpv6NumGroupTable 1.3.6.1.4.1.2011.5.1.1.16
The table of IPv6 ACL group information.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclIpv6NumGroupEntry

hwAclIpv6NumGroupEntry 1.3.6.1.4.1.2011.5.1.1.16.1
An entry containing characters of an IPv6 ACL group.
OBJECT-TYPE    
  HwAclIpv6NumGroupEntry  

hwAclIpv6NumGroupAclNum 1.3.6.1.4.1.2011.5.1.1.16.1.1
The index of IPv6 ACL group, identifying an IPv6 ACL.
OBJECT-TYPE    
  Integer32  

hwAclIpv6NumGroupMatchOrder 1.3.6.1.4.1.2011.5.1.1.16.1.2
The object indicates the match order of rules. 'config' means matching ACL rules in the configuration sequence, 'auto' means the ACL6 rules are matched following the 'Depth-first' principle.
OBJECT-TYPE    
  INTEGER config(1), auto(2), default(3)  

hwAclIpv6NumGroupSubitemNum 1.3.6.1.4.1.2011.5.1.1.16.1.3
The total number of the rules in the ACL6 group.
OBJECT-TYPE    
  Counter32  

hwAclIpv6NumGroupCountClear 1.3.6.1.4.1.2011.5.1.1.16.1.4
Reset the statistics of ACL6 group.
OBJECT-TYPE    
  INTEGER cleared(1), notUsed(2)  

hwAclIpv6NumGroupAclName 1.3.6.1.4.1.2011.5.1.1.16.1.5
The object indicates the name of an acl6 group, The first character must be start with a to z or A to Z, and the length cannot exceed 64 character.
OBJECT-TYPE    
  OCTET STRING Size(0..64)  

hwAclIpv6NumGroupDescription 1.3.6.1.4.1.2011.5.1.1.16.1.6
The object indicates the description of this acl6 group. The object describes the usage of an ACL6 with a word or a sentence.
OBJECT-TYPE    
  OCTET STRING Size(0..127)  

hwAclIpv6NumGroupAclType 1.3.6.1.4.1.2011.5.1.1.16.1.7
The type of IPv6 ACL group.
OBJECT-TYPE    
  INTEGER basic(1), advanced(2)  

hwAclIpv6NumGroupRowStatus 1.3.6.1.4.1.2011.5.1.1.16.1.51
RowStatus, Now support three value:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclIpv6NumGroupStep 1.3.6.1.4.1.2011.5.1.1.16.1.52
The object indicates the step value of number IPv6 ACL. Step here refers to the difference between each ID. For instance, given the step is set to 5, the IDs are the multiples of 5 beginning with 5. The IPv6 ACL IDs change along with the step. When the step is 5, the IPv6 ACL IDs are 5, 10, and 15 and so on. However, when the step is set to 2, the IDs turn to 2, 4, and 6 and so on.
OBJECT-TYPE    
  Integer32 1..20  

hwAclIpv6IfRuleTable 1.3.6.1.4.1.2011.5.1.1.17
Configure the rule for interface-based acl6 group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclIpv6IfRuleEntry

hwAclIpv6IfRuleEntry 1.3.6.1.4.1.2011.5.1.1.17.1
Each entry contains a rule of interface-based acl6 group.
OBJECT-TYPE    
  HwAclIpv6IfRuleEntry  

hwAclIpv6IfAclNum 1.3.6.1.4.1.2011.5.1.1.17.1.1
The index of interface-based acl6 group, the index range is (1000..1999 | 42768..75535).
OBJECT-TYPE    
  Integer32  

hwAclIpv6IfSubitem 1.3.6.1.4.1.2011.5.1.1.17.1.2
The object specifies the number of an ACL6 rule. If the number specified has been assigned to an ACL6 rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL6. It will be placed at the end of the ACL6 when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL6 rule must be given 0, but it will be assigned automatically;otherwise, this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclIpv6IfAct 1.3.6.1.4.1.2011.5.1.1.17.1.3
The object indicates the action of an interface-based acl6 rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclIpv6IfIndex 1.3.6.1.4.1.2011.5.1.1.17.1.4
The object indicates the index of an interface. It specifies the interface information of the packets. The invalid interface index is 0.
OBJECT-TYPE    
  Integer32  

hwAclIpv6IfAny 1.3.6.1.4.1.2011.5.1.1.17.1.5
The object indicates whether or not matching any interface.
OBJECT-TYPE    
  TruthValue  

hwAclIpv6IfTimeRangeIndex 1.3.6.1.4.1.2011.5.1.1.17.1.6
The object indicates the time range of an interface-based acl6 rule. when the current time is in time range, the rule is valid. Zero value declares that the acl rule has no time range. The invalid value is 0.
OBJECT-TYPE    
  Integer32 0..256  

hwAclIpv6IfLog 1.3.6.1.4.1.2011.5.1.1.17.1.7
The object indicates whether to log the matched packets. The log contents include sequence number of ACL6 rule, packets passed or discarded, upper layer protocol type over IP, source/destination address, source/destination port number, and number of packets.
OBJECT-TYPE    
  TruthValue  

hwAclIpv6IfEnable 1.3.6.1.4.1.2011.5.1.1.17.1.8
The object indicates whether the rule is valid or invalid.
OBJECT-TYPE    
  TruthValue  

hwAclIpv6IfCount 1.3.6.1.4.1.2011.5.1.1.17.1.9
The object indicates the statistics of matched packets by basic rule.
OBJECT-TYPE    
  Counter64  

hwAclIpv6IfRowStatus 1.3.6.1.4.1.2011.5.1.1.17.1.11
RowStatus,Now support three state:CreateAndGo,Active,Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclMplsRuleTable 1.3.6.1.4.1.2011.5.1.1.18
Configure the rule for mpls acl group.
OBJECT-TYPE    
  SEQUENCE OF  
    HwAclMplsRuleEntry

hwAclMplsRuleEntry 1.3.6.1.4.1.2011.5.1.1.18.1
Each entry is a rule of mpls acl.
OBJECT-TYPE    
  HwAclMplsRuleEntry  

hwAclMplsAclNum 1.3.6.1.4.1.2011.5.1.1.18.1.1
The index of mpls acl group, the index range is (10000..10999 | 42768..76535).
OBJECT-TYPE    
  Integer32  

hwAclMplsSubitem 1.3.6.1.4.1.2011.5.1.1.18.1.2
The objects specifies the number of an ACL rule. If the number specified has been assigned to an ACL rule, the new rule will overwrite the old one, which is equal to editing the old rule. If the number is not assigned, the system will define a rule with the number and insert it to the place corresponding to its number. If no number is specified, the system will define a rule, assign a number to it and add it into the ACL. It will be placed at the end of the ACL when configuration sequence is adopted; otherwise, it will be placed based on the 'Depth-first' principle. When ACL rules are following the 'Depth-first' principle, the number of an ACL rule must be given 0 ,but it will be assigned by step automatically;otherwise,this rule will not be created.
OBJECT-TYPE    
  Unsigned32  

hwAclMplsAct 1.3.6.1.4.1.2011.5.1.1.18.1.3
The object indicates the action of a basic acl rule. 'deny' means discarding the packets that meet the condition, 'permit' means permitting the packets that meet the condition.
OBJECT-TYPE    
  INTEGER permit(1), deny(2)  

hwAclMplsExp1 1.3.6.1.4.1.2011.5.1.1.18.1.4
The object indicates the exp1 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclMplsExp2 1.3.6.1.4.1.2011.5.1.1.18.1.5
The object indicates the exp2 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclMplsExp3 1.3.6.1.4.1.2011.5.1.1.18.1.6
The object indicates the exp3 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclMplsExp4 1.3.6.1.4.1.2011.5.1.1.18.1.7
The object indicates the exp4 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 0..7 | 255  

hwAclMplsLabel1 1.3.6.1.4.1.2011.5.1.1.18.1.8
The object indicates the label1 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 -1 | 0..1048575  

hwAclMplsLabel2 1.3.6.1.4.1.2011.5.1.1.18.1.9
The object indicates the label2 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 -1 | 0..1048575  

hwAclMplsLabel3 1.3.6.1.4.1.2011.5.1.1.18.1.10
The object indicates the label3 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 -1 | 0..1048575  

hwAclMplsLabel4 1.3.6.1.4.1.2011.5.1.1.18.1.11
The object indicates the label4 of a mpls acl rule.
OBJECT-TYPE    
  Integer32 -1 | 0..1048575  

hwAclMplsTTLOP1 1.3.6.1.4.1.2011.5.1.1.18.1.12
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), range(5), invalid(0), any(255)  

hwAclMplsTTL1Begin 1.3.6.1.4.1.2011.5.1.1.18.1.13
The object indicates the begin value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsTTL1End 1.3.6.1.4.1.2011.5.1.1.18.1.14
The object indicates the end value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsTTLOP2 1.3.6.1.4.1.2011.5.1.1.18.1.15
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), range(5), invalid(0), any(255)  

hwAclMplsTTL2Begin 1.3.6.1.4.1.2011.5.1.1.18.1.16
The object indicates the begin value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsTTL2End 1.3.6.1.4.1.2011.5.1.1.18.1.17
The object indicates the end value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsTTLOP3 1.3.6.1.4.1.2011.5.1.1.18.1.18
The object indicates the ttl operation symbol of a mpls acl rule. It compares the operators of ttl value. 'lt' means less than, 'eq' means equal to, 'gt' means greater than, 'range' means between, 'invalid' means this operation of the ttl is invalid.
OBJECT-TYPE    
  INTEGER lt(1), eq(2), gt(3), range(5), invalid(0), any(255)  

hwAclMplsTTL3Begin 1.3.6.1.4.1.2011.5.1.1.18.1.19
The object indicates the begin value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsTTL3End 1.3.6.1.4.1.2011.5.1.1.18.1.20
The object indicates the end value of a mpls ttl.
OBJECT-TYPE    
  Integer32 0..255  

hwAclMplsRowStatus 1.3.6.1.4.1.2011.5.1.1.18.1.21
RowStatus, Now support three value:CreateAndGo,Active and Destroy.
OBJECT-TYPE    
  RowStatus  

hwAclMplsCount 1.3.6.1.4.1.2011.5.1.1.18.1.22
The object indicates the statistics of matched packets by the rule.
OBJECT-TYPE    
  Counter64  

hwAclMibTrap 1.3.6.1.4.1.2011.5.1.2
OBJECT IDENTIFIER    

hwAclTrapOid 1.3.6.1.4.1.2011.5.1.2.1
OBJECT IDENTIFIER    

hwAclTrapsDefine 1.3.6.1.4.1.2011.5.1.2.2
OBJECT IDENTIFIER    

hwAclTraps 1.3.6.1.4.1.2011.5.1.2.2.1
OBJECT IDENTIFIER    

hwAclResourceTrapsTable 1.3.6.1.4.1.2011.5.1.2.2.1.1
OBJECT IDENTIFIER    

hwAclResSlotStr 1.3.6.1.4.1.2011.5.1.2.2.1.1.1
The infomation of slot.
OBJECT-TYPE    
  OCTET STRING  

hwAclResStage 1.3.6.1.4.1.2011.5.1.2.2.1.1.2
The stage where trap infomation exists.
OBJECT-TYPE    
  OCTET STRING  

hwAclResLimit 1.3.6.1.4.1.2011.5.1.2.2.1.1.3
The usage of rule resource.
OBJECT-TYPE    
  Integer32  

hwAclResourceTrapsEntry 1.3.6.1.4.1.2011.5.1.2.2.1.1.4
OBJECT IDENTIFIER    

hwAclResThresholdExceedClearTrap 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.1
Acl resource lack clear trap
NOTIFICATION-TYPE    

hwAclResThresholdExceedTrap 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.2
Acl resource lack trap
NOTIFICATION-TYPE    

hwAclResTotalCountExceedClearTrap 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.3
Acl resource full clear trap
NOTIFICATION-TYPE    

hwAclResTotalCountExceedTrap 1.3.6.1.4.1.2011.5.1.2.2.1.1.4.4
Acl resource full trap
NOTIFICATION-TYPE    

hwAclResourceTrapsGroups 1.3.6.1.4.1.2011.5.1.2.2.1.1.5
OBJECT IDENTIFIER    

hwAclResourceTrapsGroup 1.3.6.1.4.1.2011.5.1.2.2.1.1.5.1
Group for all acl resource traps.
NOTIFICATION-GROUP    

hwAclMibConformance 1.3.6.1.4.1.2011.5.1.3
OBJECT IDENTIFIER    

hwAclMibCompliances 1.3.6.1.4.1.2011.5.1.3.1
OBJECT IDENTIFIER    

hwAclMibCompliance 1.3.6.1.4.1.2011.5.1.3.1.1
The compliance statement for entities which implement the Huawei acl MIB.
MODULE-COMPLIANCE    

hwAclMibGroups 1.3.6.1.4.1.2011.5.1.3.2
OBJECT IDENTIFIER    

hwAclGroup 1.3.6.1.4.1.2011.5.1.3.2.1
A collection of objects providing mandatory acl information.
OBJECT-GROUP